* Written by Peter Eisentraut <peter_e@gmx.net>.
*
* IDENTIFICATION
- * $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.245 2004/10/17 22:01:51 tgl Exp $
+ * $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.246 2004/10/22 19:48:19 tgl Exp $
*
*--------------------------------------------------------------------
*/
gettext_noop("If a dynamically loadable module needs to be opened and "
"the specified name does not have a directory component (i.e., the "
"name does not contain a slash), the system will search this path for "
- "the specified file.")
+ "the specified file."),
+ GUC_SUPERUSER_ONLY
},
&Dynamic_library_path,
"$libdir", NULL, NULL
{
{"krb_server_keyfile", PGC_POSTMASTER, CONN_AUTH_SECURITY,
gettext_noop("Sets the location of the Kerberos server key file."),
- NULL
+ NULL,
+ GUC_SUPERUSER_ONLY
},
&pg_krb_server_keyfile,
PG_KRB_SRVTAB, NULL, NULL
{"preload_libraries", PGC_POSTMASTER, RESOURCES_KERNEL,
gettext_noop("Lists shared libraries to preload into server."),
NULL,
- GUC_LIST_INPUT | GUC_LIST_QUOTE
+ GUC_LIST_INPUT | GUC_LIST_QUOTE | GUC_SUPERUSER_ONLY
},
&preload_libraries_string,
"", NULL, NULL
{"log_directory", PGC_SIGHUP, LOGGING_WHERE,
gettext_noop("Sets the destination directory for log files."),
gettext_noop("May be specified as relative to the data directory "
- "or as absolute path.")
+ "or as absolute path."),
+ GUC_SUPERUSER_ONLY
},
&Log_directory,
"pg_log", assign_canonical_path, NULL
{
{"log_filename", PGC_SIGHUP, LOGGING_WHERE,
gettext_noop("Sets the file name pattern for log files."),
- NULL
+ NULL,
+ GUC_SUPERUSER_ONLY
},
&Log_filename,
"postgresql-%Y-%m-%d_%H%M%S.log", NULL, NULL
{
{"unix_socket_directory", PGC_POSTMASTER, CONN_AUTH_SETTINGS,
gettext_noop("Sets the directory where the Unix-domain socket will be created."),
- NULL
+ NULL,
+ GUC_SUPERUSER_ONLY
},
&UnixSocketDir,
"", assign_canonical_path, NULL
{
{"custom_variable_classes", PGC_POSTMASTER, RESOURCES_KERNEL,
- gettext_noop("Sets the list of known custom variable classes"),
+ gettext_noop("Sets the list of known custom variable classes."),
NULL,
GUC_LIST_INPUT | GUC_LIST_QUOTE
},
{
{"data_directory", PGC_POSTMASTER, FILE_LOCATIONS,
gettext_noop("Sets the server's data directory."),
- NULL
+ NULL,
+ GUC_SUPERUSER_ONLY
},
&data_directory,
NULL, NULL, NULL
{"config_file", PGC_POSTMASTER, FILE_LOCATIONS,
gettext_noop("Sets the server's main configuration file."),
NULL,
- GUC_DISALLOW_IN_FILE
+ GUC_DISALLOW_IN_FILE | GUC_SUPERUSER_ONLY
},
&ConfigFileName,
NULL, NULL, NULL
{
{"hba_file", PGC_POSTMASTER, FILE_LOCATIONS,
gettext_noop("Sets the server's \"hba\" configuration file"),
- NULL
+ NULL,
+ GUC_SUPERUSER_ONLY
},
&HbaFileName,
NULL, NULL, NULL
{
{"ident_file", PGC_POSTMASTER, FILE_LOCATIONS,
gettext_noop("Sets the server's \"ident\" configuration file"),
- NULL
+ NULL,
+ GUC_SUPERUSER_ONLY
},
&IdentFileName,
NULL, NULL, NULL
{
{"external_pid_file", PGC_POSTMASTER, FILE_LOCATIONS,
gettext_noop("Writes the postmaster PID to the specified file."),
- NULL
+ NULL,
+ GUC_SUPERUSER_ONLY
},
&external_pid_file,
NULL, assign_canonical_path, NULL
static int guc_name_compare(const char *namea, const char *nameb);
static void push_old_value(struct config_generic * gconf);
static void ReportGUCOption(struct config_generic * record);
+static void ShowGUCConfigOption(const char *name, DestReceiver *dest);
+static void ShowAllGUCConfig(DestReceiver *dest);
static char *_ShowOption(struct config_generic * record);
static bool check_userlimit_privilege(struct config_generic *record,
GucSource source, int elevel);
ereport(ERROR,
(errcode(ERRCODE_UNDEFINED_OBJECT),
errmsg("unrecognized configuration parameter \"%s\"", name)));
+ if ((record->flags & GUC_SUPERUSER_ONLY) && !superuser())
+ ereport(ERROR,
+ (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+ errmsg("must be superuser to examine \"%s\"", name)));
switch (record->vartype)
{
ereport(ERROR,
(errcode(ERRCODE_UNDEFINED_OBJECT),
errmsg("unrecognized configuration parameter \"%s\"", name)));
+ if ((record->flags & GUC_SUPERUSER_ONLY) && !superuser())
+ ereport(ERROR,
+ (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+ errmsg("must be superuser to examine \"%s\"", name)));
switch (record->vartype)
{
}
static void
-init_custom_variable(
- struct config_generic * gen,
+init_custom_variable(struct config_generic * gen,
const char *name,
const char *short_desc,
const char *long_desc,
/*
* SHOW command
*/
-void
+static void
ShowGUCConfigOption(const char *name, DestReceiver *dest)
{
TupOutputState *tstate;
/*
* SHOW ALL command
*/
-void
+static void
ShowAllGUCConfig(DestReceiver *dest)
{
+ bool am_superuser = superuser();
int i;
TupOutputState *tstate;
TupleDesc tupdesc;
{
struct config_generic *conf = guc_variables[i];
- if (conf->flags & GUC_NO_SHOW_ALL)
+ if ((conf->flags & GUC_NO_SHOW_ALL) ||
+ ((conf->flags & GUC_SUPERUSER_ONLY) && !am_superuser))
continue;
/* assign to the values array */
ereport(ERROR,
(errcode(ERRCODE_UNDEFINED_OBJECT),
errmsg("unrecognized configuration parameter \"%s\"", name)));
+ if ((record->flags & GUC_SUPERUSER_ONLY) && !superuser())
+ ereport(ERROR,
+ (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+ errmsg("must be superuser to examine \"%s\"", name)));
if (varname)
*varname = record->name;
conf = guc_variables[varnum];
if (noshow)
- *noshow = (conf->flags & GUC_NO_SHOW_ALL) ? true : false;
+ {
+ if ((conf->flags & GUC_NO_SHOW_ALL) ||
+ ((conf->flags & GUC_SUPERUSER_ONLY) && !superuser()))
+ *noshow = true;
+ else
+ *noshow = false;
+ }
/* first get the generic attributes */
projects / postgresql / commitdiff