Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1tCyES-00EruU-CH
	for pgsql-general@arkaria.postgresql.org; Mon, 18 Nov 2024 09:39:43 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1tCyEP-0041Tx-SB
	for pgsql-general@arkaria.postgresql.org; Mon, 18 Nov 2024 09:39:42 +0000
Received: from makus.postgresql.org ([2001:4800:3e1:1::229])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <rjuju123@gmail.com>)
	id 1tCyBJ-003xcg-A5
	for pgsql-general@lists.postgresql.org; Mon, 18 Nov 2024 09:36:29 +0000
Received: from mail-lf1-x135.google.com ([2a00:1450:4864:20::135])
	by makus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.94.2)
	(envelope-from <rjuju123@gmail.com>)
	id 1tCyBH-002Ugv-9r
	for pgsql-general@lists.postgresql.org; Mon, 18 Nov 2024 09:36:28 +0000
Received: by mail-lf1-x135.google.com with SMTP id 2adb3069b0e04-539ee1acb86so1472330e87.0
        for <pgsql-general@lists.postgresql.org>; Mon, 18 Nov 2024 01:36:27 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1731922585; x=1732527385; darn=lists.postgresql.org;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:from:to:cc:subject:date
         :message-id:reply-to;
        bh=RjHT25ljhsNg7vkGv2g4Q0sgfZb3apowv/DlhX++43U=;
        b=mhJMvIT4PrypmMsztBsbMN7oXyDKF8y4Z98XCMEQYtaLQigS5jW6aptSwKoITeGbAn
         +Fb4CgpMSF2WF8LtXnQzldNuA5qP831UBPU18ErYH/aQdNSWOhrhrj5iOWWa6OoLdKgp
         2HS2/ohxtiotGU2GhkGLplD9ixTJ7Yzaf7SvLoDdQ0KPxb5gGmmLkt63ucpbuSvrnNOS
         /U6hxfq+iDDZ6F3YXqP+AOFF5IAtMihYTDz8vSndA5bx+BtgbWWtLqLab8kgsHXrJKGy
         a4T42FmQiLz329wUpyKiEG//mHGcu2v6IWv7uBLTlpYFH6xk4rKrVqPPNLtNAHDOm7ks
         36+A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1731922585; x=1732527385;
        h=content-transfer-encoding:cc:to:subject:message-id:date:from
         :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc
         :subject:date:message-id:reply-to;
        bh=RjHT25ljhsNg7vkGv2g4Q0sgfZb3apowv/DlhX++43U=;
        b=qThdoQWA9GJ6c4w0r5tVhMTUbkCywa9yr1RxLlWiucWFMWuOQOw3dIW9EJREgwwZYr
         tKcusimM8czMQblpgCvTMCFE51YM+UILbIcgbOln6NWYnO46CZ3MKV14yfgUDci8Fj2r
         OBOA9Pr35oSEGnmUdT7nv0j57STkR40NN6wgYb/dTpJsoU7VO5kkl8T3Ddgh5iA8UKhG
         yRj3jMvdG5fBQsP4ysG+HTfXKjymYpm+8G6PU3bSsAeDY/rXE/clqr1M4klytfKUH+TV
         k/1LtgPeGdO9agZxWNbK/61WQqUqxw3ZSGFK7DO/65pBt2cDIZn5b1i9ebVc2v/W45xc
         NGdw==
X-Gm-Message-State: AOJu0YxtJ3YBlJ/cKNoJnNYWlzLpFD/cD9Tt1c1fXzyJZSZKwrkuyzv4
	Ef1JteOIwAVCyXJZ9zESl6GYNyscUuUUQ8CJbt41N05AFkxPGxxokfEkXiXKaV69mcBfUHf1nXt
	7lmsLIF9GrtyXJkd5cUZ+xjWxOXQ=
X-Google-Smtp-Source: AGHT+IG77SCDTJZuM2Y3mGFFGk3MuTAh4Yku5l+2KJPbBQ6HLA2ZztESyJkWU3dw8uQs0apie7hr+v/6TzunqxhfUsw=
X-Received: by 2002:a05:6512:3b85:b0:53d:a024:fb81 with SMTP id
 2adb3069b0e04-53dab29ad68mr4789610e87.18.1731922584470; Mon, 18 Nov 2024
 01:36:24 -0800 (PST)
MIME-Version: 1.0
References: <CAFsaSDg3oCwP=Oq7Ej7=PLLHy6_5sUn65LwrQFxw0MvEwm=uAA@mail.gmail.com>
In-Reply-To: <CAFsaSDg3oCwP=Oq7Ej7=PLLHy6_5sUn65LwrQFxw0MvEwm=uAA@mail.gmail.com>
From: Julien Rouhaud <rjuju123@gmail.com>
Date: Mon, 18 Nov 2024 17:36:13 +0800
Message-ID: <CAOBaU_YVmXtv1AtunhmmOPb1yCsvBeoeiM2+2ZgL=ZsKZfrjgg@mail.gmail.com>
Subject: Re: Re : Credcheck extension
To: =?UTF-8?B?5by15a6455GL?= <kenny020307@gmail.com>
Cc: pgsql-general@lists.postgresql.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/CAOBaU_YVmXtv1AtunhmmOPb1yCsvBeoeiM2%2B2ZgL%3DZsKZfrjgg%40mail.gmail.com>
Precedence: bulk

Hi,

On Mon, Nov 18, 2024 at 5:03=E2=80=AFPM =E5=BC=B5=E5=AE=B8=E7=91=8B <kenny0=
20307@gmail.com> wrote:
>
> Hello!
>   I would like to inquire about the installation of the credcheck third-p=
arty package to support password complexity and expiration date, etc., when=
 setting up open-source PostgreSQL. I am using the credcheck--2.8.0.sql ver=
sion from GitHub. After completing the setup, I encountered the following i=
ssue: when an account exceeds the configured number of incorrect login atte=
mpts, it gets locked. The command SELECT * FROM pg_banned_role; should disp=
lay the columns roleid, failure_count, and banned_date, and the view is wor=
king properly and shows the information. However, according to the example,=
 the roleid does not correctly display the corresponding oid for the accoun=
t with failed login attempts. I would like to ask if there is a solution fo=
r this issue. Thank you!

I did a quick test locally and as far as I can see it seems to work as expe=
cted:

$ psql -U bob postgres
Password for user bob:
psql: error: connection to server at "127.0.0.1", port 11035 failed:
FATAL:  password authentication failed for user "bob"

$ psql -U postgres -c "SELECT roleid::regrole, * from pg_banned_role"
 roleid | roleid | failure_count | banned_date
--------+--------+---------------+-------------
 bob    | 750815 |             1 | <NULL>
(1 row)

If you don't get a similar behavior you should raise an issue to the
author directly on the extension's github repo.