Re: Re : Credcheck extension - Mailing list pgsql-general
| From | 張宸瑋 |
|---|---|
| Subject | Re: Re : Credcheck extension |
| Date | |
| Msg-id | CAFsaSDgypXJHFjk4-=C+WCeTUXmqJH8mwrF=Kiz+Wxt-wKccJw@mail.gmail.com Whole thread Raw |
| In response to | Re: Re : Credcheck extension (Adrian Klaver <adrian.klaver@aklaver.com>) |
| List | pgsql-general |
Thank you for your help.Problem solved!
Adrian Klaver <adrian.klaver@aklaver.com>於 2024年11月20日 週三,下午12:04寫道:
On 11/19/24 19:01, 張宸瑋 wrote:
> Thank you for your help!After applying the patch, the above issue has
> been resolved.
>
> I have another question: After identifying who is in the banned_role,
> the GitHub example uses the command SELECT pg_banned_role_reset(); to
> unlock everyone. I would like to know if there is a way to unlock a
> specific individual rather than unlocking everyone.
It's in the docs:
https://github.com/hexacluster/credcheck?tab=readme-ov-file#examples
Authentication failure ban
"A superuser can also reset the content of the banned user cache by
calling a function named public.pg_banned_role_reset(). If it is called
without an argument, all the banned cache will be cleared. To only
remove the record registered for a single user, just pass his name as
parameter. This function returns the number of records removed from the
cache. A restart of PostgreSQL also clear the cache."
I would suggest reading the entire documentation.
>
> Adrian Klaver <adrian.klaver@aklaver.com
> <mailto:adrian.klaver@aklaver.com>>於 2024年11月20日 週三,上午12:25寫道:
>
> On 11/19/24 00:40, 張宸瑋 wrote:
> > Sorry for the inconvenience, but I used make and make install to
> build
> > the credcheck--2.8.0.sql sources zip file. I would like to ask
> how I can
> > update and apply the changes to the system, as I modified the
> files in
> > credcheck/test/expected/06_reuse_interval.out and
> > credcheck/test/sql/06_reuse_interval.sql. However, after running
> make
> > and make install again, I don’t see any changes.
>
> Pretty sure you need to do:
>
> make clean
>
> first, then the rest of the install process.
>
> That process is shown here:
>
> https://github.com/hexacluster/credcheck?tab=readme-ov-file#installation <https://github.com/hexacluster/credcheck?tab=readme-ov-file#installation>
>
>
> >
> >
> > Adrian Klaver <adrian.klaver@aklaver.com
> <mailto:adrian.klaver@aklaver.com>
> > <mailto:adrian.klaver@aklaver.com
> <mailto:adrian.klaver@aklaver.com>>>於 2024年11月18日 週一,下午
> 11:15寫道:
> >
> > On 11/18/24 01:03, 張宸瑋 wrote:
> > > Hello!
> > > I would like to inquire about the installation of the
> credcheck
> > > third-party package to support password complexity and
> expiration
> > date,
> > > etc., when setting up open-source PostgreSQL. I am using the
> > > credcheck--2.8.0.sql version from GitHub. After completing the
> > setup, I
> > > encountered the following issue: when an account exceeds the
> > configured
> > > number of incorrect login attempts, it gets locked. The
> command
> > SELECT *
> > > FROM pg_banned_role; should display the columns roleid,
> > failure_count,
> > > and banned_date, and the view is working properly and
> shows the
> > > information. However, according to the example, the roleid
> does not
> > > correctly display the corresponding oid for the account
> with failed
> > > login attempts. I would like to ask if there is a solution
> for this
> > > issue. Thank you!
> >
> > Have you looked a?:
> >
> > https://github.com/HexaCluster/credcheck/issues/39
> <https://github.com/HexaCluster/credcheck/issues/39>
> > <https://github.com/HexaCluster/credcheck/issues/39
> <https://github.com/HexaCluster/credcheck/issues/39>>
> >
> > --
> > Adrian Klaver
> > adrian.klaver@aklaver.com <mailto:adrian.klaver@aklaver.com>
> <mailto:adrian.klaver@aklaver.com <mailto:adrian.klaver@aklaver.com>>
> >
>
> --
> Adrian Klaver
> adrian.klaver@aklaver.com <mailto:adrian.klaver@aklaver.com>
>
--
Adrian Klaver
adrian.klaver@aklaver.com
pgsql-general by date: