Opened 10 years ago
Last modified 7 years ago
#2628 new defect
db.login does not ask for password as PostgreSQL database driver manual page says
Reported by: | wenzeslaus | Owned by: | |
---|---|---|---|
Priority: | normal | Milestone: | 7.2.4 |
Component: | Database | Version: | svn-trunk |
Keywords: | db.login, postgres | Cc: | |
CPU: | Unspecified | Platform: | Linux |
Description
The PostgreSQL DATABASE DRIVER manual page (http://grass.osgeo.org/grass70/manuals/grass-pg.html) says:
# example for connecting to a PostgreSQL server: db.connect driver=pg database="host=myserver.osgeo.org,dbname=mydb" # password is asked interactively if not specified: db.login user=myname [pass=secret] db.connect -p db.tables -p
I noticed:
# password is asked interactively if not specified:
So I tried:
db.login user=docker
But then I got:
> db.connect -p driver: pg database: host=localhost,port=25432,dbname=gis schema: group: > db.tables -p DBMI-PostgreSQL driver error: Connection failed. fe_sendauth: no password supplied DBMI-PostgreSQL driver error: Connection failed. fe_sendauth: no password supplied
I was not prompted for the password at any point. So it seems that either the manual page is wrong or db.connect
does not work as expected.
I think that I actually got the db.tables
error message ("no password supplied") twice as presented above.
Setting the password in command line works (but of course exposes the password in the bash history file).
I don't think this is related to #2626 or #2627. I don't know if it is related to #1951.
By the way, PostgreSQL DATABASE DRIVER title should be probably changed to PostgreSQL database driver (better typography, no reason for all uppercase).
Change History (8)
comment:1 by , 10 years ago
Keywords: | db.login added |
---|
comment:2 by , 10 years ago
comment:5 by , 8 years ago
Milestone: | 7.2.1 → 7.2.2 |
---|
comment:8 by , 7 years ago
Milestone: | → 7.2.4 |
---|
Replying to wenzeslaus: ...
The interactive password prompting was removed in r32551. See also comment:6:ticket:1951
... a major security flaw.
(Not sure where that is but please just fix it).
BTW: see also #2147