On Fri, Aug 26, 2022 at 10:43:43AM +0200, Drouvot, Bertrand wrote: > During the work in [1] we created a new TAP test to test the SYSTEM_USER > behavior with peer authentication. > > It turns out that there is currently no TAP test for the peer > authentication, so we think (thanks Michael for the suggestion [2]) that > it's better to split the work in [1] between "pure" SYSTEM_USER related work > and the "pure" peer authentication TAP test work. > > That's the reason of this new thread, please find attached a patch to add a > new TAP test for the peer authentication.
+# Get the session_user to define the user name map test.
+my $session_user =
+ $node->safe_psql('postgres', 'select session_user');
[...]
+# Define a user name map.
+$node->append_conf('pg_ident.conf', qq{mypeermap $session_user
testmap$session_user});
+
+# Set pg_hba.conf with the peer authentication and the user name map.
+reset_pg_hba($node, 'peer map=mypeermap');
A map consists of a "MAPNAME SYSTEM_USER PG_USER". Why does this test
use a Postgres role (from session_user) as the system user for the
peer map?
--
Michael
signature.asc
Description: PGP signature
