Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitfe550b2

Browse files
committed
Invent PGC_SU_BACKEND and mark log_connections/log_disconnections that way.
This new GUC context option allows GUC parameters to have the combinedproperties of PGC_BACKEND and PGC_SUSET, ie, they don't change aftersession start and non-superusers can't change them. This is a moreappropriate choice for log_connections and log_disconnections than theirprevious context of PGC_BACKEND, because we don't want non-superusersto be able to affect whether their sessions get logged.Note: the behavior for log_connections is still a bit odd, in that whena superuser attempts to set it from PGOPTIONS, the setting takes effectbut it's too late to enable or suppress connection startup logging.It's debatable whether that's worth fixing, and in any case there isa reasonable argument for PGC_SU_BACKEND to exist.In passing, re-pgindent the files touched by this commit.Fujii Masao, reviewed by Joe Conway and Amit Kapila
1 parentc2a0143 commitfe550b2

File tree

5 files changed

+65
-43
lines changed

5 files changed

+65
-43
lines changed

‎doc/src/sgml/config.sgml

Lines changed: 9 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -4345,8 +4345,9 @@ local0.* /var/log/postgresql
43454345
<para>
43464346
Causes each attempted connection to the server to be logged,
43474347
as well as successful completion of client authentication.
4348-
This parameter cannot be changed after session start.
4349-
The default is off.
4348+
Only superusers can change this parameter at session start,
4349+
and it cannot be changed at all within a session.
4350+
The default is <literal>off</>.
43504351
</para>
43514352

43524353
<note>
@@ -4368,11 +4369,12 @@ local0.* /var/log/postgresql
43684369
</term>
43694370
<listitem>
43704371
<para>
4371-
This outputs a line in the server log similar to
4372-
<varname>log_connections</varname> but at session termination,
4373-
and includes the duration of the session. This is off by
4374-
default.
4375-
This parameter cannot be changed after session start.
4372+
Causes session terminations to be logged. The log output
4373+
provides information similar to <varname>log_connections</varname>,
4374+
plus the duration of the session.
4375+
Only superusers can change this parameter at session start,
4376+
and it cannot be changed at all within a session.
4377+
The default is <literal>off</>.
43764378
</para>
43774379
</listitem>
43784380
</varlistentry>

‎src/backend/tcop/postgres.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3258,7 +3258,7 @@ get_stats_option_name(const char *arg)
32583258
* argv[0] is ignored in either case (it's assumed to be the program name).
32593259
*
32603260
* ctx is PGC_POSTMASTER for secure options, PGC_BACKEND for insecure options
3261-
* coming from the client, orPGC_SUSET for insecure options coming from
3261+
* coming from the client, orPGC_SU_BACKEND for insecure options coming from
32623262
* a superuser client.
32633263
*
32643264
* If a database name is present in the command line arguments, it's

‎src/backend/utils/init/postinit.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -425,7 +425,7 @@ pg_split_opts(char **argv, int *argcp, char *optstr)
425425

426426
while (*optstr)
427427
{
428-
boollast_was_escape= false;
428+
boollast_was_escape= false;
429429

430430
resetStringInfo(&s);
431431

@@ -982,7 +982,7 @@ process_startup_options(Port *port, bool am_superuser)
982982
GucContextgucctx;
983983
ListCell*gucopts;
984984

985-
gucctx=am_superuser ?PGC_SUSET :PGC_BACKEND;
985+
gucctx=am_superuser ?PGC_SU_BACKEND :PGC_BACKEND;
986986

987987
/*
988988
* First process any command-line switches that were included in the

‎src/backend/utils/misc/guc.c

Lines changed: 41 additions & 25 deletions
Original file line numberDiff line numberDiff line change
@@ -493,7 +493,7 @@ static bool data_checksums;
493493
staticintwal_segment_size;
494494
staticboolinteger_datetimes;
495495
staticinteffective_io_concurrency;
496-
staticboolassert_enabled;
496+
staticboolassert_enabled;
497497

