Tom Lane wrote: > Alvaro Herrera <alvhe...@commandprompt.com> writes: > > You can authenticate users with PAM, which amounts more or less to the > > same thing. > > I believe though that using PAM against /etc/shadow would require the > postmaster to run as root. You need some external authentication > server; PAM by itself isn't going to solve it. Maybe LDAP or Kerberos?
At least my system seems to provide a setgid helper program that's supposed to read /etc/shadow, to work around this problem. BTW I notice that this does not work unless the client supplies the password the first time around; psql does not retry. It only works if I do "psql -W". -- Alvaro Herrera http://www.CommandPrompt.com/ PostgreSQL Replication, Consulting, Custom Development, 24x7 support -- Sent via pgsql-admin mailing list (pgsql-admin@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-admin
