Re: initdb recommendations

From: Andrew Dunstan <andrew(dot)dunstan(at)2ndquadrant(dot)com>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>, Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com>
Cc: Andrew Dunstan <andrew(at)dunslane(dot)net>, pgsql-hackers(at)lists(dot)postgresql(dot)org
Subject: Re: initdb recommendations
Date: 2019-07-22 19:20:50
Message-ID: 5abe622e-78e3-a82c-5f50-3b7295db7056@2ndQuadrant.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-docs pgsql-hackers


On 7/22/19 3:15 PM, Tom Lane wrote:
> I wrote:
>> BTW, it looks like the Windows buildfarm critters have a
>> separate problem: they're failing with
>> initdb: error: must specify a password for the superuser to enable md5 authentication
> I tried doing a run on gaur (old HPUX, so no "peer" auth) before the
> revert happened. It got as far as initdb-check [1], which failed quite
> thoroughly with lots of the same error as above. Depressingly, a lot of
> the test cases that expected some type of error "succeeded", indicating
> they're not actually checking to see which error they got. Boo hiss.
>
> Presumably Noah's AIX menagerie would have failed in about the
> same way if it had run.
>
> So we've got a *lot* of buildfarm work to do before we can think about
> changing this.

Ouch. I'll test more on Windows.

>
> Frankly, this episode makes me wonder whether changing the default is
> even a good idea at this point. People who care about security have
> already set up their processes to select a useful-to-them auth option,
> while people who do not care are unlikely to be happy about having
> security rammed down their throats, especially if it results in the
> sort of push-ups we're looking at having to do in the buildfarm.
> I think this has effectively destroyed the argument that only
> trivial adjustments will be required.
>
> regards, tom lane
>
> [1] https://buildfarm.postgresql.org/cgi-bin/show_log.pl?nm=gaur&dt=2019-07-22%2017%3A08%3A27
>

There's a strong tendency these days to be secure by default, so I
understand the motivation.

cheers

andrew

--
Andrew Dunstan https://www.2ndQuadrant.com
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

In response to

Responses

Browse pgsql-docs by date

  From Date Subject
Next Message Tom Lane 2019-07-22 22:08:32 Re: initdb recommendations
Previous Message Andrew Dunstan 2019-07-22 19:16:32 Re: initdb recommendations

Browse pgsql-hackers by date

  From Date Subject
Next Message Alvaro Herrera 2019-07-22 19:34:59 Re: Broken defenses against dropping a partitioning column
Previous Message Andrew Dunstan 2019-07-22 19:16:32 Re: initdb recommendations