| From: | Andrew Dunstan <andrew(dot)dunstan(at)2ndquadrant(dot)com> |
|---|---|
| To: | Andres Freund <andres(at)anarazel(dot)de> |
| Cc: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>, pgsql-hackers(at)lists(dot)postgresql(dot)org |
| Subject: | Re: initdb recommendations |
| Date: | 2019-07-24 13:55:05 |
| Message-ID: | 3b25d6e0-6e4f-a6cf-71a9-8df603efc422@2ndQuadrant.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-docs pgsql-hackers |
On 7/22/19 1:40 PM, Andres Freund wrote:
> Hi,
>
> On 2019-07-22 13:02:13 -0400, Andrew Dunstan wrote:
>> There are a few things we could do. We could force trust auth, or we
>> could add an ident map that allowed $USER to login as buildfarm. Finding
>> all the places we would need to fix that could be a fun project ...
> Perhaps we could actually do so automatically when the initdb invoking
> user isn't the same as the OS user? Imo that'd be generally quite
> useful, and not just for the regression tets.
>
yeah, although I think that's a separate exercise.
So we'd have something like
in pg_hba.conf
local all all peer map=datadir_owner
and in pg_ident.conf
datadir_owner $USER $superuser
cheers
andrew
--
Andrew Dunstan https://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andrew Dunstan | 2019-07-24 14:00:34 | Re: initdb recommendations |
| Previous Message | Daniel Gustafsson | 2019-07-24 08:28:07 | Re: Formatting of warning about using ident |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Alexander Korotkov | 2019-07-24 13:59:11 | Re: Psql patch to show access methods info |
| Previous Message | Alexander Korotkov | 2019-07-24 13:54:15 | Re: Psql patch to show access methods info |