On Thu, 2006-11-09 at 12:34 -0300, Alvaro Herrera wrote: > Craig White wrote: > > > logs say... > > Nov 8 20:18:26 srv1 postgresql: Starting postgresql service: succeeded > > Nov 8 20:18:39 srv1 postgres[21020]: PAM audit_open() failed: > > Permission denied > > Nov 8 20:18:39 srv1 postgres[21020]: [2-1] LOG: pam_authenticate > > failed: System error > > Nov 8 20:18:39 srv1 postgres[21020]: [3-1] FATAL: PAM authentication > > failed for user "craig" > > I'm not at all familiar with PAM error message wording, but are you > aware that you must create the user "craig" inside the database _as > well_ as on whatever PAM layer you use? > > The "audit_open(): Permission denied" message sounds like Postgres is > not authorized to consult PAM though. ---- I did create a user 'craig' in postgres but I agree, that isn't the issue at this point. I checked the source rpm to make sure that it was compiled with the pam option and it appears to me that it was. I haven't had to fool too much with pam for authenticating other services so I'm a little bit out of my knowledge base but I know that it was simple to add netatalk into the pam authentication and expected that postgresql would be similar. I have to believe that other people are using pam for authentication because otherwise, you have to have maintain passwords for each user within postgresql itself - which seems unwise for many sites. Still struggling with this... Craig
