mirror of
https://git.postgresql.org/git/postgresql.git
synced 2025-01-30 19:00:29 +08:00
Reformat the comments in pg_hba.conf and pg_ident.conf
These files have apparently been edited over the years by a dozen people with as many different editor settings, which made the alignment of the paragraphs quite inconsistent and ugly. I made a pass of M-q with Emacs to straighten it out.
This commit is contained in:
Peter Eisentraut
parent
fd7673bc4e
commit
525d2cbba2
@ -1,9 +1,9 @@
|
||||
# PostgreSQL Client Authentication Configuration File
|
||||
# ===================================================
|
||||
#
|
||||
# Refer to the "Client Authentication" section in the
|
||||
# PostgreSQL documentation for a complete description
|
||||
# of this file. A short synopsis follows.
|
||||
# Refer to the "Client Authentication" section in the PostgreSQL
|
||||
# documentation for a complete description of this file. A short
|
||||
# synopsis follows.
|
||||
#
|
||||
# This file controls: which hosts are allowed to connect, how clients
|
||||
# are authenticated, which PostgreSQL user names they can use, which
|
||||
@ -16,54 +16,57 @@
|
||||
#
|
||||
# (The uppercase items must be replaced by actual values.)
|
||||
#
|
||||
# The first field is the connection type: "local" is a Unix-domain socket,
|
||||
# "host" is either a plain or SSL-encrypted TCP/IP socket, "hostssl" is an
|
||||
# SSL-encrypted TCP/IP socket, and "hostnossl" is a plain TCP/IP socket.
|
||||
# The first field is the connection type: "local" is a Unix-domain
|
||||
# socket, "host" is either a plain or SSL-encrypted TCP/IP socket,
|
||||
# "hostssl" is an SSL-encrypted TCP/IP socket, and "hostnossl" is a
|
||||
# plain TCP/IP socket.
|
||||
#
|
||||
# DATABASE can be "all", "sameuser", "samerole", "replication",
|
||||
# a database name, or a comma-separated list thereof.
|
||||
# DATABASE can be "all", "sameuser", "samerole", "replication", a
|
||||
# database name, or a comma-separated list thereof.
|
||||
#
|
||||
# USER can be "all", a user name, a group name prefixed with "+", or
|
||||
# a comma-separated list thereof. In both the DATABASE and USER fields
|
||||
# you can also write a file name prefixed with "@" to include names from
|
||||
# a separate file.
|
||||
# USER can be "all", a user name, a group name prefixed with "+", or a
|
||||
# comma-separated list thereof. In both the DATABASE and USER fields
|
||||
# you can also write a file name prefixed with "@" to include names
|
||||
# from a separate file.
|
||||
#
|
||||
# CIDR-ADDRESS specifies the set of hosts the record matches.
|
||||
# It is made up of an IP address and a CIDR mask that is an integer
|
||||
# (between 0 and 32 (IPv4) or 128 (IPv6) inclusive) that specifies
|
||||
# the number of significant bits in the mask. Alternatively, you can write
|
||||
# an IP address and netmask in separate columns to specify the set of hosts.
|
||||
# Instead of a CIDR-address, you can write "samehost" to match any of the
|
||||
# server's own IP addresses, or "samenet" to match any address in any subnet
|
||||
# that the server is directly connected to.
|
||||
# CIDR-ADDRESS specifies the set of hosts the record matches. It is
|
||||
# made up of an IP address and a CIDR mask that is an integer (between
|
||||
# 0 and 32 (IPv4) or 128 (IPv6) inclusive) that specifies the number
|
||||
# of significant bits in the mask. Alternatively, you can write an IP
|
||||
# address and netmask in separate columns to specify the set of hosts.
|
||||
# Instead of a CIDR-address, you can write "samehost" to match any of
|
||||
# the server's own IP addresses, or "samenet" to match any address in
|
||||
# any subnet that the server is directly connected to.
|
||||
#
|
||||
# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi", "krb5",
|
||||
# "ident", "pam", "ldap" or "cert". Note that "password" sends passwords
|
||||
# in clear text; "md5" is preferred since it sends encrypted passwords.
|
||||
# METHOD can be "trust", "reject", "md5", "password", "gss", "sspi",
|
||||
# "krb5", "ident", "pam", "ldap" or "cert". Note that "password"
|
||||
# sends passwords in clear text; "md5" is preferred since it sends
|
||||
# encrypted passwords.
|
||||
#
|
||||
# OPTIONS are a set of options for the authentication in the format
|
||||
# NAME=VALUE. The available options depend on the different authentication
|
||||
# methods - refer to the "Client Authentication" section in the documentation
|
||||
# for a list of which options are available for which authentication methods.
|
||||
# NAME=VALUE. The available options depend on the different
|
||||
# authentication methods -- refer to the "Client Authentication"
|
||||
# section in the documentation for a list of which options are
|
||||
# available for which authentication methods.
|
||||
#
|
||||
# Database and user names containing spaces, commas, quotes and other special
|
||||
# characters must be quoted. Quoting one of the keywords "all", "sameuser",
|
||||
# "samerole" or "replication" makes the name lose its special character,
|
||||
# and just match a database or username with that name.
|
