search

docker-library / postgres

Docker Official Image packaging for Postgres
http://www.postgresql.org
MIT License
2.14k stars 1.11k forks source link

Wrong password if you put "-" in password #1128

Closed GuttoF closed 9 months ago

yosifkit commented 10 months ago

Can you provide reproduction steps? I am unable to reproduce (see below). I also tried with - at the beginning and end of the password.

$ docker run -it --rm -e 'POSTGRES_PASSWORD=1234-5678' --name pg postgres:16
Unable to find image 'postgres:16' locally
16: Pulling from library/postgres
a803e7c4b030: Already exists
5cf7cbd17f32: Pull complete
ddc24c6f1e18: Pull complete
2b0f4d94850a: Pull complete
fccb5b7554d1: Pull complete
1dd940c0e742: Pull complete
f641e2497276: Pull complete
9c05395a8e66: Pull complete
285e24d225ac: Pull complete
3faa43a5d9fc: Pull complete
482fc7a6b0f4: Pull complete
29ca5fe1b2a4: Pull complete
d3012096b6ce: Pull complete
Digest: sha256:1e90f8560705b0daccbd8eb25573627c8452fc9282496433aab1259ae4c85824
Status: Downloaded newer image for postgres:16
The files belonging to this database system will be owned by user "postgres".
This user must also own the server process.

The database cluster will be initialized with locale "en_US.utf8".
The default database encoding has accordingly been set to "UTF8".
The default text search configuration will be set to "english".

Data page checksums are disabled.

fixing permissions on existing directory /var/lib/postgresql/data ... ok
creating subdirectories ... ok
selecting dynamic shared memory implementation ... posix
selecting default max_connections ... 100
selecting default shared_buffers ... 128MB
selecting default time zone ... Etc/UTC
creating configuration files ... ok
running bootstrap script ... ok
performing post-bootstrap initialization ... ok
syncing data to disk ... ok

initdb: warning: enabling "trust" authentication for local connections
initdb: hint: You can change this by editing pg_hba.conf or using the option -A, or --auth-local and --auth-host, the next time you run initdb.

Success. You can now start the database server using:

    pg_ctl -D /var/lib/postgresql/data -l logfile start

waiting for server to start....2023-09-26 23:05:22.756 UTC [48] LOG:  starting PostgreSQL 16.0 (Debian 16.0-1.pgdg120+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit
2023-09-26 23:05:22.758 UTC [48] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2023-09-26 23:05:22.761 UTC [51] LOG:  database system was shut down at 2023-09-26 23:05:22 UTC
2023-09-26 23:05:22.764 UTC [48] LOG:  database system is ready to accept connections
 done
server started

/usr/local/bin/docker-entrypoint.sh: ignoring /docker-entrypoint-initdb.d/*

waiting for server to shut down....2023-09-26 23:05:22.871 UTC [48] LOG:  received fast shutdown request
2023-09-26 23:05:22.872 UTC [48] LOG:  aborting any active transactions
2023-09-26 23:05:22.873 UTC [48] LOG:  background worker "logical replication launcher" (PID 54) exited with exit code 1
2023-09-26 23:05:22.873 UTC [49] LOG:  shutting down
2023-09-26 23:05:22.875 UTC [49] LOG:  checkpoint starting: shutdown immediate
2023-09-26 23:05:22.887 UTC [49] LOG:  checkpoint complete: wrote 3 buffers (0.0%); 0 WAL file(s) added, 0 removed, 0 recycled; write=0.005 s, sync=0.002 s, total=0.015 s; sync files=2, longest=0.001 s, average=0.001 s; distance=0 kB, estimate=0 kB; lsn=0/14EAA88, redo lsn=0/14EAA88
2023-09-26 23:05:22.889 UTC [48] LOG:  database system is shut down
 done
server stopped

PostgreSQL init process complete; ready for start up.

2023-09-26 23:05:22.984 UTC [1] LOG:  starting PostgreSQL 16.0 (Debian 16.0-1.pgdg120+1) on x86_64-pc-linux-gnu, compiled by gcc (Debian 12.2.0-14) 12.2.0, 64-bit
2023-09-26 23:05:22.984 UTC [1] LOG:  listening on IPv4 address "0.0.0.0", port 5432
2023-09-26 23:05:22.985 UTC [1] LOG:  listening on IPv6 address "::", port 5432
2023-09-26 23:05:22.987 UTC [1] LOG:  listening on Unix socket "/var/run/postgresql/.s.PGSQL.5432"
2023-09-26 23:05:22.990 UTC [62] LOG:  database system was shut down at 2023-09-26 23:05:22 UTC
2023-09-26 23:05:22.993 UTC [1] LOG:  database system is ready to accept connections
$ docker container inspect pg --format '{{ .NetworkSettings.IPAddress }}'
172.17.0.2
$ docker run -it --rm -e 'PGPASSWORD=1234-5678' postgres:16 psql --user postgres --host 172.17.0.2
psql (16.0 (Debian 16.0-1.pgdg120+1))
Type "help" for help.

postgres=#
\q
$ # expected failure with an incorrect password
$ docker run -it --rm -e 'PGPASSWORD=foo' postgres:16 psql --user postgres --host 172.17.0.2
psql: error: connection to server at "172.17.0.2", port 5432 failed: FATAL:  password authentication failed for user "postgres"