This blog is kind of a continuation of the configuration i did earlier with LDAP/TLS.
I have come across configuration requirements which require pgbouncer to use PAM authentication with LDAP.
Now by default, pgbouncer does not support direct configuration with LDAP and using this method here will be one of the ways to archive this. Also note that not all versions of pgbouncer do support PAM (pluggable authentication Module). Any service that requires authentication is linked against the PAM libraries included with Linux.
AS seen below, the PAM module is present for logins
[Tue Feb 02 14:54:31 [email protected] :/etc/pam.d
>systemctl stop edb-pgbouncer-1.14.service
[Tue Feb 02 14:54:54 [email protected] :/etc/pam.d
>ldd /bin/login
linux-vdso.so.1 => (0x00007ffdb0576000)
libpam.so.0 => /lib64/libpam.so.0 (0x00007eff73a35000)
libpam_misc.so.0 => /lib64/libpam_misc.so.0 (0x00007eff73831000)
libaudit.so.1 => /lib64/libaudit.so.1 (0x00007eff73608000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x00007eff733e1000)
libc.so.6 => /lib64/libc.so.6 (0x00007eff73013000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007eff72e0f000)
libcap-ng.so.0 => /lib64/libcap-ng.so.0 (0x00007eff72c09000)
libpcre.so.1 => /lib64/libpcre.so.1 (0x00007eff729a7000)
/lib64/ld-linux-x86-64.so.2 (0x00007eff73c44000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007eff7278b000)
[Tue Feb 02 16:34:18 [email protected] :/etc/pam.d
>
There are other files in the /etc/pam.d directory which can be used to configure PAM as could be seen from a previous post i did on configuring PAM for edb postgres.
So i wont go too deep into this as must of my blogs are based on videos, I also have a video on this configuration and setup. You can look at the video section of the page for more details.
