Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit3822845

Browse files
committed
Fix documentation about DROP DATABASE FORCE process termination rights.
Specifically, it terminates a background worker even if the callercouldn't terminate the background worker with pg_terminate_backend().Commit3a9b18b neglected to updatethis. Back-patch to v13, which introduced DROP DATABASE FORCE.Reviewed by Amit Kapila. Reported by Kirill Reshke.Discussion:https://postgr.es/m/20240429212756.60.nmisch@google.com
1 parent0ae05c1 commit3822845

File tree

2 files changed

+21
-16
lines changed

2 files changed

+21
-16
lines changed

‎doc/src/sgml/ref/drop_database.sgml‎

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -79,12 +79,14 @@ DROP DATABASE [ IF EXISTS ] <replaceable class="parameter">name</replaceable> [
7979
It doesn't terminate if prepared transactions, active logical replication
8080
slots or subscriptions are present in the target database.
8181
</para>
82+
<!-- not mentioning exception for autovacuum workers, since those are an
83+
implementation detail and the exception is not specific to FORCE -->
8284
<para>
83-
Thiswill fail if the current user has no permissions to terminate other
84-
connections. Required permissions are the same as with
85-
<literal>pg_terminate_backend</literal>, described in
86-
<xref linkend="functions-admin-signal"/>.This will also fail if we
87-
are not able to terminate connections.
85+
Thisterminates background worker connections and connections that the
86+
current user has permission to terminate
87+
with <function>pg_terminate_backend</function>, described in
88+
<xref linkend="functions-admin-signal"/>.If connections would remain,
89+
this command will fail.
8890
</para>
8991
</listitem>
9092
</varlistentry>

‎src/backend/storage/ipc/procarray.c‎

Lines changed: 14 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -3758,8 +3758,8 @@ CountOtherDBBackends(Oid databaseId, int *nbackends, int *nprepared)
37583758
* The current backend is always ignored; it is caller's responsibility to
37593759
* check whether the current backend uses the given DB, if it's important.
37603760
*
3761-
*It doesn't allow to terminate the connections even if there is a one
3762-
*backend with the prepared transaction in the target database.
3761+
*If the target database has a prepared transaction or permissions checks
3762+
*fail for a connection, this fails without terminating anything.
37633763
*/
37643764
void
37653765
TerminateOtherDBBackends(OiddatabaseId)
@@ -3804,14 +3804,19 @@ TerminateOtherDBBackends(Oid databaseId)
38043804
ListCell*lc;
38053805

38063806
/*
3807-
* Check whether we have the necessary rights to terminate other
3808-
* sessions. We don't terminate any session until we ensure that we
3809-
* have rights on all the sessions to be terminated. These checks are
3810-
* the same as we do in pg_terminate_backend.
3807+
* Permissions checks relax the pg_terminate_backend checks in two
3808+
* ways, both by omitting the !OidIsValid(proc->roleId) check:
38113809
*
3812-
* In this case we don't raise some warnings - like "PID %d is not a
3813-
* PostgreSQL server process", because for us already finished session
3814-
* is not a problem.
3810+
* - Accept terminating autovacuum workers, since DROP DATABASE
3811+
* without FORCE terminates them.
3812+
*
3813+
* - Accept terminating bgworkers. For bgworker authors, it's
3814+
* convenient to be able to recommend FORCE if a worker is blocking
3815+
* DROP DATABASE unexpectedly.
3816+
*
3817+
* Unlike pg_terminate_backend, we don't raise some warnings - like
3818+
* "PID %d is not a PostgreSQL server process", because for us already
3819+
* finished session is not a problem.
38153820
*/
38163821
foreach(lc,pids)
38173822
{
@@ -3820,15 +3825,13 @@ TerminateOtherDBBackends(Oid databaseId)
38203825

38213826
if (proc!=NULL)
38223827
{
3823-
/* Only allow superusers to signal superuser-owned backends. */
38243828
if (superuser_arg(proc->roleId)&& !superuser())
38253829
ereport(ERROR,
38263830
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
38273831
errmsg("permission denied to terminate process"),
38283832
errdetail("Only roles with the %s attribute may terminate processes of roles with the %s attribute.",
38293833
"SUPERUSER","SUPERUSER")));
38303834

3831-
/* Users can signal backends they have role membership in. */
38323835
if (!has_privs_of_role(GetUserId(),proc->roleId)&&
38333836
!has_privs_of_role(GetUserId(),ROLE_PG_SIGNAL_BACKEND))
38343837
ereport(ERROR,

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp