Home > mailing lists

Re: [HACKERS] Monitoring roles patch - Mailing list pgsql-hackers

From	Peter Eisentraut
Subject	Re: [HACKERS] Monitoring roles patch
Date	March 22, 2017 18:55:07
Msg-id	c99cde7f-0aa7-ebaa-b9f4-ee75522554a4@2ndquadrant.com Whole thread Raw
In response to	Re: [HACKERS] Monitoring roles patch (Dave Page <dpage@pgadmin.org>)
Responses	Re: [HACKERS] Monitoring roles patch (Stephen Frost <sfrost@snowman.net>) Re: [HACKERS] Monitoring roles patch (Dave Page <dpage@pgadmin.org>)
List	pgsql-hackers

Tree view

On 3/22/17 07:48, Dave Page wrote:
> With the patch, complex monitoring systems can easily be setup with
> something like:
> 
> CREATE ROLE monitoring_user LOGIN;
> GRANT pg_monitor TO monitoring_role;

That assumes that we have thought of all the ways in which people might
want to monitor things.

If we do it via GRANTs instead, then users can easily extend it.

If we instead change the hardcoded superuser checks to hardcoded
some-other-role checks, then the whole system instantly becomes unusable
the moment someone wants to monitor something we haven't thought of.

-- 
Peter Eisentraut              http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services

pgsql-hackers by date:

From: Amit Kapila
Date: 22 March 2017, 18:52:55
Subject: Re: [HACKERS] Supporting huge pages on Windows

From: Peter Eisentraut
Date: 22 March 2017, 18:58:18
Subject: Re: [HACKERS] increasing the default WAL segment size

Re: [HACKERS] Monitoring roles patch - Mailing list pgsql-hackers

Previous

Next