Re: Re : Credcheck extension

public inbox for [email protected]  
help / color / mirror / Atom feed

From: Adrian Klaver <[email protected]>
To: 張宸瑋 <[email protected]>
Cc: [email protected]
Subject: Re: Re : Credcheck extension
Date: Tue, 19 Nov 2024 20:04:02 -0800
Message-ID: <[email protected]> (raw)
In-Reply-To: <CAFsaSDiG9PQXUZZzw2k8TukTKHGDTRK4s6R1wXY-rLUp0NzRcw@mail.gmail.com>
References: <CAFsaSDg3oCwP=Oq7Ej7=PLLHy6_5sUn65LwrQFxw0MvEwm=uAA@mail.gmail.com>
	<[email protected]>
	<CAFsaSDgHR5mNZAsMUP-_y7Dj2bh572pgFNmLjxR5k5CJV-UmkQ@mail.gmail.com>
	<[email protected]>
	<CAFsaSDiG9PQXUZZzw2k8TukTKHGDTRK4s6R1wXY-rLUp0NzRcw@mail.gmail.com>

On 11/19/24 19:01, 張宸瑋 wrote:
> Thank you for your help!After applying the patch, the above issue has 
> been resolved.
> 
>   I have another question: After identifying who is in the banned_role, 
> the GitHub example uses the command SELECT pg_banned_role_reset(); to 
> unlock everyone. I would like to know if there is a way to unlock a 
> specific individual rather than unlocking everyone.

It's in the docs:

https://github.com/hexacluster/credcheck?tab=readme-ov-file#examples

Authentication failure ban

"A superuser can also reset the content of the banned user cache by 
calling a function named public.pg_banned_role_reset(). If it is called 
without an argument, all the banned cache will be cleared. To only 
remove the record registered for a single user, just pass his name as 
parameter. This function returns the number of records removed from the 
cache. A restart of PostgreSQL also clear the cache."

I would suggest reading the entire documentation.

> 
> Adrian Klaver <[email protected] 
> <mailto:[email protected]>>於 2024年11月20日 週三，上午12:25寫道：
> 
>     On 11/19/24 00:40, 張宸瑋 wrote:
>      > Sorry for the inconvenience, but I used make and make install to
>     build
>      > the credcheck--2.8.0.sql sources zip file. I would like to ask
>     how I can
>      > update and apply the changes to the system, as I modified the
>     files in
>      > credcheck/test/expected/06_reuse_interval.out and
>      > credcheck/test/sql/06_reuse_interval.sql. However, after running
>     make
>      > and make install again, I don’t see any changes.
> 
>     Pretty sure you need to do:
> 
>     make clean
> 
>     first, then the rest of the install process.
> 
>     That process is shown here:
> 
>     https://github.com/hexacluster/credcheck?tab=readme-ov-file#installation <https://github.com/hexacluster/credcheck?tab=readme-ov-file#installation;
> 
> 
>      >
>      >
>      > Adrian Klaver <[email protected]
>     <mailto:[email protected]>
>      > <mailto:[email protected]
>     <mailto:[email protected]>>>於 2024年11月18日 週一，下午
>     11:15寫道：
>      >
>      >     On 11/18/24 01:03, 張宸瑋 wrote:
>      >      > Hello!
>      >      >    I would like to inquire about the installation of the
>     credcheck
>      >      > third-party package to support password complexity and
>     expiration
>      >     date,
>      >      > etc., when setting up open-source PostgreSQL. I am using the
>      >      > credcheck--2.8.0.sql version from GitHub. After completing the
>      >     setup, I
>      >      > encountered the following issue: when an account exceeds the
>      >     configured
>      >      > number of incorrect login attempts, it gets locked. The
>     command
>      >     SELECT *
>      >      > FROM pg_banned_role; should display the columns roleid,
>      >     failure_count,
>      >      > and banned_date, and the view is working properly and
>     shows the
>      >      > information. However, according to the example, the roleid
>     does not
>      >      > correctly display the corresponding oid for the account
>     with failed
>      >      > login attempts. I would like to ask if there is a solution
>     for this
>      >      > issue. Thank you!
>      >
>      >     Have you looked a?:
>      >
>      > https://github.com/HexaCluster/credcheck/issues/39
>     <https://github.com/HexaCluster/credcheck/issues/39;
>      >     <https://github.com/HexaCluster/credcheck/issues/39
>     <https://github.com/HexaCluster/credcheck/issues/39>;
>      >
>      >     --
>      >     Adrian Klaver
>      > [email protected] <mailto:[email protected]>
>     <mailto:[email protected] <mailto:[email protected]>>
>      >
> 
>     -- 
>     Adrian Klaver
>     [email protected] <mailto:[email protected]>
> 

-- 
Adrian Klaver
[email protected]

view thread (5+ messages)  latest in thread

reply

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Reply to all the recipients using the --to and --cc options:
  reply via email

  To: [email protected]
  Cc: [email protected], [email protected], [email protected]
  Subject: Re: Re : Credcheck extension
  In-Reply-To: <[email protected]>

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox