Re: anyone knows about pam_pgsql ?

For everyone who is using postgres for NSS, please email me and let me
know what package you are using and where you got it. I would like to
update my HOW-TO at http://blue-labs.org/clue/NSS-pgsql.php.

Thank you,
David

Tommi Mäkitalo wrote:

>
> ------------------------------------------------------------------------
>
> Subject:
>
> Re: [GENERAL] anyone knows about pam_pgsql ?
> From:
>
> Tommi Mäkitalo <t(dot)maekitalo(at)epgmbh(dot)de>
> Date:
>
> Mon, 26 Nov 2001 11:04:21 +0100
> To:
>
> Peter Pilsl <pilsl(at)goldfisch(dot)at>
>
> To:
>
> Peter Pilsl <pilsl(at)goldfisch(dot)at>
> CC:
>
> postgres mailinglist <pgsql-general(at)postgresql(dot)org>
>
>
> Hello Peter,
>
> nss and pam are different things. Pam is almost unusable without a
> suitable nss-module. Nss make a user to exist in your system. Pam
> checkes (among other things), if he is allowed to use a service. If
> you use pam_pgsql without libnss-pgsql you have to add every user to
> your /etc/passwd. But you don't need to give them passwords. That's
> what pam does.
>
> I checked my version of libnss-pgsql. I get a compile-error in
> backend.c. The include-path of postgresql is errorenous. I checked
> that and updated to 0.9.0tm3. The version libnss-pgsql-1.00 has the
> same bug.
>
> There instructions to install the module is almost not there. You
> should do this:
> - download
> - tar xvzf libnss-pgsql-0.9.0tm3.tar.gz
> - cd libnss-pgsql-0.9.0tm3
> - ./configure
> - make
> - make install (as root)
> - set up your database (you can find a example schema in crebas.sql)
> - edit nss-pgsql.conf and copy to /etc/nss-pgsql.conf
> - edit /etc/nsswitch.conf to use pgsql (change 'passwd: compat' to
> 'passwd: files pgsql' and 'group: compat' to 'group: files pgsql'
>
> It should work now. You can try it out with 'chown pguser ttt'. The
> file ttt need not exist. 'chown' should complain about it. If you
> libnss does not work it complains about not existing user 'pguser'.
>
>
> Tommi
>
>
> Peter Pilsl wrote:
>
>> thnx a lot for your reply. I would like to give the nss a try, but I
>> dont have the slightest idea how to use it (in case I managed to
>> compile).
>>
>> I just know how to use pam by adding a appropriate login-file to
>> /etc/pam.d/ that contains things like:
>> auth required /lib/security/pam_securetty.so
>> auth required /lib/security/pam_stack.so service=system-auth
>> auth required /lib/security/pam_nologin.so
>> account required /lib/security/pam_stack.so service=system-auth
>> password required /lib/security/pam_stack.so service=system-auth
>> session required /lib/security/pam_stack.so service=system-auth
>> session optional /lib/security/pam_console.so
>>
>> how would look this enty in case I'm using one of the nss-pgsql-tools ?
>>
>> sorry, but I'm really 100% newbie on nss.
>> thnx,
>> peter
>>
>>>
> ...
>
>
> ---------------------------(end of broadcast)---------------------------
> TIP 3: if posting/reading through Usenet, please send an appropriate
> subscribe-nomail command to majordomo(at)postgresql(dot)org so that your
> message can get through to the mailing list cleanly