id	summary	reporter	owner	description	type	status	component	version	severity	resolution	keywords	cc	stage	has_patch	needs_docs	needs_tests	needs_better_patch	easy	ui_ux
10063	postgres dbshell asks for password even though I have .pgpass	walter+django@…	nobody	"When running manage.py dbshell for a postgresql, one has to enter ones password for psql even when you have a proper .pgpass file set up.

For mysql, the password is supplied on the command line, for psql it is not.

According to this ticket here ( http://code.djangoproject.com/ticket/7554 ) the reason is that psql does not allow the password to be supplied on the command line. That conclusion is wrong as you can see in the attached patch ( 
django_psql_pass_nonsolution.patch ). 

Unfortunately however, psql does not zero out it's command line arguments like mysql does. Therefore I do not recommend the patch. I do however recommend the first part ( django_psql_pass_fix.patch ) that removes the -W option. According to the psql manual, using the -W option is never necessary, and in this case it disables the .pgpass functionality.

""""""This  option is never essential, since psql will automatically
prompt for a password if the server demands password authenti‐
cation.  However, psql will waste a connection attempt finding
out that the server wants a password.  In  some  cases  it  is
worth typing -W to avoid the extra connection attempt."""""" (psql manual)


(P.S. Actually, supplying the password in the mysql case is also a security risk, as the password argument can be captured if the attacker is quick enough. But that's a different discussion.)"		closed	Core (Management commands)	dev		fixed	dbshell postgres psql password	Carl Meyer	Accepted	1	0	0	0	0	0