Skip site navigation (1) Skip section navigation (2)

Re: log files and permissions

From: "Kevin Grittner" <Kevin(dot)Grittner(at)wicourts(dot)gov>
To: "Martin Pihlak" <martin(dot)pihlak(at)gmail(dot)com>, "Tom Lane" <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: "PostgreSQL-development" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: log files and permissions
Date: 2010-07-01 16:56:13
Message-ID: 4C2C825D0200002500032EF9@gw.wicourts.gov (view raw or flat)
Thread:
Lists: pgsql-hackers
Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
> Martin Pihlak <martin(dot)pihlak(at)gmail(dot)com> writes:
>> It'd be convenient if the log files would have group read access.
>> Then we could make all the DBA or monitoring users members of the
>> postgres group and they'd have direct access to the logs.
>> However, as the "group read" is not likely a universally correct
>> setting, the creation mode needs to be configurable.
> 
> It doesn't appear to me that this helps unless you are willing to
> make the containing director(ies) group-readable/executable as
> well, which is something we've resisted doing.
 
I just tried creating a symbolic link to the pg_log directory and
flagging the existing logs within it to 640.  As a member of the
group I was able to list and view the contents of log files through
the symbolic link, even though I didn't have any authority to the
PostgreSQL data directory.
 
That seems potentially useful to me.
 
-Kevin

In response to

Responses

pgsql-hackers by date

Next:From: Martin PihlakDate: 2010-07-01 16:58:26
Subject: Re: log files and permissions
Previous:From: Tom LaneDate: 2010-07-01 16:46:15
Subject: Re: log files and permissions

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group