Re: Audit of logout

On Sat, Aug 23, 2014 at 3:44 PM, Amit Kapila <amit.kapila16@gmail.com> wrote:
> On Tue, Aug 5, 2014 at 8:04 PM, Fujii Masao <masao.fujii@gmail.com> wrote:
>>
>> Yep, the attached patch introduces PGC_SU_BACKEND and
>> changes the contexts of log_connections and log_disconnections
>> to PGC_SU_BACKEND. Review?
>>

Thanks for reviewing the patch!

> 1.
> ! else if (context != PGC_POSTMASTER && context != PGC_SU_BACKEND &&
> ! context != PGC_SU_BACKEND && source != PGC_S_CLIENT)
>
> In the above check for PGC_SU_BACKEND is repeated, here
> one of the check should be PGC_SU_BACKEND  and other
> should be PGC_BACKEND.

Right. Fixed. Attached is the updated version of the patch.
BTW, I also added the following into the document of log_connections
and log_disconnections.

    Only superusers can change this setting at session start.

> 2.
> + case PGC_SU_BACKEND:
> + if (context == PGC_BACKEND)
> + {
> ..
> ..
> + return 0;
> + }
>   case PGC_BACKEND:
>   if (context == PGC_SIGHUP)
>
> Changing PGC_SU_BACKEND parameter (log_connections) is
> visible even with a non-super user client due to above code.
> Shouldn't it be only visible for super-user logins?
>
> Simple steps to reproduce the problem:
> a. start Server (default configuration)
> b. connect with superuser
> c. change in log_connections to on in postgresql.conf
> d. perform select pg_reload_conf();
> e. connect with non-super-user
> f.  show log_connections;  --This step shows the value as on,
>                                        --whereas I think it should have been
> off

In this case, log_connections is changed in postgresql.conf and it's
reloaded, so ISTM that it's natural that even non-superuser sees the
changed value. No? Maybe I'm missing something.

Regards,

--
Fujii Masao