From ba005f193d88a8404e81db3df223cf689d64d75e Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Tue, 24 Jan 2017 17:06:21 -0500 Subject: Allow password file name to be specified as a libpq connection parameter. Formerly an alternate password file could only be selected via the environment variable PGPASSFILE; now it can also be selected via a new connection parameter "passfile", corresponding to the conventions for most other connection parameters. There was some concern about this creating a security weakness, but it was agreed that that argument was pretty thin, and there are clear use-cases for handling password files this way. Julian Markwort, reviewed by Fabien Coelho, some adjustments by me Discussion: https://postgr.es/m/a4b4f4f1-7b58-a0e8-5268-5f7db8e8ccaa@uni-muenster.de --- doc/src/sgml/libpq.sgml | 35 +++++++++++++++++++++++++---------- 1 file changed, 25 insertions(+), 10 deletions(-) (limited to 'doc/src/sgml') diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml index 2620eec033d..ea7e7da9d42 100644 --- a/doc/src/sgml/libpq.sgml +++ b/doc/src/sgml/libpq.sgml @@ -943,7 +943,7 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname Note that authentication is likely to fail if host is not the name of the server at network address hostaddr. Also, note that host rather than hostaddr - is used to identify the connection in ~/.pgpass (see + is used to identify the connection in a password file (see ). @@ -1002,6 +1002,19 @@ postgresql://%2Fvar%2Flib%2Fpostgresql/dbname + + passfile + + + Specifies the name of the file used to store passwords + (see ). + Defaults to ~/.pgpass, or + %APPDATA%\postgresql\pgpass.conf on Microsoft Windows. + (No error is reported if this file does not exist.) + + + + connect_timeout @@ -6893,8 +6906,8 @@ myEventProc(PGEventId evtId, void *evtInfo, void *passThrough) Use of this environment variable is not recommended for security reasons, as some operating systems allow non-root users to see process environment variables via - ps; instead consider using the - ~/.pgpass file (see ). + ps; instead consider using a password file + (see ). @@ -6903,9 +6916,8 @@ myEventProc(PGEventId evtId, void *evtInfo, void *passThrough) PGPASSFILE - PGPASSFILE specifies the name of the password file to - use for lookups. If not set, it defaults to ~/.pgpass - (see ). + PGPASSFILE behaves the same as the connection parameter. @@ -7187,13 +7199,16 @@ myEventProc(PGEventId evtId, void *evtInfo, void *passThrough) - The file .pgpass in a user's home directory or the - file referenced by PGPASSFILE can contain passwords to + The file .pgpass in a user's home directory can + contain passwords to be used if the connection requires a password (and no password has been specified otherwise). On Microsoft Windows the file is named %APPDATA%\postgresql\pgpass.conf (where %APPDATA% refers to the Application Data subdirectory in the user's profile). + Alternatively, a password file can be specified + using the connection parameter + or the environment variable PGPASSFILE. @@ -7219,8 +7234,8 @@ myEventProc(PGEventId evtId, void *evtInfo, void *passThrough) - On Unix systems, the permissions on .pgpass must - disallow any access to world or group; achieve this by the command + On Unix systems, the permissions on a password file must + disallow any access to world or group; achieve this by a command such as chmod 0600 ~/.pgpass. If the permissions are less strict than this, the file will be ignored. On Microsoft Windows, it is assumed that the file is stored in a directory that is secure, so -- cgit v1.2.3