1 <?xml version="1.0" encoding="UTF-8" standalone="no"?>
2 <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"><html xmlns="http://www.w3.org/1999/xhtml"><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8" /><title>32.16. The Password File</title><link rel="stylesheet" type="text/css" href="stylesheet.css" /><link rev="made" href="pgsql-docs@lists.postgresql.org" /><meta name="generator" content="DocBook XSL Stylesheets Vsnapshot" /><link rel="prev" href="libpq-envars.html" title="32.15. Environment Variables" /><link rel="next" href="libpq-pgservice.html" title="32.17. The Connection Service File" /></head><body id="docContent" class="container-fluid col-10"><div class="navheader"><table width="100%" summary="Navigation header"><tr><th colspan="5" align="center">32.16. The Password File</th></tr><tr><td width="10%" align="left"><a accesskey="p" href="libpq-envars.html" title="32.15. Environment Variables">Prev</a> </td><td width="10%" align="left"><a accesskey="u" href="libpq.html" title="Chapter 32. libpq — C Library">Up</a></td><th width="60%" align="center">Chapter 32. <span class="application">libpq</span> — C Library</th><td width="10%" align="right"><a accesskey="h" href="index.html" title="PostgreSQL 18.0 Documentation">Home</a></td><td width="10%" align="right"> <a accesskey="n" href="libpq-pgservice.html" title="32.17. The Connection Service File">Next</a></td></tr></table><hr /></div><div class="sect1" id="LIBPQ-PGPASS"><div class="titlepage"><div><div><h2 class="title" style="clear: both">32.16. The Password File <a href="#LIBPQ-PGPASS" class="id_link">#</a></h2></div></div></div><a id="id-1.7.3.23.2" class="indexterm"></a><a id="id-1.7.3.23.3" class="indexterm"></a><p>
3 The file <code class="filename">.pgpass</code> in a user's home directory can
5 be used if the connection requires a password (and no password has been
6 specified otherwise). On Unix systems, the directory can be specified by
7 the <code class="envar">HOME</code> environment variable, or if undefined, the home
8 directory of the effective user. On Microsoft Windows the file is named
9 <code class="filename">%APPDATA%\postgresql\pgpass.conf</code> (where
10 <code class="filename">%APPDATA%</code> refers to the Application Data subdirectory in
12 Alternatively, the password file to use can be specified
13 using the connection parameter <a class="xref" href="libpq-connect.html#LIBPQ-CONNECT-PASSFILE">passfile</a>
14 or the environment variable <code class="envar">PGPASSFILE</code>.
16 This file should contain lines of the following format:
17 </p><pre class="synopsis">
18 <em class="replaceable"><code>hostname</code></em>:<em class="replaceable"><code>port</code></em>:<em class="replaceable"><code>database</code></em>:<em class="replaceable"><code>username</code></em>:<em class="replaceable"><code>password</code></em>
20 (You can add a reminder comment to the file by copying the line above and
21 preceding it with <code class="literal">#</code>.)
22 Each of the first four fields can be a literal value, or
23 <code class="literal">*</code>, which matches anything. The password field from
24 the first line that matches the current connection parameters will be
25 used. (Therefore, put more-specific entries first when you are using
26 wildcards.) If an entry needs to contain <code class="literal">:</code> or
27 <code class="literal">\</code>, escape this character with <code class="literal">\</code>.
28 The host name field is matched to the <code class="literal">host</code> connection
29 parameter if that is specified, otherwise to
30 the <code class="literal">hostaddr</code> parameter if that is specified; if neither
31 are given then the host name <code class="literal">localhost</code> is searched for.
32 The host name <code class="literal">localhost</code> is also searched for when
33 the connection is a Unix-domain socket connection and
34 the <code class="literal">host</code> parameter
35 matches <span class="application">libpq</span>'s default socket directory path.
36 In a standby server, a database field of <code class="literal">replication</code>
37 matches streaming replication connections made to the primary server.
38 The database field is of limited usefulness otherwise, because users have
39 the same password for all databases in the same cluster.
41 On Unix systems, the permissions on a password file must
42 disallow any access to world or group; achieve this by a command such as
43 <code class="command">chmod 0600 ~/.pgpass</code>. If the permissions are less
44 strict than this, the file will be ignored. On Microsoft Windows, it
45 is assumed that the file is stored in a directory that is secure, so
46 no special permissions check is made.
47 </p></div><div class="navfooter"><hr /><table width="100%" summary="Navigation footer"><tr><td width="40%" align="left"><a accesskey="p" href="libpq-envars.html" title="32.15. Environment Variables">Prev</a> </td><td width="20%" align="center"><a accesskey="u" href="libpq.html" title="Chapter 32. libpq — C Library">Up</a></td><td width="40%" align="right"> <a accesskey="n" href="libpq-pgservice.html" title="32.17. The Connection Service File">Next</a></td></tr><tr><td width="40%" align="left" valign="top">32.15. Environment Variables </td><td width="20%" align="center"><a accesskey="h" href="index.html" title="PostgreSQL 18.0 Documentation">Home</a></td><td width="40%" align="right" valign="top"> 32.17. The Connection Service File</td></tr></table></div></body></html>
begriffs.com / projects / ai-pg / blob