From 04c9779561f3b3b977d34b441f2126a171f3d9b3 Mon Sep 17 00:00:00 2001
From: Ian Barwick <ian@2ndquadrant.com>
Date: Thu, 31 Aug 2017 15:20:54 +0900
Subject: [PATCH] Add documentation about passwords and recovery.conf

---
 README.md       | 24 ++++++++++++++++++++++++
 repmgr-client.c |  6 ------
 2 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/README.md b/README.md
index c55bc2b1..e950098b 100644
--- a/README.md
+++ b/README.md
@@ -724,6 +724,30 @@ documentation for more details of available options:
 
   https://www.postgresql.org/docs/current/static/app-pgbasebackup.html
 
+### Managing passwords
+
+If replication connections to a standby's upstream server are password-protected,
+the standby must be able to provide the password so it can begin streaming
+replication.
+
+The recommended way to do this is to store the password in the `postgres`
+user's `~/.pgpass` file. It's also possible to store the password in the
+environment variable `PGPASSWORD`, however this is not recommended for
+security reasons. For more details see:
+
+    https://www.postgresql.org/docs/current/static/libpq-pgpass.html
+
+If for whatever reason you wish to include the password in `recovery.conf`,
+set `use_primary_conninfo_password` to `true` in `repmgr.conf`. This
+will read a password set in `PGPASSWORD` (but not `~/.pgpass`) and place
+it into the`primary_conninfo` string in `recovery.conf`. Note that `PGPASSWORD`
+will need to be set during any action which causes `recovery.conf` to be
+rewritten, e.g. `standby follow`.
+
+It is of course also possible to include the password value in the `conninfo`
+string for each node, but this is obviously a security risk and should be
+avoided.
+
 
 Setting up cascading replication with repmgr
 --------------------------------------------
diff --git a/repmgr-client.c b/repmgr-client.c
index b3996b44..ccfbd0b3 100644
--- a/repmgr-client.c
+++ b/repmgr-client.c
@@ -93,8 +93,6 @@ main(int argc, char **argv)
 
 	bool	    help_option = false;
 
-	char *foo = "";
-
 	set_progname(argv[0]);
 
 	/*
@@ -119,10 +117,6 @@ main(int argc, char **argv)
 	 */
 	initialize_conninfo_params(&default_conninfo, true);
 
-/*	foo = param_list_to_string(&default_conninfo);
-	printf("XX '%s'\n", foo);
-	exit(0);*/
-
 	for (c = 0; c < default_conninfo.size && default_conninfo.keywords[c]; c++)
 	{
 		if (strcmp(default_conninfo.keywords[c], "host") == 0 &&