Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ability to change own password #25220

Open
den-crane opened this issue Jun 11, 2021 · 6 comments
Open

Ability to change own password #25220

den-crane opened this issue Jun 11, 2021 · 6 comments
Labels
comp-rbac Access control related feature minor Priority: minor

Comments

@den-crane
Copy link
Contributor

Any syntax is OK.

SET PASSWORD = PASSWORD('123');

ALTER USER ... IDENTIFIED BY '123';
@filimonov filimonov added the comp-rbac Access control related label Jun 11, 2021
@filimonov
Copy link
Contributor

filimonov commented Jun 11, 2021
edited

Maybe it should require some grant?

@filimonov
Copy link
Contributor

Also in context of #15552

Security scanner can came and set up the password :)

@alexey-milovidov alexey-milovidov added the minor Priority: minor label Jun 11, 2021
@den-crane den-crane mentioned this issue May 30, 2022
Closed
@den-crane
Copy link
Contributor Author

Also is unclear how to do it for readonly users ( + on cluster)

@alexey-milovidov
Copy link
Member

The feature makes sense.

@alexey-milovidov
Copy link
Member

It works:

ALTER USER default IDENTIFIED WITH 'fsl;kgj67sk{A'

@alexey-milovidov alexey-milovidov self-assigned this Feb 16, 2023
@den-crane
Copy link
Contributor Author 

alter user foo identified by 'bar';

allows to superusers change any user password, including own password.

but it does not allow to change own password to a not superuser

clickhouse-client -u foo --password=bar

alter user foo identified by 'ba1r';

DB::Exception: foo: Not enough privileges. To execute this query it's necessary to have grant ALTER USER ON *.*. (ACCESS_DENIED)

@den-crane den-crane reopened this Feb 16, 2023
@alexey-milovidov alexey-milovidov removed their assignment Mar 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
comp-rbac Access control related feature minor Priority: minor
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@filimonov @alexey-milovidov @den-crane