Skip to content

Commit 5e57804

Browse files
NikolaySNikolayS
committed
rename
2 parents 476b3a4 + e81080e commit 5e57804

File tree

1 file changed

+9
-0
lines changed

1 file changed

+9
-0
lines changed

roles/create_user_with_random_password.sql renamed to roles/create_user_with_random_password.psql

Lines changed: 9 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,12 @@
1+
-- When you do "CREATE ROLE ... PASSWORD '...';" manually in psql,
2+
-- password goes to log files, psql/bash history files, AWS logfiles, etc.
3+
-- This is insecure.
4+
-- This interactive script solves this problem.
5+
6+
-- SOLVED: avoid passwords in psql/bash history files
7+
-- TODO: avoid passwords in logfiles (idea: to use function/select/with to print it
8+
-- just to output, w/o any RAISEs that also throws everything to log).
9+
110
\prompt "Username?" postgres_dba_username
211
\prompt "Superuser? (1 if yes, 0 if no)" postgres_dba_is_superuser
312
\prompt "Login? (1 if yes, 0 if no)" postgres_dba_login

0 commit comments

Comments
 (0)