PostgreSQL Source Code  git master
main.c
Go to the documentation of this file.
1 /*-------------------------------------------------------------------------
2  *
3  * main.c
4  * Stub main() routine for the postgres executable.
5  *
6  * This does some essential startup tasks for any incarnation of postgres
7  * (postmaster, standalone backend, standalone bootstrap process, or a
8  * separately exec'd child of a postmaster) and then dispatches to the
9  * proper FooMain() routine for the incarnation.
10  *
11  *
12  * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group
13  * Portions Copyright (c) 1994, Regents of the University of California
14  *
15  *
16  * IDENTIFICATION
17  * src/backend/main/main.c
18  *
19  *-------------------------------------------------------------------------
20  */
21 #include "postgres.h"
22 
23 #include <unistd.h>
24 
25 #if defined(__NetBSD__)
26 #include <sys/param.h>
27 #endif
28 
29 #if defined(_M_AMD64) && _MSC_VER == 1800
30 #include <math.h>
31 #include <versionhelpers.h>
32 #endif
33 
34 #include "bootstrap/bootstrap.h"
35 #include "common/username.h"
36 #include "port/atomics.h"
37 #include "postmaster/postmaster.h"
38 #include "storage/spin.h"
39 #include "tcop/tcopprot.h"
40 #include "utils/help_config.h"
41 #include "utils/memutils.h"
42 #include "utils/pg_locale.h"
43 #include "utils/ps_status.h"
44 
45 
46 const char *progname;
47 
48 
49 static void startup_hacks(const char *progname);
50 static void init_locale(const char *categoryname, int category, const char *locale);
51 static void help(const char *progname);
52 static void check_root(const char *progname);
53 
54 
55 /*
56  * Any Postgres server process begins execution here.
57  */
58 int
59 main(int argc, char *argv[])
60 {
61  bool do_check_root = true;
62 
63  /*
64  * If supported on the current platform, set up a handler to be called if
65  * the backend/postmaster crashes with a fatal signal or exception.
66  */
67 #if defined(WIN32) && defined(HAVE_MINIDUMP_TYPE)
69 #endif
70 
71  progname = get_progname(argv[0]);
72 
73  /*
74  * Platform-specific startup hacks
75  */
77 
78  /*
79  * Remember the physical location of the initially given argv[] array for
80  * possible use by ps display. On some platforms, the argv[] storage must
81  * be overwritten in order to set the process title for ps. In such cases
82  * save_ps_display_args makes and returns a new copy of the argv[] array.
83  *
84  * save_ps_display_args may also move the environment strings to make
85  * extra room. Therefore this should be done as early as possible during
86  * startup, to avoid entanglements with code that might save a getenv()
87  * result pointer.
88  */
89  argv = save_ps_display_args(argc, argv);
90 
91  /*
92  * Fire up essential subsystems: error and memory management
93  *
94  * Code after this point is allowed to use elog/ereport, though
95  * localization of messages may not work right away, and messages won't go
96  * anywhere but stderr until GUC settings get loaded.
97  */
99 
100  /*
101  * Set up locale information
102  */
103  set_pglocale_pgservice(argv[0], PG_TEXTDOMAIN("postgres"));
104 
105  /*
106  * In the postmaster, absorb the environment values for LC_COLLATE and
107  * LC_CTYPE. Individual backends will change these later to settings
108  * taken from pg_database, but the postmaster cannot do that. If we leave
109  * these set to "C" then message localization might not work well in the
110  * postmaster.
111  */
112  init_locale("LC_COLLATE", LC_COLLATE, "");
113  init_locale("LC_CTYPE", LC_CTYPE, "");
114 
115  /*
116  * LC_MESSAGES will get set later during GUC option processing, but we set
117  * it here to allow startup error messages to be localized.
118  */
119 #ifdef LC_MESSAGES
120  init_locale("LC_MESSAGES", LC_MESSAGES, "");
121 #endif
122 
123  /*
124  * We keep these set to "C" always, except transiently in pg_locale.c; see
125  * that file for explanations.
126  */
127  init_locale("LC_MONETARY", LC_MONETARY, "C");
128  init_locale("LC_NUMERIC", LC_NUMERIC, "C");
129  init_locale("LC_TIME", LC_TIME, "C");
130 
131  /*
132  * Now that we have absorbed as much as we wish to from the locale
133  * environment, remove any LC_ALL setting, so that the environment
134  * variables installed by pg_perm_setlocale have force.
135  */
136  unsetenv("LC_ALL");
137 
139 
140  /*
141  * Catch standard options before doing much else, in particular before we
142  * insist on not being root.
143  */
144  if (argc > 1)
145  {
146  if (strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") == 0)
147  {
148  help(progname);
149  exit(0);
150  }
151  if (strcmp(argv[1], "--version") == 0 || strcmp(argv[1], "-V") == 0)
152  {
154  exit(0);
155  }
156 
157  /*
158  * In addition to the above, we allow "--describe-config" and "-C var"
159  * to be called by root. This is reasonably safe since these are
160  * read-only activities. The -C case is important because pg_ctl may
161  * try to invoke it while still holding administrator privileges on
162  * Windows. Note that while -C can normally be in any argv position,
163  * if you want to bypass the root check you must put it first. This
164  * reduces the risk that we might misinterpret some other mode's -C
165  * switch as being the postmaster/postgres one.
166  */
167  if (strcmp(argv[1], "--describe-config") == 0)
168  do_check_root = false;
169  else if (argc > 2 && strcmp(argv[1], "-C") == 0)
170  do_check_root = false;
171  }
172 
173  /*
174  * Make sure we are not running as root, unless it's safe for the selected
175  * option.
176  */
177  if (do_check_root)
179 
180  /*
181  * Dispatch to one of various subprograms depending on first argument.
182  */
183 
184 #ifdef EXEC_BACKEND
185  if (argc > 1 && strncmp(argv[1], "--fork", 6) == 0)
186  SubPostmasterMain(argc, argv); /* does not return */
187 #endif
188 
189 #ifdef WIN32
190 
191  /*
192  * Start our win32 signal implementation
193  *
194  * SubPostmasterMain() will do this for itself, but the remaining modes
195  * need it here
196  */
198 #endif
199 
200  if (argc > 1 && strcmp(argv[1], "--boot") == 0)
201  AuxiliaryProcessMain(argc, argv); /* does not return */
202  else if (argc > 1 && strcmp(argv[1], "--describe-config") == 0)
203  GucInfoMain(); /* does not return */
204  else if (argc > 1 && strcmp(argv[1], "--single") == 0)
205  PostgresMain(argc, argv,
206  NULL, /* no dbname */
207  strdup(get_user_name_or_exit(progname))); /* does not return */
208  else
209  PostmasterMain(argc, argv); /* does not return */
210  abort(); /* should not get here */
211 }
212 
213 
214 
215 /*
216  * Place platform-specific startup hacks here. This is the right
217  * place to put code that must be executed early in the launch of any new
218  * server process. Note that this code will NOT be executed when a backend
219  * or sub-bootstrap process is forked, unless we are in a fork/exec
220  * environment (ie EXEC_BACKEND is defined).
221  *
222  * XXX The need for code here is proof that the platform in question
223  * is too brain-dead to provide a standard C execution environment
224  * without help. Avoid adding more here, if you can.
225  */
226 static void
228 {
229  /*
230  * Windows-specific execution environment hacking.
231  */
232 #ifdef WIN32
233  {
234  WSADATA wsaData;
235  int err;
236 
237  /* Make output streams unbuffered by default */
238  setvbuf(stdout, NULL, _IONBF, 0);
239  setvbuf(stderr, NULL, _IONBF, 0);
240 
241  /* Prepare Winsock */
242  err = WSAStartup(MAKEWORD(2, 2), &wsaData);
243  if (err != 0)
244  {
245  write_stderr("%s: WSAStartup failed: %d\n",
246  progname, err);
247  exit(1);
248  }
249 
250  /* In case of general protection fault, don't show GUI popup box */
251  SetErrorMode(SEM_FAILCRITICALERRORS | SEM_NOGPFAULTERRORBOX);
252 
253 #if defined(_M_AMD64) && _MSC_VER == 1800
254 
255  /*----------
256  * Avoid crashing in certain floating-point operations if we were
257  * compiled for x64 with MS Visual Studio 2013 and are running on
258  * Windows prior to 7/2008R2 SP1 on an AVX2-capable CPU.
259  *
260  * Ref: https://connect.microsoft.com/VisualStudio/feedback/details/811093/visual-studio-2013-rtm-c-x64-code-generation-bug-for-avx2-instructions
261  *----------
262  */
263  if (!IsWindows7SP1OrGreater())
264  {
265  _set_FMA3_enable(0);
266  }
267 #endif /* defined(_M_AMD64) && _MSC_VER == 1800 */
268 
269  }
270 #endif /* WIN32 */
271 
272  /*
273  * Initialize dummy_spinlock, in case we are on a platform where we have
274  * to use the fallback implementation of pg_memory_barrier().
275  */
277 }
278 
279 
280 /*
281  * Make the initial permanent setting for a locale category. If that fails,
282  * perhaps due to LC_foo=invalid in the environment, use locale C. If even
283  * that fails, perhaps due to out-of-memory, the entire startup fails with it.
284  * When this returns, we are guaranteed to have a setting for the given
285  * category's environment variable.
286  */
287 static void
288 init_locale(const char *categoryname, int category, const char *locale)
289 {
290  if (pg_perm_setlocale(category, locale) == NULL &&
291  pg_perm_setlocale(category, "C") == NULL)
292  elog(FATAL, "could not adopt \"%s\" locale nor C locale for %s",
293  locale, categoryname);
294 }
295 
296 
297 
298 /*
299  * Help display should match the options accepted by PostmasterMain()
300  * and PostgresMain().
301  *
302  * XXX On Windows, non-ASCII localizations of these messages only display
303  * correctly if the console output code page covers the necessary characters.
304  * Messages emitted in write_console() do not exhibit this problem.
305  */
306 static void
307 help(const char *progname)
308 {
309  printf(_("%s is the PostgreSQL server.\n\n"), progname);
310  printf(_("Usage:\n %s [OPTION]...\n\n"), progname);
311  printf(_("Options:\n"));
312  printf(_(" -B NBUFFERS number of shared buffers\n"));
313  printf(_(" -c NAME=VALUE set run-time parameter\n"));
314  printf(_(" -C NAME print value of run-time parameter, then exit\n"));
315  printf(_(" -d 1-5 debugging level\n"));
316  printf(_(" -D DATADIR database directory\n"));
317  printf(_(" -e use European date input format (DMY)\n"));
318  printf(_(" -F turn fsync off\n"));
319  printf(_(" -h HOSTNAME host name or IP address to listen on\n"));
320  printf(_(" -i enable TCP/IP connections\n"));
321  printf(_(" -k DIRECTORY Unix-domain socket location\n"));
322 #ifdef USE_SSL
323  printf(_(" -l enable SSL connections\n"));
324 #endif
325  printf(_(" -N MAX-CONNECT maximum number of allowed connections\n"));
326  printf(_(" -o OPTIONS pass \"OPTIONS\" to each server process (obsolete)\n"));
327  printf(_(" -p PORT port number to listen on\n"));
328  printf(_(" -s show statistics after each query\n"));
329  printf(_(" -S WORK-MEM set amount of memory for sorts (in kB)\n"));
330  printf(_(" -V, --version output version information, then exit\n"));
331  printf(_(" --NAME=VALUE set run-time parameter\n"));
332  printf(_(" --describe-config describe configuration parameters, then exit\n"));
333  printf(_(" -?, --help show this help, then exit\n"));
334 
335  printf(_("\nDeveloper options:\n"));
336  printf(_(" -f s|i|n|m|h forbid use of some plan types\n"));
337  printf(_(" -n do not reinitialize shared memory after abnormal exit\n"));
338  printf(_(" -O allow system table structure changes\n"));
339  printf(_(" -P disable system indexes\n"));
340  printf(_(" -t pa|pl|ex show timings after each query\n"));
341  printf(_(" -T send SIGSTOP to all backend processes if one dies\n"));
342  printf(_(" -W NUM wait NUM seconds to allow attach from a debugger\n"));
343 
344  printf(_("\nOptions for single-user mode:\n"));
345  printf(_(" --single selects single-user mode (must be first argument)\n"));
346  printf(_(" DBNAME database name (defaults to user name)\n"));
347  printf(_(" -d 0-5 override debugging level\n"));
348  printf(_(" -E echo statement before execution\n"));
349  printf(_(" -j do not use newline as interactive query delimiter\n"));
350  printf(_(" -r FILENAME send stdout and stderr to given file\n"));
351 
352  printf(_("\nOptions for bootstrapping mode:\n"));
353  printf(_(" --boot selects bootstrapping mode (must be first argument)\n"));
354  printf(_(" DBNAME database name (mandatory argument in bootstrapping mode)\n"));
355  printf(_(" -r FILENAME send stdout and stderr to given file\n"));
356  printf(_(" -x NUM internal use\n"));
357 
358  printf(_("\nPlease read the documentation for the complete list of run-time\n"
359  "configuration settings and how to set them on the command line or in\n"
360  "the configuration file.\n\n"
361  "Report bugs to <%s>.\n"), PACKAGE_BUGREPORT);
362  printf(_("%s home page: <%s>\n"), PACKAGE_NAME, PACKAGE_URL);
363 }
364 
365 
366 
367 static void
368 check_root(const char *progname)
369 {
370 #ifndef WIN32
371  if (geteuid() == 0)
372  {
373  write_stderr("\"root\" execution of the PostgreSQL server is not permitted.\n"
374  "The server must be started under an unprivileged user ID to prevent\n"
375  "possible system security compromise. See the documentation for\n"
376  "more information on how to properly start the server.\n");
377  exit(1);
378  }
379 
380  /*
381  * Also make sure that real and effective uids are the same. Executing as
382  * a setuid program from a root shell is a security hole, since on many
383  * platforms a nefarious subroutine could setuid back to root if real uid
384  * is root. (Since nobody actually uses postgres as a setuid program,
385  * trying to actively fix this situation seems more trouble than it's
386  * worth; we'll just expend the effort to check for it.)
387  */
388  if (getuid() != geteuid())
389  {
390  write_stderr("%s: real and effective user IDs must match\n",
391  progname);
392  exit(1);
393  }
394 #else /* WIN32 */
395  if (pgwin32_is_admin())
396  {
397  write_stderr("Execution of PostgreSQL by a user with administrative permissions is not\n"
398  "permitted.\n"
399  "The server must be started under an unprivileged user ID to prevent\n"
400  "possible system security compromises. See the documentation for\n"
401  "more information on how to properly start the server.\n");
402  exit(1);
403  }
404 #endif /* WIN32 */
405 }
void pgwin32_install_crashdump_handler(void)
Definition: crashdump.c:180
int main(int argc, char *argv[])
Definition: main.c:59
const char * progname
Definition: main.c:46
void pgwin32_signal_initialize(void)
Definition: signal.c:69
void MemoryContextInit(void)
Definition: mcxt.c:92
const char * get_progname(const char *argv0)
Definition: path.c:453
void GucInfoMain(void)
Definition: help_config.c:46
#define SpinLockInit(lock)
Definition: spin.h:60
#define write_stderr(str)
Definition: parallel.c:186
#define printf(...)
Definition: port.h:199
static void help(const char *progname)
Definition: main.c:307
char * pg_perm_setlocale(int category, const char *locale)
Definition: pg_locale.c:166
#define FATAL
Definition: elog.h:52
void PostgresMain(int argc, char *argv[], const char *dbname, const char *username)
Definition: postgres.c:3777
char ** save_ps_display_args(int argc, char **argv)
Definition: ps_status.c:131
void check_strxfrm_bug(void)
Definition: pg_locale.c:1221
int pgwin32_is_admin(void)
Definition: win32security.c:49
#define PG_TEXTDOMAIN(domain)
Definition: c.h:1177
#define PG_BACKEND_VERSIONSTR
Definition: port.h:112
static void check_root(const char *progname)
Definition: main.c:368
slock_t dummy_spinlock
Definition: s_lock.c:63
void PostmasterMain(int argc, char *argv[])
Definition: postmaster.c:567
static void init_locale(const char *categoryname, int category, const char *locale)
Definition: main.c:288
void set_pglocale_pgservice(const char *argv0, const char *app)
Definition: exec.c:434
#define elog(elevel,...)
Definition: elog.h:214
static char * locale
Definition: initdb.c:125
void AuxiliaryProcessMain(int argc, char *argv[])
Definition: bootstrap.c:198
#define _(x)
Definition: elog.c:88
#define unsetenv(x)
Definition: win32_port.h:475
static void startup_hacks(const char *progname)
Definition: main.c:227
const char * get_user_name_or_exit(const char *progname)
Definition: username.c:74