public inbox for [email protected]
help / color / mirror / Atom feedFrom: Jianghua Yang <[email protected]>
To: [email protected]
Cc: Robert Treat <[email protected]>
Cc: David G. Johnston <[email protected]>
Cc: [email protected]
Subject: Re: [PATCH] initdb: Treat empty -U argument as unset username
Date: Wed, 2 Jul 2025 06:52:09 -0700
Message-ID: <CAAZLFmSY_s6TOsiTwjzqrc2Y4uShATuWcEEN8O8cdtpkS=zfLg@mail.gmail.com> (raw)
In-Reply-To: <[email protected]>
References: <CAAZLFmRK+XFp=mqCeruyNVkqGq5mH45CP+e-8oNttPRtLuB5eQ@mail.gmail.com>
<CAKFQuwbVK=oANp9XLdQknd7o9jJOUFQanUtG3QAh-3kuaM5tJw@mail.gmail.com>
<CAAZLFmSKrcovMSauueWg=8VdZN-fHPH2ZengZRKA8AfgST6o6w@mail.gmail.com>
<CAKFQuwaCPkb8=2_V3121Ei0MBrg02FLRNQbcAcyzCO3dAha=Gw@mail.gmail.com>
<CABV9wwOOpOijL9sY03KV3WNvgMxVFsyfvfYbfy2MYfn40z0yyQ@mail.gmail.com>
<[email protected]>
Hi hackers,
Based on the suggestion that we should explicitly reject empty usernames
instead of silently falling back, I’ve updated the patch accordingly.
### Changes in v2:
- `initdb` now errors out immediately if the `-U` or `--username` argument
is an empty string.
- The error message is:
superuser name must not be empty
- A regression test is added to `src/bin/initdb/t/001_initdb.pl` to verify
that the case `initdb -U ''` fails as expected.
This approach avoids any ambiguity about whether an empty username is
valid, and fails early with a clear message. It also brings consistency
with existing checks, such as the one disallowing superuser names starting
with `pg_`.
Let me know if this looks acceptable or if further refinement is needed.
Patch attached.
Best regards,
Jianghua Yang
Daniel Gustafsson <[email protected]> 于2025年7月2日周三 00:16写道:
> > On 2 Jul 2025, at 06:31, Robert Treat <[email protected]> wrote:
>
> > FWIW, I tend to agree with David; I feel like if a user passes in -U,
> > there was probably a reason, and a good error message would be more
> > useful in clarifying things rather than blindly pushing forward with
> > potentially the wrong thing.
>
> Agreed, and it's not even clear that the previous code was intentionally
> trying
> to allow an empty -U. An improved error message would be a good patch
> though.
>
> --
> Daniel Gustafsson
>
>
Attachments:
[application/octet-stream] 0001-initdb-Reject-empty-string-for-U-username-option.patch (1.7K, 3-0001-initdb-Reject-empty-string-for-U-username-option.patch)
download | inline diff:
From 77326a030fd2ffa4ae012aae28540b3d8f5bd4ef Mon Sep 17 00:00:00 2001
From: Jianghua Yang <[email protected]>
Date: Wed, 2 Jul 2025 06:48:48 -0700
Subject: [PATCH] initdb: Reject empty string for -U/--username option
Previously, passing an empty string to the -U or --username option
(e.g., `initdb -U ''`) would cause confusing errors during bootstrap,
as initdb attempted to create a role with an empty name.
This patch adds an explicit check for empty usernames and exits
immediately with a clear error message.
A test case is added to verify that initdb fails when -U is given an
empty string.
---
src/bin/initdb/initdb.c | 5 +++++
src/bin/initdb/t/001_initdb.pl | 4 ++++
2 files changed, 9 insertions(+)
diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c
index 62bbd08d9f6..0fd67ad496f 100644
--- a/src/bin/initdb/initdb.c
+++ b/src/bin/initdb/initdb.c
@@ -3291,6 +3291,11 @@ main(int argc, char *argv[])
pwprompt = true;
break;
case 'U':
+ if (optarg[0] == '\0')
+ {
+ pg_log_error("superuser name must not be empty");
+ exit(1);
+ }
username = pg_strdup(optarg);
break;
case 'd':
diff --git a/src/bin/initdb/t/001_initdb.pl b/src/bin/initdb/t/001_initdb.pl
index 15dd10ce40a..67eb53064f6 100644
--- a/src/bin/initdb/t/001_initdb.pl
+++ b/src/bin/initdb/t/001_initdb.pl
@@ -37,6 +37,10 @@ command_fails(
command_fails([ 'initdb', '--username' => 'pg_test', $datadir ],
'role names cannot begin with "pg_"');
+command_fails(
+ [ 'initdb', '-U', '', $datadir ],
+ 'empty username not allowed');
+
mkdir $datadir;
# make sure we run one successful test without a TZ setting so we test
--
2.39.5 (Apple Git-154)
view thread (16+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: [PATCH] initdb: Treat empty -U argument as unset username
In-Reply-To: <CAAZLFmSY_s6TOsiTwjzqrc2Y4uShATuWcEEN8O8cdtpkS=zfLg@mail.gmail.com>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox