/*------------------------------------------------------------------------- * * initdb --- initialize a PostgreSQL installation * * initdb creates (initializes) a PostgreSQL database cluster (site, * instance, installation, whatever). A database cluster is a * collection of PostgreSQL databases all managed by the same server. * * To create the database cluster, we create the directory that contains * all its data, create the files that hold the global tables, create * a few other control files for it, and create three databases: the * template databases "template0" and "template1", and a default user * database "postgres". * * The template databases are ordinary PostgreSQL databases. template0 * is never supposed to change after initdb, whereas template1 can be * changed to add site-local standard data. Either one can be copied * to produce a new database. * * For largely-historical reasons, the template1 database is the one built * by the basic bootstrap process. After it is complete, template0 and * the default database, postgres, are made just by copying template1. * * To create template1, we run the postgres (backend) program in bootstrap * mode and feed it data from the postgres.bki library file. After this * initial bootstrap phase, some additional stuff is created by normal * SQL commands fed to a standalone backend. Some of those commands are * just embedded into this program (yeah, it's ugly), but larger chunks * are taken from script files. * * * Note: * The program has some memory leakage - it isn't worth cleaning it up. * * This is a C implementation of the previous shell script for setting up a * PostgreSQL cluster location, and should be highly compatible with it. * author of C translation: Andrew Dunstan mailto:andrew@dunslane.net * * This code is released under the terms of the PostgreSQL License. * * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group * Portions Copyright (c) 1994, Regents of the University of California * * src/bin/initdb/initdb.c * *------------------------------------------------------------------------- */ #include "postgres_fe.h" #include #include #include #include #include #include #ifdef HAVE_SHM_OPEN #include "sys/mman.h" #endif #include "access/xlog_internal.h" #include "catalog/pg_authid_d.h" #include "catalog/pg_class_d.h" /* pgrminclude ignore */ #include "catalog/pg_collation_d.h" #include "common/file_perm.h" #include "common/file_utils.h" #include "common/logging.h" #include "common/restricted_token.h" #include "common/username.h" #include "fe_utils/string_utils.h" #include "getaddrinfo.h" #include "getopt_long.h" #include "mb/pg_wchar.h" #include "miscadmin.h" /* Ideally this would be in a .h file, but it hardly seems worth the trouble */ extern const char *select_default_timezone(const char *share_path); static const char *const auth_methods_host[] = { "trust", "reject", "scram-sha-256", "md5", "password", "ident", "radius", #ifdef ENABLE_GSS "gss", #endif #ifdef ENABLE_SSPI "sspi", #endif #ifdef USE_PAM "pam", "pam ", #endif #ifdef USE_BSD_AUTH "bsd", #endif #ifdef USE_LDAP "ldap", #endif #ifdef USE_SSL "cert", #endif NULL }; static const char *const auth_methods_local[] = { "trust", "reject", "scram-sha-256", "md5", "password", "peer", "radius", #ifdef USE_PAM "pam", "pam ", #endif #ifdef USE_BSD_AUTH "bsd", #endif #ifdef USE_LDAP "ldap", #endif NULL }; /* * these values are passed in by makefile defines */ static char *share_path = NULL; /* values to be obtained from arguments */ static char *pg_data = NULL; static char *encoding = NULL; static char *locale = NULL; static char *lc_collate = NULL; static char *lc_ctype = NULL; static char *lc_monetary = NULL; static char *lc_numeric = NULL; static char *lc_time = NULL; static char *lc_messages = NULL; static const char *default_text_search_config = NULL; static char *username = NULL; static bool pwprompt = false; static char *pwfilename = NULL; static char *superuser_password = NULL; static const char *authmethodhost = NULL; static const char *authmethodlocal = NULL; static bool debug = false; static bool noclean = false; static bool do_sync = true; static bool sync_only = false; static bool show_setting = false; static bool data_checksums = false; static char *xlog_dir = NULL; static char *str_wal_segment_size_mb = NULL; static int wal_segment_size_mb; /* internal vars */ static const char *progname; static int encodingid; static char *bki_file; static char *hba_file; static char *ident_file; static char *conf_file; static char *dictionary_file; static char *info_schema_file; static char *features_file; static char *system_views_file; static bool success = false; static bool made_new_pgdata = false; static bool found_existing_pgdata = false; static bool made_new_xlogdir = false; static bool found_existing_xlogdir = false; static char infoversion[100]; static bool caught_signal = false; static bool output_failed = false; static int output_errno = 0; static char *pgdata_native; /* defaults */ static int n_connections = 10; static int n_buffers = 50; static const char *dynamic_shared_memory_type = NULL; static const char *default_timezone = NULL; /* * Warning messages for authentication methods */ #define AUTHTRUST_WARNING \ "# CAUTION: Configuring the system for local \"trust\" authentication\n" \ "# allows any local user to connect as any PostgreSQL user, including\n" \ "# the database superuser. If you do not trust all your local users,\n" \ "# use another authentication method.\n" static bool authwarning = false; /* * Centralized knowledge of switches to pass to backend * * Note: we run the backend with -F (fsync disabled) and then do a single * pass of fsync'ing at the end. This is faster than fsync'ing each step. * * Note: in the shell-script version, we also passed PGDATA as a -D switch, * but here it is more convenient to pass it as an environment variable * (no quoting to worry about). */ static const char *boot_options = "-F"; static const char *backend_options = "--single -F -O -j -c search_path=pg_catalog -c exit_on_error=true"; static const char *const subdirs[] = { "global", "pg_wal/archive_status", "pg_commit_ts", "pg_dynshmem", "pg_notify", "pg_serial", "pg_snapshots", "pg_subtrans", "pg_twophase", "pg_multixact", "pg_multixact/members", "pg_multixact/offsets", "base", "base/1", "pg_replslot", "pg_tblspc", "pg_stat", "pg_stat_tmp", "pg_xact", "pg_logical", "pg_logical/snapshots", "pg_logical/mappings" }; /* path to 'initdb' binary directory */ static char bin_path[MAXPGPATH]; static char backend_exec[MAXPGPATH]; static char **replace_token(char **lines, const char *token, const char *replacement); #ifndef HAVE_UNIX_SOCKETS static char **filter_lines_with_token(char **lines, const char *token); #endif static char **readfile(const char *path); static void writefile(char *path, char **lines); static FILE *popen_check(const char *command, const char *mode); static char *get_id(void); static int get_encoding_id(const char *encoding_name); static void set_input(char **dest, const char *filename); static void check_input(char *path); static void write_version_file(const char *extrapath); static void set_null_conf(void); static void test_config_settings(void); static void setup_config(void); static void bootstrap_template1(void); static void setup_auth(FILE *cmdfd); static void get_su_pwd(void); static void setup_depend(FILE *cmdfd); static void setup_sysviews(FILE *cmdfd); static void setup_description(FILE *cmdfd); static void setup_collation(FILE *cmdfd); static void setup_dictionary(FILE *cmdfd); static void setup_privileges(FILE *cmdfd); static void set_info_version(void); static void setup_schema(FILE *cmdfd); static void load_plpgsql(FILE *cmdfd); static void vacuum_db(FILE *cmdfd); static void make_template0(FILE *cmdfd); static void make_postgres(FILE *cmdfd); static void trapsig(int signum); static void check_ok(void); static char *escape_quotes(const char *src); static char *escape_quotes_bki(const char *src); static int locale_date_order(const char *locale); static void check_locale_name(int category, const char *locale, char **canonname); static bool check_locale_encoding(const char *locale, int encoding); static void setlocales(void); static void usage(const char *progname); void setup_pgdata(void); void setup_bin_paths(const char *argv0); void setup_data_file_paths(void); void setup_locale_encoding(void); void setup_signals(void); void setup_text_search(void); void create_data_directory(void); void create_xlog_or_symlink(void); void warn_on_mount_point(int error); void initialize_data_directory(void); /* * macros for running pipes to postgres */ #define PG_CMD_DECL char cmd[MAXPGPATH]; FILE *cmdfd #define PG_CMD_OPEN \ do { \ cmdfd = popen_check(cmd, "w"); \ if (cmdfd == NULL) \ exit(1); /* message already printed by popen_check */ \ } while (0) #define PG_CMD_CLOSE \ do { \ if (pclose_check(cmdfd)) \ exit(1); /* message already printed by pclose_check */ \ } while (0) #define PG_CMD_PUTS(line) \ do { \ if (fputs(line, cmdfd) < 0 || fflush(cmdfd) < 0) \ output_failed = true, output_errno = errno; \ } while (0) #define PG_CMD_PRINTF(fmt, ...) \ do { \ if (fprintf(cmdfd, fmt, __VA_ARGS__) < 0 || fflush(cmdfd) < 0) \ output_failed = true, output_errno = errno; \ } while (0) /* * Escape single quotes and backslashes, suitably for insertions into * configuration files or SQL E'' strings. */ static char * escape_quotes(const char *src) { char *result = escape_single_quotes_ascii(src); if (!result) { pg_log_error("out of memory"); exit(1); } return result; } /* * Escape a field value to be inserted into the BKI data. * Here, we first run the value through escape_quotes (which * will be inverted by the backend's scanstr() function) and * then overlay special processing of double quotes, which * bootscanner.l will only accept as data if converted to octal * representation ("\042"). We always wrap the value in double * quotes, even if that isn't strictly necessary. */ static char * escape_quotes_bki(const char *src) { char *result; char *data = escape_quotes(src); char *resultp; char *datap; int nquotes = 0; /* count double quotes in data */ datap = data; while ((datap = strchr(datap, '"')) != NULL) { nquotes++; datap++; } result = (char *) pg_malloc(strlen(data) + 3 + nquotes * 3); resultp = result; *resultp++ = '"'; for (datap = data; *datap; datap++) { if (*datap == '"') { strcpy(resultp, "\\042"); resultp += 4; } else *resultp++ = *datap; } *resultp++ = '"'; *resultp = '\0'; free(data); return result; } /* * make a copy of the array of lines, with token replaced by replacement * the first time it occurs on each line. * * This does most of what sed was used for in the shell script, but * doesn't need any regexp stuff. */ static char ** replace_token(char **lines, const char *token, const char *replacement) { int numlines = 1; int i; char **result; int toklen, replen, diff; for (i = 0; lines[i]; i++) numlines++; result = (char **) pg_malloc(numlines * sizeof(char *)); toklen = strlen(token); replen = strlen(replacement); diff = replen - toklen; for (i = 0; i < numlines; i++) { char *where; char *newline; int pre; /* just copy pointer if NULL or no change needed */ if (lines[i] == NULL || (where = strstr(lines[i], token)) == NULL) { result[i] = lines[i]; continue; } /* if we get here a change is needed - set up new line */ newline = (char *) pg_malloc(strlen(lines[i]) + diff + 1); pre = where - lines[i]; memcpy(newline, lines[i], pre); memcpy(newline + pre, replacement, replen); strcpy(newline + pre + replen, lines[i] + pre + toklen); result[i] = newline; } return result; } /* * make a copy of lines without any that contain the token * * a sort of poor man's grep -v */ #ifndef HAVE_UNIX_SOCKETS static char ** filter_lines_with_token(char **lines, const char *token) { int numlines = 1; int i, src, dst; char **result; for (i = 0; lines[i]; i++) numlines++; result = (char **) pg_malloc(numlines * sizeof(char *)); for (src = 0, dst = 0; src < numlines; src++) { if (lines[src] == NULL || strstr(lines[src], token) == NULL) result[dst++] = lines[src]; } return result; } #endif /* * get the lines from a text file */ static char ** readfile(const char *path) { FILE *infile; int maxlength = 1, linelen = 0; int nlines = 0; int n; char **result; char *buffer; int c; if ((infile = fopen(path, "r")) == NULL) { pg_log_error("could not open file \"%s\" for reading: %m", path); exit(1); } /* pass over the file twice - the first time to size the result */ while ((c = fgetc(infile)) != EOF) { linelen++; if (c == '\n') { nlines++; if (linelen > maxlength) maxlength = linelen; linelen = 0; } } /* handle last line without a terminating newline (yuck) */ if (linelen) nlines++; if (linelen > maxlength) maxlength = linelen; /* set up the result and the line buffer */ result = (char **) pg_malloc((nlines + 1) * sizeof(char *)); buffer = (char *) pg_malloc(maxlength + 1); /* now reprocess the file and store the lines */ rewind(infile); n = 0; while (fgets(buffer, maxlength + 1, infile) != NULL && n < nlines) result[n++] = pg_strdup(buffer); fclose(infile); free(buffer); result[n] = NULL; return result; } /* * write an array of lines to a file * * This is only used to write text files. Use fopen "w" not PG_BINARY_W * so that the resulting configuration files are nicely editable on Windows. */ static void writefile(char *path, char **lines) { FILE *out_file; char **line; if ((out_file = fopen(path, "w")) == NULL) { pg_log_error("could not open file \"%s\" for writing: %m", path); exit(1); } for (line = lines; *line != NULL; line++) { if (fputs(*line, out_file) < 0) { pg_log_error("could not write file \"%s\": %m", path); exit(1); } free(*line); } if (fclose(out_file)) { pg_log_error("could not write file \"%s\": %m", path); exit(1); } } /* * Open a subcommand with suitable error messaging */ static FILE * popen_check(const char *command, const char *mode) { FILE *cmdfd; fflush(stdout); fflush(stderr); errno = 0; cmdfd = popen(command, mode); if (cmdfd == NULL) pg_log_error("could not execute command \"%s\": %m", command); return cmdfd; } /* * clean up any files we created on failure * if we created the data directory remove it too */ static void cleanup_directories_atexit(void) { if (success) return; if (!noclean) { if (made_new_pgdata) { pg_log_info("removing data directory \"%s\"", pg_data); if (!rmtree(pg_data, true)) pg_log_error("failed to remove data directory"); } else if (found_existing_pgdata) { pg_log_info("removing contents of data directory \"%s\"", pg_data); if (!rmtree(pg_data, false)) pg_log_error("failed to remove contents of data directory"); } if (made_new_xlogdir) { pg_log_info("removing WAL directory \"%s\"", xlog_dir); if (!rmtree(xlog_dir, true)) pg_log_error("failed to remove WAL directory"); } else if (found_existing_xlogdir) { pg_log_info("removing contents of WAL directory \"%s\"", xlog_dir); if (!rmtree(xlog_dir, false)) pg_log_error("failed to remove contents of WAL directory"); } /* otherwise died during startup, do nothing! */ } else { if (made_new_pgdata || found_existing_pgdata) pg_log_info("data directory \"%s\" not removed at user's request", pg_data); if (made_new_xlogdir || found_existing_xlogdir) pg_log_info("WAL directory \"%s\" not removed at user's request", xlog_dir); } } /* * find the current user * * on unix make sure it isn't root */ static char * get_id(void) { const char *username; #ifndef WIN32 if (geteuid() == 0) /* 0 is root's uid */ { pg_log_error("cannot be run as root"); fprintf(stderr, _("Please log in (using, e.g., \"su\") as the (unprivileged) user that will\n" "own the server process.\n")); exit(1); } #endif username = get_user_name_or_exit(progname); return pg_strdup(username); } static char * encodingid_to_string(int enc) { char result[20]; sprintf(result, "%d", enc); return pg_strdup(result); } /* * get the encoding id for a given encoding name */ static int get_encoding_id(const char *encoding_name) { int enc; if (encoding_name && *encoding_name) { if ((enc = pg_valid_server_encoding(encoding_name)) >= 0) return enc; } pg_log_error("\"%s\" is not a valid server encoding name", encoding_name ? encoding_name : "(null)"); exit(1); } /* * Support for determining the best default text search configuration. * We key this off the first part of LC_CTYPE (ie, the language name). */ struct tsearch_config_match { const char *tsconfname; const char *langname; }; static const struct tsearch_config_match tsearch_config_languages[] = { {"arabic", "ar"}, {"arabic", "Arabic"}, {"danish", "da"}, {"danish", "Danish"}, {"dutch", "nl"}, {"dutch", "Dutch"}, {"english", "C"}, {"english", "POSIX"}, {"english", "en"}, {"english", "English"}, {"finnish", "fi"}, {"finnish", "Finnish"}, {"french", "fr"}, {"french", "French"}, {"german", "de"}, {"german", "German"}, {"greek", "el"}, {"greek", "Greek"}, {"hungarian", "hu"}, {"hungarian", "Hungarian"}, {"indonesian", "id"}, {"indonesian", "Indonesian"}, {"irish", "ga"}, {"irish", "Irish"}, {"italian", "it"}, {"italian", "Italian"}, {"lithuanian", "lt"}, {"lithuanian", "Lithuanian"}, {"nepali", "ne"}, {"nepali", "Nepali"}, {"norwegian", "no"}, {"norwegian", "Norwegian"}, {"portuguese", "pt"}, {"portuguese", "Portuguese"}, {"romanian", "ro"}, {"russian", "ru"}, {"russian", "Russian"}, {"spanish", "es"}, {"spanish", "Spanish"}, {"swedish", "sv"}, {"swedish", "Swedish"}, {"tamil", "ta"}, {"tamil", "Tamil"}, {"turkish", "tr"}, {"turkish", "Turkish"}, {NULL, NULL} /* end marker */ }; /* * Look for a text search configuration matching lc_ctype, and return its * name; return NULL if no match. */ static const char * find_matching_ts_config(const char *lc_type) { int i; char *langname, *ptr; /* * Convert lc_ctype to a language name by stripping everything after an * underscore (usual case) or a hyphen (Windows "locale name"; see * comments at IsoLocaleName()). * * XXX Should ' ' be a stop character? This would select "norwegian" for * the Windows locale "Norwegian (Nynorsk)_Norway.1252". If we do so, we * should also accept the "nn" and "nb" Unix locales. * * Just for paranoia, we also stop at '.' or '@'. */ if (lc_type == NULL) langname = pg_strdup(""); else { ptr = langname = pg_strdup(lc_type); while (*ptr && *ptr != '_' && *ptr != '-' && *ptr != '.' && *ptr != '@') ptr++; *ptr = '\0'; } for (i = 0; tsearch_config_languages[i].tsconfname; i++) { if (pg_strcasecmp(tsearch_config_languages[i].langname, langname) == 0) { free(langname); return tsearch_config_languages[i].tsconfname; } } free(langname); return NULL; } /* * set name of given input file variable under data directory */ static void set_input(char **dest, const char *filename) { *dest = psprintf("%s/%s", share_path, filename); } /* * check that given input file exists */ static void check_input(char *path) { struct stat statbuf; if (stat(path, &statbuf) != 0) { if (errno == ENOENT) { pg_log_error("file \"%s\" does not exist", path); fprintf(stderr, _("This might mean you have a corrupted installation or identified\n" "the wrong directory with the invocation option -L.\n")); } else { pg_log_error("could not access file \"%s\": %m", path); fprintf(stderr, _("This might mean you have a corrupted installation or identified\n" "the wrong directory with the invocation option -L.\n")); } exit(1); } if (!S_ISREG(statbuf.st_mode)) { pg_log_error("file \"%s\" is not a regular file", path); fprintf(stderr, _("This might mean you have a corrupted installation or identified\n" "the wrong directory with the invocation option -L.\n")); exit(1); } } /* * write out the PG_VERSION file in the data dir, or its subdirectory * if extrapath is not NULL */ static void write_version_file(const char *extrapath) { FILE *version_file; char *path; if (extrapath == NULL) path = psprintf("%s/PG_VERSION", pg_data); else path = psprintf("%s/%s/PG_VERSION", pg_data, extrapath); if ((version_file = fopen(path, PG_BINARY_W)) == NULL) { pg_log_error("could not open file \"%s\" for writing: %m", path); exit(1); } if (fprintf(version_file, "%s\n", PG_MAJORVERSION) < 0 || fclose(version_file)) { pg_log_error("could not write file \"%s\": %m", path); exit(1); } free(path); } /* * set up an empty config file so we can check config settings by launching * a test backend */ static void set_null_conf(void) { FILE *conf_file; char *path; path = psprintf("%s/postgresql.conf", pg_data); conf_file = fopen(path, PG_BINARY_W); if (conf_file == NULL) { pg_log_error("could not open file \"%s\" for writing: %m", path); exit(1); } if (fclose(conf_file)) { pg_log_error("could not write file \"%s\": %m", path); exit(1); } free(path); } /* * Determine which dynamic shared memory implementation should be used on * this platform. POSIX shared memory is preferable because the default * allocation limits are much higher than the limits for System V on most * systems that support both, but the fact that a platform has shm_open * doesn't guarantee that that call will succeed when attempted. So, we * attempt to reproduce what the postmaster will do when allocating a POSIX * segment in dsm_impl.c; if it doesn't work, we assume it won't work for * the postmaster either, and configure the cluster for System V shared * memory instead. */ static const char * choose_dsm_implementation(void) { #ifdef HAVE_SHM_OPEN int ntries = 10; /* Initialize random(); this function is its only user in this program. */ srandom((unsigned int) (getpid() ^ time(NULL))); while (ntries > 0) { uint32 handle; char name[64]; int fd; handle = random(); snprintf(name, 64, "/PostgreSQL.%u", handle); if ((fd = shm_open(name, O_CREAT | O_RDWR | O_EXCL, 0600)) != -1) { close(fd); shm_unlink(name); return "posix"; } if (errno != EEXIST) break; --ntries; } #endif #ifdef WIN32 return "windows"; #else return "sysv"; #endif } /* * Determine platform-specific config settings * * Use reasonable values if kernel will let us, else scale back. */ static void test_config_settings(void) { /* * This macro defines the minimum shared_buffers we want for a given * max_connections value. The arrays show the settings to try. */ #define MIN_BUFS_FOR_CONNS(nconns) ((nconns) * 10) static const int trial_conns[] = { 100, 50, 40, 30, 20 }; static const int trial_bufs[] = { 16384, 8192, 4096, 3584, 3072, 2560, 2048, 1536, 1000, 900, 800, 700, 600, 500, 400, 300, 200, 100, 50 }; char cmd[MAXPGPATH]; const int connslen = sizeof(trial_conns) / sizeof(int); const int bufslen = sizeof(trial_bufs) / sizeof(int); int i, status, test_conns, test_buffs, ok_buffers = 0; /* * Need to determine working DSM implementation first so that subsequent * tests don't fail because DSM setting doesn't work. */ printf(_("selecting dynamic shared memory implementation ... ")); fflush(stdout); dynamic_shared_memory_type = choose_dsm_implementation(); printf("%s\n", dynamic_shared_memory_type); /* * Probe for max_connections before shared_buffers, since it is subject to * more constraints than shared_buffers. */ printf(_("selecting default max_connections ... ")); fflush(stdout); for (i = 0; i < connslen; i++) { test_conns = trial_conns[i]; test_buffs = MIN_BUFS_FOR_CONNS(test_conns); snprintf(cmd, sizeof(cmd), "\"%s\" --boot -x0 %s " "-c max_connections=%d " "-c shared_buffers=%d " "-c dynamic_shared_memory_type=%s " "< \"%s\" > \"%s\" 2>&1", backend_exec, boot_options, test_conns, test_buffs, dynamic_shared_memory_type, DEVNULL, DEVNULL); status = system(cmd); if (status == 0) { ok_buffers = test_buffs; break; } } if (i >= connslen) i = connslen - 1; n_connections = trial_conns[i]; printf("%d\n", n_connections); printf(_("selecting default shared_buffers ... ")); fflush(stdout); for (i = 0; i < bufslen; i++) { /* Use same amount of memory, independent of BLCKSZ */ test_buffs = (trial_bufs[i] * 8192) / BLCKSZ; if (test_buffs <= ok_buffers) { test_buffs = ok_buffers; break; } snprintf(cmd, sizeof(cmd), "\"%s\" --boot -x0 %s " "-c max_connections=%d " "-c shared_buffers=%d " "-c dynamic_shared_memory_type=%s " "< \"%s\" > \"%s\" 2>&1", backend_exec, boot_options, n_connections, test_buffs, dynamic_shared_memory_type, DEVNULL, DEVNULL); status = system(cmd); if (status == 0) break; } n_buffers = test_buffs; if ((n_buffers * (BLCKSZ / 1024)) % 1024 == 0) printf("%dMB\n", (n_buffers * (BLCKSZ / 1024)) / 1024); else printf("%dkB\n", n_buffers * (BLCKSZ / 1024)); printf(_("selecting default time zone ... ")); fflush(stdout); default_timezone = select_default_timezone(share_path); printf("%s\n", default_timezone ? default_timezone : "GMT"); } /* * Calculate the default wal_size with a "pretty" unit. */ static char * pretty_wal_size(int segment_count) { int sz = wal_segment_size_mb * segment_count; char *result = pg_malloc(14); if ((sz % 1024) == 0) snprintf(result, 14, "%dGB", sz / 1024); else snprintf(result, 14, "%dMB", sz); return result; } /* * set up all the config files */ static void setup_config(void) { char **conflines; char repltok[MAXPGPATH]; char path[MAXPGPATH]; char *autoconflines[3]; fputs(_("creating configuration files ... "), stdout); fflush(stdout); /* postgresql.conf */ conflines = readfile(conf_file); snprintf(repltok, sizeof(repltok), "max_connections = %d", n_connections); conflines = replace_token(conflines, "#max_connections = 100", repltok); if ((n_buffers * (BLCKSZ / 1024)) % 1024 == 0) snprintf(repltok, sizeof(repltok), "shared_buffers = %dMB", (n_buffers * (BLCKSZ / 1024)) / 1024); else snprintf(repltok, sizeof(repltok), "shared_buffers = %dkB", n_buffers * (BLCKSZ / 1024)); conflines = replace_token(conflines, "#shared_buffers = 32MB", repltok); #ifdef HAVE_UNIX_SOCKETS snprintf(repltok, sizeof(repltok), "#unix_socket_directories = '%s'", DEFAULT_PGSOCKET_DIR); #else snprintf(repltok, sizeof(repltok), "#unix_socket_directories = ''"); #endif conflines = replace_token(conflines, "#unix_socket_directories = '/tmp'", repltok); #if DEF_PGPORT != 5432 snprintf(repltok, sizeof(repltok), "#port = %d", DEF_PGPORT); conflines = replace_token(conflines, "#port = 5432", repltok); #endif /* set default max_wal_size and min_wal_size */ snprintf(repltok, sizeof(repltok), "min_wal_size = %s", pretty_wal_size(DEFAULT_MIN_WAL_SEGS)); conflines = replace_token(conflines, "#min_wal_size = 80MB", repltok); snprintf(repltok, sizeof(repltok), "max_wal_size = %s", pretty_wal_size(DEFAULT_MAX_WAL_SEGS)); conflines = replace_token(conflines, "#max_wal_size = 1GB", repltok); snprintf(repltok, sizeof(repltok), "lc_messages = '%s'", escape_quotes(lc_messages)); conflines = replace_token(conflines, "#lc_messages = 'C'", repltok); snprintf(repltok, sizeof(repltok), "lc_monetary = '%s'", escape_quotes(lc_monetary)); conflines = replace_token(conflines, "#lc_monetary = 'C'", repltok); snprintf(repltok, sizeof(repltok), "lc_numeric = '%s'", escape_quotes(lc_numeric)); conflines = replace_token(conflines, "#lc_numeric = 'C'", repltok); snprintf(repltok, sizeof(repltok), "lc_time = '%s'", escape_quotes(lc_time)); conflines = replace_token(conflines, "#lc_time = 'C'", repltok); switch (locale_date_order(lc_time)) { case DATEORDER_YMD: strcpy(repltok, "datestyle = 'iso, ymd'"); break; case DATEORDER_DMY: strcpy(repltok, "datestyle = 'iso, dmy'"); break; case DATEORDER_MDY: default: strcpy(repltok, "datestyle = 'iso, mdy'"); break; } conflines = replace_token(conflines, "#datestyle = 'iso, mdy'", repltok); snprintf(repltok, sizeof(repltok), "default_text_search_config = 'pg_catalog.%s'", escape_quotes(default_text_search_config)); conflines = replace_token(conflines, "#default_text_search_config = 'pg_catalog.simple'", repltok); if (default_timezone) { snprintf(repltok, sizeof(repltok), "timezone = '%s'", escape_quotes(default_timezone)); conflines = replace_token(conflines, "#timezone = 'GMT'", repltok); snprintf(repltok, sizeof(repltok), "log_timezone = '%s'", escape_quotes(default_timezone)); conflines = replace_token(conflines, "#log_timezone = 'GMT'", repltok); } snprintf(repltok, sizeof(repltok), "dynamic_shared_memory_type = %s", dynamic_shared_memory_type); conflines = replace_token(conflines, "#dynamic_shared_memory_type = posix", repltok); #if DEFAULT_BACKEND_FLUSH_AFTER > 0 snprintf(repltok, sizeof(repltok), "#backend_flush_after = %dkB", DEFAULT_BACKEND_FLUSH_AFTER * (BLCKSZ / 1024)); conflines = replace_token(conflines, "#backend_flush_after = 0", repltok); #endif #if DEFAULT_BGWRITER_FLUSH_AFTER > 0 snprintf(repltok, sizeof(repltok), "#bgwriter_flush_after = %dkB", DEFAULT_BGWRITER_FLUSH_AFTER * (BLCKSZ / 1024)); conflines = replace_token(conflines, "#bgwriter_flush_after = 0", repltok); #endif #if DEFAULT_CHECKPOINT_FLUSH_AFTER > 0 snprintf(repltok, sizeof(repltok), "#checkpoint_flush_after = %dkB", DEFAULT_CHECKPOINT_FLUSH_AFTER * (BLCKSZ / 1024)); conflines = replace_token(conflines, "#checkpoint_flush_after = 0", repltok); #endif #ifndef USE_PREFETCH conflines = replace_token(conflines, "#effective_io_concurrency = 1", "#effective_io_concurrency = 0"); #endif #ifdef WIN32 conflines = replace_token(conflines, "#update_process_title = on", "#update_process_title = off"); #endif if (strcmp(authmethodlocal, "scram-sha-256") == 0 || strcmp(authmethodhost, "scram-sha-256") == 0) { conflines = replace_token(conflines, "#password_encryption = md5", "password_encryption = scram-sha-256"); } /* * If group access has been enabled for the cluster then it makes sense to * ensure that the log files also allow group access. Otherwise a backup * from a user in the group would fail if the log files were not * relocated. */ if (pg_dir_create_mode == PG_DIR_MODE_GROUP) { conflines = replace_token(conflines, "#log_file_mode = 0600", "log_file_mode = 0640"); } snprintf(path, sizeof(path), "%s/postgresql.conf", pg_data); writefile(path, conflines); if (chmod(path, pg_file_create_mode) != 0) { pg_log_error("could not change permissions of \"%s\": %m", path); exit(1); } /* * create the automatic configuration file to store the configuration * parameters set by ALTER SYSTEM command. The parameters present in this * file will override the value of parameters that exists before parse of * this file. */ autoconflines[0] = pg_strdup("# Do not edit this file manually!\n"); autoconflines[1] = pg_strdup("# It will be overwritten by the ALTER SYSTEM command.\n"); autoconflines[2] = NULL; sprintf(path, "%s/postgresql.auto.conf", pg_data); writefile(path, autoconflines); if (chmod(path, pg_file_create_mode) != 0) { pg_log_error("could not change permissions of \"%s\": %m", path); exit(1); } free(conflines); /* pg_hba.conf */ conflines = readfile(hba_file); #ifndef HAVE_UNIX_SOCKETS conflines = filter_lines_with_token(conflines, "@remove-line-for-nolocal@"); #else conflines = replace_token(conflines, "@remove-line-for-nolocal@", ""); #endif #ifdef HAVE_IPV6 /* * Probe to see if there is really any platform support for IPv6, and * comment out the relevant pg_hba line if not. This avoids runtime * warnings if getaddrinfo doesn't actually cope with IPv6. Particularly * useful on Windows, where executables built on a machine with IPv6 may * have to run on a machine without. */ { struct addrinfo *gai_result; struct addrinfo hints; int err = 0; #ifdef WIN32 /* need to call WSAStartup before calling getaddrinfo */ WSADATA wsaData; err = WSAStartup(MAKEWORD(2, 2), &wsaData); #endif /* for best results, this code should match parse_hba_line() */ hints.ai_flags = AI_NUMERICHOST; hints.ai_family = AF_UNSPEC; hints.ai_socktype = 0; hints.ai_protocol = 0; hints.ai_addrlen = 0; hints.ai_canonname = NULL; hints.ai_addr = NULL; hints.ai_next = NULL; if (err != 0 || getaddrinfo("::1", NULL, &hints, &gai_result) != 0) { conflines = replace_token(conflines, "host all all ::1", "#host all all ::1"); conflines = replace_token(conflines, "host replication all ::1", "#host replication all ::1"); } } #else /* !HAVE_IPV6 */ /* If we didn't compile IPV6 support at all, always comment it out */ conflines = replace_token(conflines, "host all all ::1", "#host all all ::1"); conflines = replace_token(conflines, "host replication all ::1", "#host replication all ::1"); #endif /* HAVE_IPV6 */ /* Replace default authentication methods */ conflines = replace_token(conflines, "@authmethodhost@", authmethodhost); conflines = replace_token(conflines, "@authmethodlocal@", authmethodlocal); conflines = replace_token(conflines, "@authcomment@", (strcmp(authmethodlocal, "trust") == 0 || strcmp(authmethodhost, "trust") == 0) ? AUTHTRUST_WARNING : ""); snprintf(path, sizeof(path), "%s/pg_hba.conf", pg_data); writefile(path, conflines); if (chmod(path, pg_file_create_mode) != 0) { pg_log_error("could not change permissions of \"%s\": %m", path); exit(1); } free(conflines); /* pg_ident.conf */ conflines = readfile(ident_file); snprintf(path, sizeof(path), "%s/pg_ident.conf", pg_data); writefile(path, conflines); if (chmod(path, pg_file_create_mode) != 0) { pg_log_error("could not change permissions of \"%s\": %m", path); exit(1); } free(conflines); check_ok(); } /* * run the BKI script in bootstrap mode to create template1 */ static void bootstrap_template1(void) { PG_CMD_DECL; char **line; char **bki_lines; char headerline[MAXPGPATH]; char buf[64]; printf(_("running bootstrap script ... ")); fflush(stdout); bki_lines = readfile(bki_file); /* Check that bki file appears to be of the right version */ snprintf(headerline, sizeof(headerline), "# PostgreSQL %s\n", PG_MAJORVERSION); if (strcmp(headerline, *bki_lines) != 0) { pg_log_error("input file \"%s\" does not belong to PostgreSQL %s", bki_file, PG_VERSION); fprintf(stderr, _("Check your installation or specify the correct path " "using the option -L.\n")); exit(1); } /* Substitute for various symbols used in the BKI file */ sprintf(buf, "%d", NAMEDATALEN); bki_lines = replace_token(bki_lines, "NAMEDATALEN", buf); sprintf(buf, "%d", (int) sizeof(Pointer)); bki_lines = replace_token(bki_lines, "SIZEOF_POINTER", buf); bki_lines = replace_token(bki_lines, "ALIGNOF_POINTER", (sizeof(Pointer) == 4) ? "i" : "d"); bki_lines = replace_token(bki_lines, "FLOAT8PASSBYVAL", FLOAT8PASSBYVAL ? "true" : "false"); bki_lines = replace_token(bki_lines, "POSTGRES", escape_quotes_bki(username)); bki_lines = replace_token(bki_lines, "ENCODING", encodingid_to_string(encodingid)); bki_lines = replace_token(bki_lines, "LC_COLLATE", escape_quotes_bki(lc_collate)); bki_lines = replace_token(bki_lines, "LC_CTYPE", escape_quotes_bki(lc_ctype)); /* Also ensure backend isn't confused by this environment var: */ unsetenv("PGCLIENTENCODING"); snprintf(cmd, sizeof(cmd), "\"%s\" --boot -x1 -X %u %s %s %s", backend_exec, wal_segment_size_mb * (1024 * 1024), data_checksums ? "-k" : "", boot_options, debug ? "-d 5" : ""); PG_CMD_OPEN; for (line = bki_lines; *line != NULL; line++) { PG_CMD_PUTS(*line); free(*line); } PG_CMD_CLOSE; free(bki_lines); check_ok(); } /* * set up the shadow password table */ static void setup_auth(FILE *cmdfd) { const char *const *line; static const char *const pg_authid_setup[] = { /* * The authid table shouldn't be readable except through views, to * ensure passwords are not publicly visible. */ "REVOKE ALL on pg_authid FROM public;\n\n", NULL }; for (line = pg_authid_setup; *line != NULL; line++) PG_CMD_PUTS(*line); if (superuser_password) PG_CMD_PRINTF("ALTER USER \"%s\" WITH PASSWORD E'%s';\n\n", username, escape_quotes(superuser_password)); } /* * get the superuser password if required */ static void get_su_pwd(void) { char pwd1[100]; char pwd2[100]; if (pwprompt) { /* * Read password from terminal */ printf("\n"); fflush(stdout); simple_prompt("Enter new superuser password: ", pwd1, sizeof(pwd1), false); simple_prompt("Enter it again: ", pwd2, sizeof(pwd2), false); if (strcmp(pwd1, pwd2) != 0) { fprintf(stderr, _("Passwords didn't match.\n")); exit(1); } } else { /* * Read password from file * * Ideally this should insist that the file not be world-readable. * However, this option is mainly intended for use on Windows where * file permissions may not exist at all, so we'll skip the paranoia * for now. */ FILE *pwf = fopen(pwfilename, "r"); int i; if (!pwf) { pg_log_error("could not open file \"%s\" for reading: %m", pwfilename); exit(1); } if (!fgets(pwd1, sizeof(pwd1), pwf)) { if (ferror(pwf)) pg_log_error("could not read password from file \"%s\": %m", pwfilename); else pg_log_error("password file \"%s\" is empty", pwfilename); exit(1); } fclose(pwf); i = strlen(pwd1); while (i > 0 && (pwd1[i - 1] == '\r' || pwd1[i - 1] == '\n')) pwd1[--i] = '\0'; } superuser_password = pg_strdup(pwd1); } /* * set up pg_depend */ static void setup_depend(FILE *cmdfd) { const char *const *line; static const char *const pg_depend_setup[] = { /* * Make PIN entries in pg_depend for all objects made so far in the * tables that the dependency code handles. This is overkill (the * system doesn't really depend on having every last weird datatype, * for instance) but generating only the minimum required set of * dependencies seems hard. * * Catalogs that are intentionally not scanned here are: * * pg_database: it's a feature, not a bug, that template1 is not * pinned. * * pg_extension: a pinned extension isn't really an extension, hmm? * * pg_tablespace: tablespaces don't participate in the dependency * code, and DropTableSpace() explicitly protects the built-in * tablespaces. * * First delete any already-made entries; PINs override all else, and * must be the only entries for their objects. */ "DELETE FROM pg_depend;\n\n", "VACUUM pg_depend;\n\n", "DELETE FROM pg_shdepend;\n\n", "VACUUM pg_shdepend;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_class;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_proc;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_type;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_cast;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_constraint;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_conversion;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_attrdef;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_language;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_operator;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_opclass;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_opfamily;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_am;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_amop;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_amproc;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_rewrite;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_trigger;\n\n", /* * restriction here to avoid pinning the public namespace */ "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_namespace " " WHERE nspname LIKE 'pg%';\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_ts_parser;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_ts_dict;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_ts_template;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_ts_config;\n\n", "INSERT INTO pg_depend SELECT 0,0,0, tableoid,oid,0, 'p' " " FROM pg_collation;\n\n", "INSERT INTO pg_shdepend SELECT 0,0,0,0, tableoid,oid, 'p' " " FROM pg_authid;\n\n", NULL }; for (line = pg_depend_setup; *line != NULL; line++) PG_CMD_PUTS(*line); } /* * set up system views */ static void setup_sysviews(FILE *cmdfd) { char **line; char **sysviews_setup; sysviews_setup = readfile(system_views_file); for (line = sysviews_setup; *line != NULL; line++) { PG_CMD_PUTS(*line); free(*line); } PG_CMD_PUTS("\n\n"); free(sysviews_setup); } /* * fill in extra description data */ static void setup_description(FILE *cmdfd) { /* Create default descriptions for operator implementation functions */ PG_CMD_PUTS("WITH funcdescs AS ( " "SELECT p.oid as p_oid, o.oid as o_oid, oprname " "FROM pg_proc p JOIN pg_operator o ON oprcode = p.oid ) " "INSERT INTO pg_description " " SELECT p_oid, 'pg_proc'::regclass, 0, " " 'implementation of ' || oprname || ' operator' " " FROM funcdescs " " WHERE NOT EXISTS (SELECT 1 FROM pg_description " " WHERE objoid = p_oid AND classoid = 'pg_proc'::regclass) " " AND NOT EXISTS (SELECT 1 FROM pg_description " " WHERE objoid = o_oid AND classoid = 'pg_operator'::regclass" " AND description LIKE 'deprecated%');\n\n"); } /* * populate pg_collation */ static void setup_collation(FILE *cmdfd) { /* * Add an SQL-standard name. We don't want to pin this, so it doesn't go * in pg_collation.h. But add it before reading system collations, so * that it wins if libc defines a locale named ucs_basic. */ PG_CMD_PRINTF("INSERT INTO pg_collation (oid, collname, collnamespace, collowner, collprovider, collisdeterministic, collencoding, collcollate, collctype)" "VALUES (pg_nextoid('pg_catalog.pg_collation', 'oid', 'pg_catalog.pg_collation_oid_index'), 'ucs_basic', 'pg_catalog'::regnamespace, %u, '%c', true, %d, 'C', 'C');\n\n", BOOTSTRAP_SUPERUSERID, COLLPROVIDER_LIBC, PG_UTF8); /* Now import all collations we can find in the operating system */ PG_CMD_PUTS("SELECT pg_import_system_collations('pg_catalog');\n\n"); } /* * load extra dictionaries (Snowball stemmers) */ static void setup_dictionary(FILE *cmdfd) { char **line; char **conv_lines; conv_lines = readfile(dictionary_file); for (line = conv_lines; *line != NULL; line++) { PG_CMD_PUTS(*line); free(*line); } PG_CMD_PUTS("\n\n"); free(conv_lines); } /* * Set up privileges * * We mark most system catalogs as world-readable. We don't currently have * to touch functions, languages, or databases, because their default * permissions are OK. * * Some objects may require different permissions by default, so we * make sure we don't overwrite privilege sets that have already been * set (NOT NULL). * * Also populate pg_init_privs to save what the privileges are at init * time. This is used by pg_dump to allow users to change privileges * on catalog objects and to have those privilege changes preserved * across dump/reload and pg_upgrade. * * Note that pg_init_privs is only for per-database objects and therefore * we don't include databases or tablespaces. */ static void setup_privileges(FILE *cmdfd) { char **line; char **priv_lines; static char *privileges_setup[] = { "UPDATE pg_class " " SET relacl = (SELECT array_agg(a.acl) FROM " " (SELECT E'=r/\"$POSTGRES_SUPERUSERNAME\"' as acl " " UNION SELECT unnest(pg_catalog.acldefault(" " CASE WHEN relkind = " CppAsString2(RELKIND_SEQUENCE) " THEN 's' " " ELSE 'r' END::\"char\"," CppAsString2(BOOTSTRAP_SUPERUSERID) "::oid))" " ) as a) " " WHERE relkind IN (" CppAsString2(RELKIND_RELATION) ", " CppAsString2(RELKIND_VIEW) ", " CppAsString2(RELKIND_MATVIEW) ", " CppAsString2(RELKIND_SEQUENCE) ")" " AND relacl IS NULL;\n\n", "GRANT USAGE ON SCHEMA pg_catalog TO PUBLIC;\n\n", "GRANT CREATE, USAGE ON SCHEMA public TO PUBLIC;\n\n", "REVOKE ALL ON pg_largeobject FROM PUBLIC;\n\n", "INSERT INTO pg_init_privs " " (objoid, classoid, objsubid, initprivs, privtype)" " SELECT" " oid," " (SELECT oid FROM pg_class WHERE relname = 'pg_class')," " 0," " relacl," " 'i'" " FROM" " pg_class" " WHERE" " relacl IS NOT NULL" " AND relkind IN (" CppAsString2(RELKIND_RELATION) ", " CppAsString2(RELKIND_VIEW) ", " CppAsString2(RELKIND_MATVIEW) ", " CppAsString2(RELKIND_SEQUENCE) ");\n\n", "INSERT INTO pg_init_privs " " (objoid, classoid, objsubid, initprivs, privtype)" " SELECT" " pg_class.oid," " (SELECT oid FROM pg_class WHERE relname = 'pg_class')," " pg_attribute.attnum," " pg_attribute.attacl," " 'i'" " FROM" " pg_class" " JOIN pg_attribute ON (pg_class.oid = pg_attribute.attrelid)" " WHERE" " pg_attribute.attacl IS NOT NULL" " AND pg_class.relkind IN (" CppAsString2(RELKIND_RELATION) ", " CppAsString2(RELKIND_VIEW) ", " CppAsString2(RELKIND_MATVIEW) ", " CppAsString2(RELKIND_SEQUENCE) ");\n\n", "INSERT INTO pg_init_privs " " (objoid, classoid, objsubid, initprivs, privtype)" " SELECT" " oid," " (SELECT oid FROM pg_class WHERE relname = 'pg_proc')," " 0," " proacl," " 'i'" " FROM" " pg_proc" " WHERE" " proacl IS NOT NULL;\n\n", "INSERT INTO pg_init_privs " " (objoid, classoid, objsubid, initprivs, privtype)" " SELECT" " oid," " (SELECT oid FROM pg_class WHERE relname = 'pg_type')," " 0," " typacl," " 'i'" " FROM" " pg_type" " WHERE" " typacl IS NOT NULL;\n\n", "INSERT INTO pg_init_privs " " (objoid, classoid, objsubid, initprivs, privtype)" " SELECT" " oid," " (SELECT oid FROM pg_class WHERE relname = 'pg_language')," " 0," " lanacl," " 'i'" " FROM" " pg_language" " WHERE" " lanacl IS NOT NULL;\n\n", "INSERT INTO pg_init_privs " " (objoid, classoid, objsubid, initprivs, privtype)" " SELECT" " oid," " (SELECT oid FROM pg_class WHERE " " relname = 'pg_largeobject_metadata')," " 0," " lomacl," " 'i'" " FROM" " pg_largeobject_metadata" " WHERE" " lomacl IS NOT NULL;\n\n", "INSERT INTO pg_init_privs " " (objoid, classoid, objsubid, initprivs, privtype)" " SELECT" " oid," " (SELECT oid FROM pg_class WHERE relname = 'pg_namespace')," " 0," " nspacl," " 'i'" " FROM" " pg_namespace" " WHERE" " nspacl IS NOT NULL;\n\n", "INSERT INTO pg_init_privs " " (objoid, classoid, objsubid, initprivs, privtype)" " SELECT" " oid," " (SELECT oid FROM pg_class WHERE " " relname = 'pg_foreign_data_wrapper')," " 0," " fdwacl," " 'i'" " FROM" " pg_foreign_data_wrapper" " WHERE" " fdwacl IS NOT NULL;\n\n", "INSERT INTO pg_init_privs " " (objoid, classoid, objsubid, initprivs, privtype)" " SELECT" " oid," " (SELECT oid FROM pg_class " " WHERE relname = 'pg_foreign_server')," " 0," " srvacl," " 'i'" " FROM" " pg_foreign_server" " WHERE" " srvacl IS NOT NULL;\n\n", NULL }; priv_lines = replace_token(privileges_setup, "$POSTGRES_SUPERUSERNAME", escape_quotes(username)); for (line = priv_lines; *line != NULL; line++) PG_CMD_PUTS(*line); } /* * extract the strange version of version required for information schema * (09.08.0007abc) */ static void set_info_version(void) { char *letterversion; long major = 0, minor = 0, micro = 0; char *endptr; char *vstr = pg_strdup(PG_VERSION); char *ptr; ptr = vstr + (strlen(vstr) - 1); while (ptr != vstr && (*ptr < '0' || *ptr > '9')) ptr--; letterversion = ptr + 1; major = strtol(vstr, &endptr, 10); if (*endptr) minor = strtol(endptr + 1, &endptr, 10); if (*endptr) micro = strtol(endptr + 1, &endptr, 10); snprintf(infoversion, sizeof(infoversion), "%02ld.%02ld.%04ld%s", major, minor, micro, letterversion); } /* * load info schema and populate from features file */ static void setup_schema(FILE *cmdfd) { char **line; char **lines; lines = readfile(info_schema_file); for (line = lines; *line != NULL; line++) { PG_CMD_PUTS(*line); free(*line); } PG_CMD_PUTS("\n\n"); free(lines); PG_CMD_PRINTF("UPDATE information_schema.sql_implementation_info " " SET character_value = '%s' " " WHERE implementation_info_name = 'DBMS VERSION';\n\n", infoversion); PG_CMD_PRINTF("COPY information_schema.sql_features " " (feature_id, feature_name, sub_feature_id, " " sub_feature_name, is_supported, comments) " " FROM E'%s';\n\n", escape_quotes(features_file)); } /* * load PL/pgSQL server-side language */ static void load_plpgsql(FILE *cmdfd) { PG_CMD_PUTS("CREATE EXTENSION plpgsql;\n\n"); } /* * clean everything up in template1 */ static void vacuum_db(FILE *cmdfd) { /* Run analyze before VACUUM so the statistics are frozen. */ PG_CMD_PUTS("ANALYZE;\n\nVACUUM FREEZE;\n\n"); } /* * copy template1 to template0 */ static void make_template0(FILE *cmdfd) { const char *const *line; static const char *const template0_setup[] = { "CREATE DATABASE template0 IS_TEMPLATE = true ALLOW_CONNECTIONS = false;\n\n", /* * We use the OID of template0 to determine datlastsysoid */ "UPDATE pg_database SET datlastsysoid = " " (SELECT oid FROM pg_database " " WHERE datname = 'template0');\n\n", /* * Explicitly revoke public create-schema and create-temp-table * privileges in template1 and template0; else the latter would be on * by default */ "REVOKE CREATE,TEMPORARY ON DATABASE template1 FROM public;\n\n", "REVOKE CREATE,TEMPORARY ON DATABASE template0 FROM public;\n\n", "COMMENT ON DATABASE template0 IS 'unmodifiable empty database';\n\n", /* * Finally vacuum to clean up dead rows in pg_database */ "VACUUM pg_database;\n\n", NULL }; for (line = template0_setup; *line; line++) PG_CMD_PUTS(*line); } /* * copy template1 to postgres */ static void make_postgres(FILE *cmdfd) { const char *const *line; static const char *const postgres_setup[] = { "CREATE DATABASE postgres;\n\n", "COMMENT ON DATABASE postgres IS 'default administrative connection database';\n\n", NULL }; for (line = postgres_setup; *line; line++) PG_CMD_PUTS(*line); } /* * signal handler in case we are interrupted. * * The Windows runtime docs at * https://docs.microsoft.com/en-us/cpp/c-runtime-library/reference/signal * specifically forbid a number of things being done from a signal handler, * including IO, memory allocation and system calls, and only allow jmpbuf * if you are handling SIGFPE. * * I avoided doing the forbidden things by setting a flag instead of calling * exit() directly. * * Also note the behaviour of Windows with SIGINT, which says this: * SIGINT is not supported for any Win32 application. When a CTRL+C interrupt * occurs, Win32 operating systems generate a new thread to specifically * handle that interrupt. This can cause a single-thread application, such as * one in UNIX, to become multithreaded and cause unexpected behavior. * * I have no idea how to handle this. (Strange they call UNIX an application!) * So this will need some testing on Windows. */ static void trapsig(int signum) { /* handle systems that reset the handler, like Windows (grr) */ pqsignal(signum, trapsig); caught_signal = true; } /* * call exit() if we got a signal, or else output "ok". */ static void check_ok(void) { if (caught_signal) { printf(_("caught signal\n")); fflush(stdout); exit(1); } else if (output_failed) { printf(_("could not write to child process: %s\n"), strerror(output_errno)); fflush(stdout); exit(1); } else { /* all seems well */ printf(_("ok\n")); fflush(stdout); } } /* Hack to suppress a warning about %x from some versions of gcc */ static inline size_t my_strftime(char *s, size_t max, const char *fmt, const struct tm *tm) { return strftime(s, max, fmt, tm); } /* * Determine likely date order from locale */ static int locale_date_order(const char *locale) { struct tm testtime; char buf[128]; char *posD; char *posM; char *posY; char *save; size_t res; int result; result = DATEORDER_MDY; /* default */ save = setlocale(LC_TIME, NULL); if (!save) return result; save = pg_strdup(save); setlocale(LC_TIME, locale); memset(&testtime, 0, sizeof(testtime)); testtime.tm_mday = 22; testtime.tm_mon = 10; /* November, should come out as "11" */ testtime.tm_year = 133; /* 2033 */ res = my_strftime(buf, sizeof(buf), "%x", &testtime); setlocale(LC_TIME, save); free(save); if (res == 0) return result; posM = strstr(buf, "11"); posD = strstr(buf, "22"); posY = strstr(buf, "33"); if (!posM || !posD || !posY) return result; if (posY < posM && posM < posD) result = DATEORDER_YMD; else if (posD < posM) result = DATEORDER_DMY; else result = DATEORDER_MDY; return result; } /* * Verify that locale name is valid for the locale category. * * If successful, and canonname isn't NULL, a malloc'd copy of the locale's * canonical name is stored there. This is especially useful for figuring out * what locale name "" means (ie, the environment value). (Actually, * it seems that on most implementations that's the only thing it's good for; * we could wish that setlocale gave back a canonically spelled version of * the locale name, but typically it doesn't.) * * this should match the backend's check_locale() function */ static void check_locale_name(int category, const char *locale, char **canonname) { char *save; char *res; if (canonname) *canonname = NULL; /* in case of failure */ save = setlocale(category, NULL); if (!save) { pg_log_error("setlocale() failed"); exit(1); } /* save may be pointing at a modifiable scratch variable, so copy it. */ save = pg_strdup(save); /* for setlocale() call */ if (!locale) locale = ""; /* set the locale with setlocale, to see if it accepts it. */ res = setlocale(category, locale); /* save canonical name if requested. */ if (res && canonname) *canonname = pg_strdup(res); /* restore old value. */ if (!setlocale(category, save)) { pg_log_error("failed to restore old locale \"%s\"", save); exit(1); } free(save); /* complain if locale wasn't valid */ if (res == NULL) { if (*locale) pg_log_error("invalid locale name \"%s\"", locale); else { /* * If no relevant switch was given on command line, locale is an * empty string, which is not too helpful to report. Presumably * setlocale() found something it did not like in the environment. * Ideally we'd report the bad environment variable, but since * setlocale's behavior is implementation-specific, it's hard to * be sure what it didn't like. Print a safe generic message. */ pg_log_error("invalid locale settings; check LANG and LC_* environment variables"); } exit(1); } } /* * check if the chosen encoding matches the encoding required by the locale * * this should match the similar check in the backend createdb() function */ static bool check_locale_encoding(const char *locale, int user_enc) { int locale_enc; locale_enc = pg_get_encoding_from_locale(locale, true); /* See notes in createdb() to understand these tests */ if (!(locale_enc == user_enc || locale_enc == PG_SQL_ASCII || locale_enc == -1 || #ifdef WIN32 user_enc == PG_UTF8 || #endif user_enc == PG_SQL_ASCII)) { pg_log_error("encoding mismatch"); fprintf(stderr, _("The encoding you selected (%s) and the encoding that the\n" "selected locale uses (%s) do not match. This would lead to\n" "misbehavior in various character string processing functions.\n" "Rerun %s and either do not specify an encoding explicitly,\n" "or choose a matching combination.\n"), pg_encoding_to_char(user_enc), pg_encoding_to_char(locale_enc), progname); return false; } return true; } /* * set up the locale variables * * assumes we have called setlocale(LC_ALL, "") -- see set_pglocale_pgservice */ static void setlocales(void) { char *canonname; /* set empty lc_* values to locale config if set */ if (locale) { if (!lc_ctype) lc_ctype = locale; if (!lc_collate) lc_collate = locale; if (!lc_numeric) lc_numeric = locale; if (!lc_time) lc_time = locale; if (!lc_monetary) lc_monetary = locale; if (!lc_messages) lc_messages = locale; } /* * canonicalize locale names, and obtain any missing values from our * current environment */ check_locale_name(LC_CTYPE, lc_ctype, &canonname); lc_ctype = canonname; check_locale_name(LC_COLLATE, lc_collate, &canonname); lc_collate = canonname; check_locale_name(LC_NUMERIC, lc_numeric, &canonname); lc_numeric = canonname; check_locale_name(LC_TIME, lc_time, &canonname); lc_time = canonname; check_locale_name(LC_MONETARY, lc_monetary, &canonname); lc_monetary = canonname; #if defined(LC_MESSAGES) && !defined(WIN32) check_locale_name(LC_MESSAGES, lc_messages, &canonname); lc_messages = canonname; #else /* when LC_MESSAGES is not available, use the LC_CTYPE setting */ check_locale_name(LC_CTYPE, lc_messages, &canonname); lc_messages = canonname; #endif } /* * print help text */ static void usage(const char *progname) { printf(_("%s initializes a PostgreSQL database cluster.\n\n"), progname); printf(_("Usage:\n")); printf(_(" %s [OPTION]... [DATADIR]\n"), progname); printf(_("\nOptions:\n")); printf(_(" -A, --auth=METHOD default authentication method for local connections\n")); printf(_(" --auth-host=METHOD default authentication method for local TCP/IP connections\n")); printf(_(" --auth-local=METHOD default authentication method for local-socket connections\n")); printf(_(" [-D, --pgdata=]DATADIR location for this database cluster\n")); printf(_(" -E, --encoding=ENCODING set default encoding for new databases\n")); printf(_(" -g, --allow-group-access allow group read/execute on data directory\n")); printf(_(" --locale=LOCALE set default locale for new databases\n")); printf(_(" --lc-collate=, --lc-ctype=, --lc-messages=LOCALE\n" " --lc-monetary=, --lc-numeric=, --lc-time=LOCALE\n" " set default locale in the respective category for\n" " new databases (default taken from environment)\n")); printf(_(" --no-locale equivalent to --locale=C\n")); printf(_(" --pwfile=FILE read password for the new superuser from file\n")); printf(_(" -T, --text-search-config=CFG\n" " default text search configuration\n")); printf(_(" -U, --username=NAME database superuser name\n")); printf(_(" -W, --pwprompt prompt for a password for the new superuser\n")); printf(_(" -X, --waldir=WALDIR location for the write-ahead log directory\n")); printf(_(" --wal-segsize=SIZE size of WAL segments, in megabytes\n")); printf(_("\nLess commonly used options:\n")); printf(_(" -d, --debug generate lots of debugging output\n")); printf(_(" -k, --data-checksums use data page checksums\n")); printf(_(" -L DIRECTORY where to find the input files\n")); printf(_(" -n, --no-clean do not clean up after errors\n")); printf(_(" -N, --no-sync do not wait for changes to be written safely to disk\n")); printf(_(" -s, --show show internal settings\n")); printf(_(" -S, --sync-only only sync data directory\n")); printf(_("\nOther options:\n")); printf(_(" -V, --version output version information, then exit\n")); printf(_(" -?, --help show this help, then exit\n")); printf(_("\nIf the data directory is not specified, the environment variable PGDATA\n" "is used.\n")); printf(_("\nReport bugs to <%s>.\n"), PACKAGE_BUGREPORT); printf(_("%s home page: <%s>\n"), PACKAGE_NAME, PACKAGE_URL); } static void check_authmethod_unspecified(const char **authmethod) { if (*authmethod == NULL) { authwarning = true; *authmethod = "trust"; } } static void check_authmethod_valid(const char *authmethod, const char *const *valid_methods, const char *conntype) { const char *const *p; for (p = valid_methods; *p; p++) { if (strcmp(authmethod, *p) == 0) return; /* with space = param */ if (strchr(authmethod, ' ')) if (strncmp(authmethod, *p, (authmethod - strchr(authmethod, ' '))) == 0) return; } pg_log_error("invalid authentication method \"%s\" for \"%s\" connections", authmethod, conntype); exit(1); } static void check_need_password(const char *authmethodlocal, const char *authmethodhost) { if ((strcmp(authmethodlocal, "md5") == 0 || strcmp(authmethodlocal, "password") == 0 || strcmp(authmethodlocal, "scram-sha-256") == 0) && (strcmp(authmethodhost, "md5") == 0 || strcmp(authmethodhost, "password") == 0 || strcmp(authmethodhost, "scram-sha-256") == 0) && !(pwprompt || pwfilename)) { pg_log_error("must specify a password for the superuser to enable %s authentication", (strcmp(authmethodlocal, "md5") == 0 || strcmp(authmethodlocal, "password") == 0 || strcmp(authmethodlocal, "scram-sha-256") == 0) ? authmethodlocal : authmethodhost); exit(1); } } void setup_pgdata(void) { char *pgdata_get_env, *pgdata_set_env; if (!pg_data) { pgdata_get_env = getenv("PGDATA"); if (pgdata_get_env && strlen(pgdata_get_env)) { /* PGDATA found */ pg_data = pg_strdup(pgdata_get_env); } else { pg_log_error("no data directory specified"); fprintf(stderr, _("You must identify the directory where the data for this database system\n" "will reside. Do this with either the invocation option -D or the\n" "environment variable PGDATA.\n")); exit(1); } } pgdata_native = pg_strdup(pg_data); canonicalize_path(pg_data); /* * we have to set PGDATA for postgres rather than pass it on the command * line to avoid dumb quoting problems on Windows, and we would especially * need quotes otherwise on Windows because paths there are most likely to * have embedded spaces. */ pgdata_set_env = psprintf("PGDATA=%s", pg_data); putenv(pgdata_set_env); } void setup_bin_paths(const char *argv0) { int ret; if ((ret = find_other_exec(argv0, "postgres", PG_BACKEND_VERSIONSTR, backend_exec)) < 0) { char full_path[MAXPGPATH]; if (find_my_exec(argv0, full_path) < 0) strlcpy(full_path, progname, sizeof(full_path)); if (ret == -1) pg_log_error("The program \"%s\" is needed by %s but was not found in the\n" "same directory as \"%s\".\n" "Check your installation.", "postgres", progname, full_path); else pg_log_error("The program \"%s\" was found by \"%s\"\n" "but was not the same version as %s.\n" "Check your installation.", "postgres", full_path, progname); exit(1); } /* store binary directory */ strcpy(bin_path, backend_exec); *last_dir_separator(bin_path) = '\0'; canonicalize_path(bin_path); if (!share_path) { share_path = pg_malloc(MAXPGPATH); get_share_path(backend_exec, share_path); } else if (!is_absolute_path(share_path)) { pg_log_error("input file location must be an absolute path"); exit(1); } canonicalize_path(share_path); } void setup_locale_encoding(void) { setlocales(); if (strcmp(lc_ctype, lc_collate) == 0 && strcmp(lc_ctype, lc_time) == 0 && strcmp(lc_ctype, lc_numeric) == 0 && strcmp(lc_ctype, lc_monetary) == 0 && strcmp(lc_ctype, lc_messages) == 0) printf(_("The database cluster will be initialized with locale \"%s\".\n"), lc_ctype); else { printf(_("The database cluster will be initialized with locales\n" " COLLATE: %s\n" " CTYPE: %s\n" " MESSAGES: %s\n" " MONETARY: %s\n" " NUMERIC: %s\n" " TIME: %s\n"), lc_collate, lc_ctype, lc_messages, lc_monetary, lc_numeric, lc_time); } if (!encoding) { int ctype_enc; ctype_enc = pg_get_encoding_from_locale(lc_ctype, true); if (ctype_enc == -1) { /* Couldn't recognize the locale's codeset */ pg_log_error("could not find suitable encoding for locale \"%s\"", lc_ctype); fprintf(stderr, _("Rerun %s with the -E option.\n"), progname); fprintf(stderr, _("Try \"%s --help\" for more information.\n"), progname); exit(1); } else if (!pg_valid_server_encoding_id(ctype_enc)) { /* * We recognized it, but it's not a legal server encoding. On * Windows, UTF-8 works with any locale, so we can fall back to * UTF-8. */ #ifdef WIN32 encodingid = PG_UTF8; printf(_("Encoding \"%s\" implied by locale is not allowed as a server-side encoding.\n" "The default database encoding will be set to \"%s\" instead.\n"), pg_encoding_to_char(ctype_enc), pg_encoding_to_char(encodingid)); #else pg_log_error("locale \"%s\" requires unsupported encoding \"%s\"", lc_ctype, pg_encoding_to_char(ctype_enc)); fprintf(stderr, _("Encoding \"%s\" is not allowed as a server-side encoding.\n" "Rerun %s with a different locale selection.\n"), pg_encoding_to_char(ctype_enc), progname); exit(1); #endif } else { encodingid = ctype_enc; printf(_("The default database encoding has accordingly been set to \"%s\".\n"), pg_encoding_to_char(encodingid)); } } else encodingid = get_encoding_id(encoding); if (!check_locale_encoding(lc_ctype, encodingid) || !check_locale_encoding(lc_collate, encodingid)) exit(1); /* check_locale_encoding printed the error */ } void setup_data_file_paths(void) { set_input(&bki_file, "postgres.bki"); set_input(&hba_file, "pg_hba.conf.sample"); set_input(&ident_file, "pg_ident.conf.sample"); set_input(&conf_file, "postgresql.conf.sample"); set_input(&dictionary_file, "snowball_create.sql"); set_input(&info_schema_file, "information_schema.sql"); set_input(&features_file, "sql_features.txt"); set_input(&system_views_file, "system_views.sql"); if (show_setting || debug) { fprintf(stderr, "VERSION=%s\n" "PGDATA=%s\nshare_path=%s\nPGPATH=%s\n" "POSTGRES_SUPERUSERNAME=%s\nPOSTGRES_BKI=%s\n" "POSTGRESQL_CONF_SAMPLE=%s\n" "PG_HBA_SAMPLE=%s\nPG_IDENT_SAMPLE=%s\n", PG_VERSION, pg_data, share_path, bin_path, username, bki_file, conf_file, hba_file, ident_file); if (show_setting) exit(0); } check_input(bki_file); check_input(hba_file); check_input(ident_file); check_input(conf_file); check_input(dictionary_file); check_input(info_schema_file); check_input(features_file); check_input(system_views_file); } void setup_text_search(void) { if (!default_text_search_config) { default_text_search_config = find_matching_ts_config(lc_ctype); if (!default_text_search_config) { pg_log_info("could not find suitable text search configuration for locale \"%s\"", lc_ctype); default_text_search_config = "simple"; } } else { const char *checkmatch = find_matching_ts_config(lc_ctype); if (checkmatch == NULL) { pg_log_warning("suitable text search configuration for locale \"%s\" is unknown", lc_ctype); } else if (strcmp(checkmatch, default_text_search_config) != 0) { pg_log_warning("specified text search configuration \"%s\" might not match locale \"%s\"", default_text_search_config, lc_ctype); } } printf(_("The default text search configuration will be set to \"%s\".\n"), default_text_search_config); } void setup_signals(void) { /* some of these are not valid on Windows */ #ifdef SIGHUP pqsignal(SIGHUP, trapsig); #endif #ifdef SIGINT pqsignal(SIGINT, trapsig); #endif #ifdef SIGQUIT pqsignal(SIGQUIT, trapsig); #endif #ifdef SIGTERM pqsignal(SIGTERM, trapsig); #endif /* Ignore SIGPIPE when writing to backend, so we can clean up */ #ifdef SIGPIPE pqsignal(SIGPIPE, SIG_IGN); #endif /* Prevent SIGSYS so we can probe for kernel calls that might not work */ #ifdef SIGSYS pqsignal(SIGSYS, SIG_IGN); #endif } void create_data_directory(void) { int ret; switch ((ret = pg_check_dir(pg_data))) { case 0: /* PGDATA not there, must create it */ printf(_("creating directory %s ... "), pg_data); fflush(stdout); if (pg_mkdir_p(pg_data, pg_dir_create_mode) != 0) { pg_log_error("could not create directory \"%s\": %m", pg_data); exit(1); } else check_ok(); made_new_pgdata = true; break; case 1: /* Present but empty, fix permissions and use it */ printf(_("fixing permissions on existing directory %s ... "), pg_data); fflush(stdout); if (chmod(pg_data, pg_dir_create_mode) != 0) { pg_log_error("could not change permissions of directory \"%s\": %m", pg_data); exit(1); } else check_ok(); found_existing_pgdata = true; break; case 2: case 3: case 4: /* Present and not empty */ pg_log_error("directory \"%s\" exists but is not empty", pg_data); if (ret != 4) warn_on_mount_point(ret); else fprintf(stderr, _("If you want to create a new database system, either remove or empty\n" "the directory \"%s\" or run %s\n" "with an argument other than \"%s\".\n"), pg_data, progname, pg_data); exit(1); /* no further message needed */ default: /* Trouble accessing directory */ pg_log_error("could not access directory \"%s\": %m", pg_data); exit(1); } } /* Create WAL directory, and symlink if required */ void create_xlog_or_symlink(void) { char *subdirloc; /* form name of the place for the subdirectory or symlink */ subdirloc = psprintf("%s/pg_wal", pg_data); if (xlog_dir) { int ret; /* clean up xlog directory name, check it's absolute */ canonicalize_path(xlog_dir); if (!is_absolute_path(xlog_dir)) { pg_log_error("WAL directory location must be an absolute path"); exit(1); } /* check if the specified xlog directory exists/is empty */ switch ((ret = pg_check_dir(xlog_dir))) { case 0: /* xlog directory not there, must create it */ printf(_("creating directory %s ... "), xlog_dir); fflush(stdout); if (pg_mkdir_p(xlog_dir, pg_dir_create_mode) != 0) { pg_log_error("could not create directory \"%s\": %m", xlog_dir); exit(1); } else check_ok(); made_new_xlogdir = true; break; case 1: /* Present but empty, fix permissions and use it */ printf(_("fixing permissions on existing directory %s ... "), xlog_dir); fflush(stdout); if (chmod(xlog_dir, pg_dir_create_mode) != 0) { pg_log_error("could not change permissions of directory \"%s\": %m", xlog_dir); exit(1); } else check_ok(); found_existing_xlogdir = true; break; case 2: case 3: case 4: /* Present and not empty */ pg_log_error("directory \"%s\" exists but is not empty", xlog_dir); if (ret != 4) warn_on_mount_point(ret); else fprintf(stderr, _("If you want to store the WAL there, either remove or empty the directory\n" "\"%s\".\n"), xlog_dir); exit(1); default: /* Trouble accessing directory */ pg_log_error("could not access directory \"%s\": %m", xlog_dir); exit(1); } #ifdef HAVE_SYMLINK if (symlink(xlog_dir, subdirloc) != 0) { pg_log_error("could not create symbolic link \"%s\": %m", subdirloc); exit(1); } #else pg_log_error("symlinks are not supported on this platform"); exit(1); #endif } else { /* Without -X option, just make the subdirectory normally */ if (mkdir(subdirloc, pg_dir_create_mode) < 0) { pg_log_error("could not create directory \"%s\": %m", subdirloc); exit(1); } } free(subdirloc); } void warn_on_mount_point(int error) { if (error == 2) fprintf(stderr, _("It contains a dot-prefixed/invisible file, perhaps due to it being a mount point.\n")); else if (error == 3) fprintf(stderr, _("It contains a lost+found directory, perhaps due to it being a mount point.\n")); fprintf(stderr, _("Using a mount point directly as the data directory is not recommended.\n" "Create a subdirectory under the mount point.