#include "postgres.h"
#include <sys/param.h>
#include <signal.h>
#include <time.h>
#include <sys/file.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
#include <grp.h>
#include <pwd.h>
#include <netinet/in.h>
#include <arpa/inet.h>
#include "access/htup_details.h"
#include "catalog/pg_authid.h"
#include "libpq/libpq.h"
#include "mb/pg_wchar.h"
#include "miscadmin.h"
#include "pgstat.h"
#include "postmaster/autovacuum.h"
#include "postmaster/postmaster.h"
#include "storage/fd.h"
#include "storage/ipc.h"
#include "storage/latch.h"
#include "storage/pg_shmem.h"
#include "storage/proc.h"
#include "storage/procarray.h"
#include "utils/builtins.h"
#include "utils/guc.h"
#include "utils/memutils.h"
#include "utils/pidfile.h"
#include "utils/syscache.h"
#include "utils/varlena.h"

Include dependency graph for miscinit.c:

Macros
#define	DIRECTORY_LOCK_FILE "postmaster.pid"

Functions
void	SetDatabasePath (const char *path)

void	SetDataDir (const char *dir)

void	ChangeToDataDir (void)

void	InitPostmasterChild (void)

void	InitStandaloneProcess (const char *argv0)

void	SwitchToSharedLatch (void)

void	SwitchBackToLocalLatch (void)

Oid	GetUserId (void)

Oid	GetOuterUserId (void)

static void	SetOuterUserId (Oid userid)

Oid	GetSessionUserId (void)

static void	SetSessionUserId (Oid userid, bool is_superuser)

Oid	GetAuthenticatedUserId (void)

void	GetUserIdAndSecContext (Oid userid, int sec_context)

void	SetUserIdAndSecContext (Oid userid, int sec_context)

bool	InLocalUserIdChange (void)

bool	InSecurityRestrictedOperation (void)

bool	InNoForceRLSOperation (void)

void	GetUserIdAndContext (Oid userid, bool sec_def_context)

void	SetUserIdAndContext (Oid userid, bool sec_def_context)

bool	has_rolreplication (Oid roleid)

void	InitializeSessionUserId (const char *rolename, Oid roleid)

void	InitializeSessionUserIdStandalone (void)

void	SetSessionAuthorization (Oid userid, bool is_superuser)

Oid	GetCurrentRoleId (void)

void	SetCurrentRoleId (Oid roleid, bool is_superuser)

char *	GetUserNameFromId (Oid roleid, bool noerr)

static void	UnlinkLockFiles (int status, Datum arg)

static void	CreateLockFile (const char filename, bool amPostmaster, const char socketDir, bool isDDLock, const char *refName)

void	CreateDataDirLockFile (bool amPostmaster)

void	CreateSocketLockFile (const char socketfile, bool amPostmaster, const char socketDir)

void	TouchSocketLockFiles (void)

void	AddToDataDirLockFile (int target_line, const char *str)

bool	RecheckDataDirLockFile (void)

void	ValidatePgVersion (const char *path)

static void	load_libraries (const char libraries, const char gucname, bool restricted)

void	process_shared_preload_libraries (void)

void	process_session_preload_libraries (void)

void	pg_bindtextdomain (const char *domain)

Variables
ProcessingMode	Mode = InitProcessing

static List *	lock_files = NIL

static Latch	LocalLatchData

bool	IgnoreSystemIndexes = false

static Oid	AuthenticatedUserId = InvalidOid

static Oid	SessionUserId = InvalidOid

static Oid	OuterUserId = InvalidOid

static Oid	CurrentUserId = InvalidOid

static bool	AuthenticatedUserIsSuperuser = false

static bool	SessionUserIsSuperuser = false

static int	SecurityRestrictionContext = 0

static bool	SetRoleIsActive = false

char *	session_preload_libraries_string = NULL

char *	shared_preload_libraries_string = NULL

char *	local_preload_libraries_string = NULL

bool	process_shared_preload_libraries_in_progress = false

Macro Definition Documentation

#define DIRECTORY_LOCK_FILE "postmaster.pid"

Definition at line 55 of file miscinit.c.

Referenced by AddToDataDirLockFile(), CreateDataDirLockFile(), RecheckDataDirLockFile(), and TouchSocketLockFiles().

Function Documentation

void AddToDataDirLockFile	(	int	target_line,
		const char *	str
	)

Definition at line 1158 of file miscinit.c.

References close, DIRECTORY_LOCK_FILE, ereport, errcode_for_file_access(), errmsg(), fd(), LOG, NULL, PG_BINARY, pg_fsync(), pgstat_report_wait_end(), pgstat_report_wait_start(), read, snprintf(), WAIT_EVENT_LOCK_FILE_ADDTODATADIR_READ, WAIT_EVENT_LOCK_FILE_ADDTODATADIR_SYNC, WAIT_EVENT_LOCK_FILE_ADDTODATADIR_WRITE, and write.

Referenced by InternalIpcMemoryCreate(), pmdie(), PostmasterMain(), reaper(), and sigusr1_handler().

 {
     int         fd;
     int         len;
     int         lineno;
     char       *srcptr;
     char       *destptr;
     char        srcbuffer[BLCKSZ];
     char        destbuffer[BLCKSZ];
 
     fd = open(DIRECTORY_LOCK_FILE, O_RDWR | PG_BINARY, 0);
     if (fd < 0)
     {
         ereport(LOG,
                 (errcode_for_file_access(),
                  errmsg("could not open file \"%s\": %m",
                         DIRECTORY_LOCK_FILE)));
         return;
     }
     pgstat_report_wait_start(WAIT_EVENT_LOCK_FILE_ADDTODATADIR_READ);
     len = read(fd, srcbuffer, sizeof(srcbuffer) - 1);
     pgstat_report_wait_end();
     if (len < 0)
     {
         ereport(LOG,
                 (errcode_for_file_access(),
                  errmsg("could not read from file \"%s\": %m",
                         DIRECTORY_LOCK_FILE)));
         close(fd);
         return;
     }
     srcbuffer[len] = '\0';
 
     /*
      * Advance over lines we are not supposed to rewrite, then copy them to
      * destbuffer.
      */
     srcptr = srcbuffer;
     for (lineno = 1; lineno < target_line; lineno++)
     {
         char       *eol = strchr(srcptr, '\n');
 
         if (eol == NULL)
             break;              /* not enough lines in file yet */
         srcptr = eol + 1;
     }
     memcpy(destbuffer, srcbuffer, srcptr - srcbuffer);
     destptr = destbuffer + (srcptr - srcbuffer);
 
     /*
      * Fill in any missing lines before the target line, in case lines are
      * added to the file out of order.
      */
     for (; lineno < target_line; lineno++)
     {
         if (destptr < destbuffer + sizeof(destbuffer))
             *destptr++ = '\n';
     }
 
     /*
      * Write or rewrite the target line.
      */
     snprintf(destptr, destbuffer + sizeof(destbuffer) - destptr, "%s\n", str);
     destptr += strlen(destptr);
 
     /*
      * If there are more lines in the old file, append them to destbuffer.
      */
     if ((srcptr = strchr(srcptr, '\n')) != NULL)
     {
         srcptr++;
         snprintf(destptr, destbuffer + sizeof(destbuffer) - destptr, "%s",
                  srcptr);
     }
 
     /*
      * And rewrite the data.  Since we write in a single kernel call, this
      * update should appear atomic to onlookers.
      */
     len = strlen(destbuffer);
     errno = 0;
     pgstat_report_wait_start(WAIT_EVENT_LOCK_FILE_ADDTODATADIR_WRITE);
     if (lseek(fd, (off_t) 0, SEEK_SET) != 0 ||
         (int) write(fd, destbuffer, len) != len)
     {
         pgstat_report_wait_end();
         /* if write didn't set errno, assume problem is no disk space */
         if (errno == 0)
             errno = ENOSPC;
         ereport(LOG,
                 (errcode_for_file_access(),
                  errmsg("could not write to file \"%s\": %m",
                         DIRECTORY_LOCK_FILE)));
         close(fd);
         return;
     }
     pgstat_report_wait_end();
     pgstat_report_wait_start(WAIT_EVENT_LOCK_FILE_ADDTODATADIR_SYNC);
     if (pg_fsync(fd) != 0)
     {
         ereport(LOG,
                 (errcode_for_file_access(),
                  errmsg("could not write to file \"%s\": %m",
                         DIRECTORY_LOCK_FILE)));
     }
     pgstat_report_wait_end();
     if (close(fd) != 0)
     {
         ereport(LOG,
                 (errcode_for_file_access(),
                  errmsg("could not write to file \"%s\": %m",
                         DIRECTORY_LOCK_FILE)));
     }
 }

void ChangeToDataDir ( void )

Definition at line 116 of file miscinit.c.

References AssertState, DataDir, ereport, errcode_for_file_access(), errmsg(), and FATAL.

Referenced by AuxiliaryProcessMain(), PostgresMain(), and PostmasterMain().

 {
     AssertState(DataDir);
 
     if (chdir(DataDir) < 0)
         ereport(FATAL,
                 (errcode_for_file_access(),
                  errmsg("could not change directory to \"%s\": %m",
                         DataDir)));
 }

void CreateDataDirLockFile ( bool amPostmaster )

Definition at line 1081 of file miscinit.c.

References CreateLockFile(), DataDir, and DIRECTORY_LOCK_FILE.

Referenced by AuxiliaryProcessMain(), PostgresMain(), and PostmasterMain().

 {
     CreateLockFile(DIRECTORY_LOCK_FILE, amPostmaster, "", true, DataDir);
 }

static void CreateLockFile	(	const char *	filename,
		bool	amPostmaster,
		const char *	socketDir,
		bool	isDDLock,
		const char *	refName
	)

static

Definition at line 769 of file miscinit.c.

References buffer, close, DataDir, elog, ereport, errcode(), errcode_for_file_access(), errhint(), errmsg(), FATAL, fd(), lcons(), LOCK_FILE_LINE_SHMEM_KEY, MAXPGPATH, MyStartTime, NIL, NULL, on_proc_exit(), pg_fsync(), PGSharedMemoryIsInUse(), pgstat_report_wait_end(), pgstat_report_wait_start(), PostPortNumber, pstrdup(), read, snprintf(), strlcat(), unlink(), UnlinkLockFiles(), WAIT_EVENT_LOCK_FILE_CREATE_READ, WAIT_EVENT_LOCK_FILE_CREATE_SYNC, WAIT_EVENT_LOCK_FILE_CREATE_WRITE, and write.

Referenced by CreateDataDirLockFile(), and CreateSocketLockFile().

 {
     int         fd;
     char        buffer[MAXPGPATH * 2 + 256];
     int         ntries;
     int         len;
     int         encoded_pid;
     pid_t       other_pid;
     pid_t       my_pid,
                 my_p_pid,
                 my_gp_pid;
     const char *envvar;
 
     /*
      * If the PID in the lockfile is our own PID or our parent's or
      * grandparent's PID, then the file must be stale (probably left over from
      * a previous system boot cycle).  We need to check this because of the
      * likelihood that a reboot will assign exactly the same PID as we had in
      * the previous reboot, or one that's only one or two counts larger and
      * hence the lockfile's PID now refers to an ancestor shell process.  We
      * allow pg_ctl to pass down its parent shell PID (our grandparent PID)
      * via the environment variable PG_GRANDPARENT_PID; this is so that
      * launching the postmaster via pg_ctl can be just as reliable as
      * launching it directly.  There is no provision for detecting
      * further-removed ancestor processes, but if the init script is written
      * carefully then all but the immediate parent shell will be root-owned
      * processes and so the kill test will fail with EPERM.  Note that we
      * cannot get a false negative this way, because an existing postmaster
      * would surely never launch a competing postmaster or pg_ctl process
      * directly.
      */
     my_pid = getpid();
 
 #ifndef WIN32
     my_p_pid = getppid();
 #else
 
     /*
      * Windows hasn't got getppid(), but doesn't need it since it's not using
      * real kill() either...
      */
     my_p_pid = 0;
 #endif
 
     envvar = getenv("PG_GRANDPARENT_PID");
     if (envvar)
         my_gp_pid = atoi(envvar);
     else
         my_gp_pid = 0;
 
     /*
      * We need a loop here because of race conditions.  But don't loop forever
      * (for example, a non-writable $PGDATA directory might cause a failure
      * that won't go away).  100 tries seems like plenty.
      */
     for (ntries = 0;; ntries++)
     {
         /*
          * Try to create the lock file --- O_EXCL makes this atomic.
          *
          * Think not to make the file protection weaker than 0600.  See
          * comments below.
          */
         fd = open(filename, O_RDWR | O_CREAT | O_EXCL, 0600);
         if (fd >= 0)
             break;              /* Success; exit the retry loop */
 
         /*
          * Couldn't create the pid file. Probably it already exists.
          */
         if ((errno != EEXIST && errno != EACCES) || ntries > 100)
             ereport(FATAL,
                     (errcode_for_file_access(),
                      errmsg("could not create lock file \"%s\": %m",
                             filename)));
 
         /*
          * Read the file to get the old owner's PID.  Note race condition
          * here: file might have been deleted since we tried to create it.
          */
         fd = open(filename, O_RDONLY, 0600);
         if (fd < 0)
         {
             if (errno == ENOENT)
                 continue;       /* race condition; try again */
             ereport(FATAL,
                     (errcode_for_file_access(),
                      errmsg("could not open lock file \"%s\": %m",
                             filename)));
         }
         pgstat_report_wait_start(WAIT_EVENT_LOCK_FILE_CREATE_READ);
         if ((len = read(fd, buffer, sizeof(buffer) - 1)) < 0)
             ereport(FATAL,
                     (errcode_for_file_access(),
                      errmsg("could not read lock file \"%s\": %m",
                             filename)));
         pgstat_report_wait_end();
         close(fd);
 
         if (len == 0)
         {
             ereport(FATAL,
                     (errcode(ERRCODE_LOCK_FILE_EXISTS),
                      errmsg("lock file \"%s\" is empty", filename),
                      errhint("Either another server is starting, or the lock file is the remnant of a previous server startup crash.")));
         }
 
         buffer[len] = '\0';
         encoded_pid = atoi(buffer);
 
         /* if pid < 0, the pid is for postgres, not postmaster */
         other_pid = (pid_t) (encoded_pid < 0 ? -encoded_pid : encoded_pid);
 
         if (other_pid <= 0)
             elog(FATAL, "bogus data in lock file \"%s\": \"%s\"",
                  filename, buffer);
 
         /*
          * Check to see if the other process still exists
          *
          * Per discussion above, my_pid, my_p_pid, and my_gp_pid can be
          * ignored as false matches.
          *
          * Normally kill() will fail with ESRCH if the given PID doesn't
          * exist.
          *
          * We can treat the EPERM-error case as okay because that error
          * implies that the existing process has a different userid than we
          * do, which means it cannot be a competing postmaster.  A postmaster
          * cannot successfully attach to a data directory owned by a userid
          * other than its own.  (This is now checked directly in
          * checkDataDir(), but has been true for a long time because of the
          * restriction that the data directory isn't group- or
          * world-accessible.)  Also, since we create the lockfiles mode 600,
          * we'd have failed above if the lockfile belonged to another userid
          * --- which means that whatever process kill() is reporting about
          * isn't the one that made the lockfile.  (NOTE: this last
          * consideration is the only one that keeps us from blowing away a
          * Unix socket file belonging to an instance of Postgres being run by
          * someone else, at least on machines where /tmp hasn't got a
          * stickybit.)
          */
         if (other_pid != my_pid && other_pid != my_p_pid &&
             other_pid != my_gp_pid)
         {
             if (kill(other_pid, 0) == 0 ||
                 (errno != ESRCH && errno != EPERM))
             {
                 /* lockfile belongs to a live process */
                 ereport(FATAL,
                         (errcode(ERRCODE_LOCK_FILE_EXISTS),
                          errmsg("lock file \"%s\" already exists",
                                 filename),
                          isDDLock ?
                          (encoded_pid < 0 ?
                           errhint("Is another postgres (PID %d) running in data directory \"%s\"?",
                                   (int) other_pid, refName) :
                           errhint("Is another postmaster (PID %d) running in data directory \"%s\"?",
                                   (int) other_pid, refName)) :
                          (encoded_pid < 0 ?
                           errhint("Is another postgres (PID %d) using socket file \"%s\"?",
                                   (int) other_pid, refName) :
                           errhint("Is another postmaster (PID %d) using socket file \"%s\"?",
                                   (int) other_pid, refName))));
             }
         }
 
         /*
          * No, the creating process did not exist.  However, it could be that
          * the postmaster crashed (or more likely was kill -9'd by a clueless
          * admin) but has left orphan backends behind.  Check for this by
          * looking to see if there is an associated shmem segment that is
          * still in use.
          *
          * Note: because postmaster.pid is written in multiple steps, we might
          * not find the shmem ID values in it; we can't treat that as an
          * error.
          */
         if (isDDLock)
         {
             char       *ptr = buffer;
             unsigned long id1,
                         id2;
             int         lineno;
 
             for (lineno = 1; lineno < LOCK_FILE_LINE_SHMEM_KEY; lineno++)
             {
                 if ((ptr = strchr(ptr, '\n')) == NULL)
                     break;
                 ptr++;
             }
 
             if (ptr != NULL &&
                 sscanf(ptr, "%lu %lu", &id1, &id2) == 2)
             {
                 if (PGSharedMemoryIsInUse(id1, id2))
                     ereport(FATAL,
                             (errcode(ERRCODE_LOCK_FILE_EXISTS),
                              errmsg("pre-existing shared memory block "
                                     "(key %lu, ID %lu) is still in use",
                                     id1, id2),
                              errhint("If you're sure there are no old "
                                      "server processes still running, remove "
                                      "the shared memory block "
                                      "or just delete the file \"%s\".",
                                      filename)));
             }
         }
 
         /*
          * Looks like nobody's home.  Unlink the file and try again to create
          * it.  Need a loop because of possible race condition against other
          * would-be creators.
          */
         if (unlink(filename) < 0)
             ereport(FATAL,
                     (errcode_for_file_access(),
                      errmsg("could not remove old lock file \"%s\": %m",
                             filename),
                      errhint("The file seems accidentally left over, but "
                              "it could not be removed. Please remove the file "
                              "by hand and try again.")));
     }
 
     /*
      * Successfully created the file, now fill it.  See comment in miscadmin.h
      * about the contents.  Note that we write the same first five lines into
      * both datadir and socket lockfiles; although more stuff may get added to
      * the datadir lockfile later.
      */
     snprintf(buffer, sizeof(buffer), "%d\n%s\n%ld\n%d\n%s\n",
              amPostmaster ? (int) my_pid : -((int) my_pid),
              DataDir,
              (long) MyStartTime,
              PostPortNumber,
              socketDir);
 
     /*
      * In a standalone backend, the next line (LOCK_FILE_LINE_LISTEN_ADDR)
      * will never receive data, so fill it in as empty now.
      */
     if (isDDLock && !amPostmaster)
         strlcat(buffer, "\n", sizeof(buffer));
 
     errno = 0;
     pgstat_report_wait_start(WAIT_EVENT_LOCK_FILE_CREATE_WRITE);
     if (write(fd, buffer, strlen(buffer)) != strlen(buffer))
     {
         int         save_errno = errno;
 
         close(fd);
         unlink(filename);
         /* if write didn't set errno, assume problem is no disk space */
         errno = save_errno ? save_errno : ENOSPC;
         ereport(FATAL,
                 (errcode_for_file_access(),
                  errmsg("could not write lock file \"%s\": %m", filename)));
     }
     pgstat_report_wait_end();
 
     pgstat_report_wait_start(WAIT_EVENT_LOCK_FILE_CREATE_SYNC);
     if (pg_fsync(fd) != 0)
     {
         int         save_errno = errno;
 
         close(fd);
         unlink(filename);
         errno = save_errno;
         ereport(FATAL,
                 (errcode_for_file_access(),
                  errmsg("could not write lock file \"%s\": %m", filename)));
     }
     pgstat_report_wait_end();
     if (close(fd) != 0)
     {
         int         save_errno = errno;
 
         unlink(filename);
         errno = save_errno;
         ereport(FATAL,
                 (errcode_for_file_access(),
                  errmsg("could not write lock file \"%s\": %m", filename)));
     }
 
     /*
      * Arrange to unlink the lock file(s) at proc_exit.  If this is the first
      * one, set up the on_proc_exit function to do it; then add this lock file
      * to the list of files to unlink.
      */
     if (lock_files == NIL)
         on_proc_exit(UnlinkLockFiles, 0);
 
     /*
      * Use lcons so that the lock files are unlinked in reverse order of
      * creation; this is critical!
      */
     lock_files = lcons(pstrdup(filename), lock_files);
 }

void CreateSocketLockFile	(	const char *	socketfile,
		bool	amPostmaster,
		const char *	socketDir
	)

Definition at line 1090 of file miscinit.c.

References CreateLockFile(), MAXPGPATH, and snprintf().

 {
     char        lockfile[MAXPGPATH];
 
     snprintf(lockfile, sizeof(lockfile), "%s.lock", socketfile);
     CreateLockFile(lockfile, amPostmaster, socketDir, false, socketfile);
 }

Oid GetAuthenticatedUserId ( void )

Definition at line 343 of file miscinit.c.

References AssertState, AuthenticatedUserId, and OidIsValid.

Referenced by InitializeParallelDSM().

 {
     AssertState(OidIsValid(AuthenticatedUserId));
     return AuthenticatedUserId;
 }

Oid GetCurrentRoleId ( void )

Definition at line 636 of file miscinit.c.

References InvalidOid, OuterUserId, and SetRoleIsActive.

Referenced by show_role().

 {
     if (SetRoleIsActive)
         return OuterUserId;
     else
         return InvalidOid;
 }

Oid GetOuterUserId ( void )

Definition at line 295 of file miscinit.c.

References AssertState, OidIsValid, and OuterUserId.

Referenced by DropRole(), and RenameRole().

 {
     AssertState(OidIsValid(OuterUserId));
     return OuterUserId;
 }

Oid GetSessionUserId ( void )

Definition at line 318 of file miscinit.c.

References AssertState, OidIsValid, and SessionUserId.

Referenced by check_role(), DropRole(), get_rolespec_oid(), get_rolespec_tuple(), InitPostgres(), is_admin_of_role(), pgstat_bestart(), RenameRole(), and session_user().

 {
     AssertState(OidIsValid(SessionUserId));
     return SessionUserId;
 }

Oid GetUserId ( void )

Definition at line 284 of file miscinit.c.

References AssertState, CurrentUserId, and OidIsValid.

 {
     AssertState(OidIsValid(CurrentUserId));
     return CurrentUserId;
 }

void GetUserIdAndContext	(	Oid *	userid,
		bool *	sec_def_context
	)

Definition at line 438 of file miscinit.c.

References CurrentUserId, and InLocalUserIdChange().

 {
     *userid = CurrentUserId;
     *sec_def_context = InLocalUserIdChange();
 }

void GetUserIdAndSecContext	(	Oid *	userid,
		int *	sec_context
	)

Definition at line 389 of file miscinit.c.

References CurrentUserId, and SecurityRestrictionContext.

Referenced by CreateSchemaCommand(), do_analyze_rel(), ExecCreateTableAs(), ExecRefreshMatView(), fmgr_security_definer(), index_build(), InitializeParallelDSM(), PushTransaction(), ri_PerformCheck(), ri_PlanCheck(), StartTransaction(), vacuum_rel(), and validate_index().

 {
     *userid = CurrentUserId;
     *sec_context = SecurityRestrictionContext;
 }

char* GetUserNameFromId	(	Oid	roleid,
		bool	noerr
	)

Definition at line 692 of file miscinit.c.

References AUTHOID, ereport, errcode(), errmsg(), ERROR, GETSTRUCT, HeapTupleIsValid, NameStr, NULL, ObjectIdGetDatum, pstrdup(), ReleaseSysCache(), result, and SearchSysCache1.

Referenced by check_is_member_of_role(), current_user(), getObjectDescription(), getObjectIdentityParts(), insert_username(), regroleout(), RemoveRoleFromObjectPolicy(), session_user(), and timetravel().

 {
     HeapTuple   tuple;
     char       *result;
 
     tuple = SearchSysCache1(AUTHOID, ObjectIdGetDatum(roleid));
     if (!HeapTupleIsValid(tuple))
     {
         if (!noerr)
             ereport(ERROR,
                     (errcode(ERRCODE_UNDEFINED_OBJECT),
                      errmsg("invalid role OID: %u", roleid)));
         result = NULL;
     }
     else
     {
         result = pstrdup(NameStr(((Form_pg_authid) GETSTRUCT(tuple))->rolname));
         ReleaseSysCache(tuple);
     }
     return result;
 }

bool has_rolreplication ( Oid roleid )

Definition at line 465 of file miscinit.c.

References AUTHOID, GETSTRUCT, HeapTupleIsValid, ObjectIdGetDatum, ReleaseSysCache(), result, and SearchSysCache1.

Referenced by check_permissions(), and InitPostgres().

 {
     bool        result = false;
     HeapTuple   utup;
 
     utup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(roleid));
     if (HeapTupleIsValid(utup))
     {
         result = ((Form_pg_authid) GETSTRUCT(utup))->rolreplication;
         ReleaseSysCache(utup);
     }
     return result;
 }

void InitializeSessionUserId	(	const char *	rolename,
		Oid	roleid
	)

Definition at line 483 of file miscinit.c.

References AssertState, AuthenticatedUserId, AuthenticatedUserIsSuperuser, AUTHNAME, AUTHOID, CountUserBackends(), ereport, errcode(), errmsg(), FATAL, GETSTRUCT, HeapTupleGetOid, HeapTupleIsValid, IsBootstrapProcessingMode, IsUnderPostmaster, MyProc, NameStr, NULL, ObjectIdGetDatum, OidIsValid, PGC_BACKEND, PGC_INTERNAL, PGC_S_OVERRIDE, PointerGetDatum, ReleaseSysCache(), PGPROC::roleId, SearchSysCache1, SetConfigOption(), and SetSessionUserId().

Referenced by InitPostgres().

 {
     HeapTuple   roleTup;
     Form_pg_authid rform;
     char       *rname;
 
     /*
      * Don't do scans if we're bootstrapping, none of the system catalogs
      * exist yet, and they should be owned by postgres anyway.
      */
     AssertState(!IsBootstrapProcessingMode());
 
     /* call only once */
     AssertState(!OidIsValid(AuthenticatedUserId));
 
     if (rolename != NULL)
     {
         roleTup = SearchSysCache1(AUTHNAME, PointerGetDatum(rolename));
         if (!HeapTupleIsValid(roleTup))
             ereport(FATAL,
                     (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
                      errmsg("role \"%s\" does not exist", rolename)));
     }
     else
     {
         roleTup = SearchSysCache1(AUTHOID, ObjectIdGetDatum(roleid));
         if (!HeapTupleIsValid(roleTup))
             ereport(FATAL,
                     (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
                      errmsg("role with OID %u does not exist", roleid)));
     }
 
     rform = (Form_pg_authid) GETSTRUCT(roleTup);
     roleid = HeapTupleGetOid(roleTup);
     rname = NameStr(rform->rolname);
 
     AuthenticatedUserId = roleid;
     AuthenticatedUserIsSuperuser = rform->rolsuper;
 
     /* This sets OuterUserId/CurrentUserId too */
     SetSessionUserId(roleid, AuthenticatedUserIsSuperuser);
 
     /* Also mark our PGPROC entry with the authenticated user id */
     /* (We assume this is an atomic store so no lock is needed) */
     MyProc->roleId = roleid;
 
     /*
      * These next checks are not enforced when in standalone mode, so that
      * there is a way to recover from sillinesses like "UPDATE pg_authid SET
      * rolcanlogin = false;".
      */
     if (IsUnderPostmaster)
     {
         /*
          * Is role allowed to login at all?
          */
         if (!rform->rolcanlogin)
             ereport(FATAL,
                     (errcode(ERRCODE_INVALID_AUTHORIZATION_SPECIFICATION),
                      errmsg("role \"%s\" is not permitted to log in",
                             rname)));
 
         /*
          * Check connection limit for this role.
          *
          * There is a race condition here --- we create our PGPROC before
          * checking for other PGPROCs.  If two backends did this at about the
          * same time, they might both think they were over the limit, while
          * ideally one should succeed and one fail.  Getting that to work
          * exactly seems more trouble than it is worth, however; instead we
          * just document that the connection limit is approximate.
          */
         if (rform->rolconnlimit >= 0 &&
             !AuthenticatedUserIsSuperuser &&
             CountUserBackends(roleid) > rform->rolconnlimit)
             ereport(FATAL,
                     (errcode(ERRCODE_TOO_MANY_CONNECTIONS),
                      errmsg("too many connections for role \"%s\"",
                             rname)));
     }
 
     /* Record username and superuser status as GUC settings too */
     SetConfigOption("session_authorization", rname,
                     PGC_BACKEND, PGC_S_OVERRIDE);
     SetConfigOption("is_superuser",
                     AuthenticatedUserIsSuperuser ? "on" : "off",
                     PGC_INTERNAL, PGC_S_OVERRIDE);
 
     ReleaseSysCache(roleTup);
 }

void InitializeSessionUserIdStandalone ( void )

Definition at line 579 of file miscinit.c.

References AssertState, AuthenticatedUserId, AuthenticatedUserIsSuperuser, BOOTSTRAP_SUPERUSERID, IsAutoVacuumWorkerProcess(), IsBackgroundWorker, IsUnderPostmaster, OidIsValid, and SetSessionUserId().

Referenced by InitPostgres().

 {
     /*
      * This function should only be called in single-user mode, in autovacuum
      * workers, and in background workers.
      */
     AssertState(!IsUnderPostmaster || IsAutoVacuumWorkerProcess() || IsBackgroundWorker);
 
     /* call only once */
     AssertState(!OidIsValid(AuthenticatedUserId));
 
     AuthenticatedUserId = BOOTSTRAP_SUPERUSERID;
     AuthenticatedUserIsSuperuser = true;
 
     SetSessionUserId(BOOTSTRAP_SUPERUSERID, true);
 }

void InitPostmasterChild ( void )

Definition at line 176 of file miscinit.c.

References elog, FATAL, InitializeLatchSupport(), InitLatch(), IsUnderPostmaster, LocalLatchData, MyLatch, MyProcPid, MyStartTime, NULL, and on_exit_reset().

Referenced by BackendStartup(), do_start_bgworker(), pgarch_start(), pgstat_start(), StartAutoVacLauncher(), StartAutoVacWorker(), StartChildProcess(), and SysLogger_Start().

 {
     IsUnderPostmaster = true;   /* we are a postmaster subprocess now */
 
     MyProcPid = getpid();       /* reset MyProcPid */
 
     MyStartTime = time(NULL);   /* set our start time in case we call elog */
 
     /*
      * make sure stderr is in binary mode before anything can possibly be
      * written to it, in case it's actually the syslogger pipe, so the pipe
      * chunking protocol isn't disturbed. Non-logpipe data gets translated on
      * redirection (e.g. via pg_ctl -l) anyway.
      */
 #ifdef WIN32
     _setmode(fileno(stderr), _O_BINARY);
 #endif
 
     /* We don't want the postmaster's proc_exit() handlers */
     on_exit_reset();
 
     /* Initialize process-local latch support */
     InitializeLatchSupport();
     MyLatch = &LocalLatchData;
     InitLatch(MyLatch);
 
     /*
      * If possible, make this process a group leader, so that the postmaster
      * can signal any child processes too. Not all processes will have
      * children, but for consistency we make all postmaster child processes do
      * this.
      */
 #ifdef HAVE_SETSID
     if (setsid() < 0)
         elog(FATAL, "setsid() failed: %m");
 #endif
 }

void InitStandaloneProcess ( const char * argv0 )

Definition at line 220 of file miscinit.c.

References Assert, elog, FATAL, find_my_exec(), get_pkglib_path(), InitializeLatchSupport(), InitLatch(), IsPostmasterEnvironment, LocalLatchData, my_exec_path, MyLatch, MyProcPid, MyStartTime, NULL, and pkglib_path.

Referenced by AuxiliaryProcessMain(), and PostgresMain().

 {
     Assert(!IsPostmasterEnvironment);
 
     MyProcPid = getpid();       /* reset MyProcPid */
 
     MyStartTime = time(NULL);   /* set our start time in case we call elog */
 
     /* Initialize process-local latch support */
     InitializeLatchSupport();
     MyLatch = &LocalLatchData;
     InitLatch(MyLatch);
 
     /* Compute paths, no postmaster to inherit from */
     if (my_exec_path[0] == '\0')
     {
         if (find_my_exec(argv0, my_exec_path) < 0)
             elog(FATAL, "%s: could not locate my own executable path",
                  argv0);
     }
 
     if (pkglib_path[0] == '\0')
         get_pkglib_path(my_exec_path, pkglib_path);
 }

bool InLocalUserIdChange ( void )

Definition at line 407 of file miscinit.c.

References SECURITY_LOCAL_USERID_CHANGE, and SecurityRestrictionContext.

Referenced by GetUserIdAndContext(), is_admin_of_role(), and set_config_option().

 {
     return (SecurityRestrictionContext & SECURITY_LOCAL_USERID_CHANGE) != 0;
 }

bool InNoForceRLSOperation ( void )

Definition at line 425 of file miscinit.c.

References SECURITY_NOFORCE_RLS, and SecurityRestrictionContext.

Referenced by check_enable_rls().

 {
     return (SecurityRestrictionContext & SECURITY_NOFORCE_RLS) != 0;
 }

bool InSecurityRestrictedOperation ( void )

Definition at line 416 of file miscinit.c.

References SECURITY_RESTRICTED_OPERATION, and SecurityRestrictionContext.

Referenced by CheckRestrictedOperation(), DefineRelation(), is_admin_of_role(), set_config_option(), and SetUserIdAndContext().

 {
     return (SecurityRestrictionContext & SECURITY_RESTRICTED_OPERATION) != 0;
 }

static void load_libraries	(	const char *	libraries,
		const char *	gucname,
		bool	restricted
	)

static

Definition at line 1435 of file miscinit.c.

References DEBUG1, ereport, errcode(), errmsg(), filename, first_dir_separator(), lfirst, list_free_deep(), load_file(), LOG, NULL, pfree(), psprintf(), pstrdup(), and SplitDirectoriesString().

Referenced by process_session_preload_libraries(), and process_shared_preload_libraries().

 {
     char       *rawstring;
     List       *elemlist;
     ListCell   *l;
 
     if (libraries == NULL || libraries[0] == '\0')
         return;                 /* nothing to do */
 
     /* Need a modifiable copy of string */
     rawstring = pstrdup(libraries);
 
     /* Parse string into list of filename paths */
     if (!SplitDirectoriesString(rawstring, ',', &elemlist))
     {
         /* syntax error in list */
         list_free_deep(elemlist);
         pfree(rawstring);
         ereport(LOG,
                 (errcode(ERRCODE_SYNTAX_ERROR),
                  errmsg("invalid list syntax in parameter \"%s\"",
                         gucname)));
         return;
     }
 
     foreach(l, elemlist)
     {
         /* Note that filename was already canonicalized */
         char       *filename = (char *) lfirst(l);
         char       *expanded = NULL;
 
         /* If restricting, insert $libdir/plugins if not mentioned already */
         if (restricted && first_dir_separator(filename) == NULL)
         {
             expanded = psprintf("$libdir/plugins/%s", filename);
             filename = expanded;
         }
         load_file(filename, restricted);
         ereport(DEBUG1,
                 (errmsg("loaded library \"%s\"", filename)));
         if (expanded)
             pfree(expanded);
     }
 
     list_free_deep(elemlist);
     pfree(rawstring);
 }

void pg_bindtextdomain ( const char * domain )

Definition at line 1511 of file miscinit.c.

References get_locale_path(), MAXPGPATH, and my_exec_path.

Referenced by _PG_init().

 {
 #ifdef ENABLE_NLS
     if (my_exec_path[0] != '\0')
     {
         char        locale_path[MAXPGPATH];
 
         get_locale_path(my_exec_path, locale_path);
         bindtextdomain(domain, locale_path);
         pg_bind_textdomain_codeset(domain);
     }
 #endif
 }

void process_session_preload_libraries ( void )

Definition at line 1500 of file miscinit.c.

References load_libraries(), local_preload_libraries_string, and session_preload_libraries_string.

Referenced by PostgresMain().

 {
     load_libraries(session_preload_libraries_string,
                    "session_preload_libraries",
                    false);
     load_libraries(local_preload_libraries_string,
                    "local_preload_libraries",
                    true);
 }

void process_shared_preload_libraries ( void )

Definition at line 1487 of file miscinit.c.

References load_libraries(), process_shared_preload_libraries_in_progress, and shared_preload_libraries_string.

Referenced by PostmasterMain().

 {
     process_shared_preload_libraries_in_progress = true;
     load_libraries(shared_preload_libraries_string,
                    "shared_preload_libraries",
                    false);
     process_shared_preload_libraries_in_progress = false;
 }

bool RecheckDataDirLockFile ( void )

Definition at line 1286 of file miscinit.c.

References buffer, close, DIRECTORY_LOCK_FILE, ereport, errcode_for_file_access(), errmsg(), fd(), LOG, PG_BINARY, pgstat_report_wait_end(), pgstat_report_wait_start(), read, and WAIT_EVENT_LOCK_FILE_RECHECKDATADIR_READ.

Referenced by ServerLoop().

 {
     int         fd;
     int         len;
     long        file_pid;
     char        buffer[BLCKSZ];
 
     fd = open(DIRECTORY_LOCK_FILE, O_RDWR | PG_BINARY, 0);
     if (fd < 0)
     {
         /*
          * There are many foreseeable false-positive error conditions.  For
          * safety, fail only on enumerated clearly-something-is-wrong
          * conditions.
          */
         switch (errno)
         {
             case ENOENT:
             case ENOTDIR:
                 /* disaster */
                 ereport(LOG,
                         (errcode_for_file_access(),
                          errmsg("could not open file \"%s\": %m",
                                 DIRECTORY_LOCK_FILE)));
                 return false;
             default:
                 /* non-fatal, at least for now */
                 ereport(LOG,
                         (errcode_for_file_access(),
                          errmsg("could not open file \"%s\": %m; continuing anyway",
                                 DIRECTORY_LOCK_FILE)));
                 return true;
         }
     }
     pgstat_report_wait_start(WAIT_EVENT_LOCK_FILE_RECHECKDATADIR_READ);
     len = read(fd, buffer, sizeof(buffer) - 1);
     pgstat_report_wait_end();
     if (len < 0)
     {
         ereport(LOG,
                 (errcode_for_file_access(),
                  errmsg("could not read from file \"%s\": %m",
                         DIRECTORY_LOCK_FILE)));
         close(fd);
         return true;            /* treat read failure as nonfatal */
     }
     buffer[len] = '\0';
     close(fd);
     file_pid = atol(buffer);
     if (file_pid == getpid())
         return true;            /* all is well */
 
     /* Trouble: someone's overwritten the lock file */
     ereport(LOG,
             (errmsg("lock file \"%s\" contains wrong PID: %ld instead of %ld",
                     DIRECTORY_LOCK_FILE, file_pid, (long) getpid())));
     return false;
 }

void SetCurrentRoleId	(	Oid	roleid,
		bool	is_superuser
	)

Definition at line 657 of file miscinit.c.

References OidIsValid, PGC_INTERNAL, PGC_S_OVERRIDE, SessionUserId, SessionUserIsSuperuser, SetConfigOption(), SetOuterUserId(), and SetRoleIsActive.

Referenced by assign_role().

 {
     /*
      * Get correct info if it's SET ROLE NONE
      *
      * If SessionUserId hasn't been set yet, just do nothing --- the eventual
      * SetSessionUserId call will fix everything.  This is needed since we
      * will get called during GUC initialization.
      */
     if (!OidIsValid(roleid))
     {
         if (!OidIsValid(SessionUserId))
             return;
 
         roleid = SessionUserId;
         is_superuser = SessionUserIsSuperuser;
 
         SetRoleIsActive = false;
     }
     else
         SetRoleIsActive = true;
 
     SetOuterUserId(roleid);
 
     SetConfigOption("is_superuser",
                     is_superuser ? "on" : "off",
                     PGC_INTERNAL, PGC_S_OVERRIDE);
 }

void SetDatabasePath ( const char * path )

Definition at line 83 of file miscinit.c.

References Assert, DatabasePath, MemoryContextStrdup(), and TopMemoryContext.

Referenced by InitPostgres().

 {
     /* This should happen only once per process */
     Assert(!DatabasePath);
     DatabasePath = MemoryContextStrdup(TopMemoryContext, path);
 }

void SetDataDir ( const char * dir )

Definition at line 95 of file miscinit.c.

References AssertArg, DataDir, free, and make_absolute_path().

Referenced by SelectConfigFiles().

 {
     char       *new;
 
     AssertArg(dir);
 
     /* If presented path is relative, convert to absolute */
     new = make_absolute_path(dir);
 
     if (DataDir)
         free(DataDir);
     DataDir = new;
 }

static void SetOuterUserId ( Oid userid )

static

Definition at line 303 of file miscinit.c.

References AssertArg, AssertState, CurrentUserId, OidIsValid, OuterUserId, and SecurityRestrictionContext.

Referenced by SetCurrentRoleId().

 {
     AssertState(SecurityRestrictionContext == 0);
     AssertArg(OidIsValid(userid));
     OuterUserId = userid;
 
     /* We force the effective user ID to match, too */
     CurrentUserId = userid;
 }

void SetSessionAuthorization	(	Oid	userid,
		bool	is_superuser
	)

Definition at line 611 of file miscinit.c.

References AssertState, AuthenticatedUserId, AuthenticatedUserIsSuperuser, ereport, errcode(), errmsg(), ERROR, OidIsValid, PGC_INTERNAL, PGC_S_OVERRIDE, SetConfigOption(), and SetSessionUserId().

Referenced by assign_session_authorization().

 {
     /* Must have authenticated already, else can't make permission check */
     AssertState(OidIsValid(AuthenticatedUserId));
 
     if (userid != AuthenticatedUserId &&
         !AuthenticatedUserIsSuperuser)
         ereport(ERROR,
                 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
                  errmsg("permission denied to set session authorization")));
 
     SetSessionUserId(userid, is_superuser);
 
     SetConfigOption("is_superuser",
                     is_superuser ? "on" : "off",
                     PGC_INTERNAL, PGC_S_OVERRIDE);
 }

static void SetSessionUserId	(	Oid	userid,
		bool	is_superuser
	)

static

Definition at line 326 of file miscinit.c.

References AssertArg, AssertState, CurrentUserId, is_superuser(), OidIsValid, OuterUserId, SecurityRestrictionContext, SessionUserId, SessionUserIsSuperuser, and SetRoleIsActive.

Referenced by InitializeSessionUserId(), InitializeSessionUserIdStandalone(), and SetSessionAuthorization().

 {
     AssertState(SecurityRestrictionContext == 0);
     AssertArg(OidIsValid(userid));
     SessionUserId = userid;
     SessionUserIsSuperuser = is_superuser;
     SetRoleIsActive = false;
 
     /* We force the effective user IDs to match, too */
     OuterUserId = userid;
     CurrentUserId = userid;
 }

void SetUserIdAndContext	(	Oid	userid,
		bool	sec_def_context
	)

Definition at line 445 of file miscinit.c.

References CurrentUserId, ereport, errcode(), errmsg(), ERROR, InSecurityRestrictedOperation(), SECURITY_LOCAL_USERID_CHANGE, and SecurityRestrictionContext.

 {
     /* We throw the same error SET ROLE would. */
     if (InSecurityRestrictedOperation())
         ereport(ERROR,
                 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
                  errmsg("cannot set parameter \"%s\" within security-restricted operation",
                         "role")));
     CurrentUserId = userid;
     if (sec_def_context)
         SecurityRestrictionContext |= SECURITY_LOCAL_USERID_CHANGE;
     else
         SecurityRestrictionContext &= ~SECURITY_LOCAL_USERID_CHANGE;
 }

void SetUserIdAndSecContext	(	Oid	userid,
		int	sec_context
	)

Definition at line 396 of file miscinit.c.

References CurrentUserId, and SecurityRestrictionContext.

Referenced by AbortSubTransaction(), AbortTransaction(), CreateSchemaCommand(), do_analyze_rel(), ExecCreateTableAs(), ExecRefreshMatView(), fmgr_security_definer(), index_build(), ParallelWorkerMain(), refresh_by_match_merge(), ri_PerformCheck(), ri_PlanCheck(), vacuum_rel(), and validate_index().

 {
     CurrentUserId = userid;
     SecurityRestrictionContext = sec_context;
 }

void SwitchBackToLocalLatch ( void )

Definition at line 265 of file miscinit.c.

References Assert, FeBeWaitSet, LocalLatchData, ModifyWaitEvent(), MyLatch, MyProc, NULL, PGPROC::procLatch, SetLatch(), and WL_LATCH_SET.

Referenced by AuxiliaryProcKill(), and ProcKill().

 {
     Assert(MyLatch != &LocalLatchData);
     Assert(MyProc != NULL && MyLatch == &MyProc->procLatch);
 
     MyLatch = &LocalLatchData;
 
     if (FeBeWaitSet)
         ModifyWaitEvent(FeBeWaitSet, 1, WL_LATCH_SET, MyLatch);
 
     SetLatch(MyLatch);
 }

void SwitchToSharedLatch ( void )

Definition at line 246 of file miscinit.c.

References Assert, FeBeWaitSet, ModifyWaitEvent(), MyLatch, MyProc, NULL, PGPROC::procLatch, SetLatch(), and WL_LATCH_SET.

Referenced by InitAuxiliaryProcess(), and InitProcess().

 {
     Assert(MyLatch == &LocalLatchData);
     Assert(MyProc != NULL);
 
     MyLatch = &MyProc->procLatch;
 
     if (FeBeWaitSet)
         ModifyWaitEvent(FeBeWaitSet, 1, WL_LATCH_SET, MyLatch);
 
     /*
      * Set the shared latch as the local one might have been set. This
      * shouldn't normally be necessary as code is supposed to check the
      * condition before waiting for the latch, but a bit care can't hurt.
      */
     SetLatch(MyLatch);
 }

void TouchSocketLockFiles ( void )

Definition at line 1108 of file miscinit.c.

References buffer, close, DIRECTORY_LOCK_FILE, fd(), lfirst, NULL, PG_BINARY, and read.

Referenced by ServerLoop().

 {
     ListCell   *l;
 
     foreach(l, lock_files)
     {
         char       *socketLockFile = (char *) lfirst(l);
 
         /* No need to touch the data directory lock file, we trust */
         if (strcmp(socketLockFile, DIRECTORY_LOCK_FILE) == 0)
             continue;
 
         /*
          * utime() is POSIX standard, utimes() is a common alternative; if we
          * have neither, fall back to actually reading the file (which only
          * sets the access time not mod time, but that should be enough in
          * most cases).  In all paths, we ignore errors.
          */
 #ifdef HAVE_UTIME
         utime(socketLockFile, NULL);
 #else                           /* !HAVE_UTIME */
 #ifdef HAVE_UTIMES
         utimes(socketLockFile, NULL);
 #else                           /* !HAVE_UTIMES */
         int         fd;
         char        buffer[1];
 
         fd = open(socketLockFile, O_RDONLY | PG_BINARY, 0);
         if (fd >= 0)
         {
             read(fd, buffer, sizeof(buffer));
             close(fd);
         }
 #endif                          /* HAVE_UTIMES */
 #endif                          /* HAVE_UTIME */
     }
 }

static void UnlinkLockFiles	(	int	status,
		Datum	arg
	)

static

Definition at line 734 of file miscinit.c.

References ereport, errmsg(), IsPostmasterEnvironment, lfirst, LOG, NIL, NOTICE, and unlink().

Referenced by CreateLockFile().

 {
     ListCell   *l;
 
     foreach(l, lock_files)
     {
         char       *curfile = (char *) lfirst(l);
 
         unlink(curfile);
         /* Should we complain if the unlink fails? */
     }
     /* Since we're about to exit, no need to reclaim storage */
     lock_files = NIL;
 
     /*
      * Lock file removal should always be the last externally visible action
      * of a postmaster or standalone backend, while we won't come here at all
      * when exiting postmaster child processes.  Therefore, this is a good
      * place to log completion of shutdown.  We could alternatively teach
      * proc_exit() to do it, but that seems uglier.  In a standalone backend,
      * use NOTICE elevel to be less chatty.
      */
     ereport(IsPostmasterEnvironment ? LOG : NOTICE,
             (errmsg("database system is shut down")));
 }

void ValidatePgVersion ( const char * path )

Definition at line 1358 of file miscinit.c.

References AllocateFile(), ereport, errcode(), errcode_for_file_access(), errdetail(), errhint(), errmsg(), FATAL, FreeFile(), MAXPGPATH, and snprintf().

Referenced by AuxiliaryProcessMain(), checkDataDir(), InitPostgres(), and PostgresMain().

 {
     char        full_path[MAXPGPATH];
     FILE       *file;
     int         ret;
     long        file_major;
     long        my_major;
     char       *endptr;
     char        file_version_string[64];
     const char *my_version_string = PG_VERSION;
 
     my_major = strtol(my_version_string, &endptr, 10);
 
     snprintf(full_path, sizeof(full_path), "%s/PG_VERSION", path);
 
     file = AllocateFile(full_path, "r");
     if (!file)
     {
         if (errno == ENOENT)
             ereport(FATAL,
                     (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                      errmsg("\"%s\" is not a valid data directory",
                             path),
                      errdetail("File \"%s\" is missing.", full_path)));
         else
             ereport(FATAL,
                     (errcode_for_file_access(),
                      errmsg("could not open file \"%s\": %m", full_path)));
     }
 
     file_version_string[0] = '\0';
     ret = fscanf(file, "%63s", file_version_string);
     file_major = strtol(file_version_string, &endptr, 10);
 
     if (ret != 1 || endptr == file_version_string)
         ereport(FATAL,
                 (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                  errmsg("\"%s\" is not a valid data directory",
                         path),
                  errdetail("File \"%s\" does not contain valid data.",
                            full_path),
                  errhint("You might need to initdb.")));
 
     FreeFile(file);
 
     if (my_major != file_major)
         ereport(FATAL,
                 (errcode(ERRCODE_INVALID_PARAMETER_VALUE),
                  errmsg("database files are incompatible with server"),
                  errdetail("The data directory was initialized by PostgreSQL version %s, "
                            "which is not compatible with this version %s.",
                            file_version_string, my_version_string)));
 }