On Thu, Dec 10, 2015 at 1:56 PM, oleg yusim <olegyu...@gmail.com> wrote:
> So what I want to accomplish is logging queries for roles/privileges with > minimal increasing volume of logs along the way. The idea I got from > responses in this thread so far is: > > 1) Set log_statement on postgresql.conf to 'mod' > 2) Raise log_statement to 'all' but only for postgres superuser > > What seems to be open questions to me with this model: > > 1) Way to check what log_statement set to on per user basis (what table > should I query?) > 2) Way to ensure that only superuser can run meta commands, such as \du, > \dp, \z > > Can you maybe bottom (or inline) post like the rest of us, please? 1) http://www.postgresql.org/docs/9.4/interactive/catalog-pg-db-role-setting.html 2) Again, not easy if it is indeed possible without source-code hacking. psql itself will not limit the user's ability to execute the command. David J.
