Le Tuesday 29 March 2005 00:40, vous avez écrit : > The typical way to do this is to use .pgpass in the user's home > directory. Does that help?
Yes it help, but: - please notice the issue about ps into the README - the .pgpass doesn't work on my configuration: [EMAIL PROTECTED] pgsql]$ pg_autovacuum [2005-03-29 04:47:32 CEST] ERROR: Failed connection to database template1 with error: fe_sendauth: no password supplied . [2005-03-29 04:47:32 CEST] ERROR: Failed connection to database template1 with error: fe_sendauth: no password supplied . [2005-03-29 04:47:32 CEST] ERROR: Cannot connect to template1, exiting. When permission are bad on .pgpass (other than 600), it complain, but failed to connect on my server. Notice I have seting up access to 'password' to all connection in my pg_hba.conf. psql... work fine and the password in .pgpass is ok. Maybe I will workaround by setting postgres user access as 'trust' for local connection only, but I have to reread the doc before :). > > --------------------------------------------------------------------------- > > Olivier Thauvin wrote: > > The following bug has been logged online: > > > > Bug reference: 1567 > > Logged by: Olivier Thauvin > > Email address: [EMAIL PROTECTED] > > PostgreSQL version: 8.0.1 > > Operating system: Linux (Mandrake cooker) > > Description: can't hide password with pg_autovacuum > > Details: > > > > I found an security with pg_autovacuum :( > > After looking the README and --help, it seems there is no way to start it > > with a configuration file. > > > > This is not a problem except when the database is password protected, so > > you have to use -P option to get it started (no prompt excpet I missed > > something). > > > > The potential issue come from ps, the password is show in clear: > > > > nanardon 28664 0.4 0.0 3644 1384 ? Ss 04:05 0:00 > > pg_autovacuum -D -s rpm2sql -PXXXXXX > > > > XXXXXX is my password in clear (hidden here of course). > > As you can see, there is enought information here for someone having an > > account on the host to connect to DB with admin privileges on the DB (not > > as postgres user of course, but only the owner of the db can vacuum). > > > > Solution: > > - change the command line after start like some ftp client does > > - having the possiblility to read password from a file > > - taking password from envirronment variable (AUTOVACUUM_PASS=pass > > pg_autovacuum...) > > > > If I have any time, I will try to provide a patch, but my knowledge in C > > are too poor to ensure quality :( > > > > ---------------------------(end of broadcast)--------------------------- > > TIP 9: the planner will ignore your desire to choose an index scan if > > your joining column's datatypes do not match
pgpNreZhNZ2wB.pgp
Description: PGP signature
