Hello pgadmin-support
Long-time user, first time emailing.
I’m trying to use the Password exec feature to fetch a secret from AWS Secrets Manager. I’ve created both a python script and then a sh script and neither work. Oddly nothing about password exec is reported in logs. I just get the error below.
pgAdmin 4 v 9.7 as desktop app
python 3.13.7
macOS 15.7.1
Things I’ve tried:
- Executing either script from the command line works as expected and returns just the password string.
- scripts have chmod +x for all users.
- I’ve provided the full path to script in the Password exec entry
- Tried quoting and escaping command line.
- The shell script uses aws cli and full path is provided in script.
- Moved the script to the ~/Library/Application Support/pgAdmin 4 in case macOS disk access issues were in play.
Error:
connection failed: connection to server at “10.x.x.x", port 5432 failed: could not initiate GSSAPI security context: Unspecified GSS failure. Minor code may provide more information: Cannot find KDC for realm "KERBEROS.MICROSOFTONLINE.COM"
connection to server at “10.x.x.x", port 5432 failed: fe_sendauth: no password supplied
From what I can parse of source code, I don’t think the ENABLE_SERVER_PASS_EXEC_CMD comes into play as I’m not operating in server mode.
Does anyone have examples of a config that works?
Any advice on how I can debug further?
Thanks for any pointers!
