Re: [PATCH] initdb: Option description. - Mailing list pgsql-bugs
| From | Mats Erik Andersson |
|---|---|
| Subject | Re: [PATCH] initdb: Option description. |
| Date | |
| Msg-id | 20141126233255.GA8130@mail.gisladisker.se Whole thread Raw |
| In response to | Re: [PATCH] initdb: Option description. (Magnus Hagander <magnus@hagander.net>) |
| Responses |
Re: [PATCH] initdb: Option description.
|
| List | pgsql-bugs |
tisdag den 25 november 2014 klockan 13:52 skrev Magnus Hagander detta:
> On Mon, Nov 17, 2014 at 12:12 AM, Mats Erik Andersson
> <bsd@gisladisker.se> wrote:
> > Hello there,
> >
> > the recent introduction of new options `--auth-local'
> > and `--auth-host' have lead to some confusion in the
> > help massage for inetdb, leaving an erroneous `local'
> > for `--auth' and `--auth-host'. Please consider the
> > following patch to improve the relevance.
>
> Hi!
>
> The idea behind the current wording is that it only sets the
> authentication type for 127.0.0.1 and ::1 -- there is no entry in
> pg_hba.conf generated for non-local TCP/IP connections. Perhaps we
> could clarify it by saying "localhost TCP/IP" rather than "local
> TCP/IP" though?
Even admitting that the template is stated for localhost only,
it seems clearer in my view to ignore this technicality in the
message. Scaring the administrator slightly is no bad thing.
My misinterpretation of "local" in "initdb.c" continues in two
more messages, so let me mention also them in order to make the
discussion complete. I accept to be contradicted, but letting
others see the explicit changes might provoke [sic] an optimal
motivation for any decision!
Best regards,
Mats Erik Andersson
diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c
index 3b52867..0dcceda 100644
--- a/src/bin/initdb/initdb.c
+++ b/src/bin/initdb/initdb.c
@@ -159,9 +159,9 @@ static char *dynamic_shared_memory_type = NULL;
* Warning messages for authentication methods
*/
#define AUTHTRUST_WARNING \
-"# CAUTION: Configuring the system for local \"trust\" authentication\n" \
-"# allows any local user to connect as any PostgreSQL user, including\n" \
-"# the database superuser. If you do not trust all your local users,\n" \
+"# CAUTION: Configuring the system for \"trust\" authentication\n" \
+"# allows any user to connect as any PostgreSQL user, including\n" \
+"# the database superuser. If you do not trust all your users,\n" \
"# use another authentication method.\n"
static char *authwarning = NULL;
@@ -2868,8 +2868,8 @@ usage(const char *progname)
printf(_("Usage:\n"));
printf(_(" %s [OPTION]... [DATADIR]\n"), progname);
printf(_("\nOptions:\n"));
- printf(_(" -A, --auth=METHOD default authentication method for local connections\n"));
- printf(_(" --auth-host=METHOD default authentication method for local TCP/IP connections\n"));
+ printf(_(" -A, --auth=METHOD default authentication method for all connections\n"));
+ printf(_(" --auth-host=METHOD default authentication method for TCP/IP connections\n"));
printf(_(" --auth-local=METHOD default authentication method for local-socket connections\n"));
printf(_(" [-D, --pgdata=]DATADIR location for this database cluster\n"));
printf(_(" -E, --encoding=ENCODING set default encoding for new databases\n"));
@@ -2906,7 +2906,7 @@ check_authmethod_unspecified(const char **authmethod)
{
if (*authmethod == NULL || strlen(*authmethod) == 0)
{
- authwarning = _("\nWARNING: enabling \"trust\" authentication for local connections\n"
+ authwarning = _("\nWARNING: Enabling \"trust\" authentication for some connections.\n"
"You can change this by editing pg_hba.conf or using the option -A, or\n"
"--auth-local and --auth-host, the next time you run initdb.\n");
*authmethod = "trust";
pgsql-bugs by date: