PostgreSQL Source Code  git master
tablespace.c
Go to the documentation of this file.
1 /*-------------------------------------------------------------------------
2  *
3  * tablespace.c
4  * Commands to manipulate table spaces
5  *
6  * Tablespaces in PostgreSQL are designed to allow users to determine
7  * where the data file(s) for a given database object reside on the file
8  * system.
9  *
10  * A tablespace represents a directory on the file system. At tablespace
11  * creation time, the directory must be empty. To simplify things and
12  * remove the possibility of having file name conflicts, we isolate
13  * files within a tablespace into database-specific subdirectories.
14  *
15  * To support file access via the information given in RelFileLocator, we
16  * maintain a symbolic-link map in $PGDATA/pg_tblspc. The symlinks are
17  * named by tablespace OIDs and point to the actual tablespace directories.
18  * There is also a per-cluster version directory in each tablespace.
19  * Thus the full path to an arbitrary file is
20  * $PGDATA/pg_tblspc/spcoid/PG_MAJORVER_CATVER/dboid/relfilenumber
21  * e.g.
22  * $PGDATA/pg_tblspc/20981/PG_9.0_201002161/719849/83292814
23  *
24  * There are two tablespaces created at initdb time: pg_global (for shared
25  * tables) and pg_default (for everything else). For backwards compatibility
26  * and to remain functional on platforms without symlinks, these tablespaces
27  * are accessed specially: they are respectively
28  * $PGDATA/global/relfilenumber
29  * $PGDATA/base/dboid/relfilenumber
30  *
31  * To allow CREATE DATABASE to give a new database a default tablespace
32  * that's different from the template database's default, we make the
33  * provision that a zero in pg_class.reltablespace means the database's
34  * default tablespace. Without this, CREATE DATABASE would have to go in
35  * and munge the system catalogs of the new database.
36  *
37  *
38  * Portions Copyright (c) 1996-2024, PostgreSQL Global Development Group
39  * Portions Copyright (c) 1994, Regents of the University of California
40  *
41  *
42  * IDENTIFICATION
43  * src/backend/commands/tablespace.c
44  *
45  *-------------------------------------------------------------------------
46  */
47 #include "postgres.h"
48 
49 #include <unistd.h>
50 #include <dirent.h>
51 #include <sys/stat.h>
52 
53 #include "access/heapam.h"
54 #include "access/htup_details.h"
55 #include "access/reloptions.h"
56 #include "access/tableam.h"
57 #include "access/xact.h"
58 #include "access/xloginsert.h"
59 #include "access/xlogutils.h"
60 #include "catalog/binary_upgrade.h"
61 #include "catalog/catalog.h"
62 #include "catalog/dependency.h"
63 #include "catalog/indexing.h"
64 #include "catalog/objectaccess.h"
65 #include "catalog/pg_tablespace.h"
66 #include "commands/comment.h"
67 #include "commands/seclabel.h"
68 #include "commands/tablespace.h"
69 #include "common/file_perm.h"
70 #include "miscadmin.h"
71 #include "postmaster/bgwriter.h"
72 #include "storage/fd.h"
73 #include "storage/standby.h"
74 #include "utils/acl.h"
75 #include "utils/builtins.h"
76 #include "utils/fmgroids.h"
77 #include "utils/guc_hooks.h"
78 #include "utils/memutils.h"
79 #include "utils/rel.h"
80 #include "utils/varlena.h"
81 
82 /* GUC variables */
83 char *default_tablespace = NULL;
84 char *temp_tablespaces = NULL;
86 
88 
89 static void create_tablespace_directories(const char *location,
90  const Oid tablespaceoid);
91 static bool destroy_tablespace_directories(Oid tablespaceoid, bool redo);
92 
93 
94 /*
95  * Each database using a table space is isolated into its own name space
96  * by a subdirectory named for the database OID. On first creation of an
97  * object in the tablespace, create the subdirectory. If the subdirectory
98  * already exists, fall through quietly.
99  *
100  * isRedo indicates that we are creating an object during WAL replay.
101  * In this case we will cope with the possibility of the tablespace
102  * directory not being there either --- this could happen if we are
103  * replaying an operation on a table in a subsequently-dropped tablespace.
104  * We handle this by making a directory in the place where the tablespace
105  * symlink would normally be. This isn't an exact replay of course, but
106  * it's the best we can do given the available information.
107  *
108  * If tablespaces are not supported, we still need it in case we have to
109  * re-create a database subdirectory (of $PGDATA/base) during WAL replay.
110  */
111 void
112 TablespaceCreateDbspace(Oid spcOid, Oid dbOid, bool isRedo)
113 {
114  struct stat st;
115  char *dir;
116 
117  /*
118  * The global tablespace doesn't have per-database subdirectories, so
119  * nothing to do for it.
120  */
121  if (spcOid == GLOBALTABLESPACE_OID)
122  return;
123 
124  Assert(OidIsValid(spcOid));
125  Assert(OidIsValid(dbOid));
126 
127  dir = GetDatabasePath(dbOid, spcOid);
128 
129  if (stat(dir, &st) < 0)
130  {
131  /* Directory does not exist? */
132  if (errno == ENOENT)
133  {
134  /*
135  * Acquire TablespaceCreateLock to ensure that no DROP TABLESPACE
136  * or TablespaceCreateDbspace is running concurrently.
137  */
138  LWLockAcquire(TablespaceCreateLock, LW_EXCLUSIVE);
139 
140  /*
141  * Recheck to see if someone created the directory while we were
142  * waiting for lock.
143  */
144  if (stat(dir, &st) == 0 && S_ISDIR(st.st_mode))
145  {
146  /* Directory was created */
147  }
148  else
149  {
150  /* Directory creation failed? */
151  if (MakePGDirectory(dir) < 0)
152  {
153  /* Failure other than not exists or not in WAL replay? */
154  if (errno != ENOENT || !isRedo)
155  ereport(ERROR,
157  errmsg("could not create directory \"%s\": %m",
158  dir)));
159 
160  /*
161  * During WAL replay, it's conceivable that several levels
162  * of directories are missing if tablespaces are dropped
163  * further ahead of the WAL stream than we're currently
164  * replaying. An easy way forward is to create them as
165  * plain directories and hope they are removed by further
166  * WAL replay if necessary. If this also fails, there is
167  * trouble we cannot get out of, so just report that and
168  * bail out.
169  */
170  if (pg_mkdir_p(dir, pg_dir_create_mode) < 0)
171  ereport(ERROR,
173  errmsg("could not create directory \"%s\": %m",
174  dir)));
175  }
176  }
177 
178  LWLockRelease(TablespaceCreateLock);
179  }
180  else
181  {
182  ereport(ERROR,
184  errmsg("could not stat directory \"%s\": %m", dir)));
185  }
186  }
187  else
188  {
189  /* Is it not a directory? */
190  if (!S_ISDIR(st.st_mode))
191  ereport(ERROR,
192  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
193  errmsg("\"%s\" exists but is not a directory",
194  dir)));
195  }
196 
197  pfree(dir);
198 }
199 
200 /*
201  * Create a table space
202  *
203  * Only superusers can create a tablespace. This seems a reasonable restriction
204  * since we're determining the system layout and, anyway, we probably have
205  * root if we're doing this kind of activity
206  */
207 Oid
209 {
210  Relation rel;
211  Datum values[Natts_pg_tablespace];
212  bool nulls[Natts_pg_tablespace] = {0};
213  HeapTuple tuple;
214  Oid tablespaceoid;
215  char *location;
216  Oid ownerId;
217  Datum newOptions;
218  bool in_place;
219 
220  /* Must be superuser */
221  if (!superuser())
222  ereport(ERROR,
223  (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
224  errmsg("permission denied to create tablespace \"%s\"",
225  stmt->tablespacename),
226  errhint("Must be superuser to create a tablespace.")));
227 
228  /* However, the eventual owner of the tablespace need not be */
229  if (stmt->owner)
230  ownerId = get_rolespec_oid(stmt->owner, false);
231  else
232  ownerId = GetUserId();
233 
234  /* Unix-ify the offered path, and strip any trailing slashes */
235  location = pstrdup(stmt->location);
236  canonicalize_path(location);
237 
238  /* disallow quotes, else CREATE DATABASE would be at risk */
239  if (strchr(location, '\''))
240  ereport(ERROR,
241  (errcode(ERRCODE_INVALID_NAME),
242  errmsg("tablespace location cannot contain single quotes")));
243 
244  in_place = allow_in_place_tablespaces && strlen(location) == 0;
245 
246  /*
247  * Allowing relative paths seems risky
248  *
249  * This also helps us ensure that location is not empty or whitespace,
250  * unless specifying a developer-only in-place tablespace.
251  */
252  if (!in_place && !is_absolute_path(location))
253  ereport(ERROR,
254  (errcode(ERRCODE_INVALID_OBJECT_DEFINITION),
255  errmsg("tablespace location must be an absolute path")));
256 
257  /*
258  * Check that location isn't too long. Remember that we're going to append
259  * 'PG_XXX/<dboid>/<relid>_<fork>.<nnn>'. FYI, we never actually
260  * reference the whole path here, but MakePGDirectory() uses the first two
261  * parts.
262  */
263  if (strlen(location) + 1 + strlen(TABLESPACE_VERSION_DIRECTORY) + 1 +
264  OIDCHARS + 1 + OIDCHARS + 1 + FORKNAMECHARS + 1 + OIDCHARS > MAXPGPATH)
265  ereport(ERROR,
266  (errcode(ERRCODE_INVALID_OBJECT_DEFINITION),
267  errmsg("tablespace location \"%s\" is too long",
268  location)));
269 
270  /* Warn if the tablespace is in the data directory. */
271  if (path_is_prefix_of_path(DataDir, location))
273  (errcode(ERRCODE_INVALID_OBJECT_DEFINITION),
274  errmsg("tablespace location should not be inside the data directory")));
275 
276  /*
277  * Disallow creation of tablespaces named "pg_xxx"; we reserve this
278  * namespace for system purposes.
279  */
280  if (!allowSystemTableMods && IsReservedName(stmt->tablespacename))
281  ereport(ERROR,
282  (errcode(ERRCODE_RESERVED_NAME),
283  errmsg("unacceptable tablespace name \"%s\"",
284  stmt->tablespacename),
285  errdetail("The prefix \"pg_\" is reserved for system tablespaces.")));
286 
287  /*
288  * If built with appropriate switch, whine when regression-testing
289  * conventions for tablespace names are violated.
290  */
291 #ifdef ENFORCE_REGRESSION_TEST_NAME_RESTRICTIONS
292  if (strncmp(stmt->tablespacename, "regress_", 8) != 0)
293  elog(WARNING, "tablespaces created by regression test cases should have names starting with \"regress_\"");
294 #endif
295 
296  /*
297  * Check that there is no other tablespace by this name. (The unique
298  * index would catch this anyway, but might as well give a friendlier
299  * message.)
300  */
301  if (OidIsValid(get_tablespace_oid(stmt->tablespacename, true)))
302  ereport(ERROR,
304  errmsg("tablespace \"%s\" already exists",
305  stmt->tablespacename)));
306 
307  /*
308  * Insert tuple into pg_tablespace. The purpose of doing this first is to
309  * lock the proposed tablename against other would-be creators. The
310  * insertion will roll back if we find problems below.
311  */
312  rel = table_open(TableSpaceRelationId, RowExclusiveLock);
313 
314  if (IsBinaryUpgrade)
315  {
316  /* Use binary-upgrade override for tablespace oid */
318  ereport(ERROR,
319  (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
320  errmsg("pg_tablespace OID value not set when in binary upgrade mode")));
321 
324  }
325  else
326  tablespaceoid = GetNewOidWithIndex(rel, TablespaceOidIndexId,
327  Anum_pg_tablespace_oid);
328  values[Anum_pg_tablespace_oid - 1] = ObjectIdGetDatum(tablespaceoid);
329  values[Anum_pg_tablespace_spcname - 1] =
330  DirectFunctionCall1(namein, CStringGetDatum(stmt->tablespacename));
331  values[Anum_pg_tablespace_spcowner - 1] =
332  ObjectIdGetDatum(ownerId);
333  nulls[Anum_pg_tablespace_spcacl - 1] = true;
334 
335  /* Generate new proposed spcoptions (text array) */
336  newOptions = transformRelOptions((Datum) 0,
337  stmt->options,
338  NULL, NULL, false, false);
339  (void) tablespace_reloptions(newOptions, true);
340  if (newOptions != (Datum) 0)
341  values[Anum_pg_tablespace_spcoptions - 1] = newOptions;
342  else
343  nulls[Anum_pg_tablespace_spcoptions - 1] = true;
344 
345  tuple = heap_form_tuple(rel->rd_att, values, nulls);
346 
347  CatalogTupleInsert(rel, tuple);
348 
349  heap_freetuple(tuple);
350 
351  /* Record dependency on owner */
352  recordDependencyOnOwner(TableSpaceRelationId, tablespaceoid, ownerId);
353 
354  /* Post creation hook for new tablespace */
355  InvokeObjectPostCreateHook(TableSpaceRelationId, tablespaceoid, 0);
356 
357  create_tablespace_directories(location, tablespaceoid);
358 
359  /* Record the filesystem change in XLOG */
360  {
361  xl_tblspc_create_rec xlrec;
362 
363  xlrec.ts_id = tablespaceoid;
364 
365  XLogBeginInsert();
366  XLogRegisterData((char *) &xlrec,
367  offsetof(xl_tblspc_create_rec, ts_path));
368  XLogRegisterData((char *) location, strlen(location) + 1);
369 
370  (void) XLogInsert(RM_TBLSPC_ID, XLOG_TBLSPC_CREATE);
371  }
372 
373  /*
374  * Force synchronous commit, to minimize the window between creating the
375  * symlink on-disk and marking the transaction committed. It's not great
376  * that there is any window at all, but definitely we don't want to make
377  * it larger than necessary.
378  */
379  ForceSyncCommit();
380 
381  pfree(location);
382 
383  /* We keep the lock on pg_tablespace until commit */
384  table_close(rel, NoLock);
385 
386  return tablespaceoid;
387 }
388 
389 /*
390  * Drop a table space
391  *
392  * Be careful to check that the tablespace is empty.
393  */
394 void
396 {
397  char *tablespacename = stmt->tablespacename;
398  TableScanDesc scandesc;
399  Relation rel;
400  HeapTuple tuple;
401  Form_pg_tablespace spcform;
402  ScanKeyData entry[1];
403  Oid tablespaceoid;
404  char *detail;
405  char *detail_log;
406 
407  /*
408  * Find the target tuple
409  */
410  rel = table_open(TableSpaceRelationId, RowExclusiveLock);
411 
412  ScanKeyInit(&entry[0],
413  Anum_pg_tablespace_spcname,
414  BTEqualStrategyNumber, F_NAMEEQ,
415  CStringGetDatum(tablespacename));
416  scandesc = table_beginscan_catalog(rel, 1, entry);
417  tuple = heap_getnext(scandesc, ForwardScanDirection);
418 
419  if (!HeapTupleIsValid(tuple))
420  {
421  if (!stmt->missing_ok)
422  {
423  ereport(ERROR,
424  (errcode(ERRCODE_UNDEFINED_OBJECT),
425  errmsg("tablespace \"%s\" does not exist",
426  tablespacename)));
427  }
428  else
429  {
430  ereport(NOTICE,
431  (errmsg("tablespace \"%s\" does not exist, skipping",
432  tablespacename)));
433  table_endscan(scandesc);
434  table_close(rel, NoLock);
435  }
436  return;
437  }
438 
439  spcform = (Form_pg_tablespace) GETSTRUCT(tuple);
440  tablespaceoid = spcform->oid;
441 
442  /* Must be tablespace owner */
443  if (!object_ownercheck(TableSpaceRelationId, tablespaceoid, GetUserId()))
445  tablespacename);
446 
447  /* Disallow drop of the standard tablespaces, even by superuser */
448  if (IsPinnedObject(TableSpaceRelationId, tablespaceoid))
450  tablespacename);
451 
452  /* Check for pg_shdepend entries depending on this tablespace */
453  if (checkSharedDependencies(TableSpaceRelationId, tablespaceoid,
454  &detail, &detail_log))
455  ereport(ERROR,
456  (errcode(ERRCODE_DEPENDENT_OBJECTS_STILL_EXIST),
457  errmsg("tablespace \"%s\" cannot be dropped because some objects depend on it",
458  tablespacename),
459  errdetail_internal("%s", detail),
460  errdetail_log("%s", detail_log)));
461 
462  /* DROP hook for the tablespace being removed */
463  InvokeObjectDropHook(TableSpaceRelationId, tablespaceoid, 0);
464 
465  /*
466  * Remove the pg_tablespace tuple (this will roll back if we fail below)
467  */
468  CatalogTupleDelete(rel, &tuple->t_self);
469 
470  table_endscan(scandesc);
471 
472  /*
473  * Remove any comments or security labels on this tablespace.
474  */
475  DeleteSharedComments(tablespaceoid, TableSpaceRelationId);
476  DeleteSharedSecurityLabel(tablespaceoid, TableSpaceRelationId);
477 
478  /*
479  * Remove dependency on owner.
480  */
481  deleteSharedDependencyRecordsFor(TableSpaceRelationId, tablespaceoid, 0);
482 
483  /*
484  * Acquire TablespaceCreateLock to ensure that no TablespaceCreateDbspace
485  * is running concurrently.
486  */
487  LWLockAcquire(TablespaceCreateLock, LW_EXCLUSIVE);
488 
489  /*
490  * Try to remove the physical infrastructure.
491  */
492  if (!destroy_tablespace_directories(tablespaceoid, false))
493  {
494  /*
495  * Not all files deleted? However, there can be lingering empty files
496  * in the directories, left behind by for example DROP TABLE, that
497  * have been scheduled for deletion at next checkpoint (see comments
498  * in mdunlink() for details). We could just delete them immediately,
499  * but we can't tell them apart from important data files that we
500  * mustn't delete. So instead, we force a checkpoint which will clean
501  * out any lingering files, and try again.
502  */
504 
505  /*
506  * On Windows, an unlinked file persists in the directory listing
507  * until no process retains an open handle for the file. The DDL
508  * commands that schedule files for unlink send invalidation messages
509  * directing other PostgreSQL processes to close the files, but
510  * nothing guarantees they'll be processed in time. So, we'll also
511  * use a global barrier to ask all backends to close all files, and
512  * wait until they're finished.
513  */
514  LWLockRelease(TablespaceCreateLock);
516  LWLockAcquire(TablespaceCreateLock, LW_EXCLUSIVE);
517 
518  /* And now try again. */
519  if (!destroy_tablespace_directories(tablespaceoid, false))
520  {
521  /* Still not empty, the files must be important then */
522  ereport(ERROR,
523  (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
524  errmsg("tablespace \"%s\" is not empty",
525  tablespacename)));
526  }
527  }
528 
529  /* Record the filesystem change in XLOG */
530  {
531  xl_tblspc_drop_rec xlrec;
532 
533  xlrec.ts_id = tablespaceoid;
534 
535  XLogBeginInsert();
536  XLogRegisterData((char *) &xlrec, sizeof(xl_tblspc_drop_rec));
537 
538  (void) XLogInsert(RM_TBLSPC_ID, XLOG_TBLSPC_DROP);
539  }
540 
541  /*
542  * Note: because we checked that the tablespace was empty, there should be
543  * no need to worry about flushing shared buffers or free space map
544  * entries for relations in the tablespace.
545  */
546 
547  /*
548  * Force synchronous commit, to minimize the window between removing the
549  * files on-disk and marking the transaction committed. It's not great
550  * that there is any window at all, but definitely we don't want to make
551  * it larger than necessary.
552  */
553  ForceSyncCommit();
554 
555  /*
556  * Allow TablespaceCreateDbspace again.
557  */
558  LWLockRelease(TablespaceCreateLock);
559 
560  /* We keep the lock on pg_tablespace until commit */
561  table_close(rel, NoLock);
562 }
563 
564 
565 /*
566  * create_tablespace_directories
567  *
568  * Attempt to create filesystem infrastructure linking $PGDATA/pg_tblspc/
569  * to the specified directory
570  */
571 static void
572 create_tablespace_directories(const char *location, const Oid tablespaceoid)
573 {
574  char *linkloc;
575  char *location_with_version_dir;
576  struct stat st;
577  bool in_place;
578 
579  linkloc = psprintf("pg_tblspc/%u", tablespaceoid);
580 
581  /*
582  * If we're asked to make an 'in place' tablespace, create the directory
583  * directly where the symlink would normally go. This is a developer-only
584  * option for now, to facilitate regression testing.
585  */
586  in_place = strlen(location) == 0;
587 
588  if (in_place)
589  {
590  if (MakePGDirectory(linkloc) < 0 && errno != EEXIST)
591  ereport(ERROR,
593  errmsg("could not create directory \"%s\": %m",
594  linkloc)));
595  }
596 
597  location_with_version_dir = psprintf("%s/%s", in_place ? linkloc : location,
599 
600  /*
601  * Attempt to coerce target directory to safe permissions. If this fails,
602  * it doesn't exist or has the wrong owner. Not needed for in-place mode,
603  * because in that case we created the directory with the desired
604  * permissions.
605  */
606  if (!in_place && chmod(location, pg_dir_create_mode) != 0)
607  {
608  if (errno == ENOENT)
609  ereport(ERROR,
610  (errcode(ERRCODE_UNDEFINED_FILE),
611  errmsg("directory \"%s\" does not exist", location),
612  InRecovery ? errhint("Create this directory for the tablespace before "
613  "restarting the server.") : 0));
614  else
615  ereport(ERROR,
617  errmsg("could not set permissions on directory \"%s\": %m",
618  location)));
619  }
620 
621  /*
622  * The creation of the version directory prevents more than one tablespace
623  * in a single location. This imitates TablespaceCreateDbspace(), but it
624  * ignores concurrency and missing parent directories. The chmod() would
625  * have failed in the absence of a parent. pg_tablespace_spcname_index
626  * prevents concurrency.
627  */
628  if (stat(location_with_version_dir, &st) < 0)
629  {
630  if (errno != ENOENT)
631  ereport(ERROR,
633  errmsg("could not stat directory \"%s\": %m",
634  location_with_version_dir)));
635  else if (MakePGDirectory(location_with_version_dir) < 0)
636  ereport(ERROR,
638  errmsg("could not create directory \"%s\": %m",
639  location_with_version_dir)));
640  }
641  else if (!S_ISDIR(st.st_mode))
642  ereport(ERROR,
643  (errcode(ERRCODE_WRONG_OBJECT_TYPE),
644  errmsg("\"%s\" exists but is not a directory",
645  location_with_version_dir)));
646  else if (!InRecovery)
647  ereport(ERROR,
648  (errcode(ERRCODE_OBJECT_IN_USE),
649  errmsg("directory \"%s\" already in use as a tablespace",
650  location_with_version_dir)));
651 
652  /*
653  * In recovery, remove old symlink, in case it points to the wrong place.
654  */
655  if (!in_place && InRecovery)
656  remove_tablespace_symlink(linkloc);
657 
658  /*
659  * Create the symlink under PGDATA
660  */
661  if (!in_place && symlink(location, linkloc) < 0)
662  ereport(ERROR,
664  errmsg("could not create symbolic link \"%s\": %m",
665  linkloc)));
666 
667  pfree(linkloc);
668  pfree(location_with_version_dir);
669 }
670 
671 
672 /*
673  * destroy_tablespace_directories
674  *
675  * Attempt to remove filesystem infrastructure for the tablespace.
676  *
677  * 'redo' indicates we are redoing a drop from XLOG; in that case we should
678  * not throw an ERROR for problems, just LOG them. The worst consequence of
679  * not removing files here would be failure to release some disk space, which
680  * does not justify throwing an error that would require manual intervention
681  * to get the database running again.
682  *
683  * Returns true if successful, false if some subdirectory is not empty
684  */
685 static bool
686 destroy_tablespace_directories(Oid tablespaceoid, bool redo)
687 {
688  char *linkloc;
689  char *linkloc_with_version_dir;
690  DIR *dirdesc;
691  struct dirent *de;
692  char *subfile;
693  struct stat st;
694 
695  linkloc_with_version_dir = psprintf("pg_tblspc/%u/%s", tablespaceoid,
697 
698  /*
699  * Check if the tablespace still contains any files. We try to rmdir each
700  * per-database directory we find in it. rmdir failure implies there are
701  * still files in that subdirectory, so give up. (We do not have to worry
702  * about undoing any already completed rmdirs, since the next attempt to
703  * use the tablespace from that database will simply recreate the
704  * subdirectory via TablespaceCreateDbspace.)
705  *
706  * Since we hold TablespaceCreateLock, no one else should be creating any
707  * fresh subdirectories in parallel. It is possible that new files are
708  * being created within subdirectories, though, so the rmdir call could
709  * fail. Worst consequence is a less friendly error message.
710  *
711  * If redo is true then ENOENT is a likely outcome here, and we allow it
712  * to pass without comment. In normal operation we still allow it, but
713  * with a warning. This is because even though ProcessUtility disallows
714  * DROP TABLESPACE in a transaction block, it's possible that a previous
715  * DROP failed and rolled back after removing the tablespace directories
716  * and/or symlink. We want to allow a new DROP attempt to succeed at
717  * removing the catalog entries (and symlink if still present), so we
718  * should not give a hard error here.
719  */
720  dirdesc = AllocateDir(linkloc_with_version_dir);
721  if (dirdesc == NULL)
722  {
723  if (errno == ENOENT)
724  {
725  if (!redo)
728  errmsg("could not open directory \"%s\": %m",
729  linkloc_with_version_dir)));
730  /* The symlink might still exist, so go try to remove it */
731  goto remove_symlink;
732  }
733  else if (redo)
734  {
735  /* in redo, just log other types of error */
736  ereport(LOG,
738  errmsg("could not open directory \"%s\": %m",
739  linkloc_with_version_dir)));
740  pfree(linkloc_with_version_dir);
741  return false;
742  }
743  /* else let ReadDir report the error */
744  }
745 
746  while ((de = ReadDir(dirdesc, linkloc_with_version_dir)) != NULL)
747  {
748  if (strcmp(de->d_name, ".") == 0 ||
749  strcmp(de->d_name, "..") == 0)
750  continue;
751 
752  subfile = psprintf("%s/%s", linkloc_with_version_dir, de->d_name);
753 
754  /* This check is just to deliver a friendlier error message */
755  if (!redo && !directory_is_empty(subfile))
756  {
757  FreeDir(dirdesc);
758  pfree(subfile);
759  pfree(linkloc_with_version_dir);
760  return false;
761  }
762 
763  /* remove empty directory */
764  if (rmdir(subfile) < 0)
765  ereport(redo ? LOG : ERROR,
767  errmsg("could not remove directory \"%s\": %m",
768  subfile)));
769 
770  pfree(subfile);
771  }
772 
773  FreeDir(dirdesc);
774 
775  /* remove version directory */
776  if (rmdir(linkloc_with_version_dir) < 0)
777  {
778  ereport(redo ? LOG : ERROR,
780  errmsg("could not remove directory \"%s\": %m",
781  linkloc_with_version_dir)));
782  pfree(linkloc_with_version_dir);
783  return false;
784  }
785 
786  /*
787  * Try to remove the symlink. We must however deal with the possibility
788  * that it's a directory instead of a symlink --- this could happen during
789  * WAL replay (see TablespaceCreateDbspace).
790  *
791  * Note: in the redo case, we'll return true if this final step fails;
792  * there's no point in retrying it. Also, ENOENT should provoke no more
793  * than a warning.
794  */
795 remove_symlink:
796  linkloc = pstrdup(linkloc_with_version_dir);
797  get_parent_directory(linkloc);
798  if (lstat(linkloc, &st) < 0)
799  {
800  int saved_errno = errno;
801 
802  ereport(redo ? LOG : (saved_errno == ENOENT ? WARNING : ERROR),
804  errmsg("could not stat file \"%s\": %m",
805  linkloc)));
806  }
807  else if (S_ISDIR(st.st_mode))
808  {
809  if (rmdir(linkloc) < 0)
810  {
811  int saved_errno = errno;
812 
813  ereport(redo ? LOG : (saved_errno == ENOENT ? WARNING : ERROR),
815  errmsg("could not remove directory \"%s\": %m",
816  linkloc)));
817  }
818  }
819  else if (S_ISLNK(st.st_mode))
820  {
821  if (unlink(linkloc) < 0)
822  {
823  int saved_errno = errno;
824 
825  ereport(redo ? LOG : (saved_errno == ENOENT ? WARNING : ERROR),
827  errmsg("could not remove symbolic link \"%s\": %m",
828  linkloc)));
829  }
830  }
831  else
832  {
833  /* Refuse to remove anything that's not a directory or symlink */
834  ereport(redo ? LOG : ERROR,
835  (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
836  errmsg("\"%s\" is not a directory or symbolic link",
837  linkloc)));
838  }
839 
840  pfree(linkloc_with_version_dir);
841  pfree(linkloc);
842 
843  return true;
844 }
845 
846 
847 /*
848  * Check if a directory is empty.
849  *
850  * This probably belongs somewhere else, but not sure where...
851  */
852 bool
853 directory_is_empty(const char *path)
854 {
855  DIR *dirdesc;
856  struct dirent *de;
857 
858  dirdesc = AllocateDir(path);
859 
860  while ((de = ReadDir(dirdesc, path)) != NULL)
861  {
862  if (strcmp(de->d_name, ".") == 0 ||
863  strcmp(de->d_name, "..") == 0)
864  continue;
865  FreeDir(dirdesc);
866  return false;
867  }
868 
869  FreeDir(dirdesc);
870  return true;
871 }
872 
873 /*
874  * remove_tablespace_symlink
875  *
876  * This function removes symlinks in pg_tblspc. On Windows, junction points
877  * act like directories so we must be able to apply rmdir. This function
878  * works like the symlink removal code in destroy_tablespace_directories,
879  * except that failure to remove is always an ERROR. But if the file doesn't
880  * exist at all, that's OK.
881  */
882 void
883 remove_tablespace_symlink(const char *linkloc)
884 {
885  struct stat st;
886 
887  if (lstat(linkloc, &st) < 0)
888  {
889  if (errno == ENOENT)
890  return;
891  ereport(ERROR,
893  errmsg("could not stat file \"%s\": %m", linkloc)));
894  }
895 
896  if (S_ISDIR(st.st_mode))
897  {
898  /*
899  * This will fail if the directory isn't empty, but not if it's a
900  * junction point.
901  */
902  if (rmdir(linkloc) < 0 && errno != ENOENT)
903  ereport(ERROR,
905  errmsg("could not remove directory \"%s\": %m",
906  linkloc)));
907  }
908  else if (S_ISLNK(st.st_mode))
909  {
910  if (unlink(linkloc) < 0 && errno != ENOENT)
911  ereport(ERROR,
913  errmsg("could not remove symbolic link \"%s\": %m",
914  linkloc)));
915  }
916  else
917  {
918  /* Refuse to remove anything that's not a directory or symlink */
919  ereport(ERROR,
920  (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
921  errmsg("\"%s\" is not a directory or symbolic link",
922  linkloc)));
923  }
924 }
925 
926 /*
927  * Rename a tablespace
928  */
930 RenameTableSpace(const char *oldname, const char *newname)
931 {
932  Oid tspId;
933  Relation rel;
934  ScanKeyData entry[1];
935  TableScanDesc scan;
936  HeapTuple tup;
937  HeapTuple newtuple;
938  Form_pg_tablespace newform;
939  ObjectAddress address;
940 
941  /* Search pg_tablespace */
942  rel = table_open(TableSpaceRelationId, RowExclusiveLock);
943 
944  ScanKeyInit(&entry[0],
945  Anum_pg_tablespace_spcname,
946  BTEqualStrategyNumber, F_NAMEEQ,
947  CStringGetDatum(oldname));
948  scan = table_beginscan_catalog(rel, 1, entry);
949  tup = heap_getnext(scan, ForwardScanDirection);
950  if (!HeapTupleIsValid(tup))
951  ereport(ERROR,
952  (errcode(ERRCODE_UNDEFINED_OBJECT),
953  errmsg("tablespace \"%s\" does not exist",
954  oldname)));
955 
956  newtuple = heap_copytuple(tup);
957  newform = (Form_pg_tablespace) GETSTRUCT(newtuple);
958  tspId = newform->oid;
959 
960  table_endscan(scan);
961 
962  /* Must be owner */
963  if (!object_ownercheck(TableSpaceRelationId, tspId, GetUserId()))
965 
966  /* Validate new name */
967  if (!allowSystemTableMods && IsReservedName(newname))
968  ereport(ERROR,
969  (errcode(ERRCODE_RESERVED_NAME),
970  errmsg("unacceptable tablespace name \"%s\"", newname),
971  errdetail("The prefix \"pg_\" is reserved for system tablespaces.")));
972 
973  /*
974  * If built with appropriate switch, whine when regression-testing
975  * conventions for tablespace names are violated.
976  */
977 #ifdef ENFORCE_REGRESSION_TEST_NAME_RESTRICTIONS
978  if (strncmp(newname, "regress_", 8) != 0)
979  elog(WARNING, "tablespaces created by regression test cases should have names starting with \"regress_\"");
980 #endif
981 
982  /* Make sure the new name doesn't exist */
983  ScanKeyInit(&entry[0],
984  Anum_pg_tablespace_spcname,
985  BTEqualStrategyNumber, F_NAMEEQ,
986  CStringGetDatum(newname));
987  scan = table_beginscan_catalog(rel, 1, entry);
988  tup = heap_getnext(scan, ForwardScanDirection);
989  if (HeapTupleIsValid(tup))
990  ereport(ERROR,
992  errmsg("tablespace \"%s\" already exists",
993  newname)));
994 
995  table_endscan(scan);
996 
997  /* OK, update the entry */
998  namestrcpy(&(newform->spcname), newname);
999 
1000  CatalogTupleUpdate(rel, &newtuple->t_self, newtuple);
1001 
1002  InvokeObjectPostAlterHook(TableSpaceRelationId, tspId, 0);
1003 
1004  ObjectAddressSet(address, TableSpaceRelationId, tspId);
1005 
1006  table_close(rel, NoLock);
1007 
1008  return address;
1009 }
1010 
1011 /*
1012  * Alter table space options
1013  */
1014 Oid
1016 {
1017  Relation rel;
1018  ScanKeyData entry[1];
1019  TableScanDesc scandesc;
1020  HeapTuple tup;
1021  Oid tablespaceoid;
1022  Datum datum;
1023  Datum newOptions;
1024  Datum repl_val[Natts_pg_tablespace];
1025  bool isnull;
1026  bool repl_null[Natts_pg_tablespace];
1027  bool repl_repl[Natts_pg_tablespace];
1028  HeapTuple newtuple;
1029 
1030  /* Search pg_tablespace */
1031  rel = table_open(TableSpaceRelationId, RowExclusiveLock);
1032 
1033  ScanKeyInit(&entry[0],
1034  Anum_pg_tablespace_spcname,
1035  BTEqualStrategyNumber, F_NAMEEQ,
1036  CStringGetDatum(stmt->tablespacename));
1037  scandesc = table_beginscan_catalog(rel, 1, entry);
1038  tup = heap_getnext(scandesc, ForwardScanDirection);
1039  if (!HeapTupleIsValid(tup))
1040  ereport(ERROR,
1041  (errcode(ERRCODE_UNDEFINED_OBJECT),
1042  errmsg("tablespace \"%s\" does not exist",
1043  stmt->tablespacename)));
1044 
1045  tablespaceoid = ((Form_pg_tablespace) GETSTRUCT(tup))->oid;
1046 
1047  /* Must be owner of the existing object */
1048  if (!object_ownercheck(TableSpaceRelationId, tablespaceoid, GetUserId()))
1050  stmt->tablespacename);
1051 
1052  /* Generate new proposed spcoptions (text array) */
1053  datum = heap_getattr(tup, Anum_pg_tablespace_spcoptions,
1054  RelationGetDescr(rel), &isnull);
1055  newOptions = transformRelOptions(isnull ? (Datum) 0 : datum,
1056  stmt->options, NULL, NULL, false,
1057  stmt->isReset);
1058  (void) tablespace_reloptions(newOptions, true);
1059 
1060  /* Build new tuple. */
1061  memset(repl_null, false, sizeof(repl_null));
1062  memset(repl_repl, false, sizeof(repl_repl));
1063  if (newOptions != (Datum) 0)
1064  repl_val[Anum_pg_tablespace_spcoptions - 1] = newOptions;
1065  else
1066  repl_null[Anum_pg_tablespace_spcoptions - 1] = true;
1067  repl_repl[Anum_pg_tablespace_spcoptions - 1] = true;
1068  newtuple = heap_modify_tuple(tup, RelationGetDescr(rel), repl_val,
1069  repl_null, repl_repl);
1070 
1071  /* Update system catalog. */
1072  CatalogTupleUpdate(rel, &newtuple->t_self, newtuple);
1073 
1074  InvokeObjectPostAlterHook(TableSpaceRelationId, tablespaceoid, 0);
1075 
1076  heap_freetuple(newtuple);
1077 
1078  /* Conclude heap scan. */
1079  table_endscan(scandesc);
1080  table_close(rel, NoLock);
1081 
1082  return tablespaceoid;
1083 }
1084 
1085 /*
1086  * Routines for handling the GUC variable 'default_tablespace'.
1087  */
1088 
1089 /* check_hook: validate new default_tablespace */
1090 bool
1092 {
1093  /*
1094  * If we aren't inside a transaction, or connected to a database, we
1095  * cannot do the catalog accesses necessary to verify the name. Must
1096  * accept the value on faith.
1097  */
1099  {
1100  if (**newval != '\0' &&
1102  {
1103  /*
1104  * When source == PGC_S_TEST, don't throw a hard error for a
1105  * nonexistent tablespace, only a NOTICE. See comments in guc.h.
1106  */
1107  if (source == PGC_S_TEST)
1108  {
1109  ereport(NOTICE,
1110  (errcode(ERRCODE_UNDEFINED_OBJECT),
1111  errmsg("tablespace \"%s\" does not exist",
1112  *newval)));
1113  }
1114  else
1115  {
1116  GUC_check_errdetail("Tablespace \"%s\" does not exist.",
1117  *newval);
1118  return false;
1119  }
1120  }
1121  }
1122 
1123  return true;
1124 }
1125 
1126 /*
1127  * GetDefaultTablespace -- get the OID of the current default tablespace
1128  *
1129  * Temporary objects have different default tablespaces, hence the
1130  * relpersistence parameter must be specified. Also, for partitioned tables,
1131  * we disallow specifying the database default, so that needs to be specified
1132  * too.
1133  *
1134  * May return InvalidOid to indicate "use the database's default tablespace".
1135  *
1136  * Note that caller is expected to check appropriate permissions for any
1137  * result other than InvalidOid.
1138  *
1139  * This exists to hide (and possibly optimize the use of) the
1140  * default_tablespace GUC variable.
1141  */
1142 Oid
1143 GetDefaultTablespace(char relpersistence, bool partitioned)
1144 {
1145  Oid result;
1146 
1147  /* The temp-table case is handled elsewhere */
1148  if (relpersistence == RELPERSISTENCE_TEMP)
1149  {
1151  return GetNextTempTableSpace();
1152  }
1153 
1154  /* Fast path for default_tablespace == "" */
1155  if (default_tablespace == NULL || default_tablespace[0] == '\0')
1156  return InvalidOid;
1157 
1158  /*
1159  * It is tempting to cache this lookup for more speed, but then we would
1160  * fail to detect the case where the tablespace was dropped since the GUC
1161  * variable was set. Note also that we don't complain if the value fails
1162  * to refer to an existing tablespace; we just silently return InvalidOid,
1163  * causing the new object to be created in the database's tablespace.
1164  */
1165  result = get_tablespace_oid(default_tablespace, true);
1166 
1167  /*
1168  * Allow explicit specification of database's default tablespace in
1169  * default_tablespace without triggering permissions checks. Don't allow
1170  * specifying that when creating a partitioned table, however, since the
1171  * result is confusing.
1172  */
1173  if (result == MyDatabaseTableSpace)
1174  {
1175  if (partitioned)
1176  ereport(ERROR,
1177  (errcode(ERRCODE_FEATURE_NOT_SUPPORTED),
1178  errmsg("cannot specify default tablespace for partitioned relations")));
1179  result = InvalidOid;
1180  }
1181  return result;
1182 }
1183 
1184 
1185 /*
1186  * Routines for handling the GUC variable 'temp_tablespaces'.
1187  */
1188 
1189 typedef struct
1190 {
1191  /* Array of OIDs to be passed to SetTempTablespaces() */
1192  int numSpcs;
1195 
1196 /* check_hook: validate new temp_tablespaces */
1197 bool
1199 {
1200  char *rawname;
1201  List *namelist;
1202 
1203  /* Need a modifiable copy of string */
1204  rawname = pstrdup(*newval);
1205 
1206  /* Parse string into list of identifiers */
1207  if (!SplitIdentifierString(rawname, ',', &namelist))
1208  {
1209  /* syntax error in name list */
1210  GUC_check_errdetail("List syntax is invalid.");
1211  pfree(rawname);
1212  list_free(namelist);
1213  return false;
1214  }
1215 
1216  /*
1217  * If we aren't inside a transaction, or connected to a database, we
1218  * cannot do the catalog accesses necessary to verify the name. Must
1219  * accept the value on faith. Fortunately, there's then also no need to
1220  * pass the data to fd.c.
1221  */
1223  {
1224  temp_tablespaces_extra *myextra;
1225  Oid *tblSpcs;
1226  int numSpcs;
1227  ListCell *l;
1228 
1229  /* temporary workspace until we are done verifying the list */
1230  tblSpcs = (Oid *) palloc(list_length(namelist) * sizeof(Oid));
1231  numSpcs = 0;
1232  foreach(l, namelist)
1233  {
1234  char *curname = (char *) lfirst(l);
1235  Oid curoid;
1236  AclResult aclresult;
1237 
1238  /* Allow an empty string (signifying database default) */
1239  if (curname[0] == '\0')
1240  {
1241  /* InvalidOid signifies database's default tablespace */
1242  tblSpcs[numSpcs++] = InvalidOid;
1243  continue;
1244  }
1245 
1246  /*
1247  * In an interactive SET command, we ereport for bad info. When
1248  * source == PGC_S_TEST, don't throw a hard error for a
1249  * nonexistent tablespace, only a NOTICE. See comments in guc.h.
1250  */
1251  curoid = get_tablespace_oid(curname, source <= PGC_S_TEST);
1252  if (curoid == InvalidOid)
1253  {
1254  if (source == PGC_S_TEST)
1255  ereport(NOTICE,
1256  (errcode(ERRCODE_UNDEFINED_OBJECT),
1257  errmsg("tablespace \"%s\" does not exist",
1258  curname)));
1259  continue;
1260  }
1261 
1262  /*
1263  * Allow explicit specification of database's default tablespace
1264  * in temp_tablespaces without triggering permissions checks.
1265  */
1266  if (curoid == MyDatabaseTableSpace)
1267  {
1268  /* InvalidOid signifies database's default tablespace */
1269  tblSpcs[numSpcs++] = InvalidOid;
1270  continue;
1271  }
1272 
1273  /* Check permissions, similarly complaining only if interactive */
1274  aclresult = object_aclcheck(TableSpaceRelationId, curoid, GetUserId(),
1275  ACL_CREATE);
1276  if (aclresult != ACLCHECK_OK)
1277  {
1278  if (source >= PGC_S_INTERACTIVE)
1279  aclcheck_error(aclresult, OBJECT_TABLESPACE, curname);
1280  continue;
1281  }
1282 
1283  tblSpcs[numSpcs++] = curoid;
1284  }
1285 
1286  /* Now prepare an "extra" struct for assign_temp_tablespaces */
1287  myextra = guc_malloc(LOG, offsetof(temp_tablespaces_extra, tblSpcs) +
1288  numSpcs * sizeof(Oid));
1289  if (!myextra)
1290  return false;
1291  myextra->numSpcs = numSpcs;
1292  memcpy(myextra->tblSpcs, tblSpcs, numSpcs * sizeof(Oid));
1293  *extra = (void *) myextra;
1294 
1295  pfree(tblSpcs);
1296  }
1297 
1298  pfree(rawname);
1299  list_free(namelist);
1300 
1301  return true;
1302 }
1303 
1304 /* assign_hook: do extra actions as needed */
1305 void
1306 assign_temp_tablespaces(const char *newval, void *extra)
1307 {
1308  temp_tablespaces_extra *myextra = (temp_tablespaces_extra *) extra;
1309 
1310  /*
1311  * If check_temp_tablespaces was executed inside a transaction, then pass
1312  * the list it made to fd.c. Otherwise, clear fd.c's list; we must be
1313  * still outside a transaction, or else restoring during transaction exit,
1314  * and in either case we can just let the next PrepareTempTablespaces call
1315  * make things sane.
1316  */
1317  if (myextra)
1318  SetTempTablespaces(myextra->tblSpcs, myextra->numSpcs);
1319  else
1320  SetTempTablespaces(NULL, 0);
1321 }
1322 
1323 /*
1324  * PrepareTempTablespaces -- prepare to use temp tablespaces
1325  *
1326  * If we have not already done so in the current transaction, parse the
1327  * temp_tablespaces GUC variable and tell fd.c which tablespace(s) to use
1328  * for temp files.
1329  */
1330 void
1332 {
1333  char *rawname;
1334  List *namelist;
1335  Oid *tblSpcs;
1336  int numSpcs;
1337  ListCell *l;
1338 
1339  /* No work if already done in current transaction */
1340  if (TempTablespacesAreSet())
1341  return;
1342 
1343  /*
1344  * Can't do catalog access unless within a transaction. This is just a
1345  * safety check in case this function is called by low-level code that
1346  * could conceivably execute outside a transaction. Note that in such a
1347  * scenario, fd.c will fall back to using the current database's default
1348  * tablespace, which should always be OK.
1349  */
1350  if (!IsTransactionState())
1351  return;
1352 
1353  /* Need a modifiable copy of string */
1354  rawname = pstrdup(temp_tablespaces);
1355 
1356  /* Parse string into list of identifiers */
1357  if (!SplitIdentifierString(rawname, ',', &namelist))
1358  {
1359  /* syntax error in name list */
1360  SetTempTablespaces(NULL, 0);
1361  pfree(rawname);
1362  list_free(namelist);
1363  return;
1364  }
1365 
1366  /* Store tablespace OIDs in an array in TopTransactionContext */
1368  list_length(namelist) * sizeof(Oid));
1369  numSpcs = 0;
1370  foreach(l, namelist)
1371  {
1372  char *curname = (char *) lfirst(l);
1373  Oid curoid;
1374  AclResult aclresult;
1375 
1376  /* Allow an empty string (signifying database default) */
1377  if (curname[0] == '\0')
1378  {
1379  /* InvalidOid signifies database's default tablespace */
1380  tblSpcs[numSpcs++] = InvalidOid;
1381  continue;
1382  }
1383 
1384  /* Else verify that name is a valid tablespace name */
1385  curoid = get_tablespace_oid(curname, true);
1386  if (curoid == InvalidOid)
1387  {
1388  /* Skip any bad list elements */
1389  continue;
1390  }
1391 
1392  /*
1393  * Allow explicit specification of database's default tablespace in
1394  * temp_tablespaces without triggering permissions checks.
1395  */
1396  if (curoid == MyDatabaseTableSpace)
1397  {
1398  /* InvalidOid signifies database's default tablespace */
1399  tblSpcs[numSpcs++] = InvalidOid;
1400  continue;
1401  }
1402 
1403  /* Check permissions similarly */
1404  aclresult = object_aclcheck(TableSpaceRelationId, curoid, GetUserId(),
1405  ACL_CREATE);
1406  if (aclresult != ACLCHECK_OK)
1407  continue;
1408 
1409  tblSpcs[numSpcs++] = curoid;
1410  }
1411 
1412  SetTempTablespaces(tblSpcs, numSpcs);
1413 
1414  pfree(rawname);
1415  list_free(namelist);
1416 }
1417 
1418 
1419 /*
1420  * get_tablespace_oid - given a tablespace name, look up the OID
1421  *
1422  * If missing_ok is false, throw an error if tablespace name not found. If
1423  * true, just return InvalidOid.
1424  */
1425 Oid
1426 get_tablespace_oid(const char *tablespacename, bool missing_ok)
1427 {
1428  Oid result;
1429  Relation rel;
1430  TableScanDesc scandesc;
1431  HeapTuple tuple;
1432  ScanKeyData entry[1];
1433 
1434  /*
1435  * Search pg_tablespace. We use a heapscan here even though there is an
1436  * index on name, on the theory that pg_tablespace will usually have just
1437  * a few entries and so an indexed lookup is a waste of effort.
1438  */
1439  rel = table_open(TableSpaceRelationId, AccessShareLock);
1440 
1441  ScanKeyInit(&entry[0],
1442  Anum_pg_tablespace_spcname,
1443  BTEqualStrategyNumber, F_NAMEEQ,
1444  CStringGetDatum(tablespacename));
1445  scandesc = table_beginscan_catalog(rel, 1, entry);
1446  tuple = heap_getnext(scandesc, ForwardScanDirection);
1447 
1448  /* We assume that there can be at most one matching tuple */
1449  if (HeapTupleIsValid(tuple))
1450  result = ((Form_pg_tablespace) GETSTRUCT(tuple))->oid;
1451  else
1452  result = InvalidOid;
1453 
1454  table_endscan(scandesc);
1456 
1457  if (!OidIsValid(result) && !missing_ok)
1458  ereport(ERROR,
1459  (errcode(ERRCODE_UNDEFINED_OBJECT),
1460  errmsg("tablespace \"%s\" does not exist",
1461  tablespacename)));
1462 
1463  return result;
1464 }
1465 
1466 /*
1467  * get_tablespace_name - given a tablespace OID, look up the name
1468  *
1469  * Returns a palloc'd string, or NULL if no such tablespace.
1470  */
1471 char *
1473 {
1474  char *result;
1475  Relation rel;
1476  TableScanDesc scandesc;
1477  HeapTuple tuple;
1478  ScanKeyData entry[1];
1479 
1480  /*
1481  * Search pg_tablespace. We use a heapscan here even though there is an
1482  * index on oid, on the theory that pg_tablespace will usually have just a
1483  * few entries and so an indexed lookup is a waste of effort.
