| From: | Magnus Hagander <magnus(at)hagander(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: rolcanlogin vs. the flat password file |
| Date: | 2007-10-17 14:46:34 |
| Message-ID: | 20071017144634.GD6268@svr2.hagander.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Sun, Oct 14, 2007 at 06:16:04PM -0400, Stephen Frost wrote:
> * Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> > > Stephen Frost <sfrost(at)snowman(dot)net> writes:
> > >> I wonder if the OP was unhappy because he created a role w/ a pw and
> > >> then couldn't figure out why the user couldn't log in?
> >
> > > Hm, maybe. In that case just not filtering the entry out of the flat
> > > file would be good enough.
> >
> > I've confirmed the confusing behavior in CVS HEAD. With password auth
> > selected in pg_hba.conf:
> [...]
> > Should we just do this, or is it worth working harder?
>
> I certainly like this. Honestly, I'd also like the warning when doing a
> 'create role'/'alter role' that sets/changes the pw on an account that
> doesn't have 'rolcanlogin'. Much better to have me notice that I goof'd
> the command and fix it before telling the user 'go ahead and log in'
> than to have the user complain that it's not working. :)
>
> Just my 2c.
I think that's a good idea. Attached is a patch that implements this (I
think - haven't messed around in that area of the code before). Thoughts?
//Magnus
| Attachment | Content-Type | Size |
|---|---|---|
| warn_user_no_pwd.patch | text/plain | 1.1 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Pavel Stehule | 2007-10-17 14:47:17 | Re: [COMMITTERS] pgsql: Re-allow UTF8 encodings on win32. |
| Previous Message | Tommy Gildseth | 2007-10-17 14:11:27 | Re: DBLink's default user: postgres |