Re: [HACKERS] flock patch breaks things here - Mailing list pgsql-hackers
| From | Massimo Dal Zotto |
|---|---|
| Subject | Re: [HACKERS] flock patch breaks things here |
| Date | |
| Msg-id | 199808301621.SAA05993@boogie.cs.unitn.it Whole thread Raw |
| In response to | Re: [HACKERS] flock patch breaks things here (Tom Lane <tgl@sss.pgh.pa.us>) |
| Responses |
Re: [HACKERS] flock patch breaks things here
(Tom Lane <tgl@sss.pgh.pa.us>)
documentation changes (Bruce Momjian <maillist@candle.pha.pa.us>) |
| List | pgsql-hackers |
> > Bruce Momjian <maillist@candle.pha.pa.us> writes: > > Can't we just have configure check for flock(). Another idea is to > > create a 'pid' file in the pgsql/data/base directory, and do a kill -0 > > to see if it is stil running before removing the lock. > > The latter approach is what I was going to suggest. Writing a pid file > would be a fine idea anyway --- for one thing, it makes it a lot easier > to write a "kill the postmaster" script. Given that the postmaster > should write a pid file, a new postmaster should look for an existing > pid file, and try to do a kill(pid, 0) on the number contained therein. > If this doesn't return an error, then you figure there is already a > postmaster running, complain, and exit. Otherwise you figure you is it, > (re)write the pid file and away you go. Then pqcomm.c can just > unconditionally delete any old file that's in the way of making the > pipe. > > The pidfile checking and creation probably ought to go in postmaster.c, > not down inside pqcomm.c. I never liked the fact that a critical > interlock function was being done by a low-level library that one might > not even want to invoke (if all your clients are using TCP, opening up > the Unix-domain socket is a waste of time, no?). > > BTW, there is another problem with relying on flock on the socket file > for this purpose: it opens up a hole for a denial-of-service attack. > Anyone who can write the file can flock it. (We already had a problem > with DOS via creating a dummy file at /tmp/.s.PGSQL.5432, but it would > be harder to spot the culprit with an flock-based interference.) This came to my mind, but I didn't think this would have happened so quickly. In my opinion the socket and the pidfile should be created in a directory owned by postgres, for example /tmp/.Pgsql-unix, like does X. -- Massimo Dal Zotto +----------------------------------------------------------------------+ | Massimo Dal Zotto email: dz@cs.unitn.it | | Via Marconi, 141 phone: ++39-461-534251 | | 38057 Pergine Valsugana (TN) www: http://www.cs.unitn.it/~dz/ | | Italy pgp: finger dz@tango.cs.unitn.it | +----------------------------------------------------------------------+
pgsql-hackers by date: