Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit1b80b6d

Browse files
committed
Add --pwfile option to initdb, so that passwords can be set by GUI tools
that aren't able to feed the password to initdb's /dev/tty.Magnus Hagander
1 parenta061a3f commit1b80b6d

File tree

3 files changed

+75
-13
lines changed

3 files changed

+75
-13
lines changed

‎doc/src/sgml/ref/initdb.sgml

Lines changed: 11 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$PostgreSQL: pgsql/doc/src/sgml/ref/initdb.sgml,v 1.29 2004/03/23 02:47:35 neilc Exp $
2+
$PostgreSQL: pgsql/doc/src/sgml/ref/initdb.sgml,v 1.30 2004/06/24 19:26:54 tgl Exp $
33
PostgreSQL documentation
44
-->
55

@@ -185,6 +185,16 @@ PostgreSQL documentation
185185
</para>
186186
</listitem>
187187
</varlistentry>
188+
189+
<varlistentry>
190+
<term><option>--pwfile=<replaceable>filename</></option></term>
191+
<listitem>
192+
<para>
193+
Makes <command>initdb</command> read the database superuser's password
194+
from a file. The first line of the file is taken as the password.
195+
</para>
196+
</listitem>
197+
</varlistentry>
188198
</variablelist>
189199
</para>
190200

‎doc/src/sgml/runtime.sgml

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
11
<!--
2-
$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.266 2004/06/10 22:26:17 momjian Exp $
2+
$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.267 2004/06/24 19:26:55 tgl Exp $
33
-->
44

55
<Chapter Id="runtime">
@@ -121,9 +121,9 @@ postgres$ <userinput>initdb -D /usr/local/pgsql/data</userinput>
121121
However, while the directory contents are secure, the default
122122
client authentication setup allows any local user to connect to the
123123
database and even become the database superuser. If you do not
124-
trust other local users, we recommend you use
125-
<command>initdb</command>'s <option>-W</option> or
126-
<option>--pwprompt</option> option to assign a password to the
124+
trust other local users, we recommend you use one of
125+
<command>initdb</command>'s <option>-W</option>, <option>--pwprompt</option>
126+
or<option>--pwfile</option> option to assign a password to the
127127
database superuser.<indexterm><primary>password</><secondary>of the
128128
superuser</></indexterm> After <command>initdb</command>, modify
129129
the <filename>pg_hba.conf</filename> file to use <literal>md5</> or

‎src/bin/initdb/initdb.c

Lines changed: 60 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -39,7 +39,7 @@
3939
* Portions Copyright (c) 1994, Regents of the University of California
4040
* Portions taken from FreeBSD.
4141
*
42-
* $PostgreSQL: pgsql/src/bin/initdb/initdb.c,v 1.39 2004/06/21 01:04:44 momjian Exp $
42+
* $PostgreSQL: pgsql/src/bin/initdb/initdb.c,v 1.40 2004/06/24 19:26:59 tgl Exp $
4343
*
4444
*-------------------------------------------------------------------------
4545
*/
@@ -84,6 +84,7 @@ char *lc_time = "";
8484
char*lc_messages="";
8585
char*username="";
8686
boolpwprompt= false;
87+
char*pwfilename=NULL;
8788
booldebug= false;
8889
boolnoclean= false;
8990
boolshow_setting= false;
@@ -1076,15 +1077,55 @@ get_set_pwd(void)
10761077
charpwdpath[MAXPGPATH];
10771078
structstatstatbuf;
10781079

