1 /*
2 * server.c
3 *
4 * database server functions
5 *
6 * Copyright (c) 2010-2020, PostgreSQL Global Development Group
7 * src/bin/pg_upgrade/server.c
8 */
9
10 #include "postgres_fe.h"
11
12 #include "common/connect.h"
13 #include "fe_utils/string_utils.h"
14 #include "pg_upgrade.h"
15
16 static PGconn *get_db_conn(ClusterInfo *cluster, const char *db_name);
17
18
19 /*
20 * connectToServer()
21 *
22 * Connects to the desired database on the designated server.
23 * If the connection attempt fails, this function logs an error
24 * message and calls exit() to kill the program.
25 */
26 PGconn *
connectToServer(ClusterInfo * cluster,const char * db_name)27 connectToServer(ClusterInfo *cluster, const char *db_name)
28 {
29 PGconn *conn = get_db_conn(cluster, db_name);
30
31 if (conn == NULL || PQstatus(conn) != CONNECTION_OK)
32 {
33 pg_log(PG_REPORT, "connection to database failed: %s",
34 PQerrorMessage(conn));
35
36 if (conn)
37 PQfinish(conn);
38
39 printf(_("Failure, exiting\n"));
40 exit(1);
41 }
42
43 PQclear(executeQueryOrDie(conn, ALWAYS_SECURE_SEARCH_PATH_SQL));
44
45 return conn;
46 }
47
48
49 /*
50 * get_db_conn()
51 *
52 * get database connection, using named database + standard params for cluster
53 */
54 static PGconn *
get_db_conn(ClusterInfo * cluster,const char * db_name)55 get_db_conn(ClusterInfo *cluster, const char *db_name)
56 {
57 PQExpBufferData conn_opts;
58 PGconn *conn;
59
60 /* Build connection string with proper quoting */
61 initPQExpBuffer(&conn_opts);
62 appendPQExpBufferStr(&conn_opts, "dbname=");
63 appendConnStrVal(&conn_opts, db_name);
64 appendPQExpBufferStr(&conn_opts, " user=");
65 appendConnStrVal(&conn_opts, os_info.user);
66 appendPQExpBuffer(&conn_opts, " port=%d", cluster->port);
67 if (cluster->sockdir)
68 {
69 appendPQExpBufferStr(&conn_opts, " host=");
70 appendConnStrVal(&conn_opts, cluster->sockdir);
71 }
72
73 conn = PQconnectdb(conn_opts.data);
74 termPQExpBuffer(&conn_opts);
75 return conn;
76 }
77
78
79 /*
80 * cluster_conn_opts()
81 *
82 * Return standard command-line options for connecting to this cluster when
83 * using psql, pg_dump, etc. Ideally this would match what get_db_conn()
84 * sets, but the utilities we need aren't very consistent about the treatment
85 * of database name options, so we leave that out.
86 *
87 * Result is valid until the next call to this function.
88 */
89 char *
cluster_conn_opts(ClusterInfo * cluster)90 cluster_conn_opts(ClusterInfo *cluster)
91 {
92 static PQExpBuffer buf;
93
94 if (buf == NULL)
95 buf = createPQExpBuffer();
96 else
97 resetPQExpBuffer(buf);
98
99 if (cluster->sockdir)
100 {
101 appendPQExpBufferStr(buf, "--host ");
102 appendShellString(buf, cluster->sockdir);
103 appendPQExpBufferChar(buf, ' ');
104 }
105 appendPQExpBuffer(buf, "--port %d --username ", cluster->port);
106 appendShellString(buf, os_info.user);
107
108 return buf->data;
109 }
110
111
112 /*
113 * executeQueryOrDie()
114 *
115 * Formats a query string from the given arguments and executes the
116 * resulting query. If the query fails, this function logs an error
117 * message and calls exit() to kill the program.
118 */
119 PGresult *
executeQueryOrDie(PGconn * conn,const char * fmt,...)120 executeQueryOrDie(PGconn *conn, const char *fmt,...)
121 {
122 static char query[QUERY_ALLOC];
123 va_list args;
124 PGresult *result;
125 ExecStatusType status;
126
127 va_start(args, fmt);
128 vsnprintf(query, sizeof(query), fmt, args);
129 va_end(args);
130
131 pg_log(PG_VERBOSE, "executing: %s\n", query);
132 result = PQexec(conn, query);
133 status = PQresultStatus(result);
134
135 if ((status != PGRES_TUPLES_OK) && (status != PGRES_COMMAND_OK))
136 {
137 pg_log(PG_REPORT, "SQL command failed\n%s\n%s", query,
138 PQerrorMessage(conn));
139 PQclear(result);
140 PQfinish(conn);
141 printf(_("Failure, exiting\n"));
142 exit(1);
143 }
144 else
145 return result;
146 }
147
148
149 /*
150 * get_major_server_version()
151 *
152 * gets the version (in unsigned int form) for the given datadir. Assumes
153 * that datadir is an absolute path to a valid pgdata directory. The version
154 * is retrieved by reading the PG_VERSION file.
155 */
156 uint32
get_major_server_version(ClusterInfo * cluster)157 get_major_server_version(ClusterInfo *cluster)
158 {
159 FILE *version_fd;
160 char ver_filename[MAXPGPATH];
161 int v1 = 0,
162 v2 = 0;
163
164 snprintf(ver_filename, sizeof(ver_filename), "%s/PG_VERSION",
165 cluster->pgdata);
166 if ((version_fd = fopen(ver_filename, "r")) == NULL)
167 pg_fatal("could not open version file \"%s\": %m\n", ver_filename);
168
169 if (fscanf(version_fd, "%63s", cluster->major_version_str) == 0 ||
170 sscanf(cluster->major_version_str, "%d.%d", &v1, &v2) < 1)
171 pg_fatal("could not parse version file \"%s\"\n", ver_filename);
172
173 fclose(version_fd);
174
175 if (v1 < 10)
176 {
177 /* old style, e.g. 9.6.1 */
178 return v1 * 10000 + v2 * 100;
179 }
180 else
181 {
182 /* new style, e.g. 10.1 */
183 return v1 * 10000;
184 }
185 }
186
187
188 static void
stop_postmaster_atexit(void)189 stop_postmaster_atexit(void)
190 {
191 stop_postmaster(true);
192 }
193
194
195 bool
start_postmaster(ClusterInfo * cluster,bool report_and_exit_on_error)196 start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error)
197 {
198 char cmd[MAXPGPATH * 4 + 1000];
199 PGconn *conn;
200 bool pg_ctl_return = false;
201 char socket_string[MAXPGPATH + 200];
202
203 static bool exit_hook_registered = false;
204
205 if (!exit_hook_registered)
206 {
207 atexit(stop_postmaster_atexit);
208 exit_hook_registered = true;
209 }
210
211 socket_string[0] = '\0';
212
213 #if defined(HAVE_UNIX_SOCKETS) && !defined(WIN32)
214 /* prevent TCP/IP connections, restrict socket access */
215 strcat(socket_string,
216 " -c listen_addresses='' -c unix_socket_permissions=0700");
217
218 /* Have a sockdir? Tell the postmaster. */
219 if (cluster->sockdir)
220 snprintf(socket_string + strlen(socket_string),
221 sizeof(socket_string) - strlen(socket_string),
222 " -c %s='%s'",
223 (GET_MAJOR_VERSION(cluster->major_version) <= 902) ?
224 "unix_socket_directory" : "unix_socket_directories",
225 cluster->sockdir);
226 #endif
227
228 /*
229 * Since PG 9.1, we have used -b to disable autovacuum. For earlier
230 * releases, setting autovacuum=off disables cleanup vacuum and analyze,
231 * but freeze vacuums can still happen, so we set
232 * autovacuum_freeze_max_age to its maximum.
233 * (autovacuum_multixact_freeze_max_age was introduced after 9.1, so there
234 * is no need to set that.) We assume all datfrozenxid and relfrozenxid
235 * values are less than a gap of 2000000000 from the current xid counter,
236 * so autovacuum will not touch them.
237 *
238 * Turn off durability requirements to improve object creation speed, and
239 * we only modify the new cluster, so only use it there. If there is a
240 * crash, the new cluster has to be recreated anyway. fsync=off is a big
241 * win on ext4.
242 *
243 * Force vacuum_defer_cleanup_age to 0 on the new cluster, so that
244 * vacuumdb --freeze actually freezes the tuples.
245 */
246 snprintf(cmd, sizeof(cmd),
247 "\"%s/pg_ctl\" -w -l \"%s\" -D \"%s\" -o \"-p %d%s%s %s%s\" start",
248 cluster->bindir, SERVER_LOG_FILE, cluster->pgconfig, cluster->port,
249 (cluster->controldata.cat_ver >=
250 BINARY_UPGRADE_SERVER_FLAG_CAT_VER) ? " -b" :
251 " -c autovacuum=off -c autovacuum_freeze_max_age=2000000000",
252 (cluster == &new_cluster) ?
253 " -c synchronous_commit=off -c fsync=off -c full_page_writes=off -c vacuum_defer_cleanup_age=0" : "",
254 cluster->pgopts ? cluster->pgopts : "", socket_string);
255
256 /*
257 * Don't throw an error right away, let connecting throw the error because
258 * it might supply a reason for the failure.
259 */
260 pg_ctl_return = exec_prog(SERVER_START_LOG_FILE,
261 /* pass both file names if they differ */
262 (strcmp(SERVER_LOG_FILE,
263 SERVER_START_LOG_FILE) != 0) ?
264 SERVER_LOG_FILE : NULL,
265 report_and_exit_on_error, false,
266 "%s", cmd);
267
268 /* Did it fail and we are just testing if the server could be started? */
269 if (!pg_ctl_return && !report_and_exit_on_error)
270 return false;
271
272 /*
273 * We set this here to make sure atexit() shuts down the server, but only
274 * if we started the server successfully. We do it before checking for
275 * connectivity in case the server started but there is a connectivity
276 * failure. If pg_ctl did not return success, we will exit below.
277 *
278 * Pre-9.1 servers do not have PQping(), so we could be leaving the server
279 * running if authentication was misconfigured, so someday we might went
280 * to be more aggressive about doing server shutdowns even if pg_ctl
281 * fails, but now (2013-08-14) it seems prudent to be cautious. We don't
282 * want to shutdown a server that might have been accidentally started
283 * during the upgrade.
284 */
285 if (pg_ctl_return)
286 os_info.running_cluster = cluster;
287
288 /*
289 * pg_ctl -w might have failed because the server couldn't be started, or
290 * there might have been a connection problem in _checking_ if the server
291 * has started. Therefore, even if pg_ctl failed, we continue and test
292 * for connectivity in case we get a connection reason for the failure.
293 */
294 if ((conn = get_db_conn(cluster, "template1")) == NULL ||
295 PQstatus(conn) != CONNECTION_OK)
296 {
297 pg_log(PG_REPORT, "\nconnection to database failed: %s",
298 PQerrorMessage(conn));
299 if (conn)
300 PQfinish(conn);
301 if (cluster == &old_cluster)
302 pg_fatal("could not connect to source postmaster started with the command:\n"
303 "%s\n",
304 cmd);
305 else
306 pg_fatal("could not connect to target postmaster started with the command:\n"
307 "%s\n",
308 cmd);
309 }
310 PQfinish(conn);
311
312 /*
313 * If pg_ctl failed, and the connection didn't fail, and
314 * report_and_exit_on_error is enabled, fail now. This could happen if
315 * the server was already running.
316 */
317 if (!pg_ctl_return)
318 {
319 if (cluster == &old_cluster)
320 pg_fatal("pg_ctl failed to start the source server, or connection failed\n");
321 else
322 pg_fatal("pg_ctl failed to start the target server, or connection failed\n");
323 }
324
325 return true;
326 }
327
328
329 void
stop_postmaster(bool in_atexit)330 stop_postmaster(bool in_atexit)
331 {
332 ClusterInfo *cluster;
333
334 if (os_info.running_cluster == &old_cluster)
335 cluster = &old_cluster;
336 else if (os_info.running_cluster == &new_cluster)
337 cluster = &new_cluster;
338 else
339 return; /* no cluster running */
340
341 exec_prog(SERVER_STOP_LOG_FILE, NULL, !in_atexit, !in_atexit,
342 "\"%s/pg_ctl\" -w -D \"%s\" -o \"%s\" %s stop",
343 cluster->bindir, cluster->pgconfig,
344 cluster->pgopts ? cluster->pgopts : "",
345 in_atexit ? "-m fast" : "-m smart");
346
347 os_info.running_cluster = NULL;
348 }
349
350
351 /*
352 * check_pghost_envvar()
353 *
354 * Tests that PGHOST does not point to a non-local server
355 */
356 void
check_pghost_envvar(void)357 check_pghost_envvar(void)
358 {
359 PQconninfoOption *option;
360 PQconninfoOption *start;
361
362 /* Get valid libpq env vars from the PQconndefaults function */
363
364 start = PQconndefaults();
365
366 if (!start)
367 pg_fatal("out of memory\n");
368
369 for (option = start; option->keyword != NULL; option++)
370 {
371 if (option->envvar && (strcmp(option->envvar, "PGHOST") == 0 ||
372 strcmp(option->envvar, "PGHOSTADDR") == 0))
373 {
374 const char *value = getenv(option->envvar);
375
376 if (value && strlen(value) > 0 &&
377 /* check for 'local' host values */
378 (strcmp(value, "localhost") != 0 && strcmp(value, "127.0.0.1") != 0 &&
379 strcmp(value, "::1") != 0 && value[0] != '/'))
380 pg_fatal("libpq environment variable %s has a non-local server value: %s\n",
381 option->envvar, value);
382 }
383 }
384
385 /* Free the memory that libpq allocated on our behalf */
386 PQconninfoFree(start);
387 }
388