Postgresql-9.5
在 PostgreSQL 中將密碼到期日期重置為 NULL
我們正在清理/標準化系統上的數據庫使用者/應用程序帳戶,這些帳戶混合了由不同個人在不同時間使用不同命令創建的帳戶。
我們有一種情況,對於某些帳戶,密碼到期日期屬性已明確設置為無窮大,而對於某些帳戶,則沒有:
postgres=# \du+ List of roles Role name | Attributes | Member of | Description ------------------+------------------------------------------------------------+-----------+----------------------------------------------------------------------------------------- user_1 | | {} | user_2 | | {} | user_3 | Password valid until infinity | {} | user_4 | Password valid until infinity | {} |以便:
postgres=# SELECT * FROM pg_shadow; usename | usesysid | usecreatedb | usesuper | userepl | usebypassrls | passwd | valuntil | useconfig ---------------+----------+-------------+----------+---------+--------------+-------------------------------------+----------+----------- user_1 | 12345 | f | f | f | f | md5_foo | | user_2 | 12346 | f | f | f | f | md5_foo | | user_3 | 12347 | f | f | f | f | md5_bar | infinity | user_4 | 12348 | f | f | f | f | md5_bar | infinity | (4 rows)和:
postgres=# SELECT * FROM pg_roles; rolname | rolsuper | rolinherit | rolcreaterole | rolcreatedb | rolcanlogin | rolreplication | rolconnlimit | rolpassword | rolvaliduntil | rolbypassrls | rolconfig | oid ---------------+----------+------------+---------------+-------------+-------------+----------------+--------------+-------------+---------------+--------------+-----------+------- user_1 | f | f | f | f | t | f | -1 | ******** | | f | | 12345 user_1 | f | f | f | f | t | f | -1 | ******** | | f | | 12346 user_1 | f | f | f | f | t | f | -1 | ******** | infinity | f | | 12347 user_1 | f | f | f | f | t | f | -1 | ******** | infinity | f | | 12348 (4 rows)例如:
user_1並且user_2創建於:CREATE USER user_1/2 WITH ENCRYPTED PASSWORD 'foo';而
user_3anduser_4是用以下方式創建的:CREATE USER user_3/4 WITH ENCRYPTED PASSWORD 'bar' VALID UNTIL 'infinity';我們要重置
VALID UNTIL屬性,以便:postgres=# \du+ List of roles Role name | Attributes | Member of | Description ------------------+------------------------------------------------------------+-----------+----------------------------------------------------------------------------------------- user_1 | | {} | user_2 | | {} | user_3 | | {} | user_4 | | {} |我們嘗試過,但沒有成功:
ALTER ROLE user_1/2 WITH VALID UNTIL NULL;ALTER ROLE user_1/2 WITH VALID UNTIL '';ALTER ROLE user_1/2 WITH VALID UNTIL DEFAULT;所以問題是,是否可以將密碼過期日期角色屬性重置為
NULL/DEFAULT,最好不必重新創建角色?
我們已經能夠將密碼到期日期重置為
NULL:UPDATE pg_authid SET rolvaliduntil = NULL WHERE rolname IN ( SELECT rolname FROM pg_authid WHERE rolvaliduntil IS NOT NULL );這清除
Attributes了user_1/2.