database/postgres
1
0
Fork 0
mirror of https://github.com/postgres/postgres.git synced 2025-10-27 00:12:01 +03:00
Code Activity

Make the location of the Kerberos server key file run time configurable

Browse Source 
(rather than compile time). For libpq, even when Kerberos support is
compiled in, the default user name should still fall back to geteuid()
if it can't be determined via the Kerberos system.

A couple of fixes for string type configuration parameters, now that there
is one.
This commit is contained in:
Peter Eisentraut
2000-08-25 10:00:35 +00:00
parent 69cf335687
commit 996832caee
11 changed files with 490 additions and 514 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
doc/src/sgml/client-auth.sgml
View File

@@ -1,4 +1,4 @@
<!-- $Header: /cvsroot/pgsql/doc/src/sgml/client-auth.sgml,v 1.3 2000/07/15 21:35:47 petere Exp $ -->
<!-- $Header: /cvsroot/pgsql/doc/src/sgml/client-auth.sgml,v 1.4 2000/08/25 10:00:29 petere Exp $ -->
<chapter id="client-authentication">
<title>Client Authentication</title>
@@ -341,7 +341,7 @@ host all 192.168.2.0 255.255.255.0 ident othermap
</sect2>
<sect2>
<sect2 id="kerberos-auth">
<title>Kerberos authentication</title>
<para>
@@ -369,13 +369,15 @@ host all 192.168.2.0 255.255.255.0 ident othermap
<productname>Postgres</> should operate like a normal Kerberos
service. The name of the service principal is normally
<literal>postgres</literal>, unless it was changed during the
build. Make sure that your server keytab file is readable (and
build. Make sure that your server key file is readable (and
preferrably only readable) by the Postgres server account (see
<xref linkend="postgres-user">). The location of the keytab file
is specified at build time; by default it is
<filename>/etc/srvtab</filename> in Kerberos 4 and
<filename>FILE:/usr/local/pgsql/etc/krb5.keytab</filename> in
Kerberos 5.
<xref linkend="postgres-user">). The location of the key file
is specified with the <varname>krb_server_keyfile</> run time
configuration parameter. (See also <xref linkend="runtime-config">.)
The default is <filename>/etc/srvtab</> if you are using Kerberos 4
and <filename>FILE:/usr/local/pgsql/etc/krb5.keytab</> (or whichever
directory was specified as <varname>sysconfdir</> at build time)
with Kerberos 5.
</para>
<para>