Home > mailing lists

Re: pg_upgrade: warn about roles with md5 passwords - Mailing list pgsql-hackers

From	Nathan Bossart
Subject	Re: pg_upgrade: warn about roles with md5 passwords
Date	June 3 17:12:33
Msg-id	aD8C0ZSIxPDvcLi5@nathan Whole thread Raw
In response to	Re: pg_upgrade: warn about roles with md5 passwords (Jeff Davis <pgsql@j-davis.com>)
Responses	Re: pg_upgrade: warn about roles with md5 passwords
List	pgsql-hackers

Tree view

On Tue, Jun 03, 2025 at 01:38:49PM +0900, Michael Paquier wrote:
> I'm not sure that this is necessary.  Only requiring one to use
> --retain sounds kind of enough to me.

Yeah, maybe we should just leave it alone for now.

> Saying that, warning users if they have MD5 passwords is a good idea,
> because we would already have the code in place to flip it to an error
> once/if MD5 is entirely removed.  An upgrade failure retains the log
> and dump folders around, meaning that users would be able to know the
> list of users all the time.

Right.  I'll bring this up with the others on the RMT today.

-- 
nathan

pgsql-hackers by date:

From: Bruce Momjian
Date: 03 June, 17:11:28
Subject: Re: pg18: Virtual generated columns are not (yet) safe when superuser selects from them

From: Heikki Linnakangas
Date: 03 June, 17:25:09
Subject: Re: pg_upgrade: warn about roles with md5 passwords

Re: pg_upgrade: warn about roles with md5 passwords - Mailing list pgsql-hackers

Previous

Next