+56
-12
lines changedFilter options
+56
-12
lines changed Original file line number Diff line number Diff line change
@@ -270,25 +270,37 @@ func run() (retVal error) {
270 270
// so it must be done before blocking on the WaitGroup in stopPostProcess()
271 271
defer close(producedFiles)
272 272 273 -
if opts.WithRolePasswords {
273 +
// Connect before running pg_dumpall so that we know if the user is superuser
274 +
db, err := dbOpen(conninfo)
275 +
if err != nil {
276 +
return fmt.Errorf("connection to PostgreSQL failed: %w", err)
277 +
}
278 +
defer db.Close()
279 + 280 +
if !db.superuser {
281 +
l.Infoln("connection user is not superuser, some information will not be dumped")
282 +
}
283 + 284 +
// Then we can implicitely avoid dumping role password when using a
285 +
// regular user
286 +
dumpRolePasswords := opts.WithRolePasswords && db.superuser
287 +
if dumpRolePasswords {
274 288
l.Infoln("dumping globals")
275 289
} else {
276 290
l.Infoln("dumping globals without role passwords")
277 291
}
278 -
if err := dumpGlobals(opts.Directory, opts.TimeFormat, opts.WithRolePasswords, conninfo, producedFiles); err != nil {
292 +
if err := dumpGlobals(opts.Directory, opts.TimeFormat, dumpRolePasswords, conninfo, producedFiles); err != nil {
279 293
return fmt.Errorf("pg_dumpall of globals failed: %w", err)
280 294
}
281 295 282 -
db, err := dbOpen(conninfo)
283 -
if err != nil {
284 -
return fmt.Errorf("connection to PostgreSQL failed: %w", err)
285 -
}
286 -
defer db.Close()
287 - 288 296
l.Infoln("dumping instance configuration")
289 -
var verr *pgVersionError
297 +
var (
298 +
verr *pgVersionError
299 +
perr *pgPrivError
300 +
)
301 + 290 302
if err := dumpSettings(opts.Directory, opts.TimeFormat, db, producedFiles); err != nil {
291 -
if errors.As(err, &verr) {
303 +
if errors.As(err, &verr) || errors.As(err, &perr) {
292 304
l.Warnln(err)
293 305
} else {
294 306
return fmt.Errorf("could not dump configuration parameters: %w", err)
@@ -39,6 +39,7 @@ type pg struct {
39 39
conn *sql.DB
40 40
version int
41 41
xlogOrWal string
42 +
superuser bool
42 43
}
43 44 44 45
func pgGetVersionNum(db *sql.DB) (int, error) {
@@ -54,6 +55,19 @@ func pgGetVersionNum(db *sql.DB) (int, error) {
54 55
return version, nil
55 56
}
56 57 58 +
func pgAmISuperuser(db *sql.DB) (bool, error) {
59 +
var isSuper bool
60 + 61 +
query := "select rolsuper from pg_roles where rolname = current_user"
62 +
l.Verboseln("executing SQL query:", query)
63 +
err := db.QueryRow(query).Scan(&isSuper)
64 +
if err != nil {
65 +
return false, fmt.Errorf("could not check if db user is superuser: %s", err)
66 +
}
67 + 68 +
return isSuper, nil
69 +
}
70 + 57 71
func dbOpen(conninfo *ConnInfo) (*pg, error) {
58 72
connstr := conninfo.String()
59 73
l.Verbosef("connecting to PostgreSQL with: \"%s\"", connstr)
@@ -83,6 +97,12 @@ func dbOpen(conninfo *ConnInfo) (*pg, error) {
83 97
newDB.xlogOrWal = "xlog"
84 98
}
85 99 100 +
newDB.superuser, err = pgAmISuperuser(db)
101 +
if err != nil {
102 +
db.Close()
103 +
return nil, err
104 +
}
105 + 86 106
return newDB, nil
87 107
}
88 108
@@ -207,6 +227,14 @@ func (e *pgVersionError) Error() string {
207 227
return e.s
208 228
}
209 229 230 +
type pgPrivError struct {
231 +
s string
232 +
}
233 + 234 +
func (e *pgPrivError) Error() string {
235 +
return e.s
236 +
}
237 + 210 238
// pg_dumpacl stuff
211 239
func dumpCreateDBAndACL(db *pg, dbname string, force bool) (string, error) {
212 240
var s string
@@ -231,12 +259,12 @@ func dumpCreateDBAndACL(db *pg, dbname string, force bool) (string, error) {
231 259 232 260
l.Infoln("dumping database creation and ACL commands of", dbname)
233 261 234 -
query := "SELECT coalesce(rolname, (select rolname from pg_authid where oid=(select datdba from pg_database where datname='template0'))), " +
262 +
query := "SELECT coalesce(rolname, (select rolname from pg_roles where oid=(select datdba from pg_database where datname='template0'))), " +
235 263
" pg_encoding_to_char(d.encoding), " +
236 264
" datcollate, datctype, datistemplate, datacl, datconnlimit, " +
237 265
" (SELECT spcname FROM pg_tablespace t WHERE t.oid = d.dattablespace) AS dattablespace " +
238 266
"FROM pg_database d" +
239 -
" LEFT JOIN pg_authid u ON (datdba = u.oid) " +
267 +
" LEFT JOIN pg_roles u ON (datdba = u.oid) " +
240 268
"WHERE datallowconn AND datname = $1"
241 269
l.Verboseln("executing SQL query:", query)
242 270
rows, err := db.conn.Query(query, dbname)
@@ -456,6 +484,10 @@ func showSettings(db *pg) (string, error) {
456 484
return "", &pgVersionError{s: "cluster version is older than 8.4, not dumping configuration"}
457 485
}
458 486 487 +
if !db.superuser {
488 +
return "", &pgPrivError{s: "current user is not superuser, not dumping configuration"}
489 +
}
490 + 459 491
if db.version >= 90500 {
460 492
// use pg_show_all_file_settings() from 9.5+ to get
461 493
// the non default values set in the files and
You can’t perform that action at this time.
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4