pg_upgrade defaulting to port 25432 - Mailing list pgsql-hackers
| From | Bruce Momjian |
|---|---|
| Subject | pg_upgrade defaulting to port 25432 |
| Date | |
| Msg-id | 201106240139.p5O1d9910794@momjian.us Whole thread Raw |
| In response to | Re: pg_upgrade using appname to lock out other users (Tom Lane <tgl@sss.pgh.pa.us>) |
| Responses |
Re: pg_upgrade defaulting to port 25432
|
| List | pgsql-hackers |
Tom Lane wrote: > Christopher Browne <cbbrowne@gmail.com> writes: > > On Wed, Jun 15, 2011 at 5:35 PM, Bruce Momjian <bruce@momjian.us> wrote: > >> [ just recommend using a different port number during pg_upgrade ] > > > +1... That seems to have lots of nice properties. > > Yeah, that seems like an appropriate expenditure of effort. It's surely > not bulletproof, since someone could intentionally connect to the actual > port number, but getting to bulletproof is a lot more work than anyone > seems to want to do right now. (And, as Bruce pointed out, no complete > solution would be back-patchable anyway.) I have created the following patch which uses 25432 as the default port number for pg_upgrade. It also creates two new environment variables, OLDPGPORT and NEWPGPORT, to control the port values because we don't want to default to PGPORT anymore. This will allow most users to use pg_upgrade without needing to specify port parameters, and will prevent accidental connections. The user does have to specify the port number for live checks, but that was always the case because you have to use different port numbers for old/new in that case. I updated the error message to be clearer about this. The patch is small and might be possible for 9.1, except it changes user-visible behavior, which would suggest it should be in 9.2, plus it doesn't address a serious bug. Comments? I will batckpatch a doc recommendation to use 25432 as a port number for versions of pg_upgrade that don't get this patch. -- Bruce Momjian <bruce@momjian.us> http://momjian.us EnterpriseDB http://enterprisedb.com + It's impossible for everything to be true. + diff --git a/contrib/pg_upgrade/check.c b/contrib/pg_upgrade/check.c new file mode 100644 index 1ee2aca..323b5f1 *** a/contrib/pg_upgrade/check.c --- b/contrib/pg_upgrade/check.c *************** output_check_banner(bool *live_check) *** 30,37 **** { *live_check = true; if (old_cluster.port == new_cluster.port) ! pg_log(PG_FATAL, "When checking a live server, " ! "the old and new port numbers must be different.\n"); pg_log(PG_REPORT, "Performing Consistency Checks on Old Live Server\n"); pg_log(PG_REPORT, "------------------------------------------------\n"); } --- 30,37 ---- { *live_check = true; if (old_cluster.port == new_cluster.port) ! pg_log(PG_FATAL, "When checking a live old server, " ! "you must specify the old server's port number.\n"); pg_log(PG_REPORT, "Performing Consistency Checks on Old Live Server\n"); pg_log(PG_REPORT, "------------------------------------------------\n"); } diff --git a/contrib/pg_upgrade/option.c b/contrib/pg_upgrade/option.c new file mode 100644 index 4401a81..7fbfa8c *** a/contrib/pg_upgrade/option.c --- b/contrib/pg_upgrade/option.c *************** parseCommandLine(int argc, char *argv[]) *** 58,65 **** os_info.progname = get_progname(argv[0]); /* Process libpq env. variables; load values here for usage() output */ ! old_cluster.port = getenv("PGPORT") ? atoi(getenv("PGPORT")) : DEF_PGPORT; ! new_cluster.port = getenv("PGPORT") ? atoi(getenv("PGPORT")) : DEF_PGPORT; os_user_effective_id = get_user_info(&os_info.user); /* we override just the database user name; we got the OS id above */ --- 58,65 ---- os_info.progname = get_progname(argv[0]); /* Process libpq env. variables; load values here for usage() output */ ! old_cluster.port = getenv("OLDPGPORT") ? atoi(getenv("OLDPGPORT")) : DEF_PGUPORT; ! new_cluster.port = getenv("NEWPGPORT") ? atoi(getenv("NEWPGPORT")) : DEF_PGUPORT; os_user_effective_id = get_user_info(&os_info.user); /* we override just the database user name; we got the OS id above */ *************** Options:\n\ *** 231,238 **** -G, --debugfile=FILENAME output debugging activity to file\n\ -k, --link link instead of copying files to new cluster\n\ -l, --logfile=FILENAME log session activity to file\n\ ! -p, --old-port=OLDPORT old cluster port number (default %d)\n\ ! -P, --new-port=NEWPORT new cluster port number (default %d)\n\ -u, --user=NAME clusters superuser (default \"%s\")\n\ -v, --verbose enable verbose output\n\ -V, --version display version information, then exit\n\ --- 231,238 ---- -G, --debugfile=FILENAME output debugging activity to file\n\ -k, --link link instead of copying files to new cluster\n\ -l, --logfile=FILENAME log session activity to file\n\ ! -p, --old-port=OLDPGPORT old cluster port number (default %d)\n\ ! -P, --new-port=NEWPGPORT new cluster port number (default %d)\n\ -u, --user=NAME clusters superuser (default \"%s\")\n\ -v, --verbose enable verbose output\n\ -V, --version display version information, then exit\n\ diff --git a/contrib/pg_upgrade/pg_upgrade.h b/contrib/pg_upgrade/pg_upgrade.h new file mode 100644 index 613ddbd..ff52fc2 *** a/contrib/pg_upgrade/pg_upgrade.h --- b/contrib/pg_upgrade/pg_upgrade.h *************** *** 15,20 **** --- 15,26 ---- #include "libpq-fe.h" + /* + * Port 25432 is not known to be used by anyone. 2011-06-23 + * http://www.networksorcery.com/enp/protocol/ip/ports25000.htm + */ + #define DEF_PGUPORT 25432 + /* Allocate for null byte */ #define USER_NAME_SIZE 128 diff --git a/doc/src/sgml/pgupgrade.sgml b/doc/src/sgml/pgupgrade.sgml new file mode 100644 index b24c1e7..ae6469e *** a/doc/src/sgml/pgupgrade.sgml --- b/doc/src/sgml/pgupgrade.sgml *************** *** 118,131 **** <term><option>-p</option> <replaceable>old_port_number</></term> <term><option>--old-port=</option><replaceable>old_portnum</></term> <listitem><para>the old cluster port number; environment ! variable <envar>PGPORT</></para></listitem> </varlistentry> <varlistentry> <term><option>-P</option> <replaceable>new_port_number</></term> <term><option>--new-port=</option><replaceable>new_portnum</></term> <listitem><para>the new cluster port number; environment ! variable <envar>PGPORT</></para></listitem> </varlistentry> <varlistentry> --- 118,131 ---- <term><option>-p</option> <replaceable>old_port_number</></term> <term><option>--old-port=</option><replaceable>old_portnum</></term> <listitem><para>the old cluster port number; environment ! variable <envar>OLDPGPORT</></para></listitem> </varlistentry> <varlistentry> <term><option>-P</option> <replaceable>new_port_number</></term> <term><option>--new-port=</option><replaceable>new_portnum</></term> <listitem><para>the new cluster port number; environment ! variable <envar>NEWPGPORT</></para></listitem> </varlistentry> <varlistentry> *************** gmake prefix=/usr/local/pgsql.new instal *** 256,263 **** so you might want to set authentication to <literal>trust</> in <filename>pg_hba.conf</>, or if using <literal>md5</> authentication, use a <filename>~/.pgpass</> file (see <xref linkend="libpq-pgpass">) ! to avoid being prompted repeatedly for a password. Also make sure ! pg_upgrade is the only program that can connect to the clusters. </para> </step> --- 256,262 ---- so you might want to set authentication to <literal>trust</> in <filename>pg_hba.conf</>, or if using <literal>md5</> authentication, use a <filename>~/.pgpass</> file (see <xref linkend="libpq-pgpass">) ! to avoid being prompted repeatedly for a password. </para> </step> *************** NET STOP pgsql-8.3 (<productname>Postgr *** 303,311 **** copying), but you will not be able to access your old cluster once you start the new cluster after the upgrade. Link mode also requires that the old and new cluster data directories be in the ! same file system. See <literal>pg_upgrade --help</> for a full ! list of options. ! </para> <para> For Windows users, you must be logged into an administrative account, and --- 302,315 ---- copying), but you will not be able to access your old cluster once you start the new cluster after the upgrade. Link mode also requires that the old and new cluster data directories be in the ! same file system. ! </para> ! ! <para> ! <application>pg_upgrade</> defaults to running servers on port ! 25432 to avoid unintended client connections. See <literal>pg_upgrade ! --help</> for a full list of options. ! </para> <para> For Windows users, you must be logged into an administrative account, and
pgsql-hackers by date: