Re: Adding ddl audit trigger

If Postgres users are not allowed to add triggers to system catalogs (which is fair nothing to say) maybe they could be added into a future release of Postgres. Maybe some basic DDL auditing like the name/type of the object, action, userid(current_user), and timestamp be included in these audit DDL triggers that would be added DISABLED by default and users can turn them on/off at their will.

Regards,
Lawrence Cohan.

-----Original Message-----
From: Guillaume Lelarge [mailto:guillaume(at)lelarge(dot)info]
Sent: January-26-11 5:41 PM
To: Tom Lane
Cc: Lawrence Cohan; pgsql-general(at)postgresql(dot)org
Subject: Re: [GENERAL] Adding ddl audit trigger

Le 26/01/2011 23:13, Tom Lane a écrit :
> Guillaume Lelarge <guillaume(at)lelarge(dot)info> writes:
>> Le 26/01/2011 22:29, Lawrence Cohan a écrit :
>>> All I need is to at least be able and save a userid(current_user), timestamp, action, and the name of the object and this could be done easily by adding triggers to these pg catalogs.
>
>> Nope, sorry. You can't add triggers on system catalogs.
>
> This has been discussed, and I think it's on the TODO list. It's not
> "easily done".
>

Yes, AFAIR, it was discussed during pgcon dev meeting last year. Jan
Wieck was interested to work on this (I suppose to help Slony work
better with DDL). Still hope to see some progress on this :)

--
Guillaume
http://www.postgresql.fr
http://dalibo.com

Attention:
The information contained in this message and or attachments is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender and delete the material from any system and destroy any copies.