Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

Commit09f0893

Browse files
committed
initdb: Change authentication defaults
Change the defaults for the pg_hba.conf generated by initdb to "peer"for local (if supported, else "md5") and "md5" for host.(Changing from "md5" to SCRAM is left as a separate exercise.)"peer" is currently not supported on AIX, HP-UX, and Windows. Userson those operating systems will now either have to provide a passwordto initdb or choose a different authentication method when runninginitdb.Reviewed-by: Julien Rouhaud <rjuju123@gmail.com>Discussion:https://www.postgresql.org/message-id/flat/bec17f0a-ddb1-8b95-5e69-368d9d0a3390%40postgresql.org
1 parent1e6a759 commit09f0893

File tree

6 files changed

+41
-46
lines changed

6 files changed

+41
-46
lines changed

‎doc/src/sgml/ref/initdb.sgml

Lines changed: 16 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -136,9 +136,24 @@ PostgreSQL documentation
136136
replication connections.
137137
</para>
138138

139+
<para>
140+
The default is <literal>peer</literal> for Unix-domain socket
141+
connections on operating systems that support it, otherwise
142+
<literal>md5</literal>, and <literal>md5</literal> for TCP/IP
143+
connections.
144+
</para>
145+
146+
<para>
147+
When running <command>initdb</command> on a platform that does not
148+
support <literal>peer</literal> authentication, either a password must
149+
be provided (see <option>-W</option> and other options) or a different
150+
authentication method must be chosen, otherwise
151+
<command>initdb</command> will error.
152+
</para>
153+
139154
<para>
140155
Do not use <literal>trust</literal> unless you trust all local users on your
141-
system. <literal>trust</literal> is the default for ease of installation.
156+
system.
142157
</para>
143158
</listitem>
144159
</varlistentry>

‎doc/src/sgml/runtime.sgml

Lines changed: 9 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -156,24 +156,19 @@ postgres$ <userinput>initdb -D /usr/local/pgsql/data</userinput>
156156
</para>
157157

158158
<para>
159-
However, while the directory contents are secure, the default
160-
client authentication setup allows any local user to connect to the
161-
database and even become the database superuser. If you do not
162-
trust other local users, we recommend you use one of
159+
The default client authentication setup is such that users can connect over
160+
the Unix-domain socket to the same database user name as their operating
161+
system user names (on operating systems that support this, which are most
162+
modern Unix-like systems, but not Windows) and otherwise with a password.
163+
To assign a password to the initial database superuser, use one of
163164
<command>initdb</command>'s <option>-W</option>, <option>--pwprompt</option>
164-
or <option>--pwfile</option> options to assign a password to the
165-
database superuser.<indexterm>
165+
or <option>--pwfile</option> options.<indexterm>
166166
<primary>password</primary>
167167
<secondary>of the superuser</secondary>
168168
</indexterm>
169-
Also, specify <option>-A md5</option> or
170-
<option>-A password</option> so that the default <literal>trust</literal> authentication
171-
mode is not used; or modify the generated <filename>pg_hba.conf</filename>
172-
file after running <command>initdb</command>, but
173-
<emphasis>before</emphasis> you start the server for the first time. (Other
174-
reasonable approaches include using <literal>peer</literal> authentication
175-
or file system permissions to restrict connections. See <xref
176-
linkend="client-authentication"/> for more information.)
169+
This configuration is secure and sufficient to get started. Later, see
170+
<xref linkend="client-authentication"/> for more information about setting
171+
up client authentication.
177172
</para>
178173

179174
<para>

‎doc/src/sgml/standalone-install.xml

Lines changed: 0 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -63,15 +63,6 @@ postgres$ <userinput>/usr/local/pgsql/bin/initdb -D /usr/local/pgsql/data</useri
6363
</para>
6464
</step>
6565

66-
<step>
67-
<para>
68-
At this point, if you did not use the <command>initdb</command> <literal>-A</literal>
69-
option, you might want to modify <filename>pg_hba.conf</filename> to control
70-
local access to the server before you start it. The default is to
71-
trust all local users.
72-
</para>
73-
</step>
74-
7566
<step>
7667
<para>
7768
The previous <command>initdb</command> step should have told you how to

