diff options
| author | Bruce Momjian <bruce@momjian.us> | 2002-08-15 02:56:19 +0000 |
|---|---|---|
| committer | Bruce Momjian <bruce@momjian.us> | 2002-08-15 02:56:19 +0000 |
| commit | 7f4981f4af1700456f98ac3f2b2d84959919ec81 (patch) | |
| tree | d954743ddfe828c7626430ff79d956d819748c97 /doc/src | |
| parent | 46aaa5dda3a876ad958d4ea8fe3e8836d2043750 (diff) | |
| download | postgresql-7f4981f4af1700456f98ac3f2b2d84959919ec81.tar.gz postgresql-7f4981f4af1700456f98ac3f2b2d84959919ec81.zip | |
I'm giving a try at some TODO items. Currently it's the turn of the
PGPASSWORDFILE environment variable. I have modified libpq to make use
of this variable. I present the first cut here.
Currently the format for the file should be
host:port:database:user:password
Alvaro Herrera
Diffstat (limited to 'doc/src')
| -rw-r--r-- | doc/src/sgml/libpq++.sgml | 15 | ||||
| -rw-r--r-- | doc/src/sgml/libpq.sgml | 24 |
2 files changed, 29 insertions, 10 deletions
diff --git a/doc/src/sgml/libpq++.sgml b/doc/src/sgml/libpq++.sgml index cd6d2a6a911..eaf9113cf86 100644 --- a/doc/src/sgml/libpq++.sgml +++ b/doc/src/sgml/libpq++.sgml @@ -1,5 +1,5 @@ <!-- -$Header: /cvsroot/pgsql/doc/src/sgml/Attic/libpq++.sgml,v 1.41 2002/03/22 19:20:12 petere Exp $ +$Header: /cvsroot/pgsql/doc/src/sgml/Attic/libpq++.sgml,v 1.42 2002/08/15 02:56:19 momjian Exp $ --> <chapter id="libpqplusplus"> @@ -117,11 +117,14 @@ $Header: /cvsroot/pgsql/doc/src/sgml/Attic/libpq++.sgml,v 1.41 2002/03/22 19:20: </listitem> <listitem> <para> - <envar>PGPASSWORD</envar> - sets the password used if the backend demands password - authentication. This is not recommended because the password can - be read by others using the <command>ps</command> command with special options - on some platforms. + <envar>PGPASSWORD</envar> + sets the password used if the backend demands password + authentication. This is deprecated; use <envar>PGPASSWORDFILE</envar> instead. + <listitem> + <para> + <envar>PGPASSWORDFILE</envar> + sets the password file used if the backend demands password + authentication. Refer to the libpq documentation for more details. </para> </listitem> <listitem> diff --git a/doc/src/sgml/libpq.sgml b/doc/src/sgml/libpq.sgml index 1fb6519806a..f1cb03f8871 100644 --- a/doc/src/sgml/libpq.sgml +++ b/doc/src/sgml/libpq.sgml @@ -1,5 +1,5 @@ <!-- -$Header: /cvsroot/pgsql/doc/src/sgml/libpq.sgml,v 1.90 2002/03/22 19:20:13 petere Exp $ +$Header: /cvsroot/pgsql/doc/src/sgml/libpq.sgml,v 1.91 2002/08/15 02:56:19 momjian Exp $ --> <chapter id="libpq"> @@ -2038,9 +2038,25 @@ sets the user name used to connect to the database and for authentication. </indexterm> <envar>PGPASSWORD</envar> sets the password used if the backend demands password -authentication. This is not recommended because the password can -be read by others using the <command>ps</command> command with special options -on some platforms. +authentication. This functionality is deprecated for security +reasons; consider migrating to <envar>PGPASSWORDFILE</envar>. +</para> +</listitem> +<listitem> +<para> +<indexterm> + <primary><envar>PGPASSWORDFILE</envar></primary> +</indexterm> +<envar>PGPASSWORDFILE</envar> +sets the password file used if the backend demands password authentication. +This file should have the format +<screen> +<replaceable>hostname</replaceable>:<replaceable>port</replaceable>:<replaceable>database</replaceable>:<replaceable>username</replaceable>:<replaceable>password</replaceable> +</screen> +Any of these may be a literal name, or a <literal>*</literal> that matches +anything. The first match will be the one used, so put more specific entries first. +Entries with <literal>:</literal> or <literal>\</literal> should be escaped +with <literal>\</literal>. </para> </listitem> <listitem> |