Line data Source code
1 : /*-------------------------------------------------------------------------
2 : *
3 : * createuser
4 : *
5 : * Portions Copyright (c) 1996-2026, PostgreSQL Global Development Group
6 : * Portions Copyright (c) 1994, Regents of the University of California
7 : *
8 : * src/bin/scripts/createuser.c
9 : *
10 : *-------------------------------------------------------------------------
11 : */
12 :
13 : #include "postgres_fe.h"
14 :
15 : #include <limits.h>
16 :
17 : #include "common.h"
18 : #include "common/logging.h"
19 : #include "common/string.h"
20 : #include "fe_utils/option_utils.h"
21 : #include "fe_utils/simple_list.h"
22 : #include "fe_utils/string_utils.h"
23 :
24 :
25 : static void help(const char *progname);
26 :
27 : int
28 25 : main(int argc, char *argv[])
29 : {
30 : static struct option long_options[] = {
31 : {"with-admin", required_argument, NULL, 'a'},
32 : {"connection-limit", required_argument, NULL, 'c'},
33 : {"createdb", no_argument, NULL, 'd'},
34 : {"no-createdb", no_argument, NULL, 'D'},
35 : {"echo", no_argument, NULL, 'e'},
36 : {"encrypted", no_argument, NULL, 'E'},
37 : {"role", required_argument, NULL, 'g'},
38 : {"member-of", required_argument, NULL, 'g'},
39 : {"host", required_argument, NULL, 'h'},
40 : {"inherit", no_argument, NULL, 'i'},
41 : {"no-inherit", no_argument, NULL, 'I'},
42 : {"login", no_argument, NULL, 'l'},
43 : {"no-login", no_argument, NULL, 'L'},
44 : {"with-member", required_argument, NULL, 'm'},
45 : {"port", required_argument, NULL, 'p'},
46 : {"pwprompt", no_argument, NULL, 'P'},
47 : {"createrole", no_argument, NULL, 'r'},
48 : {"no-createrole", no_argument, NULL, 'R'},
49 : {"superuser", no_argument, NULL, 's'},
50 : {"no-superuser", no_argument, NULL, 'S'},
51 : {"username", required_argument, NULL, 'U'},
52 : {"valid-until", required_argument, NULL, 'v'},
53 : {"no-password", no_argument, NULL, 'w'},
54 : {"password", no_argument, NULL, 'W'},
55 : {"replication", no_argument, NULL, 1},
56 : {"no-replication", no_argument, NULL, 2},
57 : {"interactive", no_argument, NULL, 3},
58 : {"bypassrls", no_argument, NULL, 4},
59 : {"no-bypassrls", no_argument, NULL, 5},
60 : {NULL, 0, NULL, 0}
61 : };
62 :
63 : const char *progname;
64 : int optindex;
65 : int c;
66 25 : const char *newuser = NULL;
67 25 : char *host = NULL;
68 25 : char *port = NULL;
69 25 : char *username = NULL;
70 25 : SimpleStringList roles = {NULL, NULL};
71 25 : SimpleStringList members = {NULL, NULL};
72 25 : SimpleStringList admins = {NULL, NULL};
73 25 : enum trivalue prompt_password = TRI_DEFAULT;
74 : ConnParams cparams;
75 25 : bool echo = false;
76 25 : bool interactive = false;
77 25 : int conn_limit = -2; /* less than minimum valid value */
78 25 : bool pwprompt = false;
79 25 : char *newpassword = NULL;
80 25 : char *pwexpiry = NULL;
81 :
82 : /* Tri-valued variables. */
83 25 : enum trivalue createdb = TRI_DEFAULT,
84 25 : superuser = TRI_DEFAULT,
85 25 : createrole = TRI_DEFAULT,
86 25 : inherit = TRI_DEFAULT,
87 25 : login = TRI_DEFAULT,
88 25 : replication = TRI_DEFAULT,
89 25 : bypassrls = TRI_DEFAULT;
90 :
91 : PQExpBufferData sql;
92 :
93 : PGconn *conn;
94 : PGresult *result;
95 :
96 25 : pg_logging_init(argv[0]);
97 25 : progname = get_progname(argv[0]);
98 25 : set_pglocale_pgservice(argv[0], PG_TEXTDOMAIN("pgscripts"));
99 :
100 25 : handle_help_version_opts(argc, argv, "createuser", help);
101 :
102 52 : while ((c = getopt_long(argc, argv, "a:c:dDeEg:h:iIlLm:p:PrRsSU:v:wW",
103 52 : long_options, &optindex)) != -1)
104 : {
105 30 : switch (c)
106 : {
107 3 : case 'a':
108 3 : simple_string_list_append(&admins, optarg);
109 3 : break;
110 0 : case 'c':
111 0 : if (!option_parse_int(optarg, "-c/--connection-limit",
112 : -1, INT_MAX, &conn_limit))
113 0 : exit(1);
114 0 : break;
115 0 : case 'd':
116 0 : createdb = TRI_YES;
117 0 : break;
118 0 : case 'D':
119 0 : createdb = TRI_NO;
120 0 : break;
121 0 : case 'e':
122 0 : echo = true;
123 0 : break;
124 0 : case 'E':
125 : /* no-op, accepted for backward compatibility */
126 0 : break;
127 3 : case 'g':
128 3 : simple_string_list_append(&roles, optarg);
129 3 : break;
130 0 : case 'h':
131 0 : host = pg_strdup(optarg);
132 0 : break;
133 0 : case 'i':
134 0 : inherit = TRI_YES;
135 0 : break;
136 0 : case 'I':
137 0 : inherit = TRI_NO;
138 0 : break;
139 0 : case 'l':
140 0 : login = TRI_YES;
141 0 : break;
142 1 : case 'L':
143 1 : login = TRI_NO;
144 1 : break;
145 4 : case 'm':
146 4 : simple_string_list_append(&members, optarg);
147 4 : break;
148 0 : case 'p':
149 0 : port = pg_strdup(optarg);
150 0 : break;
151 0 : case 'P':
152 0 : pwprompt = true;
153 0 : break;
154 1 : case 'r':
155 1 : createrole = TRI_YES;
156 1 : break;
157 0 : case 'R':
158 0 : createrole = TRI_NO;
159 0 : break;
160 7 : case 's':
161 7 : superuser = TRI_YES;
162 7 : break;
163 0 : case 'S':
164 0 : superuser = TRI_NO;
165 0 : break;
166 6 : case 'U':
167 6 : username = pg_strdup(optarg);
168 6 : break;
169 1 : case 'v':
170 1 : pwexpiry = pg_strdup(optarg);
171 1 : break;
172 0 : case 'w':
173 0 : prompt_password = TRI_NO;
174 0 : break;
175 0 : case 'W':
176 0 : prompt_password = TRI_YES;
177 0 : break;
178 1 : case 1:
179 1 : replication = TRI_YES;
180 1 : break;
181 0 : case 2:
182 0 : replication = TRI_NO;
183 0 : break;
184 0 : case 3:
185 0 : interactive = true;
186 0 : break;
187 1 : case 4:
188 1 : bypassrls = TRI_YES;
189 1 : break;
190 1 : case 5:
191 1 : bypassrls = TRI_NO;
192 1 : break;
193 1 : default:
194 : /* getopt_long already emitted a complaint */
195 1 : pg_log_error_hint("Try \"%s --help\" for more information.", progname);
196 1 : exit(1);
197 : }
198 : }
199 :
200 22 : switch (argc - optind)
201 : {
202 0 : case 0:
203 0 : break;
204 21 : case 1:
205 21 : newuser = argv[optind];
206 21 : break;
207 1 : default:
208 1 : pg_log_error("too many command-line arguments (first is \"%s\")",
209 : argv[optind + 1]);
210 1 : pg_log_error_hint("Try \"%s --help\" for more information.", progname);
211 1 : exit(1);
212 : }
213 :
214 21 : if (newuser == NULL)
215 : {
216 0 : if (interactive)
217 : {
218 0 : newuser = simple_prompt("Enter name of role to add: ", true);
219 : }
220 : else
221 : {
222 0 : if (getenv("PGUSER"))
223 0 : newuser = getenv("PGUSER");
224 : else
225 0 : newuser = get_user_name_or_exit(progname);
226 : }
227 : }
228 :
229 21 : if (pwprompt)
230 : {
231 : char *pw2;
232 :
233 0 : newpassword = simple_prompt("Enter password for new role: ", false);
234 0 : pw2 = simple_prompt("Enter it again: ", false);
235 0 : if (strcmp(newpassword, pw2) != 0)
236 : {
237 0 : fprintf(stderr, _("Passwords didn't match.\n"));
238 0 : exit(1);
239 : }
240 0 : free(pw2);
241 : }
242 :
243 21 : if (superuser == TRI_DEFAULT)
244 : {
245 14 : if (interactive && yesno_prompt("Shall the new role be a superuser?"))
246 0 : superuser = TRI_YES;
247 : else
248 14 : superuser = TRI_NO;
249 : }
250 :
251 21 : if (superuser == TRI_YES)
252 : {
253 : /* Not much point in trying to restrict a superuser */
254 7 : createdb = TRI_YES;
255 7 : createrole = TRI_YES;
256 : }
257 :
258 21 : if (createdb == TRI_DEFAULT)
259 : {
260 14 : if (interactive && yesno_prompt("Shall the new role be allowed to create databases?"))
261 0 : createdb = TRI_YES;
262 : else
263 14 : createdb = TRI_NO;
264 : }
265 :
266 21 : if (createrole == TRI_DEFAULT)
267 : {
268 13 : if (interactive && yesno_prompt("Shall the new role be allowed to create more new roles?"))
269 0 : createrole = TRI_YES;
270 : else
271 13 : createrole = TRI_NO;
272 : }
273 :
274 21 : if (bypassrls == TRI_DEFAULT)
275 19 : bypassrls = TRI_NO;
276 :
277 21 : if (replication == TRI_DEFAULT)
278 20 : replication = TRI_NO;
279 :
280 21 : if (inherit == TRI_DEFAULT)
281 21 : inherit = TRI_YES;
282 :
283 21 : if (login == TRI_DEFAULT)
284 20 : login = TRI_YES;
285 :
286 21 : cparams.dbname = NULL; /* this program lacks any dbname option... */
287 21 : cparams.pghost = host;
288 21 : cparams.pgport = port;
289 21 : cparams.pguser = username;
290 21 : cparams.prompt_password = prompt_password;
291 21 : cparams.override_dbname = NULL;
292 :
293 21 : conn = connectMaintenanceDatabase(&cparams, progname, echo);
294 :
295 21 : setFmtEncoding(PQclientEncoding(conn));
296 :
297 21 : initPQExpBuffer(&sql);
298 :
299 21 : printfPQExpBuffer(&sql, "CREATE ROLE %s", fmtId(newuser));
300 21 : if (newpassword)
301 : {
302 : char *encrypted_password;
303 :
304 0 : appendPQExpBufferStr(&sql, " PASSWORD ");
305 :
306 0 : encrypted_password = PQencryptPasswordConn(conn,
307 : newpassword,
308 : newuser,
309 : NULL);
310 0 : if (!encrypted_password)
311 0 : pg_fatal("password encryption failed: %s",
312 : PQerrorMessage(conn));
313 0 : appendStringLiteralConn(&sql, encrypted_password, conn);
314 0 : PQfreemem(encrypted_password);
315 : }
316 21 : if (superuser == TRI_YES)
317 7 : appendPQExpBufferStr(&sql, " SUPERUSER");
318 21 : if (superuser == TRI_NO)
319 14 : appendPQExpBufferStr(&sql, " NOSUPERUSER");
320 21 : if (createdb == TRI_YES)
321 7 : appendPQExpBufferStr(&sql, " CREATEDB");
322 21 : if (createdb == TRI_NO)
323 14 : appendPQExpBufferStr(&sql, " NOCREATEDB");
324 21 : if (createrole == TRI_YES)
325 8 : appendPQExpBufferStr(&sql, " CREATEROLE");
326 21 : if (createrole == TRI_NO)
327 13 : appendPQExpBufferStr(&sql, " NOCREATEROLE");
328 21 : if (inherit == TRI_YES)
329 21 : appendPQExpBufferStr(&sql, " INHERIT");
330 21 : if (inherit == TRI_NO)
331 0 : appendPQExpBufferStr(&sql, " NOINHERIT");
332 21 : if (login == TRI_YES)
333 20 : appendPQExpBufferStr(&sql, " LOGIN");
334 21 : if (login == TRI_NO)
335 1 : appendPQExpBufferStr(&sql, " NOLOGIN");
336 21 : if (replication == TRI_YES)
337 1 : appendPQExpBufferStr(&sql, " REPLICATION");
338 21 : if (replication == TRI_NO)
339 20 : appendPQExpBufferStr(&sql, " NOREPLICATION");
340 21 : if (bypassrls == TRI_YES)
341 1 : appendPQExpBufferStr(&sql, " BYPASSRLS");
342 21 : if (bypassrls == TRI_NO)
343 20 : appendPQExpBufferStr(&sql, " NOBYPASSRLS");
344 21 : if (conn_limit >= -1)
345 0 : appendPQExpBuffer(&sql, " CONNECTION LIMIT %d", conn_limit);
346 21 : if (pwexpiry != NULL)
347 : {
348 1 : appendPQExpBufferStr(&sql, " VALID UNTIL ");
349 1 : appendStringLiteralConn(&sql, pwexpiry, conn);
350 : }
351 21 : if (roles.head != NULL)
352 : {
353 : SimpleStringListCell *cell;
354 :
355 3 : appendPQExpBufferStr(&sql, " IN ROLE ");
356 :
357 6 : for (cell = roles.head; cell; cell = cell->next)
358 : {
359 3 : if (cell->next)
360 0 : appendPQExpBuffer(&sql, "%s,", fmtId(cell->val));
361 : else
362 3 : appendPQExpBufferStr(&sql, fmtId(cell->val));
363 : }
364 : }
365 21 : if (members.head != NULL)
366 : {
367 : SimpleStringListCell *cell;
368 :
369 2 : appendPQExpBufferStr(&sql, " ROLE ");
370 :
371 5 : for (cell = members.head; cell; cell = cell->next)
372 : {
373 3 : if (cell->next)
374 1 : appendPQExpBuffer(&sql, "%s,", fmtId(cell->val));
375 : else
376 2 : appendPQExpBufferStr(&sql, fmtId(cell->val));
377 : }
378 : }
379 21 : if (admins.head != NULL)
380 : {
381 : SimpleStringListCell *cell;
382 :
383 2 : appendPQExpBufferStr(&sql, " ADMIN ");
384 :
385 5 : for (cell = admins.head; cell; cell = cell->next)
386 : {
387 3 : if (cell->next)
388 1 : appendPQExpBuffer(&sql, "%s,", fmtId(cell->val));
389 : else
390 2 : appendPQExpBufferStr(&sql, fmtId(cell->val));
391 : }
392 : }
393 :
394 21 : appendPQExpBufferChar(&sql, ';');
395 :
396 21 : if (echo)
397 0 : printf("%s\n", sql.data);
398 21 : result = PQexec(conn, sql.data);
399 :
400 21 : if (PQresultStatus(result) != PGRES_COMMAND_OK)
401 : {
402 1 : pg_log_error("creation of new role failed: %s", PQerrorMessage(conn));
403 1 : PQfinish(conn);
404 1 : exit(1);
405 : }
406 :
407 20 : PQclear(result);
408 20 : PQfinish(conn);
409 20 : exit(0);
410 : }
411 :
412 :
413 : static void
414 1 : help(const char *progname)
415 : {
416 1 : printf(_("%s creates a new PostgreSQL role.\n\n"), progname);
417 1 : printf(_("Usage:\n"));
418 1 : printf(_(" %s [OPTION]... [ROLENAME]\n"), progname);
419 1 : printf(_("\nOptions:\n"));
420 1 : printf(_(" -a, --with-admin=ROLE ROLE will be a member of new role with admin\n"
421 : " option\n"));
422 1 : printf(_(" -c, --connection-limit=N connection limit for role (default: no limit)\n"));
423 1 : printf(_(" -d, --createdb role can create new databases\n"));
424 1 : printf(_(" -D, --no-createdb role cannot create databases (default)\n"));
425 1 : printf(_(" -e, --echo show the commands being sent to the server\n"));
426 1 : printf(_(" -g, --member-of=ROLE new role will be a member of ROLE\n"));
427 1 : printf(_(" --role=ROLE (same as --member-of, deprecated)\n"));
428 1 : printf(_(" -i, --inherit role inherits privileges of roles it is a\n"
429 : " member of (default)\n"));
430 1 : printf(_(" -I, --no-inherit role does not inherit privileges\n"));
431 1 : printf(_(" -l, --login role can login (default)\n"));
432 1 : printf(_(" -L, --no-login role cannot login\n"));
433 1 : printf(_(" -m, --with-member=ROLE ROLE will be a member of new role\n"));
434 1 : printf(_(" -P, --pwprompt assign a password to new role\n"));
435 1 : printf(_(" -r, --createrole role can create new roles\n"));
436 1 : printf(_(" -R, --no-createrole role cannot create roles (default)\n"));
437 1 : printf(_(" -s, --superuser role will be superuser\n"));
438 1 : printf(_(" -S, --no-superuser role will not be superuser (default)\n"));
439 1 : printf(_(" -v, --valid-until=TIMESTAMP\n"
440 : " password expiration date and time for role\n"));
441 1 : printf(_(" -V, --version output version information, then exit\n"));
442 1 : printf(_(" --interactive prompt for missing role name and attributes rather\n"
443 : " than using defaults\n"));
444 1 : printf(_(" --bypassrls role can bypass row-level security (RLS) policy\n"));
445 1 : printf(_(" --no-bypassrls role cannot bypass row-level security (RLS) policy\n"
446 : " (default)\n"));
447 1 : printf(_(" --replication role can initiate replication\n"));
448 1 : printf(_(" --no-replication role cannot initiate replication (default)\n"));
449 1 : printf(_(" -?, --help show this help, then exit\n"));
450 1 : printf(_("\nConnection options:\n"));
451 1 : printf(_(" -h, --host=HOSTNAME database server host or socket directory\n"));
452 1 : printf(_(" -p, --port=PORT database server port\n"));
453 1 : printf(_(" -U, --username=USERNAME user name to connect as (not the one to create)\n"));
454 1 : printf(_(" -w, --no-password never prompt for password\n"));
455 1 : printf(_(" -W, --password force password prompt\n"));
456 1 : printf(_("\nReport bugs to <%s>.\n"), PACKAGE_BUGREPORT);
457 1 : printf(_("%s home page: <%s>\n"), PACKAGE_NAME, PACKAGE_URL);
458 1 : }
|
