Postgres Pro
Downloads
Home   >   mailing lists

Re: Server-side base backup: why superuser, not pg_write_server_files? - Mailing list pgsql-hackers

From Dagfinn Ilmari Mannsåker
Subject Re: Server-side base backup: why superuser, not pg_write_server_files?
Date
Msg-id 87tudhz353.fsf@wibble.ilmari.org
Whole thread Raw
In response to Server-side base backup: why superuser, not pg_write_server_files?  (Dagfinn Ilmari Mannsåker <ilmari@ilmari.org>)
Responses Re: Server-side base backup: why superuser, not pg_write_server_files?  (Robert Haas <robertmhaas@gmail.com>)
Re: Server-side base backup: why superuser, not pg_write_server_files?  (Tom Lane <tgl@sss.pgh.pa.us>)
List pgsql-hackers
Tree view 
Robert Haas <robertmhaas@gmail.com> writes:

> On Fri, Jan 28, 2022 at 12:35 PM Dagfinn Ilmari Mannsåker
> <ilmari@ilmari.org> wrote:
>> On Fri, 28 Jan 2022, at 17:33, Robert Haas wrote:
>> > LGTM. Committed.
>>
>> Thanks!
>
> It appears that neither of us actually tested that this works.

Oops!

> For me, it works when I test as a superuser, but if I test as a
> non-superuser with or without pg_write_server_files, it crashes,
> because we end up trying to do syscache lookups without a transaction
> environment. I *think* that the attached is a sufficient fix; at
> least, it passes simple testing.

Here's a follow-on patch that adds a test for non-superuser server-side
basebackup, which crashes without your patch and passes with it.

- ilmari

From e88af403706338d068a7156d2a9c02e27196ce12 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dagfinn=20Ilmari=20Manns=C3=A5ker?= <ilmari@ilmari.org>
Date: Wed, 2 Feb 2022 15:40:55 +0000
Subject: [PATCH] Test server-side basebackup as non-superuser

---
 src/bin/pg_basebackup/t/010_pg_basebackup.pl | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/src/bin/pg_basebackup/t/010_pg_basebackup.pl b/src/bin/pg_basebackup/t/010_pg_basebackup.pl
index a827be5e59..2283a8c42d 100644
--- a/src/bin/pg_basebackup/t/010_pg_basebackup.pl
+++ b/src/bin/pg_basebackup/t/010_pg_basebackup.pl
@@ -10,7 +10,7 @@
 use Fcntl qw(:seek);
 use PostgreSQL::Test::Cluster;
 use PostgreSQL::Test::Utils;
-use Test::More tests => 143;
+use Test::More;
 
 program_help_ok('pg_basebackup');
 program_version_ok('pg_basebackup');
@@ -521,6 +521,15 @@
 ok(-f "$tempdir/backuponserver/base.tar", 'backup tar was created');
 rmtree("$tempdir/backuponserver");
 
+$node->command_ok(
+    [qw(createuser --replication --role=pg_write_server_files backupuser)],
+    'create backup user');
+$node->command_ok(
+    [ @pg_basebackup_defs, '-U', 'backupuser', '--target', "server:$real_tempdir/backuponserver", '-X', 'none' ],
+    'backup target server');
+ok(-f "$tempdir/backuponserver/base.tar", 'backup tar was created as non-superuser');
+rmtree("$tempdir/backuponserver");
+
 $node->command_fails(
     [
         @pg_basebackup_defs,         '-D',
@@ -768,3 +777,5 @@
     rmtree("$tempdir/backup_gzip2");
     rmtree("$tempdir/backup_gzip3");
 }
+
+done_testing();
-- 
2.30.2

pgsql-hackers by date:

Previous
From: Daniel Gustafsson
Date:
Subject: Re: Ensure that STDERR is empty during connect_ok
Next
From: Bharath Rupireddy
Date:
Subject: Re: pg_receivewal - couple of improvements