Received: from malur.postgresql.org ([217.196.149.56])
	by arkaria.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1uTnx6-00AB5f-1T
	for pgsql-general@arkaria.postgresql.org; Mon, 23 Jun 2025 20:39:40 +0000
Received: from localhost ([127.0.0.1] helo=malur.postgresql.org)
	by malur.postgresql.org with esmtp (Exim 4.94.2)
	(envelope-from <pgsql-general-owner+archive@lists.postgresql.org>)
	id 1uTnx4-006VBr-44
	for pgsql-general@arkaria.postgresql.org; Mon, 23 Jun 2025 20:39:38 +0000
Received: from magus.postgresql.org ([2a02:c0:301:0:ffff::29])
	by malur.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.94.2)
	(envelope-from <cb@df7cb.de>)
	id 1uTnx3-006VBj-PU
	for pgsql-general@lists.postgresql.org; Mon, 23 Jun 2025 20:39:38 +0000
Received: from mout-p-201.mailbox.org ([2001:67c:2050:0:465::201])
	by magus.postgresql.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
	(Exim 4.96)
	(envelope-from <cb@df7cb.de>)
	id 1uTnx2-003hal-0f
	for pgsql-general@lists.postgresql.org;
	Mon, 23 Jun 2025 20:39:38 +0000
Received: from smtp2.mailbox.org (smtp2.mailbox.org [10.196.197.2])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	by mout-p-201.mailbox.org (Postfix) with ESMTPS id 4bR0LV5bBtz9sdT;
	Mon, 23 Jun 2025 22:39:30 +0200 (CEST)
Date: Mon, 23 Jun 2025 22:39:29 +0200
From: Christoph Berg <myon@debian.org>
To: raphi <raphi@crashdump.ch>
Cc: pgsql-general@lists.postgresql.org
Subject: Re: password rules
Message-ID: <aFm7gfHStOjSWx-p@msg.df7cb.de>
References: <65b65e9f-b4b0-4927-b872-d24dff11449b@crashdump.ch>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <65b65e9f-b4b0-4927-b872-d24dff11449b@crashdump.ch>
List-Id: <pgsql-general.lists.postgresql.org>
List-Help: <https://lists.postgresql.org/manage/>
List-Subscribe: <https://lists.postgresql.org/manage/>
List-Post: <mailto:pgsql-general@lists.postgresql.org>
List-Owner: <mailto:pgsql-general-owner@lists.postgresql.org>
List-Archive: <https://www.postgresql.org/list/pgsql-general>
Archived-At: <https://www.postgresql.org/message-id/aFm7gfHStOjSWx-p%40msg.df7cb.de>
Precedence: bulk

Re: raphi
> Sorry for this rather long (first) email on this list but I feel like I had
> to explain our usecase and why LDAP is not always as simple as adding a line
> to hba.conf.

Did you give the "pam" method a try? There are PAM modules for all
sorts of password checks.

Christoph