Looking for Google Summer of Code? Click here!

Google Code In

Create security/pam-pgsql package The NetBSD Project
Status: Closed Time to complete: 96 hrs Mentors: Aleksej Saushev Tags: security, postgresql, pkgsrc, code

We don't have packaged PostgreSQL option for PAM authentication. This is serious omission.

Create a pkgsrc package for http://sourceforge.net/projects/pam-pgsql/ (pkgsrc is NetBSD-originated portable framework for building software packages.)

Provide instructions how to test its functionality (smoke test).

 

It is possible that you run into blocking problem. Problem report that includes description of problem, step-by-step instructions to reproduce it, and explanation why it is considered blocking is accepted as successful task completion.

 

References

1. The pkgsrc Guide: http://www.netbsd.org/docs/pkgsrc/

2. pkgsrc targets for impatient: http://wiki.netbsd.org/pkgsrc/targets

3. Similar packages: security/pam-ldap, security/pam-mysql, other security/pam-* packages.

Uploaded Work
File name/URL File size Date submitted
pam-pgsql.tar.gz 563.3 KB December 10 2012 00:54 UTC
pam-pgsql-0.7.3.1.tgz 18.3 KB December 10 2012 00:55 UTC
pam-pgsql.tar.gz 1.3 KB December 11 2012 01:59 UTC
Comments
Claim by Matthew December 4 2012 21:17 UTC

I'll claim this task once my other tasks finish up.

Task Claimed by Matthew December 7 2012 00:18 UTC

I would like to work on this task.

Task Assigned by Radoslaw Kujawa December 7 2012 00:52 UTC

This task has been assigned to Matthew. You have 96 hours to complete this task, good luck!

Progress? by Aleksej Saushev December 8 2012 19:15 UTC

Hi!


You're working for a day, at this time you should have at least a skeleton package and a list of issues you need to resolve to get it building and/or running. It may be beneficial to you, if you discuss your work-in-progress package with us.

Blocking Problem by Matthew December 10 2012 00:59 UTC

While this package may still work with Linux-PAM, I could not get it to work with OpenPAM.


Although it compiled fine, PAM did not look in /usr/pkg/lib/


To reproduce, try installing the package then add a pam_pgsql.so line to a /etc/pam.d line. It is unable to load the module even when in /usr/lib/.


I've been working on various attempts to fix it all weekend, but I've finally given up after 3 days. Unless you have any easy fixes, I'm going to call this blocking.

Ready for review by Matthew December 10 2012 01:00 UTC

The work on this task is ready to be reviewed.

Deadline extended by Aleksej Saushev December 10 2012 10:50 UTC

The deadline of the task has been extended with 0 days and 12 hours.

Review by Aleksej Saushev December 10 2012 19:45 UTC

Hi!
This is nice! You're almost there!
See pam.conf(5), you need to use full path, if your module isn't in predefined module directory.

Please, don't assign default value to PKG_DESTDIR_SUPPORT, remove corresponding line entirely.
Also, please, submit only package in its source form, that is content of your pam-pgsql directory without working directory. You don't need to submit binary package.

Task Needs More Work by Aleksej Saushev December 10 2012 19:45 UTC

One of the mentors has sent this task back for more work. Talk to the mentor(s) assigned to this task to satisfy the requirements needed to complete this task, submit your work again and mark the task as complete once you re-submit your work.

Deadline extended by Aleksej Saushev December 10 2012 19:46 UTC

The deadline of the task has been extended with 1 days and 0 hours.

Instructions by Matthew December 11 2012 02:09 UTC

I'll give a short summary of what the README already says:



  1. Create a user, test, with password, testpassword.

  2. Make PostgreSQL database sysdb with table accounts and columns "username" and "password".

  3. Add a row with the username and password of the test user.

  4. Create /usr/pkg/etc/pam_pgsql.conf with this:


    1. database = sysdb

    2. user = root

    3. table = account

    4. user_column = username

    5. pwd_column = password


  5. Edit the file /etc/pam.d/su adding this to the end:


    1. auth required /usr/pkg/lib/security/pam_pgsql.so

    2. account required /usr/pkg/lib/security/pam_pgsql.so

    3. password required /usr/lib/security/pam_pgsql.so


  6. Test the "su" command and everything should work.

Ready for review by Matthew December 11 2012 02:09 UTC

The work on this task is ready to be reviewed.

Review by Aleksej Saushev December 11 2012 22:54 UTC

Hi!


This is better.


It would be nice, if all changes to "configure" scripts are accompanied by corresponding changes to configure.in/configure.ac.


Also, your deployment and field-testing instructions are wrong. See explanation of control-flag in pam.conf(5).

Deadline extended by Aleksej Saushev December 11 2012 22:54 UTC

The deadline of the task has been extended with 1 days and 0 hours.

Task Needs More Work by Aleksej Saushev December 11 2012 22:55 UTC

One of the mentors has sent this task back for more work. Talk to the mentor(s) assigned to this task to satisfy the requirements needed to complete this task, submit your work again and mark the task as complete once you re-submit your work.

Ready for review by Matthew December 11 2012 23:03 UTC

The work on this task is ready to be reviewed.

Task Closed by Aleksej Saushev December 11 2012 23:04 UTC

Congratulations, this task has been completed successfully.