| From: | "David G(dot) Johnston" <david(dot)g(dot)johnston(at)gmail(dot)com> |
|---|---|
| To: | oleg yusim <olegyusim(at)gmail(dot)com> |
| Cc: | Jerry Sievers <gsievers19(at)comcast(dot)net>, Scott Mead <scottm(at)openscg(dot)com>, John R Pierce <pierce(at)hogranch(dot)com>, PostgreSQL General <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: Loggingt psql meta-commands |
| Date: | 2015-12-10 21:24:22 |
| Message-ID: | CAKFQuwa5PGf+Wv4PTs5ASvEdtkjD3eM8FF2E_ywLgJQ5+oNmyQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
On Thu, Dec 10, 2015 at 1:56 PM, oleg yusim <olegyusim(at)gmail(dot)com> wrote:
> So what I want to accomplish is logging queries for roles/privileges with
> minimal increasing volume of logs along the way. The idea I got from
> responses in this thread so far is:
>
> 1) Set log_statement on postgresql.conf to 'mod'
> 2) Raise log_statement to 'all' but only for postgres superuser
>
> What seems to be open questions to me with this model:
>
> 1) Way to check what log_statement set to on per user basis (what table
> should I query?)
> 2) Way to ensure that only superuser can run meta commands, such as \du,
> \dp, \z
>
>
Can you maybe bottom (or inline) post like the rest of us, please?
1)
http://www.postgresql.org/docs/9.4/interactive/catalog-pg-db-role-setting.html
2) Again, not easy if it is indeed possible without source-code hacking.
psql itself will not limit the user's ability to execute the command.
David J.
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Adrian Klaver | 2015-12-10 21:25:28 | Re: [JDBC] plpgsql function with RETURNS SETOF refcursor in JAVA |
| Previous Message | oleg yusim | 2015-12-10 20:56:01 | Re: Loggingt psql meta-commands |