public inbox for [email protected]
help / color / mirror / Atom feedFrom: Jacob Champion <[email protected]>
To: [email protected] <[email protected]>
Cc: [email protected] <[email protected]>
Cc: [email protected] <[email protected]>
Subject: Re: [PATCH] Expose port->authn_id to extensions and triggers
Date: Thu, 24 Feb 2022 16:50:59 +0000
Message-ID: <[email protected]> (raw)
In-Reply-To: <YhduhD/[email protected]>
References: <[email protected]>
<YhduhD/[email protected]>
On Thu, 2022-02-24 at 20:39 +0900, Michael Paquier wrote:
> I don't quite see the additional value that this API brings as
> MyProcPort is directly accessible, and contrib modules like
> postgres_fdw and sslinfo just use that to find the data of the current
> backend.
Right -- I just didn't know if third-party modules were actually able
to rely on the internal layout of struct Port. Is that guaranteed to
remain constant for a major release line? If so, this new API is
superfluous.
> Cannot a module like pgaudit, through the elog hook, do its
> work with what we have already in place?
Given the above, I would hope so. Stephen mentioned that pgaudit only
had access to the logged-in role, and when I proposed a miscadmin.h API
he said that would help. CC'ing him to see what he meant; I don't know
if pgaudit has additional constraints.
> What's the use case for a given session to be able to report back
> only its own authn through SQL?
That's for triggers to be able to grab the current ID for
logging/auditing. Is there a better way to expose this for that use
case?
> I could still see a use case for that at a more global level with
> beentrys, but it looked like there was not much interest the last time
> I dropped this idea.
I agree that this would be useful to have in the stats. From my outside
perspective, it seems like it's difficult to get strings of arbitrary
length in there; is that accurate?
Thanks,
--Jacob
view thread (4+ messages)
reply
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Reply to all the recipients using the --to and --cc options:
reply via email
To: [email protected]
Cc: [email protected], [email protected], [email protected]
Subject: Re: [PATCH] Expose port->authn_id to extensions and triggers
In-Reply-To: <[email protected]>
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
This inbox is served by agora; see mirroring instructions
for how to clone and mirror all data and code used for this inbox