diff options
| author | Bruce Momjian | 2020-12-28 02:37:42 +0000 |
|---|---|---|
| committer | Bruce Momjian | 2020-12-28 02:37:42 +0000 |
| commit | 3187ef7c46c5b884267a88f2d6119c9a05f1bbba (patch) | |
| tree | 6ff5e31d8ffaaf806ee908fe2ef8733c7ba348ef /src/bin | |
| parent | facad31474ac6dace3894ebc7c45dc3cc829422e (diff) | |
Revert "Add key management system" (978f869b99) & later commits
The patch needs test cases, reorganization, and cfbot testing.
Technically reverts commits 5c31afc49d..e35b2bad1a (exclusive/inclusive)
and 08db7c63f3..ccbe34139b.
Reported-by: Tom Lane, Michael Paquier
Discussion: https://postgr.es/m/E1ktAAG-0002V2-VB@gemulon.postgresql.org
Diffstat (limited to 'src/bin')
| -rw-r--r-- | src/bin/Makefile | 1 | ||||
| -rw-r--r-- | src/bin/initdb/initdb.c | 118 | ||||
| -rw-r--r-- | src/bin/pg_alterckey/.gitignore | 1 | ||||
| -rw-r--r-- | src/bin/pg_alterckey/Makefile | 38 | ||||
| -rw-r--r-- | src/bin/pg_alterckey/pg_alterckey.c | 694 | ||||
| -rw-r--r-- | src/bin/pg_controldata/pg_controldata.c | 3 | ||||
| -rw-r--r-- | src/bin/pg_ctl/pg_ctl.c | 59 | ||||
| -rw-r--r-- | src/bin/pg_resetwal/pg_resetwal.c | 2 | ||||
| -rw-r--r-- | src/bin/pg_rewind/filemap.c | 8 | ||||
| -rw-r--r-- | src/bin/pg_upgrade/check.c | 34 | ||||
| -rw-r--r-- | src/bin/pg_upgrade/controldata.c | 42 | ||||
| -rw-r--r-- | src/bin/pg_upgrade/file.c | 2 | ||||
| -rw-r--r-- | src/bin/pg_upgrade/option.c | 7 | ||||
| -rw-r--r-- | src/bin/pg_upgrade/pg_upgrade.h | 3 | ||||
| -rw-r--r-- | src/bin/pg_upgrade/server.c | 5 |
15 files changed, 22 insertions, 995 deletions
diff --git a/src/bin/Makefile b/src/bin/Makefile index d3c9e075362..8b870357a14 100644 --- a/src/bin/Makefile +++ b/src/bin/Makefile @@ -16,7 +16,6 @@ include $(top_builddir)/src/Makefile.global SUBDIRS = \ initdb \ pg_archivecleanup \ - pg_alterckey \ pg_basebackup \ pg_checksums \ pg_config \ diff --git a/src/bin/initdb/initdb.c b/src/bin/initdb/initdb.c index 33a11e0d2bf..f994c4216bc 100644 --- a/src/bin/initdb/initdb.c +++ b/src/bin/initdb/initdb.c @@ -141,16 +141,11 @@ static bool debug = false; static bool noclean = false; static bool do_sync = true; static bool sync_only = false; -static bool pass_terminal_fd = false; -static char *term_fd_opt = NULL; -static int file_encryption_keylen = 0; static bool show_setting = false; static bool data_checksums = false; static char *xlog_dir = NULL; static char *str_wal_segment_size_mb = NULL; static int wal_segment_size_mb; -static char *cluster_key_cmd = NULL; -static char *old_key_datadir = NULL; /* internal vars */ @@ -208,7 +203,6 @@ static const char *const subdirs[] = { "global", "pg_wal/archive_status", "pg_commit_ts", - "pg_cryptokeys", "pg_dynshmem", "pg_notify", "pg_serial", @@ -960,13 +954,12 @@ test_config_settings(void) test_buffs = MIN_BUFS_FOR_CONNS(test_conns); snprintf(cmd, sizeof(cmd), - "\"%s\" --boot -x0 %s %s " + "\"%s\" --boot -x0 %s " "-c max_connections=%d " "-c shared_buffers=%d " "-c dynamic_shared_memory_type=%s " "< \"%s\" > \"%s\" 2>&1", backend_exec, boot_options, - term_fd_opt ? term_fd_opt : "", test_conns, test_buffs, dynamic_shared_memory_type, DEVNULL, DEVNULL); @@ -997,13 +990,12 @@ test_config_settings(void) } snprintf(cmd, sizeof(cmd), - "\"%s\" --boot -x0 %s %s " + "\"%s\" --boot -x0 %s " "-c max_connections=%d " "-c shared_buffers=%d " "-c dynamic_shared_memory_type=%s " "< \"%s\" > \"%s\" 2>&1", backend_exec, boot_options, - term_fd_opt ? term_fd_opt : "", n_connections, test_buffs, dynamic_shared_memory_type, DEVNULL, DEVNULL); @@ -1193,13 +1185,6 @@ setup_config(void) "password_encryption = md5"); } - if (cluster_key_cmd) - { - snprintf(repltok, sizeof(repltok), "cluster_key_command = '%s'", - escape_quotes(cluster_key_cmd)); - conflines = replace_token(conflines, "#cluster_key_command = ''", repltok); - } - /* * If group access has been enabled for the cluster then it makes sense to * ensure that the log files also allow group access. Otherwise a backup @@ -1409,22 +1394,13 @@ bootstrap_template1(void) /* Also ensure backend isn't confused by this environment var: */ unsetenv("PGCLIENTENCODING"); - if (file_encryption_keylen != 0) - sprintf(buf, "%d", file_encryption_keylen); - else - buf[0] = '\0'; - snprintf(cmd, sizeof(cmd), - "\"%s\" --boot -x1 -X %u %s %s %s %s %s %s %s %s", + "\"%s\" --boot -x1 -X %u %s %s %s", backend_exec, wal_segment_size_mb * (1024 * 1024), data_checksums ? "-k" : "", - cluster_key_cmd ? "-K" : "", buf, - old_key_datadir ? "-u" : "", - old_key_datadir ? old_key_datadir : "", boot_options, - debug ? "-d 5" : "", - term_fd_opt ? term_fd_opt : ""); + debug ? "-d 5" : ""); PG_CMD_OPEN; @@ -2305,29 +2281,21 @@ usage(const char *progname) " set default locale in the respective category for\n" " new databases (default taken from environment)\n")); printf(_(" --no-locale equivalent to --locale=C\n")); - printf(_(" --pwfile=FILE read the new superuser password from file\n")); + printf(_(" --pwfile=FILE read password for the new superuser from file\n")); printf(_(" -T, --text-search-config=CFG\n" " default text search configuration\n")); printf(_(" -U, --username=NAME database superuser name\n")); - printf(_(" -W, --pwprompt prompt for the new superuser password\n")); + printf(_(" -W, --pwprompt prompt for a password for the new superuser\n")); printf(_(" -X, --waldir=WALDIR location for the write-ahead log directory\n")); printf(_(" --wal-segsize=SIZE size of WAL segments, in megabytes\n")); printf(_("\nLess commonly used options:\n")); - printf(_(" -c --cluster-key-command=COMMAND\n" - " enable cluster file encryption and set command\n" - " to obtain the cluster key\n")); printf(_(" -d, --debug generate lots of debugging output\n")); printf(_(" -k, --data-checksums use data page checksums\n")); - printf(_(" -K, --file-encryption-keylen=LENGTH\n" - " bit length of the file encryption key\n")); printf(_(" -L DIRECTORY where to find the input files\n")); printf(_(" -n, --no-clean do not clean up after errors\n")); printf(_(" -N, --no-sync do not wait for changes to be written safely to disk\n")); - printf(_(" -R, --authprompt prompt for a passphrase or PIN\n")); printf(_(" -s, --show show internal settings\n")); printf(_(" -S, --sync-only only sync data directory\n")); - printf(_(" -u, --copy-encryption-keys=DATADIR\n" - " copy the file encryption key from another cluster\n")); printf(_("\nOther options:\n")); printf(_(" -V, --version output version information, then exit\n")); printf(_(" -?, --help show this help, then exit\n")); @@ -2892,23 +2860,6 @@ initialize_data_directory(void) /* Top level PG_VERSION is checked by bootstrapper, so make it first */ write_version_file(NULL); - if (pass_terminal_fd) - { -#ifndef WIN32 - int terminal_fd = open("/dev/tty", O_RDWR, 0); -#else - int terminal_fd = open("CONOUT$", O_RDWR, 0); -#endif - - if (terminal_fd < 0) - { - pg_log_error(_("%s: could not open terminal: %s\n"), - progname, strerror(errno)); - exit(1); - } - term_fd_opt = psprintf("-R %d", terminal_fd); - } - /* Select suitable configuration settings */ set_null_conf(); test_config_settings(); @@ -2932,9 +2883,8 @@ initialize_data_directory(void) fflush(stdout); snprintf(cmd, sizeof(cmd), - "\"%s\" %s %s template1 >%s", + "\"%s\" %s template1 >%s", backend_exec, backend_options, - term_fd_opt ? term_fd_opt : "", DEVNULL); PG_CMD_OPEN; @@ -3007,11 +2957,7 @@ main(int argc, char *argv[]) {"waldir", required_argument, NULL, 'X'}, {"wal-segsize", required_argument, NULL, 12}, {"data-checksums", no_argument, NULL, 'k'}, - {"authprompt", no_argument, NULL, 'R'}, - {"file-encryption-keylen", required_argument, NULL, 'K'}, {"allow-group-access", no_argument, NULL, 'g'}, - {"cluster-key-command", required_argument, NULL, 'c'}, - {"copy-encryption-keys", required_argument, NULL, 'u'}, {NULL, 0, NULL, 0} }; @@ -3053,7 +2999,7 @@ main(int argc, char *argv[]) /* process command-line options */ - while ((c = getopt_long(argc, argv, "A:c:dD:E:gkK:L:nNRsST:u:U:WX:", long_options, &option_index)) != -1) + while ((c = getopt_long(argc, argv, "A:dD:E:gkL:nNsST:U:WX:", long_options, &option_index)) != -1) { switch (c) { @@ -3099,12 +3045,6 @@ main(int argc, char *argv[]) case 'N': do_sync = false; break; - case 'R': - pass_terminal_fd = true; - break; - case 'K': - file_encryption_keylen = atoi(optarg); - break; case 'S': sync_only = true; break; @@ -3141,12 +3081,6 @@ main(int argc, char *argv[]) case 9: pwfilename = pg_strdup(optarg); break; - case 'c': - cluster_key_cmd = pg_strdup(optarg); - break; - case 'u': - old_key_datadir = pg_strdup(optarg); - break; case 's': show_setting = true; break; @@ -3217,37 +3151,6 @@ main(int argc, char *argv[]) exit(1); } -#ifndef USE_OPENSSL - if (cluster_key_cmd) - { - pg_log_error("cluster file encryption is not supported because OpenSSL is not supported by this build"); - exit(1); - } -#endif - - if (old_key_datadir != NULL && cluster_key_cmd == NULL) - { - pg_log_error("copying encryption keys requires the cluster key command to be specified"); - exit(1); - } - - if (file_encryption_keylen != 0 && cluster_key_cmd == NULL) - { - pg_log_error("a non-zero file encryption key length requires the cluster key command to be specified"); - exit(1); - } - - if (file_encryption_keylen != 0 && file_encryption_keylen != 128 && - file_encryption_keylen != 192 && file_encryption_keylen != 256) - { - pg_log_error("invalid file encrypt key length; supported values are 0 (disabled), 128, 192, and 256"); - exit(1); - } - - /* set the default */ - if (file_encryption_keylen == 0 && cluster_key_cmd != NULL) - file_encryption_keylen = 128; - check_authmethod_unspecified(&authmethodlocal); check_authmethod_unspecified(&authmethodhost); @@ -3315,11 +3218,6 @@ main(int argc, char *argv[]) else printf(_("Data page checksums are disabled.\n")); - if (cluster_key_cmd) - printf(_("Cluster file encryption is enabled.\n")); - else - printf(_("Cluster file encryption is disabled.\n")); - if (pwprompt || pwfilename) get_su_pwd(); diff --git a/src/bin/pg_alterckey/.gitignore b/src/bin/pg_alterckey/.gitignore deleted file mode 100644 index 4c4f39f2ccc..00000000000 --- a/src/bin/pg_alterckey/.gitignore +++ /dev/null @@ -1 +0,0 @@ -/pg_alterckey diff --git a/src/bin/pg_alterckey/Makefile b/src/bin/pg_alterckey/Makefile deleted file mode 100644 index 7c465b4e290..00000000000 --- a/src/bin/pg_alterckey/Makefile +++ /dev/null @@ -1,38 +0,0 @@ -#------------------------------------------------------------------------- -# -# Makefile for src/bin/pg_alterckey -# -# Copyright (c) 1998-2020, PostgreSQL Global Development Group -# -# src/bin/pg_alterckey/Makefile -# -#------------------------------------------------------------------------- - -PGFILEDESC = "pg_alterckey - alter the cluster key" -PGAPPICON=win32 - -subdir = src/bin/pg_alterckey -top_builddir = ../../.. -include $(top_builddir)/src/Makefile.global - -OBJS = \ - $(WIN32RES) \ - pg_alterckey.o - -all: pg_alterckey - -pg_alterckey: $(OBJS) | submake-libpgport - $(CC) $(CFLAGS) $^ $(LDFLAGS) $(LDFLAGS_EX) $(LIBS) -o $@$(X) - -install: all installdirs - $(INSTALL_PROGRAM) pg_alterckey$(X) '$(DESTDIR)$(bindir)/pg_alterckey$(X)' - -installdirs: - $(MKDIR_P) '$(DESTDIR)$(bindir)' - -uninstall: - rm -f '$(DESTDIR)$(bindir)/pg_alterckey$(X)' - -clean distclean maintainer-clean: - rm -f pg_alterckey$(X) $(OBJS) - rm -rf tmp_check diff --git a/src/bin/pg_alterckey/pg_alterckey.c b/src/bin/pg_alterckey/pg_alterckey.c deleted file mode 100644 index 6c473e33970..00000000000 --- a/src/bin/pg_alterckey/pg_alterckey.c +++ /dev/null @@ -1,694 +0,0 @@ -/*------------------------------------------------------------------------- - * - * pg_alterckey.c - * A utility to change the cluster key (key encryption key, KEK) - * used for cluster file encryption. - * - * The theory of operation is fairly simple: - * 1. Create lock file - * 2. Retrieve current and new cluster key using the supplied - * commands. - * 3. Revert any failed alter operation. - * 4. Create a temporary directory in PGDATA - * 5. For each data encryption key in the pg_cryptokeys directory, - * decrypt it with the old cluster key and re-encrypt it - * with the new cluster key. - * 6. Make the temporary directory the new pg_cryptokeys directory. - * 7. Remove lock file - * - * - * Portions Copyright (c) 1996-2020, PostgreSQL Global Development Group - * Portions Copyright (c) 1994, Regents of the University of California - * - * src/bin/pg_alterckey/pg_alterckey.c - * - *------------------------------------------------------------------------- - */ - - -#define FRONTEND 1 - -#include "postgres_fe.h" - -#include <signal.h> -#include <unistd.h> -#include <sys/stat.h> - -#include "common/file_perm.h" -#include "common/file_utils.h" -#include "common/hex_decode.h" -#include "common/restricted_token.h" -#include "crypto/kmgr.h" -#include "common/logging.h" -#include "getopt_long.h" -#include "pg_getopt.h" - -typedef enum { - SUCCESS_EXIT = 0, - ERROR_EXIT, - RMDIR_EXIT, - REPAIR_EXIT -} exit_action; - -static int lock_fd = -1; -static bool pass_terminal_fd = false; -int terminal_fd = -1; -static bool repair_mode = false; -static char *old_cluster_key_cmd = NULL, - *new_cluster_key_cmd = NULL; -static char old_cluster_key[KMGR_CLUSTER_KEY_LEN], - new_cluster_key[KMGR_CLUSTER_KEY_LEN]; -static CryptoKey in_key, data_key, out_key; -static char top_path[MAXPGPATH], pid_path[MAXPGPATH], live_path[MAXPGPATH], - new_path[MAXPGPATH], old_path[MAXPGPATH]; - -static char *DataDir = NULL; -static const char *progname; - -static void create_lockfile(void); -static void recover_failure(void); -static void retrieve_cluster_keys(void); -static void bzero_keys_and_exit(exit_action action); -static void reencrypt_data_keys(void); -static void install_new_keys(void); - -static void -usage(const char *progname) -{ - printf(_("%s changes the cluster key of a PostgreSQL database cluster.\n\n"), progname); - printf(_("Usage:\n")); - printf(_(" %s [OPTION] old_cluster_key_command new_cluster_key_command [DATADIR]\n"), progname); - printf(_(" %s [repair_option] [DATADIR]\n"), progname); - printf(_("\nOptions:\n")); - printf(_(" -R, --authprompt prompt for a passphrase or PIN\n")); - printf(_(" [-D, --pgdata=]DATADIR data directory\n")); - printf(_(" -V, --version output version information, then exit\n")); - printf(_(" -?, --help show this help, then exit\n")); - printf(_("\nRepair options:\n")); - printf(_(" -r, --repair repair previous failure\n")); - printf(_("\nIf no data directory (DATADIR) is specified, " - "the environment variable PGDATA\nis used.\n\n")); - printf(_("Report bugs to <%s>.\n"), PACKAGE_BUGREPORT); - printf(_("%s home page: <%s>\n"), PACKAGE_NAME, PACKAGE_URL); -} - - -int -main(int argc, char *argv[]) -{ - static struct option long_options1[] = { - {"authprompt", required_argument, NULL, 'R'}, - {"repair", required_argument, NULL, 'r'}, - {NULL, 0, NULL, 0} - }; - - static struct option long_options2[] = { - {"pgdata", required_argument, NULL, 'D'}, - {NULL, 0, NULL, 0} - }; - - int c; - - pg_logging_init(argv[0]); - set_pglocale_pgservice(argv[0], PG_TEXTDOMAIN("pg_alterckey")); - progname = get_progname(argv[0]); - - if (argc > 1) - { - if (strcmp(argv[1], "--help") == 0 || strcmp(argv[1], "-?") == 0) - { - usage(progname); - exit(0); - } - if (strcmp(argv[1], "--version") == 0 || strcmp(argv[1], "-V") == 0) - { - puts("pg_alterckey (PostgreSQL) " PG_VERSION); - exit(0); - } - } - - /* check for -r/-R */ - while ((c = getopt_long(argc, argv, "rR", long_options1, NULL)) != -1) - { - switch (c) - { - case 'r': - repair_mode = true; - break; - - case 'R': - pass_terminal_fd = true; - break; - - default: - fprintf(stderr, _("Try \"%s --help\" for more information.\n"), progname); - exit(1); - } - } - - if (!repair_mode) - { - /* get cluster key commands */ - if (optind < argc) - old_cluster_key_cmd = argv[optind++]; - else - { - pg_log_error("missing old_cluster_key_command"); - fprintf(stderr, _("Try \"%s --help\" for more information.\n"), - progname); - exit(1); - } - - if (optind < argc) - new_cluster_key_cmd = argv[optind++]; - else - { - pg_log_error("missing new_cluster_key_command"); - fprintf(stderr, _("Try \"%s --help\" for more information.\n"), - progname); - exit(1); - } - } - - /* check for datadir */ - argc -= optind; - argv += optind; - - while ((c = getopt_long(argc, argv, "D:", long_options2, NULL)) != -1) - { - switch (c) - { - case 'D': - DataDir = optarg; - break; - - default: - fprintf(stderr, _("Try \"%s --help\" for more information.\n"), progname); - exit(1); - } - } - - if (DataDir == NULL) - { - if (optind < argc) - DataDir = argv[optind++]; - else - DataDir = getenv("PGDATA"); - } - - /* - * Disallow running as root because we create directories in PGDATA - */ -#ifndef WIN32 - if (geteuid() == 0) - { - pg_log_error("%s: cannot be run as root\n" - "Please log in (using, e.g., \"su\") as the " - "(unprivileged) user that will\n" - "own the server process.