Commit 4e818866 authored by Michael Paquier's avatar Michael Paquier

Revert "pg_upgrade: Fix quoting of some arguments in pg_ctl command"

This reverts commit d1c0b613.  The patch has some downsides that require
more attention, as discussed with Noah Misch.

Backpatch-through: 9.5
parent 3dfba9fd
...@@ -195,10 +195,10 @@ stop_postmaster_atexit(void) ...@@ -195,10 +195,10 @@ stop_postmaster_atexit(void)
bool bool
start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error) start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error)
{ {
char cmd[MAXPGPATH * 4 + 1000];
PGconn *conn; PGconn *conn;
bool pg_ctl_return = false; bool pg_ctl_return = false;
PQExpBufferData cmd; char socket_string[MAXPGPATH + 200];
PQExpBufferData opts;
static bool exit_hook_registered = false; static bool exit_hook_registered = false;
...@@ -208,28 +208,22 @@ start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error) ...@@ -208,28 +208,22 @@ start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error)
exit_hook_registered = true; exit_hook_registered = true;
} }
initPQExpBuffer(&cmd); socket_string[0] = '\0';
/* Path to pg_ctl */ #ifdef HAVE_UNIX_SOCKETS
appendPQExpBuffer(&cmd, "\"%s/pg_ctl\" -w ", cluster->bindir); /* prevent TCP/IP connections, restrict socket access */
strcat(socket_string,
/* log file */ " -c listen_addresses='' -c unix_socket_permissions=0700");
appendPQExpBufferStr(&cmd, "-l ");
appendShellString(&cmd, SERVER_LOG_FILE);
appendPQExpBufferChar(&cmd, ' ');
/* data folder */
appendPQExpBufferStr(&cmd, "-D ");
appendShellString(&cmd, cluster->pgconfig);
appendPQExpBufferChar(&cmd, ' ');
/* /* Have a sockdir? Tell the postmaster. */
* Build set of options for the instance to start. These are handled with if (cluster->sockdir)
* a separate string as they are one argument in the command produced to snprintf(socket_string + strlen(socket_string),
* which shell quoting needs to be applied. sizeof(socket_string) - strlen(socket_string),
*/ " -c %s='%s'",
initPQExpBuffer(&opts); (GET_MAJOR_VERSION(cluster->major_version) < 903) ?
appendPQExpBuffer(&opts, "-p %d ", cluster->port); "unix_socket_directory" : "unix_socket_directories",
cluster->sockdir);
#endif
/* /*
* Since PG 9.1, we have used -b to disable autovacuum. For earlier * Since PG 9.1, we have used -b to disable autovacuum. For earlier
...@@ -240,52 +234,21 @@ start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error) ...@@ -240,52 +234,21 @@ start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error)
* is no need to set that.) We assume all datfrozenxid and relfrozenxid * is no need to set that.) We assume all datfrozenxid and relfrozenxid
* values are less than a gap of 2000000000 from the current xid counter, * values are less than a gap of 2000000000 from the current xid counter,
* so autovacuum will not touch them. * so autovacuum will not touch them.
*/ *
if (cluster->controldata.cat_ver >= BINARY_UPGRADE_SERVER_FLAG_CAT_VER)
appendPQExpBufferStr(&opts, "-b ");
else
appendPQExpBufferStr(&opts,
"-c autovacuum=off "
"-c autovacuum_freeze_max_age=2000000000 ");
/*
* Turn off durability requirements to improve object creation speed, and * Turn off durability requirements to improve object creation speed, and
* we only modify the new cluster, so only use it there. If there is a * we only modify the new cluster, so only use it there. If there is a
* crash, the new cluster has to be recreated anyway. fsync=off is a big * crash, the new cluster has to be recreated anyway. fsync=off is a big
* win on ext4. * win on ext4.
*/ */
if (cluster == &new_cluster) snprintf(cmd, sizeof(cmd),
appendPQExpBufferStr(&opts, "\"%s/pg_ctl\" -w -l \"%s\" -D \"%s\" -o \"-p %d%s%s %s%s\" start",
"-c synchronous_commit=off " cluster->bindir, SERVER_LOG_FILE, cluster->pgconfig, cluster->port,
"-c fsync=off " (cluster->controldata.cat_ver >=
"-c full_page_writes=off "); BINARY_UPGRADE_SERVER_FLAG_CAT_VER) ? " -b" :
" -c autovacuum=off -c autovacuum_freeze_max_age=2000000000",
if (cluster->pgopts) (cluster == &new_cluster) ?
appendPQExpBufferStr(&opts, cluster->pgopts); " -c synchronous_commit=off -c fsync=off -c full_page_writes=off" : "",
cluster->pgopts ? cluster->pgopts : "", socket_string);
#ifdef HAVE_UNIX_SOCKETS
appendPQExpBuffer(&opts,
"-c listen_addresses='' -c unix_socket_permissions=0700 ");
/* Have a sockdir? Tell the postmaster. */
if (cluster->sockdir)
{
appendPQExpBuffer(&opts,
" -c %s=",
(GET_MAJOR_VERSION(cluster->major_version) < 903) ?
"unix_socket_directory" : "unix_socket_directories");
appendPQExpBufferStr(&opts, cluster->sockdir);
appendPQExpBufferChar(&opts, ' ');
}
#endif
/* Apply shell quoting to the option string */
appendPQExpBufferStr(&cmd, "-o ");
appendShellString(&cmd, opts.data);
termPQExpBuffer(&opts);
/* Start mode for pg_ctl */
appendPQExpBufferStr(&cmd, " start");
/* /*
* Don't throw an error right away, let connecting throw the error because * Don't throw an error right away, let connecting throw the error because
...@@ -297,7 +260,7 @@ start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error) ...@@ -297,7 +260,7 @@ start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error)
SERVER_START_LOG_FILE) != 0) ? SERVER_START_LOG_FILE) != 0) ?
SERVER_LOG_FILE : NULL, SERVER_LOG_FILE : NULL,
report_and_exit_on_error, false, report_and_exit_on_error, false,
"%s", cmd.data); "%s", cmd);
/* Did it fail and we are just testing if the server could be started? */ /* Did it fail and we are just testing if the server could be started? */
if (!pg_ctl_return && !report_and_exit_on_error) if (!pg_ctl_return && !report_and_exit_on_error)
...@@ -335,14 +298,13 @@ start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error) ...@@ -335,14 +298,13 @@ start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error)
if (cluster == &old_cluster) if (cluster == &old_cluster)
pg_fatal("could not connect to source postmaster started with the command:\n" pg_fatal("could not connect to source postmaster started with the command:\n"
"%s\n", "%s\n",
cmd.data); cmd);
else else
pg_fatal("could not connect to target postmaster started with the command:\n" pg_fatal("could not connect to target postmaster started with the command:\n"
"%s\n", "%s\n",
cmd.data); cmd);
} }
PQfinish(conn); PQfinish(conn);
termPQExpBuffer(&cmd);
/* /*
* If pg_ctl failed, and the connection didn't fail, and * If pg_ctl failed, and the connection didn't fail, and
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment