Revert "initdb: Change authentication defaults"

This reverts commit 09f08930f0.

The buildfarm client needs some adjustments first.

doc/src/sgml/ref/initdb.sgml

@@ -136,24 +136,9 @@ PostgreSQL documentation
         replication connections.
        </para>
 
-       <para>
-        The default is <literal>peer</literal> for Unix-domain socket
-        connections on operating systems that support it, otherwise
-        <literal>md5</literal>, and <literal>md5</literal> for TCP/IP
-        connections.
-       </para>
-
-       <para>
-        When running <command>initdb</command> on a platform that does not
-        support <literal>peer</literal> authentication, either a password must
-        be provided (see <option>-W</option> and other options) or a different
-        authentication method must be chosen, otherwise
-        <command>initdb</command> will error.
-       </para>
-
        <para>
         Do not use <literal>trust</literal> unless you trust all local users on your
-        system.
+        system.  <literal>trust</literal> is the default for ease of installation.
        </para>
       </listitem>
      </varlistentry>

doc/src/sgml/runtime.sgml

@@ -156,19 +156,24 @@ postgres$ <userinput>initdb -D /usr/local/pgsql/data</userinput>
   </para>
 
   <para>
-   The default client authentication setup is such that users can connect over
-   the Unix-domain socket to the same database user name as their operating
-   system user names (on operating systems that support this, which are most
-   modern Unix-like systems, but not Windows) and otherwise with a password.
-   To assign a password to the initial database superuser, use one of
+   However, while the directory contents are secure, the default
+   client authentication setup allows any local user to connect to the
+   database and even become the database superuser. If you do not
+   trust other local users, we recommend you use one of
    <command>initdb</command>'s <option>-W</option>, <option>--pwprompt</option>
-   or <option>--pwfile</option> options.<indexterm>
+   or <option>--pwfile</option> options to assign a password to the
+   database superuser.<indexterm>
      <primary>password</primary>
      <secondary>of the superuser</secondary>
    </indexterm>
-   This configuration is secure and sufficient to get started.  Later, see
-   <xref linkend="client-authentication"/> for more information about setting
-   up client authentication.
+   Also, specify <option>-A md5</option> or
+   <option>-A password</option> so that the default <literal>trust</literal> authentication
+   mode is not used; or modify the generated <filename>pg_hba.conf</filename>
+   file after running <command>initdb</command>, but
+   <emphasis>before</emphasis> you start the server for the first time. (Other
+   reasonable approaches include using <literal>peer</literal> authentication
+   or file system permissions to restrict connections. See <xref
+   linkend="client-authentication"/> for more information.)
   </para>
 
   <para>

doc/src/sgml/standalone-install.xml

@@ -63,6 +63,15 @@ postgres$ <userinput>/usr/local/pgsql/bin/initdb -D /usr/local/pgsql/data</useri
     </para>
    </step>
 
+   <step>
+    <para>
+     At this point, if you did not use the <command>initdb</command> <literal>-A</literal>
+     option, you might want to modify <filename>pg_hba.conf</filename> to control
+     local access to the server before you start it.  The default is to
+     trust all local users.
+    </para>
+   </step>
+
    <step>
     <para>
      The previous <command>initdb</command> step should have told you how to