\n", - progname); - exit(1); - } -#endif - - get_restricted_token(); - - /* Set mask based on PGDATA permissions */ - if (!GetDataDirectoryCreatePerm(DataDir)) - { - pg_log_error("could not read permissions of directory \"%s\": %m", - DataDir); - exit(1); - } - - umask(pg_mode_mask); - - snprintf(top_path, sizeof(top_path), "%s/%s", DataDir, KMGR_DIR); - snprintf(pid_path, sizeof(pid_path), "%s/%s", DataDir, KMGR_DIR_PID); - snprintf(live_path, sizeof(live_path), "%s/%s", DataDir, LIVE_KMGR_DIR); - snprintf(new_path, sizeof(new_path), "%s/%s", DataDir, NEW_KMGR_DIR); - snprintf(old_path, sizeof(old_path), "%s/%s", DataDir, OLD_KMGR_DIR); - - /* Complain if any arguments remain */ - if (optind < argc) - { - pg_log_error("too many command-line arguments (first is \"%s\")", - argv[optind]); - fprintf(stderr, _("Try \"%s --help\" for more information.\n"), - progname); - exit(1); - } - - if (DataDir == NULL) - { - pg_log_error("no data directory specified"); - fprintf(stderr, _("Try \"%s --help\" for more information.\n"), progname); - exit(1); - } - - create_lockfile(); - - recover_failure(); - - if (!repair_mode) - { - retrieve_cluster_keys(); - reencrypt_data_keys(); - install_new_keys(); - } - -#ifndef WIN32 - /* remove file system reference to file */ - if (unlink(pid_path) < 0) - { - pg_log_error("could not delete lock file \"%s\": %m", KMGR_DIR_PID); - exit(1); - } -#endif - - close (lock_fd); - - bzero_keys_and_exit(SUCCESS_EXIT); -} - -/* This prevents almost all cases of concurrent access */ -void -create_lockfile(void) -{ - struct stat buffer; - char lock_pid_str[20]; - - if (stat(top_path, &buffer) != 0 || !S_ISDIR(buffer.st_mode)) - { - pg_log_error("cluster file encryption directory \"%s\" is missing; is it enabled?", KMGR_DIR_PID); - fprintf(stderr, _("Exiting with no changes made.\n")); - exit(1); - } - - /* Does a lockfile exist? */ - if ((lock_fd = open(pid_path, O_RDONLY, 0)) != -1) - { - int lock_pid; - int len; - - /* read the PID */ - if ((len = read(lock_fd, lock_pid_str, sizeof(lock_pid_str) - 1)) == 0) - { - pg_log_error("cannot read pid from lock file \"%s\": %m", KMGR_DIR_PID); - fprintf(stderr, _("Exiting with no changes made.\n")); - exit(1); - } - lock_pid_str[len] = '\0'; - - if ((lock_pid = atoi(lock_pid_str)) == 0) - { - pg_log_error("invalid pid in lock file \"%s\": %m", KMGR_DIR_PID); - fprintf(stderr, _("Exiting with no changes made.\n")); - exit(1); - } - - /* Is the PID running? */ - if (kill(lock_pid, 0) == 0) - { - pg_log_error("active process %d currently holds a lock on this operation, recorded in \"%s\"", - lock_pid, KMGR_DIR_PID); - fprintf(stderr, _("Exiting with no changes made.\n")); - exit(1); - } - - close(lock_fd); - - if (repair_mode) - printf("old lock file removed\n"); - - /* - * pid is no longer running, so remove the lock file. - * This is not 100% safe from concurrent access, e.g.: - * - * process 1 exits and leaves stale lock file - * process 2 checks stale lock file of process 1 - * process 3 checks stale lock file of process 1 - * process 2 remove the lock file of process 1 - * process 4 creates a lock file - * process 3 remove the lock file of process 4 - * process 5 creates a lock file - * - * The sleep(2) helps with this since it reduces the likelihood - * a process that did an unlock will interfere with another unlock - * process. We could ask users to remove the lock, but that seems - * even more error-prone, especially since this might happen - * on server start. Many PG tools seem to have problems with - * concurrent access. - */ - unlink(pid_path); - - /* Sleep to reduce the likelihood of concurrent unlink */ - pg_usleep(2000000L); /* 2 seconds */ - } - - /* Create our own lockfile? */ -#ifndef WIN32 - lock_fd = open(pid_path, O_RDWR | O_CREAT | O_EXCL, pg_file_create_mode); -#else - /* delete on close */ - lock_fd = open(pid_path, O_RDWR | O_CREAT | O_EXCL | O_TEMPORARY, - pg_file_create_mode); -#endif - - if (lock_fd == -1) - { - if (errno == EEXIST) - pg_log_error("an active process currently holds a lock on this operation, recorded in \"%s\"", - KMGR_DIR_PID); - else - pg_log_error("unable to create lock file \"%s\": %m", KMGR_DIR_PID); - fprintf(stderr, _("Exiting with no changes made.\n")); - exit(1); - } - - snprintf(lock_pid_str, sizeof(lock_pid_str), "%d\n", getpid()); - if (write(lock_fd, lock_pid_str, strlen(lock_pid_str)) != strlen(lock_pid_str)) - { - pg_log_error("could not write pid to lock file \"%s\": %m", KMGR_DIR_PID); - fprintf(stderr, _("Exiting with no changes made.\n")); - exit(1); - } -} - -/* - * recover_failure - * - * A previous pg_alterckey might have failed, so it might need recovery. - * The normal operation is: - * 1. reencrypt LIVE_KMGR_DIR -> NEW_KMGR_DIR - * 2. rename KMGR_DIR -> OLD_KMGR_DIR - * 3. rename NEW_KMGR_DIR -> LIVE_KMGR_DIR - * remove OLD_KMGR_DIR - * - * There are eight possible directory configurations: - * - * LIVE_KMGR_DIR NEW_KMGR_DIR OLD_KMGR_DIR - * - * Normal: - * 0. normal X - * 1. remove new X X - * 2. install new X X - * 3. remove old X X - * - * Abnormal: - * fatal - * restore old X - * install new X - * remove old and new X X X - * - * We don't handle the abnormal cases, just report an error. - */ -static void -recover_failure(void) -{ - struct stat buffer; - bool is_live, is_new, is_old; - - is_live = !stat(live_path, &buffer); - is_new = !stat(new_path, &buffer); - is_old = !stat(old_path, &buffer); - - /* normal #0 */ - if (is_live && !is_new && !is_old) - { - if (repair_mode) - printf("repair unnecessary\n"); - return; - } - /* remove new #1 */ - else if (is_live && is_new && !is_old) - { - if (!rmtree(new_path, true)) - { - pg_log_error("unable to remove new directory \"%s\": %m", NEW_KMGR_DIR); - fprintf(stderr, _("Exiting with no changes made.