diff options
| author | Bruce Momjian <bruce@momjian.us> | 2007-09-14 03:53:54 +0000 |
|---|---|---|
| committer | Bruce Momjian <bruce@momjian.us> | 2007-09-14 03:53:54 +0000 |
| commit | 6c9e4d7e08b4786293e0dc2821ed9948780be3af (patch) | |
| tree | e6db7f6b9bab5cc8e756adf0d9152281a5b14579 | |
| parent | 2d6cb170d4c5939950e8c25e08f554bdfd6050e4 (diff) | |
| download | postgresql-6c9e4d7e08b4786293e0dc2821ed9948780be3af.tar.gz postgresql-6c9e4d7e08b4786293e0dc2821ed9948780be3af.zip | |
Mentino that PAM doesn't work for Unix system authentication because of
the problems non-root reading /etc/shadow.
| -rw-r--r-- | doc/src/sgml/client-auth.sgml | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml index dd3bd8be4d4..b4a851588ea 100644 --- a/doc/src/sgml/client-auth.sgml +++ b/doc/src/sgml/client-auth.sgml @@ -1,4 +1,4 @@ -<!-- $PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.100 2007/07/23 10:16:53 mha Exp $ --> +<!-- $PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.101 2007/09/14 03:53:54 momjian Exp $ --> <chapter id="client-authentication"> <title>Client Authentication</title> @@ -1067,6 +1067,16 @@ ldap[<replaceable>s</>]://<replaceable>servername</>[:<replaceable>port</>]/<rep and the <ulink url="http://www.sun.com/software/solaris/pam/"> <systemitem class="osname">Solaris</> PAM Page</ulink>. </para> + + <note> + <para> + PAM does work authenticating against Unix system authentication + because the postgres server is started by a non-root user. In order + to enable this functionality, the root user must provide additional + permissions to the postgres user (for reading + <filename>/etc/shadow</>). + </para> + </note> </sect2> </sect1> |