/*-------------------------------------------------------------------------
*
- * dbcommands.c--
+ * dbcommands.c
*
*
- * Copyright (c) 1994, Regents of the University of California
+ * Portions Copyright (c) 1996-2001, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
*
*
* IDENTIFICATION
- * $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.10 1998/04/05 21:04:12 momjian Exp $
+ * $Header: /cvsroot/pgsql/src/backend/commands/dbcommands.c,v 1.74 2001/03/22 03:59:22 momjian Exp $
*
*-------------------------------------------------------------------------
*/
-#include <stdio.h>
-#include <string.h>
-#include <signal.h>
+#include "postgres.h"
+
+#include <errno.h>
+#include <fcntl.h>
+#include <unistd.h>
#include <sys/stat.h>
+#include <sys/types.h>
-#include "postgres.h"
-#include "miscadmin.h" /* for DataDir */
#include "access/heapam.h"
-#include "access/htup.h"
-#include "access/relscan.h"
-#include "utils/rel.h"
-#include "utils/elog.h"
#include "catalog/catname.h"
-#include "catalog/pg_proc.h"
-#include "catalog/pg_shadow.h"
+#include "catalog/catalog.h"
#include "catalog/pg_database.h"
-#include "utils/syscache.h"
+#include "catalog/pg_shadow.h"
+#include "commands/comment.h"
#include "commands/dbcommands.h"
-#include "tcop/tcopprot.h"
-#include "storage/bufmgr.h"
-#include "storage/lmgr.h"
-#include "storage/fd.h"
+#include "miscadmin.h"
+#include "storage/sinval.h" /* for DatabaseHasActiveBackends */
+#include "utils/builtins.h"
+#include "utils/fmgroids.h"
+#include "utils/syscache.h"
/* non-export function prototypes */
-static void
-check_permissions(char *command, char *dbpath, char *dbname,
- Oid *dbIdP, Oid *userIdP);
-static HeapTuple get_pg_dbtup(char *command, char *dbname, Relation dbrel);
-static void stop_vacuum(char *dbpath, char *dbname);
+static bool get_db_info(const char *name, Oid *dbIdP, int4 *ownerIdP,
+ int *encodingP, bool *dbIsTemplateP,
+ Oid *dbLastSysOidP, char *dbpath);
+static bool get_user_info(Oid use_sysid, bool *use_super, bool *use_createdb);
+static char *resolve_alt_dbpath(const char *dbpath, Oid dboid);
+static bool remove_dbdirs(const char *real_loc, const char *altloc);
+
+/*
+ * CREATE DATABASE
+ */
void
-createdb(char *dbname, char *dbpath)
+createdb(const char *dbname, const char *dbpath,
+ const char *dbtemplate, int encoding)
{
- Oid db_id,
- user_id;
- char buf[512];
- char *lp,
- loc[512];
+ char *nominal_loc;
+ char *alt_loc;
+ char *target_dir;
+ char src_loc[MAXPGPATH];
+ char buf[2 * MAXPGPATH + 100];
+ int ret;
+ bool use_super,
+ use_createdb;
+ Oid src_dboid;
+ int4 src_owner;
+ int src_encoding;
+ bool src_istemplate;
+ Oid src_lastsysoid;
+ char src_dbpath[MAXPGPATH];
+ Relation pg_database_rel;
+ HeapTuple tuple;
+ TupleDesc pg_database_dsc;
+ Datum new_record[Natts_pg_database];
+ char new_record_nulls[Natts_pg_database];
+ Oid dboid;
+
+ if (!get_user_info(GetUserId(), &use_super, &use_createdb))
+ elog(ERROR, "current user name is invalid");
+
+ if (!use_createdb && !use_super)
+ elog(ERROR, "CREATE DATABASE: permission denied");
+
+ /* don't call this in a transaction block */
+ if (IsTransactionBlock())
+ elog(ERROR, "CREATE DATABASE: may not be called in a transaction block");
/*
- * If this call returns, the database does not exist and we're allowed
- * to create databases.
+ * Check for db name conflict. There is a race condition here, since
+ * another backend could create the same DB name before we commit.
