pg_rewind and user / passfile

Hi!
I have noticed, if I use
pg_basebackup -D $PGDATA -h $NEW_PRIMARY -U $SOME_ADMIN_USER
(where $SOME_ADMIN_USER is a privileged user, not the replica user)
i got a "show primary_conninfo" as ;
user=<REPLICA_USER> passfile='/var/lib/postgresql/.pgpass'
channel_binding=prefer host=pg_red port=5432 sslmode=prefer
sslcompression=0 sslsni=1 ssl_min_protocol_version=TLSv1.2
gssencmode=prefer krbsrvname=postgres target_session_attrs=any

Which is cool, since the user is the correct replica user (not the one I
specified at command line), AND more importantly, there is no pasword there.

If instead, on a old primary, I perform a pg_rewind, the primary_conninfo is
user=<USER_I_PASSED_AT_COMMAND_LINE> password=<ITS_PASSWORD_IN_CLEAR>
channel_binding=prefer host=pg_blue port=5432
sslmode=prefer sslcompression=0 sslsni=1
ssl_min_protocol_version=TLSv1.2
gssencmode=prefer krbsrvname=postgres target_session_attrs=any
If I user the replica-specific user, i get
ERROR: permission denied for function pg_read_binary_file

Question (and at the point of this mail):
* is there a way to tell pg_rewind to use the passfile?
* Am I doing something wrong?

Thank!