Re: pgsql: Add pg_audit, an auditing extension

* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> Stephen Frost <sfrost(at)snowman(dot)net> writes:
> > * Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> >> + ERROR: pg_audit must be loaded via shared_preload_libraries
> >>
> >> This seems like a rather poorly thought-through error check.
> >> It will break not only the buildfarm but any dump/restore scenario.
> >> You really can't have extensions that refuse to let themselves
> >> be created.
>
> > Yeah, the original idea behind it was to force the user to think about
> > if they really would want to load it later on down the line rather than
> > have it pre-loaded always.
>
> > I'll put something in the docs which recommends it and provides the
> > reasoning behind it.
>
> Could we apply a check at some later time, when the user actually does
> something that is not sensible unless the library was preloaded? Even
> then, just a WARNING might be better than ERROR.

Actually, we do.. The order in which the hooks are called matters and
if it's not loaded before anything real is called then it's going to
blow up.

> (Still, it's not clear how you'd get buildfarm testing to pass, so
> maybe this line of thought is just as fruitless.)

I've pushed a change which should clean it up by simply loading the
module after each reconnects is done, more-or-less simulating having it
be in shared_preload_libraries. It also wasn't using the correct
database for reconnecting.

I'll keep an eye on it.

Thanks!

Stephen