1 /*-------------------------------------------------------------------------
5 * The system logger (syslogger) is new in Postgres 8.0. It catches all
6 * stderr output from the postmaster, backends, and other subprocesses
7 * by redirecting to a pipe, and writes it to a set of logfiles.
8 * It's possible to have size and age limits for the logfile configured
9 * in postgresql.conf. If these limits are reached or passed, the
10 * current logfile is closed and a new one is created (rotated).
11 * The logfiles are stored in a subdirectory (configurable in
12 * postgresql.conf), using an internal naming scheme that mangles
13 * creation time and current postmaster pid.
15 * Author: Andreas Pflug <pgadmin@pse-consulting.de>
17 * Copyright (c) 2004-2010, PostgreSQL Global Development Group
21 * src/backend/postmaster/syslogger.c
23 *-------------------------------------------------------------------------
34 #include "lib/stringinfo.h"
35 #include "libpq/pqsignal.h"
36 #include "miscadmin.h"
38 #include "postmaster/fork_process.h"
39 #include "postmaster/postmaster.h"
40 #include "postmaster/syslogger.h"
41 #include "storage/ipc.h"
42 #include "storage/pg_shmem.h"
43 #include "utils/guc.h"
44 #include "utils/ps_status.h"
45 #include "utils/timestamp.h"
48 * We really want line-buffered mode for logfile output, but Windows does
49 * not have it, and interprets _IOLBF as _IOFBF (bozos). So use _IONBF
53 #define LBF_MODE _IONBF
55 #define LBF_MODE _IOLBF
59 * We read() into a temp buffer twice as big as a chunk, so that any fragment
60 * left after processing can be moved down to the front and we'll still have
61 * room to read a full chunk.
63 #define READ_BUF_SIZE (2 * PIPE_CHUNK_SIZE)
67 * GUC parameters. Logging_collector cannot be changed after postmaster
68 * start, but the rest can change at SIGHUP.
70 bool Logging_collector = false;
71 int Log_RotationAge = HOURS_PER_DAY * MINS_PER_HOUR;
72 int Log_RotationSize = 10 * 1024;
73 char *Log_directory = NULL;
74 char *Log_filename = NULL;
75 bool Log_truncate_on_rotation = false;
76 int Log_file_mode = 0600;
79 * Globally visible state (used by elog.c)
81 bool am_syslogger = false;
83 extern bool redirection_done;
88 static pg_time_t next_rotation_time;
89 static bool pipe_eof_seen = false;
90 static FILE *syslogFile = NULL;
91 static FILE *csvlogFile = NULL;
92 static char *last_file_name = NULL;
93 static char *last_csv_file_name = NULL;
96 * Buffers for saving partial messages from different backends. We don't expect
97 * that there will be very many outstanding at one time, so 20 seems plenty of
98 * leeway. If this array gets full we won't lose messages, but we will lose
99 * the protocol protection against them being partially written or interleaved.
101 * An inactive buffer has pid == 0 and undefined contents of data.
105 int32 pid; /* PID of source process */
106 StringInfoData data; /* accumulated data, as a StringInfo */
109 #define CHUNK_SLOTS 20
110 static save_buffer saved_chunks[CHUNK_SLOTS];
112 /* These must be exported for EXEC_BACKEND case ... annoying */
114 int syslogPipe[2] = {-1, -1};
116 HANDLE syslogPipe[2] = {0, 0};
120 static HANDLE threadHandle = 0;
121 static CRITICAL_SECTION sysloggerSection;
125 * Flags set by interrupt handlers for later service in the main loop.
127 static volatile sig_atomic_t got_SIGHUP = false;
128 static volatile sig_atomic_t rotation_requested = false;
131 /* Local subroutines */
133 static pid_t syslogger_forkexec(void);
134 static void syslogger_parseArgs(int argc, char *argv[]);
136 static void process_pipe_input(char *logbuffer, int *bytes_in_logbuffer);
137 static void flush_pipe_input(char *logbuffer, int *bytes_in_logbuffer);
138 static void open_csvlogfile(void);
139 static FILE *logfile_open(const char *filename, const char *mode,
143 static unsigned int __stdcall pipeThread(void *arg);
145 static void logfile_rotate(bool time_based_rotation, int size_rotation_for);
146 static char *logfile_getname(pg_time_t timestamp, const char *suffix);
147 static void set_next_rotation_time(void);
148 static void sigHupHandler(SIGNAL_ARGS);
149 static void sigUsr1Handler(SIGNAL_ARGS);
153 * Main entry point for syslogger process
154 * argc/argv parameters are valid only in EXEC_BACKEND case.
157 SysLoggerMain(int argc, char *argv[])
160 char logbuffer[READ_BUF_SIZE];
161 int bytes_in_logbuffer = 0;
164 char *currentLogFilename;
165 int currentLogRotationAge;
167 IsUnderPostmaster = true; /* we are a postmaster subprocess now */
169 MyProcPid = getpid(); /* reset MyProcPid */
171 MyStartTime = time(NULL); /* set our start time in case we call elog */
174 syslogger_parseArgs(argc, argv);
175 #endif /* EXEC_BACKEND */
179 init_ps_display("logger process", "", "", "");
182 * If we restarted, our stderr is already redirected into our own input
183 * pipe. This is of course pretty useless, not to mention that it
184 * interferes with detecting pipe EOF. Point stderr to /dev/null. This
185 * assumes that all interesting messages generated in the syslogger will
186 * come through elog.c and will be sent to write_syslogger_file.
188 if (redirection_done)
190 int fd = open(DEVNULL, O_WRONLY, 0);
193 * The closes might look redundant, but they are not: we want to be
194 * darn sure the pipe gets closed even if the open failed. We can
195 * survive running with stderr pointing nowhere, but we can't afford
196 * to have extra pipe input descriptors hanging around.
198 close(fileno(stdout));
199 close(fileno(stderr));
202 dup2(fd, fileno(stdout));
203 dup2(fd, fileno(stderr));
209 * Syslogger's own stderr can't be the syslogPipe, so set it back to text
210 * mode if we didn't just close it. (It was set to binary in
211 * SubPostmasterMain).
215 _setmode(_fileno(stderr), _O_TEXT);
219 * Also close our copy of the write end of the pipe. This is needed to
220 * ensure we can detect pipe EOF correctly. (But note that in the restart
221 * case, the postmaster already did this.)
224 if (syslogPipe[1] >= 0)
225 close(syslogPipe[1]);
229 CloseHandle(syslogPipe[1]);
234 * If possible, make this process a group leader, so that the postmaster
235 * can signal any child processes too. (syslogger probably never has any
236 * child processes, but for consistency we make all postmaster child
237 * processes do this.)
241 elog(FATAL, "setsid() failed: %m");
245 * Properly accept or ignore signals the postmaster might send us
247 * Note: we ignore all termination signals, and instead exit only when all
248 * upstream processes are gone, to ensure we don't miss any dying gasps of
252 pqsignal(SIGHUP, sigHupHandler); /* set flag to read config file */
253 pqsignal(SIGINT, SIG_IGN);
254 pqsignal(SIGTERM, SIG_IGN);
255 pqsignal(SIGQUIT, SIG_IGN);
256 pqsignal(SIGALRM, SIG_IGN);
257 pqsignal(SIGPIPE, SIG_IGN);
258 pqsignal(SIGUSR1, sigUsr1Handler); /* request log rotation */
259 pqsignal(SIGUSR2, SIG_IGN);
262 * Reset some signals that are accepted by postmaster but not here
264 pqsignal(SIGCHLD, SIG_DFL);
265 pqsignal(SIGTTIN, SIG_DFL);
266 pqsignal(SIGTTOU, SIG_DFL);
267 pqsignal(SIGCONT, SIG_DFL);
268 pqsignal(SIGWINCH, SIG_DFL);
270 PG_SETMASK(&UnBlockSig);
273 /* Fire up separate data transfer thread */
274 InitializeCriticalSection(&sysloggerSection);
275 EnterCriticalSection(&sysloggerSection);
277 threadHandle = (HANDLE) _beginthreadex(NULL, 0, pipeThread, NULL, 0, NULL);
278 if (threadHandle == 0)
279 elog(FATAL, "could not create syslogger data transfer thread: %m");
282 /* remember active logfile parameters */
283 currentLogDir = pstrdup(Log_directory);
284 currentLogFilename = pstrdup(Log_filename);
285 currentLogRotationAge = Log_RotationAge;
286 /* set next planned rotation time */
287 set_next_rotation_time();
289 /* main worker loop */
292 bool time_based_rotation = false;
293 int size_rotation_for = 0;
299 struct timeval timeout;
305 ProcessConfigFile(PGC_SIGHUP);
308 * Check if the log directory or filename pattern changed in
309 * postgresql.conf. If so, force rotation to make sure we're
310 * writing the logfiles in the right place.
