Re: Authenticating user `postgres'
Keary Suska <hierophant@pcisys.net>
From: Keary Suska <hierophant@pcisys.net>
To: PostgreSQL <pgsql-general@postgresql.org>
Date: 2001-09-26T22:20:30Z
Lists: pgsql-general
Actually, you can, but I find it dubious from a security standpoint. You can set the environment variables PGUSER and PGPASSWORD in your shell startup script for the postgres user. Keary Suska Esoteritech, Inc. "Leveraging Open Source for a better Internet" > From: Tom Lane <tgl@sss.pgh.pa.us> > Date: Wed, 26 Sep 2001 15:57:35 -0400 > To: Arcady Genkin <a.genkin@utoronto.ca> > Cc: pgsql-general@postgresql.org > Subject: Re: [GENERAL] Authenticating user `postgres' > > Arcady Genkin <a.genkin@utoronto.ca> writes: >> The problem I'm having is that I want local UNIX user `postgres', who >> is the database superuser, to be able to connect to any database >> without a password. > > You can't make postgres' life any easier than you make it for anyone > else coming from the same machine, because the authentication mechanism > is chosen on the basis of the client machine and (possibly) the target > database --- not on the basis of who the user is. Offhand I'd think it > foolish to make it easier to get into the superuser account than regular > accounts anyway. > > One possibility is to run an IDENT daemon and allow ident-authenticated > connections from 127.0.0.1. Then "pg_dumpall -h localhost" would work > without a password. Trusting other people's IDENT daemons is widely > considered a bad idea, but I see no reason not to trust your own. > > regards, tom lane > > ---------------------------(end of broadcast)--------------------------- > TIP 5: Have you checked our extensive FAQ? > > http://www.postgresql.org/users-lounge/docs/faq.html >