I've noticed that by default postgres writes its log files read/write
only by the postgres user.

I have a nagios user I want to be able to analyse the logs.

Is there a way to make postgres output them so they can be read by a
group? Or am I going to have to write a script?

Glyn


__________________________________________________ ________
Sent from Yahoo! Mail - a smarter inbox http://uk.mail.yahoo.com



---------------------------(end of broadcast)---------------------------
TIP 3: Have you checked our extensive FAQ?

http://www.postgresql.org/docs/faq

On 1/31/08, Glyn Astill <glynastill@yahoo.co.uk> wrote:
> I've noticed that by default postgres writes its log files read/write
> only by the postgres user.
>
> I have a nagios user I want to be able to analyse the logs.
>
> Is there a way to make postgres output them so they can be read by a
> group? Or am I going to have to write a script?

PG itself only writes to stdout/stderr or uses syslog(). The way logs
are generated and stored is distro-specific, so you need to look at
how your distro does things (perhaps modifying the startup script).

-Doug

---------------------------(end of broadcast)---------------------------
TIP 4: Have you searched our list archives?

http://archives.postgresql.org/

Douglas McNaught wrote:
> On 1/31/08, Glyn Astill <glynastill@yahoo.co.uk> wrote:
> > I've noticed that by default postgres writes its log files read/write
> > only by the postgres user.
> >
> > I have a nagios user I want to be able to analyse the logs.
> >
> > Is there a way to make postgres output them so they can be read by a
> > group? Or am I going to have to write a script?
>
> PG itself only writes to stdout/stderr or uses syslog(). The way logs
> are generated and stored is distro-specific, so you need to look at
> how your distro does things (perhaps modifying the startup script).

Actually, as of 8.0 there is specialized process that captures stderr
and saves it to log files.

--
Alvaro Herrera http://www.CommandPrompt.com/
PostgreSQL Replication, Consulting, Custom Development, 24x7 support

---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match

Glyn Astill wrote:

> I'm not piping it to a file, postgres is managing the logs. Is there
> any way to manage the permissions, or do I just need to create a
> script to change the permissions?

I think you should be able to chmod the files after they have been
created. The postmaster changes its umask to 0077, so no file is
group-readable. I don't think is configurable either.

Perhaps we should add a log_file_group option, to which we would chgrp()
the log files.

--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.

---------------------------(end of broadcast)---------------------------
TIP 9: In versions below 8.0, the planner will ignore your desire to
choose an index scan if your joining column's datatypes do not
match

hi, allow me to show-off my ignorance.. I think that logging via
'syslogd' and managing log files with 'logrotate' already meets the
requirements.

Alvaro Herrera wrote:
>
> Perhaps we should add a log_file_group option, to which we would chgrp()
> the log files.
>

regards, jr. (jr@tailorware.org.uk)

hi, allow me to show-off my ignorance.. I think that logging via
'syslogd' and managing log files with 'logrotate' already meets the
requirements.

Alvaro Herrera wrote:
>
> Perhaps we should add a log_file_group option, to which we would chgrp()
> the log files.
>

regards, jr. (jr@tailorware.org.uk)



--

regards, jr. (jr@tailorware.org.uk)

hi, allow me to show-off my ignorance.. I think that logging via
'syslogd' and managing log files with 'logrotate' already meets the
requirements.

Alvaro Herrera wrote:
>
> Perhaps we should add a log_file_group option, to which we would chgrp()
> the log files.
>

regards, jr. (jr@tailorware.org.uk)



--

regards, jr. (jr@tailorware.org.uk)

On Jan 31, 2008, at 10:21 AM, Alvaro Herrera wrote:

> Glyn Astill wrote:
>
>> I'm not piping it to a file, postgres is managing the logs. Is there
>> any way to manage the permissions, or do I just need to create a
>> script to change the permissions?
>
> I think you should be able to chmod the files after they have been
> created. The postmaster changes its umask to 0077, so no file is
> group-readable. I don't think is configurable either.

just move the logs into a subdir which has permissions applied to it,
then not worry about the files inside, since nobody can break through
the directory anyhow.


---------------------------(end of broadcast)---------------------------
TIP 5: don't forget to increase your free space map settings

Vivek Khera wrote:
>
> On Jan 31, 2008, at 10:21 AM, Alvaro Herrera wrote:
>
>> I think you should be able to chmod the files after they have been
>> created. The postmaster changes its umask to 0077, so no file is
>> group-readable. I don't think is configurable either.
>
> just move the logs into a subdir which has permissions applied to it,
> then not worry about the files inside, since nobody can break through
> the directory anyhow.

That doesn't work because the files won't be readable by anyone but the
postgres user.

--
Alvaro Herrera http://www.CommandPrompt.com/
The PostgreSQL Company - Command Prompt, Inc.

---------------------------(end of broadcast)---------------------------
TIP 2: Don't 'kill -9' the postmaster

Alvaro Herrera wrote:
> Vivek Khera wrote:
>
>> On Jan 31, 2008, at 10:21 AM, Alvaro Herrera wrote:
>>
>>
>>> I think you should be able to chmod the files after they have been
>>> created. The postmaster changes its umask to 0077, so no file is
>>> group-readable. I don't think is configurable either.
>>>
>> just move the logs into a subdir which has permissions applied to it,
>> then not worry about the files inside, since nobody can break through
>> the directory anyhow.
>>
>
> That doesn't work because the files won't be readable by anyone but the
> postgres user.
>
>
You could just write a cron job that periodically goes to the log
directory and changes the permissions on the existing log files to allow
reading by whatever group owns the log files, then make nagios a member
of that group. Even if the log file is currently in use, once you
change the permissions, they should stick. Of course, there would be a
permission change lag between the time the log file switch occurs and
the cron job runs...

As to Alvaro's recommendation of having a setting to change the log
group, I think another idea would be to have a 'log_rotate_script'
setting...thus allowing a script to be called with the log file name
after a log file is rotated. In such a case one could archive off
existing files, and since the switch to a new log file had already
occurred, also change permissions, etc if needed.

--
Chander Ganesan
The Open Technology Group
One Copley Parkway, Suite 210
Morrisville, NC 27560
Phone: 877-258-8987/919-463-0999
http://www.otg-nc.com