Search Postgresql Archives

PAM implementation in PG 9.2.3

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi All,

I am trying to implement PAM  on my local machine. 

Below are the details of my setup:

OS: RHEL 6
PG: 9.2.3 

/etc/pam.d/postgresql (PAM file)

#%PAM-1.0
auth            required        pam_unix.so
account         required        pam_unix.so

$PGDATA/pg_hba.conf

# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                            pam pamservice=postgresql
# IPv4 local connections:
host    all             all             127.0.0.1/32            pam pamservice=postgresql


Session 1                                                    Session 2
-bash-4.1$   psql -U postgres                        
Password for user postgres:
-bash-4.1$ tail -f postgresql-2013-04-26_000000.log
2013-04-26 20:08:16.605 IST-13943-postgres-postgres-[local] LOG:  pam_authenticate failed: Conversation error
2013-04-26 20:08:16.606 IST-13943-postgres-postgres-[local] FATAL:  PAM authentication failed for user "postgres"
2013-04-26 20:08:16.606 IST-13943-postgres-postgres-[local] LOG:  could not send data to client: Broken pipe

In OS logs(/var/log/secure) 
Apr 26 20:11:03 localhost res [local] authentication: pam_unix(postgresql:auth): conversation failed
Apr 26 20:11:03 localhost res [local] authentication: pam_unix(postgresql:auth): auth could not identify password for [postgres]

I have not entered password in session 1 which was waiting for my password to enter, but logs are printed beforehand in both logs (OS/DB) as you see in session 2.

When, I enter password in session 1 which was waiting for password, it will immediately takes me into the database without any error. 

Couple of question's in mind on this scenario:

1. Why database server logs shows lines beforehand as pam_authentication failed even though I have not typed password ?
2. Though logs show as PAM authentication failed, still user's are allowed into the database  ?
3. What above log entries mean precisely ?
4. Was my PAM setup successful ?

Sorry for my too many questions, I just lost all of my endeavors to understand the above scenario.

Any help will be highly appreciated. 
Thanks in advance.

---
Regards,
Raghavendra


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux