Re: proposal: hide application_name from other users

From: Harold Giménez <harold(at)heroku(dot)com>
To: Bruce Momjian <bruce(at)momjian(dot)us>
Cc: Craig Ringer <craig(at)2ndquadrant(dot)com>, Heikki Linnakangas <hlinnakangas(at)vmware(dot)com>, pgsql-hackers(at)postgresql(dot)org
Subject: Re: proposal: hide application_name from other users
Date: 2014-01-22 00:08:20
Message-ID: CACZOJr8SXHHH+iZ+etprTajVZG7jJgWNa7=wDC+7GyTDWUDr9w@mail.gmail.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

On Tue, Jan 21, 2014 at 4:01 PM, Bruce Momjian <bruce(at)momjian(dot)us> wrote:
> On Tue, Jan 21, 2014 at 03:57:37PM -0800, Harold Giménez wrote:
>> > It also means that monitoring tools must run as superuser to see
>> > information they require, which to me is a total showstopper.
>>
>>
>> Well, the fact is that if you don't run monitoring tools as superuser,
>> there may not be enough connection slots available anyways, in cases
>> where actual usage is consuming all of max_connections, and only the
>> reserved slots are available. So in a way it's already unreliable to
>> run monitoring as non-superuser unfortunately.
>
> You might need to run as superuser in these cases, but it is hard to see
> why would need to do that in the normal case.

Definitely agree with you. This is just an example of how running
monitoring as superuser is not necessarily the worst thing, and there
are other reasons to do it already.

-Harold

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Andres Freund 2014-01-22 00:17:36 Re: Hard limit on WAL space used (because PANIC sucks)
Previous Message Harold Giménez 2014-01-22 00:06:46 Re: proposal: hide application_name from other users