+ * However, holding an exclusive lock on pg_database for the whole
+ * time we are copying the source database doesn't seem like a good
+ * idea, so accept possibility of race to create. We will check again
+ * after we grab the exclusive lock.
*/
- check_permissions("createdb", dbpath, dbname, &db_id, &user_id);
+ if (get_db_info(dbname, NULL, NULL, NULL, NULL, NULL, NULL))
+ elog(ERROR, "CREATE DATABASE: database \"%s\" already exists", dbname);
- /* close virtual file descriptors so we can do system() calls */
- closeAllVfds();
+ /*
+ * Lookup database (template) to be cloned.
+ */
+ if (!dbtemplate)
+ dbtemplate = "template1"; /* Default template database name */
- /* Now create directory for this new database */
- if ((dbpath != NULL) && (strcmp(dbpath, dbname) != 0))
- {
- if (*(dbpath + strlen(dbpath) - 1) == SEP_CHAR)
- *(dbpath + strlen(dbpath) - 1) = '\0';
- sprintf(loc, "%s%c%s", dbpath, SEP_CHAR, dbname);
- }
- else
+ if (!get_db_info(dbtemplate, &src_dboid, &src_owner, &src_encoding,
+ &src_istemplate, &src_lastsysoid, src_dbpath))
+ elog(ERROR, "CREATE DATABASE: template \"%s\" does not exist",
+ dbtemplate);
+
+ /*
+ * Permission check: to copy a DB that's not marked datistemplate, you
+ * must be superuser or the owner thereof.
+ */
+ if (!src_istemplate)
{
- strcpy(loc, dbname);
+ if (!use_super && GetUserId() != src_owner)
+ elog(ERROR, "CREATE DATABASE: permission to copy \"%s\" denied",
+ dbtemplate);
}
- lp = ExpandDatabasePath(loc);
+ /*
+ * Determine physical path of source database
+ */
+ alt_loc = resolve_alt_dbpath(src_dbpath, src_dboid);
+ if (!alt_loc)
+ alt_loc = GetDatabasePath(src_dboid);
+ strcpy(src_loc, alt_loc);
- if (lp == NULL)
- elog(ERROR, "Unable to locate path '%s'"
- "\n\tThis may be due to a missing environment variable"
- " in the server", loc);
+ /*
+ * The source DB can't have any active backends, except this one
+ * (exception is to allow CREATE DB while connected to template1).
+ * Otherwise we might copy inconsistent data. This check is not
+ * bulletproof, since someone might connect while we are copying...
+ */
+ if (DatabaseHasActiveBackends(src_dboid, true))
+ elog(ERROR, "CREATE DATABASE: source database \"%s\" is being accessed by other users", dbtemplate);
- if (mkdir(lp, S_IRWXU) != 0)
- elog(ERROR, "Unable to create database directory %s", lp);
+ /* If encoding is defaulted, use source's encoding */
+ if (encoding < 0)
+ encoding = src_encoding;
- sprintf(buf, "%s %s%cbase%ctemplate1%c* %s",
- COPY_CMD, DataDir, SEP_CHAR, SEP_CHAR, SEP_CHAR, lp);
- system(buf);
+ /*
+ * Preassign OID for pg_database tuple, so that we can compute db
+ * path.
+ */
+ dboid = newoid();
-#if FALSE
- sprintf(buf, "insert into pg_database (datname, datdba, datpath) \
- values (\'%s\'::name, \'%d\'::oid, \'%s\'::text);",
- dbname, user_id, dbname);
-#endif
+ /*
+ * Compute nominal location (where we will try to access the
+ * database), and resolve alternate physical location if one is
+ * specified.
+ */
+ nominal_loc = GetDatabasePath(dboid);
+ alt_loc = resolve_alt_dbpath(dbpath, dboid);
- sprintf(buf, "insert into pg_database (datname, datdba, datpath)"
- " values (\'%s\', \'%d\', \'%s\');", dbname, user_id, loc);
+ if (strchr(nominal_loc, '\''))
+ elog(ERROR, "database path may not contain single quotes");
+ if (alt_loc && strchr(alt_loc, '\''))
+ elog(ERROR, "database path may not contain single quotes");
+ if (strchr(src_loc, '\''))
+ elog(ERROR, "database path may not contain single quotes");
+ /* ... otherwise we'd be open to shell exploits below */
- pg_exec_query(buf, (char **) NULL, (Oid *) NULL, 0);
-}
+ /*
+ * Force dirty buffers out to disk, to ensure source database is
+ * up-to-date for the copy. (We really only need to flush buffers for
+ * the source database...)
+ */
+ BufferSync();
-void
-destroydb(char *dbname)
-{
- Oid user_id,
- db_id;
- char *path;
- char dbpath[MAXPGPATH + 1];
- char buf[512];
+ /*
+ * Close virtual file descriptors so the kernel has more available for
+ * the mkdir() and system() calls below.
+ */
+ closeAllVfds();
/*
- * If this call returns, the database exists and we're allowed to
- * remove it.
+ * Check we can create the target directory --- but then remove it
+ * because we rely on cp(1) to create it for real.
*/
- check_permissions("destroydb", dbpath, dbname, &db_id, &user_id);
+ target_dir = alt_loc ? alt_loc : nominal_loc;
+
+ if (mkdir(target_dir, S_IRWXU) != 0)
+ elog(ERROR, "CREATE DATABASE: unable to create database directory '%s': %m",
+ target_dir);
+ rmdir(target_dir);
- if (!OidIsValid(db_id))
+ /* Make the symlink, if needed */
+ if (alt_loc)
{
- elog(FATAL, "impossible: pg_database instance with invalid OID.");
+ if (symlink(alt_loc, nominal_loc) != 0)
+ elog(ERROR, "CREATE DATABASE: could not link '%s' to '%s': %m",
+ nominal_loc, alt_loc);
}
- /* stop the vacuum daemon */
- stop_vacuum(dbpath, dbname);
+ /* Copy the template database to the new location */
+ snprintf(buf, sizeof(buf), "cp -r '%s' '%s'", src_loc, target_dir);
- path = ExpandDatabasePath(dbpath);
- if (path == NULL)
- elog(ERROR, "Unable to locate path '%s'"
- "\n\tThis may be due to a missing environment variable"
- " in the server", dbpath);
+ ret = system(buf);
+ /* Some versions of SunOS seem to return ECHILD after a system() call */
+ if (ret != 0 && errno != ECHILD)
+ {
+ if (remove_dbdirs(nominal_loc, alt_loc))
+ elog(ERROR, "CREATE DATABASE: could not initialize database directory");
+ else
+ elog(ERROR, "CREATE DATABASE: could not initialize database directory; delete failed as well");
+ }
/*
- * remove the pg_database tuple FIRST, this may fail due to
- * permissions problems
+ * Now OK to grab exclusive lock on pg_database.
*/
- sprintf(buf, "delete from pg_database where pg_database.oid = \'%d\'::oid",
- db_id);
- pg_exec_query(buf, (char **) NULL, (Oid *) NULL, 0);
+ pg_database_rel = heap_openr(DatabaseRelationName, AccessExclusiveLock);
+
+ /* Check to see if someone else created same DB name meanwhile. */
+ if (get_db_info(dbname, NULL, NULL, NULL, NULL, NULL, NULL))
+ {
+ remove_dbdirs(nominal_loc, alt_loc);
+ elog(ERROR, "CREATE DATABASE: database \"%s\" already exists", dbname);
+ }
/*
- * remove the data directory. If the DELETE above failed, this will
- * not be reached
+ * Insert a new tuple into pg_database
*/
+ pg_database_dsc = RelationGetDescr(pg_database_rel);
- sprintf(buf, "rm -r %s", path);
- system(buf);
+ /* Form tuple */
+ new_record[Anum_pg_database_datname - 1] =
+ DirectFunctionCall1(namein, CStringGetDatum(dbname));
+ new_record[Anum_pg_database_datdba - 1] = Int32GetDatum(GetUserId());
+ new_record[Anum_pg_database_encoding - 1] = Int32GetDatum(encoding);
+ new_record[Anum_pg_database_datistemplate - 1] = BoolGetDatum(false);
+ new_record[Anum_pg_database_datallowconn - 1] = BoolGetDatum(true);
+ new_record[Anum_pg_database_datlastsysoid - 1] = ObjectIdGetDatum(src_lastsysoid);
+ /* no nulls here, GetRawDatabaseInfo doesn't like them */
+ new_record[Anum_pg_database_datpath - 1] =
+ DirectFunctionCall1(textin, CStringGetDatum(dbpath ? dbpath : ""));
- /* drop pages for this database that are in the shared buffer cache */
- DropBuffers(db_id);
-}
+ memset(new_record_nulls, ' ', sizeof(new_record_nulls));
-static HeapTuple
-get_pg_dbtup(char *command, char *dbname, Relation dbrel)
-{
- HeapTuple dbtup;
- HeapTuple tup;
- Buffer buf;
- HeapScanDesc scan;
- ScanKeyData scanKey;
+ tuple = heap_formtuple(pg_database_dsc, new_record, new_record_nulls);
- ScanKeyEntryInitialize(&scanKey, 0, Anum_pg_database_datname,
- NameEqualRegProcedure, NameGetDatum(dbname));
+ tuple->t_data->t_oid = dboid; /* override heap_insert's OID
+ * selection */
- scan = heap_beginscan(dbrel, 0, false, 1, &scanKey);
- if (!HeapScanIsValid(scan))
- elog(ERROR, "%s: cannot begin scan of pg_database.", command);
+ heap_insert(pg_database_rel, tuple);
/*
- * since we want to return the tuple out of this proc, and we're going
- * to close the relation, copy the tuple and return the copy.
+ * Update indexes (there aren't any currently)
*/
- tup = heap_getnext(scan, 0, &buf);
-
- if (HeapTupleIsValid(tup))
+#ifdef Num_pg_database_indices
+ if (RelationGetForm(pg_database_rel)->relhasindex)
{
- dbtup = heap_copytuple(tup);
- ReleaseBuffer(buf);
+ Relation idescs[Num_pg_database_indices];
+
+ CatalogOpenIndices(Num_pg_database_indices,
+ Name_pg_database_indices, idescs);
+ CatalogIndexInsert(idescs, Num_pg_database_indices, pg_database_rel,
+ tuple);
+ CatalogCloseIndices(Num_pg_database_indices, idescs);
}
- else
- dbtup = tup;
+#endif
- heap_endscan(scan);
- return (dbtup);
+ /* Close pg_database, but keep lock till commit */
+ heap_close(pg_database_rel, NoLock);
+
+ /*
+ * Force dirty buffers out to disk, so that newly-connecting backends
+ * will see the new database in pg_database right away. (They'll see
+ * an uncommitted tuple, but they don't care; see GetRawDatabaseInfo.)
+ */
+ BufferSync();
}
+
/*
- * check_permissions() -- verify that the user is permitted to do this.
- *
- * If the user is not allowed to carry out this operation, this routine
- * elog(ERROR, ...)s, which will abort the xact. As a side effect, the
- * user's pg_user tuple OID is returned in userIdP and the target database's
- * OID is returned in dbIdP.
+ * DROP DATABASE
*/
-
-static void
-check_permissions(char *command,
- char *dbpath,
- char *dbname,
- Oid *dbIdP,
- Oid *userIdP)
+void
+dropdb(const char *dbname)
{
- Relation dbrel;
- HeapTuple dbtup,
- utup;
- Oid dbowner = (Oid) 0;
- char use_createdb;
- bool dbfound;
+ int4 db_owner;
+ bool db_istemplate;
bool use_super;
- char *userName;
- text *dbtext;
- char path[MAXPGPATH + 1];
-
- userName = GetPgUserName();
- utup = SearchSysCacheTuple(USENAME, PointerGetDatum(userName),
- 0, 0, 0);
- *userIdP = ((Form_pg_shadow) GETSTRUCT(utup))->usesysid;
- use_super = ((Form_pg_shadow) GETSTRUCT(utup))->usesuper;
- use_createdb = ((Form_pg_shadow) GETSTRUCT(utup))->usecreatedb;
-
- /* Check to make sure user has permission to use createdb */
- if (!use_createdb)
- {
- elog(ERROR, "user \"%s\" is not allowed to create/destroy databases",
- userName);
- }
+ Oid db_id;
+ char *alt_loc;
+ char *nominal_loc;
+ char dbpath[MAXPGPATH];
+ Relation pgdbrel;
+ HeapScanDesc pgdbscan;
+ ScanKeyData key;
+ HeapTuple tup;
- /* Make sure we are not mucking with the template database */
- if (!strcmp(dbname, "template1"))
- {
- elog(ERROR, "%s cannot be executed on the template database.", command);
- }
+ AssertArg(dbname);
- /* Check to make sure database is not the currently open database */
- if (!strcmp(dbname, DatabaseName))
- {
- elog(ERROR, "%s cannot be executed on an open database", command);
- }
+ if (strcmp(dbname, DatabaseName) == 0)
+ elog(ERROR, "DROP DATABASE: cannot be executed on the currently open database");
- /* Check to make sure database is owned by this user */
+ if (IsTransactionBlock())
+ elog(ERROR, "DROP DATABASE: may not be called in a transaction block");
+
+ if (!get_user_info(GetUserId(), &use_super, NULL))
+ elog(ERROR, "current user name is invalid");
/*
- * need the reldesc to get the database owner out of dbtup and to set
- * a write lock on it.
+ * Obtain exclusive lock on pg_database. We need this to ensure that
+ * no new backend starts up in the target database while we are
+ * deleting it. (Actually, a new backend might still manage to start
+ * up, because it will read pg_database without any locking to
+ * discover the database's OID. But it will detect its error in
+ * ReverifyMyDatabase and shut down before any serious damage is done.
+ * See postinit.c.)
*/
- dbrel = heap_openr(DatabaseRelationName);
+ pgdbrel = heap_openr(DatabaseRelationName, AccessExclusiveLock);
+
+ if (!get_db_info(dbname, &db_id, &db_owner, NULL,
+ &db_istemplate, NULL, dbpath))
+ elog(ERROR, "DROP DATABASE: database \"%s\" does not exist", dbname);
- if (!RelationIsValid(dbrel))
- elog(FATAL, "%s: cannot open relation \"%-.*s\"",
- command, DatabaseRelationName);
+ if (!use_super && GetUserId() != db_owner)
+ elog(ERROR, "DROP DATABASE: permission denied");
/*
- * Acquire a write lock on pg_database from the beginning to avoid
- * upgrading a read lock to a write lock. Upgrading causes long
- * delays when multiple 'createdb's or 'destroydb's are run simult.
- * -mer 7/3/91
+ * Disallow dropping a DB that is marked istemplate. This is just to
+ * prevent people from accidentally dropping template0 or template1;
+ * they can do so if they're really determined ...
*/
- RelationSetLockForWrite(dbrel);
- dbtup = get_pg_dbtup(command, dbname, dbrel);
- dbfound = HeapTupleIsValid(dbtup);
+ if (db_istemplate)
+ elog(ERROR, "DROP DATABASE: database is marked as a template");
- if (dbfound)
- {
- dbowner = (Oid) heap_getattr(dbtup,
- Anum_pg_database_datdba,
- RelationGetTupleDescriptor(dbrel),
- (char *) NULL);
- *dbIdP = dbtup->t_oid;
- dbtext = (text *) heap_getattr(dbtup,
- Anum_pg_database_datpath,
- RelationGetTupleDescriptor(dbrel),
- (char *) NULL);
-
- strncpy(path, VARDATA(dbtext), (VARSIZE(dbtext) - VARHDRSZ));
- *(path + VARSIZE(dbtext) - VARHDRSZ) = '\0';
- }
- else
- {
- *dbIdP = InvalidOid;
- }
+ nominal_loc = GetDatabasePath(db_id);
+ alt_loc = resolve_alt_dbpath(dbpath, db_id);
- heap_close(dbrel);
+ /*
+ * Check for active backends in the target database.
+ */
+ if (DatabaseHasActiveBackends(db_id, false))
+ elog(ERROR, "DROP DATABASE: database \"%s\" is being accessed by other users", dbname);
/*
- * Now be sure that the user is allowed to do this.
+ * Find the database's tuple by OID (should be unique, we trust).
*/
+ ScanKeyEntryInitialize(&key, 0, ObjectIdAttributeNumber,
+ F_OIDEQ, ObjectIdGetDatum(db_id));
- if (dbfound && !strcmp(command, "createdb"))
- {
+ pgdbscan = heap_beginscan(pgdbrel, 0, SnapshotNow, 1, &key);
- elog(ERROR, "createdb: database %s already exists.", dbname);
+ tup = heap_getnext(pgdbscan, 0);
+ if (!HeapTupleIsValid(tup))
+ {
+ /*
+ * This error should never come up since the existence of the
+ * database is checked earlier
+ */
+ elog(ERROR, "DROP DATABASE: Database \"%s\" doesn't exist despite earlier reports to the contrary",
+ dbname);
}
- else if (!dbfound && !strcmp(command, "destroydb"))
- {
- elog(ERROR, "destroydb: database %s does not exist.", dbname);
+ /* Remove the database's tuple from pg_database */
+ simple_heap_delete(pgdbrel, &tup->t_self);
- }
- else if (dbfound && !strcmp(command, "destroydb")
- && dbowner != *userIdP && use_super == false)
- {
+ heap_endscan(pgdbscan);
- elog(ERROR, "%s: database %s is not owned by you.", command, dbname);
+ /*
+ * Close pg_database, but keep exclusive lock till commit to ensure
+ * that any new backend scanning pg_database will see the tuple dead.
+ */
+ heap_close(pgdbrel, NoLock);
+
+ /* Delete any comments associated with the database */
+ DeleteComments(db_id);
+
+ /*
+ * Drop pages for this database that are in the shared buffer cache.
+ * This is important to ensure that no remaining backend tries to
+ * write out a dirty buffer to the dead database later...
+ */
+ DropBuffers(db_id);
+
+ /*
+ * Remove the database's subdirectory and everything in it.
+ */
+ remove_dbdirs(nominal_loc, alt_loc);
+
+ /*
+ * Force dirty buffers out to disk, so that newly-connecting backends
+ * will see the database tuple marked dead in pg_database right away.
+ * (They'll see an uncommitted deletion, but they don't care; see
+ * GetRawDatabaseInfo.)
+ */
+ BufferSync();
+}
- }
- if (dbfound && !strcmp(command, "destroydb"))
- strcpy(dbpath, path);
-} /* check_permissions() */
/*
- * stop_vacuum() -- stop the vacuum daemon on the database, if one is running.
+ * Helper functions
*/
-static void
-stop_vacuum(char *dbpath, char *dbname)
+
+static bool
+get_db_info(const char *name, Oid *dbIdP, int4 *ownerIdP,
+ int *encodingP, bool *dbIsTemplateP,
+ Oid *dbLastSysOidP, char *dbpath)
{
- char filename[256];
- FILE *fp;
- int pid;
+ Relation relation;
+ ScanKeyData scanKey;
+ HeapScanDesc scan;
+ HeapTuple tuple;
- if (strchr(dbpath, SEP_CHAR) != 0)
+ AssertArg(name);
+
+ /* Caller may wish to grab a better lock on pg_database beforehand... */
+ relation = heap_openr(DatabaseRelationName, AccessShareLock);
+
+ ScanKeyEntryInitialize(&scanKey, 0, Anum_pg_database_datname,
+ F_NAMEEQ, NameGetDatum(name));
+
+ scan = heap_beginscan(relation, 0, SnapshotNow, 1, &scanKey);
+ if (!HeapScanIsValid(scan))
+ elog(ERROR, "Cannot begin scan of %s", DatabaseRelationName);
+
+ tuple = heap_getnext(scan, 0);
+
+ if (HeapTupleIsValid(tuple))
{
- sprintf(filename, "%s%cbase%c%s%c%s.vacuum", DataDir, SEP_CHAR, SEP_CHAR,
- dbname, SEP_CHAR, dbname);
+ Form_pg_database dbform = (Form_pg_database) GETSTRUCT(tuple);
+ text *tmptext;
+ bool isnull;
+
+ /* oid of the database */
+ if (dbIdP)
+ *dbIdP = tuple->t_data->t_oid;
+ /* uid of the owner */
+ if (ownerIdP)
+ *ownerIdP = dbform->datdba;
+ /* multibyte encoding */
+ if (encodingP)
+ *encodingP = dbform->encoding;
+ /* allowed as template? */
+ if (dbIsTemplateP)
+ *dbIsTemplateP = dbform->datistemplate;
+ /* last system OID used in database */
+ if (dbLastSysOidP)
+ *dbLastSysOidP = dbform->datlastsysoid;
+ /* database path (as registered in pg_database) */
+ if (dbpath)
+ {
+ tmptext = DatumGetTextP(heap_getattr(tuple,
+ Anum_pg_database_datpath,
+ RelationGetDescr(relation),
+ &isnull));
+ if (!isnull)
+ {
+ Assert(VARSIZE(tmptext) - VARHDRSZ < MAXPGPATH);
+
+ strncpy(dbpath, VARDATA(tmptext), VARSIZE(tmptext) - VARHDRSZ);
+ *(dbpath + VARSIZE(tmptext) - VARHDRSZ) = '\0';
+ }
+ else
+ strcpy(dbpath, "");
+ }
+ }
+
+ heap_endscan(scan);
+ heap_close(relation, AccessShareLock);
+
+ return HeapTupleIsValid(tuple);
+}
+
+static bool
+get_user_info(Oid use_sysid, bool *use_super, bool *use_createdb)
+{
+ HeapTuple utup;
+
+ utup = SearchSysCache(SHADOWSYSID,
+ ObjectIdGetDatum(use_sysid),
+ 0, 0, 0);
+
+ if (!HeapTupleIsValid(utup))
+ return false;
+
+ if (use_super)
+ *use_super = ((Form_pg_shadow) GETSTRUCT(utup))->usesuper;
+ if (use_createdb)
+ *use_createdb = ((Form_pg_shadow) GETSTRUCT(utup))->usecreatedb;
+
+ ReleaseSysCache(utup);
+
+ return true;
+}
+
+
+static char *
+resolve_alt_dbpath(const char *dbpath, Oid dboid)
+{
+ const char *prefix;
+ char *ret;
+ size_t len;
+
+ if (dbpath == NULL || dbpath[0] == '\0')
+ return NULL;
+
+ if (strchr(dbpath, '/'))
+ {
+ if (dbpath[0] != '/')
+ elog(ERROR, "Relative paths are not allowed as database locations");
+#ifndef ALLOW_ABSOLUTE_DBPATHS
+ elog(ERROR, "Absolute paths are not allowed as database locations");
+#endif
+ prefix = dbpath;
}
else
{
- sprintf(filename, "%s%c%s.vacuum", dbpath, SEP_CHAR, dbname);
+ /* must be environment variable */
+ char *var = getenv(dbpath);
+
+ if (!var)
+ elog(ERROR, "Postmaster environment variable '%s' not set", dbpath);
+ if (var[0] != '/')
+ elog(ERROR, "Postmaster environment variable '%s' must be absolute path", dbpath);
+ prefix = var;
}
- if ((fp = AllocateFile(filename, "r")) != NULL)
+ len = strlen(prefix) + 6 + sizeof(Oid) * 8 + 1;
+ ret = palloc(len);
+ snprintf(ret, len, "%s/base/%u", prefix, dboid);
+
+ return ret;
+}
+
+
+static bool
+remove_dbdirs(const char *nominal_loc, const char *alt_loc)
+{
+ const char *target_dir;
+ char buf[MAXPGPATH + 100];
+ bool success = true;
+
+ target_dir = alt_loc ? alt_loc : nominal_loc;
+
+ /*
+ * Close virtual file descriptors so the kernel has more available for
+ * the system() call below.
+ */
+ closeAllVfds();
+
+ if (alt_loc)
{
- fscanf(fp, "%d", &pid);
- FreeFile(fp);
- if (kill(pid, SIGKILLDAEMON1) < 0)
+ /* remove symlink */
+ if (unlink(nominal_loc) != 0)
{
- elog(ERROR, "can't kill vacuum daemon (pid %d) on %s",
- pid, dbname);
+ elog(NOTICE, "could not remove '%s': %m", nominal_loc);
+ success = false;
}
}
+
+ snprintf(buf, sizeof(buf), "rm -rf '%s'", target_dir);
+
+ if (system(buf) != 0 && errno != ECHILD)
+ {
+ elog(NOTICE, "database directory '%s' could not be removed",
+ target_dir);
+ success = false;
+ }
+
+ return success;
}