Re: [PATCHES] fix for new SUSET GUC variables
Tom Lane wrote: > Aizaz Ahmed <[EMAIL PROTECTED]> writes: > > I believe when updating the GucContext enum, it is also necessary to > > update the GucContext_names [] in backend/utils/misc/help_config.c. > > The need to do this was supposed to be added as a comment to the guc.h > > file, right about where GucContext is defined, but it seems as if that > > part of the patch was not applied. > > I did not include that comment because it seemed misleading (that array > is far from the only place that has to be adjusted when adding a new > GucContext value) as well as distracting (GucContext_names is not > exactly the most important thing to know about when trying to understand > GucContext). Comment removed. -- Bruce Momjian| http://candle.pha.pa.us [EMAIL PROTECTED] | (610) 359-1001 + If your life is a hard drive, | 13 Roberts Road + Christ can be your backup.| Newtown Square, Pennsylvania 19073 ---(end of broadcast)--- TIP 8: explain analyze is your friend
Re: [PATCHES] fix for new SUSET GUC variables
Aizaz Ahmed <[EMAIL PROTECTED]> writes: > I believe when updating the GucContext enum, it is also necessary to > update the GucContext_names [] in backend/utils/misc/help_config.c. > The need to do this was supposed to be added as a comment to the guc.h > file, right about where GucContext is defined, but it seems as if that > part of the patch was not applied. I did not include that comment because it seemed misleading (that array is far from the only place that has to be adjusted when adding a new GucContext value) as well as distracting (GucContext_names is not exactly the most important thing to know about when trying to understand GucContext). We don't normally try to enumerate in comments all the places you'd need to change when adding to an enum or other widely-used definition. You're supposed to find them by searching the source code for references to the existing values. Depending on comments for that sort of thing is far too error-prone --- you can just about guarantee that the comment will fail to track new uses. The reason Bruce's patch broke the array is that he applied an old patch without sufficient checking on what had changed in the meantime. If the comment had been there, it would not have saved him from this error, since I doubt it would have occurred to him to look for such a comment. regards, tom lane ---(end of broadcast)--- TIP 6: Have you searched our list archives? http://archives.postgresql.org
Re: [PATCHES] fix for new SUSET GUC variables
Good catch. That help file didn't exist when I wrote the original
patch.
Both fixes you mentioned are attached and applied.
---
Aizaz Ahmed wrote:
> On Wed, 2003-07-09 at 02:50, Bruce Momjian wrote:
> > I have applied this patch, which I posted previously.
> >
> > It adds a new GUC context USERLIMIT which prevents certain options from
> > being turned off or increased, for security. This fixes problems with
> > making some options SUSET.
>
> > ***
> > *** 57,62
> > --- 60,66
> >PGC_SIGHUP,
> >PGC_BACKEND,
> >PGC_SUSET,
> >+ PGC_USERLIMIT,
> >PGC_USERSET
> > } GucContext;
>
>
> I believe when updating the GucContext enum, it is also necessary to
> update the GucContext_names [] in backend/utils/misc/help_config.c.
>
> The need to do this was supposed to be added as a comment to the guc.h
> file, right about where GucContext is defined, but it seems as if that
> part of the patch was not applied.
>
> >From the original patch "Patch for listing runtime option details
> through server executable (pg_guc)", dated "30 Jun 2003 16:43:13 -0400":
>
>
> Index: src/include/utils/guc.h
> ===
> RCS file: /projects/cvsroot/pgsql-server/src/include/utils/guc.h,v
> retrieving revision 1.32
> diff -c -p -r1.32 guc.h
> *** src/include/utils/guc.h 11 Jun 2003 18:01:14 - 1.32
> --- src/include/utils/guc.h 30 Jun 2003 19:18:44 -
> ***
> *** 50,55
> --- 50,60
>*
>* USERSET options can be set by anyone any time.
>*/
> +
> + /*
> + * When updating the GucContexts, please make sure to update the
> corresponding
> + * GucContext_names [] entries in pg_guc.c. The two must correspond
> + */
> typedef enum
> {
> PGC_INTERNAL,
>
>
> This patch was modified before being applied ... was there a reason that
> this part of the patch was not applied? One of the modifications made
> when applying the patch was to change the names of some of the files ...
> in the above excerpt pg_guc.c would have to change to help_config.c.
>
> Thanks,
> Aizaz
>
>
--
Bruce Momjian| http://candle.pha.pa.us
[EMAIL PROTECTED] | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup.| Newtown Square, Pennsylvania 19073
Index: src/backend/utils/misc/help_config.c
===
RCS file: /cvsroot/pgsql-server/src/backend/utils/misc/help_config.c,v
retrieving revision 1.1
diff -c -c -r1.1 help_config.c
*** src/backend/utils/misc/help_config.c4 Jul 2003 16:41:21 - 1.1
--- src/backend/utils/misc/help_config.c9 Jul 2003 17:56:29 -
***
*** 143,148
--- 143,149
"SIGHUP",
"BACKEND",
"SUSET",
+ "USERLIMIT",
"USERSET"
};
Index: src/include/utils/guc.h
===
RCS file: /cvsroot/pgsql-server/src/include/utils/guc.h,v
retrieving revision 1.33
diff -c -c -r1.33 guc.h
*** src/include/utils/guc.h 9 Jul 2003 06:47:34 - 1.33
--- src/include/utils/guc.h 9 Jul 2003 17:56:30 -
***
*** 52,57
--- 52,60
* non-super users.
*
* USERSET options can be set by anyone any time.
+ *
+ * When updating the GucContexts, please make sure to update the
+ * corresponding GucContext_names [] entries in pg_guc.c.
*/
typedef enum
{
---(end of broadcast)---
TIP 9: the planner will ignore your desire to choose an index scan if your
joining column's datatypes do not match
Re: [PATCHES] fix for new SUSET GUC variables
On Wed, 2003-07-09 at 02:50, Bruce Momjian wrote:
> I have applied this patch, which I posted previously.
>
> It adds a new GUC context USERLIMIT which prevents certain options from
> being turned off or increased, for security. This fixes problems with
> making some options SUSET.
> ***
> *** 57,62
> --- 60,66
>PGC_SIGHUP,
>PGC_BACKEND,
>PGC_SUSET,
>+ PGC_USERLIMIT,
>PGC_USERSET
> } GucContext;
I believe when updating the GucContext enum, it is also necessary to
update the GucContext_names [] in backend/utils/misc/help_config.c.
The need to do this was supposed to be added as a comment to the guc.h
file, right about where GucContext is defined, but it seems as if that
part of the patch was not applied.
>From the original patch "Patch for listing runtime option details
through server executable (pg_guc)", dated "30 Jun 2003 16:43:13 -0400":
Index: src/include/utils/guc.h
===
RCS file: /projects/cvsroot/pgsql-server/src/include/utils/guc.h,v
retrieving revision 1.32
diff -c -p -r1.32 guc.h
*** src/include/utils/guc.h 11 Jun 2003 18:01:14 - 1.32
--- src/include/utils/guc.h 30 Jun 2003 19:18:44 -
***
*** 50,55
--- 50,60
*
* USERSET options can be set by anyone any time.
*/
+
+ /*
+ * When updating the GucContexts, please make sure to update the
corresponding
+ * GucContext_names [] entries in pg_guc.c. The two must correspond
+ */
typedef enum
{
PGC_INTERNAL,
This patch was modified before being applied ... was there a reason that
this part of the patch was not applied? One of the modifications made
when applying the patch was to change the names of some of the files ...
in the above excerpt pg_guc.c would have to change to help_config.c.
Thanks,
Aizaz
---(end of broadcast)---
TIP 4: Don't 'kill -9' the postmaster
[PATCHES] fix for new SUSET GUC variables
I have applied this patch, which I posted previously.
It adds a new GUC context USERLIMIT which prevents certain options from
being turned off or increased, for security. This fixes problems with
making some options SUSET.
The first part of the patch is the doc part, the second remembers the
proper context for the postgres -d flag, and the bottom handles the new
USERLIMIT context.
--
Bruce Momjian| http://candle.pha.pa.us
[EMAIL PROTECTED] | (610) 359-1001
+ If your life is a hard drive, | 13 Roberts Road
+ Christ can be your backup.| Newtown Square, Pennsylvania 19073
Index: doc/src/sgml/runtime.sgml
===
RCS file: /cvsroot/pgsql-server/doc/src/sgml/runtime.sgml,v
retrieving revision 1.190
diff -c -c -r1.190 runtime.sgml
*** doc/src/sgml/runtime.sgml 4 Jul 2003 16:41:21 - 1.190
--- doc/src/sgml/runtime.sgml 9 Jul 2003 06:30:03 -
***
*** 1541,1546
--- 1541,1547
to the log. The default is NOTICE. Note that
LOG has a different rank here than in
CLIENT_MIN_MESSAGES.
+ Only superusers can increase this option.
***
*** 1576,1581
--- 1577,1583
SQL statements causing errors, fatal errors, or panics will be
logged. Enabling this option can be helpful in tracking down
the source of any errors that appear in the server log.
+ Only superusers can increase this option.
***
*** 1593,1598
--- 1595,1602
than 250ms will be logged. Enabling this
option can be useful in tracking down unoptimized queries in
your applications.
+ Only superusers can increase this option if it is set to
+ non-zero by the administrator.
***
*** 1743,1748
--- 1747,1754
To use this option, enable LOG_STATEMENT and
LOG_PID so you can link the statement to the
duration using the process ID.
+ Only superusers can turn off this option if it is enabled by
+ the administrator.
***
*** 1765,1770
--- 1771,1778
Causes each SQL statement to be logged.
+ Only superusers can turn off this option if it is enabled by
+ the administrator.
***
*** 1826,1831
--- 1834,1841
For each query, write performance statistics of the respective
module to the server log. This is a crude profiling
instrument.
+ Only superusers can turn off this option if it is enabled by
+ the administrator.
Index: src/backend/tcop/postgres.c
===
RCS file: /cvsroot/pgsql-server/src/backend/tcop/postgres.c,v
retrieving revision 1.349
diff -c -c -r1.349 postgres.c
*** src/backend/tcop/postgres.c 4 Jul 2003 16:41:21 - 1.349
--- src/backend/tcop/postgres.c 9 Jul 2003 06:30:08 -
***
*** 1943,1949
boolsecure;
int errs = 0;
int debug_flag = 0;
! GucContext ctx;
GucSource gucsource;
char *tmp;
int firstchar;
--- 1943,1949
boolsecure;
int errs = 0;
int debug_flag = 0;
! GucContext ctx, debug_context;
GucSource gucsource;
char *tmp;
int firstchar;
***
*** 2018,2024
/* all options are allowed until '-p' */
secure = true;
! ctx = PGC_POSTMASTER;
gucsource = PGC_S_ARGV; /* initial switches came from command line */
while ((flag = getopt(argc, argv, "A:B:c:CD:d:Eef:FiNOPo:p:S:st:v:W:x:-:")) !=
-1)
--- 2018,2024
/* all options are allowed until '-p' */
secure = true;
! ctx = debug_context = PGC_POSTMASTER;
gucsource = PGC_S_ARGV; /* initial switches came from command line */
while ((flag = getopt(argc, argv, "A:B:c:CD:d:Eef:FiNOPo:p:S:st:v:W:x:-:")) !=
-1)
***
*** 2055,2079
case 'd': /* debug level */
{
! debug_flag = atoi(optarg);
! /* Set server debugging level. */
! if (atoi(optarg) != 0)
{
! char *debugstr =
palloc(strlen("debug") + strlen(optarg) + 1);
!
!
