summaryrefslogtreecommitdiff
path: root/src/backend/commands/dbcommands.c
AgeCommit message (Collapse)Author
2007-06-01Make CREATE/DROP/RENAME DATABASE wait a little bit to see if other backendsTom Lane
will exit before failing because of conflicting DB usage. Per discussion, this seems a good idea to help mask the fact that backend exit takes nonzero time. Remove a couple of thereby-obsoleted sleeps in contrib and PL regression test sequences.
2007-04-12Cancel pending fsync requests during WAL replay of DROP DATABASE, per bugTom Lane
report from David Darville. Back-patch as far as 8.1, which may or may not have the problem but it seems a safe change anyway.
2007-03-13First phase of plan-invalidation project: create a plan cache managementTom Lane
module and teach PREPARE and protocol-level prepared statements to use it. In service of this, rearrange utility-statement processing so that parse analysis does not assume table schemas can't change before execution for utility statements (necessary because we don't attempt to re-acquire locks for utility statements when reusing a stored plan). This requires some refactoring of the ProcessUtility API, but it ends up cleaner anyway, for instance we can get rid of the QueryContext global. Still to do: fix up SPI and related code to use the plan cache; I'm tempted to try to make SQL functions use it too. Also, there are at least some aspects of system state that we want to ensure remain the same during a replan as in the original processing; search_path certainly ought to behave that way for instance, and perhaps there are others.
2007-02-09Call pgstat_drop_database during DROP DATABASE, so that any stats fileTom Lane
entries for the victim database go away sooner rather than later. We already did the equivalent thing at the per-relation level, not sure why it's not been done for whole databases. With this change, pgstat_vacuum_tabstat should usually not find anything to do; though we still need it as a backstop in case DROPDB or TABPURGE messages get lost under load.
2007-02-01Wording cleanup for error messages. Also change can't -> cannot.Bruce Momjian
Standard English uses "may", "can", and "might" in different ways: may - permission, "You may borrow my rake." can - ability, "I can lift that log." might - possibility, "It might rain today." Unfortunately, in conversational English, their use is often mixed, as in, "You may use this variable to do X", when in fact, "can" is a better choice. Similarly, "It may crash" is better stated, "It might crash".
2007-01-17Extend yesterday's patch so that the bgwriter is also told to forgetTom Lane
pending fsyncs during DROP DATABASE. Obviously necessary in hindsight :-(
2007-01-16Arrange for autovacuum to be killed when another operation wants to be aloneAlvaro Herrera
accessing it, like DROP DATABASE. This allows the regression tests to pass with autovacuum enabled, which open the gates for finally enabling autovacuum by default.
2007-01-05Update CVS HEAD for 2007 copyright. Back branches are typically notBruce Momjian
back-stamped for this.
2006-11-05Fix recently-understood problems with handling of XID freezing, particularlyTom Lane
in PITR scenarios. We now WAL-log the replacement of old XIDs with FrozenTransactionId, so that such replacement is guaranteed to propagate to PITR slave databases. Also, rather than relying on hint-bit updates to be preserved, pg_clog is not truncated until all instances of an XID are known to have been replaced by FrozenTransactionId. Add new GUC variables and pg_autovacuum columns to allow management of the freezing policy, so that users can trade off the size of pg_clog against the amount of freezing work done. Revise the already-existing code that forces autovacuum of tables approaching the wraparound point to make it more bulletproof; also, revise the autovacuum logic so that anti-wraparound vacuuming is done per-table rather than per-database. initdb forced because of changes in pg_class, pg_database, and pg_autovacuum catalogs. Heikki Linnakangas, Simon Riggs, and Tom Lane.
2006-10-18Add some code to CREATE DATABASE to check for pre-existing subdirectoriesTom Lane
that conflict with the OID that we want to use for the new database. This avoids the risk of trying to remove files that maybe we shouldn't remove. Per gripe from Jon Lapham and subsequent discussion of 27-Sep.
2006-10-04pgindent run for 8.2.Bruce Momjian
2006-07-14Remove 576 references of include files that were not needed.Bruce Momjian
2006-07-13Allow include files to compile own their own.Bruce Momjian
Strip unused include files out unused include files, and add needed includes to C files. The next step is to remove unused include files in C files.
2006-07-10Improve vacuum code to track minimum Xids per table instead of per database.Alvaro Herrera
To this end, add a couple of columns to pg_class, relminxid and relvacuumxid, based on which we calculate the pg_database columns after each vacuum. We now force all databases to be vacuumed, even template ones. A backend noticing too old a database (meaning pg_database.datminxid is in danger of falling behind Xid wraparound) will signal the postmaster, which in turn will start an autovacuum iteration to process the offending database. In principle this is only there to cope with frozen (non-connectable) databases without forcing users to set them to connectable, but it could force regular user database to go through a database-wide vacuum at any time. Maybe we should warn users about this somehow. Of course the real solution will be to use autovacuum all the time ;-) There are some additional improvements we could have in this area: for example the vacuum code could be smarter about not updating pg_database for each table when called by autovacuum, and do it only once the whole autovacuum iteration is done. I updated the system catalogs documentation, but I didn't modify the maintenance section. Also having some regression tests for this would be nice but it's not really a very straightforward thing to do. Catalog version bumped due to system catalog changes.
2006-05-04Rethink the locking mechanisms used for CREATE/DROP/RENAME DATABASE.Tom Lane
The former approach used ExclusiveLock on pg_database, which being a cluster-wide lock meant only one of these operations could proceed at a time; worse, it also blocked all incoming connections in ReverifyMyDatabase. Now that we have LockSharedObject(), we can use locks of different types applied to databases considered as objects. This allows much more flexible management of the interlocking: two CREATE DATABASEs need not block each other, and need not block connections except to the template database being used. Similarly DROP DATABASE doesn't block unrelated operations. The locking used in flatfiles.c is also much narrower in scope than before. Per recent proposal.
2006-05-03Create a syscache for pg_database-indexed-by-oid, and make use of itTom Lane
in various places that were previously doing ad hoc pg_database searches. This may speed up database-related privilege checks a little bit, but the main motivation is to eliminate the performance reason for having ReverifyMyDatabase do such a lot of stuff (viz, avoiding repeat scans of pg_database during backend startup). The locking reason for having that routine is about to go away, and it'd be good to have the option to break it up.
2006-03-29Clean up and document the API for XLogOpenRelation and XLogReadBuffer.Tom Lane
This commit doesn't make much functional change, but it does eliminate some duplicated code --- for instance, PageIsNew tests are now done inside XLogReadBuffer rather than by each caller. The GIST xlog code still needs a lot of love, but I'll worry about that separately.
2006-03-24Arrange to emit a description of the current XLOG record as error contextTom Lane
when an error occurs during xlog replay. Also, replace the former risky 'write into a fixed-size buffer with no overflow detection' API for XLOG record description routines; use an expansible StringInfo instead. (The latter accounts for most of the patch bulk.) Qingqing Zhou
2006-03-05Update copyright for 2006. Update scripts.Bruce Momjian
2006-02-12I've created a new shared catalog table pg_shdescription to storeBruce Momjian
comments on cluster global objects like databases, tablespaces, and roles. It touches a lot of places, but not much in the way of big changes. The only design decision I made was to duplicate the query and manipulation functions rather than to try and have them handle both shared and local comments. I believe this is simpler for the code and not an issue for callers because they know what type of object they are dealing with. This has resulted in a shobj_description function analagous to obj_description and backend functions [Create/Delete]SharedComments mirroring the existing [Create/Delete]Comments functions. pg_shdescription.h goes into src/include/catalog/ Kris Jurka
2005-11-22Re-run pgindent, fixing a problem where comment lines after a blankBruce Momjian
comment line where output as too long, and update typedefs for /lib directory. Also fix case where identifiers were used as variable names in the backend, but as typedefs in ecpg (favor the backend for indenting). Backpatch to 8.1.X.
2005-11-22 DROP DATABASE IF EXISTS variantAndrew Dunstan
2005-10-15Standard pgindent run for 8.1.Bruce Momjian
2005-10-10Use a safer order of operations in dropdb(): rollbackable operations,Tom Lane
ie removing shared-dependency entries, should happen before non-rollbackable ones. That way a failure during the rollbackable part doesn't leave us with inconsistent state.
2005-08-22Fix unwanted denial of ALTER OWNER rights to superusers. There was someTom Lane
discussion of getting around this by relaxing the checks made for regular users, but I'm disinclined to toy with the security model right now, so just special-case it for superusers where needed.
2005-08-12Solve the problem of OID collisions by probing for duplicate OIDsTom Lane
whenever we generate a new OID. This prevents occasional duplicate-OID errors that can otherwise occur once the OID counter has wrapped around. Duplicate relfilenode values are also checked for when creating new physical files. Per my recent proposal.
