Re: BUG #8139: initdb: Misleading error message when current user not in /etc/passwd

On Fri, Mar 28, 2014 at 10:33:48AM -0400, Bruce Momjian wrote:
> On Fri, Mar 28, 2014 at 10:31:06AM -0400, Tom Lane wrote:
> > Christoph Berg <cb@df7cb.de> writes:
> > > the quoted code bit above in src/backend/libpq/auth.c is utterly
> > > broken: for peer authentication, it uses get_user_name(), which yields
> > > the *server* user name, not the client's. For that reason, peer
> > > authentication in 9.4devel is broken - you can't log in with your user
> > > name, but you can just say -U postgres (or what the initdb user was),
> > > and it will let you in.
> >
> > > The attached patch reverts the src/backend/libpq/auth.c portion of
> > > 613c6d26bd42dd8c2dd0664315be9551475b8864 and fixes peer auth.
> >
> > Applied, thanks!
>
> I guess I should have said I was working on an updated patch.  I will
> merge my changes in.

I have applied the attached patch to make the code more closely match
what is done in src/common/username.c, particularly to display the errno
string on failure.

Christoph, thanks so much for finding this error now, rather than later.

I looked over the original patch that introduced this bug and
auth_peer() is the only place where we were passing in a user id, rather
than passing geteuid() directly to getpwuid, e.g.:

    getpwuid(geteuid())

I think we are good now.  My apologies for introducing this bug.

--
  Bruce Momjian  <bruce@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + Everyone has their own god. +