PostgreSQL 用户密码设置,更改,加锁,解锁. ALTER USER.

1.用户及密码的创建.

me=# create user you with password 'password123';
CREATE ROLE
me=# \du
                            角色列表
 角色名称 |                   属性                    | 成员属于 
----------+-------------------------------------------+----------
 me       | Systemuser                               +| {}
          | 密码有效直至2018-03-05 11:25:42.801458+08 | 
 syssao   | Systemuser                               +| {}
          | 密码有效直至2018-03-05 11:25:42.801543+08 | 
 syssso   | Systemuser                               +| {}
          | 密码有效直至2018-03-05 11:25:42.801568+08 | 
 you      | 密码有效直至2018-03-06 11:49:03.321253+08 | {}

me=# select *from pg_shadow;
 usename | usesysid | usecreatedb | usesuper | usecatupd | userepl |                    passwd                    |        valuntil        | useconfig 
---------+----------+-------------+----------+-----------+---------+----------------------------------------------+------------------------+-----------
 syssao  |       12 | f           | t        | t         | f       | sha11cebd1cb26194927bfb38474ce6c9c161bda62c9 | 2018-03-05 11:25:42+08 | 
 me      |       10 | t           | t        | f         | t       | sha1612356b5c7c51b2cb0adb9c83519add1f923d4ed | 2018-03-05 11:25:42+08 | 
 you     |    16392 | f           | f        | f         | f       | sha1d6641d7d9b98c050a48945da8b5070e291020c0c | 2018-03-06 11:49:03+08 | 
 syssso  |       13 | f           | t        | t         | f       | sha1729219c98f147f71db80532f4ad6f84b04d95127 | 2018-03-05 11:25:42+08 | 
(4 行记录)

       说明:passwd:   sha1 hash加密格式,md5 加密格式.

pg_shadow显示pg_authid中所有被标记为rolcanlogin的角色的属性

2.用户名口令修改:

me=# alter user you with password 'password456';
用户 me 的口令：
ALTER ROLE
me=# select *from pg_shadow where usename = 'you';
 usename | usesysid | usecreatedb | usesuper | usecatupd | userepl |                    passwd                    |        valuntil        | useconfig 
---------+----------+-------------+----------+-----------+---------+----------------------------------------------+------------------------+-----------
 you     |    16392 | f           | f        | f         | f       | sha18fa4cc5842d519b855623feed37df90ed6b91624 | 2018-03-06 13:28:27+08 | 
(1 行记录)

3.设置用户口令:

me=# select usename,valuntil from pg_shadow;
 usename |        valuntil        
---------+------------------------
 syssao  | 2018-03-05 11:25:42+08
 me      | 2018-03-05 11:25:42+08
 you     | 2018-02-28 12:00:00+08
 syssso  | 2018-03-05 11:25:42+08
(4 行记录)

me=# select rolname,password_period,rolpassword,rolvaliduntil,locked_date,created_date,last_login from pg_authid;
 rolname | password_period |                 rolpassword                  |         rolvaliduntil         | locked_date |         created_date          |          last_login           
---------+-----------------+----------------------------------------------+-------------------------------+-------------+-------------------------------+-------------------------------
 syssao  |               7 | sha11cebd1cb26194927bfb38474ce6c9c161bda62c9 | 2018-03-05 11:25:42.801543+08 |             |                               | 
 me      |               7 | sha1612356b5c7c51b2cb0adb9c83519add1f923d4ed | 2018-03-05 11:25:42.801458+08 |             |                               | 2018-02-27 13:58:38.393483+08
 you     |               1 | sha1d6641d7d9b98c050a48945da8b5070e291020c0c | 2018-02-28 12:00:00+08        |             | 2018-02-27 13:41:07.388451+08 | 
 syssso  |               7 | sha1729219c98f147f71db80532f4ad6f84b04d95127 | 2018-03-05 11:25:42.801568+08 |             |                               | 2018-02-27 14:39:17.181427+08
(4 行记录)

me=# alter user you period 7;
用户 syssso 的口令：
ALTER ROLE
me=# select rolname,password_period,rolpassword,rolvaliduntil,locked_date,created_date,last_login from pg_authid;
 rolname | password_period |                 rolpassword                  |         rolvaliduntil         | locked_date |         created_date          |          last_login           
---------+-----------------+----------------------------------------------+-------------------------------+-------------+-------------------------------+-------------------------------
 syssao  |               7 | sha11cebd1cb26194927bfb38474ce6c9c161bda62c9 | 2018-03-05 11:25:42.801543+08 |             |                               | 
 me      |               7 | sha1612356b5c7c51b2cb0adb9c83519add1f923d4ed | 2018-03-05 11:25:42.801458+08 |             |                               | 2018-02-27 13:58:38.393483+08
 syssso  |               7 | sha1729219c98f147f71db80532f4ad6f84b04d95127 | 2018-03-05 11:25:42.801568+08 |             |                               | 2018-02-27 15:12:42.963254+08
 you     |               7 | sha1d6641d7d9b98c050a48945da8b5070e291020c0c | 2018-02-28 12:00:00+08        |             | 2018-02-27 13:41:07.388451+08 | 
(4 行记录)

me=# alter user you valid until ' 2018-03-05 11:25:42.801568+08';
ALTER ROLE
me=# select rolname,password_period,rolpassword,rolvaliduntil,locked_date,created_date,last_login from pg_authid;
 rolname | password_period |                 rolpassword                  |         rolvaliduntil         | locked_date |         created_date          |          last_login           
---------+-----------------+----------------------------------------------+-------------------------------+-------------+-------------------------------+-------------------------------
 syssao  |               7 | sha11cebd1cb26194927bfb38474ce6c9c161bda62c9 | 2018-03-05 11:25:42.801543+08 |             |                               | 
 me      |               7 | sha1612356b5c7c51b2cb0adb9c83519add1f923d4ed | 2018-03-05 11:25:42.801458+08 |             |                               | 2018-02-27 13:58:38.393483+08
 syssso  |               7 | sha1729219c98f147f71db80532f4ad6f84b04d95127 | 2018-03-05 11:25:42.801568+08 |             |                               | 2018-02-27 15:12:42.963254+08
 you     |               7 | sha1d6641d7d9b98c050a48945da8b5070e291020c0c | 2018-03-05 11:25:42.801568+08 |             | 2018-02-27 13:41:07.388451+08 | 
(4 行记录)

4.锁定和解锁用户:

me=# create user you password 'password123' period 7;
CREATE ROLE
me=# \du
                            角色列表
 角色名称 |                   属性                    | 成员属于 
----------+-------------------------------------------+----------
 me       | Systemuser                               +| {}
          | 密码有效直至2018-03-05 11:25:42.801458+08 | 
 syssao   | Systemuser                               +| {}
          | 密码有效直至2018-03-05 11:25:42.801543+08 | 
 syssso   | Systemuser                               +| {}
          | 密码有效直至2018-03-05 11:25:42.801568+08 | 
 you      | 密码有效直至2018-03-06 15:38:47.313803+08 | {}
me=# alter user you nologin;  //current_user  是me,只有syssso用户才有权限加锁.
错误:  priv operator by syssso only!
语句:  alter user you nologin;
错误:  priv operator by syssso only!
me=# \c me syssso
用户 syssso 的口令：
me=# alter user you nologin;
ALTER ROLE
me=# \c me you
用户 you 的口令：
致命错误:  password authentication failed for user "you"
	(You have been failed for 1 times, only have 4 chances!)
致命错误:  password authentication failed for user "you"
(You have been failed for 1 times, only have 4 chances!)
保留上一次连线
me=# alter user you login;
ALTER ROLE
me=# \c me you
用户 you 的口令：
致命错误:  password authentication failed for user "you"
	(You have been failed for 2 times, only have 3 chances!)
致命错误:  password authentication failed for user "you"
(You have been failed for 2 times, only have 3 chances!)
保留上一次连线
me=# \c me you
用户 you 的口令：
me=> select user;
 current_user 
--------------
 you
(1 行记录)

me=> \c me syssao
用户 syssao 的口令：
me=# drop user you;
错误:  syssao do not has the privillege to drop role you
	
语句:  drop user you;
错误:  syssao do not has the privillege to drop role you

me=# \c me me
用户 me 的口令：
me=# drop user you;
DROP ROLE