2005-08-02Clean up CREATE DATABASE processing to make it more robust and get ridTom Lane
of special case for Windows port. Put a PG_TRY around most of createdb() to ensure that we remove copied subdirectories on failure, even if the failure happens while creating the pg_database row. (I think this explains Oliver Siegmar's recent report.) Having done that, there's no need for the fragile assumption that copydir() mustn't ereport(ERROR), so simplify its API. Eliminate the old code that used system("cp ...") to copy subdirectories, in favor of using copydir() on all platforms. This not only should allow much better error reporting, but allows us to fsync the created files before trusting that the copy has succeeded.
2005-07-31Add per-user and per-database connection limit options.Tom Lane
This patch also includes preliminary update of pg_dumpall for roles. Petr Jelinek, with review by Bruce Momjian and Tom Lane.
2005-07-14Adjust permissions checking for ALTER OWNER commands: instead ofTom Lane
requiring superuserness always, allow an owner to reassign ownership to any role he is a member of, if that role would have the right to create a similar object. These three requirements essentially state that the would-be alterer has enough privilege to DROP the existing object and then re-CREATE it as the new role; so we might as well let him do it in one step. The ALTER TABLESPACE case is a bit squirrely, but the whole concept of non-superuser tablespace owners is pretty dubious anyway. Stephen Frost, code review by Tom Lane.
2005-07-08Remove some dead code for handling XLOG_DBASE_CREATE_OLD andNeil Conway
XLOG_DBASE_DROP_OLD WAL records -- these records are no longer created in current sources. Adjust numbering of XLOG_DBASE_CREATE and XLOG_DBASE_DROP and bump the catversion. Patch from Gavin Sherry, adjusted by Neil Conway.
2005-07-07Track dependencies on shared objects (which is to say, roles; we alreadyTom Lane
have adequate mechanisms for tracking the contents of databases and tablespaces). This solves the longstanding problem that you can drop a user who still owns objects and/or has access permissions. Alvaro Herrera, with some kibitzing from Tom Lane.
2005-06-30Improve the checkpoint signaling mechanism so that the bgwriter can tellTom Lane
the difference between checkpoints forced due to WAL segment consumption and checkpoints forced for other reasons (such as CREATE DATABASE). Avoid generating 'checkpoints are occurring too frequently' messages when the checkpoint wasn't caused by WAL segment consumption. Per gripe from Chris K-L.
2005-06-29More cleanup on roles patch. Allow admin option to be inherited throughTom Lane
role memberships; make superuser/createrole distinction do something useful; fix some locking and CommandCounterIncrement issues; prevent creation of loops in the membership graph.
2005-06-28Replace pg_shadow and pg_group by new role-capable catalogs pg_authidTom Lane
and pg_auth_members. There are still many loose ends to finish in this patch (no documentation, no regression tests, no pg_dump support for instance). But I'm going to commit it now anyway so that Alvaro can make some progress on shared dependencies. The catalog changes should be pretty much done.
2005-06-25Force a checkpoint before committing a CREATE DATABASE command. ThisTom Lane
should fix the recent reports of "index is not a btree" failures, as well as preventing a more obscure race condition involving changes to a template database just after copying it with CREATE DATABASE.
2005-06-21Cause initdb to create a third standard database "postgres", whichTom Lane
unlike template0 and template1 does not have any special status in terms of backend functionality. However, all external utilities such as createuser and createdb now connect to "postgres" instead of template1, and the documentation is changed to encourage people to use "postgres" instead of template1 as a play area. This should fix some longstanding gotchas involving unexpected propagation of database objects by createdb (when you used template1 without understanding the implications), as well as ameliorating the problem that CREATE DATABASE is unhappy if anyone else is connected to template1. Patch by Dave Page, minor editing by Tom Lane. All per recent pghackers discussions.
2005-06-06Modify XLogInsert API to make callers specify whether pages to be backedTom Lane
up have the standard layout with unused space between pd_lower and pd_upper. When this is set, XLogInsert will omit the unused space without bothering to scan it to see if it's zero. That saves time in XLogInsert, and also allows reversion of my earlier patch to make PageRepairFragmentation et al explicitly re-zero freed space. Per suggestion by Heikki Linnakangas.
2005-06-06Remove the mostly-stubbed-out-anyway support routines for WAL UNDO.Tom Lane
That code is never going to be used in the foreseeable future, and where it's more than a stub it's making the redo routines harder to read.
