Skip site navigation (1) Skip section navigation (2)

log files and permissions

From: Martin Pihlak <martin(dot)pihlak(at)gmail(dot)com>
To: PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: log files and permissions
Date: 2010-07-01 16:12:53
Message-ID: 4C2CBE85.5040608@gmail.com (view raw or flat)
Thread:
Lists: pgsql-hackers
With logging_collector enabled, all the postgres log files are created with
mode 0600.  This makes life complicated if users other than "postgres" need
to be able to examine the log files as well. Common example of this is when the
database runs under "postgres" user and DBA-s have named accounts. In order to
examine the log files the DBA then has to go through extra steps to sudo to
"postgres" or equivalent. Another example would be a monitoring script that
runs as an unprivileged user but needs to tail the log files.

It'd be convenient if the log files would have group read access. Then we could
make all the DBA or monitoring users members of the postgres group and they'd
have direct access to the logs. However, as the "group read" is not likely a
universally correct setting, the creation mode needs to be configurable.

Attached is a patch that adds a GUC "log_file_mode" which allows to specify
the creation mode for the log files. Presently it lacks documentation, which
I'll add if the idea is generally acceptable.

PS. I have no idea how all of this would work on Windows, maybe it's not
event relevant there?

regards,
Martin

Responses

pgsql-hackers by date

Next:From: Martin PihlakDate: 2010-07-01 16:15:58
Subject: Re: log files and permissions
Previous:From: Guillaume LelargeDate: 2010-07-01 16:11:54
Subject: Re: Cannot cancel the change of a tablespace

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group