fix name, location of pgpass file

[jberkus]

just a note because I won't get to it in the next couple days: the pgpass file created by patroni is named incorrectly. it needs a leading period.

Also, this pgpass file is automatically created in the working directory from which patroni is called, which isn't necessarily the user's home directory.

[alexeyklyukin]

It works because patroni sets the environment variable PGPASSFILE to point to the new pgpass file. It would be a a poor decision to overwrite user's .pgpass with our credentials.

[jberkus]

OK, that works for the name, but the problem is that pgpass gets dropped in the CWD from which patroni was called, regardless of where that is. This causes some issues:

1. If patroni is called from inside the data directory, that will cause pg_basebackup to fail, because "directory is not empty"
2. if patroni is called from an insecure directory (like /tmp/) then an attacker can subvert the file permissions and capture the passwords.

... so I think it would be a better idea to drop the file in a specific directory, or at least provide that as a config option. No?

[alexeyklyukin]

Yeah, those seem to be good corner cases we haven't covered yet. Would it be better to just write the file to the home directory of the user that launched patroni? After all, it has the same privacy expectations as .pgpass.

[jberkus]

Yeah, that would work, provided that we can know the homedir. We should have some kind of fallback if it's undefined. Also, a config variable for password_directory, I think

[feikesteenbergen]

pgpass is now configurable under postgresql