PostgreSQL的学习心得和知识总结(一百三十九)|深入理解PostgreSQL数据库GUC参数 allow_alter_system 的使用和原理

本文主要是介绍PostgreSQL的学习心得和知识总结(一百三十九)|深入理解PostgreSQL数据库GUC参数 allow_alter_system 的使用和原理,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!


注:提前言明 本文借鉴了以下博主、书籍或网站的内容,其列表如下:

1、参考书籍:《PostgreSQL数据库内核分析》
2、参考书籍:《数据库事务处理的艺术:事务管理与并发控制》
3、PostgreSQL数据库仓库链接,点击前往
4、日本著名PostgreSQL数据库专家 铃木启修 网站主页,点击前往
5、参考书籍:《PostgreSQL中文手册》
6、参考书籍:《PostgreSQL指南:内幕探索》,点击前往
7、参考书籍:《事务处理 概念与技术》
8、PgSQL · 性能优化 · PostgreSQL TPC-C极限优化玩法,点击前往


1、本文内容全部来源于开源社区 GitHub和以上博主的贡献,本文也免费开源(可能会存在问题,评论区等待大佬们的指正)
2、本文目的:开源共享 抛砖引玉 一起学习
3、本文不提供任何资源 不存在任何交易 与任何组织和机构无关
4、大家可以根据需要自行 复制粘贴以及作为其他个人用途,但是不允许转载 不允许商用 (写作不易,还请见谅 💖)
5、本文内容基于PostgreSQL master源码开发而成


深入理解PostgreSQL数据库GUC参数 allow_alter_system 的使用和原理

  • 文章快速说明索引
  • 参数使用背景说明
    • 背景
    • 使用
  • 参数实现源码解析



文章快速说明索引

学习目标:

做数据库内核开发久了就会有一种 少年得志,年少轻狂 的错觉,然鹅细细一品觉得自己其实不算特别优秀 远远没有达到自己想要的。也许光鲜的表面掩盖了空洞的内在,每每想到于此,皆有夜半临渊如履薄冰之感。为了睡上几个踏实觉,即日起 暂缓其他基于PostgreSQL数据库的兼容功能开发,近段时间 将着重于学习分享Postgres的基础知识和实践内幕。


学习内容:(详见目录)

1、深入理解PostgreSQL数据库GUC参数 allow_alter_system 的使用和原理


学习时间:

2024年04月21日 14:44:16


学习产出:

1、PostgreSQL数据库基础知识回顾 1个
2、CSDN 技术博客 1篇
3、PostgreSQL数据库内核深入学习


注:下面我们所有的学习环境是Centos8+PostgreSQL master +Oracle19C+MySQL8.0

postgres=# select version();version                                                   
------------------------------------------------------------------------------------------------------------PostgreSQL 17devel on x86_64-pc-linux-gnu, compiled by gcc (GCC) 8.5.0 20210514 (Red Hat 8.5.0-21), 64-bit
(1 row)postgres=##-----------------------------------------------------------------------------#SQL> select * from v$version;          BANNER        Oracle Database 19c EE Extreme Perf Release 19.0.0.0.0 - Production	
BANNER_FULL	  Oracle Database 19c EE Extreme Perf Release 19.0.0.0.0 - Production Version 19.17.0.0.0	
BANNER_LEGACY Oracle Database 19c EE Extreme Perf Release 19.0.0.0.0 - Production	
CON_ID 0#-----------------------------------------------------------------------------#mysql> select version();
+-----------+
| version() |
+-----------+
| 8.0.27    |
+-----------+
1 row in set (0.06 sec)mysql>

参数使用背景说明

背景

2024/03/29日,PostgreSQL新增一个GUC参数,如下:

  • Discussion: Possibility to disable ALTER SYSTEM,点击前往

添加allow_alter_system GUC


这个被标记为PGC_SIGHUP,所以只能在配置文件中设置,不能在其他地方设置;并且它还被标记为GUC_DISALLOW_IN_AUTO_FILE,因此不能使用ALTER SYSTEM进行设置。当设置为 false 时,不允许使用 ALTER SYSTEM 命令


人们非常担心这会被误解为安全功能,但事实并非如此,因为坚定的超级用户可以通过多种方式绕过它。因此,我们在文档的措辞上做了很多工作,希望避免任何此类混乱


官方文档的解释,如下:

当allow_alter_system设置为off时,执行ALTER SYSTEM命令会返回错误。该参数只能在 postgresql.conf 文件或服务器命令行中设置。默认值是打开的

请注意,此设置不得视为安全功能。它仅禁用 ALTER SYSTEM 命令。它不会阻止超级用户使用其他 SQL 命令更改配置。超级用户有多种在操作系统级别执行 shell 命令的方法,因此可以修改 postgresql.auto.conf,无论此设置的值如何

关闭此设置适用于 PostgreSQL 配置由某些外部工具管理的环境。在这种环境中,善意的超级用户可能会错误地使用 ALTER SYSTEM 来更改配置,而不是使用外部工具。这可能会导致意外行为,例如外部工具在稍后更新配置时覆盖更改。将此参数设置为关闭可以帮助避免此类错误

该参数仅控制 ALTER SYSTEM 的使用。即使allow_alter_system设置为off,存储在postgresql.auto.conf中的设置也会生效


使用

接下来看一个简单的使用,示例1如下:

[postgres@localhost:~/test/bin]$ ./psql 
psql (17devel)
Type "help" for help.postgres=# show timezone;TimeZone       
---------------------America/Los_Angeles
(1 row)postgres=# set timezone = 'PRC';
SET
postgres=# show timezone;TimeZone 
----------PRC
(1 row)postgres=# select now();now              
-------------------------------2024-04-18 15:35:49.411729+08
(1 row)postgres=# reset timezone;
RESET
postgres=# show timezone;TimeZone       
---------------------America/Los_Angeles
(1 row)postgres=# select now();now              
-------------------------------2024-04-18 00:36:06.505543-07
(1 row)postgres=# alter system set timezone = 'PRC';
2024-04-18 00:36:23.026 PDT [30697] ERROR:  ALTER SYSTEM is not allowed in this environment
2024-04-18 00:36:23.026 PDT [30697] STATEMENT:  alter system set timezone = 'PRC';
ERROR:  ALTER SYSTEM is not allowed in this environment
postgres=# 
postgres=# show timezone;TimeZone       
---------------------America/Los_Angeles
(1 row)postgres=# show allow_alter_system;allow_alter_system 
--------------------off
(1 row)postgres=# alter system set allow_alter_system = on;
2024-04-18 00:40:03.694 PDT [30697] ERROR:  ALTER SYSTEM is not allowed in this environment
2024-04-18 00:40:03.694 PDT [30697] STATEMENT:  alter system set allow_alter_system = on;
ERROR:  ALTER SYSTEM is not allowed in this environment
postgres=#
[postgres@localhost:~/test/bin]$ cat test/postgresql.conf | grep allow_alter_system
allow_alter_system = off
[postgres@localhost:~/test/bin]$

示例2,如下:

[postgres@localhost:~/test/bin]$ cat test/postgresql.conf | grep allow_alter_system
allow_alter_system = off
[postgres@localhost:~/test/bin]$ 
[postgres@localhost:~/test/bin]$ vim test/postgresql.auto.conf 
[postgres@localhost:~/test/bin]$ 
[postgres@localhost:~/test/bin]$ cat test/postgresql.auto.conf 
# Do not edit this file manually!
# It will be overwritten by the ALTER SYSTEM command.
allow_alter_system = on
[postgres@localhost:~/test/bin]$ 
[postgres@localhost:~/test/bin]$ ./pg_ctl restart -D test/
waiting for server to shut down....2024-04-24 23:05:34.217 PDT [30683] LOG:  received fast shutdown request
2024-04-24 23:05:34.219 PDT [30683] LOG:  aborting any active transactions
2024-04-24 23:05:34.220 PDT [30683] LOG:  background worker "logical replication launcher" (PID 30689) exited with exit code 1
2024-04-24 23:05:34.221 PDT [30684] LOG:  shutting down
2024-04-24 23:05:34.240 PDT [30683] LOG:  database system is shut downdone
server stopped
waiting for server to start....2024-04-24 23:05:34.361 PDT [50234] LOG:  starting PostgreSQL 17devel on x86_64-pc-linux-gnu, compiled by gcc (GCC) 8.5.0 20210514 (Red Hat 8.5.0-21), 64-bit
2024-04-24 23:05:34.361 PDT [50234] LOG:  listening on IPv6 address "::1", port 5432
2024-04-24 23:05:34.361 PDT [50234] LOG:  listening on IPv4 address "127.0.0.1", port 5432
2024-04-24 23:05:34.363 PDT [50234] LOG:  listening on Unix socket "/tmp/.s.PGSQL.5432"
2024-04-24 23:05:34.366 PDT [50237] LOG:  database system was shut down at 2024-04-24 23:05:34 PDT
2024-04-24 23:05:34.370 PDT [50234] LOG:  database system is ready to accept connectionsdone
server started
[postgres@localhost:~/test/bin]$ ./psql 
psql (17devel)
Type "help" for help.postgres=# show allow_alter_system;allow_alter_system 
--------------------on
(1 row)postgres=# show timezone;TimeZone       
---------------------America/Los_Angeles
(1 row)postgres=# alter system set timezone = 'PRC';
ALTER SYSTEM
postgres=# alter system set allow_alter_system = off;
2024-04-24 23:06:26.063 PDT [50248] ERROR:  parameter "allow_alter_system" cannot be changed
2024-04-24 23:06:26.063 PDT [50248] STATEMENT:  alter system set allow_alter_system = off;
ERROR:  parameter "allow_alter_system" cannot be changed
postgres=#

参数实现源码解析

guc定义,如下:

// src\backend\utils\misc\guc_tables.c{/** This setting itself cannot be set by ALTER SYSTEM to avoid an* operator turning this setting off by using ALTER SYSTEM, without a* way to turn it back on.*  * 此设置本身无法通过 ALTER SYSTEM 设置,以避免操作员使用 ALTER SYSTEM 关闭此设置* 而无法将其重新打开*/{"allow_alter_system", PGC_SIGHUP, COMPAT_OPTIONS_OTHER,gettext_noop("Allows running the ALTER SYSTEM command."),gettext_noop("Can be set to off for environments where global configuration ""changes should be made using a different method."),GUC_DISALLOW_IN_AUTO_FILE},&AllowAlterSystem,true,NULL, NULL, NULL},

该参数真实使用的逻辑,如下:

// src\backend\utils\misc\guc.c/** Execute ALTER SYSTEM statement.** Read the old PG_AUTOCONF_FILENAME file, merge in the new variable value,* and write out an updated file.  If the command is ALTER SYSTEM RESET ALL,* we can skip reading the old file and just write an empty file.* 读取旧的 PG_AUTOCONF_FILENAME 文件,合并新的变量值,并写出更新的文件* 如果命令是 ALTER SYSTEM RESET ALL,我们可以跳过读取旧文件,只写入一个空文件** An LWLock is used to serialize updates of the configuration file.* LWLock 用于序列化配置文件的更新** In case of an error, we leave the original automatic* configuration file (PG_AUTOCONF_FILENAME) intact.* 如果出现错误,我们会保留原始自动配置文件(PG_AUTOCONF_FILENAME)不变*/
void
AlterSystemSetConfigFile(AlterSystemStmt *altersysstmt)
{char	   *name;char	   *value;bool		resetall = false;ConfigVariable *head = NULL;ConfigVariable *tail = NULL;volatile int Tmpfd;char		AutoConfFileName[MAXPGPATH];char		AutoConfTmpFileName[MAXPGPATH];/** Extract statement arguments*/name = altersysstmt->setstmt->name;if (!AllowAlterSystem)ereport(ERROR,(errcode(ERRCODE_FEATURE_NOT_SUPPORTED),errmsg("ALTER SYSTEM is not allowed in this environment")));switch (altersysstmt->setstmt->kind){case VAR_SET_VALUE:value = ExtractSetVariableArgs(altersysstmt->setstmt);break;case VAR_SET_DEFAULT:case VAR_RESET:value = NULL;break;case VAR_RESET_ALL:value = NULL;resetall = true;break;default:elog(ERROR, "unrecognized alter system stmt type: %d",altersysstmt->setstmt->kind);break;}/** Check permission to run ALTER SYSTEM on the target variable*/if (!superuser()){if (resetall)ereport(ERROR,(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),errmsg("permission denied to perform ALTER SYSTEM RESET ALL")));else{AclResult	aclresult;aclresult = pg_parameter_aclcheck(name, GetUserId(),ACL_ALTER_SYSTEM);if (aclresult != ACLCHECK_OK)ereport(ERROR,(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),errmsg("permission denied to set parameter \"%s\"",name)));}}/** Unless it's RESET_ALL, validate the target variable and value*/if (!resetall){struct config_generic *record;/* We don't want to create a placeholder if there's not one already */record = find_option(name, false, true, DEBUG5);if (record != NULL){/** Don't allow parameters that can't be set in configuration files* to be set in PG_AUTOCONF_FILENAME file.*/if ((record->context == PGC_INTERNAL) ||(record->flags & GUC_DISALLOW_IN_FILE) ||(record->flags & GUC_DISALLOW_IN_AUTO_FILE))ereport(ERROR,(errcode(ERRCODE_CANT_CHANGE_RUNTIME_PARAM),errmsg("parameter \"%s\" cannot be changed",name)));/** If a value is specified, verify that it's sane.*/if (value){union config_var_val newval;void	   *newextra = NULL;if (!parse_and_validate_value(record, name, value,PGC_S_FILE, ERROR,&newval, &newextra))ereport(ERROR,(errcode(ERRCODE_INVALID_PARAMETER_VALUE),errmsg("invalid value for parameter \"%s\": \"%s\"",name, value)));if (record->vartype == PGC_STRING && newval.stringval != NULL)guc_free(newval.stringval);guc_free(newextra);}}else{/** Variable not known; check we'd be allowed to create it.  (We* cannot validate the value, but that's fine.  A non-core GUC in* the config file cannot cause postmaster start to fail, so we* don't have to be too tense about possibly installing a bad* value.)*/(void) assignable_custom_variable_name(name, false, ERROR);}/** We must also reject values containing newlines, because the grammar* for config files doesn't support embedded newlines in string* literals.*/if (value && strchr(value, '\n'))ereport(ERROR,(errcode(ERRCODE_INVALID_PARAMETER_VALUE),errmsg("parameter value for ALTER SYSTEM must not contain a newline")));}/** PG_AUTOCONF_FILENAME and its corresponding temporary file are always in* the data directory, so we can reference them by simple relative paths.*/snprintf(AutoConfFileName, sizeof(AutoConfFileName), "%s",PG_AUTOCONF_FILENAME);snprintf(AutoConfTmpFileName, sizeof(AutoConfTmpFileName), "%s.%s",AutoConfFileName,"tmp");/** Only one backend is allowed to operate on PG_AUTOCONF_FILENAME at a* time.  Use AutoFileLock to ensure that.  We must hold the lock while* reading the old file contents.*/LWLockAcquire(AutoFileLock, LW_EXCLUSIVE);/** If we're going to reset everything, then no need to open or parse the* old file.  We'll just write out an empty list.*/if (!resetall){struct stat st;if (stat(AutoConfFileName, &st) == 0){/* open old file PG_AUTOCONF_FILENAME */FILE	   *infile;infile = AllocateFile(AutoConfFileName, "r");if (infile == NULL)ereport(ERROR,(errcode_for_file_access(),errmsg("could not open file \"%s\": %m",AutoConfFileName)));/* parse it */if (!ParseConfigFp(infile, AutoConfFileName, CONF_FILE_START_DEPTH,LOG, &head, &tail))ereport(ERROR,(errcode(ERRCODE_CONFIG_FILE_ERROR),errmsg("could not parse contents of file \"%s\"",AutoConfFileName)));FreeFile(infile);}/** Now, replace any existing entry with the new value, or add it if* not present.*/replace_auto_config_value(&head, &tail, name, value);}/** Invoke the post-alter hook for setting this GUC variable.  GUCs* typically do not have corresponding entries in pg_parameter_acl, so we* call the hook using the name rather than a potentially-non-existent* OID.  Nonetheless, we pass ParameterAclRelationId so that this call* context can be distinguished from others.  (Note that "name" will be* NULL in the RESET ALL case.)** We do this here rather than at the end, because ALTER SYSTEM is not* transactional.  If the hook aborts our transaction, it will be cleaner* to do so before we touch any files.*/InvokeObjectPostAlterHookArgStr(ParameterAclRelationId, name,ACL_ALTER_SYSTEM,altersysstmt->setstmt->kind,false);/** To ensure crash safety, first write the new file data to a temp file,* then atomically rename it into place.** If there is a temp file left over due to a previous crash, it's okay to* truncate and reuse it.*/Tmpfd = BasicOpenFile(AutoConfTmpFileName,O_CREAT | O_RDWR | O_TRUNC);if (Tmpfd < 0)ereport(ERROR,(errcode_for_file_access(),errmsg("could not open file \"%s\": %m",AutoConfTmpFileName)));/** Use a TRY block to clean up the file if we fail.  Since we need a TRY* block anyway, OK to use BasicOpenFile rather than OpenTransientFile.*/PG_TRY();{/* Write and sync the new contents to the temporary file */write_auto_conf_file(Tmpfd, AutoConfTmpFileName, head);/* Close before renaming; may be required on some platforms */close(Tmpfd);Tmpfd = -1;/** As the rename is atomic operation, if any problem occurs after this* at worst it can lose the parameters set by last ALTER SYSTEM* command.*/durable_rename(AutoConfTmpFileName, AutoConfFileName, ERROR);}PG_CATCH();{/* Close file first, else unlink might fail on some platforms */if (Tmpfd >= 0)close(Tmpfd);/* Unlink, but ignore any error */(void) unlink(AutoConfTmpFileName);PG_RE_THROW();}PG_END_TRY();FreeConfigVariables(head);LWLockRelease(AutoFileLock);
}

这篇关于PostgreSQL的学习心得和知识总结(一百三十九)|深入理解PostgreSQL数据库GUC参数 allow_alter_system 的使用和原理的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!



http://www.chinasem.cn/article/936082

相关文章

HarmonyOS学习(七)——UI(五)常用布局总结

自适应布局 1.1、线性布局(LinearLayout) 通过线性容器Row和Column实现线性布局。Column容器内的子组件按照垂直方向排列,Row组件中的子组件按照水平方向排列。 属性说明space通过space参数设置主轴上子组件的间距,达到各子组件在排列上的等间距效果alignItems设置子组件在交叉轴上的对齐方式,且在各类尺寸屏幕上表现一致,其中交叉轴为垂直时,取值为Vert

Spring Security基于数据库验证流程详解

Spring Security 校验流程图 相关解释说明(认真看哦) AbstractAuthenticationProcessingFilter 抽象类 /*** 调用 #requiresAuthentication(HttpServletRequest, HttpServletResponse) 决定是否需要进行验证操作。* 如果需要验证,则会调用 #attemptAuthentica

Java架构师知识体认识

源码分析 常用设计模式 Proxy代理模式Factory工厂模式Singleton单例模式Delegate委派模式Strategy策略模式Prototype原型模式Template模板模式 Spring5 beans 接口实例化代理Bean操作 Context Ioc容器设计原理及高级特性Aop设计原理Factorybean与Beanfactory Transaction 声明式事物

中文分词jieba库的使用与实景应用(一)

知识星球:https://articles.zsxq.com/id_fxvgc803qmr2.html 目录 一.定义: 精确模式(默认模式): 全模式: 搜索引擎模式: paddle 模式(基于深度学习的分词模式): 二 自定义词典 三.文本解析   调整词出现的频率 四. 关键词提取 A. 基于TF-IDF算法的关键词提取 B. 基于TextRank算法的关键词提取

使用SecondaryNameNode恢复NameNode的数据

1)需求: NameNode进程挂了并且存储的数据也丢失了,如何恢复NameNode 此种方式恢复的数据可能存在小部分数据的丢失。 2)故障模拟 (1)kill -9 NameNode进程 [lytfly@hadoop102 current]$ kill -9 19886 (2)删除NameNode存储的数据(/opt/module/hadoop-3.1.4/data/tmp/dfs/na

Hadoop数据压缩使用介绍

一、压缩原则 (1)运算密集型的Job,少用压缩 (2)IO密集型的Job,多用压缩 二、压缩算法比较 三、压缩位置选择 四、压缩参数配置 1)为了支持多种压缩/解压缩算法,Hadoop引入了编码/解码器 2)要在Hadoop中启用压缩,可以配置如下参数

【前端学习】AntV G6-08 深入图形与图形分组、自定义节点、节点动画(下)

【课程链接】 AntV G6:深入图形与图形分组、自定义节点、节点动画(下)_哔哩哔哩_bilibili 本章十吾老师讲解了一个复杂的自定义节点中,应该怎样去计算和绘制图形,如何给一个图形制作不间断的动画,以及在鼠标事件之后产生动画。(有点难,需要好好理解) <!DOCTYPE html><html><head><meta charset="UTF-8"><title>06

Makefile简明使用教程

文章目录 规则makefile文件的基本语法:加在命令前的特殊符号:.PHONY伪目标: Makefilev1 直观写法v2 加上中间过程v3 伪目标v4 变量 make 选项-f-n-C Make 是一种流行的构建工具,常用于将源代码转换成可执行文件或者其他形式的输出文件(如库文件、文档等)。Make 可以自动化地执行编译、链接等一系列操作。 规则 makefile文件

学习hash总结

2014/1/29/   最近刚开始学hash,名字很陌生,但是hash的思想却很熟悉,以前早就做过此类的题,但是不知道这就是hash思想而已,说白了hash就是一个映射,往往灵活利用数组的下标来实现算法,hash的作用:1、判重;2、统计次数;

认识、理解、分类——acm之搜索

普通搜索方法有两种:1、广度优先搜索;2、深度优先搜索; 更多搜索方法: 3、双向广度优先搜索; 4、启发式搜索(包括A*算法等); 搜索通常会用到的知识点:状态压缩(位压缩,利用hash思想压缩)。