Thread

  1. psql and passwords

    Michael Devogelaere <michael@mind.be> — 2002-04-15T16:41:19Z

    Hi,
    
    I've recently installed a beta-release of RedHat which ships PostgreSQL
    7.2.1 and have troubles with using psql in non-interactive scripts.
    
    With the previous version, i passed the password with
     'echo pass | psql -d db -U user -h server -c "..."' 
    but that doesn't seem to work anymore (because it reads the password now
    from /dev/tty instead of stdin i guess).
    
    Is this a RedHat-specific issue or is it more general ? And of course:
    what's the solution ? ;)
    
    
    Kind regards,
    Michael Devogelaere.
    
    
    
    
    
    
    
  2. Re: psql and passwords

    Tom Lane <tgl@sss.pgh.pa.us> — 2002-04-15T18:52:25Z

    Michael Devogelaere <michael@mind.be> writes:
    > With the previous version, i passed the password with
    >  'echo pass | psql -d db -U user -h server -c "..."' 
    > but that doesn't seem to work anymore (because it reads the password now
    > from /dev/tty instead of stdin i guess).
    
    This was a deliberate change (some of us had misgivings about it but
    were voted down).
    
    I'd suggest seeing if you can't avoid needing passwords anymore,
    instead.  "ident" auth works over local connections now (at least
    on some platforms, including recent Linuxen).
    
    			regards, tom lane
    
    
  3. Re: psql and passwords

    Nigel J. Andrews <nandrews@investsystems.co.uk> — 2002-04-15T19:09:10Z

    On Mon, 15 Apr 2002, Tom Lane wrote:
    
    > Michael Devogelaere <michael@mind.be> writes:
    > > With the previous version, i passed the password with
    > >  'echo pass | psql -d db -U user -h server -c "..."' 
    > > but that doesn't seem to work anymore (because it reads the password now
    > > from /dev/tty instead of stdin i guess).
    > 
    > This was a deliberate change (some of us had misgivings about it but
    > were voted down).
    > 
    > I'd suggest seeing if you can't avoid needing passwords anymore,
    > instead.  "ident" auth works over local connections now (at least
    > on some platforms, including recent Linuxen).
    > 
    
    I don't know when the change was made but it never worked for me, and I'm sure
    that included 7.0.2 if not 6.5.1
    
    Anyway, the solution is to set PGPASSWORD in the evironment. Once I remembered
    about that it all became so much easier.
    
    
    -- 
    Nigel J. Andrews
    Director
    
    ---
    Logictree Systems Limited
    Computer Consultants
    
    
    
  4. Re: psql and passwords

    Doug McNaught <doug@wireboard.com> — 2002-04-15T19:23:22Z

    "Nigel J. Andrews" <nandrews@investsystems.co.uk> writes:
    
    > I don't know when the change was made but it never worked for me,
    > and I'm sure that included 7.0.2 if not 6.5.1
    > 
    > Anyway, the solution is to set PGPASSWORD in the evironment. Once I
    > remembered about that it all became so much easier.
    
    Note that this is potentially insecure as some systems expose your
    environment to other users.
    
    -Doug
    -- 
    Doug McNaught       Wireboard Industries      http://www.wireboard.com/
    
          Custom software development, systems and network consulting.
          Java PostgreSQL Enhydra Python Zope Perl Apache Linux BSD...
    
    
  5. Re: psql and passwords

    Curt Sampson <cjs@cynic.net> — 2002-04-16T03:32:43Z

    On 15 Apr 2002, Doug McNaught wrote:
    
    > "Nigel J. Andrews" <nandrews@investsystems.co.uk> writes:
    >
    > > Anyway, the solution is to set PGPASSWORD in the evironment. Once I
    > > remembered about that it all became so much easier.
    >
    > Note that this is potentially insecure as some systems expose your
    > environment to other users.
    
    Indeed. What about adding an option whose argument is the name of
    a file containing the password?
    
    cjs
    -- 
    Curt Sampson  <cjs@cynic.net>   +81 90 7737 2974   http://www.netbsd.org
        Don't you know, in this new Dark Age, we're all light.  --XTC
    
    
    
  6. Re: psql and passwords

    Bruce Momjian <pgman@candle.pha.pa.us> — 2002-04-16T03:34:43Z

    Curt Sampson wrote:
    > On 15 Apr 2002, Doug McNaught wrote:
    > 
    > > "Nigel J. Andrews" <nandrews@investsystems.co.uk> writes:
    > >
    > > > Anyway, the solution is to set PGPASSWORD in the evironment. Once I
    > > > remembered about that it all became so much easier.
    > >
    > > Note that this is potentially insecure as some systems expose your
    > > environment to other users.
    > 
    > Indeed. What about adding an option whose argument is the name of
    > a file containing the password?
    
    Already on TODO and I hope it is done for 7.3:
    
    * Add PGPASSWORDFILE environment variable or ~/.pgpass to store
      user/host/password combinations
    
    We even have:
    
    * Remove PGPASSWORD because it is insecure on some OS's
    
    -- 
      Bruce Momjian                        |  http://candle.pha.pa.us
      pgman@candle.pha.pa.us               |  (610) 853-3000
      +  If your life is a hard drive,     |  830 Blythe Avenue
      +  Christ can be your backup.        |  Drexel Hill, Pennsylvania 19026