\n")); } void initialize_data_directory(void) { PG_CMD_DECL; int i; setup_signals(); /* * Set mask based on requested PGDATA permissions. pg_mode_mask, and * friends like pg_dir_create_mode, are set to owner-only by default and * then updated if -g is passed in by calling SetDataDirectoryCreatePerm() * when parsing our options (see above). */ umask(pg_mode_mask); create_data_directory(); create_xlog_or_symlink(); /* Create required subdirectories (other than pg_wal) */ printf(_("creating subdirectories ... ")); fflush(stdout); for (i = 0; i < lengthof(subdirs); i++) { char *path; path = psprintf("%s/%s", pg_data, subdirs[i]); /* * The parent directory already exists, so we only need mkdir() not * pg_mkdir_p() here, which avoids some failure modes; cf bug #13853. */ if (mkdir(path, pg_dir_create_mode) < 0) { pg_log_error("could not create directory \"%s\": %m", path); exit(1); } free(path); } check_ok(); /* Top level PG_VERSION is checked by bootstrapper, so make it first */ write_version_file(NULL); /* Select suitable configuration settings */ set_null_conf(); test_config_settings(); /* Now create all the text config files */ setup_config(); /* Bootstrap template1 */ bootstrap_template1(); /* * Make the per-database PG_VERSION for template1 only after init'ing it */ write_version_file("base/1"); /* * Create the stuff we don't need to use bootstrap mode for, using a * backend running in simple standalone mode. */ fputs(_("performing post-bootstrap initialization ... "), stdout); fflush(stdout); snprintf(cmd, sizeof(cmd), "\"%s\" %s template1 >%s", backend_exec, backend_options, DEVNULL); PG_CMD_OPEN; setup_auth(cmdfd); setup_depend(cmdfd); /* * Note that no objects created after setup_depend() will be "pinned". * They are all droppable at the whim of the DBA. */ setup_sysviews(cmdfd); setup_description(cmdfd); setup_collation(cmdfd); setup_dictionary(cmdfd); setup_privileges(cmdfd); setup_schema(cmdfd); load_plpgsql(cmdfd); vacuum_db(cmdfd); make_template0(cmdfd); make_postgres(cmdfd); PG_CMD_CLOSE; check_ok(); } int main(int argc, char *argv[]) { static struct option long_options[] = { {"pgdata", required_argument, NULL, 'D'}, {"encoding", required_argument, NULL, 'E'}, {"locale", required_argument, NULL, 1}, {"lc-collate", required_argument, NULL, 2}, {"lc-ctype", required_argument, NULL, 3}, {"lc-monetary", required_argument, NULL, 4}, {"lc-numeric", required_argument, NULL, 5}, {"lc-time", required_argument, NULL, 6}, {"lc-messages", required_argument, NULL, 7}, {"no-locale", no_argument, NULL, 8}, {"text-search-config", required_argument, NULL, 'T'}, {"auth", required_argument, NULL, 'A'}, {"auth-local", required_argument, NULL, 10}, {"auth-host", required_argument, NULL, 11}, {"pwprompt", no_argument, NULL, 'W'}, {"pwfile", required_argument, NULL, 9}, {"username", required_argument, NULL, 'U'}, {"help", no_argument, NULL, '?'}, {"version", no_argument, NULL, 'V'}, {"debug", no_argument, NULL, 'd'}, {"show", no_argument, NULL, 's'}, {"noclean", no_argument, NULL, 'n'}, /* for backwards compatibility */ {"no-clean", no_argument, NULL, 'n'}, {"nosync", no_argument, NULL, 'N'}, /* for backwards compatibility */ {"no-sync", no_argument, NULL, 'N'}, {"sync-only", no_argument, NULL, 'S'}, {"waldir", required_argument, NULL, 'X'}, {"wal-segsize", required_argument, NULL, 12}, {"data-checksums", no_argument, NULL, 'k'}, {"allow-group-access", no_argument, NULL, 'g'}, {NULL, 0, NULL, 0} }; /* * options with no short version return a low integer, the rest return * their short version value */ int c; int option_index; char *effective_user; PQExpBuffer start_db_cmd; char pg_ctl_path[MAXPGPATH]; /* * Ensure that buffering behavior of stdout matches what it is in * interactive usage (at least on most platforms). This prevents * unexpected output ordering when, eg, output is redirected to a file. * POSIX says we must do this before any other usage of these files. */ setvbuf(stdout, NULL, PG_IOLBF, 0); pg_logging_init(argv[0]); progname = get_progname(argv[0]); set_pglocale_pgservice(argv[0], PG_TEXTDOMAIN("initdb")); if (argc > 1) { if (strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") == 0) { usage(progname); exit(0); } if (strcmp(argv[1], "--version") == 0 || strcmp(argv[1], "-V") == 0) { puts("initdb (PostgreSQL) " PG_VERSION); exit(0); } } /* process command-line options */ while ((c = getopt_long(argc, argv, "A:dD:E:gkL:nNsST:U:WX:", long_options, &option_index)) != -1) { switch (c) { case 'A': authmethodlocal = authmethodhost = pg_strdup(optarg); /* * When ident is specified, use peer for local connections. * Mirrored, when peer is specified, use ident for TCP/IP * connections. */ if (strcmp(authmethodhost, "ident") == 0) authmethodlocal = "peer"; else if (strcmp(authmethodlocal, "peer") == 0) authmethodhost = "ident"; break; case 10: authmethodlocal = pg_strdup(optarg); break; case 11: authmethodhost = pg_strdup(optarg); break; case 'D': pg_data = pg_strdup(optarg); break; case 'E': encoding = pg_strdup(optarg); break; case 'W': pwprompt = true; break; case 'U': username = pg_strdup(optarg); break; case 'd': debug = true; printf(_("Running in debug mode.\n")); break; case 'n': noclean = true; printf(_("Running in no-clean mode. Mistakes will not be cleaned up.\n")); break; case 'N': do_sync = false; break; case 'S': sync_only = true; break; case 'k': data_checksums = true; break; case 'L': share_path = pg_strdup(optarg); break; case 1: locale = pg_strdup(optarg); break; case 2: lc_collate = pg_strdup(optarg); break; case 3: lc_ctype = pg_strdup(optarg); break; case 4: lc_monetary = pg_strdup(optarg); break; case 5: lc_numeric = pg_strdup(optarg); break; case 6: lc_time = pg_strdup(optarg); break; case 7: lc_messages = pg_strdup(optarg); break; case 8: locale = "C"; break; case 9: pwfilename = pg_strdup(optarg); break; case 's': show_setting = true; break; case 'T': default_text_search_config = pg_strdup(optarg); break; case 'X': xlog_dir = pg_strdup(optarg); break; case 12: str_wal_segment_size_mb = pg_strdup(optarg); break; case 'g': SetDataDirectoryCreatePerm(PG_DIR_MODE_GROUP); break; default: /* getopt_long already emitted a complaint */ fprintf(stderr, _("Try \"%s --help\" for more information.\n"), progname); exit(1); } } /* * Non-option argument specifies data directory as long as it wasn't * already specified with -D / --pgdata */ if (optind < argc && !pg_data) { pg_data = pg_strdup(argv[optind]); optind++; } if (optind < argc) { pg_log_error("too many command-line arguments (first is \"%s\")", argv[optind]); fprintf(stderr, _("Try \"%s --help\" for more information.\n"), progname); exit(1); } atexit(cleanup_directories_atexit); /* If we only need to fsync, just do it and exit */ if (sync_only) { setup_pgdata(); /* must check that directory is readable */ if (pg_check_dir(pg_data) <= 0) { pg_log_error("could not access directory \"%s\": %m", pg_data); exit(1); } fputs(_("syncing data to disk ... "), stdout); fflush(stdout); fsync_pgdata(pg_data, PG_VERSION_NUM); check_ok(); return 0; } if (pwprompt && pwfilename) { pg_log_error("password prompt and password file cannot be specified together"); exit(1); } check_authmethod_unspecified(&authmethodlocal); check_authmethod_unspecified(&authmethodhost); check_authmethod_valid(authmethodlocal, auth_methods_local, "local"); check_authmethod_valid(authmethodhost, auth_methods_host, "host"); check_need_password(authmethodlocal, authmethodhost); /* set wal segment size */ if (str_wal_segment_size_mb == NULL) wal_segment_size_mb = (DEFAULT_XLOG_SEG_SIZE) / (1024 * 1024); else { char *endptr; /* check that the argument is a number */ wal_segment_size_mb = strtol(str_wal_segment_size_mb, &endptr, 10); /* verify that wal segment size is valid */ if (endptr == str_wal_segment_size_mb || *endptr != '\0') { pg_log_error("argument of --wal-segsize must be a number"); exit(1); } if (!IsValidWalSegSize(wal_segment_size_mb * 1024 * 1024)) { pg_log_error("argument of --wal-segsize must be a power of 2 between 1 and 1024"); exit(1); } } get_restricted_token(); setup_pgdata(); setup_bin_paths(argv[0]); effective_user = get_id(); if (!username) username = effective_user; if (strncmp(username, "pg_", 3) == 0) { pg_log_error("superuser name \"%s\" is disallowed; role names cannot begin with \"pg_\"", username); exit(1); } printf(_("The files belonging to this database system will be owned " "by user \"%s\".\n" "This user must also own the server process.\n\n"), effective_user); set_info_version(); setup_data_file_paths(); setup_locale_encoding(); setup_text_search(); printf("\n"); if (data_checksums) printf(_("Data page checksums are enabled.\n")); else printf(_("Data page checksums are disabled.\n")); if (pwprompt || pwfilename) get_su_pwd(); printf("\n"); initialize_data_directory(); if (do_sync) { fputs(_("syncing data to disk ... "), stdout); fflush(stdout); fsync_pgdata(pg_data, PG_VERSION_NUM); check_ok(); } else printf(_("\nSync to disk skipped.\nThe data directory might become corrupt if the operating system crashes.\n")); if (authwarning) { printf("\n"); pg_log_warning("enabling \"trust\" authentication for local connections"); fprintf(stderr, _("You can change this by editing pg_hba.conf or using the option -A, or\n" "--auth-local and --auth-host, the next time you run initdb.\n")); } /* * Build up a shell command to tell the user how to start the server */ start_db_cmd = createPQExpBuffer(); /* Get directory specification used to start initdb ... */ strlcpy(pg_ctl_path, argv[0], sizeof(pg_ctl_path)); canonicalize_path(pg_ctl_path); get_parent_directory(pg_ctl_path); /* ... and tag on pg_ctl instead */ join_path_components(pg_ctl_path, pg_ctl_path, "pg_ctl"); /* Convert the path to use native separators */ make_native_path(pg_ctl_path); /* path to pg_ctl, properly quoted */ appendShellString(start_db_cmd, pg_ctl_path); /* add -D switch, with properly quoted data directory */ appendPQExpBufferStr(start_db_cmd, " -D "); appendShellString(start_db_cmd, pgdata_native); /* add suggested -l switch and "start" command */ /* translator: This is a placeholder in a shell command. */ appendPQExpBuffer(start_db_cmd, " -l %s start", _("logfile")); printf(_("\nSuccess. You can now start the database server using:\n\n" " %s\n\n"), start_db_cmd->data); destroyPQExpBuffer(start_db_cmd); success = true; return 0; }