312 if (strcmp(Log_directory, currentLogDir) != 0)
314 pfree(currentLogDir);
315 currentLogDir = pstrdup(Log_directory);
316 rotation_requested = true;
318 if (strcmp(Log_filename, currentLogFilename) != 0)
320 pfree(currentLogFilename);
321 currentLogFilename = pstrdup(Log_filename);
322 rotation_requested = true;
326 * If rotation time parameter changed, reset next rotation time,
327 * but don't immediately force a rotation.
329 if (currentLogRotationAge != Log_RotationAge)
331 currentLogRotationAge = Log_RotationAge;
332 set_next_rotation_time();
336 if (!rotation_requested && Log_RotationAge > 0)
338 /* Do a logfile rotation if it's time */
339 pg_time_t now = (pg_time_t) time(NULL);
341 if (now >= next_rotation_time)
342 rotation_requested = time_based_rotation = true;
345 if (!rotation_requested && Log_RotationSize > 0)
347 /* Do a rotation if file is too big */
348 if (ftell(syslogFile) >= Log_RotationSize * 1024L)
350 rotation_requested = true;
351 size_rotation_for |= LOG_DESTINATION_STDERR;
353 if (csvlogFile != NULL &&
354 ftell(csvlogFile) >= Log_RotationSize * 1024L)
356 rotation_requested = true;
357 size_rotation_for |= LOG_DESTINATION_CSVLOG;
361 if (rotation_requested)
364 * Force rotation when both values are zero. It means the request
365 * was sent by pg_rotate_logfile.
367 if (!time_based_rotation && size_rotation_for == 0)
368 size_rotation_for = LOG_DESTINATION_STDERR | LOG_DESTINATION_CSVLOG;
369 logfile_rotate(time_based_rotation, size_rotation_for);
375 * Wait for some data, timing out after 1 second
378 FD_SET(syslogPipe[0], &rfds);
383 rc = select(syslogPipe[0] + 1, &rfds, NULL, NULL, &timeout);
389 (errcode_for_socket_access(),
390 errmsg("select() failed in logger process: %m")));
392 else if (rc > 0 && FD_ISSET(syslogPipe[0], &rfds))
394 bytesRead = piperead(syslogPipe[0],
395 logbuffer + bytes_in_logbuffer,
396 sizeof(logbuffer) - bytes_in_logbuffer);
401 (errcode_for_socket_access(),
402 errmsg("could not read from logger pipe: %m")));
404 else if (bytesRead > 0)
406 bytes_in_logbuffer += bytesRead;
407 process_pipe_input(logbuffer, &bytes_in_logbuffer);
413 * Zero bytes read when select() is saying read-ready means
414 * EOF on the pipe: that is, there are no longer any processes
415 * with the pipe write end open. Therefore, the postmaster
416 * and all backends are shut down, and we are done.
418 pipe_eof_seen = true;
420 /* if there's any data left then force it out now */
421 flush_pipe_input(logbuffer, &bytes_in_logbuffer);
427 * On Windows we leave it to a separate thread to transfer data and
428 * detect pipe EOF. The main thread just wakes up once a second to
429 * check for SIGHUP and rotation conditions.
431 * Server code isn't generally thread-safe, so we ensure that only one
432 * of the threads is active at a time by entering the critical section
433 * whenever we're not sleeping.
435 LeaveCriticalSection(&sysloggerSection);
439 EnterCriticalSection(&sysloggerSection);
445 * seeing this message on the real stderr is annoying - so we make
446 * it DEBUG1 to suppress in normal use.
449 (errmsg("logger shutting down")));
452 * Normal exit from the syslogger is here. Note that we
453 * deliberately do not close syslogFile before exiting; this is to
454 * allow for the possibility of elog messages being generated
455 * inside proc_exit. Regular exit() will take care of flushing
456 * and closing stdio channels.
464 * Postmaster subroutine to start a syslogger subprocess.
467 SysLogger_Start(void)
472 if (!Logging_collector)
476 * If first time through, create the pipe which will receive stderr
479 * If the syslogger crashes and needs to be restarted, we continue to use
480 * the same pipe (indeed must do so, since extant backends will be writing
483 * This means the postmaster must continue to hold the read end of the
484 * pipe open, so we can pass it down to the reincarnated syslogger. This
485 * is a bit klugy but we have little choice.
488 if (syslogPipe[0] < 0)
490 if (pgpipe(syslogPipe) < 0)
492 (errcode_for_socket_access(),
493 (errmsg("could not create pipe for syslog: %m"))));
498 SECURITY_ATTRIBUTES sa;
500 memset(&sa, 0, sizeof(SECURITY_ATTRIBUTES));
501 sa.nLength = sizeof(SECURITY_ATTRIBUTES);
502 sa.bInheritHandle = TRUE;
504 if (!CreatePipe(&syslogPipe[0], &syslogPipe[1], &sa, 32768))
506 (errcode_for_file_access(),
507 (errmsg("could not create pipe for syslog: %m"))));
512 * Create log directory if not present; ignore errors
514 mkdir(Log_directory, 0700);
517 * The initial logfile is created right in the postmaster, to verify that
518 * the Log_directory is writable.
520 filename = logfile_getname(time(NULL), NULL);
522 syslogFile = logfile_open(filename, "a", false);
527 switch ((sysloggerPid = syslogger_forkexec()))
529 switch ((sysloggerPid = fork_process()))
534 (errmsg("could not fork system logger: %m")));
539 /* in postmaster child ... */
540 /* Close the postmaster's sockets */
541 ClosePostmasterPorts(true);
543 /* Lose the postmaster's on-exit routines */
546 /* Drop our connection to postmaster's shared memory, as well */
547 PGSharedMemoryDetach();
550 SysLoggerMain(0, NULL);
555 /* success, in postmaster */
557 /* now we redirect stderr, if not done already */
558 if (!redirection_done)
562 if (dup2(syslogPipe[1], fileno(stdout)) < 0)
564 (errcode_for_file_access(),
565 errmsg("could not redirect stdout: %m")));
567 if (dup2(syslogPipe[1], fileno(stderr)) < 0)
569 (errcode_for_file_access(),
570 errmsg("could not redirect stderr: %m")));
571 /* Now we are done with the write end of the pipe. */
572 close(syslogPipe[1]);
578 * open the pipe in binary mode and make sure stderr is binary
579 * after it's been dup'ed into, to avoid disturbing the pipe
583 fd = _open_osfhandle((intptr_t) syslogPipe[1],
584 _O_APPEND | _O_BINARY);
585 if (dup2(fd, _fileno(stderr)) < 0)
587 (errcode_for_file_access(),
588 errmsg("could not redirect stderr: %m")));
590 _setmode(_fileno(stderr), _O_BINARY);
591 /* Now we are done with the write end of the pipe. */
592 CloseHandle(syslogPipe[1]);
595 redirection_done = true;
598 /* postmaster will never write the file; close it */
601 return (int) sysloggerPid;
604 /* we should never reach here */
612 * syslogger_forkexec() -
614 * Format up the arglist for, then fork and exec, a syslogger process
617 syslogger_forkexec(void)
623 av[ac++] = "postgres";
624 av[ac++] = "--forklog";
625 av[ac++] = NULL; /* filled in by postmaster_forkexec */
627 /* static variables (those not passed by write_backend_variables) */
629 if (syslogFile != NULL)
630 snprintf(filenobuf, sizeof(filenobuf), "%d",
633 strcpy(filenobuf, "-1");
635 if (syslogFile != NULL)
636 snprintf(filenobuf, sizeof(filenobuf), "%ld",
637 _get_osfhandle(_fileno(syslogFile)));
639 strcpy(filenobuf, "0");
641 av[ac++] = filenobuf;
644 Assert(ac < lengthof(av));
646 return postmaster_forkexec(ac, av);
650 * syslogger_parseArgs() -
652 * Extract data from the arglist for exec'ed syslogger process
655 syslogger_parseArgs(int argc, char *argv[])
666 syslogFile = fdopen(fd, "a");
667 setvbuf(syslogFile, NULL, LBF_MODE, 0);
673 fd = _open_osfhandle(fd, _O_APPEND | _O_TEXT);
676 syslogFile = fdopen(fd, "a");
677 setvbuf(syslogFile, NULL, LBF_MODE, 0);
682 #endif /* EXEC_BACKEND */
685 /* --------------------------------
686 * pipe protocol handling
687 * --------------------------------
691 * Process data received through the syslogger pipe.
693 * This routine interprets the log pipe protocol which sends log messages as
694 * (hopefully atomic) chunks - such chunks are detected and reassembled here.
696 * The protocol has a header that starts with two nul bytes, then has a 16 bit
697 * length, the pid of the sending process, and a flag to indicate if it is
698 * the last chunk in a message. Incomplete chunks are saved until we read some
699 * more, and non-final chunks are accumulated until we get the final chunk.
701 * All of this is to avoid 2 problems:
702 * . partial messages being written to logfiles (messes rotation), and
703 * . messages from different backends being interleaved (messages garbled).
705 * Any non-protocol messages are written out directly. These should only come
706 * from non-PostgreSQL sources, however (e.g. third party libraries writing to
709 * logbuffer is the data input buffer, and *bytes_in_logbuffer is the number
710 * of bytes present. On exit, any not-yet-eaten data is left-justified in
711 * logbuffer, and *bytes_in_logbuffer is updated.
714 process_pipe_input(char *logbuffer, int *bytes_in_logbuffer)
716 char *cursor = logbuffer;
717 int count = *bytes_in_logbuffer;
718 int dest = LOG_DESTINATION_STDERR;
720 /* While we have enough for a header, process data... */
721 while (count >= (int) sizeof(PipeProtoHeader))
726 /* Do we have a valid header? */
727 memcpy(&p, cursor, sizeof(PipeProtoHeader));
728 if (p.nuls[0] == '\0' && p.nuls[1] == '\0' &&
729 p.len > 0 && p.len <= PIPE_MAX_PAYLOAD &&
731 (p.is_last == 't' || p.is_last == 'f' ||
732 p.is_last == 'T' || p.is_last == 'F'))
734 chunklen = PIPE_HEADER_SIZE + p.len;
736 /* Fall out of loop if we don't have the whole chunk yet */
737 if (count < chunklen)
740 dest = (p.is_last == 'T' || p.is_last == 'F') ?
741 LOG_DESTINATION_CSVLOG : LOG_DESTINATION_STDERR;
743 if (p.is_last == 'f' || p.is_last == 'F')
746 * Save a complete non-final chunk in the per-pid buffer if
747 * possible - if not just write it out.
754 for (i = 0; i < CHUNK_SLOTS; i++)
756 if (saved_chunks[i].pid == p.pid)
761 if (free_slot < 0 && saved_chunks[i].pid == 0)
764 if (existing_slot >= 0)
766 str = &(saved_chunks[existing_slot].data);
767 appendBinaryStringInfo(str,
768 cursor + PIPE_HEADER_SIZE,
771 else if (free_slot >= 0)
773 saved_chunks[free_slot].pid = p.pid;
774 str = &(saved_chunks[free_slot].data);
776 appendBinaryStringInfo(str,
777 cursor + PIPE_HEADER_SIZE,
783 * If there is no free slot we'll just have to take our
784 * chances and write out a partial message and hope that
785 * it's not followed by something from another pid.
787 write_syslogger_file(cursor + PIPE_HEADER_SIZE, p.len,
794 * Final chunk --- add it to anything saved for that pid, and
795 * either way write the whole thing out.
797 int existing_slot = -1;
801 for (i = 0; i < CHUNK_SLOTS; i++)
803 if (saved_chunks[i].pid == p.pid)
809 if (existing_slot >= 0)
811 str = &(saved_chunks[existing_slot].data);
812 appendBinaryStringInfo(str,
813 cursor + PIPE_HEADER_SIZE,
815 write_syslogger_file(str->data, str->len, dest);
816 saved_chunks[existing_slot].pid = 0;
821 /* The whole message was one chunk, evidently. */
822 write_syslogger_file(cursor + PIPE_HEADER_SIZE, p.len,
827 /* Finished processing this chunk */
833 /* Process non-protocol data */
836 * Look for the start of a protocol header. If found, dump data
837 * up to there and repeat the loop. Otherwise, dump it all and
838 * fall out of the loop. (Note: we want to dump it all if at all
839 * possible, so as to avoid dividing non-protocol messages across
840 * logfiles. We expect that in many scenarios, a non-protocol
841 * message will arrive all in one read(), and we want to respect
842 * the read() boundary if possible.)
844 for (chunklen = 1; chunklen < count; chunklen++)
846 if (cursor[chunklen] == '\0')
849 /* fall back on the stderr log as the destination */
850 write_syslogger_file(cursor, chunklen, LOG_DESTINATION_STDERR);
856 /* We don't have a full chunk, so left-align what remains in the buffer */
857 if (count > 0 && cursor != logbuffer)
858 memmove(logbuffer, cursor, count);
859 *bytes_in_logbuffer = count;
863 * Force out any buffered data
865 * This is currently used only at syslogger shutdown, but could perhaps be
866 * useful at other times, so it is careful to leave things in a clean state.
869 flush_pipe_input(char *logbuffer, int *bytes_in_logbuffer)
874 /* Dump any incomplete protocol messages */
875 for (i = 0; i < CHUNK_SLOTS; i++)
877 if (saved_chunks[i].pid != 0)
879 str = &(saved_chunks[i].data);
880 write_syslogger_file(str->data, str->len, LOG_DESTINATION_STDERR);
881 saved_chunks[i].pid = 0;
887 * Force out any remaining pipe data as-is; we don't bother trying to
888 * remove any protocol headers that may exist in it.
890 if (*bytes_in_logbuffer > 0)
891 write_syslogger_file(logbuffer, *bytes_in_logbuffer,
892 LOG_DESTINATION_STDERR);
893 *bytes_in_logbuffer = 0;
897 /* --------------------------------
899 * --------------------------------
903 * Write text to the currently open logfile
905 * This is exported so that elog.c can call it when am_syslogger is true.
906 * This allows the syslogger process to record elog messages of its own,
907 * even though its stderr does not point at the syslog pipe.
910 write_syslogger_file(const char *buffer, int count, int destination)
915 if (destination == LOG_DESTINATION_CSVLOG && csvlogFile == NULL)
918 logfile = destination == LOG_DESTINATION_CSVLOG ? csvlogFile : syslogFile;
919 rc = fwrite(buffer, 1, count, logfile);
921 /* can't use ereport here because of possible recursion */
923 write_stderr("could not write to log file: %s\n", strerror(errno));
929 * Worker thread to transfer data from the pipe to the current logfile.
931 * We need this because on Windows, WaitForSingleObject does not work on
932 * unnamed pipes: it always reports "signaled", so the blocking ReadFile won't
933 * allow for SIGHUP; and select is for sockets only.
