postgresql's 502.pgsql periodic script and passwords

Michael Fuhr mike at
Tue Jan 30 01:32:55 UTC 2007

On Mon, Jan 29, 2007 at 09:23:52AM -0500, Bill Moran wrote:
> In response to George Hartzell <hartzell at>:
> > I've "solved" the problem by creating a ~pgsql/.pgpass file with the
> > pgsql users password.
> > 
> > Is there a better way?
> Depends.  Do you allow untrusted users to log in to that machine?  If
> so, then you've probably got the best approach.  Make sure that .pgpass
> file is chmoded 600

Another possibility would be to use the "ident" method over a local
(i.e., Unix-domain) socket.  You'd be authenticating via SO_PEERCRED;
no .pgpass file would be necessary.

Michael Fuhr

More information about the freebsd-ports mailing list