On Thu, Aug 8, 2024 at 09:44:51AM +0000, PG Doc comments form wrote:
> The following documentation comment has been logged on the website:
>
> Page: https://www.postgresql.org/docs/16/libpq-pgpass.html
> Description:
>
> The documentation of the .pgpass password file is incomplete in the Unix
> case (https://www.postgresql.org/docs/16/libpq-pgpass.html):
>
> It does not mention how the .pgpass File is actually found. One would
> assume it uses the getpwent() function to find the current users
> homedirectory and locate the .pgpass file there, but this is not the case.
> It only looks at the HOME environment variable.
>
> If you change the user using setuid() and do not change HOME as well, the
> file not be found. Or assume you start a DB client as root by using su to
> change the user id, things will not work:
>
> # /bin/su -c "startx -- " - xpos
>
> This starts X11 and changes to the user xpos, but it does only change the
> user id, not $HOME.
Well, it is more complicated than checking just HOME because it calls
getpwuid_r() if HOME is not set:
https://doxygen.postgresql.org/fe-connect_8c.html#a3f49cbb20595c1765bd0db5ff434c9c3
Is it worth going into that detail in the docs?
--
Bruce Momjian <bruce@momjian.us> https://momjian.us
EDB https://enterprisedb.com
Only you can decide what is important to you.