2005-05-19Split the shared-memory array of PGPROC pointers out of the sinvalTom Lane
communication structure, and make it its own module with its own lock. This should reduce contention at least a little, and it definitely makes the code seem cleaner. Per my recent proposal.
2005-04-14Completion of project to use fixed OIDs for all system catalogs andTom Lane
indexes. Replace all heap_openr and index_openr calls by heap_open and index_open. Remove runtime lookups of catalog OID numbers in various places. Remove relcache's support for looking up system catalogs by name. Bulky but mostly very boring patch ...
2005-03-23WAL must log CREATE and DROP DATABASE operations *without* using anyTom Lane
explicit paths, so that the log can be replayed in a data directory with a different absolute path than the original had. To avoid forcing initdb in the 8.0 branch, continue to accept the old WAL log record types; they will never again be generated however, and the code can be dropped after the next forced initdb. Per report from Oleg Bartunov. We still need to think about what it really means to WAL-log CREATE TABLESPACE commands: we more or less have to put the absolute path into those, but how to replay in a different context??
2005-03-12When cloning template0 (or other fully-frozen databases), set the newTom Lane
database's datallowconn and datfrozenxid to the current transaction ID instead of copying the source database's values. This is OK because we assume the source DB contains no normal transaction IDs whatsoever. This keeps VACUUM from immediately starting to complain about unvacuumed databases in the situation where we are more than 2 billion transactions out from the XID stamp of template0. Per discussion with Milen Radev (although his complaint turned out to be due to something else, but the problem is real anyway).
2005-03-12Fix ALTER DATABASE RENAME to allow the operation if user is a superuserTom Lane
who for some reason isn't marked usecreatedb. Per report from Alexander Pravking. Also fix sloppy coding in have_createdb_privilege().
2005-03-04Replace the BufMgrLock with separate locks on the lookup hashtable andTom Lane
the freelist, plus per-buffer spinlocks that protect access to individual shared buffer headers. This requires abandoning a global freelist (since the freelist is a global contention point), which shoots down ARC and 2Q as well as plain LRU management. Adopt a clock sweep algorithm instead. Preliminary results show substantial improvement in multi-backend situations.
2005-02-26Finish up the flat-files project: get rid of GetRawDatabaseInfo() hackTom Lane
in favor of looking at the flat file copy of pg_database during backend startup. This should finally eliminate the various corner cases in which backend startup fails unexpectedly because it isn't able to distinguish live and dead tuples in pg_database. Simplify locking on pg_database to be similar to the rules used with pg_shadow and pg_group, and eliminate FlushRelationBuffers operations that were used only to reduce the odds of failure of GetRawDatabaseInfo. initdb forced due to addition of a trigger to pg_database.
2005-02-20Add code to prevent transaction ID wraparound by enforcing a safe limitTom Lane
in GetNewTransactionId(). Since the limit value has to be computed before we run any real transactions, this requires adding code to database startup to scan pg_database and determine the oldest datfrozenxid. This can conveniently be combined with the first stage of an attack on the problem that the 'flat file' copies of pg_shadow and pg_group are not properly updated during WAL recovery. The code I've added to startup resides in a new file src/backend/utils/init/flatfiles.c, and it is responsible for rewriting the flat files as well as initializing the XID wraparound limit value. This will eventually allow us to get rid of GetRawDatabaseInfo too, but we'll need an initdb so we can add a trigger to pg_database.
2005-01-27Change heap_modifytuple() to require a TupleDesc rather than aNeil Conway
Relation. Patch from Alvaro Herrera, minor editorializing by Neil Conway.
2004-12-31Tag appropriate files for rc3PostgreSQL Daemon
Also performed an initial run through of upgrading our Copyright date to extend to 2005 ... first run here was very simple ... change everything where: grep 1996-2004 && the word 'Copyright' ... scanned through the generated list with 'less' first, and after, to make sure that I only picked up the right entries ...
2004-11-18Force pg_database updates out to disk immediately after ALTER DATABASE;Tom Lane
this is to avoid scenarios where incoming backends find no live copies of a database's row because the only live copy is in an as-yet-unwritten shared buffer, which they can't see. Also, use FlushRelationBuffers() for forcing out pg_database, instead of the much more expensive BufferSync(). There's no need to write out pages belonging to other relations.
2004-10-28On Windows, force a checkpoint just before dropping a database's physicalTom Lane
files and directories. This ensures that the bgwriter will close any open file references it is holding for files therein, which is needed for the rmdir() to succeed. Andrew Dunstan and Tom Lane.