498498
/* should be static, but commands/variable.c needs to get at this */
499499
char*role_string;
@@ -509,6 +509,7 @@ const char *const GucContext_Names[] =
509509
/* PGC_INTERNAL */"internal",
510510
/* PGC_POSTMASTER */"postmaster",
511511
/* PGC_SIGHUP */"sighup",
512+
/* PGC_SU_BACKEND */"superuser-backend",
512513
/* PGC_BACKEND */"backend",
513514
/* PGC_SUSET */"superuser",
514515
/* PGC_USERSET */"user"
@@ -907,7 +908,7 @@ static struct config_bool ConfigureNamesBool[] =
907908
NULL,NULL,NULL
908909
},
909910
{
910-
{"log_connections",PGC_BACKEND,LOGGING_WHAT,
911+
{"log_connections",PGC_SU_BACKEND,LOGGING_WHAT,
911912
gettext_noop("Logs each successful connection."),
912913
NULL
913914
},
@@ -916,7 +917,7 @@ static struct config_bool ConfigureNamesBool[] =
916917
NULL,NULL,NULL
917918
},
918919
{
919-
{"log_disconnections",PGC_BACKEND,LOGGING_WHAT,
920+
{"log_disconnections",PGC_SU_BACKEND,LOGGING_WHAT,
920921
gettext_noop("Logs end of a session, including duration."),
921922
NULL
922923
},
@@ -4389,10 +4390,10 @@ SelectConfigFiles(const char *userDoption, const char *progname)
43894390
SetConfigOption("data_directory",DataDir,PGC_POSTMASTER,PGC_S_OVERRIDE);
43904391

43914392
/*
4392-
* Now read the config file a second time, allowing any settings in
4393-
*thePG_AUTOCONF_FILENAME file to take effect. (This is pretty ugly,
4394-
*butsince we have to determine the DataDir before we can find the
4395-
*autoconffile, the alternatives seem worse.)
4393+
* Now read the config file a second time, allowing any settings in the
4394+
* PG_AUTOCONF_FILENAME file to take effect. (This is pretty ugly, but
4395+
* since we have to determine the DataDir before we can find the autoconf
4396+
* file, the alternatives seem worse.)
43964397
*/
43974398
ProcessConfigFile(PGC_POSTMASTER);
43984399

@@ -5694,16 +5695,27 @@ set_config_option(const char *name, const char *value,
56945695
* signals to individual backends only.
56955696
*/
56965697
break;
5698+
casePGC_SU_BACKEND:
5699+
/* Reject if we're connecting but user is not superuser */
5700+
if (context==PGC_BACKEND)
5701+
{
5702+
ereport(elevel,
5703+
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
5704+
errmsg("permission denied to set parameter \"%s\"",
5705+
name)));
5706+
return0;
5707+
}
5708+
/* FALL THRU to process the same as PGC_BACKEND */
56975709
casePGC_BACKEND:
56985710
if (context==PGC_SIGHUP)
56995711
{
57005712
/*
5701-
* If a PGC_BACKEND parameter is changed in the config file,
5702-
* we want to accept the new value in the postmaster (whence
5703-
* it will propagate to subsequently-started backends), but
5704-
*ignore it in existingbackends. This is a tad klugy, but
5705-
*necessary because we don't re-read the config file during
5706-
* backend start.
5713+
* If a PGC_BACKENDor PGC_SU_BACKENDparameter is changed in
5714+
*the config file,we want to accept the new value in the
5715+
*postmaster (whenceit will propagate to
5716+
*subsequently-startedbackends), but ignore it in existing
5717+
*backends. This is a tad klugy, but necessary because we
5718+
*don't re-read the config file duringbackend start.
57075719
*
57085720
* In EXEC_BACKEND builds, this works differently: we load all
57095721
* nondefault settings from the CONFIG_EXEC_PARAMS file during
@@ -5722,7 +5734,9 @@ set_config_option(const char *name, const char *value,
57225734
return-1;
57235735
#endif
57245736
}
5725-
elseif (context!=PGC_POSTMASTER&&context!=PGC_BACKEND&&
5737+
elseif (context!=PGC_POSTMASTER&&
5738+
context!=PGC_BACKEND&&
5739+
context!=PGC_SU_BACKEND&&
57265740
source!=PGC_S_CLIENT)
57275741
{
57285742
ereport(elevel,
@@ -6771,7 +6785,8 @@ AlterSystemSetConfigFile(AlterSystemStmt *altersysstmt)
67716785
if (record==NULL)
67726786
ereport(ERROR,
67736787
(errcode(ERRCODE_UNDEFINED_OBJECT),
6774-
errmsg("unrecognized configuration parameter \"%s\"",name)));
6788+
errmsg("unrecognized configuration parameter \"%s\"",
6789+
name)));
67756790

67766791
/*
67776792
* Don't allow the parameters which can't be set in configuration
@@ -6780,16 +6795,17 @@ AlterSystemSetConfigFile(AlterSystemStmt *altersysstmt)
67806795
if ((record->context==PGC_INTERNAL)||
67816796
(record->flags&GUC_DISALLOW_IN_FILE)||
67826797
(record->flags&GUC_DISALLOW_IN_AUTO_FILE))
6783-
ereport(ERROR,
6784-
(errcode(ERRCODE_CANT_CHANGE_RUNTIME_PARAM),
6785-
errmsg("parameter \"%s\" cannot be changed",
6786-
name)));
6798+
ereport(ERROR,
6799+
(errcode(ERRCODE_CANT_CHANGE_RUNTIME_PARAM),
6800+
errmsg("parameter \"%s\" cannot be changed",
6801+
name)));
67876802

67886803
if (!validate_conf_option(record,name,value,PGC_S_FILE,
67896804
ERROR, true,NULL,
67906805
&newextra))
67916806
ereport(ERROR,
6792-
(errmsg("invalid value for parameter \"%s\": \"%s\"",name,value)));
6807+
(errmsg("invalid value for parameter \"%s\": \"%s\"",
6808+
name,value)));
67936809
}
67946810

67956811

@@ -6817,7 +6833,7 @@ AlterSystemSetConfigFile(AlterSystemStmt *altersysstmt)
68176833
if (Tmpfd<0)
68186834
ereport(ERROR,
68196835
(errcode_for_file_access(),
6820-
errmsg("failed to open auto conf temp file \"%s\": %m",
6836+
errmsg("failed to open auto conf temp file \"%s\": %m",
68216837
AutoConfTmpFileName)));
68226838

68236839
PG_TRY();
@@ -6835,8 +6851,8 @@ AlterSystemSetConfigFile(AlterSystemStmt *altersysstmt)
68356851
infile=AllocateFile(AutoConfFileName,"r");
68366852
if (infile==NULL)
68376853
ereport(ERROR,
6838-
(errmsg("failed to open auto conf file \"%s\": %m",
6839-
AutoConfFileName)));
6854+
(errmsg("failed to open auto conf file \"%s\": %m",
6855+
AutoConfFileName)));
68406856

68416857
/* parse it */
68426858
ParseConfigFp(infile,AutoConfFileName,0,LOG,&head,&tail);
@@ -8388,8 +8404,8 @@ read_nondefault_variables(void)
83888404
GucContextvarscontext;
83898405

83908406
/*
8391-
* Assert that PGC_BACKEND case in set_config_option() will do the right
8392-
* thing.
8407+
* Assert that PGC_BACKEND/PGC_SU_BACKEND case in set_config_option() will
8408+
*do the rightthing.
83938409
*/
83948410
Assert(IsInitProcessingMode());
83958411

‎src/include/utils/guc.h

Lines changed: 12 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -36,15 +36,17 @@
3636
* certain point in their main loop. It's safer to wait than to read a
3737
* file asynchronously.)
3838
*
39-
* BACKEND options can only be set at postmaster startup, from the
40-
* configuration file, or by client request in the connection startup
41-
* packet (e.g., from libpq's PGOPTIONS variable). Furthermore, an
42-
* already-started backend will ignore changes to such an option in the
43-
* configuration file. The idea is that these options are fixed for a
44-
* given backend once it's started, but they can vary across backends.
39+
* BACKEND and SU_BACKEND options can only be set at postmaster startup,
40+
* from the configuration file, or by client request in the connection
41+
* startup packet (e.g., from libpq's PGOPTIONS variable). SU_BACKEND
42+
* options can be set from the startup packet only when the user is a
43+
* superuser. Furthermore, an already-started backend will ignore changes
44+
* to such an option in the configuration file. The idea is that these
45+
* options are fixed for a given backend once it's started, but they can
46+
* vary across backends.
4547
*
4648
* SUSET options can be set at postmaster startup, with the SIGHUP
47-
* mechanism, or from SQL if you're a superuser.
49+
* mechanism, or fromthe startup packet orSQL if you're a superuser.
4850
*
4951
* USERSET options can be set by anyone any time.
5052
*/
@@ -53,6 +55,7 @@ typedef enum
5355
PGC_INTERNAL,
5456
PGC_POSTMASTER,
5557
PGC_SIGHUP,
58+
PGC_SU_BACKEND,
5659
PGC_BACKEND,
5760
PGC_SUSET,
5861
PGC_USERSET
@@ -195,7 +198,8 @@ typedef enum
195198
#defineGUC_UNIT_TIME0x7000/* mask for MS, S, MIN */
196199

197200
#defineGUC_NOT_WHILE_SEC_REST0x8000/* can't set if security restricted */
198-
#defineGUC_DISALLOW_IN_AUTO_FILE0x00010000/* can't set in PG_AUTOCONF_FILENAME */
201+
#defineGUC_DISALLOW_IN_AUTO_FILE0x00010000/* can't set in
202+
* PG_AUTOCONF_FILENAME */
199203

200204
/* GUC vars that are actually declared in guc.c, rather than elsewhere */
201205
externboollog_duration;

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp