If you can't connect to the database or it throws an error program should return authinfo_unavail not pam_auth_err.
Looking at the source code, pg_execParam will return this but backend_authenticate just ignores the return value and returns PAM_AUTH_ERR.
This means that backup methods of authentication can't be used such as pam_ccreds or the like eg https://help.ubuntu.com/community/PamCcredsHowto but with pam-pgsql rather than pam-ldap.
Peter.
Log in to post a comment.
If you can't connect to the database or it throws an error program should
return authinfo_unavail not pam_auth_err.
Looking at the source code, pg_execParam will return this but
backend_authenticate just ignores the return value and returns PAM_AUTH_ERR.
This means that backup methods of authentication can't be used such as
pam_ccreds or the like eg https://help.ubuntu.com/community/PamCcredsHowto but with pam-pgsql rather
than pam-ldap.
Peter.