I figured out how to make the 003_peer.pl tests for \1 less
hacky, and pushed that. Here's a proposed patch for the
documentation side of things, including your suggestion to
make pg_ident.conf.sample match up better.
regards, tom lane
diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index 832b616a7bb..51b95ed04f3 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -1003,8 +1003,9 @@ local db1,db2,@demodbs all md5
the remainder of the field is treated as a regular expression.
(See <xref linkend="posix-syntax-details"/> for details of
<productname>PostgreSQL</productname>'s regular expression syntax.) The regular
- expression can include a single capture, or parenthesized subexpression,
- which can then be referenced in the <replaceable>database-username</replaceable>
+ expression can include a single capture, or parenthesized subexpression.
+ The portion of the system user name that matched the capture can then
+ be referenced in the <replaceable>database-username</replaceable>
field as <literal>\1</literal> (backslash-one). This allows the mapping of
multiple user names in a single line, which is particularly useful for
simple syntax substitutions. For example, these entries
@@ -1022,12 +1023,11 @@ mymap /^(.*)@otherdomain\.com$ guest
<para>
If the <replaceable>database-username</replaceable> field starts with
a slash (<literal>/</literal>), the remainder of the field is treated
- as a regular expression (see <xref linkend="posix-syntax-details"/>
- for details of <productname>PostgreSQL</productname>'s regular
- expression syntax). It is not possible to use <literal>\1</literal>
- to use a capture from regular expression on
- <replaceable>system-username</replaceable> for a regular expression
- on <replaceable>database-username</replaceable>.
+ as a regular expression.
+ When the <replaceable>database-username</replaceable> field is a regular
+ expression, it is not possible to use <literal>\1</literal> within it to
+ refer to a capture from the <replaceable>system-username</replaceable>
+ field.
</para>
<tip>
diff --git a/src/backend/libpq/pg_ident.conf.sample b/src/backend/libpq/pg_ident.conf.sample
index f5225f26cdf..8ee6c0ba315 100644
--- a/src/backend/libpq/pg_ident.conf.sample
+++ b/src/backend/libpq/pg_ident.conf.sample
@@ -13,25 +13,25 @@
# user names to their corresponding PostgreSQL user names. Records
# are of the form:
#
-# MAPNAME SYSTEM-USERNAME PG-USERNAME
+# MAPNAME SYSTEM-USERNAME DATABASE-USERNAME
#
# (The uppercase quantities must be replaced by actual values.)
#
# MAPNAME is the (otherwise freely chosen) map name that was used in
# pg_hba.conf. SYSTEM-USERNAME is the detected user name of the
-# client. PG-USERNAME is the requested PostgreSQL user name. The
-# existence of a record specifies that SYSTEM-USERNAME may connect as
-# PG-USERNAME.
+# client. DATABASE-USERNAME is the requested PostgreSQL user name.
+# The existence of a record specifies that SYSTEM-USERNAME may connect
+# as DATABASE-USERNAME.
#
-# If SYSTEM-USERNAME starts with a slash (/), it will be treated as a
-# regular expression. Optionally this can contain a capture (a
-# parenthesized subexpression). The substring matching the capture
-# will be substituted for \1 (backslash-one) if present in
-# PG-USERNAME.
+# If SYSTEM-USERNAME starts with a slash (/), the rest of it will be
+# treated as a regular expression. Optionally this can contain a capture
+# (a parenthesized subexpression). The substring matching the capture
+# will be substituted for \1 (backslash-one) if that appears in
+# DATABASE-USERNAME.
#
-# PG-USERNAME can be "all", a user name, a group name prefixed with "+", or
-# a regular expression (if it starts with a slash (/)). If it is a regular
-# expression, the substring matching with \1 has no effect.
+# DATABASE-USERNAME can be "all", a user name, a group name prefixed with "+",
+# or a regular expression (if it starts with a slash (/)). If it is a regular
+# expression, no substitution for \1 will occur.
#
# Multiple maps may be specified in this file and used by pg_hba.conf.
#
@@ -69,4 +69,4 @@
# Put your actual configuration here
# ----------------------------------
-# MAPNAME SYSTEM-USERNAME PG-USERNAME
+# MAPNAME SYSTEM-USERNAME DATABASE-USERNAME
