On Tue, 2012-07-24 at 17:36 +0400, Dmitriy Igrishin wrote: > Hey Guillaume, > > 2012/7/24 Guillaume Lelarge <guillaume@xxxxxxxxxxxx> > On Tue, 2012-07-24 at 16:41 +0400, Dmitriy Igrishin wrote: > > Hey all, > > > > According to > http://www.postgresql.org/docs/9.2/static/sql-alterrole.html > > > > A query: > > ALTER ROLE davide WITH PASSWORD NULL; > > removes a role's password. > > > > But it's impossible to pass empty (NULL) password to the > backend > > by using libpq, because connectOptions2() defined the > fe-connect.c > > reads a password from the ~/.pgpass even when a password > > specified as an empty string literal (""). > > > > Also, when connecting to the server via psql(1) by using a > role > > with removed password psql exists with status 2 and prints > the error > > message: > > psql: fe_sendauth: no password supplied > > > > > Yes, and? I don't see how this could be a bug. If your > authentication > method asks for a password, you need to have one. > Yes, I need. I just want to have empty password (""). > > If you have resetted > it, well, you shouldn't have. Or you really want that your > users could > connect without a password, and then you need to change your > authentication method with trust. But no-one will encourage > you to do > that. > Why I need to change an auth. method? If I've used a \password command > in psql(1) and specified an empty password for my role I need to ask > a database admin to change an auth. method? :-) Cool! > Please note, psql(1) allow to do it as well as SQL - too. > If your admin sets PostgreSQL so that a password needs to be given while trying to connect, a "simple user" shouldn't be able to bypass that by setting no password for his role. So, yes, if you want to be able to not use a password, you need to change your authentification method. -- Guillaume http://blog.guillaume.lelarge.info http://www.dalibo.com -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
