From: | Julien Rouhaud <rjuju123(at)gmail(dot)com> |
---|---|
To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org>, Noah Misch <noah(at)leadboat(dot)com>, Magnus Hagander <magnus(at)hagander(dot)net>, "Jonathan S(dot) Katz" <jkatz(at)postgresql(dot)org> |
Subject: | Re: initdb recommendations |
Date: | 2019-07-11 19:34:25 |
Message-ID: | CAOBaU_bTm5M-787dAw=E3OQ13ag_BqOboVWz9xkjQk1=__MwDQ@mail.gmail.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-docs pgsql-hackers |
On Tue, Jun 18, 2019 at 10:33 PM Peter Eisentraut
<peter(dot)eisentraut(at)2ndquadrant(dot)com> wrote:
>
> On 2019-05-23 18:54, Peter Eisentraut wrote:
> > To recap, the idea here was to change the default authentication methods
> > that initdb sets up, in place of "trust".
> >
> > I think the ideal scenario would be to use "peer" for local and some
> > appropriate password method (being discussed elsewhere) for host.
I'm also personally all for that change.
> Patch for that attached.
Patch applies and compiles cleanly, same for documentation. The
change works as intended, so I don't have much to say.
> Note that with this change, running initdb without arguments will now
> error on those platforms: You need to supply either a password or select
> a different default authentication method.
Should we make this explicitly stated in the documentation? As a
reference, it's saying:
The default client authentication setup is such that users can connect
over the Unix-domain socket to the same database user name as their
operating system user names (on operating systems that support this,
which are most modern Unix-like systems, but not Windows) and
otherwise with a password. To assign a password to the initial
database superuser, use one of initdb's -W, --pwprompt or -- pwfile
options.
From | Date | Subject | |
---|---|---|---|
Next Message | David Fetter | 2019-07-11 20:48:09 | Re: initdb recommendations |
Previous Message | Liudmila Mantrova | 2019-07-11 14:49:26 | misc doc fixes for REL_12_STABLE |
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2019-07-11 19:47:50 | Re: [Proposal] Table-level Transparent Data Encryption (TDE) and Key Management Service (KMS) |
Previous Message | Dave Cramer | 2019-07-11 19:15:55 | Re: let's make the list of reportable GUCs configurable (was Re: Add %r substitution for psql prompts to show recovery status) |