it seems my supposedly crypted passwords are not really quite so crypted
after all, and i'm a little confused... preliminary info: it's postgresql
6.5.2 running on solaris 7: here's the uname output:
senta:~/src/postgresql-6.5.2/src> uname -a
SunOS senta 5.7 Generic_106541-05 sun4u sparc SUNW,Ultra-1
the "local" entry in my pg_hba.conf file is simply "local all crypt"; yet,
strangely enough, when i create/alter users, the password is written into
pg_shadow in clear text. example:
pgsql=> create user foo with password bar;
CREATE USER
pgsql=> select passwd from pg_shadow where usename='foo';
passwd
------
bar
now, i thought to myself, maybe i'm misunderstanding this, and i need to
provide 'create user' with an already crypted pw; however, i can log in
with username 'foo' and password 'bar' after doing this. obviously, this
is a problem... any thoughts on this? i've searched the mailing lists
and only found a couple of very inconclusive threads from pgsql-questions,
and there's nothing in the faq. (by the by, i'm testing the login using
both psql and pgsql-perl5; both have similar results. i've restarted
postmaster, etc.) has anyone seen this and/or fixed it?
tia,
erik
p.s. the only thing that i can think of, (and i thought of it as i was typing
the last paragraph) is that ldd claims that the postgres binaries are
linked against libcrypt_i.so.1; i'm assuming this is an international version
of libcrypt... anyone know if this breaks crypted passwords?
--
erik cameron unix systems administrator
jfi/mrsec @ the university of chicago
[EMAIL PROTECTED]
http://senta.uchicago.edu/gnupg for public key
************
