On 2022-10-29 20:38:07 -0700, David G. Johnston wrote:
> Next, I put an identity mapping in for "mary" in "pg_ident.conf" thus:
>
> # MAPNAME SYSTEM-USERNAME PG-USERNAME
> # ------- --------------- -----------
> bllewell mary mary
>
>
> As has been said numerous times, it is utterly pointless to define a mapping
> like this - you get mary-is-mary for free just by saying peer.
If this is the only line in pg_ident.conf I agree. But identity mappings
do serve a purpose. Consider this excerpt from one of our database
clusters:
localusers hjp hjp
localusers hjp wdsimp
localusers hjp wdsro
localusers hjp wdsacct
It says that I can login as hjp, wdsimp, wdsro and wdsacct without a
password. If the first entry wasn't there I wouldn't be able to log in
as myself.
> It is not possible to make an alias mapping work without specifying "-U" on the
> psql command line. Period. The -U is precisely how you tell the server you
> are using an alias - without it the server expects that the o/s user is logging
> in using their own name as the requested login role.
I think that's not quite correct. The -U option affects which user name
psql uses to connect to the server. It is psql which defaults to the
OS user name in the absence of the -U option (or the PGUSER environment
variable). The server has nothing to do with it.
hp
--
_ | Peter J. Holzer | Story must make more sense than reality.
|_|_) | |
| | | hjp@hjp.at | -- Charles Stross, "Creative writing
__/ | http://www.hjp.at/ | challenge!"