‎src/bin/initdb/initdb.c

Lines changed: 10 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -185,7 +185,6 @@ static const char *default_timezone = NULL;
185185
"# allows any local user to connect as any PostgreSQL user, including\n" \
186186
"# the database superuser. If you do not trust all your local users,\n" \
187187
"# use another authentication method.\n"
188-
staticboolauthwarning= false;
189188

190189
/*
191190
* Centralized knowledge of switches to pass to backend
@@ -2391,16 +2390,6 @@ usage(const char *progname)
23912390
printf(_("\nReport bugs to <pgsql-bugs@lists.postgresql.org>.\n"));
23922391
}
23932392

2394-
staticvoid
2395-
check_authmethod_unspecified(constchar**authmethod)
2396-
{
2397-
if (*authmethod==NULL)
2398-
{
2399-
authwarning= true;
2400-
*authmethod="trust";
2401-
}
2402-
}
2403-
24042393
staticvoid
24052394
check_authmethod_valid(constchar*authmethod,constchar*const*valid_methods,constchar*conntype)
24062395
{
@@ -3248,8 +3237,16 @@ main(int argc, char *argv[])
32483237
exit(1);
32493238
}
32503239

3251-
check_authmethod_unspecified(&authmethodlocal);
3252-
check_authmethod_unspecified(&authmethodhost);
3240+
if (authmethodlocal==NULL)
3241+
{
3242+
#ifdefHAVE_AUTH_PEER
3243+
authmethodlocal="peer";
3244+
#else
3245+
authmethodlocal="md5";
3246+
#endif
3247+
}
3248+
if (authmethodhost==NULL)
3249+
authmethodhost="md5";
32533250

32543251
check_authmethod_valid(authmethodlocal,auth_methods_local,"local");
32553252
check_authmethod_valid(authmethodhost,auth_methods_host,"host");
@@ -3332,14 +3329,6 @@ main(int argc, char *argv[])
33323329
else
33333330
printf(_("\nSync to disk skipped.\nThe data directory might become corrupt if the operating system crashes.\n"));
33343331

3335-
if (authwarning)
3336-
{
3337-
printf("\n");
3338-
pg_log_warning("enabling \"trust\" authentication for local connections");
3339-
fprintf(stderr,_("You can change this by editing pg_hba.conf or using the option -A, or\n"
3340-
"--auth-local and --auth-host, the next time you run initdb.\n"));
3341-
}
3342-
33433332
/*
33443333
* Build up a shell command to tell the user how to start the server
33453334
*/

‎src/include/port.h

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -361,6 +361,11 @@ extern intfls(int mask);
361361
externintgetpeereid(intsock,uid_t*uid,gid_t*gid);
362362
#endif
363363

364+
/* must match src/port/getpeereid.c */
365+
#if defined(HAVE_GETPEEREID)|| defined(SO_PEERCRED)|| defined(LOCAL_PEERCRED)|| defined(HAVE_GETPEERUCRED)
366+
#defineHAVE_AUTH_PEER 1
367+
#endif
368+
364369
#ifndefHAVE_ISINF
365370
externintisinf(doublex);
366371
#else

‎src/test/regress/pg_regress.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2302,7 +2302,7 @@ regression_main(int argc, char *argv[], init_function ifunc, test_function tfunc
23022302
/* initdb */
23032303
header(_("initializing database system"));
23042304
snprintf(buf,sizeof(buf),
2305-
"\"%s%sinitdb\" -D \"%s/data\" --no-clean --no-sync%s%s > \"%s/log/initdb.log\" 2>&1",
2305+
"\"%s%sinitdb\" -D \"%s/data\" -A trust --no-clean --no-sync%s%s > \"%s/log/initdb.log\" 2>&1",
23062306
bindir ?bindir :"",
23072307
bindir ?"/" :"",
23082308
temp_instance,

0 commit comments

Comments
 (0)

[8]ページ先頭

©2009-2025 Movatter.jp