1079-
pwd1=simple_prompt("Enter new superuser password: ",100, false);
1080-
pwd2=simple_prompt("Enter it again: ",100, false);
1081-
if (strcmp(pwd1,pwd2)!=0)
1080+
if (pwprompt)
10821081
{
1083-
fprintf(stderr,_("Passwords didn't match.\n"));
1084-
exit_nicely();
1082+
/*
1083+
* Read password from terminal
1084+
*/
1085+
pwd1=simple_prompt("Enter new superuser password: ",100, false);
1086+
pwd2=simple_prompt("Enter it again: ",100, false);
1087+
if (strcmp(pwd1,pwd2)!=0)
1088+
{
1089+
fprintf(stderr,_("Passwords didn't match.\n"));
1090+
exit_nicely();
1091+
}
1092+
free(pwd2);
10851093
}
1086-
free(pwd2);
1094+
else
1095+
{
1096+
/*
1097+
* Read password from file
1098+
*
1099+
* Ideally this should insist that the file not be world-readable.
1100+
* However, this option is mainly intended for use on Windows where
1101+
* file permissions may not exist at all, so we'll skip the paranoia
1102+
* for now.
1103+
*/
1104+
FILE*pwf=fopen(pwfilename,"r");
1105+
charpwdbuf[MAXPGPATH];
1106+
inti;
10871107

1108+
if (!pwf)
1109+
{
1110+
fprintf(stderr,_("%s: could not open file \"%s\" for reading: %s\n"),
1111+
progname,pwfilename,strerror(errno));
1112+
exit_nicely();
1113+
}
1114+
if (!fgets(pwdbuf,sizeof(pwdbuf),pwf))
1115+
{
1116+
fprintf(stderr,_("%s: could not read password from file \"%s\": %s\n"),
1117+
progname,pwfilename,strerror(errno));
1118+
exit_nicely();
1119+
}
1120+
fclose(pwf);
1121+
1122+
i=strlen(pwdbuf);
1123+
while (i>0&& (pwdbuf[i-1]=='\r'||pwdbuf[i-1]=='\n'))
1124+
pwdbuf[--i]='\0';
1125+
1126+
pwd1=xstrdup(pwdbuf);
1127+
1128+
}
10881129
printf(_("setting password ... "));
10891130
fflush(stdout);
10901131

@@ -1737,6 +1778,7 @@ usage(const char *progname)
17371778
printf(_(" --no-locale equivalent to --locale=C\n"));
17381779
printf(_(" -U, --username=NAME database superuser name\n"));
17391780
printf(_(" -W, --pwprompt prompt for a password for the new superuser\n"));
1781+
printf(_(" --pwfile=filename read password for the new superuser from file\n"));
17401782
printf(_(" -?, --help show this help, then exit\n"));
17411783
printf(_(" -V, --version output version information, then exit\n"));
17421784
printf(_("\nLess commonly used options:\n"));
@@ -1768,6 +1810,7 @@ main(int argc, char *argv[])
17681810
{"lc-messages",required_argument,NULL,7},
17691811
{"no-locale",no_argument,NULL,8},
17701812
{"pwprompt",no_argument,NULL,'W'},
1813+
{"pwfile",required_argument,NULL,9},
17711814
{"username",required_argument,NULL,'U'},
17721815
{"help",no_argument,NULL,'?'},
17731816
{"version",no_argument,NULL,'V'},
@@ -1857,6 +1900,9 @@ main(int argc, char *argv[])
18571900
case8:
18581901
locale="C";
18591902
break;
1903+
case9:
1904+
pwfilename=xstrdup(optarg);
1905+
break;
18601906
case's':
18611907
show_setting= true;
18621908
break;
@@ -1882,6 +1928,12 @@ main(int argc, char *argv[])
18821928
progname);
18831929
}
18841930

1931+
if (pwprompt&&pwfilename)
1932+
{
1933+
fprintf(stderr,_("%s: you cannot specify both password prompt and password file\n"),progname);
1934+
exit(1);
1935+
}
1936+
18851937
if (strlen(pg_data)==0)
18861938
{
18871939
pgdenv=getenv("PGDATA");
@@ -2147,7 +2199,7 @@ main(int argc, char *argv[])
21472199
/* Create the stuff we don't need to use bootstrap mode for */
21482200

21492201
setup_shadow();
2150-
if (pwprompt)
2202+
if (pwprompt||pwfilename)
21512203
get_set_pwd();
21522204

21532205
unlimit_systables();

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp