| From: | Tatsuo Ishii <ishii(at)postgresql(dot)org> |
|---|---|
| To: | david(at)pgmasters(dot)net |
| Cc: | simon(at)2ndQuadrant(dot)com, pgsql-hackers(at)postgresql(dot)org, sawada(dot)mshk(at)gmail(dot)com, peter_e(at)gmx(dot)net, alvherre(at)2ndquadrant(dot)com, ams(at)2ndQuadrant(dot)com, masao(dot)fujii(at)gmail(dot)com |
| Subject: | Re: Auditing extension for PostgreSQL (Take 2) |
| Date: | 2015-04-15 00:37:37 |
| Message-ID: | 20150415.093737.74027275338109111.t-ishii@sraoss.co.jp |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
> Thank you for pointing that out!
>
> Ironic that it was the commit directly after the one I was testing with
> that broke the patch. It appears the end of the last CF is a very bad
> time to be behind HEAD.
>
> Fixed in attached v8 patch.
Thank you for your quick response.
BTW, in my understanding pg_audit allows to track a table access even
if it's used in a view. I think this is a nice feature and it would be
better explicitly stated in the document and the test case is better
included in the regression test.
Here is a sample session:
CREATE TABLE test2 (id INT);
CREATE VIEW vtest2 AS SELECT * FROM test2;
GRANT SELECT ON TABLE public.test2 TO auditor;
GRANT SELECT ON TABLE public.vtest2 TO auditor;
SELECT * FROM vtest2;
NOTICE: AUDIT: SESSION,1,1,READ,SELECT,,,SELECT * FROM vtest2;
NOTICE: AUDIT: OBJECT,1,1,READ,SELECT,VIEW,public.vtest2,SELECT * FROM vtest2;
NOTICE: AUDIT: OBJECT,1,1,READ,SELECT,TABLE,public.test2,SELECT * FROM vtest2;
Best regards,
--
Tatsuo Ishii
SRA OSS, Inc. Japan
English: http://www.sraoss.co.jp/index_en.php
Japanese:http://www.sraoss.co.jp
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Sawada Masahiko | 2015-04-15 01:52:25 | Re: Auditing extension for PostgreSQL (Take 2) |
| Previous Message | Kyotaro HORIGUCHI | 2015-04-15 00:35:05 | Re: inherit support for foreign tables |