Thread: Documentation of .pgpass

Documentation of .pgpass

From
Oliver Elphick
Date:
This patch adds information to the documentation on .pgpass and creates
additional index entries for it.


--
Oliver Elphick                                Oliver.Elphick@lfix.co.uk
Isle of Wight, UK
http://www.lfix.co.uk/oliver
GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839  932A 614D 4C34 3E1D 0C1C
                 ========================================
     "Lo, children are an heritage of the LORD; and the
      fruit of the womb is his reward."        Psalms 127:3
Index: doc/src/sgml/libpq.sgml
===================================================================
RCS file: /projects/cvsroot/pgsql-server/doc/src/sgml/libpq.sgml,v
retrieving revision 1.97
diff -u -r1.97 libpq.sgml
--- doc/src/sgml/libpq.sgml    2002/09/21 18:32:53    1.97
+++ doc/src/sgml/libpq.sgml    2002/11/03 00:20:20
@@ -2047,7 +2047,8 @@
 <envar>PGPASSWORD</envar>
 sets the password used if the backend demands password
 authentication.  This functionality is deprecated for security
-reasons; consider migrating to use the <filename>$HOME/.pgpass</>
+reasons; consider migrating to use the <link linkend='pgpassfile'>
+<filename>$HOME/.pgpass</></link>
 file.
 </para>
 </listitem>
@@ -2133,6 +2134,11 @@
  <primary>files</primary>
 </indexterm>
 <para>
+<anchor id="pgpassfile"/>
+<indexterm>
+ <primary>password</primary>
+ <secondary>.pgpass</secondary>
+</indexterm>
 <filename>$HOME/.pgpass</filename> is a file that can contain passwords
 to be used if the connection requires a password. This file should have the
 format:
@@ -2144,6 +2150,11 @@
 Entries with <literal>:</literal> or <literal>\</literal> should be escaped
 with <literal>\</literal>.
 </para>
+<para>
+The permissions on <filename>$HOME/.pgpass</filename> must disallow any
+access to world or group; achieve this by the command
+<command>chmod 0600 $HOME/.pgaccess</command>.
+If the permissions are less strict than this, the file will be ignored.
 </sect1>

 <sect1 id="libpq-threading">

Re: Documentation of .pgpass

From
Bruce Momjian
Date:
Patch applied.  Thanks.

---------------------------------------------------------------------------


Oliver Elphick wrote:
> This patch adds information to the documentation on .pgpass and creates
> additional index entries for it.
>
>
> --
> Oliver Elphick                                Oliver.Elphick@lfix.co.uk
> Isle of Wight, UK
> http://www.lfix.co.uk/oliver
> GPG: 1024D/3E1D0C1C: CA12 09E0 E8D5 8870 5839  932A 614D 4C34 3E1D 0C1C
>                  ========================================
>      "Lo, children are an heritage of the LORD; and the
>       fruit of the womb is his reward."        Psalms 127:3

Content-Description:

[ text/x-patch is unsupported, treating like TEXT/PLAIN ]

> Index: doc/src/sgml/libpq.sgml
> ===================================================================
> RCS file: /projects/cvsroot/pgsql-server/doc/src/sgml/libpq.sgml,v
> retrieving revision 1.97
> diff -u -r1.97 libpq.sgml
> --- doc/src/sgml/libpq.sgml    2002/09/21 18:32:53    1.97
> +++ doc/src/sgml/libpq.sgml    2002/11/03 00:20:20
> @@ -2047,7 +2047,8 @@
>  <envar>PGPASSWORD</envar>
>  sets the password used if the backend demands password
>  authentication.  This functionality is deprecated for security
> -reasons; consider migrating to use the <filename>$HOME/.pgpass</>
> +reasons; consider migrating to use the <link linkend='pgpassfile'>
> +<filename>$HOME/.pgpass</></link>
>  file.
>  </para>
>  </listitem>
> @@ -2133,6 +2134,11 @@
>   <primary>files</primary>
>  </indexterm>
>  <para>
> +<anchor id="pgpassfile"/>
> +<indexterm>
> + <primary>password</primary>
> + <secondary>.pgpass</secondary>
> +</indexterm>
>  <filename>$HOME/.pgpass</filename> is a file that can contain passwords
>  to be used if the connection requires a password. This file should have the
>  format:
> @@ -2144,6 +2150,11 @@
>  Entries with <literal>:</literal> or <literal>\</literal> should be escaped
>  with <literal>\</literal>.
>  </para>
> +<para>
> +The permissions on <filename>$HOME/.pgpass</filename> must disallow any
> +access to world or group; achieve this by the command
> +<command>chmod 0600 $HOME/.pgaccess</command>.
> +If the permissions are less strict than this, the file will be ignored.
>  </sect1>
>
>  <sect1 id="libpq-threading">

>
> ---------------------------(end of broadcast)---------------------------
> TIP 5: Have you checked our extensive FAQ?
>
> http://www.postgresql.org/users-lounge/docs/faq.html

--
  Bruce Momjian                        |  http://candle.pha.pa.us
  pgman@candle.pha.pa.us               |  (610) 359-1001
  +  If your life is a hard drive,     |  13 Roberts Road
  +  Christ can be your backup.        |  Newtown Square, Pennsylvania 19073