Skip to content

logging: make sync-writes false in default config for audit logs #58025

Closed
#58995
Closed
logging: make sync-writes false in default config for audit logs#58025
#58995
Labels
A-loggingIn and around the logging infrastructure.C-enhancementSolution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)
@knz

Description

@knz
knz
opened on Dec 17, 2020

Requested / suggested by @bdarnell

i don't think i agree that fsyncing after every log entry is a requirement
i'm worried about the DoS possibilities of allowing attackers to consume a scarce resource like this, and about the SPOF of a single disk
(i feel the same way about our existing experimental audit logs, fwiw)
requiring synced writes to a single disk is just an awkward spot in the durability spectrum. if it's really important, it needs to be replicated

In other words, durability for audit logs should be achieved via network logging, not disk syncs.

Metadata

Metadata

Assignees

No one assigned

    Labels

    A-loggingIn and around the logging infrastructure.C-enhancementSolution expected to add code/behavior + preserve backward-compat (pg compat issues are exception)

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions