> auth_failed() in src/backend/libpq/auth.c intentionally logs nothing for > STATUS_EOF status (ie, client closed the connection without responding). > But it looks like the PAM code path doesn't have a way to return that > status code, even when pam_passwd_conv_proc() knows that that's what > happened, and intentionally printed no log message itself (around line > 1870 in HEAD). If there's another response code we could return through > the PAM layer, this could be fixed, and I think it should be.
So if I get this correctly, does this mean the only thing that needs to be fixed is unnecessary logging or is there a problem with authentication exchange itself in case of PAM? Also, when you say PAM layer, is that pam_passwd_conv_proc() that needs to be able to return an alternative status code? -- Amit Langote -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers