| From: | Bruce Momjian <pgman(at)candle(dot)pha(dot)pa(dot)us> |
|---|---|
| To: | Alvaro Herrera <alvherre(at)dcc(dot)uchile(dot)cl> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Patches <pgsql-patches(at)postgresql(dot)org> |
| Subject: | Re: nested xacts: update password file |
| Date: | 2004-07-12 18:31:37 |
| Message-ID: | 200407121831.i6CIVbv23717@candle.pha.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-patches |
OK, but why would we document the contents of a file that are not to be
modified by the user?
---------------------------------------------------------------------------
Alvaro Herrera wrote:
> On Mon, Jul 12, 2004 at 02:18:40PM -0400, Bruce Momjian wrote:
>
> > > >> Something that bugged me a lot is that I tried to find the format of the
> > > >> file for testing the patch, and I couldn't find anything anywhere in the
> > > >> docs. Apparently the docs for the file were ripped with the docs for
> > > >> the pg_passwd utility when it was ripped before the 7.3 release.
> >
> > I was confused by this. What docs for the password file did we have?
>
> I see this in 7.2 docs. This is not mentioned anywhere in current docs.
> Does it work with other auth mechanisms (md5, crypt)?
>
> <para>
> The format of a text password file is one entry per line; the fields
> of each entry are separated by colons. The first field is the user
> name, the second field is the encrypted password. Other fields are
> ignored (to allow password files to be shared between applications
> that use similar formats). <application>pg_passwd</application>
> enables users to interactively add entries to such a file, to alter
> passwords of existing entries, and to encrypt such passwords.
> </para>
>
> [...]
>
> <para>
> To make use of this password file, put a line like the following in
> <filename>pg_hba.conf</filename>:
>
> <programlisting>
> host mydb 133.65.96.250 255.255.255.255 password passwords
> </programlisting>
>
> which would allow access to database mydb from host 133.65.96.250 using
> the passwords listed in the <filename>passwords</filename> file (and
> only to the users listed in that file).
> </para>
>
> <note>
> <para>
> It is also useful to have entries in a password file with empty
> password fields. (This is different from an empty password.) Such
> entries allow you to restrict users who can access the system. These
> entries cannot be managed by <application>pg_passwd</application>,
> but you can edit password files manually.
> </para>
> </note>
>
>
> --
> Alvaro Herrera (<alvherre[a]dcc.uchile.cl>)
> "La primera ley de las demostraciones en vivo es: no trate de usar el sistema.
> Escriba un gui?n que no toque nada para no causar da?os." (Jakob Nielsen)
>
--
Bruce Momjian | http://candle.pha.pa.us
pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup. | Newtown Square, Pennsylvania 19073
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2004-07-12 18:50:16 | Re: nested xacts: update password file |
| Previous Message | Alvaro Herrera | 2004-07-12 18:29:41 | Re: nested xacts: update password file |