PostgreSQL Source Code git master
Loading...
Searching...
No Matches
pg_ctl.c
Go to the documentation of this file.
1/*-------------------------------------------------------------------------
2 *
3 * pg_ctl --- start/stops/restarts the PostgreSQL server
4 *
5 * Portions Copyright (c) 1996-2026, PostgreSQL Global Development Group
6 *
7 * src/bin/pg_ctl/pg_ctl.c
8 *
9 *-------------------------------------------------------------------------
10 */
11
12#include "postgres_fe.h"
13
14#include <fcntl.h>
15#include <signal.h>
16#include <time.h>
17#include <sys/resource.h>
18#include <sys/stat.h>
19#include <sys/time.h>
20#include <sys/wait.h>
21#include <unistd.h>
22
23
24#include "catalog/pg_control.h"
25#include "common/controldata_utils.h"
26#include "common/file_perm.h"
27#include "common/logging.h"
28#include "common/string.h"
29#include "datatype/timestamp.h"
30#include "getopt_long.h"
31#include "utils/pidfile.h"
32
33#ifdef WIN32 /* on Unix, we don't need libpq */
34#include "pqexpbuffer.h"
35#endif
36
37
44
52
69
70#define DEFAULT_WAIT 60
71
72#define WAITS_PER_SEC 10
73StaticAssertDecl(USECS_PER_SEC % WAITS_PER_SEC == 0,
74 "WAITS_PER_SEC must divide USECS_PER_SEC evenly");
75
76static bool do_wait = true;
77static int wait_seconds = DEFAULT_WAIT;
78static bool wait_seconds_arg = false;
79static bool silent_mode = false;
80static ShutdownMode shutdown_mode = FAST_MODE;
81static int sig = SIGINT; /* default */
82static CtlCommand ctl_command = NO_COMMAND;
83static char *pg_data = NULL;
84static char *pg_config = NULL;
85static char *pgdata_opt = NULL;
86static char *post_opts = NULL;
87static const char *progname;
88static char *log_file = NULL;
89static char *exec_path = NULL;
90static char *event_source = NULL;
91static char *register_servicename = "PostgreSQL"; /* FIXME: + version ID? */
92static char *register_username = NULL;
93static char *register_password = NULL;
94static char *argv0 = NULL;
95static bool allow_core_files = false;
96static time_t start_time;
97
98static char postopts_file[MAXPGPATH];
99static char version_file[MAXPGPATH];
100static char pid_file[MAXPGPATH];
101static char promote_file[MAXPGPATH];
102static char logrotate_file[MAXPGPATH];
103
104static volatile pid_t postmasterPID = -1;
105
106#ifdef WIN32
107static DWORD pgctl_start_type = SERVICE_AUTO_START;
108static SERVICE_STATUS status;
109static SERVICE_STATUS_HANDLE hStatus = (SERVICE_STATUS_HANDLE) 0;
110static HANDLE shutdownHandles[2];
111
112#define shutdownEvent shutdownHandles[0]
113#define postmasterProcess shutdownHandles[1]
114#endif
115
116
117static void write_stderr(const char *fmt,...) pg_attribute_printf(1, 2);
118static void do_advice(void);
119static void do_help(void);
120static void set_mode(char *modeopt);
121static void set_sig(char *signame);
122static void do_init(void);
123static void do_start(void);
124static void do_stop(void);
125static void do_restart(void);
126static void do_reload(void);
127static void do_status(void);
128static void do_promote(void);
129static void do_logrotate(void);
130static void do_kill(pid_t pid);
131static void print_msg(const char *msg);
132static void adjust_data_dir(void);
133
134#ifdef WIN32
135#include <versionhelpers.h>
136static bool pgwin32_IsInstalled(SC_HANDLE);
137static char *pgwin32_CommandLine(bool);
138static void pgwin32_doRegister(void);
139static void pgwin32_doUnregister(void);
140static void pgwin32_SetServiceStatus(DWORD);
141static void WINAPI pgwin32_ServiceHandler(DWORD);
142static void WINAPI pgwin32_ServiceMain(DWORD, LPTSTR *);
143static void pgwin32_doRunAsService(void);
144static int CreateRestrictedProcess(char *cmd, PROCESS_INFORMATION *processInfo, bool as_service);
145static PTOKEN_PRIVILEGES GetPrivilegesToDelete(HANDLE hToken);
146#endif
147
148static pid_t get_pgpid(bool is_status_request);
149static char **readfile(const char *path, int *numlines);
150static void free_readfile(char **optlines);
151static pid_t start_postmaster(void);
152static void read_post_opts(void);
153
154static WaitPMResult wait_for_postmaster_start(pid_t pm_pid, bool do_checkpoint);
155static bool wait_for_postmaster_stop(void);
156static bool wait_for_postmaster_promote(void);
157static bool postmaster_is_alive(pid_t pid);
158
159#if defined(HAVE_GETRLIMIT)
160static void unlimit_core_size(void);
161#endif
162
163static DBState get_control_dbstate(void);
164
165
166#ifdef WIN32
167static void
168write_eventlog(int level, const char *line)
169{
170 static HANDLE evtHandle = INVALID_HANDLE_VALUE;
171
172 if (silent_mode && level == EVENTLOG_INFORMATION_TYPE)
173 return;
174
175 if (evtHandle == INVALID_HANDLE_VALUE)
176 {
177 evtHandle = RegisterEventSource(NULL,
178 event_source ? event_source : DEFAULT_EVENT_SOURCE);
179 if (evtHandle == NULL)
180 {
181 evtHandle = INVALID_HANDLE_VALUE;
182 return;
183 }
184 }
185
186 ReportEvent(evtHandle,
187 level,
188 0,
189 0, /* All events are Id 0 */
190 NULL,
191 1,
192 0,
193 &line,
194 NULL);
195}
196#endif
197
198/*
199 * Write errors to stderr (or by equal means when stderr is
200 * not available).
201 */
202static void
203write_stderr(const char *fmt,...)
204{
205 va_list ap;
206
207 va_start(ap, fmt);
208#ifndef WIN32
209 /* On Unix, we just fprintf to stderr */
210 vfprintf(stderr, fmt, ap);
211#else
212
213 /*
214 * On Win32, we print to stderr if running on a console, or write to
215 * eventlog if running as a service
216 */
217 if (pgwin32_is_service()) /* Running as a service */
218 {
219 char errbuf[2048]; /* Arbitrary size? */
220
221 vsnprintf(errbuf, sizeof(errbuf), fmt, ap);
222
223 write_eventlog(EVENTLOG_ERROR_TYPE, errbuf);
224 }
225 else
226 /* Not running as service, write to stderr */
227 vfprintf(stderr, fmt, ap);
228#endif
229 va_end(ap);
230}
231
232/*
233 * Given an already-localized string, print it to stdout unless the
234 * user has specified that no messages should be printed.
235 */
236static void
237print_msg(const char *msg)
238{
239 if (!silent_mode)
240 {
241 fputs(msg, stdout);
242 fflush(stdout);
243 }
244}
245
246static pid_t
247get_pgpid(bool is_status_request)
248{
249 FILE *pidf;
250 int pid;
251 struct stat statbuf;
252
253 if (stat(pg_data, &statbuf) != 0)
254 {
255 if (errno == ENOENT)
256 write_stderr(_("%s: directory \"%s\" does not exist\n"), progname,
257 pg_data);
258 else
259 write_stderr(_("%s: could not access directory \"%s\": %m\n"), progname,
260 pg_data);
261
262 /*
263 * The Linux Standard Base Core Specification 3.1 says this should
264 * return '4, program or service status is unknown'
265 * https://refspecs.linuxbase.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html
266 */
267 exit(is_status_request ? 4 : 1);
268 }
269
270 if (stat(version_file, &statbuf) != 0 && errno == ENOENT)
271 {
272 write_stderr(_("%s: directory \"%s\" is not a database cluster directory\n"),
273 progname, pg_data);
274 exit(is_status_request ? 4 : 1);
275 }
276
277 pidf = fopen(pid_file, "r");
278 if (pidf == NULL)
279 {
280 /* No pid file, not an error on startup */
281 if (errno == ENOENT)
282 return 0;
283 else
284 {
285 write_stderr(_("%s: could not open PID file \"%s\": %m\n"),
286 progname, pid_file);
287 exit(1);
288 }
289 }
290 if (fscanf(pidf, "%d", &pid) != 1)
291 {
292 /* Is the file empty? */
293 if (ftell(pidf) == 0 && feof(pidf))
294 write_stderr(_("%s: the PID file \"%s\" is empty\n"),
295 progname, pid_file);
296 else
297 write_stderr(_("%s: invalid data in PID file \"%s\"\n"),
298 progname, pid_file);
299 exit(1);
300 }
301 fclose(pidf);
302 return (pid_t) pid;
303}
304
305
306/*
307 * get the lines from a text file - return NULL if file can't be opened
308 *
309 * Trailing newlines are deleted from the lines (this is a change from pre-v10)
310 *
311 * *numlines is set to the number of line pointers returned; there is
312 * also an additional NULL pointer after the last real line.
313 */
314static char **
315readfile(const char *path, int *numlines)
316{
317 int fd;
318 int nlines;
319 char **result;
320 char *buffer;
321 char *linebegin;
322 int i;
323 int n;
324 int len;
325 struct stat statbuf;
326
327 *numlines = 0; /* in case of failure or empty file */
328
329 /*
330 * Slurp the file into memory.
331 *
332 * The file can change concurrently, so we read the whole file into memory
333 * with a single read() call. That's not guaranteed to get an atomic
334 * snapshot, but in practice, for a small file, it's close enough for the
335 * current use.
336 */
337 fd = open(path, O_RDONLY | PG_BINARY, 0);
338 if (fd < 0)
339 return NULL;
340 if (fstat(fd, &statbuf) < 0)
341 {
342 close(fd);
343 return NULL;
344 }
345 if (statbuf.st_size == 0)
346 {
347 /* empty file */
348 close(fd);
349 result = (char **) pg_malloc(sizeof(char *));
350 *result = NULL;
351 return result;
352 }
353 buffer = pg_malloc(statbuf.st_size + 1);
354
355 len = read(fd, buffer, statbuf.st_size + 1);
356 close(fd);
357 if (len != statbuf.st_size)
358 {
359 /* oops, the file size changed between fstat and read */
360 free(buffer);
361 return NULL;
362 }
363
364 /*
365 * Count newlines. We expect there to be a newline after each full line,
366 * including one at the end of file. If there isn't a newline at the end,
367 * any characters after the last newline will be ignored.
368 */
369 nlines = 0;
370 for (i = 0; i < len; i++)
371 {
372 if (buffer[i] == '\n')
373 nlines++;
374 }
375
376 /* set up the result buffer */
377 result = (char **) pg_malloc((nlines + 1) * sizeof(char *));
378 *numlines = nlines;
379
380 /* now split the buffer into lines */
381 linebegin = buffer;
382 n = 0;
383 for (i = 0; i < len; i++)
384 {
385 if (buffer[i] == '\n')
386 {
387 int slen = &buffer[i] - linebegin;
388 char *linebuf = pg_malloc(slen + 1);
389
390 memcpy(linebuf, linebegin, slen);
391 /* we already dropped the \n, but get rid of any \r too */
392 if (slen > 0 && linebuf[slen - 1] == '\r')
393 slen--;
394 linebuf[slen] = '\0';
395 result[n++] = linebuf;
396 linebegin = &buffer[i + 1];
397 }
398 }
399 result[n] = NULL;
400
401 free(buffer);
402
403 return result;
404}
405
406
407/*
408 * Free memory allocated for optlines through readfile()
409 */
410static void
411free_readfile(char **optlines)
412{
413 char *curr_line = NULL;
414 int i = 0;
415
416 if (!optlines)
417 return;
418
419 while ((curr_line = optlines[i++]))
420 free(curr_line);
421
422 free(optlines);
423}
424
425/*
426 * start/test/stop routines
427 */
428
429/*
430 * Start the postmaster and return its PID.
431 *
432 * Currently, on Windows what we return is the PID of the shell process
433 * that launched the postmaster (and, we trust, is waiting for it to exit).
434 * So the PID is usable for "is the postmaster still running" checks,
435 * but cannot be compared directly to postmaster.pid.
436 *
437 * On Windows, we also save aside a handle to the shell process in
438 * "postmasterProcess", which the caller should close when done with it.