\n")); - exit(1); - } - printf(_("removed files created during previously aborted alter operation\n")); - return; - } - /* install new #2 */ - else if (!is_live && is_new && is_old) - { - if (rename(new_path, live_path) != 0) - { - pg_log_error("unable to rename directory \"%s\" to \"%s\": %m", - NEW_KMGR_DIR, LIVE_KMGR_DIR); - fprintf(stderr, _("Exiting with no changes made.\n")); - exit(1); - } - printf(_("Installed new cluster password supplied in previous alter operation\n")); - return; - } - /* remove old #3 */ - else if (is_live && !is_new && is_old) - { - if (!rmtree(old_path, true)) - { - pg_log_error("unable to remove old directory \"%s\": %m", OLD_KMGR_DIR); - fprintf(stderr, _("Exiting with no changes made.\n")); - exit(1); - } - printf(_("Removed old files invalidated during previous alter operation\n")); - return; - } - else - { - pg_log_error("cluster file encryption directory \"%s\" is in an abnormal state and cannot be processed", - KMGR_DIR); - fprintf(stderr, _("Exiting with no changes made.\n")); - exit(1); - } -} - -/* Retrieve old and new cluster keys */ -void -retrieve_cluster_keys() -{ - int cluster_key_len; - char cluster_key_hex[ALLOC_KMGR_CLUSTER_KEY_LEN]; - - /* - * If we have been asked to pass an open file descriptor to the user - * terminal to the commands, set one up. - */ - if (pass_terminal_fd) - { -#ifndef WIN32 - terminal_fd = open("/dev/tty", O_RDWR, 0); -#else - terminal_fd = open("CONOUT$", O_RDWR, 0); -#endif - if (terminal_fd < 0) - { - pg_log_error(_("%s: could not open terminal: %s\n"), - progname, strerror(errno)); - exit(1); - } - } - - /* Get old key encryption key from the cluster key command */ - cluster_key_len = kmgr_run_cluster_key_command(old_cluster_key_cmd, - (char *) cluster_key_hex, - ALLOC_KMGR_CLUSTER_KEY_LEN, - live_path); - if (hex_decode(cluster_key_hex, cluster_key_len, (char *) old_cluster_key) != - KMGR_CLUSTER_KEY_LEN) - { - pg_log_error("cluster key must be at %d hex bytes", KMGR_CLUSTER_KEY_LEN); - bzero_keys_and_exit(ERROR_EXIT); - } - - /* - * Create new key directory here in case the new cluster key command needs it - * to exist. - */ - if (mkdir(new_path, pg_dir_create_mode) != 0) - { - pg_log_error("unable to create new cluster key directory \"%s\": %m", NEW_KMGR_DIR); - bzero_keys_and_exit(ERROR_EXIT); - } - - /* Get new key */ - cluster_key_len = kmgr_run_cluster_key_command(new_cluster_key_cmd, - (char *) cluster_key_hex, - ALLOC_KMGR_CLUSTER_KEY_LEN, - live_path); - if (hex_decode(cluster_key_hex, cluster_key_len, (char *) new_cluster_key) != - KMGR_CLUSTER_KEY_LEN) - { - pg_log_error("cluster key must be at %d hex bytes", KMGR_CLUSTER_KEY_LEN); - bzero_keys_and_exit(ERROR_EXIT); - } - - if (pass_terminal_fd) - close(terminal_fd); - - /* output newline */ - puts(""); - - if (strcmp(old_cluster_key, new_cluster_key) == 0) - { - pg_log_error("cluster keys are identical, exiting\n"); - bzero_keys_and_exit(RMDIR_EXIT); - } - -} - -/* Decrypt old keys encrypted with old pass phrase and reencrypt with new one */ -void -reencrypt_data_keys(void) -{ - DIR *dir; - struct dirent *de; - PgCipherCtx *old_ctx, *new_ctx; - - if ((dir = opendir(live_path)) == NULL) - { - pg_log_error("unable to open live cluster key directory \"%s\": %m", LIVE_KMGR_DIR); - bzero_keys_and_exit(RMDIR_EXIT); - } - - old_ctx = pg_cipher_ctx_create(PG_CIPHER_AES_GCM, - (unsigned char *)old_cluster_key, - KMGR_CLUSTER_KEY_LEN, true); - if (!old_ctx) - pg_log_error("could not initialize encryption context"); - - new_ctx = pg_cipher_ctx_create(PG_CIPHER_AES_GCM, - (unsigned char *)new_cluster_key, - KMGR_CLUSTER_KEY_LEN, true); - if (!new_ctx) - pg_log_error("could not initialize encryption context"); - - while ((de = readdir(dir)) != NULL) - { - /* - * We copy only the numeric files/keys, since there might be encrypted - * cluster key files in the old directory that only match the old key. - */ - if (strspn(de->d_name, "0123456789") == strlen(de->d_name)) - { - char src_path[MAXPGPATH], dst_path[MAXPGPATH]; - int src_fd, dst_fd; - int len; - uint32 id = strtoul(de->d_name, NULL, 10); - - CryptoKeyFilePath(src_path, live_path, id); - CryptoKeyFilePath(dst_path, new_path, id); - - if ((src_fd = open(src_path, O_RDONLY | PG_BINARY, 0)) < 0) - { - pg_log_error("could not open file \"%s\": %m", src_path); - bzero_keys_and_exit(RMDIR_EXIT); - } - - if ((dst_fd = open(dst_path, O_RDWR | O_CREAT | O_TRUNC | PG_BINARY, - pg_file_create_mode)) < 0) - { - pg_log_error("could not open file \"%s\": %m", dst_path); - bzero_keys_and_exit(RMDIR_EXIT); - } - - /* Read the source key */ - len = read(src_fd, &in_key, sizeof(CryptoKey)); - if (len != sizeof(CryptoKey)) - { - if (len < 0) - pg_log_error("could read file \"%s\": %m", src_path); - else - pg_log_error("could read file \"%s\": read %d of %zu", - src_path, len, sizeof(CryptoKey)); - bzero_keys_and_exit(RMDIR_EXIT); - } - - /* decrypt with old key */ - if (!kmgr_unwrap_key(old_ctx, &in_key, &data_key)) - { - pg_log_error("incorrect old key specified"); - bzero_keys_and_exit(RMDIR_EXIT); - } - - /* encrypt with new key */ - if (!kmgr_wrap_key(new_ctx, &data_key, &out_key)) - { - pg_log_error("could not encrypt new key"); - bzero_keys_and_exit(RMDIR_EXIT); - } - - /* Write to the dest key */ - len = write(dst_fd, &out_key, sizeof(CryptoKey)); - if (len != sizeof(CryptoKey)) - { - pg_log_error("could not write fie \"%s\"", dst_path); - bzero_keys_and_exit(RMDIR_EXIT); - } - - close(src_fd); - close(dst_fd); - } - } - - /* The cluster key is correct, free the cipher context */ - pg_cipher_ctx_free(old_ctx); - pg_cipher_ctx_free(new_ctx); - - closedir(dir); -} - -void -install_new_keys(void) -{ - /* add fsyncs? XXX */ - if (rename(live_path, old_path) != 0) - { - pg_log_error("unable to rename directory \"%s\" to \"%s\": %m", - LIVE_KMGR_DIR, OLD_KMGR_DIR); - bzero_keys_and_exit(RMDIR_EXIT); - } - - if (rename(new_path, live_path) != 0) - { - pg_log_error("unable to rename directory \"%s\" to \"%s\": %m", - NEW_KMGR_DIR, LIVE_KMGR_DIR); - bzero_keys_and_exit(REPAIR_EXIT); - } - - if (!rmtree(old_path, true)) - { - pg_log_error("unable to remove old directory \"%s\": %m", OLD_KMGR_DIR); - bzero_keys_and_exit(REPAIR_EXIT); - } -} - -void -bzero_keys_and_exit(exit_action action) -{ - explicit_bzero(old_cluster_key, sizeof(old_cluster_key)); - explicit_bzero(new_cluster_key, sizeof(new_cluster_key)); - - explicit_bzero(&in_key, sizeof(in_key)); - explicit_bzero(&data_key, sizeof(data_key)); - explicit_bzero(&out_key, sizeof(out_key)); - - if (action == RMDIR_EXIT) - { - if (!rmtree(new_path, true)) - pg_log_error("unable to remove new directory \"%s\": %m", NEW_KMGR_DIR); - printf("Re-running pg_alterckey to repair might be needed before the next server start\n"); - exit(1); - } - else if (action == REPAIR_EXIT) - { - unlink(pid_path); - printf("Re-running pg_alterckey to repair might be needed before the next server start\n"); - } - - /* return 0 or 1 */ - exit(action != SUCCESS_EXIT); -} diff --git a/src/bin/pg_controldata/pg_controldata.c b/src/bin/pg_controldata/pg_controldata.c index c3b38b7c51c..3e00ac0f701 100644 --- a/src/bin/pg_controldata/pg_controldata.c +++ b/src/bin/pg_controldata/pg_controldata.c @@ -25,7 +25,6 @@ #include "access/xlog_internal.h" #include "catalog/pg_control.h" #include "common/controldata_utils.h" -#include "common/kmgr_utils.h" #include "common/logging.h" #include "getopt_long.h" #include "pg_getopt.h" @@ -335,7 +334,5 @@ main(int argc, char *argv[]) ControlFile->data_checksum_version); printf(_("Mock authentication nonce: %s\n"), mock_auth_nonce_str); - printf(_("File encryption key length: %d\n"), - ControlFile->file_encryption_keylen); return 0; } diff --git a/src/bin/pg_ctl/pg_ctl.c b/src/bin/pg_ctl/pg_ctl.c index 5fa1f72ae18..fc07f1aba6e 100644 --- a/src/bin/pg_ctl/pg_ctl.c +++ b/src/bin/pg_ctl/pg_ctl.c @@ -79,7 +79,6 @@ typedef enum static bool do_wait = true; static int wait_seconds = DEFAULT_WAIT; static bool wait_seconds_arg = false; -static bool pass_terminal_fd = false; static bool silent_mode = false; static ShutdownMode shutdown_mode = FAST_MODE; static int sig = SIGINT; /* default */ @@ -443,7 +442,7 @@ free_readfile(char **optlines) static pgpid_t start_postmaster(void) { - char cmd[MAXPGPATH], *term_fd_opt = NULL; + char cmd[MAXPGPATH]; #ifndef WIN32 pgpid_t pm_pid; @@ -468,19 +467,6 @@ start_postmaster(void) /* fork succeeded, in child */ - if (pass_terminal_fd) - { - int terminal_fd = open("/dev/tty", O_RDWR, 0); - - if (terminal_fd < 0) - { - write_stderr(_("%s: could not open terminal: %s\n"), - progname, strerror(errno)); - exit(1); - } - term_fd_opt = psprintf(" -R %d", terminal_fd); - } - /* * If possible, detach the postmaster process from the launching process * group and make it a group leader, so that it doesn't get signaled along @@ -501,14 +487,12 @@ start_postmaster(void) * has the same PID as the current child process. */ if (log_file != NULL) - snprintf(cmd, MAXPGPATH, "exec \"%s\" %s%s%s < \"%s\" >> \"%s\" 2>&1", + snprintf(cmd, MAXPGPATH, "exec \"%s\" %s%s < \"%s\" >> \"%s\" 2>&1", exec_path, pgdata_opt, post_opts, - term_fd_opt ? term_fd_opt : "", DEVNULL, log_file); else - snprintf(cmd, MAXPGPATH, "exec \"%s\" %s%s%s < \"%s\" 2>&1", - exec_path, pgdata_opt, post_opts, - term_fd_opt ? term_fd_opt : "", DEVNULL); + snprintf(cmd, MAXPGPATH, "exec \"%s\" %s%s < \"%s\" 2>&1", + exec_path, pgdata_opt, post_opts, DEVNULL); (void) execl("/bin/sh", "/bin/sh", "-c", cmd, (char *) NULL); @@ -529,21 +513,6 @@ start_postmaster(void) PROCESS_INFORMATION pi; const char *comspec; - if (pass_terminal_fd) - { - /* Hopefully we can read and write CONOUT, see simple_prompt() XXX */ - /* Do CreateRestrictedProcess() children even inherit open file descriptors? XXX */ - int terminal_fd = open("CONOUT$", O_RDWR, 0); - - if (terminal_fd < 0) - { - write_stderr(_("%s: could not open terminal: %s\n"), - progname, strerror(errno)); - exit(1); - } - term_fd_opt = psprintf(" -R %d", terminal_fd); - } - /* Find CMD.EXE location using COMSPEC, if it's set */ comspec = getenv("COMSPEC"); if (comspec == NULL) @@ -584,14 +553,12 @@ start_postmaster(void) else close(fd); - snprintf(cmd, MAXPGPATH, "\"%s\" /C \"\"%s\" %s%s%s < \"%s\" >> \"%s\" 2>&1\"", - comspec, exec_path, pgdata_opt, post_opts, - term_fd_opt ? term_fd_opt : "", DEVNULL, log_file); + snprintf(cmd, MAXPGPATH, "\"%s\" /C \"\"%s\" %s%s < \"%s\" >> \"%s\" 2>&1\"", + comspec, exec_path, pgdata_opt, post_opts, DEVNULL, log_file); } else - snprintf(cmd, MAXPGPATH, "\"%s\" /C \"\"%s\" %s%s%s < \"%s\" 2>&1\"", - comspec, exec_path, pgdata_opt, post_opts, - term_fd_opt ? term_fd_opt : "", DEVNULL); + snprintf(cmd, MAXPGPATH, "\"%s\" /C \"\"%s\" %s%s < \"%s\" 2>&1\"", + comspec, exec_path, pgdata_opt, post_opts, DEVNULL); if (!CreateRestrictedProcess(cmd, &pi, false)) { @@ -722,8 +689,7 @@ wait_for_postmaster(pgpid_t pm_pid, bool do_checkpoint) } else #endif - if (!pass_terminal_fd) - print_msg("."); + print_msg("."); } pg_usleep(USEC_PER_SEC / WAITS_PER_SEC); @@ -2100,7 +2066,6 @@ do_help(void) printf(_(" -o, --options=OPTIONS command line options to pass to postgres\n" " (PostgreSQL server executable) or initdb\n")); printf(_(" -p PATH-TO-POSTGRES normally not necessary\n")); - printf(_(" -R, --authprompt prompt for a paasphrase or PIN\n")); printf(_("\nOptions for stop or restart:\n")); printf(_(" -m, --mode=MODE MODE can be \"smart\", \"fast\", or \"immediate\"\n")); @@ -2295,7 +2260,6 @@ main(int argc, char **argv) {"mode", required_argument, NULL, 'm'}, {"pgdata", required_argument, NULL, 'D'}, {"options", required_argument, NULL, 'o'}, - {"authprompt", no_argument, NULL, 'R'}, {"silent", no_argument, NULL, 's'}, {"timeout", required_argument, NULL, 't'}, {"core-files", no_argument, NULL, 'c'}, @@ -2368,7 +2332,7 @@ main(int argc, char **argv) /* process command-line options */ while (optind < argc) { - while ((c = getopt_long(argc, argv, "cD:e:l:m:N:o:p:P:RsS:t:U:wW", + while ((c = getopt_long(argc, argv, "cD:e:l:m:N:o:p:P:sS:t:U:wW", long_options, &option_index)) != -1) { switch (c) @@ -2421,9 +2385,6 @@ main(int argc, char **argv) case 'P': register_password = pg_strdup(optarg); break; - case 'R': - pass_terminal_fd = true; - break; case 's': silent_mode = true; break; diff --git a/src/bin/pg_resetwal/pg_resetwal.c b/src/bin/pg_resetwal/pg_resetwal.c index 8f928b31292..cb6ef191820 100644 --- a/src/bin/pg_resetwal/pg_resetwal.c +++ b/src/bin/pg_resetwal/pg_resetwal.c @@ -804,8 +804,6 @@ PrintControlValues(bool guessed) (ControlFile.float8ByVal ? _("by value") : _("by reference"))); printf(_("Data page checksum version: %u\n"), ControlFile.data_checksum_version); - printf(_("File encryption key length: %d\n"), - ControlFile.file_encryption_keylen); } diff --git a/src/bin/pg_rewind/filemap.c b/src/bin/pg_rewind/filemap.c index b8775cab15d..ba34dbac146 100644 --- a/src/bin/pg_rewind/filemap.c +++ b/src/bin/pg_rewind/filemap.c @@ -28,7 +28,6 @@ #include "catalog/pg_tablespace_d.h" #include "common/hashfn.h" -#include "common/kmgr_utils.h" #include "common/string.h" #include "datapagemap.h" #include "filemap.h" @@ -109,13 +108,6 @@ static const char *excludeDirContents[] = "pg_notify", /* - * Skip cryptographic keys. It's generally not a good idea to copy the - * cryptographic keys from source database because these might use - * different cluster key. - */ - KMGR_DIR, - - /* * Old contents are loaded for possible debugging but are not required for * normal operation, see SerialInit(). */ diff --git a/src/bin/pg_upgrade/check.c b/src/bin/pg_upgrade/check.c index ef091cb3e4c..f3afea9d561 100644 --- a/src/bin/pg_upgrade/check.c +++ b/src/bin/pg_upgrade/check.c @@ -10,7 +10,6 @@ #include "postgres_fe.h" #include "catalog/pg_authid_d.h" -#include "common/kmgr_utils.h" #include "fe_utils/string_utils.h" #include "mb/pg_wchar.h" #include "pg_upgrade.h" @@ -28,7 +27,6 @@ static void check_for_tables_with_oids(ClusterInfo *cluster); static void check_for_reg_data_type_usage(ClusterInfo *cluster); static void check_for_jsonb_9_4_usage(ClusterInfo *cluster); static void check_for_pg_role_prefix(ClusterInfo *cluster); -static void check_for_cluster_key_failure(ClusterInfo *cluster); static void check_for_new_tablespace_dir(ClusterInfo *new_cluster); static char *get_canonical_locale_name(int category, const char *locale); @@ -141,9 +139,6 @@ check_and_dump_old_cluster(bool live_check) if (GET_MAJOR_VERSION(old_cluster.major_version) <= 905) check_for_pg_role_prefix(&old_cluster); - if (GET_MAJOR_VERSION(old_cluster.major_version) >= 1400) - check_for_cluster_key_failure(&old_cluster); - if (GET_MAJOR_VERSION(old_cluster.major_version) == 904 && old_cluster.controldata.cat_ver < JSONB_FORMAT_CHANGE_CAT_VER) check_for_jsonb_9_4_usage(&old_cluster); @@ -178,9 +173,6 @@ check_new_cluster(void) check_loadable_libraries(); - if (GET_MAJOR_VERSION(old_cluster.major_version) >= 1400) - check_for_cluster_key_failure(&new_cluster); - switch (user_opts.transfer_mode) { case TRANSFER_MODE_CLONE: @@ -1278,32 +1270,6 @@ check_for_pg_role_prefix(ClusterInfo *cluster) /* - * check_for_cluster_key_failure() - * - * Make sure there was no unrepaired pg_alterckey failure - */ -static void -check_for_cluster_key_failure(ClusterInfo *cluster) -{ - struct stat buffer; - - if (stat (KMGR_DIR_PID, &buffer) == 0) - { - if (cluster == &old_cluster) - pg_fatal("The source cluster had a pg_alterckey failure that needs repair or\n" - "pg_alterckey is running. Run pg_alterckey --repair or wait for it\n" - "to complete.\n"); - else - pg_fatal("The target cluster had a pg_alterckey failure that needs repair or\n" - "pg_alterckey is running. Run pg_alterckey --repair or wait for it\n" - "to complete.\n"); - } - - check_ok(); -} - - -/* * get_canonical_locale_name * * Send the locale name to the system, and hope we get back a canonical diff --git a/src/bin/pg_upgrade/controldata.c b/src/bin/pg_upgrade/controldata.c index a0aa995bbde..39bcaa8fe1a 100644 --- a/src/bin/pg_upgrade/controldata.c +++ b/src/bin/pg_upgrade/controldata.c @@ -9,16 +9,10 @@ #include "postgres_fe.h" -#include <dirent.h> #include <ctype.h> #include "pg_upgrade.h" -#include "access/xlog_internal.h" -#include "common/controldata_utils.h" -#include "common/file_utils.h" -#include "common/kmgr_utils.h" - /* * get_control_data() * @@ -65,7 +59,6 @@ get_control_data(ClusterInfo *cluster, bool live_check) bool got_date_is_int = false; bool got_data_checksum_version = false; bool got_cluster_state = false; - int got_file_encryption_keylen = 0; char *lc_collate = NULL; char *lc_ctype = NULL; char *lc_monetary = NULL; @@ -209,13 +202,6 @@ get_control_data(ClusterInfo *cluster, bool live_check) got_data_checksum_version = true; } - /* Only in <= 14 */ - if (GET_MAJOR_VERSION(cluster->major_version) <= 1400) - { - cluster->controldata.file_encryption_keylen = 0; - got_file_encryption_keylen = true; - } - /* we have the result of cmd in "output". so parse it line by line now */ while (fgets(bufin, sizeof(bufin), output)) { @@ -499,18 +485,6 @@ get_control_data(ClusterInfo *cluster, bool live_check) cluster->controldata.data_checksum_version = str2uint(p); got_data_checksum_version = true; } - else if ((p = strstr(bufin, "File encryption key length:")) != NULL) - { - p = strchr(p, ':'); - - if (p == NULL || strlen(p) <= 1) - pg_fatal("%d: controldata retrieval problem\n", __LINE__); - - p++; /* remove ':' char */ - /* used later for contrib check */ - cluster->controldata.file_encryption_keylen = atoi(p); - got_file_encryption_keylen = true; - } } pclose(output); @@ -565,8 +539,7 @@ get_control_data(ClusterInfo *cluster, bool live_check) !got_index || !got_toast || (!got_large_object && cluster->controldata.ctrl_ver >= LARGE_OBJECT_SIZE_PG_CONTROL_VER) || - !got_date_is_int || !got_data_checksum_version || - !got_file_encryption_keylen) + !got_date_is_int || !got_data_checksum_version) { if (cluster == &old_cluster) pg_log(PG_REPORT, @@ -632,10 +605,6 @@ get_control_data(ClusterInfo *cluster, bool live_check) if (!got_data_checksum_version) pg_log(PG_REPORT, " data checksum version\n"); - /* value added in Postgres 14 */ - if (!got_file_encryption_keylen) - pg_log(PG_REPORT, " file encryption key length\n"); - pg_fatal("Cannot continue without required control information, terminating\n"); } } @@ -700,15 +669,6 @@ check_control_data(ControlData *oldctrl, pg_fatal("old cluster uses data checksums but the new one does not\n"); else if (oldctrl->data_checksum_version != newctrl->data_checksum_version) pg_fatal("old and new cluster pg_controldata checksum versions do not match\n"); - - /* - * We cannot upgrade if the old cluster file encryption key length - * doesn't match the new one. - - */ - if (oldctrl->file_encryption_keylen != newctrl->file_encryption_keylen) - pg_fatal("old and new clusters use different file encryption key lengths or\n" - "one cluster uses encryption and the other does not"); } diff --git a/src/bin/pg_upgrade/file.c b/src/bin/pg_upgrade/file.c index c9851192ec6..cc8a675d009 100644 --- a/src/bin/pg_upgrade/file.c +++ b/src/bin/pg_upgrade/file.c @@ -11,7 +11,6 @@ #include <sys/stat.h> #include <fcntl.h> -#include <dirent.h> #ifdef HAVE_COPYFILE_H #include <copyfile.h> #endif @@ -22,7 +21,6 @@ #include "access/visibilitymap.h" #include "common/file_perm.h" -#include "common/file_utils.h" #include "pg_upgrade.h" #include "storage/bufpage.h" #include "storage/checksum.h" diff --git a/src/bin/pg_upgrade/option.c b/src/bin/pg_upgrade/option.c index 4702998352f..548d648e8c4 100644 --- a/src/bin/pg_upgrade/option.c +++ b/src/bin/pg_upgrade/option.c @@ -52,7 +52,6 @@ parseCommandLine(int argc, char *argv[]) {"check", no_argument, NULL, 'c'}, {"link", no_argument, NULL, 'k'}, {"retain", no_argument, NULL, 'r'}, - {"authprompt", no_argument, NULL, 'R'}, {"jobs", required_argument, NULL, 'j'}, {"socketdir", required_argument, NULL, 's'}, {"verbose", no_argument, NULL, 'v'}, @@ -103,7 +102,7 @@ parseCommandLine(int argc, char *argv[]) if (os_user_effective_id == 0) pg_fatal("%s: cannot be run as root\n", os_info.progname); - while ((option = getopt_long(argc, argv, "d:D:b:B:cj:ko:O:p:P:rRs:U:v", + while ((option = getopt_long(argc, argv, "d:D:b:B:cj:ko:O:p:P:rs:U:v", long_options, &optindex)) != -1) { switch (option) @@ -181,10 +180,6 @@ parseCommandLine(int argc, char *argv[]) log_opts.retain = true; break; - case 'R': - user_opts.pass_terminal_fd = true; - break; - case 's': user_opts.socketdir = pg_strdup(optarg); break; diff --git a/src/bin/pg_upgrade/pg_upgrade.h b/src/bin/pg_upgrade/pg_upgrade.h index 53ce195963f..ee70243c2e9 100644 --- a/src/bin/pg_upgrade/pg_upgrade.h +++ b/src/bin/pg_upgrade/pg_upgrade.h @@ -11,7 +11,6 @@ #include <sys/time.h> #include "libpq-fe.h" -#include "common/kmgr_utils.h" /* Use port in the private/dynamic port number range */ #define DEF_PGUPORT 50432 @@ -220,7 +219,6 @@ typedef struct bool date_is_int; bool float8_pass_by_value; bool data_checksum_version; - int file_encryption_keylen; } ControlData; /* @@ -295,7 +293,6 @@ typedef struct int jobs; /* number of processes/threads to use */ char *socketdir; /* directory to use for Unix sockets */ bool ind_coll_unknown; /* mark unknown index collation versions */ - bool pass_terminal_fd; /* pass -R to pg_ctl? */ } UserOpts; typedef struct diff --git a/src/bin/pg_upgrade/server.c b/src/bin/pg_upgrade/server.c index 9208ad0d8a3..713509f5406 100644 --- a/src/bin/pg_upgrade/server.c +++ b/src/bin/pg_upgrade/server.c @@ -244,9 +244,8 @@ start_postmaster(ClusterInfo *cluster, bool report_and_exit_on_error) * vacuumdb --freeze actually freezes the tuples. */ snprintf(cmd, sizeof(cmd), - "\"%s/pg_ctl\" -w%s -l \"%s\" -D \"%s\" -o \"-p %d%s%s %s%s\" start", - cluster->bindir, user_opts.pass_terminal_fd ? " -R" : "", - SERVER_LOG_FILE, cluster->pgconfig, cluster->port, + "\"%s/pg_ctl\" -w -l \"%s\" -D \"%s\" -o \"-p %d%s%s %s%s\" start", + cluster->bindir, SERVER_LOG_FILE, cluster->pgconfig, cluster->port, (cluster->controldata.cat_ver >= BINARY_UPGRADE_SERVER_FLAG_CAT_VER) ? " -b" : " -c autovacuum=off -c autovacuum_freeze_max_age=2000000000", |