| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: rolcanlogin vs. the flat password file |
| Date: | 2007-10-14 22:16:04 |
| Message-ID: | 20071014221604.GK5031@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> > Stephen Frost <sfrost(at)snowman(dot)net> writes:
> >> I wonder if the OP was unhappy because he created a role w/ a pw and
> >> then couldn't figure out why the user couldn't log in?
>
> > Hm, maybe. In that case just not filtering the entry out of the flat
> > file would be good enough.
>
> I've confirmed the confusing behavior in CVS HEAD. With password auth
> selected in pg_hba.conf:
[...]
> Should we just do this, or is it worth working harder?
I certainly like this. Honestly, I'd also like the warning when doing a
'create role'/'alter role' that sets/changes the pw on an account that
doesn't have 'rolcanlogin'. Much better to have me notice that I goof'd
the command and fix it before telling the user 'go ahead and log in'
than to have the user complain that it's not working. :)
Just my 2c.
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Brendan Jurd | 2007-10-15 02:52:05 | Re: [HACKERS] quote_literal with NULL |
| Previous Message | Peter Eisentraut | 2007-10-14 22:02:15 | Re: Back-patch support for python 2.5? |