]> git.ipfire.org Git - thirdparty/postgresql.git/commitdiff
Remove radius from initdb authentication methods.
authorThomas Munro <tmunro@postgresql.org>
Tue, 30 Jun 2026 23:25:37 +0000 (11:25 +1200)
committerThomas Munro <tmunro@postgresql.org>
Tue, 30 Jun 2026 23:45:16 +0000 (11:45 +1200)
Commit a1643d40b removed RADIUS authentication, but apparently
overlooked initdb's list of accepted authentication methods.  As a
result, initdb still accepted radius for --auth, --auth-host, and
--auth-local, allowing it to create a pg_hba.conf that the server could
not load.

Remove radius from initdb's local and host authentication method lists.

Backpatch-through: 19
Author: Chao Li <lic@highgo.com>
Discussion: https://postgr.es/m/983F946B-A7CE-4C93-B5F0-665616F72254%40gmail.com

src/bin/initdb/initdb.c

index 14cb79c26be04b694d855b3803359f537e62c99e..8fba896561bccb065864f34f02baab0ad4beb785 100644 (file)
@@ -94,7 +94,7 @@ typedef struct _stringlist
 } _stringlist;
 
 static const char *const auth_methods_host[] = {
-       "trust", "reject", "scram-sha-256", "md5", "password", "ident", "radius",
+       "trust", "reject", "scram-sha-256", "md5", "password", "ident",
 #ifdef ENABLE_GSS
        "gss",
 #endif
@@ -116,7 +116,7 @@ static const char *const auth_methods_host[] = {
        NULL
 };
 static const char *const auth_methods_local[] = {
-       "trust", "reject", "scram-sha-256", "md5", "password", "peer", "radius",
+       "trust", "reject", "scram-sha-256", "md5", "password", "peer",
 #ifdef USE_PAM
        "pam",
 #endif