1484  */
1485  rel = table_open(TableSpaceRelationId, AccessShareLock);
1486 
1487  ScanKeyInit(&entry[0],
1488  Anum_pg_tablespace_oid,
1489  BTEqualStrategyNumber, F_OIDEQ,
1490  ObjectIdGetDatum(spc_oid));
1491  scandesc = table_beginscan_catalog(rel, 1, entry);
1492  tuple = heap_getnext(scandesc, ForwardScanDirection);
1493 
1494  /* We assume that there can be at most one matching tuple */
1495  if (HeapTupleIsValid(tuple))
1496  result = pstrdup(NameStr(((Form_pg_tablespace) GETSTRUCT(tuple))->spcname));
1497  else
1498  result = NULL;
1499 
1500  table_endscan(scandesc);
1502 
1503  return result;
1504 }
1505 
1506 
1507 /*
1508  * TABLESPACE resource manager's routines
1509  */
1510 void
1512 {
1513  uint8 info = XLogRecGetInfo(record) & ~XLR_INFO_MASK;
1514 
1515  /* Backup blocks are not used in tblspc records */
1516  Assert(!XLogRecHasAnyBlockRefs(record));
1517 
1518  if (info == XLOG_TBLSPC_CREATE)
1519  {
1521  char *location = xlrec->ts_path;
1522 
1523  create_tablespace_directories(location, xlrec->ts_id);
1524  }
1525  else if (info == XLOG_TBLSPC_DROP)
1526  {
1528 
1529  /* Close all smgr fds in all backends. */
1531 
1532  /*
1533  * If we issued a WAL record for a drop tablespace it implies that
1534  * there were no files in it at all when the DROP was done. That means
1535  * that no permanent objects can exist in it at this point.
1536  *
1537  * It is possible for standby users to be using this tablespace as a
1538  * location for their temporary files, so if we fail to remove all
1539  * files then do conflict processing and try again, if currently
1540  * enabled.
1541  *
1542  * Other possible reasons for failure include bollixed file
1543  * permissions on a standby server when they were okay on the primary,
1544  * etc etc. There's not much we can do about that, so just remove what
1545  * we can and press on.
1546  */
1547  if (!destroy_tablespace_directories(xlrec->ts_id, true))
1548  {
1550 
1551  /*
1552  * If we did recovery processing then hopefully the backends who
1553  * wrote temp files should have cleaned up and exited by now. So
1554  * retry before complaining. If we fail again, this is just a LOG
1555  * condition, because it's not worth throwing an ERROR for (as
1556  * that would crash the database and require manual intervention
1557  * before we could get past this WAL record on restart).
1558  */
1559  if (!destroy_tablespace_directories(xlrec->ts_id, true))
1560  ereport(LOG,
1561  (errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
1562  errmsg("directories for tablespace %u could not be removed",
1563  xlrec->ts_id),
1564  errhint("You can remove the directories manually if necessary.")));
1565  }
1566  }
1567  else
1568  elog(PANIC, "tblspc_redo: unknown op code %u", info);
1569 }
Oid get_rolespec_oid(const RoleSpec *role, bool missing_ok)
Definition: acl.c:5454
AclResult
Definition: acl.h:182
@ ACLCHECK_NO_PRIV
Definition: acl.h:184
@ ACLCHECK_OK
Definition: acl.h:183
@ ACLCHECK_NOT_OWNER
Definition: acl.h:185
void aclcheck_error(AclResult aclerr, ObjectType objtype, const char *objectname)
Definition: aclchk.c:2700
AclResult object_aclcheck(Oid classid, Oid objectid, Oid roleid, AclMode mode)
Definition: aclchk.c:3888
bool object_ownercheck(Oid classid, Oid objectid, Oid roleid)
Definition: aclchk.c:4142
char * get_tablespace_name(Oid spc_oid)
Definition: tablespace.c:1472
Oid AlterTableSpaceOptions(AlterTableSpaceOptionsStmt *stmt)
Definition: tablespace.c:1015
Oid binary_upgrade_next_pg_tablespace_oid
Definition: tablespace.c:87
bool directory_is_empty(const char *path)
Definition: tablespace.c:853
void remove_tablespace_symlink(const char *linkloc)
Definition: tablespace.c:883
static bool destroy_tablespace_directories(Oid tablespaceoid, bool redo)
Definition: tablespace.c:686
bool check_default_tablespace(char **newval, void **extra, GucSource source)
Definition: tablespace.c:1091
void DropTableSpace(DropTableSpaceStmt *stmt)
Definition: tablespace.c:395
void PrepareTempTablespaces(void)
Definition: tablespace.c:1331
Oid get_tablespace_oid(const char *tablespacename, bool missing_ok)
Definition: tablespace.c:1426
ObjectAddress RenameTableSpace(const char *oldname, const char *newname)
Definition: tablespace.c:930
char * temp_tablespaces
Definition: tablespace.c:84
void assign_temp_tablespaces(const char *newval, void *extra)
Definition: tablespace.c:1306
Oid GetDefaultTablespace(char relpersistence, bool partitioned)
Definition: tablespace.c:1143
void TablespaceCreateDbspace(Oid spcOid, Oid dbOid, bool isRedo)
Definition: tablespace.c:112
bool check_temp_tablespaces(char **newval, void **extra, GucSource source)
Definition: tablespace.c:1198
Oid CreateTableSpace(CreateTableSpaceStmt *stmt)
Definition: tablespace.c:208
char * default_tablespace
Definition: tablespace.c:83
static void create_tablespace_directories(const char *location, const Oid tablespaceoid)
Definition: tablespace.c:572
void tblspc_redo(XLogReaderState *record)
Definition: tablespace.c:1511
bool allow_in_place_tablespaces
Definition: tablespace.c:85
static Datum values[MAXATTR]
Definition: bootstrap.c:150
#define NameStr(name)
Definition: c.h:746
#define Assert(condition)
Definition: c.h:858
#define FLEXIBLE_ARRAY_MEMBER
Definition: c.h:398
unsigned char uint8
Definition: c.h:504
#define OidIsValid(objectId)
Definition: c.h:775
Oid GetNewOidWithIndex(Relation relation, Oid indexId, AttrNumber oidcolumn)
Definition: catalog.c:412
bool IsPinnedObject(Oid classId, Oid objectId)
Definition: catalog.c:334
bool IsReservedName(const char *name)
Definition: catalog.c:238
void RequestCheckpoint(int flags)
Definition: checkpointer.c:941
void DeleteSharedComments(Oid oid, Oid classoid)
Definition: comment.c:374
int errdetail_internal(const char *fmt,...)
Definition: elog.c:1232
int errcode_for_file_access(void)
Definition: elog.c:878
int errdetail(const char *fmt,...)
Definition: elog.c:1205
int errhint(const char *fmt,...)
Definition: elog.c:1319
int errcode(int sqlerrcode)
Definition: elog.c:855
int errmsg(const char *fmt,...)
Definition: elog.c:1072
int errdetail_log(const char *fmt,...)
Definition: elog.c:1253
#define LOG
Definition: elog.h:31
#define WARNING
Definition: elog.h:36
#define PANIC
Definition: elog.h:42
#define ERROR
Definition: elog.h:39
#define elog(elevel,...)
Definition: elog.h:224
#define NOTICE
Definition: elog.h:35
#define ereport(elevel,...)
Definition: elog.h:149
struct dirent * ReadDir(DIR *dir, const char *dirname)
Definition: fd.c:2909
int MakePGDirectory(const char *directoryName)
Definition: fd.c:3913
int FreeDir(DIR *dir)
Definition: fd.c:2961
bool TempTablespacesAreSet(void)
Definition: fd.c:3078
Oid GetNextTempTableSpace(void)
Definition: fd.c:3111
void SetTempTablespaces(Oid *tableSpaces, int numSpaces)
Definition: fd.c:3049
DIR * AllocateDir(const char *dirname)
Definition: fd.c:2843
int pg_dir_create_mode
Definition: file_perm.c:18
#define DirectFunctionCall1(func, arg1)
Definition: fmgr.h:642
bool IsBinaryUpgrade
Definition: globals.c:119
bool allowSystemTableMods
Definition: globals.c:128
Oid MyDatabaseTableSpace
Definition: globals.c:94
char * DataDir
Definition: globals.c:69
Oid MyDatabaseId
Definition: globals.c:92
void * guc_malloc(int elevel, size_t size)
Definition: guc.c:640
#define newval
#define GUC_check_errdetail
Definition: guc.h:447
GucSource
Definition: guc.h:108
@ PGC_S_TEST
Definition: guc.h:121
@ PGC_S_INTERACTIVE
Definition: guc.h:120
HeapTuple heap_getnext(TableScanDesc sscan, ScanDirection direction)
Definition: heapam.c:1252
HeapTuple heap_modify_tuple(HeapTuple tuple, TupleDesc tupleDesc, const Datum *replValues, const bool *replIsnull, const bool *doReplace)
Definition: heaptuple.c:1209
HeapTuple heap_copytuple(HeapTuple tuple)
Definition: heaptuple.c:776
HeapTuple heap_form_tuple(TupleDesc tupleDescriptor, const Datum *values, const bool *isnull)
Definition: heaptuple.c:1116
void heap_freetuple(HeapTuple htup)
Definition: heaptuple.c:1434
#define HeapTupleIsValid(tuple)
Definition: htup.h:78
static Datum heap_getattr(HeapTuple tup, int attnum, TupleDesc tupleDesc, bool *isnull)
Definition: htup_details.h:792
#define GETSTRUCT(TUP)
Definition: htup_details.h:653
#define stmt
Definition: indent_codes.h:59
void CatalogTupleUpdate(Relation heapRel, ItemPointer otid, HeapTuple tup)
Definition: indexing.c:313
void CatalogTupleInsert(Relation heapRel, HeapTuple tup)
Definition: indexing.c:233
void CatalogTupleDelete(Relation heapRel, ItemPointer tid)
Definition: indexing.c:365
void list_free(List *list)
Definition: list.c:1546
#define NoLock
Definition: lockdefs.h:34
#define AccessShareLock
Definition: lockdefs.h:36
#define RowExclusiveLock
Definition: lockdefs.h:38
bool LWLockAcquire(LWLock *lock, LWLockMode mode)
Definition: lwlock.c:1168
void LWLockRelease(LWLock *lock)
Definition: lwlock.c:1781
@ LW_EXCLUSIVE
Definition: lwlock.h:114
MemoryContext TopTransactionContext
Definition: mcxt.c:154
char * pstrdup(const char *in)
Definition: mcxt.c:1696
void pfree(void *pointer)
Definition: mcxt.c:1521
void * MemoryContextAlloc(MemoryContext context, Size size)
Definition: mcxt.c:1181
void * palloc(Size size)
Definition: mcxt.c:1317
Oid GetUserId(void)
Definition: miscinit.c:514
void namestrcpy(Name name, const char *str)
Definition: name.c:233
Datum namein(PG_FUNCTION_ARGS)
Definition: name.c:48
#define InvokeObjectPostCreateHook(classId, objectId, subId)
Definition: objectaccess.h:173
#define InvokeObjectPostAlterHook(classId, objectId, subId)
Definition: objectaccess.h:197
#define InvokeObjectDropHook(classId, objectId, subId)
Definition: objectaccess.h:182
#define ObjectAddressSet(addr, class_id, object_id)
Definition: objectaddress.h:40
@ OBJECT_TABLESPACE
Definition: parsenodes.h:2303
#define ACL_CREATE
Definition: parsenodes.h:85
#define MAXPGPATH
#define lfirst(lc)
Definition: pg_list.h:172
static int list_length(const List *l)
Definition: pg_list.h:152
static rewind_source * source
Definition: pg_rewind.c:89
void deleteSharedDependencyRecordsFor(Oid classId, Oid objectId, int32 objectSubId)
Definition: pg_shdepend.c:1047
void recordDependencyOnOwner(Oid classId, Oid objectId, Oid owner)
Definition: pg_shdepend.c:168
bool checkSharedDependencies(Oid classId, Oid objectId, char **detail_msg, char **detail_log_msg)
Definition: pg_shdepend.c:676
FormData_pg_tablespace * Form_pg_tablespace
Definition: pg_tablespace.h:48
int pg_mkdir_p(char *path, int omode)
Definition: pgmkdirp.c:57
#define is_absolute_path(filename)
Definition: port.h:103
bool path_is_prefix_of_path(const char *path1, const char *path2)
Definition: path.c:559
void canonicalize_path(char *path)
Definition: path.c:264
void get_parent_directory(char *path)
Definition: path.c:976
uintptr_t Datum
Definition: postgres.h:64
static Datum ObjectIdGetDatum(Oid X)
Definition: postgres.h:252
static Datum CStringGetDatum(const char *X)
Definition: postgres.h:350
#define InvalidOid
Definition: postgres_ext.h:36
unsigned int Oid
Definition: postgres_ext.h:31
void WaitForProcSignalBarrier(uint64 generation)
Definition: procsignal.c:389
uint64 EmitProcSignalBarrier(ProcSignalBarrierType type)
Definition: procsignal.c:329
@ PROCSIGNAL_BARRIER_SMGRRELEASE
Definition: procsignal.h:56
char * psprintf(const char *fmt,...)
Definition: psprintf.c:46
#define RelationGetDescr(relation)
Definition: rel.h:531
bytea * tablespace_reloptions(Datum reloptions, bool validate)
Definition: reloptions.c:2086
Datum transformRelOptions(Datum oldOptions, List *defList, const char *namspace, char *validnsps[], bool acceptOidsOff, bool isReset)
Definition: reloptions.c:1156
char * GetDatabasePath(Oid dbOid, Oid spcOid)
Definition: relpath.c:110
#define OIDCHARS
Definition: relpath.h:37
#define FORKNAMECHARS
Definition: relpath.h:64
#define TABLESPACE_VERSION_DIRECTORY
Definition: relpath.h:33
void ScanKeyInit(ScanKey entry, AttrNumber attributeNumber, StrategyNumber strategy, RegProcedure procedure, Datum argument)
Definition: scankey.c:76
@ ForwardScanDirection
Definition: sdir.h:28
void DeleteSharedSecurityLabel(Oid objectId, Oid classId)
Definition: seclabel.c:491
void ResolveRecoveryConflictWithTablespace(Oid tsid)
Definition: standby.c:538
#define BTEqualStrategyNumber
Definition: stratnum.h:31
#define ERRCODE_DUPLICATE_OBJECT
Definition: streamutil.c:32
Definition: dirent.c:26
ItemPointerData t_self
Definition: htup.h:65
Definition: pg_list.h:54
TupleDesc rd_att
Definition: rel.h:112
Definition: dirent.h:10
char d_name[MAX_PATH]
Definition: dirent.h:15
unsigned short st_mode
Definition: win32_port.h:268
Oid tblSpcs[FLEXIBLE_ARRAY_MEMBER]
Definition: tablespace.c:1193
char ts_path[FLEXIBLE_ARRAY_MEMBER]
Definition: tablespace.h:31
bool superuser(void)
Definition: superuser.c:46
void table_close(Relation relation, LOCKMODE lockmode)
Definition: table.c:126
Relation table_open(Oid relationId, LOCKMODE lockmode)
Definition: table.c:40
TableScanDesc table_beginscan_catalog(Relation relation, int nkeys, struct ScanKeyData *key)
Definition: tableam.c:112
static void table_endscan(TableScanDesc scan)
Definition: tableam.h:1019
#define XLOG_TBLSPC_DROP
Definition: tablespace.h:26
#define XLOG_TBLSPC_CREATE
Definition: tablespace.h:25
bool SplitIdentifierString(char *rawstring, char separator, List **namelist)
Definition: varlena.c:3457
#define stat
Definition: win32_port.h:284
#define lstat(path, sb)
Definition: win32_port.h:285
#define S_ISDIR(m)
Definition: win32_port.h:325
#define S_ISLNK(m)
Definition: win32_port.h:344
#define symlink(oldpath, newpath)
Definition: win32_port.h:235
bool IsTransactionState(void)
Definition: xact.c:385
void ForceSyncCommit(void)
Definition: xact.c:1150
#define CHECKPOINT_FORCE
Definition: xlog.h:140
#define CHECKPOINT_WAIT
Definition: xlog.h:143
#define CHECKPOINT_IMMEDIATE
Definition: xlog.h:139
void XLogRegisterData(char *data, uint32 len)
Definition: xloginsert.c:364
XLogRecPtr XLogInsert(RmgrId rmid, uint8 info)
Definition: xloginsert.c:474
void XLogBeginInsert(void)
Definition: xloginsert.c:149
#define XLogRecGetInfo(decoder)
Definition: xlogreader.h:410
#define XLogRecGetData(decoder)
Definition: xlogreader.h:415
#define XLogRecHasAnyBlockRefs(decoder)
Definition: xlogreader.h:417
#define XLR_INFO_MASK
Definition: xlogrecord.h:62
bool InRecovery
Definition: xlogutils.c:50