Opened 15 years ago

Closed 15 years ago

Last modified 12 years ago

#10063 closed (fixed)

postgres dbshell asks for password even though I have .pgpass

Reported by: walter+django@… Owned by: nobody
Component: Core (Management commands) Version: dev
Severity: Keywords: dbshell postgres psql password
Cc: Carl Meyer Triage Stage: Accepted
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

When running manage.py dbshell for a postgresql, one has to enter ones password for psql even when you have a proper .pgpass file set up.

For mysql, the password is supplied on the command line, for psql it is not.

According to this ticket here ( http://code.djangoproject.com/ticket/7554 ) the reason is that psql does not allow the password to be supplied on the command line. That conclusion is wrong as you can see in the attached patch (
django_psql_pass_nonsolution.patch ).

Unfortunately however, psql does not zero out it's command line arguments like mysql does. Therefore I do not recommend the patch. I do however recommend the first part ( django_psql_pass_fix.patch ) that removes the -W option. According to the psql manual, using the -W option is never necessary, and in this case it disables the .pgpass functionality.

"""This option is never essential, since psql will automatically
prompt for a password if the server demands password authenti‐
cation. However, psql will waste a connection attempt finding
out that the server wants a password. In some cases it is
worth typing -W to avoid the extra connection attempt.""" (psql manual)

(P.S. Actually, supplying the password in the mysql case is also a security risk, as the password argument can be captured if the attacker is quick enough. But that's a different discussion.)

Attachments (2)

django_psql_pass_nonsolution.patch (874 bytes ) - added by walter+django@… 15 years ago.
auto-enter postgres password for dbshell
django_psql_pass_fix.patch (585 bytes ) - added by walter+django@… 15 years ago.
do not ask for postgres dbshell password when not necessary

Download all attachments as: .zip

Change History (8)

by walter+django@…, 15 years ago

auto-enter postgres password for dbshell

by walter+django@…, 15 years ago

Attachment: django_psql_pass_fix.patch added

do not ask for postgres dbshell password when not necessary

comment:1 by Carl Meyer, 15 years ago

Cc: carl@… added

comment:2 by Carl Meyer, 15 years ago

Cc: Carl Meyer added; carl@… removed

comment:3 by Jacob, 15 years ago

milestone: 1.1
Triage Stage: UnreviewedAccepted

comment:4 by Jacob, 15 years ago

Resolution: fixed
Status: newclosed

(In [10360]) Fixed #10063: stop passing the -W flag to psql since it isn't needed and interferes with .pgpass. Thanks, Walter.

comment:5 by Jacob, 15 years ago

(In [10361]) [1.0.X] Fixed #10063: stop passing the -W flag to psql since it isn't needed and interferes with .pgpass. Thanks, Walter. Backport of r10360 from trunk.

comment:6 by Jacob, 12 years ago

milestone: 1.1

Milestone 1.1 deleted

Note: See TracTickets for help on using tickets.
Back to Top