Re: pgaudit - an auditing extension for PostgreSQL

On Tue, Jul 29, 2014 at 09:08:38AM -0400, Bruce Momjian wrote:
> On Thu, Jun 26, 2014 at 09:59:59AM -0400, Stephen Frost wrote:
> > Simon,
> >
> > * Simon Riggs (simon(at)2ndQuadrant(dot)com) wrote:
> > > "Which tables are audited" would be available via the reloptions
> > > field.
> >
> > RLS could be implemented through reloptions too. Would it be useful to
> > some people? Likely. Would it satisfy the users who, today, are
> > actually asking for that feature? No (or at least, not the ones that
> > I've talked with). We could expand quite a few things to work through
> > reloptions but I don't see it as a particularly good design for complex
> > subsystems, of which auditing is absolutely one of those.
>
> I saw many mentions of pg_upgrade in this old thread. I think the focus
> should be in pg_dump, which is where the SQL syntax or custom reloptions
> would be dumped and restored. pg_upgrade will just use that
> functionality. In summary, I don't think there is anything
> pg_upgrade-specific here, but rather the issue of how this information will
> be dumped and restored, regardless of whether a major upgrade is taking
> place.

Actually, thinking more, Stephen Frost mentioned that the auditing
system has to modify database _state_, and dumping/restoring the state
of an extension might be tricky.

--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com

+ Everyone has their own god. +