PostgreSQL Source Code git master
All Data Structures Namespaces Files Functions Variables Typedefs Enumerations Enumerator Macros Pages
basebackup_to_shell.c File Reference
#include "postgres.h"
#include "access/xact.h"
#include "backup/basebackup_target.h"
#include "common/percentrepl.h"
#include "miscadmin.h"
#include "storage/fd.h"
#include "utils/acl.h"
#include "utils/guc.h"
Include dependency graph for basebackup_to_shell.c:

Go to the source code of this file.

Data Structures

struct  bbsink_shell
 

Typedefs

typedef struct bbsink_shell bbsink_shell
 

Functions

static void * shell_check_detail (char *target, char *target_detail)
 
static bbsinkshell_get_sink (bbsink *next_sink, void *detail_arg)
 
static void bbsink_shell_begin_archive (bbsink *sink, const char *archive_name)
 
static void bbsink_shell_archive_contents (bbsink *sink, size_t len)
 
static void bbsink_shell_end_archive (bbsink *sink)
 
static void bbsink_shell_begin_manifest (bbsink *sink)
 
static void bbsink_shell_manifest_contents (bbsink *sink, size_t len)
 
static void bbsink_shell_end_manifest (bbsink *sink)
 
void _PG_init (void)
 
static char * shell_construct_command (const char *base_command, const char *filename, const char *target_detail)
 
static void shell_finish_command (bbsink_shell *sink)
 
static void shell_run_command (bbsink_shell *sink, const char *filename)
 
static void shell_send_data (bbsink_shell *sink, size_t len)
 

Variables

 PG_MODULE_MAGIC
 
static const bbsink_ops bbsink_shell_ops
 
static char * shell_command = ""
 
static char * shell_required_role = ""
 

Typedef Documentation

◆ bbsink_shell

typedef struct bbsink_shell bbsink_shell

Function Documentation

◆ _PG_init()

void _PG_init ( void  )

Definition at line 68 of file basebackup_to_shell.c.

69{
70 DefineCustomStringVariable("basebackup_to_shell.command",
71 "Shell command to be executed for each backup file.",
72 NULL,
74 "",
76 0,
77 NULL, NULL, NULL);
78
79 DefineCustomStringVariable("basebackup_to_shell.required_role",
80 "Backup user must be a member of this role to use shell backup target.",
81 NULL,
83 "",
85 0,
86 NULL, NULL, NULL);
87
88 MarkGUCPrefixReserved("basebackup_to_shell");
89
91}
void BaseBackupAddTarget(char *name, void *(*check_detail)(char *, char *), bbsink *(*get_sink)(bbsink *, void *))
static void * shell_check_detail(char *target, char *target_detail)
static char * shell_required_role
static bbsink * shell_get_sink(bbsink *next_sink, void *detail_arg)
static char * shell_command
void DefineCustomStringVariable(const char *name, const char *short_desc, const char *long_desc, char **valueAddr, const char *bootValue, GucContext context, int flags, GucStringCheckHook check_hook, GucStringAssignHook assign_hook, GucShowHook show_hook)
Definition: guc.c:5218
void MarkGUCPrefixReserved(const char *className)
Definition: guc.c:5279
@ PGC_SIGHUP
Definition: guc.h:71

References BaseBackupAddTarget(), DefineCustomStringVariable(), MarkGUCPrefixReserved(), PGC_SIGHUP, shell_check_detail(), shell_command, shell_get_sink(), and shell_required_role.

◆ bbsink_shell_archive_contents()

static void bbsink_shell_archive_contents ( bbsink sink,
size_t  len 
)
static

Definition at line 319 of file basebackup_to_shell.c.

320{
321 bbsink_shell *mysink = (bbsink_shell *) sink;
322
323 shell_send_data(mysink, len);
325}
void bbsink_forward_archive_contents(bbsink *sink, size_t len)
static void shell_send_data(bbsink_shell *sink, size_t len)
const void size_t len

References bbsink_forward_archive_contents(), len, and shell_send_data().

◆ bbsink_shell_begin_archive()

static void bbsink_shell_begin_archive ( bbsink sink,
const char *  archive_name 
)
static

Definition at line 307 of file basebackup_to_shell.c.

308{
309 bbsink_shell *mysink = (bbsink_shell *) sink;
310
311 shell_run_command(mysink, archive_name);
312 bbsink_forward_begin_archive(sink, archive_name);
313}
void bbsink_forward_begin_archive(bbsink *sink, const char *archive_name)
static void shell_run_command(bbsink_shell *sink, const char *filename)

References bbsink_forward_begin_archive(), and shell_run_command().

◆ bbsink_shell_begin_manifest()

static void bbsink_shell_begin_manifest ( bbsink sink)
static

Definition at line 343 of file basebackup_to_shell.c.

344{
345 bbsink_shell *mysink = (bbsink_shell *) sink;
346
347 shell_run_command(mysink, "backup_manifest");
349}
void bbsink_forward_begin_manifest(bbsink *sink)

References bbsink_forward_begin_manifest(), and shell_run_command().

◆ bbsink_shell_end_archive()

static void bbsink_shell_end_archive ( bbsink sink)
static

Definition at line 331 of file basebackup_to_shell.c.

332{
333 bbsink_shell *mysink = (bbsink_shell *) sink;
334
335 shell_finish_command(mysink);
337}
void bbsink_forward_end_archive(bbsink *sink)
static void shell_finish_command(bbsink_shell *sink)

References bbsink_forward_end_archive(), and shell_finish_command().

◆ bbsink_shell_end_manifest()

static void bbsink_shell_end_manifest ( bbsink sink)
static

Definition at line 367 of file basebackup_to_shell.c.

368{
369 bbsink_shell *mysink = (bbsink_shell *) sink;
370
371 shell_finish_command(mysink);
373}
void bbsink_forward_end_manifest(bbsink *sink)

References bbsink_forward_end_manifest(), and shell_finish_command().

◆ bbsink_shell_manifest_contents()

static void bbsink_shell_manifest_contents ( bbsink sink,
size_t  len 
)
static

Definition at line 355 of file basebackup_to_shell.c.

356{
357 bbsink_shell *mysink = (bbsink_shell *) sink;
358
359 shell_send_data(mysink, len);
361}
void bbsink_forward_manifest_contents(bbsink *sink, size_t len)

References bbsink_forward_manifest_contents(), len, and shell_send_data().

◆ shell_check_detail()

static void * shell_check_detail ( char *  target,
char *  target_detail 
)
static

Definition at line 99 of file basebackup_to_shell.c.

100{
101 if (shell_required_role[0] != '\0')
102 {
103 Oid roleid;
104
106 roleid = get_role_oid(shell_required_role, true);
107 if (!has_privs_of_role(GetUserId(), roleid))
109 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
110 errmsg("permission denied to use basebackup_to_shell")));
112 }
113
114 return target_detail;
115}
bool has_privs_of_role(Oid member, Oid role)
Definition: acl.c:5268
Oid get_role_oid(const char *rolname, bool missing_ok)
Definition: acl.c:5554
int errcode(int sqlerrcode)
Definition: elog.c:853
int errmsg(const char *fmt,...)
Definition: elog.c:1070
#define ERROR
Definition: elog.h:39
#define ereport(elevel,...)
Definition: elog.h:149
Oid GetUserId(void)
Definition: miscinit.c:517
unsigned int Oid
Definition: postgres_ext.h:31
void StartTransactionCommand(void)
Definition: xact.c:3051
void CommitTransactionCommand(void)
Definition: xact.c:3149

References CommitTransactionCommand(), ereport, errcode(), errmsg(), ERROR, get_role_oid(), GetUserId(), has_privs_of_role(), shell_required_role, and StartTransactionCommand().

Referenced by _PG_init().

◆ shell_construct_command()

static char * shell_construct_command ( const char *  base_command,
const char *  filename,
const char *  target_detail 
)
static

Definition at line 209 of file basebackup_to_shell.c.

211{
212 return replace_percent_placeholders(base_command, "basebackup_to_shell.command",
213 "df", target_detail, filename);
214}
char * replace_percent_placeholders(const char *instr, const char *param_name, const char *letters,...)
Definition: percentrepl.c:59
static char * filename
Definition: pg_dumpall.c:119

References filename, and replace_percent_placeholders().

Referenced by shell_run_command().

◆ shell_finish_command()

static void shell_finish_command ( bbsink_shell sink)
static

Definition at line 220 of file basebackup_to_shell.c.

221{
222 int pclose_rc;
223
224 /* There should be a command running. */
225 Assert(sink->current_command != NULL);
226 Assert(sink->pipe != NULL);
227
228 /* Close down the pipe we opened. */
229 pclose_rc = ClosePipeStream(sink->pipe);
230 if (pclose_rc == -1)
233 errmsg("could not close pipe to external command: %m")));
234 else if (pclose_rc != 0)
235 {
237 (errcode(ERRCODE_EXTERNAL_ROUTINE_EXCEPTION),
238 errmsg("shell command \"%s\" failed",
239 sink->current_command),
240 errdetail_internal("%s", wait_result_to_str(pclose_rc))));
241 }
242
243 /* Clean up. */
244 sink->pipe = NULL;
245 pfree(sink->current_command);
246 sink->current_command = NULL;
247}
#define Assert(condition)
Definition: c.h:812
int errdetail_internal(const char *fmt,...)
Definition: elog.c:1230
int errcode_for_file_access(void)
Definition: elog.c:876
int ClosePipeStream(FILE *file)
Definition: fd.c:3013
void pfree(void *pointer)
Definition: mcxt.c:1521
char * wait_result_to_str(int exitstatus)
Definition: wait_error.c:33

References Assert, ClosePipeStream(), bbsink_shell::current_command, ereport, errcode(), errcode_for_file_access(), errdetail_internal(), errmsg(), ERROR, pfree(), bbsink_shell::pipe, and wait_result_to_str().

Referenced by bbsink_shell_end_archive(), bbsink_shell_end_manifest(), and shell_send_data().

◆ shell_get_sink()

static bbsink * shell_get_sink ( bbsink next_sink,
void *  detail_arg 
)
static

Definition at line 124 of file basebackup_to_shell.c.

125{
126 bbsink_shell *sink;
127 bool has_detail_escape = false;
128 char *c;
129
130 /*
131 * Set up the bbsink.
132 *
133 * We remember the current value of basebackup_to_shell.shell_command to
134 * be certain that it can't change under us during the backup.
135 */
136 sink = palloc0(sizeof(bbsink_shell));
137 *((const bbsink_ops **) &sink->base.bbs_ops) = &bbsink_shell_ops;
138 sink->base.bbs_next = next_sink;
139 sink->target_detail = detail_arg;
141
142 /* Reject an empty shell command. */
143 if (sink->shell_command[0] == '\0')
145 errcode(ERRCODE_INVALID_PARAMETER_VALUE),
146 errmsg("shell command for backup is not configured"));
147
148 /* Determine whether the shell command we're using contains %d. */
149 for (c = sink->shell_command; *c != '\0'; ++c)
150 {
151 if (c[0] == '%' && c[1] != '\0')
152 {
153 if (c[1] == 'd')
154 has_detail_escape = true;
155 ++c;
156 }
157 }
158
159 /* There should be a target detail if %d was used, and not otherwise. */
160 if (has_detail_escape && sink->target_detail == NULL)
162 (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
163 errmsg("a target detail is required because the configured command includes %%d"),
164 errhint("Try \"pg_basebackup --target shell:DETAIL ...\"")));
165 else if (!has_detail_escape && sink->target_detail != NULL)
167 (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
168 errmsg("a target detail is not permitted because the configured command does not include %%d")));
169
170 /*
171 * Since we're passing the string provided by the user to popen(), it will
172 * be interpreted by the shell, which is a potential security
173 * vulnerability, since the user invoking this module is not necessarily a
174 * superuser. To stay out of trouble, we must disallow any shell
175 * metacharacters here; to be conservative and keep things simple, we
176 * allow only alphanumerics.
177 */
178 if (sink->target_detail != NULL)
179 {
180 char *d;
181 bool scary = false;
182
183 for (d = sink->target_detail; *d != '\0'; ++d)
184 {
185 if (*d >= 'a' && *d <= 'z')
186 continue;
187 if (*d >= 'A' && *d <= 'Z')
188 continue;
189 if (*d >= '0' && *d <= '9')
190 continue;
191 scary = true;
192 break;
193 }
194
195 if (scary)
197 errcode(ERRCODE_INVALID_PARAMETER_VALUE),
198 errmsg("target detail must contain only alphanumeric characters"));
199 }
200
201 return &sink->base;
202}
static const bbsink_ops bbsink_shell_ops
int errhint(const char *fmt,...)
Definition: elog.c:1317
char * pstrdup(const char *in)
Definition: mcxt.c:1696
void * palloc0(Size size)
Definition: mcxt.c:1347
char * c
bbsink * bbs_next
const bbsink_ops * bbs_ops

References bbsink_shell::base, bbsink::bbs_next, bbsink::bbs_ops, bbsink_shell_ops, ereport, errcode(), errhint(), errmsg(), ERROR, palloc0(), pstrdup(), bbsink_shell::shell_command, shell_command, and bbsink_shell::target_detail.

Referenced by _PG_init().

◆ shell_run_command()

static void shell_run_command ( bbsink_shell sink,
const char *  filename 
)
static

Definition at line 253 of file basebackup_to_shell.c.

254{
255 /* There should not be anything already running. */
256 Assert(sink->current_command == NULL);
257 Assert(sink->pipe == NULL);
258
259 /* Construct a suitable command. */
261 filename,
262 sink->target_detail);
263
264 /* Run it. */
266 if (sink->pipe == NULL)
269 errmsg("could not execute command \"%s\": %m",
270 sink->current_command)));
271}
static char * shell_construct_command(const char *base_command, const char *filename, const char *target_detail)
#define PG_BINARY_W
Definition: c.h:1230
FILE * OpenPipeStream(const char *command, const char *mode)
Definition: fd.c:2708

References Assert, bbsink_shell::current_command, ereport, errcode_for_file_access(), errmsg(), ERROR, filename, OpenPipeStream(), PG_BINARY_W, bbsink_shell::pipe, bbsink_shell::shell_command, shell_construct_command(), and bbsink_shell::target_detail.

Referenced by bbsink_shell_begin_archive(), and bbsink_shell_begin_manifest().

◆ shell_send_data()

static void shell_send_data ( bbsink_shell sink,
size_t  len 
)
static

Definition at line 277 of file basebackup_to_shell.c.

278{
279 /* There should be a command running. */
280 Assert(sink->current_command != NULL);
281 Assert(sink->pipe != NULL);
282
283 /* Try to write the data. */
284 if (fwrite(sink->base.bbs_buffer, len, 1, sink->pipe) != 1 ||
285 ferror(sink->pipe))
286 {
287 if (errno == EPIPE)
288 {
289 /*
290 * The error we're about to throw would shut down the command
291 * anyway, but we may get a more meaningful error message by doing
292 * this. If not, we'll fall through to the generic error below.
293 */
295 errno = EPIPE;
296 }
299 errmsg("could not write to shell backup program: %m")));
300 }
301}
char * bbs_buffer

References Assert, bbsink_shell::base, bbsink::bbs_buffer, bbsink_shell::current_command, ereport, errcode_for_file_access(), errmsg(), ERROR, len, bbsink_shell::pipe, and shell_finish_command().

Referenced by bbsink_shell_archive_contents(), and bbsink_shell_manifest_contents().

Variable Documentation

◆ bbsink_shell_ops

const bbsink_ops bbsink_shell_ops
static
Initial value:
= {
.begin_backup = bbsink_forward_begin_backup,
.begin_archive = bbsink_shell_begin_archive,
.archive_contents = bbsink_shell_archive_contents,
.end_archive = bbsink_shell_end_archive,
.begin_manifest = bbsink_shell_begin_manifest,
.manifest_contents = bbsink_shell_manifest_contents,
.end_manifest = bbsink_shell_end_manifest,
}
void bbsink_forward_begin_backup(bbsink *sink)
void bbsink_forward_end_backup(bbsink *sink, XLogRecPtr endptr, TimeLineID endtli)
void bbsink_forward_cleanup(bbsink *sink)
static void bbsink_shell_begin_manifest(bbsink *sink)
static void bbsink_shell_end_manifest(bbsink *sink)
static void bbsink_shell_end_archive(bbsink *sink)
static void bbsink_shell_begin_archive(bbsink *sink, const char *archive_name)
static void bbsink_shell_archive_contents(bbsink *sink, size_t len)
static void bbsink_shell_manifest_contents(bbsink *sink, size_t len)

Definition at line 52 of file basebackup_to_shell.c.

Referenced by shell_get_sink().

◆ PG_MODULE_MAGIC

PG_MODULE_MAGIC

Definition at line 21 of file basebackup_to_shell.c.

◆ shell_command

char* shell_command = ""
static

Definition at line 64 of file basebackup_to_shell.c.

Referenced by _PG_init(), and shell_get_sink().

◆ shell_required_role

char* shell_required_role = ""
static

Definition at line 65 of file basebackup_to_shell.c.

Referenced by _PG_init(), and shell_check_detail().