Re: pam auth - add rhost item
От | Michael Paquier |
---|---|
Тема | Re: pam auth - add rhost item |
Дата | |
Msg-id | CAB7nPqSvYUtVURF7ojkf9a6pe7iPPSRvTRMqufwm4FyMNu65GA@mail.gmail.com обсуждение исходный текст |
Ответ на | Re: pam auth - add rhost item (Tomas Vondra <tomas.vondra@2ndquadrant.com>) |
Ответы |
Re: pam auth - add rhost item
|
Список | pgsql-hackers |
On Wed, Dec 16, 2015 at 2:53 AM, Tomas Vondra <tomas.vondra@2ndquadrant.com> wrote: > Actually, one more thing - the patch should probably update the docs too, > because client-auth.sgml currently says this in the "auth-pam" section: > > <para> > ... > PAM is used only to validate user name/password pairs. > ... > </para> > > I believe that's no longer true, because the patch adds PAM_RHOST to the > user/password fields. > > Regarding the other PAM_* fields, none of them strikes me as very useful for > our use case. > > In a broader sense, I think this patch is quite desirable, despite being > rather simple (which is good). I certainly don't agree with suggestions that > we can already do things like this through pg_hba.conf. If we're providing > PAM authentication, let's make it as complete/useful as possible. In some > cases modifying PAM may not be feasible - e.g. some management systems rely > on PAM as much as possible, and doing changes in other ways is a major > hassle. There is no input from the author for more than 1 month, I have marked the patch as returned with feedback because of a lack of activity. -- Michael
В списке pgsql-hackers по дате отправления: