Add new psql command \password for changing role password with client-side

password encryption.  Also alter createuser command to the same effect.

3 files changed, 38 insertions, 3 deletions

diff --git a/doc/src/sgml/ref/alter_role.sgml b/doc/src/sgml/ref/alter_role.sgml
index 7ebd8014f29..641c4ef377c 100644
--- a/doc/src/sgml/ref/alter_role.sgml
+++ b/doc/src/sgml/ref/alter_role.sgml
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/alter_role.sgml,v 1.2 2005/07/31 17:19:17 tgl Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/alter_role.sgml,v 1.3 2005/12/18 02:17:16 petere Exp $
 PostgreSQL documentation
 -->
 
@@ -183,6 +183,16 @@ ALTER ROLE <replaceable class="PARAMETER">name</replaceable> RESET <replaceable>
   </para>
 
   <para>
+   Caution must be exercised when specifying an unencrypted password
+   with this command.  The password will be transmitted to the server
+   in cleartext, and it might also be logged in the client's command
+   history or the server log.  <xref linkend="app-psql"
+   endterm="app-psql-title"> contains a command
+   <command>\password</command> that can be used to safely change a
+   role's password.
+  </para>
+
+  <para>
    It is also possible to tie a
    session default to a specific database rather than to a role; see
    <xref linkend="sql-alterdatabase" endterm="sql-alterdatabase-title">.
diff --git a/doc/src/sgml/ref/create_role.sgml b/doc/src/sgml/ref/create_role.sgml
index 16cd16ef5ac..9af33ce2120 100644
--- a/doc/src/sgml/ref/create_role.sgml
+++ b/doc/src/sgml/ref/create_role.sgml
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/create_role.sgml,v 1.4 2005/11/03 00:51:43 neilc Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/create_role.sgml,v 1.5 2005/12/18 02:17:16 petere Exp $
 PostgreSQL documentation
 -->
 
@@ -357,6 +357,18 @@ where <replaceable class="PARAMETER">option</replaceable> can be:
    connection <quote>slot</> remains for the role, it is possible that
    both will fail.  Also, the limit is never enforced for superusers.
   </para>
+
+  <para>
+   Caution must be exercised when specifying an unencrypted password
+   with this command.  The password will be transmitted to the server
+   in cleartext, and it might also be logged in the client's command
+   history or the server log.  The command <xref
+   linkend="APP-CREATEUSER" endterm="APP-CREATEUSER-title">, however, transmits
+   the password encrypted.  Also, <xref linkend="app-psql"
+   endterm="app-psql-title"> contains a command
+   <command>\password</command> that can be used to safely change the
+   password later.
+  </para>
  </refsect1>
 
  <refsect1>
diff --git a/doc/src/sgml/ref/psql-ref.sgml b/doc/src/sgml/ref/psql-ref.sgml
index 3d6d0a1d7f7..c0c075f11e3 100644
--- a/doc/src/sgml/ref/psql-ref.sgml
+++ b/doc/src/sgml/ref/psql-ref.sgml
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/psql-ref.sgml,v 1.155 2005/12/09 19:19:17 momjian Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/psql-ref.sgml,v 1.156 2005/12/18 02:17:16 petere Exp $
 PostgreSQL documentation
 -->
 
@@ -1380,6 +1380,19 @@ lo_import 152801
 
 
       <varlistentry>
+        <term><literal>\password [ <replaceable class=parameter>username</replaceable> ]</literal>
+        <listitem>
+        <para>
+        Changes the password of the specified user or by default the
+        current user.  This command prompts for the new password,
+        encrypts it, and sends it to the server.  This makes sure that
+        the new password does not appear in the command history, the
+        server log, or elsewhere in cleartext.
+        </para>
+        </listitem>
+      </varlistentry>
+
+      <varlistentry>
         <term><literal>\pset <replaceable class="parameter">parameter</replaceable> [ <replaceable class="parameter">value</replaceable> ]</literal></term>
 
         <listitem>