Dhanaraj M wrote:
Hi all,
http://archives.postgresql.org/pgsql-admin/2003-02/msg00301.php
I also try to address the same issue..
I run postmaster as postgres user and pg_hba.conf includes the
following entry:
local all dhanaraj pam
However, the authentication fails for this unix local user, whereas it
works for LDAP users.
bash-3.00$ psql -h superdesktop.india.sun.com -U dhanaraj mydb
Password for user dhanaraj:
psql: FATAL: PAM authentication failed for user "dhanaraj"
The following error message that I could see in the server log:
......................
LOG: pam_authenticate failed: Conversation failure
FATAL: PAM authentication failed for user "dhanaraj"
LOG: pam_authenticate failed: No account present for user
FATAL: PAM authentication failed for user "dhanaraj"
The non-root user does not have the permission to read other unix
local user password.
I found two solutions:
1. usermod -K defaultpriv=Basic,file_dac_read postgres
- Gives privilege to read all files. This solution works. Is it the
right way to do?
2. chmod +s processName
- This does not work, because postgres never allows this.
Is there anyother solution to this problem?
Usage questions really don't belong on -hackers - in future please use
-general. Both your proposed solutions are utterly insecure.
See http://itc.musc.edu/wiki/PostgreSQL for some discussion of using
PAM for postgres auth.
cheers
andrew
---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster