Update version in README.md to PostgreSQL 13.
commit : 5096e75f1aa6635c3d0e203254c4ef7eae9d3087
author : David Steele <[email protected]>
date : Wed, 9 Sep 2020 09:54:32 -0400
committer: David Steele <[email protected]>
date : Wed, 9 Sep 2020 09:54:32 -0400 M README.md
Suppress logging for internally generated foreign-key queries.
commit : 33248d2222cbb11c45da2ab61bbb855658836d7d
author : Peter Eisentraut <[email protected]>
date : Wed, 9 Sep 2020 14:50:08 +0200
committer: GitHub <[email protected]>
date : Wed, 9 Sep 2020 14:50:08 +0200 When auditing write operations (pgaudit.log = 'write'), we check whether the query requires ACL_UPDATE permissions. This also catches SELECT FOR UPDATE, SELECT FOR KEY SHARE, etc. queries, because there is no separate permission for those. This is especially annoying because internally generated foreign-key queries get logged.
To avoid this, in PostgreSQL 13 we can also check the rellockmode field of the range table entry. If it's at least RowExclusiveLock, then it's a real UPDATE, else it's some kind of SELECT with locking clause.M expected/pgaudit.out
M pgaudit.c
M sql/pgaudit.sql
Fix "pgaudit stack is not empty" error.
commit : 437a537345b38613fb28feaa0e343144c05309e1
author : David Steele <[email protected]>
date : Wed, 9 Sep 2020 08:22:06 -0400
committer: GitHub <[email protected]>
date : Wed, 9 Sep 2020 08:22:06 -0400 Select, show, and explain cursors are not freed until they are closed, so they are left on the stack between calls to the backend. The assertion to make sure the stack was empty on each call did not expect to see them and threw an error.
Allow select, show, and explain cursors on the stack between calls to handle this case.
Also log and remove close statements from the stack immediately so they are logged correctly.
Reported by @Giak79, @HesusFTW, @laurenz (Laurenz Albe), @svb007, @dylrich (Dylan Richardson)
Tested by @yugo-n (Yugo Nagata)M expected/pgaudit.out
M pgaudit.c
M sql/pgaudit.sql
Fix misclassification of partitioned tables/indexes.
commit : c07aa8254d59541c56fefde5a666004c76c603ee
author : gaoxueyu <[email protected]>
date : Wed, 22 Jul 2020 00:46:38 +0800
committer: GitHub <[email protected]>
date : Wed, 22 Jul 2020 00:46:38 +0800 Partitioned tables and indexes were being classified as UNKNOWN but they should be classified as TABLE/INDEX.M expected/pgaudit.out
M pgaudit.c
M sql/pgaudit.sql
Update copyright end year.
commit : 2fcf4f5460d4d03be930fc6a080302ff452c3001
author : David Steele <[email protected]>
date : Thu, 18 Jun 2020 08:18:08 -0400
committer: David Steele <[email protected]>
date : Thu, 18 Jun 2020 08:18:08 -0400 M pgaudit.c
Use syscache to get relation namespace/name.
commit : 7053d0a0f34179cab447b238f3494314477447c2
author : David Steele <[email protected]>
date : Thu, 18 Jun 2020 07:41:04 -0400
committer: GitHub <[email protected]>
date : Thu, 18 Jun 2020 07:41:04 -0400 The prior method of opening the relation with NoLock failed during assert builds.
Using the syscache allows us to get the namespace/name without calling relation_open(). Since the syscache calls are performed after permissions have been checked it should not be possible to have a cache miss.
Found by @rykp.
Reviewed by Joe Conway (@jconway), Stephen Frost (@sfrost).M pgaudit.c
Update to PostgreSQL 13.
commit : 387db257f1e807cfb57a745112192ddae2b4c84c
author : yulicrunchy <[email protected]>
date : Mon, 15 Jun 2020 15:52:54 -0400
committer: GitHub <[email protected]>
date : Mon, 15 Jun 2020 15:52:54 -0400 M Makefile
M README.md
M expected/pgaudit.out
R100 pgaudit–1.4.sql pgaudit–1.5.sql
M pgaudit.c
M pgaudit.control
M sql/pgaudit.sql
M test/Vagrantfile