On Fri, Dec 02, 2005 at 12:59:17PM -0500, Bruce Momjian wrote: > Dick Snippe wrote: > > On Fri, Dec 02, 2005 at 12:30:17AM -0500, Tom Lane wrote: > > > > > "Dick Snippe" <[EMAIL PROTECTED]> writes: > > > > setting umask 077 makes sense for the data files, but not per se for the > > > > logfile. > > > > > > The logfile typically contains data just as sensitive as the data files, > > > > true. > > > > > so I disagree. > > > > we run postgresql as a database engine behind a number of websites. > > Typically all the data in the database is public data . It would be very > > nice if there was a method of letting our developers _read_ the logfile, > > without giving them _write_ access to the data files. > > > > What wrong with making this configurable? > > We can't add every features that people ask for or our software would be > unusable. If your log files recycle at midnight, can't you run a cron > job to chmod it? I suppose if you can find other users who would like > to set the mode flags on the file, we can add it.
Would it be possible to rely on setting umask in the shell instead of hardcoding 077? I guess that would end up being dependant on different startup scripts though, so it's probably not a good idea. An alternative is to just use syslog. Or I believe you could use a log-rotation program that allows you to define permissions and tell PostgreSQL not to rotate. -- Jim C. Nasby, Sr. Engineering Consultant [EMAIL PROTECTED] Pervasive Software http://pervasive.com work: 512-231-6117 vcard: http://jim.nasby.net/pervasive.vcf cell: 512-569-9461 ---------------------------(end of broadcast)--------------------------- TIP 6: explain analyze is your friend
