diff --git a/10/alpine/docker-entrypoint.sh b/10/alpine/docker-entrypoint.sh index 3498032b00..f53fa6134a 100755 --- a/10/alpine/docker-entrypoint.sh +++ b/10/alpine/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then mkdir -p "$POSTGRES_INITDB_WALDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" } diff --git a/10/docker-entrypoint.sh b/10/docker-entrypoint.sh index 698ce9f48c..406a971cfc 100755 --- a/10/docker-entrypoint.sh +++ b/10/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then mkdir -p "$POSTGRES_INITDB_WALDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" } diff --git a/11/alpine/docker-entrypoint.sh b/11/alpine/docker-entrypoint.sh index 3498032b00..f53fa6134a 100755 --- a/11/alpine/docker-entrypoint.sh +++ b/11/alpine/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then mkdir -p "$POSTGRES_INITDB_WALDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" } diff --git a/11/docker-entrypoint.sh b/11/docker-entrypoint.sh index 698ce9f48c..406a971cfc 100755 --- a/11/docker-entrypoint.sh +++ b/11/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then mkdir -p "$POSTGRES_INITDB_WALDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" } diff --git a/12/alpine/docker-entrypoint.sh b/12/alpine/docker-entrypoint.sh index 3498032b00..f53fa6134a 100755 --- a/12/alpine/docker-entrypoint.sh +++ b/12/alpine/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then mkdir -p "$POSTGRES_INITDB_WALDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" } diff --git a/12/docker-entrypoint.sh b/12/docker-entrypoint.sh index 698ce9f48c..406a971cfc 100755 --- a/12/docker-entrypoint.sh +++ b/12/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then mkdir -p "$POSTGRES_INITDB_WALDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" } diff --git a/9.4/alpine/docker-entrypoint.sh b/9.4/alpine/docker-entrypoint.sh index b86e2fd509..8539acd673 100755 --- a/9.4/alpine/docker-entrypoint.sh +++ b/9.4/alpine/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_XLOGDIR" ]; then + if [ -n "$POSTGRES_INITDB_XLOGDIR" ]; then mkdir -p "$POSTGRES_INITDB_XLOGDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_XLOGDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_XLOGDIR" ]; then + if [ -n "$POSTGRES_INITDB_XLOGDIR" ]; then set -- --xlogdir "$POSTGRES_INITDB_XLOGDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" } diff --git a/9.4/docker-entrypoint.sh b/9.4/docker-entrypoint.sh index cd3140393b..ae5de79e98 100755 --- a/9.4/docker-entrypoint.sh +++ b/9.4/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_XLOGDIR" ]; then + if [ -n "$POSTGRES_INITDB_XLOGDIR" ]; then mkdir -p "$POSTGRES_INITDB_XLOGDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_XLOGDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_XLOGDIR" ]; then + if [ -n "$POSTGRES_INITDB_XLOGDIR" ]; then set -- --xlogdir "$POSTGRES_INITDB_XLOGDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" } diff --git a/9.5/alpine/docker-entrypoint.sh b/9.5/alpine/docker-entrypoint.sh index b86e2fd509..8539acd673 100755 --- a/9.5/alpine/docker-entrypoint.sh +++ b/9.5/alpine/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_XLOGDIR" ]; then + if [ -n "$POSTGRES_INITDB_XLOGDIR" ]; then mkdir -p "$POSTGRES_INITDB_XLOGDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_XLOGDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_XLOGDIR" ]; then + if [ -n "$POSTGRES_INITDB_XLOGDIR" ]; then set -- --xlogdir "$POSTGRES_INITDB_XLOGDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" } diff --git a/9.5/docker-entrypoint.sh b/9.5/docker-entrypoint.sh index cd3140393b..ae5de79e98 100755 --- a/9.5/docker-entrypoint.sh +++ b/9.5/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_XLOGDIR" ]; then + if [ -n "$POSTGRES_INITDB_XLOGDIR" ]; then mkdir -p "$POSTGRES_INITDB_XLOGDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_XLOGDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_XLOGDIR" ]; then + if [ -n "$POSTGRES_INITDB_XLOGDIR" ]; then set -- --xlogdir "$POSTGRES_INITDB_XLOGDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" } diff --git a/9.6/alpine/docker-entrypoint.sh b/9.6/alpine/docker-entrypoint.sh index b86e2fd509..8539acd673 100755 --- a/9.6/alpine/docker-entrypoint.sh +++ b/9.6/alpine/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_XLOGDIR" ]; then + if [ -n "$POSTGRES_INITDB_XLOGDIR" ]; then mkdir -p "$POSTGRES_INITDB_XLOGDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_XLOGDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_XLOGDIR" ]; then + if [ -n "$POSTGRES_INITDB_XLOGDIR" ]; then set -- --xlogdir "$POSTGRES_INITDB_XLOGDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" } diff --git a/9.6/docker-entrypoint.sh b/9.6/docker-entrypoint.sh index cd3140393b..ae5de79e98 100755 --- a/9.6/docker-entrypoint.sh +++ b/9.6/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_XLOGDIR" ]; then + if [ -n "$POSTGRES_INITDB_XLOGDIR" ]; then mkdir -p "$POSTGRES_INITDB_XLOGDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_XLOGDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_XLOGDIR" ]; then + if [ -n "$POSTGRES_INITDB_XLOGDIR" ]; then set -- --xlogdir "$POSTGRES_INITDB_XLOGDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" } diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 698ce9f48c..406a971cfc 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -44,7 +44,7 @@ docker_create_db_directories() { chmod 775 /var/run/postgresql || : # Create the transaction log directory before initdb is run so the directory is owned by the correct user - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then mkdir -p "$POSTGRES_INITDB_WALDIR" if [ "$user" = '0' ]; then find "$POSTGRES_INITDB_WALDIR" \! -user postgres -exec chown postgres '{}' + @@ -74,7 +74,7 @@ docker_init_database_dir() { echo "postgres:x:$(id -g):" > "$NSS_WRAPPER_GROUP" fi - if [ "$POSTGRES_INITDB_WALDIR" ]; then + if [ -n "$POSTGRES_INITDB_WALDIR" ]; then set -- --waldir "$POSTGRES_INITDB_WALDIR" "$@" fi @@ -87,7 +87,10 @@ docker_init_database_dir() { fi } -# print large warning if POSTGRES_PASSWORD is empty +# print large warning if POSTGRES_PASSWORD is long +# error if both POSTGRES_PASSWORD is unset and POSTGRES_HOST_AUTH_METHOD is not 'trust' +# print large warning if POSTGRES_HOST_AUTH_METHOD is set to 'trust' +# assumes database is not set up, ie: [ -z "$DATABASE_ALREADY_EXISTS" ] docker_verify_minimum_env() { # check password first so we can output the warning before postgres # messes it up @@ -103,22 +106,36 @@ docker_verify_minimum_env() { EOWARN fi - if [ -z "$POSTGRES_PASSWORD" ]; then + if [ -z "$POSTGRES_PASSWORD" ] && [ 'trust' != "$POSTGRES_HOST_AUTH_METHOD" ]; then # The - option suppresses leading tabs but *not* spaces. :) + cat >&2 <<-'EOE' + Error: Database is uninitialized and superuser password is not specified. + You must specify POSTGRES_PASSWORD for the superuser. Use + "-e POSTGRES_PASSWORD=password" to set it in "docker run". + + You may also use POSTGRES_HOST_AUTH_METHOD=trust to allow all connections + without a password. This is *not* recommended. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + EOE + exit 1 + fi + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then cat >&2 <<-'EOWARN' - **************************************************** - WARNING: No password has been set for the database. - This will allow anyone with access to the - Postgres port to access your database. In - Docker's default configuration, this is - effectively any other container on the same - system. - - Use "-e POSTGRES_PASSWORD=password" to set - it in "docker run". - **************************************************** + ******************************************************************************** + WARNING: POSTGRES_HOST_AUTH_METHOD has been set to "trust". This will allow + anyone with access to the Postgres port to access your database without + a password, even if POSTGRES_PASSWORD is set. See PostgreSQL + documentation about "trust": + https://www.postgresql.org/docs/current/auth-trust.html + In Docker's default configuration, this is effectively any other + container on the same system. + + It is not recommended to use POSTGRES_HOST_AUTH_METHOD=trust. Replace + it with "-e POSTGRES_PASSWORD=password" instead to set a password in + "docker run". + ******************************************************************************** EOWARN - fi } @@ -185,6 +202,8 @@ docker_setup_env() { file_env 'POSTGRES_USER' 'postgres' file_env 'POSTGRES_DB' "$POSTGRES_USER" file_env 'POSTGRES_INITDB_ARGS' + # default authentication method is md5 + : "${POSTGRES_HOST_AUTH_METHOD:=md5}" declare -g DATABASE_ALREADY_EXISTS # look specifically for PG_VERSION, as it is expected in the DB dir @@ -193,16 +212,15 @@ docker_setup_env() { fi } -# append md5 or trust auth to pg_hba.conf based on existence of POSTGRES_PASSWORD +# append POSTGRES_HOST_AUTH_METHOD to pg_hba.conf for "host" connections pg_setup_hba_conf() { - local authMethod='md5' - if [ -z "$POSTGRES_PASSWORD" ]; then - authMethod='trust' - fi - { echo - echo "host all all all $authMethod" + if [ 'trust' = "$POSTGRES_HOST_AUTH_METHOD" ]; then + echo '# warning trust is enabled for all connections' + echo '# see https://www.postgresql.org/docs/12/auth-trust.html' + fi + echo "host all all all $POSTGRES_HOST_AUTH_METHOD" } >> "$PGDATA/pg_hba.conf" }