Re: [HACKERS] pam auth - add rhost item

2015-10-16 Thread kolo hhmow
On Fri, Oct 16, 2015 at 2:47 PM, Euler Taveira <eu...@timbira.com.br> wrote: > On 15-10-2015 05:41, kolo hhmow wrote: > >> I have already explained this in my previous post. Did you read this? >> > > > Yes, I do. > > So why postgresql give users an abbility

Re: [HACKERS] pam auth - add rhost item

2015-10-16 Thread kolo hhmow
t; idea that is not obviously stupid. If we want such people to stick > >> around, we should try to give their ideas a fair shake. > >> > > I share the same feeling. I wasn't trying to throw a cold water on it. > > OK, I felt like that's what you were doing. Sorry i

Re: [HACKERS] pam auth - add rhost item

2015-10-15 Thread kolo hhmow
On Thu, Oct 15, 2015 at 1:45 AM, Euler Taveira <eu...@timbira.com.br> wrote: > On 14-10-2015 17:35, kolo hhmow wrote: > >> Yes, but this is very ugly solution, becasue you have to restart >> postgresql daemon each time you have added a new user. >> > >

Re: [HACKERS] pam auth - add rhost item

2015-10-14 Thread kolo hhmow
t; On Tue, Oct 13, 2015 at 4:12 PM, kolo hhmow <grz...@gmail.com> wrote: > > Yes, sorry. I was in hurry when I posted this message. > > I dont understand whay in CheckPAMAuth function only PAM_USER item is > adding > > to pam information before authenticate? > > Wheter i

Re: [HACKERS] pam auth - add rhost item

2015-10-14 Thread kolo hhmow
for example. So I'm waiting for comments from others. Thanks. On Wed, Oct 14, 2015 at 9:52 PM, Robert Haas <robertmh...@gmail.com> wrote: > On Tue, Oct 13, 2015 at 4:12 PM, kolo hhmow <grz...@gmail.com> wrote: > > Yes, sorry. I was in hurry when I posted this message. >

Re: [HACKERS] pam auth - add rhost item

2015-10-13 Thread kolo hhmow
, 2015 at 7:08 PM, Robert Haas <robertmh...@gmail.com> wrote: > On Mon, Oct 12, 2015 at 12:01 PM, kolo hhmow <grz...@gmail.com> wrote: > > Wheter it would be a problem to set additional item (rhost) before > > pam_authentication function in backend/libpq/auth.c? > >

[HACKERS] pam auth - add rhost item

2015-10-12 Thread kolo hhmow
Wheter it would be a problem to set additional item (rhost) before pam_authentication function in backend/libpq/auth.c? It is very useful because you can restrict access to given ip address like in mysql. And this actually utilized in pam-pgsql, wich cannot be used because rhost item is empty.