Summary: | dev-db/postgresql-server does not install PAM configuration file | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Diego Elio Pettenò (RETIRED) <flameeyes> |
Component: | New packages | Assignee: | PgSQL Bugs <pgsql-bugs> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | david, shadowdaemon, titanofold |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Diego Elio Pettenò (RETIRED)
2010-01-26 23:48:52 UTC
There doesn't seem to be a default PAM file in the package. The best I can find is that copying an existing PAM file to the /etc/pam.d/postgresql file is the solution. Perhaps the ebuilds should conditionally: cp /etc/pam.d/system-services /etc/pam.d/postgresql What are your thoughts? Definitely *not*. pamd_mimic system-auth auth account session in src_install after inheriting pam.eclass Shouldn't that be: pamd_mimic system-auth postgresql auth account session Yes I always forget one parameter it seems. Diego - Given all the work you've been doing with PAM, is the comment 3 still correct? Yeppers, since PostgreSQL is not a login system it isn't influenced by the recent changes. Although I'm not sure if it uses session, but that's beside the point now. *** Bug 352972 has been marked as a duplicate of this bug. *** When using Kerberos, an additional option should be passed to the pam_krb5.so module. The keytab for the postgresql PAM module should match the "krb_server_keyfile" directive in postgresql.conf, using the "keytab" pam_krb5.so option. |