On Thu, 2006-11-09 at 16:34 -0300, Alvaro Herrera wrote: > Tom Lane wrote: > > Craig White <craigwhite@xxxxxxxxxxx> writes: > > > I haven't had to fool too much with pam for authenticating other > > > services so I'm a little bit out of my knowledge base but I know that it > > > was simple to add netatalk into the pam authentication and expected that > > > postgresql would be similar. > > > > FWIW, we ship this PAM config file in the Red Hat PG RPMs: > > > > #%PAM-1.0 > > auth include system-auth > > account include system-auth > > > > which AFAIR looks about the same as the corresponding files for other > > services. It's installed as /etc/pam.d/postgresql. > > For this to work you need a system-auth file in /etc/pam.d, which would > have lines for auth/account/required etc, and not just "includes". > > PAM seems to be another area on which Linux distributors have been > diverging wildly for a long time; for example here on Debian the include > lines look like > > auth requisite pam_nologin.so > auth required pam_env.so > @include common-auth > @include common-account > session required pam_limits.so > > so I doubt one distro's config files are applicable to any other. ---- and I'm on a Red Hat system which obviously Tom is familiar with since he is the packager for RH / postgres but I don't think that is the issue but I have adopted his pam file. Thanks Craig
