Обсуждение: Error connecting for first connect upon pgAdmin start (with solution)
Small bug + solution pgAdmin III 1.12.0 PostgreSQL 9.0 Ubuntu Linux 10.04 installed completely from Martin Pitt's PPA https://launchpad.net/~pitti/+archive/postgresql, but also reproducible with original Ubuntu repositories (PostgreSQL 8.4, pgAdmin III 1.10.2) Scenario: 1) start pgAdmin from console: $ pgadmin3 2) warning appears on console: WARNING: password file "/home/mase/.pgpass" has group or world access; permissions should be u=rw (0600) or less 3) now try to connect some server by double-clicking server node in tree, error window appears and server is not connected: An error has occurred: Error connecting to the server: fe_sendauth:no password supplied 4) subsequent tries works, until pgAdmin close Solution: When I change permissions for .pgpass file as warning suggested, connection error for first connect upon pgAdmin start disappears and everything works like a charm. It looks like there is some lack in reading passwords from .pgpass when warning is shown. Keep up good work, guys! Martin Schayna
Re: Error connecting for first connect upon pgAdmin start (with solution)
От
Guillaume Lelarge
Дата:
Le 03/03/2011 17:12, Martin Schayna a écrit : > Small bug + solution > > pgAdmin III 1.12.0 > PostgreSQL 9.0 > Ubuntu Linux 10.04 > installed completely from Martin Pitt's PPA > https://launchpad.net/~pitti/+archive/postgresql, but also > reproducible with original Ubuntu repositories (PostgreSQL 8.4, > pgAdmin III 1.10.2) > > Scenario: > > 1) start pgAdmin from console: $ pgadmin3 > 2) warning appears on console: > WARNING: password file "/home/mase/.pgpass" has group or world > access; permissions should be u=rw (0600) or less This is right. libpq doesn't want to use .pgpass if its permissions are higher than 600. > 3) now try to connect some server by double-clicking server node in > tree, error window appears and server is not connected: > An error has occurred: > Error connecting to the server: fe_sendauth: no password supplied Another server? or the same one? If the same one, it's quite right too. It cannot use the .pgpass file, so it cannot send a password, and you can't connect. > 4) subsequent tries works, until pgAdmin close Define works? > Solution: > > When I change permissions for .pgpass file as warning suggested, > connection error for first connect upon pgAdmin start disappears and > everything works like a charm. It looks like there is some lack in > reading passwords from .pgpass when warning is shown. > You need to have 600 permissions flags to be able to use the .pgpass file. This is a good thing that the libpq does for your security. > Keep up good work, guys! Thanks. -- Guillaumehttp://www.postgresql.frhttp://dalibo.com
Thanks, I understand and have some proposal, see bellow. On Sat, Mar 5, 2011 at 8:38 PM, Guillaume Lelarge <guillaume@lelarge.info> wrote: > Le 03/03/2011 17:12, Martin Schayna a écrit : >> Small bug + solution >> >> pgAdmin III 1.12.0 >> PostgreSQL 9.0 >> Ubuntu Linux 10.04 >> installed completely from Martin Pitt's PPA >> https://launchpad.net/~pitti/+archive/postgresql, but also >> reproducible with original Ubuntu repositories (PostgreSQL 8.4, >> pgAdmin III 1.10.2) >> >> Scenario: >> >> 1) start pgAdmin from console: $ pgadmin3 >> 2) warning appears on console: >> WARNING: password file "/home/mase/.pgpass" has group or world >> access; permissions should be u=rw (0600) or less > > This is right. libpq doesn't want to use .pgpass if its permissions are > higher than 600. Hmm... but this warning is visible only for users who run pgAdmin from console. Most users run pgAdmin from icon, so warning is invisible for them, misleading error message appears and they realize that saving passwords does not functional. All my colleagues were trapped :-) Luckily I run pgAdmin from console... >> 3) now try to connect some server by double-clicking server node in >> tree, error window appears and server is not connected: >> An error has occurred: >> Error connecting to the server: fe_sendauth: no password supplied > > Another server? or the same one? > If the same one, it's quite right too. It cannot use the .pgpass file, > so it cannot send a password, and you can't connect. Same server, I have only "localhost" server defined in pgAdmin. >> 4) subsequent tries works, until pgAdmin close > > Define works? First connect is unsuccessful, the next one shows login dialog (regardless of whether the password has been saved in .pgpass or not), given password is saved into .pgpass (if checkbox for it in login dialog is checked). After disconnect all subsequent connects are successful without login dialog prompt until pgAdmin is closed. >> Solution: >> >> When I change permissions for .pgpass file as warning suggested, >> connection error for first connect upon pgAdmin start disappears and >> everything works like a charm. It looks like there is some lack in >> reading passwords from .pgpass when warning is shown. >> > > You need to have 600 permissions flags to be able to use the .pgpass > file. This is a good thing that the libpq does for your security. OK, now I understand. But first point is still valid: because of that many users realize that saving password is non-functional. Proposal: Maybe, pgAdmin would check permissions on .pgpass and show warning about that into GUI (before libpq refuses it). Martin Schayna >> Keep up good work, guys! > > Thanks. > > > -- > Guillaume > http://www.postgresql.fr > http://dalibo.com >
Martin Schayna <mschayna <at> gmail.com> writes: > Solution: > > When I change permissions for .pgpass file as warning suggested, > connection error for first connect upon pgAdmin start disappears and > everything works like a charm. It looks like there is some lack in > reading passwords from .pgpass when warning is shown. Same problem, but the warning appear at each boot, so I need to change permission each time. I try to change the rc5 script S19postgresql to do it automatically