Re: Bypassing authentication

From: Andre Majorel <aym-2lqsgp(at)teaser(dot)fr>
To: pgsql-novice(at)postgresql(dot)org
Subject: Re: Bypassing authentication
Date: 2010-07-10 12:51:26
Message-ID: 20100710125126.GC2132@aym.net2.nerim.net
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-novice

On 2010-07-08 16:42 -0400, Tom Lane wrote:
> Andre Majorel <aym-2lqsgp(at)teaser(dot)fr> writes:
> > Is there a way to have psql bypass authentication as joe if the
> > system user running psql is postgres, the way su doesn't ask for
> > password if you are root ?
>
> Not per se, but you could set up an ident map that says postgres
> is allowed to log in as joe (and anybody else he needs to log in as).
>
> I think 9.0 will have some wildcard ability in ident maps, which'd
> save you from having to list a lot of roles in the map; but IIRC
> there is none in existing releases.

Mmm... In an installation procedure, the less mucking about with
pg_hba.conf, the better.

A method that seems to work for me is to authenticate as a
superuser and *then* become joe with SET ROLE :

$ sudo -u postgres psql -At -c "SET ROLE 'joe'; SHOW IS_SUPERUSER;"
off

Thank you.

--
André Majorel http://www.teaser.fr/~amajorel/

In response to

Browse pgsql-novice by date

  From Date Subject
Next Message Frank Bax 2010-07-10 12:56:00 Re: SQL from Linux command line
Previous Message Mladen Gogala 2010-07-10 12:03:16 Re: SQL from Linux command line