439 */
440static pid_t
441start_postmaster(void)
442{
443 char *cmd;
444
445#ifndef WIN32
446 pid_t pm_pid;
447
448 /* Flush stdio channels just before fork, to avoid double-output problems */
449 fflush(NULL);
450
451#ifdef EXEC_BACKEND
452 pg_disable_aslr();
453#endif
454
455 pm_pid = fork();
456 if (pm_pid < 0)
457 {
458 /* fork failed */
459 write_stderr(_("%s: could not start server: %m\n"),
460 progname);
461 exit(1);
462 }
463 if (pm_pid > 0)
464 {
465 /* fork succeeded, in parent */
466 return pm_pid;
467 }
468
469 /* fork succeeded, in child */
470
471 /*
472 * If possible, detach the postmaster process from the launching process
473 * group and make it a group leader, so that it doesn't get signaled along
474 * with the current group that launched it.
475 */
476#ifdef HAVE_SETSID
477 if (setsid() < 0)
478 {
479 write_stderr(_("%s: could not start server due to setsid() failure: %m\n"),
480 progname);
481 exit(1);
482 }
483#endif
484
485 /*
486 * Since there might be quotes to handle here, it is easier simply to pass
487 * everything to a shell to process them. Use exec so that the postmaster
488 * has the same PID as the current child process.
489 */
490 if (log_file != NULL)
491 cmd = psprintf("exec \"%s\" %s%s < \"%s\" >> \"%s\" 2>&1",
492 exec_path, pgdata_opt, post_opts,
493 DEVNULL, log_file);
494 else
495 cmd = psprintf("exec \"%s\" %s%s < \"%s\" 2>&1",
496 exec_path, pgdata_opt, post_opts, DEVNULL);
497
498 (void) execl("/bin/sh", "/bin/sh", "-c", cmd, (char *) NULL);
499
500 /* exec failed */
501 write_stderr(_("%s: could not start server: %m\n"),
502 progname);
503 exit(1);
504
505 return 0; /* keep dumb compilers quiet */
506
507#else /* WIN32 */
508
509 /*
510 * As with the Unix case, it's easiest to use the shell (CMD.EXE) to
511 * handle redirection etc. Unfortunately CMD.EXE lacks any equivalent of
512 * "exec", so we don't get to find out the postmaster's PID immediately.
513 */
514 PROCESS_INFORMATION pi;
515 const char *comspec;
516
517 /* Find CMD.EXE location using COMSPEC, if it's set */
518 comspec = getenv("COMSPEC");
519 if (comspec == NULL)
520 comspec = "CMD";
521
522 if (log_file != NULL)
523 {
524 /*
525 * First, open the log file if it exists. The idea is that if the
526 * file is still locked by a previous postmaster run, we'll wait until
527 * it comes free, instead of failing with ERROR_SHARING_VIOLATION.
528 * (It'd be better to open the file in a sharing-friendly mode, but we
529 * can't use CMD.EXE to do that, so work around it. Note that the
530 * previous postmaster will still have the file open for a short time
531 * after removing postmaster.pid.)
532 *
533 * If the log file doesn't exist, we *must not* create it here. If we
534 * were launched with higher privileges than the restricted process
535 * will have, the log file might end up with permissions settings that
536 * prevent the postmaster from writing on it.
537 */
538 int fd = open(log_file, O_RDWR, 0);
539
540 if (fd == -1)
541 {
542 /*
543 * ENOENT is expectable since we didn't use O_CREAT. Otherwise
544 * complain. We could just fall through and let CMD.EXE report
545 * the problem, but its error reporting is pretty miserable.
546 */
547 if (errno != ENOENT)
548 {
549 write_stderr(_("%s: could not open log file \"%s\": %m\n"),
550 progname, log_file);
551 exit(1);
552 }
553 }
554 else
555 close(fd);
556
557 cmd = psprintf("\"%s\" /C \"\"%s\" %s%s < \"%s\" >> \"%s\" 2>&1\"",
558 comspec, exec_path, pgdata_opt, post_opts, DEVNULL, log_file);
559 }
560 else
561 cmd = psprintf("\"%s\" /C \"\"%s\" %s%s < \"%s\" 2>&1\"",
562 comspec, exec_path, pgdata_opt, post_opts, DEVNULL);
563
564 if (!CreateRestrictedProcess(cmd, &pi, false))
565 {
566 write_stderr(_("%s: could not start server: error code %lu\n"),
567 progname, GetLastError());
568 exit(1);
569 }
570 /* Don't close command process handle here; caller must do so */
571 postmasterProcess = pi.hProcess;
572 CloseHandle(pi.hThread);
573 return pi.dwProcessId; /* Shell's PID, not postmaster's! */
574#endif /* WIN32 */
575}
576
577
578
579/*
580 * Wait for the postmaster to become ready.
581 *
582 * On Unix, pm_pid is the PID of the just-launched postmaster. On Windows,
583 * it may be the PID of an ancestor shell process, so we can't check the
584 * contents of postmaster.pid quite as carefully.
585 *
586 * On Windows, the static variable postmasterProcess is an implicit argument
587 * to this routine; it contains a handle to the postmaster process or an
588 * ancestor shell process thereof.
589 *
590 * Note that the checkpoint parameter enables a Windows service control
591 * manager checkpoint, it's got nothing to do with database checkpoints!!
592 */
593static WaitPMResult
594wait_for_postmaster_start(pid_t pm_pid, bool do_checkpoint)
595{
596 int i;
597
598 for (i = 0; i < wait_seconds * WAITS_PER_SEC; i++)
599 {
600 char **optlines;
601 int numlines;
602
603 /*
604 * Try to read the postmaster.pid file. If it's not valid, or if the
605 * status line isn't there yet, just keep waiting.
606 */
607 if ((optlines = readfile(pid_file, &numlines)) != NULL &&
608 numlines >= LOCK_FILE_LINE_PM_STATUS)
609 {
610 /* File is complete enough for us, parse it */
611 pid_t pmpid;
612 time_t pmstart;
613
614 /*
615 * Make sanity checks. If it's for the wrong PID, or the recorded
616 * start time is before pg_ctl started, then either we are looking
617 * at the wrong data directory, or this is a pre-existing pidfile
618 * that hasn't (yet?) been overwritten by our child postmaster.
619 * Allow 2 seconds slop for possible cross-process clock skew.
620 */
621 pmpid = atol(optlines[LOCK_FILE_LINE_PID - 1]);
622 pmstart = atoll(optlines[LOCK_FILE_LINE_START_TIME - 1]);
623 if (pmstart >= start_time - 2 &&
624#ifndef WIN32
625 pmpid == pm_pid
626#else
627 /* Windows can only reject standalone-backend PIDs */
628 pmpid > 0
629#endif
630 )
631 {
632 /*
633 * OK, seems to be a valid pidfile from our child. Check the
634 * status line (this assumes a v10 or later server).
635 */
636 char *pmstatus = optlines[LOCK_FILE_LINE_PM_STATUS - 1];
637
638 if (strcmp(pmstatus, PM_STATUS_READY) == 0 ||
639 strcmp(pmstatus, PM_STATUS_STANDBY) == 0)
640 {
641 /* postmaster is done starting up */
642 free_readfile(optlines);
643 return POSTMASTER_READY;
644 }
645 }
646 }
647
648 /*
649 * Free the results of readfile.
650 *
651 * This is safe to call even if optlines is NULL.
652 */
653 free_readfile(optlines);
654
655 /*
656 * Check whether the child postmaster process is still alive. This
657 * lets us exit early if the postmaster fails during startup.
658 *
659 * On Windows, we may be checking the postmaster's parent shell, but
660 * that's fine for this purpose.
661 */
662 {
663 bool pm_died;
664#ifndef WIN32
665 int exitstatus;
666
667 pm_died = (waitpid(pm_pid, &exitstatus, WNOHANG) == pm_pid);
668#else
669 pm_died = (WaitForSingleObject(postmasterProcess, 0) == WAIT_OBJECT_0);
670#endif
671 if (pm_died)
672 {
673 /* See if postmaster terminated intentionally */
674 if (get_control_dbstate() == DB_SHUTDOWNED_IN_RECOVERY)
675 return POSTMASTER_SHUTDOWN_IN_RECOVERY;
676 else
677 return POSTMASTER_FAILED;
678 }
679 }
680
681 /* Startup still in process; wait, printing a dot once per second */
682 if (i % WAITS_PER_SEC == 0)
683 {
684#ifdef WIN32
685 if (do_checkpoint)
686 {
687 /*
688 * Increment the wait hint by 6 secs (connection timeout +
689 * sleep). We must do this to indicate to the SCM that our
690 * startup time is changing, otherwise it'll usually send a
691 * stop signal after 20 seconds, despite incrementing the
692 * checkpoint counter.
693 */
694 status.dwWaitHint += 6000;
695 status.dwCheckPoint++;
696 SetServiceStatus(hStatus, (LPSERVICE_STATUS) &status);
697 }
698 else
699#endif
700 print_msg(".");
701 }
702
703 pg_usleep(USECS_PER_SEC / WAITS_PER_SEC);
704 }
705
706 /* out of patience; report that postmaster is still starting up */
707 return POSTMASTER_STILL_STARTING;
708}
709
710
711/*
712 * Wait for the postmaster to stop.
713 *
714 * Returns true if the postmaster stopped cleanly (i.e., removed its pidfile).
715 * Returns false if the postmaster dies uncleanly, or if we time out.
716 */
717static bool
718wait_for_postmaster_stop(void)
719{
720 int cnt;
721
722 for (cnt = 0; cnt < wait_seconds * WAITS_PER_SEC; cnt++)
723 {
724 pid_t pid;
725
726 if ((pid = get_pgpid(false)) == 0)
727 return true; /* pid file is gone */
728
729 if (kill(pid, 0) != 0)
730 {
731 /*
732 * Postmaster seems to have died. Check the pid file once more to
733 * avoid a race condition, but give up waiting.
734 */
735 if (get_pgpid(false) == 0)
736 return true; /* pid file is gone */
737 return false; /* postmaster died untimely */
738 }
739
740 if (cnt % WAITS_PER_SEC == 0)
741 print_msg(".");
742 pg_usleep(USECS_PER_SEC / WAITS_PER_SEC);
743 }
744 return false; /* timeout reached */
745}
746
747
748/*
749 * Wait for the postmaster to promote.
750 *
751 * Returns true on success, else false.
752 * To avoid waiting uselessly, we check for postmaster death here too.
753 */
754static bool
755wait_for_postmaster_promote(void)
756{
757 int cnt;
758
759 for (cnt = 0; cnt < wait_seconds * WAITS_PER_SEC; cnt++)
760 {
761 pid_t pid;
762 DBState state;
763
764 if ((pid = get_pgpid(false)) == 0)
765 return false; /* pid file is gone */
766 if (kill(pid, 0) != 0)
767 return false; /* postmaster died */
768
769 state = get_control_dbstate();
770 if (state == DB_IN_PRODUCTION)
771 return true; /* successful promotion */
772
773 if (cnt % WAITS_PER_SEC == 0)
774 print_msg(".");
775 pg_usleep(USECS_PER_SEC / WAITS_PER_SEC);
776 }
777 return false; /* timeout reached */
778}
779
780
781#if defined(HAVE_GETRLIMIT)
782static void
783unlimit_core_size(void)
784{
785 struct rlimit lim;
786
787 getrlimit(RLIMIT_CORE, &lim);
788 if (lim.rlim_max == 0)
789 {
790 write_stderr(_("%s: cannot set core file size limit; disallowed by hard limit\n"),
791 progname);
792 return;
793 }
794 else if (lim.rlim_max == RLIM_INFINITY || lim.rlim_cur < lim.rlim_max)
795 {
796 lim.rlim_cur = lim.rlim_max;
797 setrlimit(RLIMIT_CORE, &lim);
798 }
799}
800#endif
801
802static void
803read_post_opts(void)
804{
805 if (post_opts == NULL)
806 {
807 post_opts = ""; /* default */
808 if (ctl_command == RESTART_COMMAND)
809 {
810 char **optlines;
811 int numlines;
812
813 optlines = readfile(postopts_file, &numlines);
814 if (optlines == NULL)
815 {
816 write_stderr(_("%s: could not read file \"%s\"\n"), progname, postopts_file);
817 exit(1);
818 }
819 else if (numlines != 1)
820 {
821 write_stderr(_("%s: option file \"%s\" must have exactly one line\n"),
822 progname, postopts_file);
823 exit(1);
824 }
825 else
826 {
827 char *optline;
828 char *arg1;
829
830 optline = optlines[0];
831
832 /*
833 * Are we at the first option, as defined by space and
834 * double-quote?
835 */
836 if ((arg1 = strstr(optline, " \"")) != NULL)
837 {
838 *arg1 = '\0'; /* terminate so we get only program name */
839 post_opts = pg_strdup(arg1 + 1); /* point past whitespace */
840 }
841 if (exec_path == NULL)
842 exec_path = pg_strdup(optline);
843 }
844
845 /* Free the results of readfile. */
846 free_readfile(optlines);
847 }
848 }
849}
850
851/*
852 * SIGINT signal handler used while waiting for postmaster to start up.
853 * Forwards the SIGINT to the postmaster process, asking it to shut down,
854 * before terminating pg_ctl itself. This way, if the user hits CTRL-C while
855 * waiting for the server to start up, the server launch is aborted.
856 */
857static void
858trap_sigint_during_startup(SIGNAL_ARGS)
859{
860 if (postmasterPID != -1)
861 {
862 if (kill(postmasterPID, SIGINT) != 0)
863 write_stderr(_("%s: could not send stop signal (PID: %d): %m\n"),
864 progname, (int) postmasterPID);
865 }
866
867 /*
868 * Clear the signal handler, and send the signal again, to terminate the
869 * process as normal.
870 */
871 pqsignal(postgres_signal_arg, SIG_DFL);
872 raise(postgres_signal_arg);
873}
874
875static char *
876find_other_exec_or_die(const char *argv0, const char *target, const char *versionstr)
877{
878 int ret;
879 char *found_path;
880
881 found_path = pg_malloc(MAXPGPATH);
882
883 if ((ret = find_other_exec(argv0, target, versionstr, found_path)) < 0)
884 {
885 char full_path[MAXPGPATH];
886
887 if (find_my_exec(argv0, full_path) < 0)
888 strlcpy(full_path, progname, sizeof(full_path));
889
890 if (ret == -1)
891 write_stderr(_("program \"%s\" is needed by %s but was not found in the same directory as \"%s\"\n"),
892 target, progname, full_path);
893 else
894 write_stderr(_("program \"%s\" was found by \"%s\" but was not the same version as %s\n"),
895 target, full_path, progname);
896 exit(1);
897 }
898
899 return found_path;
900}
901
902static void
903do_init(void)
904{
905 char *cmd;
906
907 if (exec_path == NULL)
908 exec_path = find_other_exec_or_die(argv0, "initdb", "initdb (PostgreSQL) " PG_VERSION "\n");
909
910 if (pgdata_opt == NULL)
911 pgdata_opt = "";
912
913 if (post_opts == NULL)
914 post_opts = "";
915
916 if (!silent_mode)
917 cmd = psprintf("\"%s\" %s%s",
918 exec_path, pgdata_opt, post_opts);
919 else
920 cmd = psprintf("\"%s\" %s%s > \"%s\"",
921 exec_path, pgdata_opt, post_opts, DEVNULL);
922
923 fflush(NULL);
924 if (system(cmd) != 0)
925 {
926 write_stderr(_("%s: database system initialization failed\n"), progname);
927 exit(1);
928 }
929}
930
931static void
932do_start(void)
933{
934 pid_t old_pid = 0;
935 pid_t pm_pid;
936
937 if (ctl_command != RESTART_COMMAND)
938 {
939 old_pid = get_pgpid(false);
940 if (old_pid != 0)
941 write_stderr(_("%s: another server might be running; "
942 "trying to start server anyway\n"),
943 progname);
944 }
945
946 read_post_opts();
947
948 /* No -D or -D already added during server start */
949 if (ctl_command == RESTART_COMMAND || pgdata_opt == NULL)
950 pgdata_opt = "";
951
952 if (exec_path == NULL)
953 exec_path = find_other_exec_or_die(argv0, "postgres", PG_BACKEND_VERSIONSTR);
954
955#if defined(HAVE_GETRLIMIT)
956 if (allow_core_files)
957 unlimit_core_size();
958#endif
959
960 /*
961 * If possible, tell the postmaster our parent shell's PID (see the
962 * comments in CreateLockFile() for motivation). Windows hasn't got
963 * getppid() unfortunately.
964 */
965#ifndef WIN32
966 {
967 char env_var[32];
968
969 snprintf(env_var, sizeof(env_var), "%d", (int) getppid());
970 setenv("PG_GRANDPARENT_PID", env_var, 1);
971 }
972#endif
973
974 pm_pid = start_postmaster();
975
976 if (do_wait)
977 {
978 /*
979 * If the user interrupts the startup (e.g. with CTRL-C), we'd like to
980 * abort the server launch. Install a signal handler that will
981 * forward SIGINT to the postmaster process, while we wait.
982 *
983 * (We don't bother to reset the signal handler after the launch, as
984 * we're about to exit, anyway.)
985 */
986 postmasterPID = pm_pid;
987 pqsignal(SIGINT, trap_sigint_during_startup);
988
989 print_msg(_("waiting for server to start..."));
990
991 switch (wait_for_postmaster_start(pm_pid, false))
992 {
993 case POSTMASTER_READY:
994 print_msg(_(" done\n"));
995 print_msg(_("server started\n"));
996 break;
997 case POSTMASTER_STILL_STARTING:
998 print_msg(_(" stopped waiting\n"));
999 write_stderr(_("%s: server did not start in time\n"),
1000 progname);
1001 exit(1);
1002 break;
1003 case POSTMASTER_SHUTDOWN_IN_RECOVERY:
1004 print_msg(_(" done\n"));
1005 print_msg(_("server shut down because of recovery target settings\n"));
1006 break;
1007 case POSTMASTER_FAILED:
1008 print_msg(_(" stopped waiting\n"));
1009 write_stderr(_("%s: could not start server\n"
1010 "Examine the log output.\n"),
1011 progname);
1012 exit(1);
1013 break;
1014 }
1015 }
1016 else
1017 print_msg(_("server starting\n"));
1018
1019#ifdef WIN32
1020 /* Now we don't need the handle to the shell process anymore */
1021 CloseHandle(postmasterProcess);
1022 postmasterProcess = INVALID_HANDLE_VALUE;
1023#endif
1024}
1025
1026
1027static void
1028do_stop(void)
1029{
1030 pid_t pid;
1031
1032 pid = get_pgpid(false);
1033
1034 if (pid == 0) /* no pid file */
1035 {
1036 write_stderr(_("%s: PID file \"%s\" does not exist\n"), progname, pid_file);
1037 write_stderr(_("Is server running?\n"));
1038 exit(1);
1039 }
1040 else if (pid < 0) /* standalone backend, not postmaster */
1041 {
1042 pid = -pid;
1043 write_stderr(_("%s: cannot stop server; "
1044 "single-user server is running (PID: %d)\n"),
1045 progname, (int) pid);
1046 exit(1);
1047 }
1048
1049 if (kill(pid, sig) != 0)
1050 {
1051 write_stderr(_("%s: could not send stop signal (PID: %d): %m\n"), progname, (int) pid);
1052 exit(1);
1053 }
1054
1055 if (!do_wait)
1056 {
1057 print_msg(_("server shutting down\n"));
1058 return;
1059 }
1060 else
1061 {
1062 print_msg(_("waiting for server to shut down..."));
1063
1064 if (!wait_for_postmaster_stop())
1065 {
1066 print_msg(_(" failed\n"));
1067
1068 write_stderr(_("%s: server does not shut down\n"), progname);
1069 if (shutdown_mode == SMART_MODE)
1070 write_stderr(_("HINT: The \"-m fast\" option immediately disconnects sessions rather than\n"
1071 "waiting for session-initiated disconnection.\n"));
1072 exit(1);
1073 }
1074 print_msg(_(" done\n"));
1075
1076 print_msg(_("server stopped\n"));
1077 }
1078}
1079
1080
1081/*
1082 * restart/reload routines
1083 */
1084
1085static void
1086do_restart(void)
1087{
1088 pid_t pid;
1089
1090 pid = get_pgpid(false);
1091
1092 if (pid == 0) /* no pid file */
1093 {
1094 write_stderr(_("%s: PID file \"%s\" does not exist\n"),
1095 progname, pid_file);
1096 write_stderr(_("Is server running?\n"));
1097 write_stderr(_("trying to start server anyway\n"));
1098 do_start();
1099 return;
1100 }
1101 else if (pid < 0) /* standalone backend, not postmaster */
1102 {
1103 pid = -pid;
1104 if (postmaster_is_alive(pid))
1105 {
1106 write_stderr(_("%s: cannot restart server; "
1107 "single-user server is running (PID: %d)\n"),
1108 progname, (int) pid);
1109 write_stderr(_("Please terminate the single-user server and try again.\n"));
1110 exit(1);
1111 }
1112 }
1113
1114 if (postmaster_is_alive(pid))
1115 {
1116 if (kill(pid, sig) != 0)
1117 {
1118 write_stderr(_("%s: could not send stop signal (PID: %d): %m\n"), progname, (int) pid);
1119 exit(1);
1120 }
1121
1122 print_msg(_("waiting for server to shut down..."));
1123
1124 /* always wait for restart */
1125 if (!wait_for_postmaster_stop())
1126 {
1127 print_msg(_(" failed\n"));
1128
1129 write_stderr(_("%s: server does not shut down\n"), progname);
1130 if (shutdown_mode == SMART_MODE)
1131 write_stderr(_("HINT: The \"-m fast\" option immediately disconnects sessions rather than\n"
1132 "waiting for session-initiated disconnection.\n"));
1133 exit(1);
1134 }
1135
1136 print_msg(_(" done\n"));
1137 print_msg(_("server stopped\n"));
1138 }
1139 else
1140 {
1141 write_stderr(_("%s: old server process (PID: %d) seems to be gone\n"),
1142 progname, (int) pid);
1143 write_stderr(_("starting server anyway\n"));
1144 }
1145
1146 do_start();
1147}
1148
1149static void
1150do_reload(void)
1151{
1152 pid_t pid;
1153
1154 pid = get_pgpid(false);
1155 if (pid == 0) /* no pid file */
1156 {
1157 write_stderr(_("%s: PID file \"%s\" does not exist\n"), progname, pid_file);
1158 write_stderr(_("Is server running?\n"));
1159 exit(1);
1160 }
1161 else if (pid < 0) /* standalone backend, not postmaster */
1162 {
1163 pid = -pid;
1164 write_stderr(_("%s: cannot reload server; "
1165 "single-user server is running (PID: %d)\n"),
1166 progname, (int) pid);
1167 write_stderr(_("Please terminate the single-user server and try again.\n"));
1168 exit(1);
1169 }
1170
1171 if (kill(pid, sig) != 0)
1172 {
1173 write_stderr(_("%s: could not send reload signal (PID: %d): %m\n"),
1174 progname, (int) pid);
1175 exit(1);
1176 }
1177
1178 print_msg(_("server signaled\n"));
1179}
1180
1181
1182/*
1183 * promote
1184 */
1185
1186static void
1187do_promote(void)
1188{
1189 FILE *prmfile;
1190 pid_t pid;
1191
1192 pid = get_pgpid(false);
1193
1194 if (pid == 0) /* no pid file */
1195 {
1196 write_stderr(_("%s: PID file \"%s\" does not exist\n"), progname, pid_file);
1197 write_stderr(_("Is server running?\n"));
1198 exit(1);
1199 }
1200 else if (pid < 0) /* standalone backend, not postmaster */
1201 {
1202 pid = -pid;
1203 write_stderr(_("%s: cannot promote server; "
1204 "single-user server is running (PID: %d)\n"),
1205 progname, (int) pid);
1206 exit(1);
1207 }
1208
1209 if (get_control_dbstate() != DB_IN_ARCHIVE_RECOVERY)
1210 {
1211 write_stderr(_("%s: cannot promote server; "
1212 "server is not in standby mode\n"),
1213 progname);
1214 exit(1);
1215 }
1216
1217 snprintf(promote_file, MAXPGPATH, "%s/promote", pg_data);
1218
1219 if ((prmfile = fopen(promote_file, "w")) == NULL)
1220 {
1221 write_stderr(_("%s: could not create promote signal file \"%s\": %m\n"),
1222 progname, promote_file);
1223 exit(1);
1224 }
1225 if (fclose(prmfile))
1226 {
1227 write_stderr(_("%s: could not write promote signal file \"%s\": %m\n"),
1228 progname, promote_file);
1229 exit(1);
1230 }
1231
1232 sig = SIGUSR1;
1233 if (kill(pid, sig) != 0)
1234 {
1235 write_stderr(_("%s: could not send promote signal (PID: %d): %m\n"),
1236 progname, (int) pid);
1237 if (unlink(promote_file) != 0)
1238 write_stderr(_("%s: could not remove promote signal file \"%s\": %m\n"),
1239 progname, promote_file);
1240 exit(1);
1241 }
1242
1243 if (do_wait)
1244 {
1245 print_msg(_("waiting for server to promote..."));
1246 if (wait_for_postmaster_promote())
1247 {
1248 print_msg(_(" done\n"));
1249 print_msg(_("server promoted\n"));
1250 }
1251 else
1252 {
1253 print_msg(_(" stopped waiting\n"));
1254 write_stderr(_("%s: server did not promote in time\n"),
1255 progname);
1256 exit(1);
1257 }
1258 }
1259 else
1260 print_msg(_("server promoting\n"));
1261}
1262
1263/*
1264 * log rotate
1265 */
1266
1267static void
1268do_logrotate(void)
1269{
1270 FILE *logrotatefile;
1271 pid_t pid;
1272
1273 pid = get_pgpid(false);
1274
1275 if (pid == 0) /* no pid file */
1276 {
1277 write_stderr(_("%s: PID file \"%s\" does not exist\n"), progname, pid_file);
1278 write_stderr(_("Is server running?\n"));
1279 exit(1);
1280 }
1281 else if (pid < 0) /* standalone backend, not postmaster */
1282 {
1283 pid = -pid;
1284 write_stderr(_("%s: cannot rotate log file; "
1285 "single-user server is running (PID: %d)\n"),
1286 progname, (int) pid);
1287 exit(1);
1288 }
1289
1290 snprintf(logrotate_file, MAXPGPATH, "%s/logrotate", pg_data);
1291
1292 if ((logrotatefile = fopen(logrotate_file, "w")) == NULL)
1293 {
1294 write_stderr(_("%s: could not create log rotation signal file \"%s\": %m\n"),
1295 progname, logrotate_file);
1296 exit(1);
1297 }
1298 if (fclose(logrotatefile))
1299 {
1300 write_stderr(_("%s: could not write log rotation signal file \"%s\": %m\n"),
1301 progname, logrotate_file);
1302 exit(1);
1303 }
1304
1305 sig = SIGUSR1;
1306 if (kill(pid, sig) != 0)
1307 {
1308 write_stderr(_("%s: could not send log rotation signal (PID: %d): %m\n"),
1309 progname, (int) pid);
1310 if (unlink(logrotate_file) != 0)
1311 write_stderr(_("%s: could not remove log rotation signal file \"%s\": %m\n"),
1312 progname, logrotate_file);
1313 exit(1);
1314 }
1315
1316 print_msg(_("server signaled to rotate log file\n"));
1317}
1318
1319
1320/*
1321 * utility routines
1322 */
1323
1324static bool
1325postmaster_is_alive(pid_t pid)
1326{
1327 /*
1328 * Test to see if the process is still there. Note that we do not
1329 * consider an EPERM failure to mean that the process is still there;
1330 * EPERM must mean that the given PID belongs to some other userid, and
1331 * considering the permissions on $PGDATA, that means it's not the
1332 * postmaster we are after.
1333 *
1334 * Don't believe that our own PID or parent shell's PID is the postmaster,
1335 * either. (Windows hasn't got getppid(), though.)
1336 */
1337 if (pid == getpid())
1338 return false;
1339#ifndef WIN32
1340 if (pid == getppid())
1341 return false;
1342#endif
1343 if (kill(pid, 0) == 0)
1344 return true;
1345 return false;
1346}
1347
1348static void
1349do_status(void)
1350{
1351 pid_t pid;
1352
1353 pid = get_pgpid(true);
1354 /* Is there a pid file? */
1355 if (pid != 0)
1356 {
1357 /* standalone backend? */
1358 if (pid < 0)
1359 {
1360 pid = -pid;
1361 if (postmaster_is_alive(pid))
1362 {
1363 printf(_("%s: single-user server is running (PID: %d)\n"),
1364 progname, (int) pid);
1365 return;
1366 }
1367 }
1368 else
1369 /* must be a postmaster */
1370 {
1371 if (postmaster_is_alive(pid))
1372 {
1373 char **optlines;
1374 char **curr_line;
1375 int numlines;
1376
1377 printf(_("%s: server is running (PID: %d)\n"),
1378 progname, (int) pid);
1379
1380 optlines = readfile(postopts_file, &numlines);
1381 if (optlines != NULL)
1382 {
1383 for (curr_line = optlines; *curr_line != NULL; curr_line++)
1384 puts(*curr_line);
1385
1386 /* Free the results of readfile */
1387 free_readfile(optlines);
1388 }
1389 return;
1390 }
1391 }
1392 }
1393 printf(_("%s: no server running\n"), progname);
1394
1395 /*
1396 * The Linux Standard Base Core Specification 3.1 says this should return
1397 * '3, program is not running'
1398 * https://refspecs.linuxbase.org/LSB_3.1.0/LSB-Core-generic/LSB-Core-generic/iniscrptact.html
1399 */
1400 exit(3);
1401}
1402
1403
1404
1405static void
1406do_kill(pid_t pid)
1407{
1408 if (kill(pid, sig) != 0)
1409 {
1410 write_stderr(_("%s: could not send signal %d (PID: %d): %m\n"),
1411 progname, sig, (int) pid);
1412 exit(1);
1413 }
1414}
1415
1416#ifdef WIN32
1417
1418static bool
1419pgwin32_IsInstalled(SC_HANDLE hSCM)
1420{
1421 SC_HANDLE hService = OpenService(hSCM, register_servicename, SERVICE_QUERY_CONFIG);
1422 bool bResult = (hService != NULL);
1423
1424 if (bResult)
1425 CloseServiceHandle(hService);
1426 return bResult;
1427}
1428
1429static char *
1430pgwin32_CommandLine(bool registration)
1431{
1432 PQExpBuffer cmdLine = createPQExpBuffer();
1433 char cmdPath[MAXPGPATH];
1434 int ret;
1435
1436 if (registration)
1437 {
1438 ret = find_my_exec(argv0, cmdPath);
1439 if (ret != 0)
1440 {
1441 write_stderr(_("%s: could not find own program executable\n"), progname);
1442 exit(1);
1443 }
1444 }
1445 else
1446 {
1447 ret = find_other_exec(argv0, "postgres", PG_BACKEND_VERSIONSTR,
1448 cmdPath);
1449 if (ret != 0)
1450 {
1451 write_stderr(_("%s: could not find postgres program executable\n"), progname);
1452 exit(1);
1453 }
1454 }
1455
1456 /* if path does not end in .exe, append it */
1457 if (strlen(cmdPath) < 4 ||
1458 pg_strcasecmp(cmdPath + strlen(cmdPath) - 4, ".exe") != 0)
1459 snprintf(cmdPath + strlen(cmdPath), sizeof(cmdPath) - strlen(cmdPath),
1460 ".exe");
1461
1462 /* use backslashes in path to avoid problems with some third-party tools */
1463 make_native_path(cmdPath);
1464
1465 /* be sure to double-quote the executable's name in the command */
1466 appendPQExpBuffer(cmdLine, "\"%s\"", cmdPath);
1467
1468 /* append assorted switches to the command line, as needed */
1469
1470 if (registration)
1471 appendPQExpBuffer(cmdLine, " runservice -N \"%s\"",
1472 register_servicename);
1473
1474 if (pg_config)
1475 {
1476 /* We need the -D path to be absolute */
1477 char *dataDir;
1478
1479 if ((dataDir = make_absolute_path(pg_config)) == NULL)
1480 {
1481 /* make_absolute_path already reported the error */
1482 exit(1);
1483 }
1484 make_native_path(dataDir);
1485 appendPQExpBuffer(cmdLine, " -D \"%s\"", dataDir);
1486 free(dataDir);
1487 }
1488
1489 if (registration && event_source != NULL)
1490 appendPQExpBuffer(cmdLine, " -e \"%s\"", event_source);
1491
1492 if (registration && do_wait)
1493 appendPQExpBufferStr(cmdLine, " -w");
1494
1495 /* Don't propagate a value from an environment variable. */
1496 if (registration && wait_seconds_arg && wait_seconds != DEFAULT_WAIT)
1497 appendPQExpBuffer(cmdLine, " -t %d", wait_seconds);
1498
1499 if (registration && silent_mode)
1500 appendPQExpBufferStr(cmdLine, " -s");
1501
1502 if (post_opts)
1503 {
1504 if (registration)
1505 appendPQExpBuffer(cmdLine, " -o \"%s\"", post_opts);
1506 else
1507 appendPQExpBuffer(cmdLine, " %s", post_opts);
1508 }
1509
1510 return cmdLine->data;
1511}
1512
1513static void
1514pgwin32_doRegister(void)
1515{
1516 SC_HANDLE hService;
1517 SC_HANDLE hSCM = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
1518
1519 if (hSCM == NULL)
1520 {
1521 write_stderr(_("%s: could not open service manager\n"), progname);
1522 exit(1);
1523 }
1524 if (pgwin32_IsInstalled(hSCM))
1525 {
1526 CloseServiceHandle(hSCM);
1527 write_stderr(_("%s: service \"%s\" already registered\n"), progname, register_servicename);
1528 exit(1);
1529 }
1530
1531 if ((hService = CreateService(hSCM, register_servicename, register_servicename,
1532 SERVICE_ALL_ACCESS, SERVICE_WIN32_OWN_PROCESS,
1533 pgctl_start_type, SERVICE_ERROR_NORMAL,
1534 pgwin32_CommandLine(true),
1535 NULL, NULL, "RPCSS\0", register_username, register_password)) == NULL)
1536 {
1537 CloseServiceHandle(hSCM);
1538 write_stderr(_("%s: could not register service \"%s\": error code %lu\n"),
1539 progname, register_servicename,
1540 GetLastError());
1541 exit(1);
1542 }
1543 CloseServiceHandle(hService);
1544 CloseServiceHandle(hSCM);
1545}
1546
1547static void
1548pgwin32_doUnregister(void)
1549{
1550 SC_HANDLE hService;
1551 SC_HANDLE hSCM = OpenSCManager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
1552
1553 if (hSCM == NULL)
1554 {
1555 write_stderr(_("%s: could not open service manager\n"), progname);
1556 exit(1);
1557 }
1558 if (!pgwin32_IsInstalled(hSCM))
1559 {
1560 CloseServiceHandle(hSCM);
1561 write_stderr(_("%s: service \"%s\" not registered\n"), progname, register_servicename);
1562 exit(1);
1563 }
1564
1565 if ((hService = OpenService(hSCM, register_servicename, DELETE)) == NULL)
1566 {
1567 CloseServiceHandle(hSCM);
1568 write_stderr(_("%s: could not open service \"%s\": error code %lu\n"),
1569 progname, register_servicename,
1570 GetLastError());
1571 exit(1);
1572 }
1573 if (!DeleteService(hService))
1574 {
1575 CloseServiceHandle(hService);
1576 CloseServiceHandle(hSCM);
1577 write_stderr(_("%s: could not unregister service \"%s\": error code %lu\n"),
1578 progname, register_servicename,
1579 GetLastError());
1580 exit(1);
1581 }
1582 CloseServiceHandle(hService);
1583 CloseServiceHandle(hSCM);
1584}
1585
1586static void
1587pgwin32_SetServiceStatus(DWORD currentState)
1588{
1589 status.dwCurrentState = currentState;
1590 SetServiceStatus(hStatus, (LPSERVICE_STATUS) &status);
1591}
1592
1593static void WINAPI
1594pgwin32_ServiceHandler(DWORD request)
1595{
1596 switch (request)
1597 {
1598 case SERVICE_CONTROL_STOP:
1599 case SERVICE_CONTROL_SHUTDOWN:
1600
1601 /*
1602 * We only need a short wait hint here as it just needs to wait
1603 * for the next checkpoint. They occur every 5 seconds during
1604 * shutdown
1605 */
1606 status.dwWaitHint = 10000;
1607 pgwin32_SetServiceStatus(SERVICE_STOP_PENDING);
1608 SetEvent(shutdownEvent);
1609 return;
1610
1611 case SERVICE_CONTROL_PAUSE:
1612 /* Win32 config reloading */
1613 status.dwWaitHint = 5000;
1614 kill(postmasterPID, SIGHUP);
1615 return;
1616
1617 /* FIXME: These could be used to replace other signals etc */
1618 case SERVICE_CONTROL_CONTINUE:
1619 case SERVICE_CONTROL_INTERROGATE:
1620 default:
1621 break;
1622 }
1623}
1624
1625static void WINAPI
1626pgwin32_ServiceMain(DWORD argc, LPTSTR *argv)
1627{
1628 PROCESS_INFORMATION pi;
1629 DWORD ret;
1630
1631 /* Initialize variables */
1632 status.dwWin32ExitCode = S_OK;
1633 status.dwCheckPoint = 0;
1634 status.dwWaitHint = 60000;
1635 status.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
1636 status.dwControlsAccepted = SERVICE_ACCEPT_STOP | SERVICE_ACCEPT_SHUTDOWN | SERVICE_ACCEPT_PAUSE_CONTINUE;
1637 status.dwServiceSpecificExitCode = 0;
1638 status.dwCurrentState = SERVICE_START_PENDING;
1639
1640 memset(&pi, 0, sizeof(pi));
1641
1642 read_post_opts();
1643
1644 /* Register the control request handler */
1645 if ((hStatus = RegisterServiceCtrlHandler(register_servicename, pgwin32_ServiceHandler)) == (SERVICE_STATUS_HANDLE) 0)
1646 return;
1647
1648 if ((shutdownEvent = CreateEvent(NULL, true, false, NULL)) == NULL)
1649 return;
1650
1651 /* Start the postmaster */
1652 pgwin32_SetServiceStatus(SERVICE_START_PENDING);
1653 if (!CreateRestrictedProcess(pgwin32_CommandLine(false), &pi, true))
1654 {
1655 pgwin32_SetServiceStatus(SERVICE_STOPPED);
1656 return;
1657 }
1658 postmasterPID = pi.dwProcessId;
1659 postmasterProcess = pi.hProcess;
1660 CloseHandle(pi.hThread);
1661
1662 if (do_wait)
1663 {
1664 write_eventlog(EVENTLOG_INFORMATION_TYPE, _("Waiting for server startup...\n"));
1665 if (wait_for_postmaster_start(postmasterPID, true) != POSTMASTER_READY)
1666 {
1667 write_eventlog(EVENTLOG_ERROR_TYPE, _("Timed out waiting for server startup\n"));
1668 pgwin32_SetServiceStatus(SERVICE_STOPPED);
1669 return;
1670 }
1671 write_eventlog(EVENTLOG_INFORMATION_TYPE, _("Server started and accepting connections\n"));
1672 }
1673
1674 pgwin32_SetServiceStatus(SERVICE_RUNNING);
1675
1676 /* Wait for quit... */
1677 ret = WaitForMultipleObjects(2, shutdownHandles, FALSE, INFINITE);
1678
1679 pgwin32_SetServiceStatus(SERVICE_STOP_PENDING);
1680 switch (ret)
1681 {
1682 case WAIT_OBJECT_0: /* shutdown event */
1683 {
1684 /*
1685 * status.dwCheckPoint can be incremented by
1686 * wait_for_postmaster_start(), so it might not start from 0.
1687 */
1688 int maxShutdownCheckPoint = status.dwCheckPoint + 12;
1689
1690 kill(postmasterPID, SIGINT);
1691
1692 /*
1693 * Increment the checkpoint and try again. Abort after 12
1694 * checkpoints as the postmaster has probably hung.
1695 */
1696 while (WaitForSingleObject(postmasterProcess, 5000) == WAIT_TIMEOUT && status.dwCheckPoint < maxShutdownCheckPoint)
1697 {
1698 status.dwCheckPoint++;
1699 SetServiceStatus(hStatus, (LPSERVICE_STATUS) &status);
1700 }
1701 break;
1702 }
1703
1704 case (WAIT_OBJECT_0 + 1): /* postmaster went down */
1705 break;
1706
1707 default:
1708 /* shouldn't get here? */
1709 break;
1710 }
1711
1712 CloseHandle(shutdownEvent);
1713 CloseHandle(postmasterProcess);
1714
1715 pgwin32_SetServiceStatus(SERVICE_STOPPED);
1716}
1717
1718static void
1719pgwin32_doRunAsService(void)
1720{
1721 SERVICE_TABLE_ENTRY st[] = {{register_servicename, pgwin32_ServiceMain},
1722 {NULL, NULL}};
1723
1724 if (StartServiceCtrlDispatcher(st) == 0)
1725 {
1726 write_stderr(_("%s: could not start service \"%s\": error code %lu\n"),
1727 progname, register_servicename,
1728 GetLastError());
1729 exit(1);
1730 }
1731}
1732
1733
1734/*
1735 * Set up STARTUPINFO for the new process to inherit this process' handles.
1736 *
1737 * Process started as services appear to have "empty" handles (GetStdHandle()
1738 * returns NULL) rather than invalid ones. But passing down NULL ourselves
1739 * doesn't work, it's interpreted as STARTUPINFO->hStd* not being set. But we
1740 * can pass down INVALID_HANDLE_VALUE - which makes GetStdHandle() in the new
1741 * process (and its child processes!) return INVALID_HANDLE_VALUE. Which
1742 * achieves the goal of postmaster running in a similar environment as pg_ctl.
1743 */
1744static void
1745InheritStdHandles(STARTUPINFO *si)
1746{
1747 si->dwFlags |= STARTF_USESTDHANDLES;
1748 si->hStdInput = GetStdHandle(STD_INPUT_HANDLE);
1749 if (si->hStdInput == NULL)
1750 si->hStdInput = INVALID_HANDLE_VALUE;
1751 si->hStdOutput = GetStdHandle(STD_OUTPUT_HANDLE);
1752 if (si->hStdOutput == NULL)
1753 si->hStdOutput = INVALID_HANDLE_VALUE;
1754 si->hStdError = GetStdHandle(STD_ERROR_HANDLE);
1755 if (si->hStdError == NULL)
1756 si->hStdError = INVALID_HANDLE_VALUE;
1757}
1758
1759/*
1760 * Create a restricted token, a job object sandbox, and execute the specified
1761 * process with it.
1762 *
1763 * Returns 0 on success, non-zero on failure, same as CreateProcess().
1764 *
1765 * NOTE! Job object will only work when running as a service, because it's
1766 * automatically destroyed when pg_ctl exits.
1767 */
1768static int
1769CreateRestrictedProcess(char *cmd, PROCESS_INFORMATION *processInfo, bool as_service)
1770{
1771 int r;
1772 BOOL b;
1773 STARTUPINFO si;
1774 HANDLE origToken;
1775 HANDLE restrictedToken;
1776 BOOL inJob;
1777 SID_IDENTIFIER_AUTHORITY NtAuthority = {SECURITY_NT_AUTHORITY};
1778 SID_AND_ATTRIBUTES dropSids[2];
1779 PTOKEN_PRIVILEGES delPrivs;
1780
1781 ZeroMemory(&si, sizeof(si));
1782 si.cb = sizeof(si);
1783
1784 /*
1785 * Set stdin/stdout/stderr handles to be inherited in the child process.
1786 * That allows postmaster and the processes it starts to perform
1787 * additional checks to see if running in a service (otherwise they get
1788 * the default console handles - which point to "somewhere").
1789 */
1790 InheritStdHandles(&si);
1791
1792 /* Open the current token to use as a base for the restricted one */
1793 if (!OpenProcessToken(GetCurrentProcess(), TOKEN_ALL_ACCESS, &origToken))
1794 {
1795 /*
1796 * Most Windows targets make DWORD a 32-bit unsigned long, but in case
1797 * it doesn't cast DWORD before printing.
1798 */
1799 write_stderr(_("%s: could not open process token: error code %lu\n"),
1800 progname, GetLastError());
1801 return 0;
1802 }
1803
1804 /* Allocate list of SIDs to remove */
1805 ZeroMemory(&dropSids, sizeof(dropSids));
1806 if (!AllocateAndInitializeSid(&NtAuthority, 2,
1807 SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0,
1808 0, &dropSids[0].Sid) ||
1809 !AllocateAndInitializeSid(&NtAuthority, 2,
1810 SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_POWER_USERS, 0, 0, 0, 0, 0,
1811 0, &dropSids[1].Sid))
1812 {
1813 write_stderr(_("%s: could not allocate SIDs: error code %lu\n"),
1814 progname, GetLastError());
1815 return 0;
1816 }
1817
1818 /* Get list of privileges to remove */
1819 delPrivs = GetPrivilegesToDelete(origToken);
1820 if (delPrivs == NULL)
1821 /* Error message already printed */
1822 return 0;
1823
1824 b = CreateRestrictedToken(origToken,
1825 0,
1826 sizeof(dropSids) / sizeof(dropSids[0]),
1827 dropSids,
1828 delPrivs->PrivilegeCount, delPrivs->Privileges,
1829 0, NULL,
1830 &restrictedToken);
1831
1832 free(delPrivs);
1833 FreeSid(dropSids[1].Sid);
1834 FreeSid(dropSids[0].Sid);
1835 CloseHandle(origToken);
1836
1837 if (!b)
1838 {
1839 write_stderr(_("%s: could not create restricted token: error code %lu\n"),
1840 progname, GetLastError());
1841 return 0;
1842 }
1843
1844 AddUserToTokenDacl(restrictedToken);
1845 r = CreateProcessAsUser(restrictedToken, NULL, cmd, NULL, NULL, TRUE, CREATE_SUSPENDED, NULL, NULL, &si, processInfo);
1846
1847 if (IsProcessInJob(processInfo->hProcess, NULL, &inJob))
1848 {
1849 if (!inJob)
1850 {
1851 /*
1852 * Job objects are working, and the new process isn't in one, so
1853 * we can create one safely. If any problems show up when setting
1854 * it, we're going to ignore them.
1855 */
1856 HANDLE job;
1857 char jobname[128];
1858
1859 sprintf(jobname, "PostgreSQL_%lu", processInfo->dwProcessId);
1860
1861 job = CreateJobObject(NULL, jobname);
1862 if (job)
1863 {
1864 JOBOBJECT_BASIC_LIMIT_INFORMATION basicLimit;
1865 JOBOBJECT_BASIC_UI_RESTRICTIONS uiRestrictions;
1866 JOBOBJECT_SECURITY_LIMIT_INFORMATION securityLimit;
1867
1868 ZeroMemory(&basicLimit, sizeof(basicLimit));
1869 ZeroMemory(&uiRestrictions, sizeof(uiRestrictions));
1870 ZeroMemory(&securityLimit, sizeof(securityLimit));
1871
1872 basicLimit.LimitFlags = JOB_OBJECT_LIMIT_DIE_ON_UNHANDLED_EXCEPTION | JOB_OBJECT_LIMIT_PRIORITY_CLASS;
1873 basicLimit.PriorityClass = NORMAL_PRIORITY_CLASS;
1874 SetInformationJobObject(job, JobObjectBasicLimitInformation, &basicLimit, sizeof(basicLimit));
1875
1876 uiRestrictions.UIRestrictionsClass = JOB_OBJECT_UILIMIT_DESKTOP | JOB_OBJECT_UILIMIT_DISPLAYSETTINGS |
1877 JOB_OBJECT_UILIMIT_EXITWINDOWS | JOB_OBJECT_UILIMIT_READCLIPBOARD |
1878 JOB_OBJECT_UILIMIT_SYSTEMPARAMETERS | JOB_OBJECT_UILIMIT_WRITECLIPBOARD;
1879
1880 SetInformationJobObject(job, JobObjectBasicUIRestrictions, &uiRestrictions, sizeof(uiRestrictions));
1881
1882 securityLimit.SecurityLimitFlags = JOB_OBJECT_SECURITY_NO_ADMIN | JOB_OBJECT_SECURITY_ONLY_TOKEN;
1883 securityLimit.JobToken = restrictedToken;
1884 SetInformationJobObject(job, JobObjectSecurityLimitInformation, &securityLimit, sizeof(securityLimit));
1885
1886 AssignProcessToJobObject(job, processInfo->hProcess);
1887 }
1888 }
1889 }
1890
1891 CloseHandle(restrictedToken);
1892
1893 ResumeThread(processInfo->hThread);
1894
1895 /*
1896 * We intentionally don't close the job object handle, because we want the
1897 * object to live on until pg_ctl shuts down.
1898 */
1899 return r;
1900}
1901
1902/*
1903 * Get a list of privileges to delete from the access token. We delete all privileges
1904 * except SeLockMemoryPrivilege which is needed to use large pages, and
1905 * SeChangeNotifyPrivilege which is enabled by default in DISABLE_MAX_PRIVILEGE.
1906 */
1907static PTOKEN_PRIVILEGES
1908GetPrivilegesToDelete(HANDLE hToken)
1909{
1910 int i,
1911 j;
1912 DWORD length;
1913 PTOKEN_PRIVILEGES tokenPrivs;
1914 LUID luidLockPages;
1915 LUID luidChangeNotify;
1916
1917 if (!LookupPrivilegeValue(NULL, SE_LOCK_MEMORY_NAME, &luidLockPages) ||
1918 !LookupPrivilegeValue(NULL, SE_CHANGE_NOTIFY_NAME, &luidChangeNotify))
1919 {
1920 write_stderr(_("%s: could not get LUIDs for privileges: error code %lu\n"),
1921 progname, GetLastError());
1922 return NULL;
1923 }
1924
1925 if (!GetTokenInformation(hToken, TokenPrivileges, NULL, 0, &length) &&
1926 GetLastError() != ERROR_INSUFFICIENT_BUFFER)
1927 {
1928 write_stderr(_("%s: could not get token information: error code %lu\n"),
1929 progname, GetLastError());
1930 return NULL;
1931 }
1932
1933 tokenPrivs = (PTOKEN_PRIVILEGES) pg_malloc_extended(length,
1934 MCXT_ALLOC_NO_OOM);
1935 if (tokenPrivs == NULL)
1936 {
1937 write_stderr(_("%s: out of memory\n"), progname);
1938 return NULL;
1939 }
1940
1941 if (!GetTokenInformation(hToken, TokenPrivileges, tokenPrivs, length, &length))
1942 {
1943 write_stderr(_("%s: could not get token information: error code %lu\n"),
1944 progname, GetLastError());
1945 free(tokenPrivs);
1946 return NULL;
1947 }
1948
1949 for (i = 0; i < tokenPrivs->PrivilegeCount; i++)
1950 {
1951 if (memcmp(&tokenPrivs->Privileges[i].Luid, &luidLockPages, sizeof(LUID)) == 0 ||
1952 memcmp(&tokenPrivs->Privileges[i].Luid, &luidChangeNotify, sizeof(LUID)) == 0)
1953 {
1954 for (j = i; j < tokenPrivs->PrivilegeCount - 1; j++)
1955 tokenPrivs->Privileges[j] = tokenPrivs->Privileges[j + 1];
1956 tokenPrivs->PrivilegeCount--;
1957 }
1958 }
1959
1960 return tokenPrivs;
1961}
1962#endif /* WIN32 */
1963
1964static void
1965do_advice(void)
1966{
1967 write_stderr(_("Try \"%s --help\" for more information.\n"), progname);
1968}
1969
1970
1971
1972static void
1973do_help(void)
1974{
1975 printf(_("%s is a utility to initialize, start, stop, or control a PostgreSQL server.\n\n"), progname);
1976 printf(_("Usage:\n"));
1977 printf(_(" %s init[db] [-D DATADIR] [-s] [-o OPTIONS]\n"), progname);
1978 printf(_(" %s start [-D DATADIR] [-l FILENAME] [-W] [-t SECS] [-s]\n"
1979 " [-o OPTIONS] [-p PATH] [-c]\n"), progname);
1980 printf(_(" %s stop [-D DATADIR] [-m SHUTDOWN-MODE] [-W] [-t SECS] [-s]\n"), progname);
1981 printf(_(" %s restart [-D DATADIR] [-m SHUTDOWN-MODE] [-W] [-t SECS] [-s]\n"
1982 " [-o OPTIONS] [-c]\n"), progname);
1983 printf(_(" %s reload [-D DATADIR] [-s]\n"), progname);
1984 printf(_(" %s status [-D DATADIR]\n"), progname);
1985 printf(_(" %s promote [-D DATADIR] [-W] [-t SECS] [-s]\n"), progname);
1986 printf(_(" %s logrotate [-D DATADIR] [-s]\n"), progname);
1987 printf(_(" %s kill SIGNALNAME PID\n"), progname);
1988#ifdef WIN32
1989 printf(_(" %s register [-D DATADIR] [-N SERVICENAME] [-U USERNAME] [-P PASSWORD]\n"
1990 " [-S START-TYPE] [-e SOURCE] [-W] [-t SECS] [-s] [-o OPTIONS]\n"), progname);
1991 printf(_(" %s unregister [-N SERVICENAME]\n"), progname);
1992#endif
1993
1994 printf(_("\nCommon options:\n"));
1995 printf(_(" -D, --pgdata=DATADIR location of the database storage area\n"));
1996#ifdef WIN32
1997 printf(_(" -e SOURCE event source for logging when running as a service\n"));
1998#endif
1999 printf(_(" -s, --silent only print errors, no informational messages\n"));
2000 printf(_(" -t, --timeout=SECS seconds to wait when using -w option\n"));
2001 printf(_(" -V, --version output version information, then exit\n"));
2002 printf(_(" -w, --wait wait until operation completes (default)\n"));
2003 printf(_(" -W, --no-wait do not wait until operation completes\n"));
2004 printf(_(" -?, --help show this help, then exit\n"));
2005 printf(_("If the -D option is omitted, the environment variable PGDATA is used.\n"));
2006
2007 printf(_("\nOptions for start or restart:\n"));
2008#if defined(HAVE_GETRLIMIT)
2009 printf(_(" -c, --core-files allow postgres to produce core files\n"));
2010#else
2011 printf(_(" -c, --core-files not applicable on this platform\n"));
2012#endif
2013 printf(_(" -l, --log=FILENAME write (or append) server log to FILENAME\n"));
2014 printf(_(" -o, --options=OPTIONS command line options to pass to postgres\n"
2015 " (PostgreSQL server executable) or initdb\n"));
2016 printf(_(" -p PATH-TO-POSTGRES normally not necessary\n"));
2017 printf(_("\nOptions for stop or restart:\n"));
2018 printf(_(" -m, --mode=MODE MODE can be \"smart\", \"fast\", or \"immediate\"\n"));
2019
2020 printf(_("\nShutdown modes are:\n"));
2021 printf(_(" smart quit after all clients have disconnected\n"));
2022 printf(_(" fast quit directly, with proper shutdown (default)\n"));
2023 printf(_(" immediate quit without complete shutdown; will lead to recovery on restart\n"));
2024
2025 printf(_("\nAllowed signal names for kill:\n"));
2026 printf(" ABRT HUP INT KILL QUIT TERM USR1 USR2\n");
2027
2028#ifdef WIN32
2029 printf(_("\nOptions for register and unregister:\n"));
2030 printf(_(" -N SERVICENAME service name with which to register PostgreSQL server\n"));
2031 printf(_(" -P PASSWORD password of account to register PostgreSQL server\n"));
2032 printf(_(" -U USERNAME user name of account to register PostgreSQL server\n"));
2033 printf(_(" -S START-TYPE service start type to register PostgreSQL server\n"));
2034
2035 printf(_("\nStart types are:\n"));
2036 printf(_(" auto start service automatically during system startup (default)\n"));
2037 printf(_(" demand start service on demand\n"));
2038#endif
2039
2040 printf(_("\nReport bugs to <%s>.\n"), PACKAGE_BUGREPORT);
2041 printf(_("%s home page: <%s>\n"), PACKAGE_NAME, PACKAGE_URL);
2042}
2043
2044
2045
2046static void
2047set_mode(char *modeopt)
2048{
2049 if (strcmp(modeopt, "s") == 0 || strcmp(modeopt, "smart") == 0)
2050 {
2051 shutdown_mode = SMART_MODE;
2052 sig = SIGTERM;
2053 }
2054 else if (strcmp(modeopt, "f") == 0 || strcmp(modeopt, "fast") == 0)
2055 {
2056 shutdown_mode = FAST_MODE;
2057 sig = SIGINT;
2058 }
2059 else if (strcmp(modeopt, "i") == 0 || strcmp(modeopt, "immediate") == 0)
2060 {
2061 shutdown_mode = IMMEDIATE_MODE;
2062 sig = SIGQUIT;
2063 }
2064 else
2065 {
2066 write_stderr(_("%s: unrecognized shutdown mode \"%s\"\n"), progname, modeopt);
2067 do_advice();
2068 exit(1);
2069 }
2070}
2071
2072
2073
2074static void
2075set_sig(char *signame)
2076{
2077 if (strcmp(signame, "HUP") == 0)
2078 sig = SIGHUP;
2079 else if (strcmp(signame, "INT") == 0)
2080 sig = SIGINT;
2081 else if (strcmp(signame, "QUIT") == 0)
2082 sig = SIGQUIT;
2083 else if (strcmp(signame, "ABRT") == 0)
2084 sig = SIGABRT;
2085 else if (strcmp(signame, "KILL") == 0)
2086 sig = SIGKILL;
2087 else if (strcmp(signame, "TERM") == 0)
2088 sig = SIGTERM;
2089 else if (strcmp(signame, "USR1") == 0)
2090 sig = SIGUSR1;
2091 else if (strcmp(signame, "USR2") == 0)
2092 sig = SIGUSR2;
2093 else
2094 {
2095 write_stderr(_("%s: unrecognized signal name \"%s\"\n"), progname, signame);
2096 do_advice();
2097 exit(1);
2098 }
2099}
2100
2101
2102#ifdef WIN32
2103static void
2104set_starttype(char *starttypeopt)
2105{
2106 if (strcmp(starttypeopt, "a") == 0 || strcmp(starttypeopt, "auto") == 0)
2107 pgctl_start_type = SERVICE_AUTO_START;
2108 else if (strcmp(starttypeopt, "d") == 0 || strcmp(starttypeopt, "demand") == 0)
2109 pgctl_start_type = SERVICE_DEMAND_START;
2110 else
2111 {
2112 write_stderr(_("%s: unrecognized start type \"%s\"\n"), progname, starttypeopt);
2113 do_advice();
2114 exit(1);
2115 }
2116}
2117#endif
2118
2119/*
2120 * adjust_data_dir
2121 *
2122 * If a configuration-only directory was specified, find the real data dir.
2123 */
2124static void
2125adjust_data_dir(void)
2126{
2127 char filename[MAXPGPATH];
2128 char *my_exec_path,
2129 *cmd;
2130 FILE *fd;
2131
2132 /* do nothing if we're working without knowledge of data dir */
2133 if (pg_config == NULL)
2134 return;
2135
2136 /* If there is no postgresql.conf, it can't be a config-only dir */
2137 snprintf(filename, sizeof(filename), "%s/postgresql.conf", pg_config);
2138 if ((fd = fopen(filename, "r")) == NULL)
2139 return;
2140 fclose(fd);
2141
2142 /* If PG_VERSION exists, it can't be a config-only dir */
2143 snprintf(filename, sizeof(filename), "%s/PG_VERSION", pg_config);
2144 if ((fd = fopen(filename, "r")) != NULL)
2145 {
2146 fclose(fd);
2147 return;
2148 }
2149
2150 /* Must be a configuration directory, so find the data directory */
2151
2152 /* we use a private my_exec_path to avoid interfering with later uses */
2153 if (exec_path == NULL)
2154 my_exec_path = find_other_exec_or_die(argv0, "postgres", PG_BACKEND_VERSIONSTR);
2155 else
2156 my_exec_path = pg_strdup(exec_path);
2157
2158 /* it's important for -C to be the first option, see main.c */
2159 cmd = psprintf("\"%s\" -C data_directory %s%s",
2160 my_exec_path,
2161 pgdata_opt ? pgdata_opt : "",
2162 post_opts ? post_opts : "");
2163 fflush(NULL);
2164
2165 fd = popen(cmd, "r");
2166 if (fd == NULL || fgets(filename, sizeof(filename), fd) == NULL || pclose(fd) != 0)
2167 {
2168 write_stderr(_("%s: could not determine the data directory using command \"%s\"\n"), progname, cmd);
2169 exit(1);
2170 }
2171 free(my_exec_path);
2172
2173 /* strip trailing newline and carriage return */
2174 (void) pg_strip_crlf(filename);
2175
2176 free(pg_data);
2177 pg_data = pg_strdup(filename);
2178 canonicalize_path(pg_data);
2179}
2180
2181
2182static DBState
2183get_control_dbstate(void)
2184{
2185 DBState ret;
2186 bool crc_ok;
2187 ControlFileData *control_file_data = get_controlfile(pg_data, &crc_ok);
2188
2189 if (!crc_ok)
2190 {
2191 write_stderr(_("%s: control file appears to be corrupt\n"), progname);
2192 exit(1);
2193 }
2194
2195 ret = control_file_data->state;
2196 pfree(control_file_data);
2197 return ret;
2198}
2199
2200
2201int
2202main(int argc, char **argv)
2203{
2204 static struct option long_options[] = {
2205 {"help", no_argument, NULL, '?'},
2206 {"version", no_argument, NULL, 'V'},
2207 {"log", required_argument, NULL, 'l'},
2208 {"mode", required_argument, NULL, 'm'},
2209 {"pgdata", required_argument, NULL, 'D'},
2210 {"options", required_argument, NULL, 'o'},
2211 {"silent", no_argument, NULL, 's'},
2212 {"timeout", required_argument, NULL, 't'},
2213 {"core-files", no_argument, NULL, 'c'},
2214 {"wait", no_argument, NULL, 'w'},
2215 {"no-wait", no_argument, NULL, 'W'},
2216 {NULL, 0, NULL, 0}
2217 };
2218
2219 char *env_wait;
2220 int option_index;
2221 int c;
2222 pid_t killproc = 0;
2223
2224 pg_logging_init(argv[0]);
2225 progname = get_progname(argv[0]);
2226 set_pglocale_pgservice(argv[0], PG_TEXTDOMAIN("pg_ctl"));
2227 start_time = time(NULL);
2228
2229 /*
2230 * save argv[0] so do_start() can look for the postmaster if necessary. we
2231 * don't look for postmaster here because in many cases we won't need it.
2232 */
2233 argv0 = argv[0];
2234
2235 /* Set restrictive mode mask until PGDATA permissions are checked */
2236 umask(PG_MODE_MASK_OWNER);
2237
2238 /* support --help and --version even if invoked as root */
2239 if (argc > 1)
2240 {
2241 if (strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") == 0)
2242 {
2243 do_help();
2244 exit(0);
2245 }
2246 else if (strcmp(argv[1], "--version") == 0 || strcmp(argv[1], "-V") == 0)
2247 {
2248 puts("pg_ctl (PostgreSQL) " PG_VERSION);
2249 exit(0);
2250 }
2251 }
2252
2253 /*
2254 * Disallow running as root, to forestall any possible security holes.
2255 */
2256#ifndef WIN32
2257 if (geteuid() == 0)
2258 {
2259 write_stderr(_("%s: cannot be run as root\n"
2260 "Please log in (using, e.g., \"su\") as the "
2261 "(unprivileged) user that will\n"
2262 "own the server process.\n"),
2263 progname);
2264 exit(1);
2265 }
2266#endif
2267
2268 env_wait = getenv("PGCTLTIMEOUT");
2269 if (env_wait != NULL)
2270 wait_seconds = atoi(env_wait);
2271
2272 /* process command-line options */
2273 while ((c = getopt_long(argc, argv, "cD:e:l:m:N:o:p:P:sS:t:U:wW",
2274 long_options, &option_index)) != -1)
2275 {
2276 switch (c)
2277 {
2278 case 'D':
2279 {
2280 char *pgdata_D;
2281
2282 pgdata_D = pg_strdup(optarg);
2283 canonicalize_path(pgdata_D);
2284 setenv("PGDATA", pgdata_D, 1);
2285
2286 /*
2287 * We could pass PGDATA just in an environment variable
2288 * but we do -D too for clearer postmaster 'ps' display
2289 */
2290 pgdata_opt = psprintf("-D \"%s\" ", pgdata_D);
2291 free(pgdata_D);
2292 break;
2293 }
2294 case 'e':
2295 event_source = pg_strdup(optarg);
2296 break;
2297 case 'l':
2298 log_file = pg_strdup(optarg);
2299 break;
2300 case 'm':
2301 set_mode(optarg);
2302 break;
2303 case 'N':
2304 register_servicename = pg_strdup(optarg);
2305 break;
2306 case 'o':
2307 /* append option? */
2308 if (!post_opts)
2309 post_opts = pg_strdup(optarg);
2310 else
2311 {
2312 char *old_post_opts = post_opts;
2313
2314 post_opts = psprintf("%s %s", old_post_opts, optarg);
2315 free(old_post_opts);
2316 }
2317 break;
2318 case 'p':
2319 exec_path = pg_strdup(optarg);
2320 break;
2321 case 'P':
2322 register_password = pg_strdup(optarg);
2323 break;
2324 case 's':
2325 silent_mode = true;
2326 break;
2327 case 'S':
2328#ifdef WIN32
2329 set_starttype(optarg);
2330#else
2331 write_stderr(_("%s: -S option not supported on this platform\n"),
2332 progname);
2333 exit(1);
2334#endif
2335 break;
2336 case 't':
2337 wait_seconds = atoi(optarg);
2338 wait_seconds_arg = true;
2339 break;
2340 case 'U':
2341 if (strchr(optarg, '\\'))
2342 register_username = pg_strdup(optarg);
2343 else
2344 /* Prepend .\ for local accounts */
2345 register_username = psprintf(".\\%s", optarg);
2346 break;
2347 case 'w':
2348 do_wait = true;
2349 break;
2350 case 'W':
2351 do_wait = false;
2352 break;
2353 case 'c':
2354 allow_core_files = true;
2355 break;
2356 default:
2357 /* getopt_long already issued a suitable error message */
2358 do_advice();
2359 exit(1);
2360 }
2361 }
2362
2363 /* Process an action */
2364 if (optind < argc)
2365 {
2366 if (strcmp(argv[optind], "init") == 0
2367 || strcmp(argv[optind], "initdb") == 0)
2368 ctl_command = INIT_COMMAND;
2369 else if (strcmp(argv[optind], "start") == 0)
2370 ctl_command = START_COMMAND;
2371 else if (strcmp(argv[optind], "stop") == 0)
2372 ctl_command = STOP_COMMAND;
2373 else if (strcmp(argv[optind], "restart") == 0)
2374 ctl_command = RESTART_COMMAND;
2375 else if (strcmp(argv[optind], "reload") == 0)
2376 ctl_command = RELOAD_COMMAND;
2377 else if (strcmp(argv[optind], "status") == 0)
2378 ctl_command = STATUS_COMMAND;
2379 else if (strcmp(argv[optind], "promote") == 0)
2380 ctl_command = PROMOTE_COMMAND;
2381 else if (strcmp(argv[optind], "logrotate") == 0)
2382 ctl_command = LOGROTATE_COMMAND;
2383 else if (strcmp(argv[optind], "kill") == 0)
2384 {
2385 if (argc - optind < 3)
2386 {
2387 write_stderr(_("%s: missing arguments for kill mode\n"), progname);
2388 do_advice();
2389 exit(1);
2390 }
2391 ctl_command = KILL_COMMAND;
2392 set_sig(argv[++optind]);
2393 killproc = atol(argv[++optind]);
2394 }
2395#ifdef WIN32
2396 else if (strcmp(argv[optind], "register") == 0)
2397 ctl_command = REGISTER_COMMAND;
2398 else if (strcmp(argv[optind], "unregister") == 0)
2399 ctl_command = UNREGISTER_COMMAND;
2400 else if (strcmp(argv[optind], "runservice") == 0)
2401 ctl_command = RUN_AS_SERVICE_COMMAND;
2402#endif
2403 else
2404 {
2405 write_stderr(_("%s: unrecognized operation mode \"%s\"\n"), progname, argv[optind]);
2406 do_advice();
2407 exit(1);
2408 }
2409 optind++;
2410 }
2411
2412 if (optind < argc)
2413 {
2414 write_stderr(_("%s: too many command-line arguments (first is \"%s\")\n"), progname, argv[optind]);
2415 do_advice();
2416 exit(1);
2417 }
2418
2419 if (ctl_command == NO_COMMAND)
2420 {
2421 write_stderr(_("%s: no operation specified\n"), progname);
2422 do_advice();
2423 exit(1);
2424 }
2425
2426 /* Note we put any -D switch into the env var above */
2427 pg_config = getenv("PGDATA");
2428 if (pg_config)
2429 {
2430 pg_config = pg_strdup(pg_config);
2431 canonicalize_path(pg_config);
2432 pg_data = pg_strdup(pg_config);
2433 }
2434
2435 /* -D might point at config-only directory; if so find the real PGDATA */
2436 adjust_data_dir();
2437
2438 /* Complain if -D needed and not provided */
2439 if (pg_config == NULL &&
2440 ctl_command != KILL_COMMAND && ctl_command != UNREGISTER_COMMAND)
2441 {
2442 write_stderr(_("%s: no database directory specified and environment variable PGDATA unset\n"),
2443 progname);
2444 do_advice();
2445 exit(1);
2446 }
2447
2448 if (ctl_command == RELOAD_COMMAND)
2449 {
2450 sig = SIGHUP;
2451 do_wait = false;
2452 }
2453
2454 if (pg_data)
2455 {
2456 snprintf(postopts_file, MAXPGPATH, "%s/postmaster.opts", pg_data);
2457 snprintf(version_file, MAXPGPATH, "%s/PG_VERSION", pg_data);
2458 snprintf(pid_file, MAXPGPATH, "%s/postmaster.pid", pg_data);
2459
2460 /*
2461 * Set mask based on PGDATA permissions,
2462 *
2463 * Don't error here if the data directory cannot be stat'd. This is
2464 * handled differently based on the command and we don't want to
2465 * interfere with that logic.
2466 */
2467 if (GetDataDirectoryCreatePerm(pg_data))
2468 umask(pg_mode_mask);
2469 }
2470
2471 switch (ctl_command)
2472 {
2473 case INIT_COMMAND:
2474 do_init();
2475 break;
2476 case STATUS_COMMAND:
2477 do_status();
2478 break;
2479 case START_COMMAND:
2480 do_start();
2481 break;
2482 case STOP_COMMAND:
2483 do_stop();
2484 break;
2485 case RESTART_COMMAND:
2486 do_restart();
2487 break;
2488 case RELOAD_COMMAND:
2489 do_reload();
2490 break;
2491 case PROMOTE_COMMAND:
2492 do_promote();
2493 break;
2494 case LOGROTATE_COMMAND:
2495 do_logrotate();
2496 break;
2497 case KILL_COMMAND:
2498 do_kill(killproc);
2499 break;
2500#ifdef WIN32
2501 case REGISTER_COMMAND:
2502 pgwin32_doRegister();
2503 break;
2504 case UNREGISTER_COMMAND:
2505 pgwin32_doUnregister();
2506 break;
2507 case RUN_AS_SERVICE_COMMAND:
2508 pgwin32_doRunAsService();
2509 break;
2510#endif
2511 default:
2512 break;
2513 }
2514
2515 exit(0);
2516}
write_stderr
#define write_stderr(str)
Definition parallel.c:186
SIGNAL_ARGS
#define SIGNAL_ARGS
Definition c.h:1357
PG_TEXTDOMAIN
#define PG_TEXTDOMAIN(domain)
Definition c.h:1203
PG_BINARY
#define PG_BINARY
Definition c.h:1281
pg_attribute_printf
#define pg_attribute_printf(f, a)
Definition c.h:242
StaticAssertDecl
#define StaticAssertDecl(condition, errmessage)
Definition c.h:942
find_my_exec
int find_my_exec(const char *argv0, char *retpath)
Definition exec.c:161
set_pglocale_pgservice
void set_pglocale_pgservice(const char *argv0, const char *app)
Definition exec.c:430
find_other_exec
int find_other_exec(const char *argv0, const char *target, const char *versionstr, char *retpath)
Definition exec.c:311
main
int main(void)
Definition compat_informix-charfuncs.c:16
get_controlfile
ControlFileData * get_controlfile(const char *DataDir, bool *crc_ok_p)
Definition controldata_utils.c:52
controldata_utils.h
USECS_PER_SEC
#define USECS_PER_SEC
Definition timestamp.h:134
_
#define _(x)
Definition elog.c:91
pg_malloc
void * pg_malloc(size_t size)
Definition fe_memutils.c:47
pg_malloc_extended
void * pg_malloc_extended(size_t size, int flags)
Definition fe_memutils.c:59
pg_strdup
char * pg_strdup(const char *in)
Definition fe_memutils.c:85
MCXT_ALLOC_NO_OOM
#define MCXT_ALLOC_NO_OOM
Definition fe_memutils.h:29
pg_mode_mask
int pg_mode_mask
Definition file_perm.c:25
file_perm.h
GetDataDirectoryCreatePerm
bool GetDataDirectoryCreatePerm(const char *dataDir)
PG_MODE_MASK_OWNER
#define PG_MODE_MASK_OWNER
Definition file_perm.h:24
getopt_long.h
getopt_long
int getopt_long(int argc, char *const argv[], const char *optstring, const struct option *longopts, int *longindex)
Definition getopt_long.c:60
no_argument
#define no_argument
Definition getopt_long.h:25
required_argument
#define required_argument
Definition getopt_long.h:26
my_exec_path
char my_exec_path[MAXPGPATH]
Definition globals.c:81
close
#define close(a)
Definition win32.h:12
read
#define read(a, b, c)
Definition win32.h:13
b
int b
Definition isn.c:74
j
int j
Definition isn.c:78
i
int i
Definition isn.c:77
pg_logging_init
void pg_logging_init(const char *argv0)
Definition logging.c:83
pfree
void pfree(void *pointer)
Definition mcxt.c:1616
MAXPGPATH
#define MAXPGPATH
Definition pg_config_manual.h:105
DEFAULT_EVENT_SOURCE
#define DEFAULT_EVENT_SOURCE
Definition pg_config_manual.h:206
pg_control.h
DBState
DBState
Definition pg_control.h:92
DB_IN_PRODUCTION
@ DB_IN_PRODUCTION
Definition pg_control.h:99
DB_IN_ARCHIVE_RECOVERY
@ DB_IN_ARCHIVE_RECOVERY
Definition pg_control.h:98
DB_SHUTDOWNED_IN_RECOVERY
@ DB_SHUTDOWNED_IN_RECOVERY
Definition pg_control.h:95
len
const void size_t len
Definition pg_crc32c_sse42.c:28
post_opts
static char * post_opts
Definition pg_ctl.c:86
read_post_opts
static void read_post_opts(void)
Definition pg_ctl.c:803
do_advice
static void static void do_advice(void)
Definition pg_ctl.c:1965
WAITS_PER_SEC
#define WAITS_PER_SEC
Definition pg_ctl.c:72
pgdata_opt
static char * pgdata_opt
Definition pg_ctl.c:85
do_reload
static void do_reload(void)
Definition pg_ctl.c:1150
wait_for_postmaster_start
static WaitPMResult wait_for_postmaster_start(pid_t pm_pid, bool do_checkpoint)
Definition pg_ctl.c:594
do_help
static void do_help(void)
Definition pg_ctl.c:1973
free_readfile
static void free_readfile(char **optlines)
Definition pg_ctl.c:411
register_username
static char * register_username
Definition pg_ctl.c:92
event_source
static char * event_source
Definition pg_ctl.c:90
trap_sigint_during_startup
static void trap_sigint_during_startup(SIGNAL_ARGS)
Definition pg_ctl.c:858
postmasterPID
static volatile pid_t postmasterPID
Definition pg_ctl.c:104
adjust_data_dir
static void adjust_data_dir(void)
Definition pg_ctl.c:2125
register_servicename
static char * register_servicename
Definition pg_ctl.c:91
version_file
static char version_file[MAXPGPATH]
Definition pg_ctl.c:99
get_pgpid
static pid_t get_pgpid(bool is_status_request)
Definition pg_ctl.c:247
allow_core_files
static bool allow_core_files
Definition pg_ctl.c:95
find_other_exec_or_die
static char * find_other_exec_or_die(const char *argv0, const char *target, const char *versionstr)
Definition pg_ctl.c:876
readfile
static char ** readfile(const char *path, int *numlines)
Definition pg_ctl.c:315
DEFAULT_WAIT
#define DEFAULT_WAIT
Definition pg_ctl.c:70
wait_for_postmaster_promote
static bool wait_for_postmaster_promote(void)
Definition pg_ctl.c:755
postopts_file
static char postopts_file[MAXPGPATH]
Definition pg_ctl.c:98
unlimit_core_size
static void unlimit_core_size(void)
Definition pg_ctl.c:783
WaitPMResult
WaitPMResult
Definition pg_ctl.c:46
POSTMASTER_SHUTDOWN_IN_RECOVERY
@ POSTMASTER_SHUTDOWN_IN_RECOVERY
Definition pg_ctl.c:49
POSTMASTER_FAILED
@ POSTMASTER_FAILED
Definition pg_ctl.c:50
POSTMASTER_READY
@ POSTMASTER_READY
Definition pg_ctl.c:47
POSTMASTER_STILL_STARTING
@ POSTMASTER_STILL_STARTING
Definition pg_ctl.c:48
sig
static int sig
Definition pg_ctl.c:81
set_mode
static void set_mode(char *modeopt)
Definition pg_ctl.c:2047
promote_file
static char promote_file[MAXPGPATH]
Definition pg_ctl.c:101
pg_config
static char * pg_config
Definition pg_ctl.c:84
do_start
static void do_start(void)
Definition pg_ctl.c:932
get_control_dbstate
static DBState get_control_dbstate(void)
Definition pg_ctl.c:2183
do_logrotate
static void do_logrotate(void)
Definition pg_ctl.c:1268
do_stop
static void do_stop(void)
Definition pg_ctl.c:1028
pid_file
static char pid_file[MAXPGPATH]
Definition pg_ctl.c:100
pg_data
static char * pg_data
Definition pg_ctl.c:83
register_password
static char * register_password
Definition pg_ctl.c:93
ctl_command
static CtlCommand ctl_command
Definition pg_ctl.c:82
silent_mode
static bool silent_mode
Definition pg_ctl.c:79
ShutdownMode
ShutdownMode
Definition pg_ctl.c:39
FAST_MODE
@ FAST_MODE
Definition pg_ctl.c:41
IMMEDIATE_MODE
@ IMMEDIATE_MODE
Definition pg_ctl.c:42
SMART_MODE
@ SMART_MODE
Definition pg_ctl.c:40
do_init
static void do_init(void)
Definition pg_ctl.c:903
argv0
static char * argv0
Definition pg_ctl.c:94
print_msg
static void print_msg(const char *msg)
Definition pg_ctl.c:237
wait_seconds
static int wait_seconds
Definition pg_ctl.c:77
CtlCommand
CtlCommand
Definition pg_ctl.c:54
REGISTER_COMMAND
@ REGISTER_COMMAND
Definition pg_ctl.c:65
RUN_AS_SERVICE_COMMAND
@ RUN_AS_SERVICE_COMMAND
Definition pg_ctl.c:67
LOGROTATE_COMMAND
@ LOGROTATE_COMMAND
Definition pg_ctl.c:63
RESTART_COMMAND
@ RESTART_COMMAND
Definition pg_ctl.c:59
UNREGISTER_COMMAND
@ UNREGISTER_COMMAND
Definition pg_ctl.c:66
START_COMMAND
@ START_COMMAND
Definition pg_ctl.c:57
KILL_COMMAND
@ KILL_COMMAND
Definition pg_ctl.c:64
INIT_COMMAND
@ INIT_COMMAND
Definition pg_ctl.c:56
STOP_COMMAND
@ STOP_COMMAND
Definition pg_ctl.c:58
STATUS_COMMAND
@ STATUS_COMMAND
Definition pg_ctl.c:61
NO_COMMAND
@ NO_COMMAND
Definition pg_ctl.c:55
PROMOTE_COMMAND
@ PROMOTE_COMMAND
Definition pg_ctl.c:62
RELOAD_COMMAND
@ RELOAD_COMMAND
Definition pg_ctl.c:60
postmaster_is_alive
static bool postmaster_is_alive(pid_t pid)
Definition pg_ctl.c:1325
start_postmaster
static pid_t start_postmaster(void)
Definition pg_ctl.c:441
do_restart
static void do_restart(void)
Definition pg_ctl.c:1086
wait_seconds_arg
static bool wait_seconds_arg
Definition pg_ctl.c:78
log_file
static char * log_file
Definition pg_ctl.c:88
wait_for_postmaster_stop
static bool wait_for_postmaster_stop(void)
Definition pg_ctl.c:718
do_promote
static void do_promote(void)
Definition pg_ctl.c:1187
start_time
static time_t start_time
Definition pg_ctl.c:96
set_sig
static void set_sig(char *signame)
Definition pg_ctl.c:2075
progname
static const char * progname
Definition pg_ctl.c:87
do_status
static void do_status(void)
Definition pg_ctl.c:1349
logrotate_file
static char logrotate_file[MAXPGPATH]
Definition pg_ctl.c:102
exec_path
static char * exec_path
Definition pg_ctl.c:89
do_kill
static void do_kill(pid_t pid)
Definition pg_ctl.c:1406
shutdown_mode
static ShutdownMode shutdown_mode
Definition pg_ctl.c:80
do_wait
static bool do_wait
Definition pg_ctl.c:76
filename
static char * filename
Definition pg_dumpall.c:120
optind
PGDLLIMPORT int optind
Definition getopt.c:51
optarg
PGDLLIMPORT char * optarg
Definition getopt.c:53
PM_STATUS_READY
#define PM_STATUS_READY
Definition pidfile.h:53
PM_STATUS_STANDBY
#define PM_STATUS_STANDBY
Definition pidfile.h:54
LOCK_FILE_LINE_START_TIME
#define LOCK_FILE_LINE_START_TIME
Definition pidfile.h:39
LOCK_FILE_LINE_PM_STATUS
#define LOCK_FILE_LINE_PM_STATUS
Definition pidfile.h:44
LOCK_FILE_LINE_PID
#define LOCK_FILE_LINE_PID
Definition pidfile.h:37
vsnprintf
#define vsnprintf
Definition port.h:259
pqsignal
#define pqsignal
Definition port.h:547
pg_strcasecmp
int pg_strcasecmp(const char *s1, const char *s2)
Definition pgstrcasecmp.c:32
sprintf
#define sprintf
Definition port.h:262
canonicalize_path
void canonicalize_path(char *path)
Definition path.c:337
vfprintf
#define vfprintf
Definition port.h:263
make_native_path
void make_native_path(char *filename)
Definition path.c:236
snprintf
#define snprintf
Definition port.h:260
DEVNULL
#define DEVNULL
Definition port.h:161
PG_BACKEND_VERSIONSTR
#define PG_BACKEND_VERSIONSTR
Definition port.h:144
make_absolute_path
char * make_absolute_path(const char *path)
Definition path.c:807
get_progname
const char * get_progname(const char *argv0)
Definition path.c:652
printf
#define printf(...)
Definition port.h:266
strlcpy
size_t strlcpy(char *dst, const char *src, size_t siz)
Definition strlcpy.c:45
postgres_fe.h
createPQExpBuffer
PQExpBuffer createPQExpBuffer(void)
Definition pqexpbuffer.c:72
appendPQExpBuffer
void appendPQExpBuffer(PQExpBuffer str, const char *fmt,...)
Definition pqexpbuffer.c:265
appendPQExpBufferStr
void appendPQExpBufferStr(PQExpBuffer str, const char *data)
Definition pqexpbuffer.c:367
c
char * c
Definition preproc-cursor.c:31
fd
static int fd(const char *x, int i)
Definition preproc-init.c:105
fb
static int fb(int x)
Definition preproc-init.c:92
psprintf
char * psprintf(const char *fmt,...)
Definition psprintf.c:43
pg_usleep
void pg_usleep(long microsec)
Definition signal.c:53
free
#define free(a)
Definition snowball_runtime.h:65
pg_strip_crlf
int pg_strip_crlf(char *str)
Definition string.c:154
SIGHUP
#define SIGHUP
Definition win32_port.h:158
stat
#define stat
Definition win32_port.h:74
SIGQUIT
#define SIGQUIT
Definition win32_port.h:159
AddUserToTokenDacl
BOOL AddUserToTokenDacl(HANDLE hToken)
kill
#define kill(pid, sig)
Definition win32_port.h:490
SIGUSR1
#define SIGUSR1
Definition win32_port.h:170
fstat
#define fstat
Definition win32_port.h:73
SIGABRT
#define SIGABRT
Definition win32_port.h:161
setenv
#define setenv(x, y, z)
Definition win32_port.h:542
pgwin32_is_service
int pgwin32_is_service(void)
Definition win32security.c:120
SIGUSR2
#define SIGUSR2
Definition win32_port.h:171
SIGKILL
#define SIGKILL
Definition win32_port.h:162