Re: Valid until

[Adrian Klaver <adrian.klaver@xxxxxxxxxxx>]

On 5/18/24 02:37, Rama Krishnan wrote:

Reply to list also.
Ccing list.
> Please find the details below
>
>
> ```
> postgres=# \du
>                                List of roles
>   Role name  |                         Attributes
> ------------+------------------------------------------------------------
>   pgbackrest | Replication
>   postgres   | Superuser, Create role, Create DB, Replication, Bypass RLS
>   test       | Password valid until 2023-05-13 00:00:00+00
>   user_name  | Password valid until 2024-05-13 00:00:00+00
>
> postgres=# show timezone;
>   TimeZone
> ----------
>   UTC
> (1 row)
>
> postgres=# select version();
>                                                   version
> ---------------------------------------------------------------------------------------------------------
>   PostgreSQL 16.2 on x86_64-pc-linux-gnu, compiled by gcc (GCC) 8.5.0 
> 20210514 (Red Hat 8.5.0-20), 64-bit
> (1 row)
>
> postgres=# \q
> [postgres@postgres16 log]$ psql -U username -d postgres
> psql: error: connection to server on socket 
> "/run/postgresql/.s.PGSQL.5432" failed: FATAL:  role "username" does not 
> exist
> [postgres@postgres16 log]$ psql -U user_name -d postgres
> psql (16.2)
> Type "help" for help.
> ```
>
> Regards
>
> A.Rama Krishnan
>
>
> On Tue, May 14, 2024 at 8:57 PM Adrian Klaver <adrian.klaver@xxxxxxxxxxx 
> <mailto:adrian.klaver@xxxxxxxxxxx>> wrote:
>
>     On 5/14/24 00:57, Rama Krishnan wrote:
>      > Hi team,
>      >
>      > I have a question about the "valid until" parameter in the
>     "create role"
>      > command.
>      >
>      > I recently set a user's password validity to "2024-05-13", but
>     despite
>      > this, the user is still able to connect to the database. Is this
>     a bug,
>      > or is the "valid until" parameter just for identification purposes,
>      > indicating when the password will expire?
>      >
>      > Could you please clarify this for me?
>
>     https://www.postgresql.org/docs/current/sql-createrole.html
>     <https://www.postgresql.org/docs/current/sql-createrole.html>
>
>     "
>     VALID UNTIL 'timestamp'
>
>           The VALID UNTIL clause sets a date and time after which the
>     role's
>     password is no longer valid. If this clause is omitted the password
>     will
>     be valid for all time.
>     "
>
>     When did the user log in?
>
>     What is the TimeZone setting in the database?
>
>      >
>      >
>      > Thanks
>      >
>      > Ram
>
>     -- 
>     Adrian Klaver
>     adrian.klaver@xxxxxxxxxxx <mailto:adrian.klaver@xxxxxxxxxxx>

--
Adrian Klaver
adrian.klaver@xxxxxxxxxxx