935 static unsigned int __stdcall
936 pipeThread(void *arg)
938 char logbuffer[READ_BUF_SIZE];
939 int bytes_in_logbuffer = 0;
946 result = ReadFile(syslogPipe[0],
947 logbuffer + bytes_in_logbuffer,
948 sizeof(logbuffer) - bytes_in_logbuffer,
952 * Enter critical section before doing anything that might touch
953 * global state shared by the main thread. Anything that uses
954 * palloc()/pfree() in particular are not safe outside the critical
957 EnterCriticalSection(&sysloggerSection);
960 DWORD error = GetLastError();
962 if (error == ERROR_HANDLE_EOF ||
963 error == ERROR_BROKEN_PIPE)
967 (errcode_for_file_access(),
968 errmsg("could not read from logger pipe: %m")));
970 else if (bytesRead > 0)
972 bytes_in_logbuffer += bytesRead;
973 process_pipe_input(logbuffer, &bytes_in_logbuffer);
975 LeaveCriticalSection(&sysloggerSection);
978 /* We exit the above loop only upon detecting pipe EOF */
979 pipe_eof_seen = true;
981 /* if there's any data left then force it out now */
982 flush_pipe_input(logbuffer, &bytes_in_logbuffer);
984 LeaveCriticalSection(&sysloggerSection);
991 * open the csv log file - we do this opportunistically, because
992 * we don't know if CSV logging will be wanted.
995 open_csvlogfile(void)
999 filename = logfile_getname(time(NULL), ".csv");
1001 csvlogFile = logfile_open(filename, "a", false);
1007 * Open a new logfile with proper permissions and buffering options.
1009 * If allow_errors is true, we just log any open failure and return NULL
1010 * (with errno still correct for the fopen failure).
1011 * Otherwise, errors are treated as fatal.
1014 logfile_open(const char *filename, const char *mode, bool allow_errors)
1020 * Note we do not let Log_file_mode disable IWUSR, since we certainly
1021 * want to be able to write the files ourselves.
1023 oumask = umask((mode_t) ((~(Log_file_mode | S_IWUSR)) & 0777));
1024 fh = fopen(filename, mode);
1029 setvbuf(fh, NULL, LBF_MODE, 0);
1032 /* use CRLF line endings on Windows */
1033 _setmode(_fileno(fh), _O_TEXT);
1038 int save_errno = errno;
1040 ereport(allow_errors ? LOG : FATAL,
1041 (errcode_for_file_access(),
1042 errmsg("could not open log file \"%s\": %m",
1051 * perform logfile rotation
1054 logfile_rotate(bool time_based_rotation, int size_rotation_for)
1057 char *csvfilename = NULL;
1061 rotation_requested = false;
1064 * When doing a time-based rotation, invent the new logfile name based on
1065 * the planned rotation time, not current time, to avoid "slippage" in the
1066 * file name when we don't do the rotation immediately.
1068 if (time_based_rotation)
1069 fntime = next_rotation_time;
1071 fntime = time(NULL);
1072 filename = logfile_getname(fntime, NULL);
1073 if (csvlogFile != NULL)
1074 csvfilename = logfile_getname(fntime, ".csv");
1077 * Decide whether to overwrite or append. We can overwrite if (a)
1078 * Log_truncate_on_rotation is set, (b) the rotation was triggered by
1079 * elapsed time and not something else, and (c) the computed file name is
1080 * different from what we were previously logging into.
1082 * Note: during the first rotation after forking off from the postmaster,
1083 * last_file_name will be NULL. (We don't bother to set it in the
1084 * postmaster because it ain't gonna work in the EXEC_BACKEND case.) So we
1085 * will always append in that situation, even though truncating would
1088 * For consistency, we treat CSV logs the same even though they aren't
1089 * opened in the postmaster.
1091 if (time_based_rotation || (size_rotation_for & LOG_DESTINATION_STDERR))
1093 if (Log_truncate_on_rotation && time_based_rotation &&
1094 last_file_name != NULL &&
1095 strcmp(filename, last_file_name) != 0)
1096 fh = logfile_open(filename, "w", true);
1098 fh = logfile_open(filename, "a", true);
1103 * ENFILE/EMFILE are not too surprising on a busy system; just
1104 * keep using the old file till we manage to get a new one.
1105 * Otherwise, assume something's wrong with Log_directory and stop
1106 * trying to create files.
1108 if (errno != ENFILE && errno != EMFILE)
1111 (errmsg("disabling automatic rotation (use SIGHUP to re-enable)")));
1112 Log_RotationAge = 0;
1113 Log_RotationSize = 0;
1126 /* instead of pfree'ing filename, remember it for next time */
1127 if (last_file_name != NULL)
1128 pfree(last_file_name);
1129 last_file_name = filename;
1133 /* Same as above, but for csv file. */
1135 if (csvlogFile != NULL &&
1136 (time_based_rotation || (size_rotation_for & LOG_DESTINATION_CSVLOG)))
1138 if (Log_truncate_on_rotation && time_based_rotation &&
1139 last_csv_file_name != NULL &&
1140 strcmp(csvfilename, last_csv_file_name) != 0)
1141 fh = logfile_open(csvfilename, "w", true);
1143 fh = logfile_open(csvfilename, "a", true);
1148 * ENFILE/EMFILE are not too surprising on a busy system; just
1149 * keep using the old file till we manage to get a new one.
1150 * Otherwise, assume something's wrong with Log_directory and stop
1151 * trying to create files.
1153 if (errno != ENFILE && errno != EMFILE)
1156 (errmsg("disabling automatic rotation (use SIGHUP to re-enable)")));
1157 Log_RotationAge = 0;
1158 Log_RotationSize = 0;
1171 /* instead of pfree'ing filename, remember it for next time */
1172 if (last_csv_file_name != NULL)
1173 pfree(last_csv_file_name);
1174 last_csv_file_name = csvfilename;
1183 set_next_rotation_time();
1188 * construct logfile name using timestamp information
1190 * If suffix isn't NULL, append it to the name, replacing any ".log"
1191 * that may be in the pattern.
1193 * Result is palloc'd.
1196 logfile_getname(pg_time_t timestamp, const char *suffix)
1201 filename = palloc(MAXPGPATH);
1203 snprintf(filename, MAXPGPATH, "%s/", Log_directory);
1205 len = strlen(filename);
1207 /* treat Log_filename as a strftime pattern */
1208 pg_strftime(filename + len, MAXPGPATH - len, Log_filename,
1209 pg_localtime(×tamp, log_timezone));
1213 len = strlen(filename);
1214 if (len > 4 && (strcmp(filename + (len - 4), ".log") == 0))
1216 strlcpy(filename + len, suffix, MAXPGPATH - len);
1223 * Determine the next planned rotation time, and store in next_rotation_time.
1226 set_next_rotation_time(void)
1232 /* nothing to do if time-based rotation is disabled */
1233 if (Log_RotationAge <= 0)
1237 * The requirements here are to choose the next time > now that is a
1238 * "multiple" of the log rotation interval. "Multiple" can be interpreted
1239 * fairly loosely. In this version we align to log_timezone rather than
1242 rotinterval = Log_RotationAge * SECS_PER_MINUTE; /* convert to seconds */
1243 now = (pg_time_t) time(NULL);
1244 tm = pg_localtime(&now, log_timezone);
1245 now += tm->tm_gmtoff;
1246 now -= now % rotinterval;
1248 now -= tm->tm_gmtoff;
1249 next_rotation_time = now;
1252 /* --------------------------------
1253 * signal handler routines
1254 * --------------------------------
1257 /* SIGHUP: set flag to reload config file */
1259 sigHupHandler(SIGNAL_ARGS)
1264 /* SIGUSR1: set flag to rotate logfile */
1266 sigUsr1Handler(SIGNAL_ARGS)
1268 rotation_requested = true;