# 34.16. The Password File

The file.pgpassin a user's home directory can contain passwords to be used if the connection requires a password (and no password has been specified otherwise). On Microsoft Windows the file is named%APPDATA%\postgresql\pgpass.conf(where%APPDATA%refers to the Application Data subdirectory in the user's profile). Alternatively, a password file can be specified using the connection parameterpassfileor the environment variablePGPASSFILE.

This file should contain lines of the following format:

hostname:port:database:username:password

(You can add a reminder comment to the file by copying the line above and preceding it with#.) Each of the first four fields can be a literal value, or*, which matches anything. The password field from the first line that matches the current connection parameters will be used. (Therefore, put more-specific entries first when you are using wildcards.) If an entry needs to contain:or\, 转义这个字符\.主机名字段与主持人如果指定了连接参数,则为主机地址参数(如果指定);如果两者都没有给出,那么主机名本地主机被搜索。主机名本地主机当连接是 Unix 域套接字连接并且主持人参数匹配 libpq 的默认套接字目录路径。在备用服务器中,数据库字段复制匹配到主服务器的流复制连接。否则,数据库字段的用处有限,因为用户对同一集群中的所有数据库都具有相同的密码。

在 Unix 系统上,密码文件的权限必须禁止对世界或组的任何访问;通过以下命令实现此目的chmod 0600 ~/.pgpass.如果权限不那么严格,则该文件将被忽略。在 Microsoft Windows 上,假定文件存储在安全的目录中,因此不进行特殊权限检查。