Applied:
PAM does work authenticating against Unix system authentication
because the postgres server is started by a non-root user. In order
to enable this functionality, the root user must provide additional
permissions to the postgres user (for reading
/etc/shadow).
---
Dhanaraj M wrote:
> Hi all,
>
> This is the continuation to the discussion that we had in the hacker's list.
>
> http://www.postgresql.org/docs/8.2/interactive/auth-methods.html#AUTH-PAM
> Here, I like to add some details in 20.2.6. PAM authentication section.
>
> Can someone review and make changes, if required? Thanks.
>
> *** client-auth.sgml.orig Tue Aug 21 16:52:45 2007
> --- client-auth.sgmlTue Aug 21 17:02:52 2007
> ***
> *** 987,992
> --- 987,1001
> and the http://www.sun.com/software/solaris/pam/";>
> Solaris PAM Page.
>
> +
> +
> +
> + The local UNIX user authentication is not permitted,
> + because the postgres server is started by a non-root user.
> + In order to enable this functionality, the root user must provide
> + additional permissions to the postgres user (for reading
> /etc/shadow file).
> +
> +
>
>
>
>
> >
> >
> > Zdenek Kotala wrote:
> >>
> >> The problem what Dhanaraj tries to address is how to secure solve
> >> problem with PAM and local user. Other servers (e.g. sshd) allow to
> >> run master under root (with limited privileges) and forked process
> >> under normal user. But postgresql
> >> requires start as non-root user. It limits to used common pattern.
> >>
> >> There is important question:
> >>
> >> Is current requirement to run postgresql under non-root OK? If yes,
> >> than we must update PAM documentation to explain this situation which
> >> will never works secure. Or if we say No, it is stupid limitation (in
> >> case when UID 0 says nothing about user's privileges) then we must
> >> start discussion about solution.
> >>
> >>
> >
> > For now I think we should update the docs. You really can't compare
> > postgres with sshd - ssh connections are in effect autonomous. I
> > suspect the changes involved in allowing us to run as root and then
> > give up privileges safely would be huge, and the gain quite small.
> >
> > I'd rather see an HBA fallback mechanism, which I suspect might
> > overcome most of the problems being encountered here.
> >
> > cheers
> >
> > andrew
>
>
> --
>
> Dhanaraj M
> x40049/+91-9880244950
> Solaris RPE, Bangalore, India
> http://blogs.sun.com/dhanarajm/
>
>
>
> ---(end of broadcast)---
> TIP 6: explain analyze is your friend
--
Bruce Momjian <[EMAIL PROTECTED]> http://momjian.us
EnterpriseDB http://www.enterprisedb.com
+ If your life is a hard drive, Christ can be your backup. +
---(end of broadcast)---
TIP 7: You can help support the PostgreSQL project by donating at
http://www.postgresql.org/about/donate