Hello,
The attached patch features:
- allow "ident" as a keyword for local connections
- determine username of connecting process for unix domain sockets and
match them against usermaps
- autoconf and documentation
The above features are activated only if the os supports SO_PEERCRED.
For systems without SO_PEERCRED support there is no change. Integrating
other mechanisms to get the required information is straight-forward.
Preparing the patch took longer because there is a bug in the nightly tar
I used (hba.c around line 216):
---
line = lnext(line);
if (!line)
auth_arg[0] = '\0';
else
{
/* !!! need token = lfirst(line) here, else we reuse the last one !!! */
StrNCpy(auth_arg, token, MAX_AUTH_ARG - 1);
---
Fixed in the patch as well, so applying may fail if you fixed it yourself.
Happy hacking,
Helge
