How do I configure postgresql to use PAM for authentication on Red Hat Enterprise Linux?
Environment
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 8
- postgresql
- postgresql-server
Issue
- How do I enable
postgresql
to usePAM
for authentication?
Resolution
-
postgresql
can be configured to use PAM for local user authentication by editing thepg_hba.conf
indata
directory (default is/var/lib/pgsql/data/pg_hba.conf
). -
At the bottom of the config are a few entries:
# TYPE DATABASE USER CIDR-ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all 127.0.0.1/32 trust
# IPv6 local connections:
host all all ::1/128 trust
- The METHOD type can be changed to
pam
here. As an example entry, to allow remote administration from the host 192.168.1.20 under thepostgres
user and require the local password ofpostgres
, one can add:
host all postgres 192.168.1.20/32 pam
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments