into PG? My C knowledge is very limited so I
won't be able to provide a patch but I'd be more than happy to test it.
Also, I'll be at the Swiss PGday this week in Rapperswil if someone
wants to discuss this in person ;)
have fun,
raphi
Am 25.06.2025 um 01:20 schrieb Greg Sabino Mullane:
On Mon, Jun 23, 2025 at 2:45 PM raphi wrote:
As of now though we cannot use PG for any PCI/DSS certified
application
because we can't enforce either complexity nor regular password
changes,
You can, and many,
Am 25.06.2025 um 13:55 schrieb Peter J. Holzer:
On 2025-06-23 16:35:35 +0200, raphi wrote:
To be fair, setting up LDAP is very easy in PG, just one line in hba.conf
and all is done. But sadly, that's only where the problems begin. The
difficult part is to embedd this setup into a co
Am 23.06.2025 um 17:05 schrieb Tom Lane:
raphi writes:
We can set a password for a role in PG but there is no way to force a
user to change it, prevent reuse or to enforce some complexity on it. As
I understand, that's by choice and when I ask about this, the usual
answer is "that
Am 23.06.2025 um 22:39 schrieb Christoph Berg:
Re: raphi
Sorry for this rather long (first) email on this list but I feel like I had
to explain our usecase and why LDAP is not always as simple as adding a line
to hba.conf.
Did you give the "pam" method a try? T
Not really beca
Am 25.06.2025 um 17:33 schrieb Peter J. Holzer:
On 2025-06-25 14:42:26 +0200, raphi wrote:
[snip]
That's not how the identiy principle works, at least not how it's implement
in our company. A user in ldap has a direct relation to one digital entity,
either a token from an appl
with S3 too and is very easy to integrate in an
ansible playbook to have a generic way to do PITRs.
Check out the official user guide: https://pgbackrest.org/user-guide.html
have fun
raphi
Am 26.06.2025 um 14:27 schrieb Peter J. Holzer:
On 2025-06-25 17:55:12 +0200, raphi wrote:
Am 25.06.2025 um 17:33 schrieb Peter J. Holzer:
On 2025-06-25 14:42:26 +0200, raphi wrote:
That's not how the identiy principle works, at least not how it's
implement in our company. A us
Am 28.06.2025 um 15:59 schrieb Peter J. Holzer:
On 2025-06-27 19:00:36 +0200, raphi wrote:
It's the application's password that we want to ensure that it is
complex and gets changed after we set an initial password for it.
Why let a human change that at all? Couldn't yo
