Skip to content

server,cli,sql: enable setting a password for the root user #6586

New issue
New issue
Closed
Closed
server,cli,sql: enable setting a password for the root user#6586
Assignees
Amruta-Ranade
Labels
C-product-changeP-1High priority; must be done this release
Milestone
20.1
@jseldess

Description

@jseldess
jseldess
opened on Feb 19, 2020

PR: cockroachdb/cockroach#43893

From release notes:

The root user can now have a password, like any other member of the admin role. However, as in previous versions, the HBA configuration cannot be overridden to prevent root from logging in with a valid TLS client certificate. This special rule remains enforced in order to ensure that users cannot "lock themselves out" of administrating their cluster. [#43893][#43893] {% comment %}doc{% endcomment %}
The root user remains special with regard to authentication when some system ranges are unavailable. In that case, password authentication will fail, subject to a timeout set to the minimum of 5 seconds and the configured value of system.user_login.timeout, because the password cannot be retrieved from a system table. However, certificate authentication remains available. [#43893][#43893] {% comment %}doc{% endcomment %}

Metadata

Metadata

Assignees

Labels

C-product-changeP-1High priority; must be done this release

Type

No type

Projects

No projects

Milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions