Re: Allow IDENT authentication on local connections (Linux only)
| От | Bruce Momjian |
|---|---|
| Тема | Re: Allow IDENT authentication on local connections (Linux only) |
| Дата | |
| Msg-id | 200107311327.f6VDRVu07865@candle.pha.pa.us обсуждение исходный текст |
| Ответ на | Allow IDENT authentication on local connections (Linux only) (Helge Bahmann <bahmann@math.tu-freiberg.de>) |
| Ответы |
Re: Allow IDENT authentication on local connections (Linux
only)
Re: Allow IDENT authentication on local connections (Linux only) |
| Список | pgsql-patches |
This is an interesting patch. We have toyed with the idea before of getting credentials of unix-domain sockets. I think each OS has different ways of doing it. Solaris and BSD have different ways too. I don't see any configure.in code here to test for the CRED capability. How does this affect pg_hba.conf? Did you specify "trust" on that line? Do we test when they have specified trust, and if not, what word do we use? > Hello, > > the attached patch against 7.1.2 allows to use identd-like authentication > on unix domain sockets. > > This is done by getting the uid of the connecting process via > getsockopt(... SO_PEERCRED ...) which to my knowledge is Linux-specific, > but I may be wrong. > > The patch does not contain a configure macro to enable the feature, add > #define HAVE_SO_PEERCRED 1 > to include/config.h before building to activate it. > > I have been using this feature since 7.0.1 and would be grateful if > something like this could be integrated. > > Regards, > Helge Content-Description: [ Attachment, skipping... ] > > ---------------------------(end of broadcast)--------------------------- > TIP 4: Don't 'kill -9' the postmaster -- Bruce Momjian | http://candle.pha.pa.us pgman@candle.pha.pa.us | (610) 853-3000 + If your life is a hard drive, | 830 Blythe Avenue + Christ can be your backup. | Drexel Hill, Pennsylvania 19026
В списке pgsql-patches по дате отправления: