blob: 19d776abc922d83530e40e0d6acc881a83544bac (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
|
<!--
$Header: /cvsroot/pgsql/doc/src/sgml/ref/Attic/pg_passwd.sgml,v 1.1 1999/07/22 15:09:13 thomas Exp $
Postgres documentation
-->
<refentry id="APP-PG-PASSWD">
<refmeta>
<refentrytitle id="APP-PG-PASSWD-TITLE">
<application>pg_passwd</application>
</refentrytitle>
<refmiscinfo>Application</refmiscinfo>
</refmeta>
<refnamediv>
<refname>
<application>pg_passwd</application>
</refname>
<refpurpose>
Manipulate the flat password file
</refpurpose>
</refnamediv>
<refsynopsisdiv>
<refsynopsisdivinfo>
<date>1999-07-20</date>
</refsynopsisdivinfo>
<synopsis>
pg_passwd <replaceable class="parameter">filename</replaceable>
</synopsis>
</refsynopsisdiv>
<refsect1 id="R1-APP-PG-PASSWD-1">
<refsect1info>
<date>1999-07-20</date>
</refsect1info>
<title>
Description
</title>
<para>
<application>pg_passwd</application>
is a tool to manipulate the
flat password file functionality of
<productname>Postgres</productname>. This style of password
authentication is not <emphasis>required</emphasis> in an
installation, but is one of several supported security mechanisms.
</para>
<para>
Specify the password file in the same style of
<literal>Ident</literal> authentication in
<filename>$PGDATA/pg_hba.conf</filename>:
<programlisting>
host unv 133.65.96.250 255.255.255.255 password passwd
</programlisting>
where the above line allows access from 133.65.96.250 using the passwords listed
in <filename>$PGDATA/passwd</filename>.
The format of the password file follows those of
<filename>/etc/passwd</filename>
and
<filename>/etc/shadow</filename>.
The first field is the user name, and the second field
is the encrypted password.
The rest is completely ignored.
Thus the following three sample lines specify the same user and password pair:
<programlisting>
pg_guest:/nB7.w5Auq.BY:10031::::::
pg_guest:/nB7.w5Auq.BY:93001:930::/home/guest:/bin/tcsh
pg_guest:/nB7.w5Auq.BY:93001
</programlisting>
</para>
<para>
Supply the password file to the pg_passwd command.
In the case described above, after changing the working directory to
<envar>PGDATA</envar>, the following command execution specify
the new password for <literal>pg_guest</literal>:
<programlisting>
% pg_passwd passwd
Username: pg_guest
Password:
Re-enter password:
</programlisting>
where the <literal>Password:</literal>
and <literal>Re-enter password:</literal>
prompts require the same password input which are not displayed
on the terminal.
The original password file is renamed to
<filename>passwd.bk</filename>.
</para>
<para>
<application>psql</application>
uses the <option>-u</option>
option to invoke this style of
authentication.
</para>
<para>
The following lines show the sample usage of the option:
<programlisting>
% psql -h hyalos -u unv
Username: pg_guest
Password:
Welcome to the POSTGRESQL interactive sql monitor:
Please read the file COPYRIGHT for copyright terms of POSTGRESQL
type \? for help on slash commands
type \q to quit
type \g or terminate with semicolon to execute query
You are currently connected to the database: unv
unv=>
</programlisting>
</para>
<para>
Perl5 authentication
uses the new style of the <filename>Pg.pm</filename> like this:
<programlisting>
$conn = Pg::connectdb("host=hyalos dbname=unv
user=pg_guest password=xxxxxxx");
</programlisting>
For more details, refer to
<filename>src/interfaces/perl5/Pg.pm</filename>.
</para>
<para>
Pg{tcl,tk}sh authentication
uses the
<function>pg_connect</function>
command with the
<option>-conninfo</option>
option thusly:
<programlisting>
% set conn [pg_connect -conninfo \\
"host=hyalos dbname=unv \\
user=pg_guest password=xxxxxxx "]
</programlisting>
You can list all of the keys for the option by executing the following
command:
<programlisting>
% puts [ pg_conndefaults]
</programlisting>
</para>
</refsect1>
</refentry>
<!-- Keep this comment at the end of the file
Local variables:
mode: sgml
sgml-omittag:nil
sgml-shorttag:t
sgml-minimize-attributes:nil
sgml-always-quote-attributes:t
sgml-indent-step:1
sgml-indent-data:t
sgml-parent-document:nil
sgml-default-dtd-file:"../reference.ced"
sgml-exposed-tags:nil
sgml-local-catalogs:"/usr/lib/sgml/catalog"
sgml-local-ecat-files:nil
End:
-->
|
