Re: Valid until - Mailing list pgsql-general
| From | Adrian Klaver |
|---|---|
| Subject | Re: Valid until |
| Date | |
| Msg-id | 30b136fe-2b04-4251-96ea-0faf60acd5bf@aklaver.com Whole thread Raw |
| In response to | Valid until (Rama Krishnan <raghuldrag@gmail.com>) |
| List | pgsql-general |
On 5/18/24 03:09, Rama Krishnan wrote: Reply to list also. Ccing list > > Hi Adrian, > > I have modified the pg_hba entry from trust to md5 like below > > ``` > local all all md5 That would be the issue. trust ignores the password check. > > ``` > > > When i have tired with postgres user I am able to connect Which is expected as postgres does not have a 'valid until' restriction. > > > [postgres@postgres16 data]$ psql -U postgres -d postgres > Password for user postgres: > psql (16.2) > Type "help" for help. > > > > postgres=# \du > List of roles > Role name | Attributes > ------------+------------------------------------------------------------ > pgbackrest | Replication > postgres | Superuser, Create role, Create DB, Replication, Bypass RLS > test | Password valid until 2023-05-13 00:00:00+00 > user_name | Password valid until 2024-05-13 00:00:00+00 > > > > But when i tried with test or user_name user even though I am passing > the correct value I am getting this error Again as expected as the 'valid until' timestamp is in the past. > > > ``` > [postgres@postgres16 data]$ psql -U test -d postgres > Password for user test: > psql: error: connection to server on socket > "/run/postgresql/.s.PGSQL.5432" failed: FATAL: password authentication > failed for user "test" > > postgres=# \c postgres user_name > Password for user user_name: > connection to server on socket "/run/postgresql/.s.PGSQL.5432" failed: > FATAL: password authentication failed for user "user_name" > > ``` > > Once i done the changes the valid until expiration date > > ``` > > postgres=# alter user test VALID UNTIL '2024-05-19'; > ALTER ROLE > > postgres=> \du > List of roles > Role name | Attributes > ------------+------------------------------------------------------------ > pgbackrest | Replication > postgres | Superuser, Create role, Create DB, Replication, Bypass RLS > test | Password valid until 2024-05-19 00:00:00+00 > user_name | Password valid until 2024-05-13 00:00:00+00 > ``` > > Finally it allows to connect test Which is correct as the 'valid until' timestamp is in the future. > > ``` > > [postgres@postgres16 data]$ psql -d postgres -U test > Password for user test: > psql (16.2) > > ``` > > I believe this is a expected output of validunitl , Please correct me if > i m wrong The behavior is as referenced in the documentation: https://www.postgresql.org/docs/current/sql-createrole.html VALID UNTIL 'timestamp' The VALID UNTIL clause sets a date and time after which the role's password is no longer valid. If this clause is omitted the password will be valid for all time. > > > Regards > > A.Rama Krishnan > -- Adrian Klaver adrian.klaver@aklaver.com
pgsql-general by date: