hubert depesz lubaczewski <depesz@depesz.com> writes:
> On Thu, Sep 09, 2021 at 05:30:55PM -0600, Hotmail wrote:
>> We use liquibase to run migrations against our postgres 11 database.
>> We run the migrations as an application user that does not have
>> superuser permissions. Is there any workaround we could use that would
>> allow us to capture the migration sql that is run by our application
>> user? We want to capture all of the ddl as well as the dml run by the
>> migration user. Since setting log_statement=all at the session level
>> isn’t possible unless the user is a superuser is there any other way
>> to accomplish this task?
> Sure. Make a security-definer function that changes the log_statement,
> and grant privileges to call it to whoever you need.
Also you can do
alter user foo set log_statement = 'all';
to apply the setting at future logins of user foo. (While a non-superuser
can't do that for themselves, a superuser can do it for them.)
regards, tom lane