Thread: Password prompting business

Password prompting business

From
Peter Eisentraut
Date:
I was revisiting the issue of how to prevent psql from prompting for a 
password, for batch operations, previously discussion here:

http://www.mail-archive.com/pgsql-bugs@postgresql.org/msg18440.html
http://www.mail-archive.com/pgsql-bugs@postgresql.org/msg20002.html

I noticed that there appear to be remnants of actually supporting that 
in the code that are now nonsense, e.g., in psql/startup.c:

if (PQstatus(pset.db) == CONNECTION_BAD &&    PQconnectionNeedsPassword(pset.db) &&    password == NULL &&
!feof(stdin))
{    PQfinish(pset.db);    password = simple_prompt(password_prompt, 100, false);    new_pass = true;
}

and similarly in scripts/common.c and in pg_dump(all).

The feof(stdin) test is there from a time when the prompt when to stdout 
and the input came from stdin.  Now it would usually not have any effect 
unless the program reads from stdin before connecting to the database, 
which doesn't happen, as far as I can tell.

Unless I'm reading this wrong, we should probably remove this.

Anyway, a way to prevent a password prompt would still be useful.  This 
should then be applicable to all client tools.  I can imagine that we 
either add a command-line option (-w would mirror -W well) or do this 
automatically when stdin and/or stdout is not a terminal.  I'm not sure 
if the latter can be made to work safely, though.


Re: Password prompting business

From
Tom Lane
Date:
Peter Eisentraut <peter_e@gmx.net> writes:
> The feof(stdin) test is there from a time when the prompt when to stdout 
> and the input came from stdin.  Now it would usually not have any effect 
> unless the program reads from stdin before connecting to the database, 
> which doesn't happen, as far as I can tell.

> Unless I'm reading this wrong, we should probably remove this.

+1

> Anyway, a way to prevent a password prompt would still be useful.  This 
> should then be applicable to all client tools.  I can imagine that we 
> either add a command-line option (-w would mirror -W well) or do this 
> automatically when stdin and/or stdout is not a terminal.  I'm not sure 
> if the latter can be made to work safely, though.

The entire point of the current arrangement is that it works when stdin
or stdout is not the terminal (eg, you've got psql in a pipe).  So I
don't think you can make any changes on that basis without breaking more
use-cases than you solve.

Of the two use-cases mentioned in the messages you link to, I don't find
the first one convincing (what is actually wanted there is a "pg_ping"
utility); but the tab-completion-support example does seem like a case
where failure is preferable to issuing a password prompt.  And there is
not really any good way for psql itself to distinguish this from
ordinary pipe cases.  So a -w switch is probably the right answer.
        regards, tom lane