Return-Path: owner-postman Received: from localhost.Berkeley.EDU (localhost.Berkeley.EDU [127.0.0.1]) by nobozo.CS.Berkeley.EDU (8.6.9/8.6.3) with SMTP id UAA02318 for postgres-redist; Wed, 23 Nov 1994 20:30:28 -0800 Resent-From: POSTGRES mailing list Resent-Message-Id: <199411240430.UAA02318@nobozo.CS.Berkeley.EDU> X-Authentication-Warning: nobozo.CS.Berkeley.EDU: Host localhost.Berkeley.EDU didn't use HELO protocol Sender: owner-postman@postgres.Berkeley.EDU X-Return-Path: owner-postman Received: from tbird.cc.iastate.edu (tbird.cc.iastate.edu [129.186.140.11]) by nobozo.CS.Berkeley.EDU (8.6.9/8.6.3) with SMTP id UAA02308 for ; Wed, 23 Nov 1994 20:30:26 -0800 Received: by tbird.cc.iastate.edu with sendmail-5.65 id ; Wed, 23 Nov 1994 22:30:21 -0600 Message-Id: <9411240430.AA20439@tbird.cc.iastate.edu> To: postgres@postgres.Berkeley.EDU Subject: Postgres and Kerberos, take III Date: Wed, 23 Nov 1994 22:30:20 CST From: "Michael Graff" Resent-To: postgres-redist@postgres.Berkeley.EDU Resent-Date: Wed, 23 Nov 94 20:30:28 -0800 Resent-XMts: smtp I'm still trying to get a system installed using Kerberos 4 authentication. Here are my goals. I'm hoping they are all possible. :) 1) Have a standard installation, which will allow multiple installs on different machines around campus from the same compiled binaries. This means the initial postgres superuser will need to change depending on who is installing it. I think I can do that by munging the line in global1.bki, right? Change insert OID = 0 ( postgres PGUID t t t t ) to insert OID = 0 ( USER USERUID t t t t ) where USER and USERUID are from the person currently running the initdb script (or a wrapper around initdb, or something) 2) Have no need to make a postgres kerberos instance. Doing so with goal #1 would make kerberos authentication pointless because the postgres password would need to be widely known, and if anyone can become postgres, anyone can be a superuser, more or less. 3) Not have anything go wrong. *wishes* ;) Is my strategy on #1 at least close to correct? --Michael -- Michael Graff Iowa State University Computation Center Project Vincent 215 Durham voice: (515) 294-4994 explorer@iastate.edu Ames, IA 50011 fax: (515) 294-1717 gg.mlg@isumvs.bitnet ============================================================================== To add/remove yourself to/from the POSTGRES mailing list: send mail with the subject line ADD or DEL to "postgres-request@postgres.Berkeley.EDU". If this fails, send mail to "post_questions@postgres.Berkeley.EDU" and a human will deal with it. DO NOT post to the "postgres" mailing list. ============================================================================== URL: http://s2k-ftp.CS.Berkeley.EDU:8000/postgres/