PostgreSQL pam ldap document
All,
I visited #postgresql @ FreeNode and asked about how to make pg use pam
about a week ago (specifically I wanted to auth against LDAP). I was
told to figure it out and write a doc...
Here is my attempt at doing so: http://itc.musc.edu/wiki/PostGreSQL
Please review for accuracy and/or proofreading.
Thanks,
Adrian
Adrian Nida wrote:
All,
I visited #postgresql @ FreeNode and asked about how to make pg use pam
about a week ago (specifically I wanted to auth against LDAP). I was
told to figure it out and write a doc...Here is my attempt at doing so: http://itc.musc.edu/wiki/PostGreSQL
Please review for accuracy and/or proofreading.
I get a "not exists" error on that URL.
I assume you looked at:
http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
Do you have additions to it?
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
On Fri, Mar 11, 2005 at 11:42:53AM -0500, Bruce Momjian wrote:
Adrian Nida wrote:
All,
I visited #postgresql @ FreeNode and asked about how to make pg use pam
about a week ago (specifically I wanted to auth against LDAP). I was
told to figure it out and write a doc...Here is my attempt at doing so: http://itc.musc.edu/wiki/PostGreSQL
Please review for accuracy and/or proofreading.
I get a "not exists" error on that URL.
http://itc.musc.edu/wiki/PostgreSQL
(only 4 capital letters) works.
I assume you looked at:
http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
Do you have additions to it?
'pears so :)
Cheers,
D
--
David Fetter david@fetter.org http://fetter.org/
phone: +1 510 893 6100 mobile: +1 415 235 3778
Remember to vote!
<Snip/>
Here is my attempt at doing so: http://itc.musc.edu/wiki/PostGreSQL
<Snip/>
I get a "not exists" error on that URL.
Sorry, I renamed the URL after someone pointed out the correct spelling.
This was a link to the old one. I apologize for the confusion, the
right URL is:
http://itc.musc.edu/wiki/PostgreSQL
I assume you looked at:
http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
Do you have additions to it?
Yes, I did look at it. No offense to the original author, but my doc
has a lot more than the four sentences that are there. I was hoping it
would help others in my situation. Again any and all
comments/questions/blah are appreciated.
Thanks,
Adrian
* Adrian Nida <nida@musc.edu> [0307 18:07]:
<Snip/>
Here is my attempt at doing so: http://itc.musc.edu/wiki/PostGreSQL
<Snip/>
I get a "not exists" error on that URL.
Sorry, I renamed the URL after someone pointed out the correct spelling.
This was a link to the old one. I apologize for the confusion, the
right URL is:http://itc.musc.edu/wiki/PostgreSQL
I assume you looked at:
http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
Do you have additions to it?Yes, I did look at it. No offense to the original author, but my doc
has a lot more than the four sentences that are there. I was hoping it
would help others in my situation. Again any and all
comments/questions/blah are appreciated.
I think the point he's trying to make is that most of your howto is
how to setup pg_hba.conf (which is in the docs anyway) and how to set up pam_ldap
for a service (which is really a pam howto).
It'd be nice if the docs at
http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
said
'you need to createuser(8) a postgres user too. PAM is only used to
validate a username/password pair - the user has to exist in postgres as well.'
and it will, once it updates :)
--
'When the door hits you in the ass on the way out, clean off the smudge
your ass leaves, please'
-- Alien loves Predator
Rasputin :: Jack of All Trades - Master of Nuns
Addition added to PAM documentation. Patch attached and will appear in
8.0.3.
---------------------------------------------------------------------------
Dick Davies wrote:
* Adrian Nida <nida@musc.edu> [0307 18:07]:
<Snip/>
Here is my attempt at doing so: http://itc.musc.edu/wiki/PostGreSQL
<Snip/>
I get a "not exists" error on that URL.
Sorry, I renamed the URL after someone pointed out the correct spelling.
This was a link to the old one. I apologize for the confusion, the
right URL is:http://itc.musc.edu/wiki/PostgreSQL
I assume you looked at:
http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
Do you have additions to it?Yes, I did look at it. No offense to the original author, but my doc
has a lot more than the four sentences that are there. I was hoping it
would help others in my situation. Again any and all
comments/questions/blah are appreciated.I think the point he's trying to make is that most of your howto is
how to setup pg_hba.conf (which is in the docs anyway) and how to set up pam_ldap
for a service (which is really a pam howto).It'd be nice if the docs at
http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
said
'you need to createuser(8) a postgres user too. PAM is only used to
validate a username/password pair - the user has to exist in postgres as well.'and it will, once it updates :)
--
'When the door hits you in the ass on the way out, clean off the smudge
your ass leaves, please'
-- Alien loves Predator
Rasputin :: Jack of All Trades - Master of Nuns---------------------------(end of broadcast)---------------------------
TIP 7: don't forget to increase your free space map settings
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073