Allow pg_dumpall to dump roles w/o user passwords

Add new option --no-role-passwords which dumps roles without passwords. Since we don’t need passwords, we choose to use pg_roles in preference to pg_authid since access may be restricted for security reasons in some configrations. Robins Tharakan and Simon Riggs
2025-09-02 04:21:28 +03:00 · 2017-03-07 22:00:54 +08:00
parent 55acfcbffd
commit 9a83d56b38
2 changed files with 97 additions and 48 deletions
--- a/doc/src/sgml/ref/pg_dumpall.sgml
+++ b/doc/src/sgml/ref/pg_dumpall.sgml
@@ -332,6 +332,19 @@ PostgreSQL documentation
      </listitem>
     </varlistentry>

+     <varlistentry>
+      <term><option>--no-role-passwords</option></term>
+      <listitem>
+       <para>
+        Do not dump passwords for roles. When restored, roles will have a NULL
+        password and authentication will always fail until the password is reset.
+        Since password values aren't needed when this option is specified we
+        use the catalog view pg_roles in preference to pg_authid, since access
+        to pg_authid may be restricted by security policy.
+       </para>
+      </listitem>
+     </varlistentry>
+
     <varlistentry>
      <term><option>--no-security-labels</option></term>
      <listitem>