Re: rolcanlogin vs. the flat password file
Tom Lane <tgl@sss.pgh.pa.us>
From: Tom Lane <tgl@sss.pgh.pa.us>
To: Michael Glaesemann <grzm@seespotcode.net>
Cc: pgsql-hackers@postgresql.org
Date: 2007-10-14T20:56:25Z
Lists: pgsql-hackers
Michael Glaesemann <grzm@seespotcode.net> writes: > Would there be a difference in how this is logged and how it's > reported to the user? Not without making all the same infrastructure changes that would be needed to tell the user something different than now. As things stand, the password auth code can't tell the difference between a nonexistent role and a nologin role; neither one has an entry in the flat file. If we dropped the filtering in flatfiles.c, then a nologin role would have an entry, but most likely without a password, so you'd still just see "password auth failed". regards, tom lane