Re: postgresql 7.4.6 and pam_ldap
| От | Thomas Leduc |
|---|---|
| Тема | Re: postgresql 7.4.6 and pam_ldap |
| Дата | |
| Msg-id | 20050106091901.GA15627@volga.lan.cerma.archi.fr обсуждение исходный текст |
| Ответ на | Re: postgresql 7.4.6 and pam_ldap (Gémes Géza <geza@kzsdabas.sulinet.hu>) |
| Ответы |
Re: postgresql 7.4.6 and pam_ldap
(Dick Davies <rasputnik@hellooperator.net>)
|
| Список | pgsql-admin |
Le 5 janvier 2005 à 22:20, Gémes Géza a écrit :
>
> I would suggest to retry it with a postgres user readable
> /etc/pam.d/postgresql
> an with a pg_hba.conf without postgres specified on the last field after
> pam. Also if you want ldap authentication, take care, that in
> /etc/pam.d/postgresql you don't reference any other non pam_ldap module,
> and your /etc/ldap.conf is readable by postgres user.
thank you for your help,
That's all i have done :
$ id
uid=26(postgres) gid=26(postgres) groupes=26(postgres)
$ cat /etc/pam.d/postgresql
auth required /lib/security//pam_ldap.so
$ cat pg_hba.conf
local all postgres ident sameuser
local all all pam
host all all 127.0.0.1/32 pam
host all all 192.168.10.0/24 pam
$ sed '/^#/d;/^$/d' /etc/ldap.conf
host 192.168.10.2
base ou=Users,dc=cerma,dc=archi,dc=fr
ssl no
pam_password md5
$ psql -U leduc leduc
Mot de passe :
psql: FATAL: PAM authentication échouée pour l'utilisateur "leduc"
=> DID NOT WORK !!!
# tail -f /var/log/postgresql
Jan 6 10:14:06 tage postgres[21450]: [1-1] TRACE: 00000: pam_authenticate a échoué : Conversation error
Jan 6 10:14:06 tage postgres[21450]: [1-2] EMPLACEMENT : CheckPAMAuth, auth.c:712
Jan 6 10:14:06 tage postgres[21450]: [2-1] FATAL: 28000: PAM authentication échouée pour l'utilisateur "leduc"
Jan 6 10:14:06 tage postgres[21450]: [2-2] EMPLACEMENT : auth_failed, auth.c:395
Jan 6 10:14:06 tage postgres[21450]: [3-1] ERREUR: 08006: Impossible d'envoyer les données du client : Relais brisé
(pipe)
Jan 6 10:14:06 tage postgres[21450]: [3-2] EMPLACEMENT : internal_flush, pqcomm.c:1000
Jan 6 10:14:09 tage postgres[21451]: [1-1] TRACE: 00000: pam_acct_mgmt a échoué : User account has expired
Jan 6 10:14:09 tage postgres[21451]: [1-2] EMPLACEMENT : CheckPAMAuth, auth.c:723
Jan 6 10:14:09 tage postgres[21451]: [2-1] FATAL: 28000: PAM authentication échouée pour l'utilisateur "leduc"
Jan 6 10:14:09 tage postgres[21451]: [2-2] EMPLACEMENT : auth_failed, auth.c:395
=> "User account has expired" seems not to be true !
--
Thomas LEDUC
CNRS UMR 1563 - Laboratoire CERMA - Ecole d'Architecture de Nantes
Tel: +33 (0) 2 40 59 04 59 -- Fax : +33 (0) 2 40 59 11 77
EAN - Rue Massenet - BP 81931 - 44319 NANTES cedex 3
GPG KeyID: B2342343 Fingerprint: D62CF1A9D4BEDE671602504C46514CC8B2342343
В списке pgsql-admin по дате отправления: