public inbox for [email protected]
help / color / mirror / Atom feedFrom: Gilles Darold <[email protected]>
To: Nathan Bossart <[email protected]>
Cc: Zsolt Parragi <[email protected]>
Cc: Japin Li <[email protected]>
Cc: Yuefei Shi <[email protected]>
Cc: songjinzhou <[email protected]>
Cc: PostgreSQL Hackers <[email protected]>
Cc: Andrew Dunstan <[email protected]>
Cc: Tom Lane <[email protected]>
Cc: liu xiaohui <[email protected]>
Cc: Steven Niu <[email protected]>
Subject: Re: Pasword expiration warning
Date: Mon, 2 Feb 2026 18:43:28 +0100
Message-ID: <[email protected]> (raw)
In-Reply-To: <aYDZA3r3lG2oKc5D@nathan>
References: <CAD43U4WHJm=UkxbfhxQRxQRxtdtu7AGj77uO2fF78THQWCaYTg@mail.gmail.com>
<MEAPR01MB30319B858B3028CA38BEDC5EB682A@MEAPR01MB3031.ausprd01.prod.outlook.com>
<MN2PR15MB30212CEFE2F8B93C398FBF60A782A@MN2PR15MB3021.namprd15.prod.outlook.com>
<MEAPR01MB30319C7BB75B88028E1DB7E1B682A@MEAPR01MB3031.ausprd01.prod.outlook.com>
<[email protected]>
<CAN4CZFMBj-mZq_o8BtQz_TgqDTALbn31kc-SFtWE4FR1N-4RBw@mail.gmail.com>
<MEAPR01MB3031CF12043573A245D931AAB69EA@MEAPR01MB3031.ausprd01.prod.outlook.com>
<CAN4CZFP4AGeO-AynwE3e62XOKqaYnXtcGT1qfj=6nw2t5FOXwA@mail.gmail.com>
<aXuehKtwtUXWVFYp@nathan>
<[email protected]>
<aYDZA3r3lG2oKc5D@nathan>
Le 02/02/2026 à 18:04, Nathan Bossart a écrit :
> On Fri, Jan 30, 2026 at 12:33:54PM +0100, Gilles Darold wrote:
>> Here a new v12 version of the patch. Changes are the following:
> Thanks. I spent some time preparing this for commit, and I came up with
> the attached. Notable changes include:
>
> * Renamed the parameter to password_expiration_warning_threshold. It's a
> mouthful, but I thought it was more descriptive.
>
> * Changed the units for the parameter to minutes. I can't imagine anyone
> needs more granularity than hours or days, let alone seconds, so IMO
> minutes is a good middle ground.
>
> * I added a new "connection warnings" infrastructure that we can reuse
> if/when we want to emit warnings for MD5 passwords.
>
> * Moved the warning messages to Port. ClientConnectionInfo appears to be
> meant only for parallel workers, and I don't think we will ever want to
> emit connection warnings there.
>
> * Moved the tests into 001_password.pl. I'm a bit concerned about these
> tests being flaky, but I've tried setting the VALID UNTIL dates to make
> spurious failures virtually impossible.
>
> WDYT?
Thanks Nathan, I'm comfortable with all the changes except the first two.
I think configuration name password_expiration_warning_threshold is too
long, why not only password_warning_threshold? I think the description
is here to explain more the configuration directive.
About the unit, I think using minutes is useless. It should be set in
days to be really useful but like all other time based directives it can
be set in seconds, minutes or hours too. This give the user the
granularity he wants. The common use will be to set it using 'Nd' syntax
but if someone wants to use 'Ns' syntax, it can be done.
--
Gilles Darold
http://www.darold.net/
view thread (27+ messages) latest in thread
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected], [email protected]
Subject: Re: Pasword expiration warning
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox