> The interaction that a PAM stack can initiate is limited to prompting for
> one or more values and getting strings as an answer. The PAM-using
> application registers a "conversation function" callback, which is
> responsible for issuing the prompt and getting at the data in an
> application-specific manner. Ideally, the libpq protocol and API would be
> extended to support this generality, but based on Dominic's comments the
> password exchange would work to support the useful subset of this
> functionality without any protocol or API changes.
>
> Most of the time, PAM is used as a wrapper around some password database
> like NIS or LDAP (or maybe even PostgreSQL).
We now have enough "yes" votes to apply this patch. I will give another
day for comments on the patch's contents.
--
Bruce Momjian | http://candle.pha.pa.us
pgman@candle.pha.pa.us | (610) 853-3000
+ If your life is a hard drive, | 830 Blythe Avenue
+ Christ can be your backup. | Drexel Hill, Pennsylvania 19026