Skip to content

Commit f8ce5de

Browse files
committed
Doc: clarify description of regexp fields in pg_ident.conf.
The grammar was a little shaky and confusing here, so word-smith it a bit. Also, adjust the comments in pg_ident.conf.sample to use the same terminology as the SGML docs, in particular "DATABASE-USERNAME" not "PG-USERNAME". Back-patch appropriate subsets. I did not risk changing pg_ident.conf.sample in released branches, but it still seems OK to change it in v18. Reported-by: Alexey Shishkin <alexey.shishkin@enterprisedb.com> Author: Tom Lane <tgl@sss.pgh.pa.us> Reviewed-by: David G. Johnston <david.g.johnston@gmail.com> Discussion: https://postgr.es/m/175206279327.3157504.12519088928605422253@wrigleys.postgresql.org Backpatch-through: 13
1 parent 0b6dfce commit f8ce5de

File tree

2 files changed

+21
-21
lines changed

2 files changed

+21
-21
lines changed

doc/src/sgml/client-auth.sgml

Lines changed: 8 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -1003,8 +1003,9 @@ local db1,db2,@demodbs all md5
10031003
the remainder of the field is treated as a regular expression.
10041004
(See <xref linkend="posix-syntax-details"/> for details of
10051005
<productname>PostgreSQL</productname>'s regular expression syntax.) The regular
1006-
expression can include a single capture, or parenthesized subexpression,
1007-
which can then be referenced in the <replaceable>database-username</replaceable>
1006+
expression can include a single capture, or parenthesized subexpression.
1007+
The portion of the system user name that matched the capture can then
1008+
be referenced in the <replaceable>database-username</replaceable>
10081009
field as <literal>\1</literal> (backslash-one). This allows the mapping of
10091010
multiple user names in a single line, which is particularly useful for
10101011
simple syntax substitutions. For example, these entries
@@ -1022,12 +1023,11 @@ mymap /^(.*)@otherdomain\.com$ guest
10221023
<para>
10231024
If the <replaceable>database-username</replaceable> field starts with
10241025
a slash (<literal>/</literal>), the remainder of the field is treated
1025-
as a regular expression (see <xref linkend="posix-syntax-details"/>
1026-
for details of <productname>PostgreSQL</productname>'s regular
1027-
expression syntax). It is not possible to use <literal>\1</literal>
1028-
to use a capture from regular expression on
1029-
<replaceable>system-username</replaceable> for a regular expression
1030-
on <replaceable>database-username</replaceable>.
1026+
as a regular expression.
1027+
When the <replaceable>database-username</replaceable> field is a regular
1028+
expression, it is not possible to use <literal>\1</literal> within it to
1029+
refer to a capture from the <replaceable>system-username</replaceable>
1030+
field.
10311031
</para>
10321032

10331033
<tip>

src/backend/libpq/pg_ident.conf.sample

Lines changed: 13 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -13,25 +13,25 @@
1313
# user names to their corresponding PostgreSQL user names. Records
1414
# are of the form:
1515
#
16-
# MAPNAME SYSTEM-USERNAME PG-USERNAME
16+
# MAPNAME SYSTEM-USERNAME DATABASE-USERNAME
1717
#
1818
# (The uppercase quantities must be replaced by actual values.)
1919
#
2020
# MAPNAME is the (otherwise freely chosen) map name that was used in
2121
# pg_hba.conf. SYSTEM-USERNAME is the detected user name of the
22-
# client. PG-USERNAME is the requested PostgreSQL user name. The
23-
# existence of a record specifies that SYSTEM-USERNAME may connect as
24-
# PG-USERNAME.
22+
# client. DATABASE-USERNAME is the requested PostgreSQL user name.
23+
# The existence of a record specifies that SYSTEM-USERNAME may connect
24+
# as DATABASE-USERNAME.
2525
#
26-
# If SYSTEM-USERNAME starts with a slash (/), it will be treated as a
27-
# regular expression. Optionally this can contain a capture (a
28-
# parenthesized subexpression). The substring matching the capture
29-
# will be substituted for \1 (backslash-one) if present in
30-
# PG-USERNAME.
26+
# If SYSTEM-USERNAME starts with a slash (/), the rest of it will be
27+
# treated as a regular expression. Optionally this can contain a capture
28+
# (a parenthesized subexpression). The substring matching the capture
29+
# will be substituted for \1 (backslash-one) if that appears in
30+
# DATABASE-USERNAME.
3131
#
32-
# PG-USERNAME can be "all", a user name, a group name prefixed with "+", or
33-
# a regular expression (if it starts with a slash (/)). If it is a regular
34-
# expression, the substring matching with \1 has no effect.
32+
# DATABASE-USERNAME can be "all", a user name, a group name prefixed with "+",
33+
# or a regular expression (if it starts with a slash (/)). If it is a regular
34+
# expression, no substitution for \1 will occur.
3535
#
3636
# Multiple maps may be specified in this file and used by pg_hba.conf.
3737
#
@@ -69,4 +69,4 @@
6969
# Put your actual configuration here
7070
# ----------------------------------
7171

72-
# MAPNAME SYSTEM-USERNAME PG-USERNAME
72+
# MAPNAME SYSTEM-USERNAME DATABASE-USERNAME

0 commit comments

Comments
 (0)