Satoshi Nagayasu wrote:
>Albe, > >Albe Laurenz wrote: > > >>/etc/pam.d/system-auth probably uses pam_unix.so to authenticate. >> >>Does the user exist on the machine and have the password you try? >> >> > >Yes, I have same user name on my linux box and postgresql, >and they have same password (now). > > > >>You could add 'debug' to the pam_unix.so lines in /etc/pam.d/system-auth >>and capture what PAM logs to syslog, maybe that will help. >> >> > >Finally, by my small program, I found the PAM module is attempting >to read /etc/shadow to authenticate, but /etc/shadow can't be read >by non-superuser privilege. > >I know, the postmaster is running under "postgres" user privilege, >so PAM auth will always cause 'permission denied' around /etc/shadow. > >How can I solve this? Any ideas? > don't use system auth. PAM can authenticate from many sources, not just the system password files. LDAP is a commonly used source. cheers andrew ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend
