Re: Dumping roles improvements?

Andrew Dunstan wrote:
> 
> 
> On 10/11/2011 12:40 PM, Bruce Momjian wrote:
> > Josh Berkus wrote:
> >> It occurs to me that we could really use two things to make it easier to
> >> move copies of database stuff around:
> >>
> >> pg_dump -r, which would include a CREATE ROLE for all roles needed to
> >> restore the database (probably without passwords), and
> >>
> >> pg_dumpall -r --no-passwords which would dump the roles but without
> >> CREATE PASSWORD statements.  This would be useful for cloning databases
> >> for use in Dev, Test and Staging, where you don't what to copy the md5s
> >> of passwords for possible cracking.
> > What would this do that pg_dumpall --globals-only doesn't?
> >
> 
> As stated, it would not export the passwords.

What is the logic for not dumping passwords but the CREATE ROLE
statement?  I don't see how anyone would recognize that behavior as
logical.  If you want to add a --no-passwords option to pg_dumpall, that
seems more logical to me.

--  Bruce Momjian  <bruce@momjian.us>        http://momjian.us EnterpriseDB
http://enterprisedb.com
 + It's impossible for everything to be true. +