LDAP/TLS, Pgbouncer With PAM Authentication

This blog is kind of a continuation of the configuration i did earlier with LDAP/TLS.

I have come across configuration requirements which require pgbouncer to use PAM authentication with LDAP.

Now by default, pgbouncer does not support direct configuration with LDAP and using this method here will be one of the ways to archive this. Also note that not all versions of pgbouncer do support PAM (pluggable authentication Module).  Any service that requires authentication is linked against the PAM libraries included with Linux.

AS seen below, the PAM module is present for logins

[Tue Feb 02 14:54:31 root@ldapepas-0.182 :/etc/pam.d
>systemctl stop edb-pgbouncer-1.14.service 
[Tue Feb 02 14:54:54 root@ldapepas-0.182 :/etc/pam.d
>ldd /bin/login
	linux-vdso.so.1 =>  (0x00007ffdb0576000)
	libpam.so.0 => /lib64/libpam.so.0 (0x00007eff73a35000)
	libpam_misc.so.0 => /lib64/libpam_misc.so.0 (0x00007eff73831000)
	libaudit.so.1 => /lib64/libaudit.so.1 (0x00007eff73608000)
	libselinux.so.1 => /lib64/libselinux.so.1 (0x00007eff733e1000)
	libc.so.6 => /lib64/libc.so.6 (0x00007eff73013000)
	libdl.so.2 => /lib64/libdl.so.2 (0x00007eff72e0f000)
	libcap-ng.so.0 => /lib64/libcap-ng.so.0 (0x00007eff72c09000)
	libpcre.so.1 => /lib64/libpcre.so.1 (0x00007eff729a7000)
	/lib64/ld-linux-x86-64.so.2 (0x00007eff73c44000)
	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007eff7278b000)
[Tue Feb 02 16:34:18 root@ldapepas-0.182 :/etc/pam.d

There are other files in the /etc/pam.d directory which can be used to configure PAM as could be seen from a previous post i did on configuring PAM for edb postgres.

So i wont go too deep into this as must of my blogs are based on videos, I also have a video on this configuration and setup. You can look at the video section of the page for more details.

About the author


Hi, I'm Benson Yerima, a database administrator with an obsession for all things tech. This blog is dedicated for helping people learn about database technology.

View all posts