Re: BUG #2088: logfiles only readable by instance owner

On Fri, Dec 02, 2005 at 12:59:17PM -0500, Bruce Momjian wrote:

> Dick Snippe wrote:
> > On Fri, Dec 02, 2005 at 12:30:17AM -0500, Tom Lane wrote:
> >
> > > "Dick Snippe" <Dick(dot)Snippe(at)tech(dot)omroep(dot)nl> writes:
> > > > setting umask 077 makes sense for the data files, but not per se for the
> > > > logfile.
> > >
> > > The logfile typically contains data just as sensitive as the data files,
> >
> > true.
> >
> > > so I disagree.
> >
> > we run postgresql as a database engine behind a number of websites.
> > Typically all the data in the database is public data . It would be very
> > nice if there was a method of letting our developers _read_ the logfile,
> > without giving them _write_ access to the data files.
> >
> > What wrong with making this configurable?
>
> We can't add every features that people ask for or our software would be
> unusable.

granted. But hardcoding it is the other extreme.

> If your log files recycle at midnight, can't you run a cron
> job to chmod it?

good idea. Actually, I think touching the file before postgresql creates it
might even be better (because when postgres has nothing to log there may not
be a logfile to chmod), something along the lines of
55 23 * * * touch $(date --date=tomorrow '+logfile-%Y-%m-%d')

> I suppose if you can find other users who would like
> to set the mode flags on the file, we can add it.

Who knows. Keep in mind that logging to file is a relatively new feature in
postgresql. We used to log to syslog, but switched to file logging because
of the nice logfile rotation features available in 8.x
So, when more people switch from 7.x to 8.x, this feature request might pop
up more often.

--
Dick Snippe - een Coordinator Publieke Omroep Internet Services
Gebouw 12.401 (peperbus) Sumatralaan 45 Hilversum \ fight war
tel +31 35 6774252, email beheer(at)omroep(dot)nl []() \ not wars