| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-committers(at)lists(dot)postgresql(dot)org |
| Subject: | pgsql: Make psql's \password default to CURRENT_USER, not PQuser(conn). |
| Date: | 2021-11-12 19:56:02 |
| Message-ID: | E1mlceY-0000yc-Ax@gemulon.postgresql.org |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-committers |
Make psql's \password default to CURRENT_USER, not PQuser(conn).
The documentation says plainly that \password acts on "the current user"
by default. What it actually acted on, or tried to, was the username
used to log into the current session. This is not the same thing if
one has since done SET ROLE or SET SESSION AUTHENTICATION. Aside from
the possible surprise factor, it's quite likely that the current role
doesn't have permissions to set the password of the original role.
To fix, use "SELECT CURRENT_USER" to get the role name to act on.
(This syntax works with servers at least back to 7.0.) Also, in
hopes of reducing confusion, include the role name that will be
acted on in the password prompt.
The discrepancy from the documentation makes this a bug, so
back-patch to all supported branches.
Patch by me; thanks to Nathan Bossart for review.
Discussion: https://postgr.es/m/747443.1635536754@sss.pgh.pa.us
Branch
------
REL_11_STABLE
Details
-------
https://git.postgresql.org/pg/commitdiff/b062ca508cd4ab701fffc892afd59e07cb7f0c9f
Modified Files
--------------
src/bin/psql/command.c | 34 +++++++++++++++++++++-------------
1 file changed, 21 insertions(+), 13 deletions(-)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Daniel Gustafsson | 2021-11-12 20:58:20 | pgsql: Document PG_TEST_NOCLEAN in TAP test README |
| Previous Message | Tom Lane | 2021-11-12 17:50:53 | Re: pgsql: Remove check for accept() argument types |