Re: Valid until

On 5/18/24 02:37, Rama Krishnan wrote:

Reply to list also.
Ccing list.
>
>
> Please find the details below
>
>
> ```
> postgres=# \du
>                               List of roles
>  Role name  |                         Attributes
> ------------+------------------------------------------------------------
>  pgbackrest | Replication
>  postgres   | Superuser, Create role, Create DB, Replication, Bypass RLS
>  test       | Password valid until 2023-05-13 00:00:00+00
>  user_name  | Password valid until 2024-05-13 00:00:00+00
>
> postgres=# show timezone;
>  TimeZone
> ----------
>  UTC
> (1 row)
>
> postgres=# select version();
>                                                  version
> ---------------------------------------------------------------------------------------------------------
>  PostgreSQL 16.2 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 8.5.0
> 20210514 (Red Hat 8.5.0-20), 64-bit
> (1 row)
>
> postgres=# \q
> [postgres(at)postgres16 log]$ psql -U username -d postgres
> psql: error: connection to server on socket
> "/run/postgresql/.s.PGSQL.5432" failed: FATAL:  role "username" does not
> exist
> [postgres(at)postgres16 log]$ psql -U user_name -d postgres
> psql (16.2)
> Type "help" for help.
> ```
>
> Regards
>
> A.Rama Krishnan
>
>
> On Tue, May 14, 2024 at 8:57 PM Adrian Klaver <adrian(dot)klaver(at)aklaver(dot)com
> <mailto:adrian(dot)klaver(at)aklaver(dot)com>> wrote:
>
> On 5/14/24 00:57, Rama Krishnan wrote:
> > Hi team,
> >
> > I have a question about the "valid until" parameter in the
> "create role"
> > command.
> >
> > I recently set a user's password validity to "2024-05-13", but
> despite
> > this, the user is still able to connect to the database. Is this
> a bug,
> > or is the "valid until" parameter just for identification purposes,
> > indicating when the password will expire?
> >
> > Could you please clarify this for me?
>
> https://www.postgresql.org/docs/current/sql-createrole.html
> <https://www.postgresql.org/docs/current/sql-createrole.html>
>
> "
> VALID UNTIL 'timestamp'
>
>      The VALID UNTIL clause sets a date and time after which the
> role's
> password is no longer valid. If this clause is omitted the password
> will
> be valid for all time.
> "
>
> When did the user log in?
>
> What is the TimeZone setting in the database?
>
> >
> >
> > Thanks
> >
> > Ram
>
> --
> Adrian Klaver
> adrian(dot)klaver(at)aklaver(dot)com <mailto:adrian(dot)klaver(at)aklaver(dot)com>
>

--
Adrian Klaver
adrian(dot)klaver(at)aklaver(dot)com