Context Navigation

← Previous Ticket
Next Ticket →

#2628 new defect

db.login does not ask for password as PostgreSQL database driver manual page says

Reported by:	wenzeslaus	Owned by:	grass-dev@…
Priority:	normal	Milestone:	7.2.4
Component:	Database	Version:	svn-trunk
Keywords:	db.login, postgres	Cc:
CPU:	Unspecified	Platform:	Linux

Description

The PostgreSQL DATABASE DRIVER manual page (http://grass.osgeo.org/grass70/manuals/grass-pg.html) says:

# example for connecting to a PostgreSQL server:
db.connect driver=pg database="host=myserver.osgeo.org,dbname=mydb"
# password is asked interactively if not specified:
db.login user=myname [pass=secret]
db.connect -p
db.tables -p

I noticed:

# password is asked interactively if not specified:

So I tried:

db.login user=docker

But then I got:

> db.connect -p
driver: pg
database: host=localhost,port=25432,dbname=gis
schema: 
group: 
> db.tables -p
DBMI-PostgreSQL driver error:
Connection failed.
fe_sendauth: no password supplied

DBMI-PostgreSQL driver error:
Connection failed.
fe_sendauth: no password supplied

I was not prompted for the password at any point. So it seems that either the manual page is wrong or db.connect does not work as expected.

I think that I actually got the db.tables error message ("no password supplied") twice as presented above.

Setting the password in command line works (but of course exposes the password in the bash history file).

I don't think this is related to #2626 or #2627. I don't know if it is related to #1951.

By the way, PostgreSQL DATABASE DRIVER title should be probably changed to PostgreSQL database driver (better typography, no reason for all uppercase).

Change History (8)

comment:1 by martinl, 10 years ago

Keywords:	db.login added

in reply to: description comment:2 by neteler, 10 years ago

Replying to wenzeslaus: ...

I was not prompted for the password at any point. So it seems that either the manual page is wrong or db.connect does not work as expected.

The interactive password prompting was removed in r32551. See also comment:6:ticket:1951

I think that I actually got the db.tables error message ("no password supplied") twice as presented above.

Setting the password in command line works (but of course exposes the password in the bash history file).

... a major security flaw.

I don't think this is related to #2626 or #2627. I don't know if it is related to #1951.

By the way, PostgreSQL DATABASE DRIVER title should be probably changed to PostgreSQL database driver (better typography, no reason for all uppercase).

(Not sure where that is but please just fix it).

BTW: see also #2147

comment:3 by neteler, 9 years ago

Milestone:	7.1.0 → 7.2.0

Milestone renamed

comment:4 by neteler, 8 years ago

Milestone:	7.2.0 → 7.2.1

Ticket retargeted after milestone closed

comment:5 by martinl, 8 years ago

Milestone:	7.2.1 → 7.2.2

comment:6 by neteler, 7 years ago

Milestone:	7.2.2 → 7.2.3

Ticket retargeted after milestone closed

comment:7 by martinl, 7 years ago

Milestone:	7.2.3

Ticket retargeted after milestone closed

comment:8 by martinl, 7 years ago

Milestone:	→ 7.2.4

Note: See TracTickets for help on using tickets.

Download in other formats: