Lists: | pgsql-adminpgsql-hackers |
---|
From: | Adrian Nida <nida(at)musc(dot)edu> |
---|---|
To: | pgsql-hackers(at)postgresql(dot)org, pgsql-admin(at)postgresql(dot)org |
Subject: | PostgreSQL pam ldap document |
Date: | 2005-03-10 19:36:52 |
Message-ID: | 4230A1D4.1020904@musc.edu |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-admin pgsql-hackers |
All,
I visited #postgresql @ FreeNode and asked about how to make pg use pam
about a week ago (specifically I wanted to auth against LDAP). I was
told to figure it out and write a doc...
Here is my attempt at doing so: http://itc.musc.edu/wiki/PostGreSQL
Please review for accuracy and/or proofreading.
Thanks,
Adrian
From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
---|---|
To: | Adrian Nida <nida(at)musc(dot)edu> |
Cc: | pgsql-hackers(at)postgresql(dot)org, pgsql-admin(at)postgresql(dot)org |
Subject: | Re: [HACKERS] PostgreSQL pam ldap document |
Date: | 2005-03-11 16:42:53 |
Message-ID: | 200503111642.j2BGgrL06631@candle.pha.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-admin pgsql-hackers |
Adrian Nida wrote:
> All,
>
> I visited #postgresql @ FreeNode and asked about how to make pg use pam
> about a week ago (specifically I wanted to auth against LDAP). I was
> told to figure it out and write a doc...
>
> Here is my attempt at doing so: http://itc.musc.edu/wiki/PostGreSQL
>
> Please review for accuracy and/or proofreading.
I get a "not exists" error on that URL.
I assume you looked at:
http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
Do you have additions to it?
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
From: | David Fetter <david(at)fetter(dot)org> |
---|---|
To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
Cc: | Adrian Nida <nida(at)musc(dot)edu>, pgsql-hackers(at)postgresql(dot)org, pgsql-admin(at)postgresql(dot)org |
Subject: | Re: [HACKERS] PostgreSQL pam ldap document |
Date: | 2005-03-11 16:49:01 |
Message-ID: | 20050311164901.GC14923@fetter.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-admin pgsql-hackers |
On Fri, Mar 11, 2005 at 11:42:53AM -0500, Bruce Momjian wrote:
> Adrian Nida wrote:
> > All,
> >
> > I visited #postgresql @ FreeNode and asked about how to make pg use pam
> > about a week ago (specifically I wanted to auth against LDAP). I was
> > told to figure it out and write a doc...
> >
> > Here is my attempt at doing so: http://itc.musc.edu/wiki/PostGreSQL
> >
> > Please review for accuracy and/or proofreading.
>
> I get a "not exists" error on that URL.
http://itc.musc.edu/wiki/PostgreSQL
(only 4 capital letters) works.
> I assume you looked at:
>
> http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
>
> Do you have additions to it?
'pears so :)
Cheers,
D
--
David Fetter david(at)fetter(dot)org http://fetter.org/
phone: +1 510 893 6100 mobile: +1 415 235 3778
Remember to vote!
From: | Adrian Nida <nida(at)musc(dot)edu> |
---|---|
To: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
Cc: | pgsql-hackers(at)postgresql(dot)org, pgsql-admin(at)postgresql(dot)org |
Subject: | Re: [HACKERS] PostgreSQL pam ldap document |
Date: | 2005-03-11 18:00:06 |
Message-ID: | 4231DCA6.7020605@musc.edu |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-admin pgsql-hackers |
<Snip/>
>>Here is my attempt at doing so: http://itc.musc.edu/wiki/PostGreSQL
<Snip/>
> I get a "not exists" error on that URL.
Sorry, I renamed the URL after someone pointed out the correct spelling.
This was a link to the old one. I apologize for the confusion, the
right URL is:
http://itc.musc.edu/wiki/PostgreSQL
> I assume you looked at:
> http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
> Do you have additions to it?
Yes, I did look at it. No offense to the original author, but my doc
has a lot more than the four sentences that are there. I was hoping it
would help others in my situation. Again any and all
comments/questions/blah are appreciated.
