server.c

Go to the documentation of this file.

/*
 *  server.c
 *
 *  database server functions
 *
 *  Copyright (c) 2010-2025, PostgreSQL Global Development Group
 *  src/bin/pg_upgrade/server.c
 */
 
#include "postgres_fe.h"
 
#include "common/connect.h"
#include "fe_utils/string_utils.h"
#include "libpq/pqcomm.h"
#include "pg_upgrade.h"
 
static PGconn *get_db_conn(ClusterInfo *cluster, const char *db_name);
 
 
/*
 * connectToServer()
 *
 *  Connects to the desired database on the designated server.
 *  If the connection attempt fails, this function logs an error
 *  message and calls exit() to kill the program.
 */
PGconn *
connectToServer(ClusterInfo *cluster, const char *db_name)
{
    PGconn     *conn = get_db_conn(cluster, db_name);
 
    if (conn == NULL || PQstatus(conn) != CONNECTION_OK)
    {
        pg_log(PG_REPORT, "%s", PQerrorMessage(conn));
 
        if (conn)
            PQfinish(conn);
 
        printf(_("Failure, exiting\n"));
        exit(1);
    }
 
    PQclear(executeQueryOrDie(conn, ALWAYS_SECURE_SEARCH_PATH_SQL));
 
    return conn;
}
 
 
/*
 * get_db_conn()
 *
 * get database connection, using named database + standard params for cluster
 *
 * Caller must check for connection failure!
 */
static PGconn *
get_db_conn(ClusterInfo *cluster, const char *db_name)
{
    PQExpBufferData conn_opts;
    PGconn     *conn;
 
    /* Build connection string with proper quoting */
    initPQExpBuffer(&conn_opts);
    appendPQExpBufferStr(&conn_opts, "dbname=");
    appendConnStrVal(&conn_opts, db_name);
    appendPQExpBufferStr(&conn_opts, " user=");
    appendConnStrVal(&conn_opts, os_info.user);
    appendPQExpBuffer(&conn_opts, " port=%d", cluster->port);
    if (cluster->sockdir)
    {
        appendPQExpBufferStr(&conn_opts, " host=");
        appendConnStrVal(&conn_opts, cluster->sockdir);
    }
 
    conn = PQconnectdb(conn_opts.data);
    termPQExpBuffer(&conn_opts);
    return conn;
}
 
 
/*
 * cluster_conn_opts()
 *
 * Return standard command-line options for connecting to this cluster when
 * using psql, pg_dump, etc.  Ideally this would match what get_db_conn()
 * sets, but the utilities we need aren't very consistent about the treatment
 * of database name options, so we leave that out.
 *
 * Result is valid until the next call to this function.
 */
char *
cluster_conn_opts(ClusterInfo *cluster)
{
    static PQExpBuffer buf;
 
    if (buf == NULL)
        buf = createPQExpBuffer();
    else
        resetPQExpBuffer(buf);
 
    if (cluster->sockdir)
    {
        appendPQExpBufferStr(buf, "--host ");
        appendShellString(buf, cluster->sockdir);
        appendPQExpBufferChar(buf, ' ');
    }
    appendPQExpBuffer(buf, "--port %d --username ", cluster->port);
    appendShellString(buf, os_info.user);
 
    return buf->data;
}
 
 
/*
 * executeQueryOrDie()
 *
 *  Formats a query string from the given arguments and executes the
 *  resulting query.  If the query fails, this function logs an error
 *  message and calls exit() to kill the program.
 */
PGresult *
executeQueryOrDie(PGconn *conn, const char *fmt,...)
{
    static char query[QUERY_ALLOC];
    va_list     args;
    PGresult   *result;
    ExecStatusType status;
 
    va_start(args, fmt);
    vsnprintf(query, sizeof(query), fmt, args);
    va_end(args);
 
    pg_log(PG_VERBOSE, "executing: %s", query);
    result = PQexec(conn, query);
    status = PQresultStatus(result);
 
    if ((status != PGRES_TUPLES_OK) && (status != PGRES_COMMAND_OK))
    {
        pg_log(PG_REPORT, "SQL command failed\n%s\n%s", query,
               PQerrorMessage(conn));
        PQclear(result);
        PQfinish(conn);
        printf(_("Failure, exiting\n"));
        exit(1);
    }
    else
        return result;
}
 
 
/*
 * get_major_server_version()
 *
 * gets the version (in unsigned int form) for the given datadir. Assumes
 * that datadir is an absolute path to a valid pgdata directory. The version
 * is retrieved by reading the PG_VERSION file.
 */
uint32
get_major_server_version(ClusterInfo *cluster)
{
    FILE       *version_fd;
    char        ver_filename[MAXPGPATH];
    int         v1 = 0,
                v2 = 0;
 
    snprintf(ver_filename, sizeof(ver_filename), "%s/PG_VERSION",
             cluster->pgdata);
    if ((version_fd = fopen(ver_filename, "r")) == NULL)
        pg_fatal("could not open version file \"%s\": %m", ver_filename);
 
    if (fscanf(version_fd, "%63s", cluster->major_version_str) == 0 ||
        sscanf(cluster->major_version_str, "%d.%d", &v1, &v2) < 1)
        pg_fatal("could not parse version file \"%s\"", ver_filename);
 
    fclose(version_fd);
 
    if (v1 < 10)
    {
        /* old style, e.g. 9.6.1 */
        return v1 * 10000 + v2 * 100;
    }
    else
    {
        /* new style, e.g. 10.1 */
        return v1 * 10000;
    }
}
 
 
static void
stop_postmaster_atexit(void)
{
    stop_postmaster(true);
}
 
 
bool
start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error)
{
    char        cmd[MAXPGPATH * 4 + 1000];
    PGconn     *conn;
    bool        pg_ctl_return = false;
    char        socket_string[MAXPGPATH + 200];
    PQExpBufferData pgoptions;
 
    static bool exit_hook_registered = false;
 
    if (!exit_hook_registered)
    {
        atexit(stop_postmaster_atexit);
        exit_hook_registered = true;
    }
 
    socket_string[0] = '\0';
 
#if !defined(WIN32)
    /* prevent TCP/IP connections, restrict socket access */
    strcat(socket_string,
           " -c listen_addresses='' -c unix_socket_permissions=0700");
 
    /* Have a sockdir?  Tell the postmaster. */
    if (cluster->sockdir)
        snprintf(socket_string + strlen(socket_string),
                 sizeof(socket_string) - strlen(socket_string),
                 " -c %s='%s'",
                 (GET_MAJOR_VERSION(cluster->major_version) <= 902) ?
                 "unix_socket_directory" : "unix_socket_directories",
                 cluster->sockdir);
#endif
 
    initPQExpBuffer(&pgoptions);
 
    /*
     * Construct a parameter string which is passed to the server process.
     *
     * Turn off durability requirements to improve object creation speed, and
     * we only modify the new cluster, so only use it there.  If there is a
     * crash, the new cluster has to be recreated anyway.  fsync=off is a big
     * win on ext4.
     */
    if (cluster == &new_cluster)
        appendPQExpBufferStr(&pgoptions, " -c synchronous_commit=off -c fsync=off -c full_page_writes=off");
 
    /*
     * Use max_slot_wal_keep_size as -1 to prevent the WAL removal by the
     * checkpointer process.  If WALs required by logical replication slots
     * are removed, the slots are unusable.  This setting prevents the
     * invalidation of slots during the upgrade. We set this option when
     * cluster is PG17 or later because logical replication slots can only be
     * migrated since then. Besides, max_slot_wal_keep_size is added in PG13.
     */
    if (GET_MAJOR_VERSION(cluster->major_version) >= 1700)
        appendPQExpBufferStr(&pgoptions, " -c max_slot_wal_keep_size=-1");
 
    /*
     * Use -b to disable autovacuum and logical replication launcher
     * (effective in PG17 or later for the latter).
     */
    snprintf(cmd, sizeof(cmd),
             "\"%s/pg_ctl\" -w -l \"%s/%s\" -D \"%s\" -o \"-p %d -b%s %s%s\" start",
             cluster->bindir,
             log_opts.logdir,
             SERVER_LOG_FILE, cluster->pgconfig, cluster->port,
             pgoptions.data,
             cluster->pgopts ? cluster->pgopts : "", socket_string);
 
    termPQExpBuffer(&pgoptions);
 
    /*
     * Don't throw an error right away, let connecting throw the error because
     * it might supply a reason for the failure.
     */
    pg_ctl_return = exec_prog(SERVER_START_LOG_FILE,
    /* pass both file names if they differ */
                              (strcmp(SERVER_LOG_FILE,
                                      SERVER_START_LOG_FILE) != 0) ?
                              SERVER_LOG_FILE : NULL,
                              report_and_exit_on_error, false,
                              "%s", cmd);
 
    /* Did it fail and we are just testing if the server could be started? */
    if (!pg_ctl_return && !report_and_exit_on_error)
        return false;
 
    /*
     * We set this here to make sure atexit() shuts down the server, but only
     * if we started the server successfully.  We do it before checking for
     * connectivity in case the server started but there is a connectivity
     * failure.  If pg_ctl did not return success, we will exit below.
     *
     * Pre-9.1 servers do not have PQping(), so we could be leaving the server
     * running if authentication was misconfigured, so someday we might went
     * to be more aggressive about doing server shutdowns even if pg_ctl
     * fails, but now (2013-08-14) it seems prudent to be cautious.  We don't
     * want to shutdown a server that might have been accidentally started
     * during the upgrade.
     */
    if (pg_ctl_return)
        os_info.running_cluster = cluster;
 
    /*
     * pg_ctl -w might have failed because the server couldn't be started, or
     * there might have been a connection problem in _checking_ if the server
     * has started.  Therefore, even if pg_ctl failed, we continue and test
     * for connectivity in case we get a connection reason for the failure.
     */
    if ((conn = get_db_conn(cluster, "template1")) == NULL ||
        PQstatus(conn) != CONNECTION_OK)
    {
        pg_log(PG_REPORT, "\n%s", PQerrorMessage(conn));
        if (conn)
            PQfinish(conn);
        if (cluster == &old_cluster)
            pg_fatal("could not connect to source postmaster started with the command:\n"
                     "%s",
                     cmd);
        else
            pg_fatal("could not connect to target postmaster started with the command:\n"
                     "%s",
                     cmd);
    }
    PQfinish(conn);
 
    /*
     * If pg_ctl failed, and the connection didn't fail, and
     * report_and_exit_on_error is enabled, fail now.  This could happen if
     * the server was already running.
     */
    if (!pg_ctl_return)
    {
        if (cluster == &old_cluster)
            pg_fatal("pg_ctl failed to start the source server, or connection failed");
        else
            pg_fatal("pg_ctl failed to start the target server, or connection failed");
    }
 
    return true;
}
 
 
void
stop_postmaster(bool in_atexit)
{
    ClusterInfo *cluster;
 
    if (os_info.running_cluster == &old_cluster)
        cluster = &old_cluster;
    else if (os_info.running_cluster == &new_cluster)
        cluster = &new_cluster;
    else
        return;                 /* no cluster running */
 
    exec_prog(SERVER_STOP_LOG_FILE, NULL, !in_atexit, !in_atexit,
              "\"%s/pg_ctl\" -w -D \"%s\" -o \"%s\" %s stop",
              cluster->bindir, cluster->pgconfig,
              cluster->pgopts ? cluster->pgopts : "",
              in_atexit ? "-m fast" : "-m smart");
 
    os_info.running_cluster = NULL;
}
 
 
/*
 * check_pghost_envvar()
 *
 * Tests that PGHOST does not point to a non-local server
 */
void
check_pghost_envvar(void)
{
    PQconninfoOption *option;
    PQconninfoOption *start;
 
    /* Get valid libpq env vars from the PQconndefaults function */
 
    start = PQconndefaults();
 
    if (!start)
        pg_fatal("out of memory");
 
    for (option = start; option->keyword != NULL; option++)
    {
        if (option->envvar && (strcmp(option->envvar, "PGHOST") == 0 ||
                               strcmp(option->envvar, "PGHOSTADDR") == 0))
        {
            const char *value = getenv(option->envvar);
 
            if (value && strlen(value) > 0 &&
            /* check for 'local' host values */
                (strcmp(value, "localhost") != 0 && strcmp(value, "127.0.0.1") != 0 &&
                 strcmp(value, "::1") != 0 && !is_unixsock_path(value)))
                pg_fatal("libpq environment variable %s has a non-local server value: %s",
                         option->envvar, value);
        }
    }
 
    /* Free the memory that libpq allocated on our behalf */
    PQconninfoFree(start);
}