| From: | Heikki Linnakangas <hlinnaka(at)iki(dot)fi> |
|---|---|
| To: | Nathan Bossart <nathandbossart(at)gmail(dot)com>, Michael Paquier <michael(at)paquier(dot)xyz> |
| Cc: | Jeff Davis <pgsql(at)j-davis(dot)com>, pgsql-hackers(at)postgresql(dot)org |
| Subject: | Re: pg_upgrade: warn about roles with md5 passwords |
| Date: | 2025-06-03 14:25:09 |
| Message-ID: | a339d0af-adcc-4ae0-9bae-b700af7fea3d@iki.fi |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
+1 for this, and +1 for doing this still in v18.
On 03/06/2025 17:12, Nathan Bossart wrote:
> On Tue, Jun 03, 2025 at 01:38:49PM +0900, Michael Paquier wrote:
>> I'm not sure that this is necessary. Only requiring one to use
>> --retain sounds kind of enough to me.
>
> Yeah, maybe we should just leave it alone for now.
I have no direct opinion on how the logging should work, but some thoughts:
- It's better to print a warning somewhere, even if you need to use
--retain to see it, than not doing it at all. At least there's a
fighting chance that someone might see it.
- If we're worried about printing a list of users with md5 passwords, we
could just say "there are users with md5 passwords" without naming them.
I'm not too worried though, pg_upgrade has full access to the data anyway.
--
Heikki Linnakangas
Neon (https://neon.tech)
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Mankirat Singh | 2025-06-03 14:30:20 | Re: ABI Compliance Checker GSoC Project |
| Previous Message | Nathan Bossart | 2025-06-03 14:12:33 | Re: pg_upgrade: warn about roles with md5 passwords |