Add --pwfile option to initdb, so that passwords can be set by GUI tools

that aren't able to feed the password to initdb's /dev/tty.

Magnus Hagander

diff --git a/doc/src/sgml/ref/initdb.sgml b/doc/src/sgml/ref/initdb.sgml
index 189a42797787e3068a3027d54249ef97429fbc7f..7cd0e699a987f2d332ebaf9d49f655fcfa9f98aa 100644 (file)
--- a/doc/src/sgml/ref/initdb.sgml
+++ b/doc/src/sgml/ref/initdb.sgml
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/initdb.sgml,v 1.29 2004/03/23 02:47:35 neilc Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/initdb.sgml,v 1.30 2004/06/24 19:26:54 tgl Exp $
 PostgreSQL documentation
 -->
 
@@ -185,6 +185,16 @@ PostgreSQL documentation
        </para>
       </listitem>
      </varlistentry>
+
+     <varlistentry>
+      <term><option>--pwfile=<replaceable>filename</></option></term>
+      <listitem>
+       <para>
+        Makes <command>initdb</command> read the database superuser's password
+        from a file.  The first line of the file is taken as the password.
+       </para>
+      </listitem>
+     </varlistentry>
     </variablelist>
    </para>
 

diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml
index 59d59a5e6f0b6e00e409755c47c435450078f4f3..ae312e01c37a67e184f8f15976f0d71768f0cf12 100644 (file)
--- a/doc/src/sgml/runtime.sgml
+++ b/doc/src/sgml/runtime.sgml
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.266 2004/06/10 22:26:17 momjian Exp $
+$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.267 2004/06/24 19:26:55 tgl Exp $
 -->
 
 <Chapter Id="runtime">
@@ -121,9 +121,9 @@ postgres$ <userinput>initdb -D /usr/local/pgsql/data</userinput>
    However, while the directory contents are secure, the default
    client authentication setup allows any local user to connect to the
    database and even become the database superuser. If you do not
-   trust other local users, we recommend you use
-   <command>initdb</command>'s <option>-W</option> or
-   <option>--pwprompt</option> option to assign a password to the
+   trust other local users, we recommend you use one of
+   <command>initdb</command>'s <option>-W</option>, <option>--pwprompt</option>
+   or <option>--pwfile</option> option to assign a password to the
    database superuser.<indexterm><primary>password</><secondary>of the
    superuser</></indexterm> After <command>initdb</command>, modify
    the <filename>pg_hba.conf</filename> file to use <literal>md5</> or

diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c
index ab49c02bb2a51029ebd93bedf66e1a7e4fb60899..11bc08ed977b8626d9cf0578247b3feddaeb5854 100644 (file)
--- a/src/bin/initdb/initdb.c
+++ b/src/bin/initdb/initdb.c
@@ -39,7 +39,7 @@
  * Portions Copyright (c) 1994, Regents of the University of California
  * Portions taken from FreeBSD.
  *
- * $PostgreSQL: pgsql/src/bin/initdb/initdb.c,v 1.39 2004/06/21 01:04:44 momjian Exp $
+ * $PostgreSQL: pgsql/src/bin/initdb/initdb.c,v 1.40 2004/06/24 19:26:59 tgl Exp $
  *
  *-------------------------------------------------------------------------
  */
@@ -84,6 +84,7 @@ char     *lc_time = "";
 char      *lc_messages = "";
 char      *username = "";
 bool       pwprompt = false;
+char       *pwfilename = NULL;
 bool       debug = false;
 bool       noclean = false;
 bool       show_setting = false;
@@ -1076,15 +1077,55 @@ get_set_pwd(void)
    char        pwdpath[MAXPGPATH];
    struct stat statbuf;
 
-   pwd1 = simple_prompt("Enter new superuser password: ", 100, false);
-   pwd2 = simple_prompt("Enter it again: ", 100, false);
-   if (strcmp(pwd1, pwd2) != 0)
+   if (pwprompt)
    {
-       fprintf(stderr, _("Passwords didn't match.\n"));
-       exit_nicely();
+       /*
+        * Read password from terminal
+        */
+       pwd1 = simple_prompt("Enter new superuser password: ", 100, false);
+       pwd2 = simple_prompt("Enter it again: ", 100, false);
+       if (strcmp(pwd1, pwd2) != 0)
+       {
+           fprintf(stderr, _("Passwords didn't match.\n"));
+           exit_nicely();
+       }
+       free(pwd2);
    }
-   free(pwd2);
+   else
+   {
+       /*
+        * Read password from file
+        *
+        * Ideally this should insist that the file not be world-readable.
+        * However, this option is mainly intended for use on Windows where
+        * file permissions may not exist at all, so we'll skip the paranoia
+        * for now.
+        */
+       FILE *pwf = fopen(pwfilename,"r");
+       char pwdbuf[MAXPGPATH];
+       int  i;
 
+       if (!pwf)
+       {
+           fprintf(stderr, _("%s: could not open file \"%s\" for reading: %s\n"),
+                   progname, pwfilename, strerror(errno));
+           exit_nicely();
+       }
+       if (!fgets(pwdbuf, sizeof(pwdbuf), pwf))
+       {
+           fprintf(stderr, _("%s: could not read password from file \"%s\": %s\n"),
+                   progname, pwfilename, strerror(errno));
+           exit_nicely();
+       }
+       fclose(pwf);
+
+       i = strlen(pwdbuf);
+       while (i > 0 && (pwdbuf[i-1] == '\r' || pwdbuf[i-1] == '\n'))
+           pwdbuf[--i] = '\0';
+       
+       pwd1 = xstrdup(pwdbuf);
+       
+   }
    printf(_("setting password ... "));
    fflush(stdout);
 
@@ -1737,6 +1778,7 @@ usage(const char *progname)
    printf(_("  --no-locale               equivalent to --locale=C\n"));
    printf(_("  -U, --username=NAME       database superuser name\n"));
    printf(_("  -W, --pwprompt            prompt for a password for the new superuser\n"));
+   printf(_("  --pwfile=filename         read password for the new superuser from file\n"));
    printf(_("  -?, --help                show this help, then exit\n"));
    printf(_("  -V, --version             output version information, then exit\n"));
    printf(_("\nLess commonly used options:\n"));
@@ -1768,6 +1810,7 @@ main(int argc, char *argv[])
        {"lc-messages", required_argument, NULL, 7},
        {"no-locale", no_argument, NULL, 8},
        {"pwprompt", no_argument, NULL, 'W'},
+       {"pwfile", required_argument, NULL, 9},
        {"username", required_argument, NULL, 'U'},
        {"help", no_argument, NULL, '?'},
        {"version", no_argument, NULL, 'V'},
@@ -1857,6 +1900,9 @@ main(int argc, char *argv[])
            case 8:
                locale = "C";
                break;
+           case 9:
+               pwfilename = xstrdup(optarg);
+               break;
            case 's':
                show_setting = true;
                break;
@@ -1882,6 +1928,12 @@ main(int argc, char *argv[])
                progname);
    }
 
+   if (pwprompt && pwfilename)
+   {
+       fprintf(stderr, _("%s: you cannot specify both password prompt and password file\n"), progname);
+       exit(1);
+   }
+
    if (strlen(pg_data) == 0)
    {
        pgdenv = getenv("PGDATA");
@@ -2147,7 +2199,7 @@ main(int argc, char *argv[])
    /* Create the stuff we don't need to use bootstrap mode for */
 
    setup_shadow();
-   if (pwprompt)
+   if (pwprompt || pwfilename)
        get_set_pwd();
 
    unlimit_systables();