Re: allow online change primary_conninfo

From: "andres(at)anarazel(dot)de" <andres(at)anarazel(dot)de>
To: Sergei Kornilov <sk(at)zsrv(dot)org>
Cc: Michael Paquier <michael(at)paquier(dot)xyz>, Kyotaro HORIGUCHI <horiguchi(dot)kyotaro(at)lab(dot)ntt(dot)co(dot)jp>, "pgsql-hackers(at)postgresql(dot)org" <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: allow online change primary_conninfo
Date: 2019-02-03 10:52:41
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers


On 2019-01-31 16:13:22 +0300, Sergei Kornilov wrote:
> Hello
> Yeah, we have no consensus.

Are you planning to update the patch? Given there's not been much
progress here, I think we ough tot mark the CF entry as returned with
feedback for now.

> Another open question is about logging new primary_conninfo:

> > LOG: parameter "primary_conninfo" changed to "host=/tmp port=5432 password=hoge"
> I my opinion this is not issue, database logs can have sensitive data. User queries, for example.
> If we not want expose such info - it is ok just hide new value from logs with new GUC flag? Or i need implement masked conninfo for this purpose?

I agree that this doesn't need to be solved as part of this patch. Given
the config is in the conf file, I don't think it's meaningful to hide
this from the log. If necessary one can use client certs, service files,


Andres Freund

In response to


Browse pgsql-hackers by date

  From Date Subject
Next Message Andres Freund 2019-02-03 10:58:11 Re: [PROPOSAL] Shared Ispell dictionaries
Previous Message Andres Freund 2019-02-03 10:43:24 Re: [HACKERS] PATCH: multivariate histograms and MCV lists