Limit pg_upgrade authentication advice to always-secure techniques.

~/.pgpass is a sound choice everywhere, and "peer" authentication is
safe on every platform it supports.  Cease to recommend "trust"
authentication, the safety of which is deeply configuration-specific.
Back-patch to 9.0, where pg_upgrade was introduced.

diff --git a/doc/src/sgml/pgupgrade.sgml b/doc/src/sgml/pgupgrade.sgml
index c628b49d8b1e9ee0ae570ba5188c7c27ac37a275..2a3844984fbaca99b0289e47fc8713d92462e40b 100644 (file)
--- a/doc/src/sgml/pgupgrade.sgml
+++ b/doc/src/sgml/pgupgrade.sgml
@@ -280,10 +280,9 @@ gmake prefix=/usr/local/pgsql.new install
     Adjust authentication
 
     
-     pg_upgrade will connect to the old and new servers several times,
-     so you might want to set authentication to trust
-     or peer in pg_hba.conf, or if using
-     md5 authentication, use a ~/.pgpass file
+     pg_upgrade will connect to the old and new servers several
+     times, so you might want to set authentication to peer
+     in pg_hba.conf or use a ~/.pgpass file
      (see ).
     
    
@@ -390,10 +389,9 @@ pg_upgrade.exe
     Restore <filename>pg_hba.conf</>
 
     
-     If you modified pg_hba.conf to use trust,
-     restore its original authentication settings.  It might also be
-     necessary to adjust other configurations files in the new cluster to
-     match the old cluster, e.g. postgresql.conf.
+     If you modified pg_hba.conf, restore its original settings.
+     It might also be necessary to adjust other configuration files in the new
+     cluster to match the old cluster, e.g. postgresql.conf.