Re: [PATCH] Add peer authentication TAP test

Michael Paquier <michael@paquier.xyz>

From: Michael Paquier <michael@paquier.xyz>
To: "Drouvot, Bertrand" <bertranddrouvot.pg@gmail.com>
Cc: PostgreSQL Hackers <pgsql-hackers@lists.postgresql.org>
Date: 2022-09-30T00:00:54Z
Lists: pgsql-hackers
On Wed, Sep 28, 2022 at 04:24:44PM +0900, Michael Paquier wrote:
> Hmm, indeed.  It would be more reliable to rely on the contents
> returned by getpeereid()/getpwuid() after one successful peer
> connection, then use it in the map.  I was wondering whether using
> stuff like getpwuid() in the perl script itself would be better, but
> it sounds less of a headache in terms of portability to just rely on
> authn_id via SYSTEM_USER to generate the contents of the correct map.

By the way, on an extra read I have found a few things that can be
simplified
- I think that test_role() should be reworked so as the log patterns
expected are passed down to connect_ok() and connect_fails() rather
than involving find_in_log().  You still need find_in_log() to skip
properly the case where peer is not supported by the platform, of
course.
- get_log_size() is not necessary.  You should be able to get the same
information with "-s $self->logfile".
- Nit: a newline should be added at the end of 003_peer.pl.
--
Michael

Commits

  1. Skip TAP test for peer authentication if there are no unix-domain sockets

  2. Add authentication TAP test for peer authentication