mirror of
https://git.postgresql.org/git/postgresql.git
synced 2025-01-12 18:34:36 +08:00
470 lines
11 KiB
C
470 lines
11 KiB
C
/*-------------------------------------------------------------------------
|
|
*
|
|
* File-processing utility routines.
|
|
*
|
|
* Assorted utility functions to work on files.
|
|
*
|
|
*
|
|
* Portions Copyright (c) 1996-2022, PostgreSQL Global Development Group
|
|
* Portions Copyright (c) 1994, Regents of the University of California
|
|
*
|
|
* src/common/file_utils.c
|
|
*
|
|
*-------------------------------------------------------------------------
|
|
*/
|
|
|
|
#ifndef FRONTEND
|
|
#include "postgres.h"
|
|
#else
|
|
#include "postgres_fe.h"
|
|
#endif
|
|
|
|
#include <dirent.h>
|
|
#include <fcntl.h>
|
|
#include <sys/stat.h>
|
|
#include <unistd.h>
|
|
|
|
#include "common/file_utils.h"
|
|
#ifdef FRONTEND
|
|
#include "common/logging.h"
|
|
#endif
|
|
|
|
#ifdef FRONTEND
|
|
|
|
/* Define PG_FLUSH_DATA_WORKS if we have an implementation for pg_flush_data */
|
|
#if defined(HAVE_SYNC_FILE_RANGE)
|
|
#define PG_FLUSH_DATA_WORKS 1
|
|
#elif defined(USE_POSIX_FADVISE) && defined(POSIX_FADV_DONTNEED)
|
|
#define PG_FLUSH_DATA_WORKS 1
|
|
#endif
|
|
|
|
/*
|
|
* pg_xlog has been renamed to pg_wal in version 10.
|
|
*/
|
|
#define MINIMUM_VERSION_FOR_PG_WAL 100000
|
|
|
|
#ifdef PG_FLUSH_DATA_WORKS
|
|
static int pre_sync_fname(const char *fname, bool isdir);
|
|
#endif
|
|
static void walkdir(const char *path,
|
|
int (*action) (const char *fname, bool isdir),
|
|
bool process_symlinks);
|
|
|
|
/*
|
|
* Issue fsync recursively on PGDATA and all its contents.
|
|
*
|
|
* We fsync regular files and directories wherever they are, but we follow
|
|
* symlinks only for pg_wal (or pg_xlog) and immediately under pg_tblspc.
|
|
* Other symlinks are presumed to point at files we're not responsible for
|
|
* fsyncing, and might not have privileges to write at all.
|
|
*
|
|
* serverVersion indicates the version of the server to be fsync'd.
|
|
*/
|
|
void
|
|
fsync_pgdata(const char *pg_data,
|
|
int serverVersion)
|
|
{
|
|
bool xlog_is_symlink;
|
|
char pg_wal[MAXPGPATH];
|
|
char pg_tblspc[MAXPGPATH];
|
|
|
|
/* handle renaming of pg_xlog to pg_wal in post-10 clusters */
|
|
snprintf(pg_wal, MAXPGPATH, "%s/%s", pg_data,
|
|
serverVersion < MINIMUM_VERSION_FOR_PG_WAL ? "pg_xlog" : "pg_wal");
|
|
snprintf(pg_tblspc, MAXPGPATH, "%s/pg_tblspc", pg_data);
|
|
|
|
/*
|
|
* If pg_wal is a symlink, we'll need to recurse into it separately,
|
|
* because the first walkdir below will ignore it.
|
|
*/
|
|
xlog_is_symlink = false;
|
|
|
|
#ifndef WIN32
|
|
{
|
|
struct stat st;
|
|
|
|
if (lstat(pg_wal, &st) < 0)
|
|
pg_log_error("could not stat file \"%s\": %m", pg_wal);
|
|
else if (S_ISLNK(st.st_mode))
|
|
xlog_is_symlink = true;
|
|
}
|
|
#else
|
|
if (pgwin32_is_junction(pg_wal))
|
|
xlog_is_symlink = true;
|
|
#endif
|
|
|
|
/*
|
|
* If possible, hint to the kernel that we're soon going to fsync the data
|
|
* directory and its contents.
|
|
*/
|
|
#ifdef PG_FLUSH_DATA_WORKS
|
|
walkdir(pg_data, pre_sync_fname, false);
|
|
if (xlog_is_symlink)
|
|
walkdir(pg_wal, pre_sync_fname, false);
|
|
walkdir(pg_tblspc, pre_sync_fname, true);
|
|
#endif
|
|
|
|
/*
|
|
* Now we do the fsync()s in the same order.
|
|
*
|
|
* The main call ignores symlinks, so in addition to specially processing
|
|
* pg_wal if it's a symlink, pg_tblspc has to be visited separately with
|
|
* process_symlinks = true. Note that if there are any plain directories
|
|
* in pg_tblspc, they'll get fsync'd twice. That's not an expected case
|
|
* so we don't worry about optimizing it.
|
|
*/
|
|
walkdir(pg_data, fsync_fname, false);
|
|
if (xlog_is_symlink)
|
|
walkdir(pg_wal, fsync_fname, false);
|
|
walkdir(pg_tblspc, fsync_fname, true);
|
|
}
|
|
|
|
/*
|
|
* Issue fsync recursively on the given directory and all its contents.
|
|
*
|
|
* This is a convenient wrapper on top of walkdir().
|
|
*/
|
|
void
|
|
fsync_dir_recurse(const char *dir)
|
|
{
|
|
/*
|
|
* If possible, hint to the kernel that we're soon going to fsync the data
|
|
* directory and its contents.
|
|
*/
|
|
#ifdef PG_FLUSH_DATA_WORKS
|
|
walkdir(dir, pre_sync_fname, false);
|
|
#endif
|
|
|
|
walkdir(dir, fsync_fname, false);
|
|
}
|
|
|
|
/*
|
|
* walkdir: recursively walk a directory, applying the action to each
|
|
* regular file and directory (including the named directory itself).
|
|
*
|
|
* If process_symlinks is true, the action and recursion are also applied
|
|
* to regular files and directories that are pointed to by symlinks in the
|
|
* given directory; otherwise symlinks are ignored. Symlinks are always
|
|
* ignored in subdirectories, ie we intentionally don't pass down the
|
|
* process_symlinks flag to recursive calls.
|
|
*
|
|
* Errors are reported but not considered fatal.
|
|
*
|
|
* See also walkdir in fd.c, which is a backend version of this logic.
|
|
*/
|
|
static void
|
|
walkdir(const char *path,
|
|
int (*action) (const char *fname, bool isdir),
|
|
bool process_symlinks)
|
|
{
|
|
DIR *dir;
|
|
struct dirent *de;
|
|
|
|
dir = opendir(path);
|
|
if (dir == NULL)
|
|
{
|
|
pg_log_error("could not open directory \"%s\": %m", path);
|
|
return;
|
|
}
|
|
|
|
while (errno = 0, (de = readdir(dir)) != NULL)
|
|
{
|
|
char subpath[MAXPGPATH * 2];
|
|
|
|
if (strcmp(de->d_name, ".") == 0 ||
|
|
strcmp(de->d_name, "..") == 0)
|
|
continue;
|
|
|
|
snprintf(subpath, sizeof(subpath), "%s/%s", path, de->d_name);
|
|
|
|
switch (get_dirent_type(subpath, de, process_symlinks, PG_LOG_ERROR))
|
|
{
|
|
case PGFILETYPE_REG:
|
|
(*action) (subpath, false);
|
|
break;
|
|
case PGFILETYPE_DIR:
|
|
walkdir(subpath, action, false);
|
|
break;
|
|
default:
|
|
|
|
/*
|
|
* Errors are already reported directly by get_dirent_type(),
|
|
* and any remaining symlinks and unknown file types are
|
|
* ignored.
|
|
*/
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (errno)
|
|
pg_log_error("could not read directory \"%s\": %m", path);
|
|
|
|
(void) closedir(dir);
|
|
|
|
/*
|
|
* It's important to fsync the destination directory itself as individual
|
|
* file fsyncs don't guarantee that the directory entry for the file is
|
|
* synced. Recent versions of ext4 have made the window much wider but
|
|
* it's been an issue for ext3 and other filesystems in the past.
|
|
*/
|
|
(*action) (path, true);
|
|
}
|
|
|
|
/*
|
|
* Hint to the OS that it should get ready to fsync() this file.
|
|
*
|
|
* Ignores errors trying to open unreadable files, and reports other errors
|
|
* non-fatally.
|
|
*/
|
|
#ifdef PG_FLUSH_DATA_WORKS
|
|
|
|
static int
|
|
pre_sync_fname(const char *fname, bool isdir)
|
|
{
|
|
int fd;
|
|
|
|
fd = open(fname, O_RDONLY | PG_BINARY, 0);
|
|
|
|
if (fd < 0)
|
|
{
|
|
if (errno == EACCES || (isdir && errno == EISDIR))
|
|
return 0;
|
|
pg_log_error("could not open file \"%s\": %m", fname);
|
|
return -1;
|
|
}
|
|
|
|
/*
|
|
* We do what pg_flush_data() would do in the backend: prefer to use
|
|
* sync_file_range, but fall back to posix_fadvise. We ignore errors
|
|
* because this is only a hint.
|
|
*/
|
|
#if defined(HAVE_SYNC_FILE_RANGE)
|
|
(void) sync_file_range(fd, 0, 0, SYNC_FILE_RANGE_WRITE);
|
|
#elif defined(USE_POSIX_FADVISE) && defined(POSIX_FADV_DONTNEED)
|
|
(void) posix_fadvise(fd, 0, 0, POSIX_FADV_DONTNEED);
|
|
#else
|
|
#error PG_FLUSH_DATA_WORKS should not have been defined
|
|
#endif
|
|
|
|
(void) close(fd);
|
|
return 0;
|
|
}
|
|
|
|
#endif /* PG_FLUSH_DATA_WORKS */
|
|
|
|
/*
|
|
* fsync_fname -- Try to fsync a file or directory
|
|
*
|
|
* Ignores errors trying to open unreadable files, or trying to fsync
|
|
* directories on systems where that isn't allowed/required. All other errors
|
|
* are fatal.
|
|
*/
|
|
int
|
|
fsync_fname(const char *fname, bool isdir)
|
|
{
|
|
int fd;
|
|
int flags;
|
|
int returncode;
|
|
|
|
/*
|
|
* Some OSs require directories to be opened read-only whereas other
|
|
* systems don't allow us to fsync files opened read-only; so we need both
|
|
* cases here. Using O_RDWR will cause us to fail to fsync files that are
|
|
* not writable by our userid, but we assume that's OK.
|
|
*/
|
|
flags = PG_BINARY;
|
|
if (!isdir)
|
|
flags |= O_RDWR;
|
|
else
|
|
flags |= O_RDONLY;
|
|
|
|
/*
|
|
* Open the file, silently ignoring errors about unreadable files (or
|
|
* unsupported operations, e.g. opening a directory under Windows), and
|
|
* logging others.
|
|
*/
|
|
fd = open(fname, flags, 0);
|
|
if (fd < 0)
|
|
{
|
|
if (errno == EACCES || (isdir && errno == EISDIR))
|
|
return 0;
|
|
pg_log_error("could not open file \"%s\": %m", fname);
|
|
return -1;
|
|
}
|
|
|
|
returncode = fsync(fd);
|
|
|
|
/*
|
|
* Some OSes don't allow us to fsync directories at all, so we can ignore
|
|
* those errors. Anything else needs to be reported.
|
|
*/
|
|
if (returncode != 0 && !(isdir && (errno == EBADF || errno == EINVAL)))
|
|
{
|
|
pg_log_fatal("could not fsync file \"%s\": %m", fname);
|
|
(void) close(fd);
|
|
exit(EXIT_FAILURE);
|
|
}
|
|
|
|
(void) close(fd);
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* fsync_parent_path -- fsync the parent path of a file or directory
|
|
*
|
|
* This is aimed at making file operations persistent on disk in case of
|
|
* an OS crash or power failure.
|
|
*/
|
|
int
|
|
fsync_parent_path(const char *fname)
|
|
{
|
|
char parentpath[MAXPGPATH];
|
|
|
|
strlcpy(parentpath, fname, MAXPGPATH);
|
|
get_parent_directory(parentpath);
|
|
|
|
/*
|
|
* get_parent_directory() returns an empty string if the input argument is
|
|
* just a file name (see comments in path.c), so handle that as being the
|
|
* current directory.
|
|
*/
|
|
if (strlen(parentpath) == 0)
|
|
strlcpy(parentpath, ".", MAXPGPATH);
|
|
|
|
if (fsync_fname(parentpath, true) != 0)
|
|
return -1;
|
|
|
|
return 0;
|
|
}
|
|
|
|
/*
|
|
* durable_rename -- rename(2) wrapper, issuing fsyncs required for durability
|
|
*
|
|
* Wrapper around rename, similar to the backend version.
