Thread: PAM Authentication Patch, take one...
Attached is the new and revised version of the PAM authentication patch.
This will only send a password request to the frontend, if a password is
required.
Questions, comments?
--
Dominic J. Eidson
"Baruk Khazad! Khazad ai-menu!" - Gimli
-------------------------------------------------------------------------------
http://www.the-infinite.org/ http://www.the-infinite.org/~dominic/
Attachment
"Dominic J. Eidson" <sauron@the-infinite.org> writes:
> Attached is the new and revised version of the PAM authentication patch.
Don't worry, we're not ignoring you. Much of the core committee is or
shortly will be at LinuxWorld, so reviewing and applying patches is
likely not going to get done this week. Have patience...
regards, tom lane
Your patch has been added to the PostgreSQL unapplied patches list at:
http://candle.pha.pa.us/cgi-bin/pgpatches
I will try to apply it within the next 48 hours.
>
> Attached is the new and revised version of the PAM authentication patch.
>
> This will only send a password request to the frontend, if a password is
> required.
>
> Questions, comments?
>
>
>
> --
> Dominic J. Eidson
> "Baruk Khazad! Khazad ai-menu!" - Gimli
> -------------------------------------------------------------------------------
> http://www.the-infinite.org/ http://www.the-infinite.org/~dominic/
Content-Description:
[ Attachment, skipping... ]
>
> ---------------------------(end of broadcast)---------------------------
> TIP 2: you can get off all lists at once with the unregister command
> (send "unregister YourEmailAddressHere" to majordomo@postgresql.org)
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
Dominic J. Eidson writes: > Attached is the new and revised version of the PAM authentication patch. > > This will only send a password request to the frontend, if a password is > required. pam_strerror() should be used a few more times, rather than just saying "Error!". Also, the configure.in snippet seems wrong. You add -I$pam_prefix/include/security to $INCLUDES and then you #include <security/pam_appl.h>. This whole thing is probably unnecessary, since PAM is a system library on the systems where it exists, so the headers and libraries are found automatically, unlike OpenSSL and Kerberos. -- Peter Eisentraut peter_e@gmx.net http://funkturm.homeip.net/~peter
On Tue, 28 Aug 2001, Peter Eisentraut wrote:
> Dominic J. Eidson writes:
>
> > Attached is the new and revised version of the PAM authentication patch.
> >
> > This will only send a password request to the frontend, if a password is
> > required.
>
> pam_strerror() should be used a few more times, rather than just saying
> "Error!". Also, the configure.in snippet seems wrong. You add
> -I$pam_prefix/include/security to $INCLUDES and then you #include
> <security/pam_appl.h>. This whole thing is probably unnecessary, since
> PAM is a system library on the systems where it exists, so the headers
> and libraries are found automatically, unlike OpenSSL and
> Kerberos.
Will fix all of this and resubmit.
--
Dominic J. Eidson
"Baruk Khazad! Khazad ai-menu!" - Gimli
-------------------------------------------------------------------------------
http://www.the-infinite.org/ http://www.the-infinite.org/~dominic/
On Tue, 28 Aug 2001, Peter Eisentraut wrote:
> pam_strerror() should be used a few more times, rather than just saying
> "Error!". Also, the configure.in snippet seems wrong. You add
> -I$pam_prefix/include/security to $INCLUDES and then you #include
> <security/pam_appl.h>. This whole thing is probably unnecessary, since
> PAM is a system library on the systems where it exists, so the headers
> and libraries are found automatically, unlike OpenSSL and
> Kerberos.
See attached revised patch. (I'm sure the configure.in stuff can be done
right/better, I'm just not enough of a autoconf guru to know what to
change it to.)
--
Dominic J. Eidson
"Baruk Khazad! Khazad ai-menu!" - Gimli
-------------------------------------------------------------------------------
http://www.the-infinite.org/ http://www.the-infinite.org/~dominic/
Attachment
Your patch has been added to the PostgreSQL unapplied patches list at:
http://candle.pha.pa.us/cgi-bin/pgpatches
I will try to apply it within the next 48 hours.
> On Tue, 28 Aug 2001, Peter Eisentraut wrote:
>
> > pam_strerror() should be used a few more times, rather than just saying
> > "Error!". Also, the configure.in snippet seems wrong. You add
> > -I$pam_prefix/include/security to $INCLUDES and then you #include
> > <security/pam_appl.h>. This whole thing is probably unnecessary, since
> > PAM is a system library on the systems where it exists, so the headers
> > and libraries are found automatically, unlike OpenSSL and
> > Kerberos.
>
> See attached revised patch. (I'm sure the configure.in stuff can be done
> right/better, I'm just not enough of a autoconf guru to know what to
> change it to.)
>
>
> --
> Dominic J. Eidson
> "Baruk Khazad! Khazad ai-menu!" - Gimli
> -------------------------------------------------------------------------------
> http://www.the-infinite.org/ http://www.the-infinite.org/~dominic/
Content-Description:
[ Attachment, skipping... ]
>
> ---------------------------(end of broadcast)---------------------------
> TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026
Patch applied. Thanks. > On Tue, 28 Aug 2001, Peter Eisentraut wrote: > > > pam_strerror() should be used a few more times, rather than just saying > > "Error!". Also, the configure.in snippet seems wrong. You add > > -I$pam_prefix/include/security to $INCLUDES and then you #include > > <security/pam_appl.h>. This whole thing is probably unnecessary, since > > PAM is a system library on the systems where it exists, so the headers > > and libraries are found automatically, unlike OpenSSL and > > Kerberos. > > See attached revised patch. (I'm sure the configure.in stuff can be done > right/better, I'm just not enough of a autoconf guru to know what to > change it to.) > > > -- > Dominic J. Eidson > "Baruk Khazad! Khazad ai-menu!" - Gimli > ------------------------------------------------------------------------------- > http://www.the-infinite.org/ http://www.the-infinite.org/~dominic/ Content-Description: [ Attachment, skipping... ] > > ---------------------------(end of broadcast)--------------------------- > TIP 1: subscribe and unsubscribe commands go to majordomo@postgresql.org -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026