[#1011073] pgpass support

View Trackers | Feature Requests | Download .csv | Monitor

Date:
2011-08-24 12:37
Priority:
3
State:
Open
Submitted by:
Peter Eisentraut (petere)
Assigned to:
Nobody (None)
Category:
Group:
Summary:
pgpass support

Detailed description
I would like to have something similar to libpq ~/.pgpass support in pgbouncer. In particular, I have the following setup in mind:

pgbouncer.ini

[databases]
foo = dbname=foo host=localhost port=5432

Connections are allowed as any user (subject to userlist.txt), and connections are passed to the backend using the same user as incoming, and the password from .pgpass.

I imagine using the same format as libpq, so the files could be shared. A configuration parameter could set the file like this:

pgpass_file = ~/.pgpass ; uses e.g. postgres home directory
pgpass_file = /etc/pgbouncer/pgpass.txt

If this sounds acceptable, I can see about coding it.

Followup

Message
Date: 2011-08-31 13:33
Sender: Marko Kreen

sounds good. it's better to keep things simple.

only question - do we need to cache it, like userlist?
so the connection establishing is as light as possible?
Date: 2011-08-27 04:13
Sender: Peter Eisentraut

I think it should only be for "outgoing" passwords. It
should not affect auth_file or the userlist.
Date: 2011-08-26 16:37
Sender: Marko Kreen

It's acceptable. Only question is how it should act in relation to auth_file.

- Does it specify also password for incoming clients? Or only password for servers?
- Should it replace the userlist as list of usernames? Kind of attractive, as auth_file was based on pg_auth, which does not exist anymore. But the pattern-based format seems bit wrong fit for that.
- If both auth_file and pgpass contain password, which one should be used for client auth? And for server auth?
- If only one of them contains password, what to do then?

Attached Files:

Changes:

No Changes Have Been Made to This Item

Powered By FusionForge