]> begriffs open source - ai-pg/blob - full-docs/src/sgml/html/auth-pam.html
begriffs.com / projects / ai-pg / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
PG 18 docs from https://ftp.postgresql.org/pub/source/v18.0/postgresql-18.0-docs...
[ai-pg] / full-docs / src / sgml / html / auth-pam.html
1 <?xml version="1.0" encoding="UTF-8" standalone="no"?>
2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>20.13. PAM Authentication</title><link rel="stylesheet" type="text/css" href="stylesheet.css" /><link rev="made" href="pgsql-docs@lists.postgresql.org" /><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot" /><link rel="prev" href="auth-cert.html" title="20.12. Certificate Authentication" /><link rel="next" href="auth-bsd.html" title="20.14. BSD Authentication" /></head><body id="docContent" class="container-fluid col-10"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="5" align="center">20.13. PAM Authentication</th></tr><tr><td width="10%" align="left"><a accesskey="p" href="auth-cert.html" title="20.12. Certificate Authentication">Prev</a> </td><td width="10%" align="left"><a accesskey="u" href="client-authentication.html" title="Chapter 20. Client Authentication">Up</a></td><th width="60%" align="center">Chapter 20. Client Authentication</th><td width="10%" align="right"><a accesskey="h" href="index.html" title="PostgreSQL 18.0 Documentation">Home</a></td><td width="10%" align="right"> <a accesskey="n" href="auth-bsd.html" title="20.14. BSD Authentication">Next</a></td></tr></table><hr /></div><div class="sect1" id="AUTH-PAM"><div class="titlepage"><div><div><h2 class="title" style="clear: both">20.13. PAM Authentication <a href="#AUTH-PAM" class="id_link">#</a></h2></div></div></div><a id="id-1.6.7.20.2" class="indexterm"></a><p>
3     This authentication method operates similarly to
4     <code class="literal">password</code> except that it uses PAM (Pluggable
5     Authentication Modules) as the authentication mechanism. The
6     default PAM service name is <code class="literal">postgresql</code>.
7     PAM is used only to validate user name/password pairs and optionally the
8     connected remote host name or IP address. Therefore the user must already
9     exist in the database before PAM can be used for authentication.  For more
10     information about PAM, please read the
11     <a class="ulink" href="https://www.kernel.org/pub/linux/libs/pam/" target="_top">
12     <span class="productname">Linux-PAM</span> Page</a>.
13    </p><p>
14     The following configuration options are supported for PAM:
15     </p><div class="variablelist"><dl class="variablelist"><dt><span class="term"><code class="literal">pamservice</code></span></dt><dd><p>
16         PAM service name.
17        </p></dd><dt><span class="term"><code class="literal">pam_use_hostname</code></span></dt><dd><p>
18         Determines whether the remote IP address or the host name is provided
19         to PAM modules through the <code class="symbol">PAM_RHOST</code> item.  By
20         default, the IP address is used.  Set this option to 1 to use the
21         resolved host name instead.  Host name resolution can lead to login
22         delays.  (Most PAM configurations don't use this information, so it is
23         only necessary to consider this setting if a PAM configuration was
24         specifically created to make use of it.)
25        </p></dd></dl></div><p>
26    </p><div class="note"><h3 class="title">Note</h3><p>
27      If PAM is set up to read <code class="filename">/etc/shadow</code>, authentication
28      will fail because the PostgreSQL server is started by a non-root
29      user.  However, this is not an issue when PAM is configured to use
30      LDAP or other authentication methods.
31     </p></div></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="auth-cert.html" title="20.12. Certificate Authentication">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="client-authentication.html" title="Chapter 20. Client Authentication">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="auth-bsd.html" title="20.14. BSD Authentication">Next</a></td></tr><tr><td width="40%" align="left" valign="top">20.12. Certificate Authentication </td><td width="20%" align="center"><a accesskey="h" href="index.html" title="PostgreSQL 18.0 Documentation">Home</a></td><td width="40%" align="right" valign="top"> 20.14. BSD Authentication</td></tr></table></div></body></html>
full postgres docs in easy to read format with index