|
1 | | -<!-- $PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.104 2007/11/14 14:25:55 mha Exp $ --> |
| 1 | +<!-- $PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.105 2007/12/29 04:15:38 momjian Exp $ --> |
2 | 2 |
|
3 | 3 | <chapter id="client-authentication"> |
4 | 4 | <title>Client Authentication</title> |
@@ -1079,11 +1079,10 @@ ldap[<replaceable>s</>]://<replaceable>servername</>[:<replaceable>port</>]/<rep |
1079 | 1079 |
|
1080 | 1080 | <note> |
1081 | 1081 | <para> |
1082 | | - PAM does work authenticating against Unix system authentication |
1083 | | - because the postgres server is started by a non-root user. In order |
1084 | | - to enable this functionality, the root user must provide additional |
1085 | | - permissions to the postgres user (for reading |
1086 | | - <filename>/etc/shadow</>). |
| 1082 | + If PAM is set up to read <filename>/etc/shadow</>, authentication |
| 1083 | + will fail because the PostgreSQL server is started by a non-root |
| 1084 | + user. However, this is not an issue with LDAP or other authentication |
| 1085 | + methods. |
1087 | 1086 | </para> |
1088 | 1087 | </note> |
1089 | 1088 | </sect2> |
|