Re: BUG #16550: Problem with pg_service.conf

On Wed, Jul 22, 2020 at 12:47 PM Michał Lis <fcs1(at)poczta(dot)onet(dot)pl> wrote:

> No, the file is only on the server side.
>

Re-reading the OP I see where you tried to communicate this fact but it is
so contrary to the documentation and general use I hadn't considered that
this might be what you had done.

I expected the client will ask the server using the service name.
>

How does the client even know where the server is in order to ask it? The
whole point of having pg_service.conf is to avoid passing arguments on the
command line and instead store them attached to a name in a local file.

If the service will be found on the server, the server should accept the
> connection from the client.
>

This is the purpose of the pg_hba.conf file...
https://www.postgresql.org/docs/12/auth-pg-hba-conf.html

Having the server accept a connection just because the client knows the
name of a service is insecure.

In pg_service.conf file can be stored user name and password.
>

Yes, the user name and password your client is going to present to the user
to identify itself. The host field indicates where the server is located.

I want to use login of service type, because I won't to store any login
> information (ie password) on the client side.
>

What you describe is worse than having a password securely stored on the
local machine.

What you want to do is possible but using the pg_service.conf file plays no
role. And really the password should not be placed into pg_service.conf
anyway - if you are going to use that file you probably should also use the
.pgpass file.

> Copping the pg_service.conf to the client and setting the system variable
> to this file, rather has no sense.
>

Which machine are you thinking the "system variable" is being set on?

David J.