[prev in list] [next in list] [prev in thread] [next in thread] 

List:       opensolaris-security-discuss
Subject:    Re: Unable to do scp/rsync (passwdless auth) for a role
From:       Darren J Moffat <darrenm () opensolaris ! org>
Date:       2008-08-01 12:54:03
Message-ID: 4893076B.1020706 () opensolaris ! org
[Download RAW message or body]

Mayuresh Nirhali wrote:
> Hello,
> 
> 'postgres' is defined as a role in OpenSolaris. This role has privileges to run \
> Postgres related binaries such as the server itself. I am trying to achieve \
> replication between to remote postgres servers that requires one server to copy \
> files over the network to the other server, using scp/rsync. I am unable to achieve \
> this. 
> For the role postgres, in spite of having configured all keys correctly at both \
> ends, passwdless authentication does not take place. 
> I tried doing the same things for a local user instead of a role, and it seems to \
> work fine. So, How do I achieve secured channel for a role with the same role on \
> other machine using passwdless authentication ??

user to role works - see pam_roles(5) for how to configure it.

role to role can be made to work see my blog posting for details on how 
to configure this even though it isn't strictly speaking supported at 
this time: http://blogs.sun.com/darren/entry/role_enhancements_proposal

-- 
Darren J Moffat
_______________________________________________
security-discuss mailing list
security-discuss@opensolaris.org


[prev in list] [next in list] [prev in thread] [next in thread]