Fedora 13 and yum.pgsqlrpms.org
Will the repository be updated for Fedora 13 in the
near future :)
I had to disable the repo because yumex croaks when it
cannot find the repository.
Jerry
On Sat, 2010-05-29 at 13:18 -0400, Jerry LeVan wrote:
Will the repository be updated for Fedora 13 in the
near future :)I had to disable the repo because yumex croaks when it
cannot find the repository.
FWIW, I pushed Fedora-13 packages to my repository:
http://yum.pgrpms.org/news-fedora13-packages-released.php
http://yum.pgrpms.org/8.4/fedora/fedora-13-i386/repoview/
http://yum.pgrpms.org/8.4/fedora/fedora-13-x86_64/repoview/
Regards,
--
Devrim GÜNDÜZ
PostgreSQL Danışmanı/Consultant, Red Hat Certified Engineer
PostgreSQL RPM Repository: http://yum.pgrpms.org
Community: devrim~PostgreSQL.org, devrim.gunduz~linux.org.tr
http://www.gunduz.org Twitter: http://twitter.com/devrimgunduz
Is there is a way to connect postgres to authenticate against a windows
domain without recompiling and using gssapi. Ldap perhaps?
Thanks!
On Tue, Jun 01, 2010 at 11:56:19AM -0600, u235sentinel wrote:
Is there is a way to connect postgres to authenticate against a windows
domain without recompiling and using gssapi. Ldap perhaps?Thanks!
This page describes, among other things, LDAP authentication:
http://www.postgresql.org/docs/8.4/interactive/auth-methods.html
You might also refer to this PGCon 2010 talk:
http://www.fosslc.org/drupal/content/secure-postgresql-deployment
--
Joshua Tolley / eggyknap
End Point Corporation
http://www.endpoint.com
* Joshua Tolley (eggyknap@gmail.com) wrote:
On Tue, Jun 01, 2010 at 11:56:19AM -0600, u235sentinel wrote:
Is there is a way to connect postgres to authenticate against a windows
domain without recompiling and using gssapi. Ldap perhaps?
I'm still trying to figure out why you wouldn't want to use GSSAPI..
It's a heck of alot better than using LDAP wrt security..
Stephen
On 06/02/2010 08:05 AM, Stephen Frost wrote:
* Joshua Tolley (eggyknap@gmail.com) wrote:
On Tue, Jun 01, 2010 at 11:56:19AM -0600, u235sentinel wrote:
I'm still trying to figure out why you wouldn't want to use GSSAPI..
It's a heck of alot better than using LDAP wrt security..Stephen
We would have to rebuild the binaries and we're already heavily using
the database. I could rebuild it again but it's like the fourth time
I've been asked to add a feature. I did read that GSSAPI was the way to
go but I'm being told to try using LDAP instead. I don't have a lot of
experience with either but I'll be able to figure it out I think :-)
* u235sentinel (u235sentinel@gmail.com) wrote:
We would have to rebuild the binaries and we're already heavily using
the database. I could rebuild it again but it's like the fourth time
I've been asked to add a feature. I did read that GSSAPI was the way to
go but I'm being told to try using LDAP instead. I don't have a lot of
experience with either but I'll be able to figure it out I think :-)
Perhaps you should look at how the package managers under Debian or
RedHat build PG and turn on a similar set of options.. They typically
try to turn on everything possible and when they have to make choices
they go with what would be appropriate for most. That would probably
reduce the amount of rebuilding you need to do.. Or you could just use
packages to begin with and probably would have avoided this entirely. :)
Using LDAP to do pass-thru auth is really horrid when Kerberos is
available, if you ask me. It's also alot more fragile and will cause
problems when users change their passwords and they have them stored in
things like ODBC settings, etc. With LDAP auth, users still have to
provide their password to the database server which then turns around
and tries to use the users' credentials to bind to the LDAP directory.
You'll also really want to make sure you're doing SSL for your database
connections and SSL on your LDAP connections.
Thanks,
Stephen