On Fri, Aug 26, 2022 at 10:43:43AM +0200, Drouvot, Bertrand wrote: > During the work in [1] we created a new TAP test to test the SYSTEM_USER > behavior with peer authentication. > > It turns out that there is currently no TAP test for the peer > authentication, so we think (thanks Michael for the suggestion [2]) that > it's better to split the work in [1] between "pure" SYSTEM_USER related work > and the "pure" peer authentication TAP test work. > > That's the reason of this new thread, please find attached a patch to add a > new TAP test for the peer authentication.
+# Get the session_user to define the user name map test. +my $session_user = + $node->safe_psql('postgres', 'select session_user'); [...] +# Define a user name map. +$node->append_conf('pg_ident.conf', qq{mypeermap $session_user testmap$session_user}); + +# Set pg_hba.conf with the peer authentication and the user name map. +reset_pg_hba($node, 'peer map=mypeermap'); A map consists of a "MAPNAME SYSTEM_USER PG_USER". Why does this test use a Postgres role (from session_user) as the system user for the peer map? -- Michael
signature.asc
Description: PGP signature