public inbox for [email protected]
help / color / mirror / Atom feedFrom: Adrian Klaver <[email protected]>
To: Rama Krishnan <[email protected]>
Cc: pgsql-general <[email protected]>
Subject: Re: Valid until
Date: Sat, 18 May 2024 07:48:02 -0700
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAJWX+ENGyDxxQfDsX5JS4=A4yGi1yY-u8NRYgRFMKqJS2UFF9A@mail.gmail.com>
References: <CAJWX+EOModYYe-LDVP_1zceryEd186u=pcaTE6Sb_9XMtjhWKA@mail.gmail.com>
<[email protected]>
<CAJWX+EPL9pUY2qR0fqyiLgLRj6jkfqzXYZ+rBdrpVsGJBHP13A@mail.gmail.com>
<CAJWX+ENGyDxxQfDsX5JS4=A4yGi1yY-u8NRYgRFMKqJS2UFF9A@mail.gmail.com>
On 5/18/24 03:09, Rama Krishnan wrote:
Reply to list also.
Ccing list
>
> Hi Adrian,
>
> I have modified the pg_hba entry from trust to md5 like below
>
> ```
> local all all md5
That would be the issue. trust ignores the password check.
>
> ```
>
>
> When i have tired with postgres user I am able to connect
Which is expected as postgres does not have a 'valid until' restriction.
>
>
> [postgres@postgres16 data]$ psql -U postgres -d postgres
> Password for user postgres:
> psql (16.2)
> Type "help" for help.
>
>
>
> postgres=# \du
> List of roles
> Role name | Attributes
> ------------+------------------------------------------------------------
> pgbackrest | Replication
> postgres | Superuser, Create role, Create DB, Replication, Bypass RLS
> test | Password valid until 2023-05-13 00:00:00+00
> user_name | Password valid until 2024-05-13 00:00:00+00
>
>
>
> But when i tried with test or user_name user even though I am passing
> the correct value I am getting this error
Again as expected as the 'valid until' timestamp is in the past.
>
>
> ```
> [postgres@postgres16 data]$ psql -U test -d postgres
> Password for user test:
> psql: error: connection to server on socket
> "/run/postgresql/.s.PGSQL.5432" failed: FATAL: password authentication
> failed for user "test"
>
> postgres=# \c postgres user_name
> Password for user user_name:
> connection to server on socket "/run/postgresql/.s.PGSQL.5432" failed:
> FATAL: password authentication failed for user "user_name"
>
> ```
>
> Once i done the changes the valid until expiration date
>
> ```
>
> postgres=# alter user test VALID UNTIL '2024-05-19';
> ALTER ROLE
>
> postgres=> \du
> List of roles
> Role name | Attributes
> ------------+------------------------------------------------------------
> pgbackrest | Replication
> postgres | Superuser, Create role, Create DB, Replication, Bypass RLS
> test | Password valid until 2024-05-19 00:00:00+00
> user_name | Password valid until 2024-05-13 00:00:00+00
> ```
>
> Finally it allows to connect test
Which is correct as the 'valid until' timestamp is in the future.
>
> ```
>
> [postgres@postgres16 data]$ psql -d postgres -U test
> Password for user test:
> psql (16.2)
>
> ```
>
> I believe this is a expected output of validunitl , Please correct me if
> i m wrong
The behavior is as referenced in the documentation:
https://www.postgresql.org/docs/current/sql-createrole.html
VALID UNTIL 'timestamp'
The VALID UNTIL clause sets a date and time after which the role's
password is no longer valid. If this clause is omitted the password will
be valid for all time.
>
>
> Regards
>
> A.Rama Krishnan
>
--
Adrian Klaver
[email protected]
view thread (5+ messages)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected]
Subject: Re: Valid until
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox