On Thu, Jul 11, 2019 at 09:34:25PM +0200, Julien Rouhaud wrote: > On Tue, Jun 18, 2019 at 10:33 PM Peter Eisentraut > <peter.eisentr...@2ndquadrant.com> wrote: > > > > On 2019-05-23 18:54, Peter Eisentraut wrote: > > > To recap, the idea here was to change the default authentication methods > > > that initdb sets up, in place of "trust". > > > > > > I think the ideal scenario would be to use "peer" for local and some > > > appropriate password method (being discussed elsewhere) for host. > > I'm also personally all for that change. > > > Patch for that attached. > > Patch applies and compiles cleanly, same for documentation. The > change works as intended, so I don't have much to say. > > > Note that with this change, running initdb without arguments will now > > error on those platforms: You need to supply either a password or select > > a different default authentication method. > > Should we make this explicitly stated in the documentation? As a > reference, it's saying: > > The default client authentication setup is such that users can connect > over the Unix-domain socket to the same database user name as their > operating system user names (on operating systems that support this, > which are most modern Unix-like systems, but not Windows)
It turns out that really recent versions of Windows do have it. https://bsmadhu.wordpress.com/2018/08/22/unix-domain-socket-support-in-windows/ Not that this is relevant, or will be, for another couple of years... Best, David. -- David Fetter <david(at)fetter(dot)org> http://fetter.org/ Phone: +1 415 235 3778 Remember to vote! Consider donating to Postgres: http://www.postgresql.org/about/donate