|
|
*/
|
|
int
|
|
durable_rename(const char *oldfile, const char *newfile)
|
|
{
|
|
int fd;
|
|
|
|
/*
|
|
* First fsync the old and target path (if it exists), to ensure that they
|
|
* are properly persistent on disk. Syncing the target file is not
|
|
* strictly necessary, but it makes it easier to reason about crashes;
|
|
* because it's then guaranteed that either source or target file exists
|
|
* after a crash.
|
|
*/
|
|
if (fsync_fname(oldfile, false) != 0)
|
|
return -1;
|
|
|
|
fd = open(newfile, PG_BINARY | O_RDWR, 0);
|
|
if (fd < 0)
|
|
{
|
|
if (errno != ENOENT)
|
|
{
|
|
pg_log_error("could not open file \"%s\": %m", newfile);
|
|
return -1;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
if (fsync(fd) != 0)
|
|
{
|
|
pg_log_fatal("could not fsync file \"%s\": %m", newfile);
|
|
close(fd);
|
|
exit(EXIT_FAILURE);
|
|
}
|
|
close(fd);
|
|
}
|
|
|
|
/* Time to do the real deal... */
|
|
if (rename(oldfile, newfile) != 0)
|
|
{
|
|
pg_log_error("could not rename file \"%s\" to \"%s\": %m",
|
|
oldfile, newfile);
|
|
return -1;
|
|
}
|
|
|
|
/*
|
|
* To guarantee renaming the file is persistent, fsync the file with its
|
|
* new name, and its containing directory.
|
|
*/
|
|
if (fsync_fname(newfile, false) != 0)
|
|
return -1;
|
|
|
|
if (fsync_parent_path(newfile) != 0)
|
|
return -1;
|
|
|
|
return 0;
|
|
}
|
|
|
|
#endif /* FRONTEND */
|
|
|
|
/*
|
|
* Return the type of a directory entry.
|
|
*
|
|
* In frontend code, elevel should be a level from logging.h; in backend code
|
|
* it should be a level from elog.h.
|
|
*/
|
|
PGFileType
|
|
get_dirent_type(const char *path,
|
|
const struct dirent *de,
|
|
bool look_through_symlinks,
|
|
int elevel)
|
|
{
|
|
PGFileType result;
|
|
|
|
/*
|
|
* Some systems tell us the type directly in the dirent struct, but that's
|
|
* a BSD and Linux extension not required by POSIX. Even when the
|
|
* interface is present, sometimes the type is unknown, depending on the
|
|
* filesystem.
|
|
*/
|
|
#if defined(DT_REG) && defined(DT_DIR) && defined(DT_LNK)
|
|
if (de->d_type == DT_REG)
|
|
result = PGFILETYPE_REG;
|
|
else if (de->d_type == DT_DIR)
|
|
result = PGFILETYPE_DIR;
|
|
else if (de->d_type == DT_LNK && !look_through_symlinks)
|
|
result = PGFILETYPE_LNK;
|
|
else
|
|
result = PGFILETYPE_UNKNOWN;
|
|
#else
|
|
result = PGFILETYPE_UNKNOWN;
|
|
#endif
|
|
|
|
if (result == PGFILETYPE_UNKNOWN)
|
|
{
|
|
struct stat fst;
|
|
int sret;
|
|
|
|
|
|
if (look_through_symlinks)
|
|
sret = stat(path, &fst);
|
|
else
|
|
sret = lstat(path, &fst);
|
|
|
|
if (sret < 0)
|
|
{
|
|
result = PGFILETYPE_ERROR;
|
|
#ifdef FRONTEND
|
|
pg_log_generic(elevel, "could not stat file \"%s\": %m", path);
|
|
#else
|
|
ereport(elevel,
|
|
(errcode_for_file_access(),
|
|
errmsg("could not stat file \"%s\": %m", path)));
|
|
#endif
|
|
}
|
|
else if (S_ISREG(fst.st_mode))
|
|
result = PGFILETYPE_REG;
|
|
else if (S_ISDIR(fst.st_mode))
|
|
result = PGFILETYPE_DIR;
|
|
#ifdef S_ISLNK
|
|
else if (S_ISLNK(fst.st_mode))
|
|
result = PGFILETYPE_LNK;
|
|
#endif
|
|
}
|
|
|
|
return result;
|
|
}
|