From: Bruce Momjian Date: Sat, 16 May 2015 04:10:03 +0000 (-0400) Subject: pg_upgrade: only allow template0 to be non-connectable X-Git-Tag: REL9_2_11~17 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=2a55e713431abf688e656144a4babc6ee5563ffb;p=postgresql pg_upgrade: only allow template0 to be non-connectable This patch causes pg_upgrade to error out during its check phase if: (1) template0 is marked connectable or (2) any other database is marked non-connectable This is done because, in the first case, pg_upgrade would fail because the pg_dumpall --globals restore would fail, and in the second case, the database would not be restored, leading to data loss. Report by Matt Landry (1), Stephen Frost (2) Backpatch through 9.0 --- diff --git a/contrib/pg_upgrade/check.c b/contrib/pg_upgrade/check.c index 74ad12364e..7c4f2b98bb 100644 --- a/contrib/pg_upgrade/check.c +++ b/contrib/pg_upgrade/check.c @@ -20,6 +20,7 @@ static void check_locale_and_encoding(ControlData *oldctrl, static bool equivalent_locale(int category, const char *loca, const char *locb); static bool equivalent_encoding(const char *chara, const char *charb); static void check_is_super_user(ClusterInfo *cluster); +static void check_proper_datallowconn(ClusterInfo *cluster); static void check_for_prepared_transactions(ClusterInfo *cluster); static void check_for_isn_and_int8_passing_mismatch(ClusterInfo *cluster); static void check_for_reg_data_type_usage(ClusterInfo *cluster); @@ -98,6 +99,7 @@ check_old_cluster(bool live_check, char **sequence_script_file_name) * Check for various failure cases */ check_is_super_user(&old_cluster); + check_proper_datallowconn(&old_cluster); check_for_prepared_transactions(&old_cluster); check_for_reg_data_type_usage(&old_cluster); check_for_isn_and_int8_passing_mismatch(&old_cluster); @@ -628,6 +630,58 @@ create_script_for_cluster_analyze(char **analyze_script_file_name) } +static void +check_proper_datallowconn(ClusterInfo *cluster) +{ + int dbnum; + PGconn *conn_template1; + PGresult *dbres; + int ntups; + int i_datname; + int i_datallowconn; + + prep_status("Checking database connection settings"); + + conn_template1 = connectToServer(cluster, "template1"); + + /* get database names */ + dbres = executeQueryOrDie(conn_template1, + "SELECT datname, datallowconn " + "FROM pg_catalog.pg_database"); + + i_datname = PQfnumber(dbres, "datname"); + i_datallowconn = PQfnumber(dbres, "datallowconn"); + + ntups = PQntuples(dbres); + for (dbnum = 0; dbnum < ntups; dbnum++) + { + char *datname = PQgetvalue(dbres, dbnum, i_datname); + char *datallowconn = PQgetvalue(dbres, dbnum, i_datallowconn); + + if (strcmp(datname, "template0") == 0) + { + /* avoid restore failure when pg_dumpall tries to create template0 */ + if (strcmp(datallowconn, "t") == 0) + pg_log(PG_FATAL, "template0 must not allow connections, " + "i.e. its pg_database.datallowconn must be false\n"); + } + else + { + /* avoid datallowconn == false databases from being skipped on restore */ + if (strcmp(datallowconn, "f") == 0) + pg_log(PG_FATAL, "All non-template0 databases must allow connections, " + "i.e. their pg_database.datallowconn must be true\n"); + } + } + + PQclear(dbres); + + PQfinish(conn_template1); + + check_ok(); +} + + /* * create_script_for_old_cluster_deletion() *