Re: pg_upgrade: warn about roles with md5 passwords

From: Nathan Bossart <nathandbossart(at)gmail(dot)com>
To: Michael Paquier <michael(at)paquier(dot)xyz>
Cc: Jeff Davis <pgsql(at)j-davis(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: pg_upgrade: warn about roles with md5 passwords
Date: 2025-06-03 14:12:33
Message-ID: aD8C0ZSIxPDvcLi5@nathan
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Tue, Jun 03, 2025 at 01:38:49PM +0900, Michael Paquier wrote:
> I'm not sure that this is necessary. Only requiring one to use
> --retain sounds kind of enough to me.

Yeah, maybe we should just leave it alone for now.

> Saying that, warning users if they have MD5 passwords is a good idea,
> because we would already have the code in place to flip it to an error
> once/if MD5 is entirely removed. An upgrade failure retains the log
> and dump folders around, meaning that users would be able to know the
> list of users all the time.

Right. I'll bring this up with the others on the RMT today.

--
nathan

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Heikki Linnakangas 2025-06-03 14:25:09 Re: pg_upgrade: warn about roles with md5 passwords
Previous Message Bruce Momjian 2025-06-03 14:11:28 Re: pg18: Virtual generated columns are not (yet) safe when superuser selects from them