||||
# Database and user names containing spaces, commas, quotes and other
|
||||
# special characters must be quoted. Quoting one of the keywords
|
||||
# "all", "sameuser", "samerole" or "replication" makes the name lose
|
||||
# its special character, and just match a database or username with
|
||||
# that name.
|
||||
#
|
||||
# This file is read on server startup and when the postmaster receives
|
||||
# a SIGHUP signal. If you edit the file on a running system, you have
|
||||
# to SIGHUP the postmaster for the changes to take effect. You can use
|
||||
# "pg_ctl reload" to do that.
|
||||
# to SIGHUP the postmaster for the changes to take effect. You can
|
||||
# use "pg_ctl reload" to do that.
|
||||
|
||||
# Put your actual configuration here
|
||||
# ----------------------------------
|
||||
#
|
||||
# If you want to allow non-local connections, you need to add more
|
||||
# "host" records. In that case you will also need to make PostgreSQL listen
|
||||
# on a non-local interface via the listen_addresses configuration parameter,
|
||||
# or via the -i or -h command line switches.
|
||||
#
|
||||
# "host" records. In that case you will also need to make PostgreSQL
|
||||
# listen on a non-local interface via the listen_addresses
|
||||
# configuration parameter, or via the -i or -h command line switches.
|
||||
|
||||
@authcomment@
|
||||
|
||||
|
||||
@ -1,12 +1,13 @@
|
||||
# PostgreSQL User Name Maps
|
||||
# =========================
|
||||
#
|
||||
# Refer to the PostgreSQL Administrator's Guide, chapter "Client
|
||||
# Authentication" for a complete description. A short synopsis follows.
|
||||
# Refer to the PostgreSQL documentation, chapter "Client
|
||||
# Authentication" for a complete description. A short synopsis
|
||||
# follows.
|
||||
#
|
||||
# This file controls PostgreSQL username mapping. It maps
|
||||
# external user names to their corresponding
|
||||
# PostgreSQL user names. Records are of the form:
|
||||
# This file controls PostgreSQL user name mapping. It maps external
|
||||
# user names to their corresponding PostgreSQL user names. Records
|
||||
# are of the form:
|
||||
#
|
||||
# MAPNAME SYSTEM-USERNAME PG-USERNAME
|
||||
#
|
||||
@ -18,21 +19,22 @@
|
||||
# existence of a record specifies that SYSTEM-USERNAME may connect as
|
||||
# PG-USERNAME.
|
||||
#
|
||||
# If SYSTEM-USERNAME starts with a slash (/), it will be treated as
|
||||
# a regular expression. Optionally this can contain a capture (a
|
||||
# If SYSTEM-USERNAME starts with a slash (/), it will be treated as a
|
||||
# regular expression. Optionally this can contain a capture (a
|
||||
# parenthesized subexpression). The substring matching the capture
|
||||
# will be substituted for \1 (backslash-one) if present in PG-USERNAME.
|
||||
# will be substituted for \1 (backslash-one) if present in
|
||||
# PG-USERNAME.
|
||||
#
|
||||
# Multiple maps may be specified in this file and used by pg_hba.conf.
|
||||
#
|
||||
# No map names are defined in the default configuration. If all system
|
||||
# user names and PostgreSQL user names are the same, you don't need
|
||||
# anything in this file.
|
||||
# No map names are defined in the default configuration. If all
|
||||
# system user names and PostgreSQL user names are the same, you don't
|
||||
# need anything in this file.
|
||||
#
|
||||
# This file is read on server startup and when the postmaster receives
|
||||
# a SIGHUP signal. If you edit the file on a running system, you have
|
||||
# to SIGHUP the postmaster for the changes to take effect. You can use
|
||||
# "pg_ctl reload" to do that.
|
||||
# to SIGHUP the postmaster for the changes to take effect. You can
|
||||
# use "pg_ctl reload" to do that.
|
||||
|
||||
# Put your actual configuration here
|
||||
# ----------------------------------
|
||||
|
||||
@ -42,7 +42,7 @@
|
||||
* Portions Copyright (c) 1994, Regents of the University of California
|
||||
* Portions taken from FreeBSD.
|
||||
*
|
||||
* $PostgreSQL: pgsql/src/bin/initdb/initdb.c,v 1.182 2010/01/06 23:23:51 momjian Exp $
|
||||
* $PostgreSQL: pgsql/src/bin/initdb/initdb.c,v 1.183 2010/01/26 06:58:39 petere Exp $
|
||||
*
|
||||
*-------------------------------------------------------------------------
|
||||
*/
|
||||
@ -120,10 +120,10 @@ static int n_buffers = 50;
|
||||
* Warning messages for authentication methods
|
||||
*/
|
||||
#define AUTHTRUST_WARNING \
|
||||
"# CAUTION: Configuring the system for local \"trust\" authentication allows\n" \
|
||||
"# any local user to connect as any PostgreSQL user, including the database\n" \
|
||||
"# superuser. If you do not trust all your local users, use another\n" \
|
||||
"# authentication method.\n"
|
||||
"# CAUTION: Configuring the system for local \"trust\" authentication\n" \
|
||||
"# allows any local user to connect as any PostgreSQL user, including\n" \
|
||||
"# the database superuser. If you do not trust all your local users,\n" \
|
||||
"# use another authentication method.\n"
|
||||
static char *authwarning = NULL;
|
||||
|
||||
/*
|
||||
|
||||
Loading…
Reference in New Issue
Block a user