Обсуждение: scripting vacuum

Поиск
Список
Период
Сортировка

scripting vacuum

От
Andrew Kelly
Дата:
This seems pretty clear, but I wanted to ask in case I'm missing
something.

Given a pg_hba.conf with the single entry of
    local    all    md5
and the desire to call vacuumdb via cron,

is my only hope of success to use 'expect', or is there a way
pass the pw as an arg to vacuumdb? Or is there maybe a way to identify
specific local users like you can with hosts?
You know, something like
    local:username        all    trust
    local:allotherusers    all    md5

I've aways thought of 'expect' as rather cheesy and would love to
avoid it.

TIA

Andy

Re: scripting vacuum

От
Tom Lane
Дата:
Andrew Kelly <akelly@transparency.org> writes:
> is my only hope of success to use 'expect', or is there a way
> pass the pw as an arg to vacuumdb?

Put the password in the Postgres user's ~/.pgpass file.

> You know, something like
>     local:username        all    trust

If you can't do that then you should consider updating to a more recent
version of Postgres.  But I'd advise against writing it quite that way,
since the above would let anyone on the local machine into your
database --- they just have to claim to be the postgres user via -U.
You might be able to use "ident" authentication safely, though, if your
platform supports it on local connections.

            regards, tom lane

Re: scripting vacuum

От
Andrew Kelly
Дата:
On Wed, 2004-05-05 at 14:26, Tom Lane wrote:
> Andrew Kelly <akelly@transparency.org> writes:
> > is my only hope of success to use 'expect', or is there a way
> > pass the pw as an arg to vacuumdb?
>
> Put the password in the Postgres user's ~/.pgpass file.

That had me excited for a minute, until I found that it's only
available post 7.3.  Unfortunately I'm running 7.2.4 and can't upgrade.

> > You know, something like
> >     local:username        all    trust
>
> If you can't do that then you should consider updating to a more recent
> version of Postgres.

Oh? I wasn't aware that that was even possible.
Wait, lemme guess, it is, but not in my version, right?


> But I'd advise against writing it quite that way,
> since the above would let anyone on the local machine into your
> database --- they just have to claim to be the postgres user via -U.
> You might be able to use "ident" authentication safely, though, if your
> platform supports it on local connections.

Now there's an idea, thanks, Tom.

Andy