[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]
Benjamin A'Lee wrote: > > password = longwindedandhardtorememberobscurequotation Hehe -- That'll be "so long and thanks for all the fish" then ;) > CREATE TABLE "usergroups" ("gid" int4 NOT NULL,"uid" int4 NOT NULL, > PRIMARY KEY ("gid", "uid"),CONSTRAINT "ug_gid_fkey" FOREIGN KEY ("gid") > REFERENCES "groups"("gid"),CONSTRAINT "ug_uid_fkey" FOREIGN KEY ("uid") > REFERENCES "accounts"("uid")); Creating the usergroups fails in recent versions of Postgres because you can only reference a unique field, and "uid" in accounts is not unique. "gid" is okay as it is a primary key. I assume you got this table to create somehow? I added "unique" to the UID definition. > Passwords are cleartext for the moment. Okay - thats the default for pgsql so that is easiest to start with. > Testing; I'd rather not put unstable on it if I can help it since I > don't want to be waling down to the uni to reboot it every five minutes. No idea why you think unstable is less stable... me thinks you are confusing labels, but it shouldn't be necessary, apart from the Postgres level this should work in stable as well. I installed the libnss-pgsql1 package in unstable, configured the pam files as you documented in the first post, and the nsswitch.conf and nss-pgsql.conf file as per the Debian examples in /usr/share/doc/libnss-pgsql1/examples I can authenticate as user ben (uid 1, gid 1) from the Postgres database, and login as "ben". But I can't authenticate as a local user, and /var/log/auth is complaining bitterly about "try_authtok" for pam_unix.so. And pwdexpired. pwdexpired is because the database and the example pam_pgsql.conf disagree on the name. Not sure on the "try_authok" error here. This behaviour appears to be different from what you are seeing, so I assume you probably have a typo in one of the config files preventing things getting this far, or trouble with compiling the libnss-pgsql1 package (can you pin/grab it from sid instead of a source build, or are the dependencies too messy ?) I've now undone the config this end, as having local users broken was doing untold harm, not that there is much important on the box. But I guess shout once you get to being able to login as a PGSQL user, and we can ponder the subtleties of PAM separately. -- The Mailing List for the Devon & Cornwall LUG Mail majordomo@xxxxxxxxxxxxx with "unsubscribe list" in the message body to unsubscribe. FAQ: www.dcglug.org.uk/linux_adm/list-faq.html