Hi,



I'm trying to set up my DB to authenticate against a PAM back-end (in
this case just a plain old local password DB).



Here's my configuration as it currently stands:

positionwhile[pg]% grep pam /var/lib/pgsql/metadata/pg_hba.conf

# "krb4", "krb5", "ident", or "pam". Note that "password" sends
passwords

local authtest all pam
postgresql



positionwhile[pg]% more /etc/pam.d/postgresql

#%PAM-1.0

auth required pam_stack.so service=system-auth

account required pam_stack.so service=system-auth



The system is a CentOS 4.4 box, and I'm running PostgreSQL 8.0.6.



When I test the core pam functionality using pamtester, I get the
following:

positionwhile[pamtester-0.1.2]% src/pamtester -v postgresql
mporwit authenticate

pamtester: invoking pam_start(postgresql, mporwit, ...)

pamtester: performing operation - authenticate

Password:

pamtester: successfully authenticated



Looks like a success to me.



However, when I try to get psql to do password authentication, I get the
following:

positionwhile[postgresql-8.0.13]% psql authtest

Password:

psql: FATAL: PAM authentication failed for user "mporwit"



And this shows up in my logs:

LOG: connection received: host=[local] port=

DEBUG: forked new backend, pid=1430 socket=11

DEBUG: received password packet

LOG: pam_authenticate failed: Authentication failure

FATAL: PAM authentication failed for user "mporwit"

DEBUG: proc_exit(0)

DEBUG: shmem_exit(0)

DEBUG: exit(0)

DEBUG: reaping dead processes

DEBUG: server process (PID 1430) exited with exit code 0



Any insight here would be appreciated. Are there any other tweaks I may
have missed?



Thanks,



Marcin

mporwit [AT] yahoo-inc [DOT] com

Search Discussions

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
grouppgsql-novice @
categoriespostgresql
postedAug 10, '07 at 7:59p
activeAug 10, '07 at 7:59p
posts1
users1
websitepostgresql.org
irc#postgresql

1 user in discussion

Marcin Porwit: 1 post

People

Translate

site design / logo © 2022 Grokbase