Moin,
On Thu, March 9, 2017 11:43 pm, Tom Lane wrote:
> Robert Haas <robertmhaas@gmail.com> writes:
>> On Thu, Mar 9, 2017 at 4:01 PM, Joe Conway <mail@joeconway.com> wrote:
>>> On 03/09/2017 12:27 PM, Tom Lane wrote:
>>>> For good measure I also added a DEBUG1 log message reporting
>>>> successful
>>>> binding to a port. I'm not sure if there's an argument for putting
>>>> this
>>>> out at LOG level (i.e. by default) --- any thoughts about that?
>
>>> +1 for making it LOG instead of DEBUG1
>
>> I would tend to vote against that, because startup is getting
>> gradually chattier and chattier, and I think this isn't likely to be
>> of interest to very many people most of the time.
>
> Yeah, my thought was that if we've gotten along without this for 20 years,
> it's probably not of interest to most people most of the time.
>
> However, if we're measuring this on a scale of usefulness to the average
> DBA, I would argue that it's of more interest than any of these messages
> that currently appear by default:
My 0.02$:
I'd argue that from a security standpoint it is important to log at
startup what addresses the service binds to, just so it is visible,
explicit and logged.
Especially on machines with multiple interfaces to multiple networks it
can be confusing, see ipv6 vs ipv4, or bound interfaces with multiple
hosts and switches.
Granted, there should be firewall rules preventing access, but
misconfigurations, or simple changes can happen and go unnoticed. If later
the postmaster bind address changes, maybe due to an update or human
error, you got the stars aligned just right for an unauthorized access.
OTOH, that the "logical replication launcher started" isn't really useful
to know to me as a user, I'd rather know when it failed to launch.
Best regards,
Tels