Thanks,
Adrian
Attachment | Content-Type | Size |
---|---|---|
nida.vcf | text/x-vcard | 390 bytes |
From: | Dick Davies <rasputnik(at)hellooperator(dot)net> |
---|---|
To: | PostgreSQL Admin <pgsql-admin(at)postgresql(dot)org> |
Subject: | Re: [HACKERS] PostgreSQL pam ldap document |
Date: | 2005-03-11 20:08:12 |
Message-ID: | 20050311200812.GL27608@eris.tenfour |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-admin pgsql-hackers |
* Adrian Nida <nida(at)musc(dot)edu> [0307 18:07]:
> <Snip/>
> >>Here is my attempt at doing so: http://itc.musc.edu/wiki/PostGreSQL
> <Snip/>
> >I get a "not exists" error on that URL.
> Sorry, I renamed the URL after someone pointed out the correct spelling.
> This was a link to the old one. I apologize for the confusion, the
> right URL is:
>
> http://itc.musc.edu/wiki/PostgreSQL
>
> >I assume you looked at:
> > http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
> >Do you have additions to it?
>
> Yes, I did look at it. No offense to the original author, but my doc
> has a lot more than the four sentences that are there. I was hoping it
> would help others in my situation. Again any and all
> comments/questions/blah are appreciated.
I think the point he's trying to make is that most of your howto is
how to setup pg_hba.conf (which is in the docs anyway) and how to set up pam_ldap
for a service (which is really a pam howto).
It'd be nice if the docs at
http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
said
'you need to createuser(8) a postgres user too. PAM is only used to
validate a username/password pair - the user has to exist in postgres as well.'
and it will, once it updates :)
--
'When the door hits you in the ass on the way out, clean off the smudge
your ass leaves, please'
-- Alien loves Predator
Rasputin :: Jack of All Trades - Master of Nuns
From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
---|---|
To: | Dick Davies <rasputnik(at)hellooperator(dot)net> |
Cc: | PostgreSQL Admin <pgsql-admin(at)postgresql(dot)org> |
Subject: | Re: [HACKERS] PostgreSQL pam ldap document |
Date: | 2005-04-26 03:01:50 |
Message-ID: | 200504260301.j3Q31ob22833@candle.pha.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Lists: | pgsql-admin pgsql-hackers |
Addition added to PAM documentation. Patch attached and will appear in
8.0.3.
---------------------------------------------------------------------------
Dick Davies wrote:
> * Adrian Nida <nida(at)musc(dot)edu> [0307 18:07]:
> > <Snip/>
> > >>Here is my attempt at doing so: http://itc.musc.edu/wiki/PostGreSQL
> > <Snip/>
> > >I get a "not exists" error on that URL.
> > Sorry, I renamed the URL after someone pointed out the correct spelling.
> > This was a link to the old one. I apologize for the confusion, the
> > right URL is:
> >
> > http://itc.musc.edu/wiki/PostgreSQL
> >
> > >I assume you looked at:
> > > http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
> > >Do you have additions to it?
> >
> > Yes, I did look at it. No offense to the original author, but my doc
> > has a lot more than the four sentences that are there. I was hoping it
> > would help others in my situation. Again any and all
> > comments/questions/blah are appreciated.
>
> I think the point he's trying to make is that most of your howto is
> how to setup pg_hba.conf (which is in the docs anyway) and how to set up pam_ldap
> for a service (which is really a pam howto).
>
> It'd be nice if the docs at
>
> http://www.postgresql.org/docs/8.0/interactive/auth-methods.html#AUTH-PAM
>
> said
>
> 'you need to createuser(8) a postgres user too. PAM is only used to
> validate a username/password pair - the user has to exist in postgres as well.'
>
> and it will, once it updates :)
>
>
>
> --
> 'When the door hits you in the ass on the way out, clean off the smudge
> your ass leaves, please'
> -- Alien loves Predator
> Rasputin :: Jack of All Trades - Master of Nuns
>
> ---------------------------(end of broadcast)---------------------------
> TIP 7: don't forget to increase your free space map settings
>
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
Attachment | Content-Type | Size |
---|---|---|
unknown_filename | text/plain | 1.5 KB |