errcode_for_file_access() maps EROFS to INSUFFICIENT_PRIVILEGE

From: Andres Freund <andres(at)anarazel(dot)de>
To: pgsql-hackers(at)postgresql(dot)org
Subject: errcode_for_file_access() maps EROFS to INSUFFICIENT_PRIVILEGE
Date: 2023-11-18 22:59:18
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers


On linux, many filesystems default to remounting themselves read-only when
metadata IO fails. I.e. one common reaction to disks failing is a previously
read-write filesystem becoming read-only.

When e.g. trying to create a file on such a filesystem, errno is set to
EROFS. Writing with pre-existing FDs seems to mostly generate EIO.

In errcode_for_file_access(), we map EROFS to
ERRCODE_INSUFFICIENT_PRIVILEGE. An error code that's used very widely for many
other purposes.

Because it is so widely used, just searching for log messages with an
ERRCODE_INSUFFICIENT_PRIVILEGE sqlstate isn't promising, obviously stuff like
ERROR: permission denied to set parameter \"%s\"
isn't interesting.

Nor is EROFS a question of insufficient privileges - the filesystem is read
only, even root would not be permitted to write.

I think ERRCODE_IO_ERROR would be more appropriate than

The only real downside would be a slightly odd sqlstate for postmaster's
creation of a lock file. If a tablespace were mounted read-only, IO_ERROR
actually seems fine.


Andres Freund

Browse pgsql-hackers by date

  From Date Subject
Next Message Andres Freund 2023-11-18 23:09:58 reindexing an invalid index should not use ERRCODE_INDEX_CORRUPTED
Previous Message Andres Freund 2023-11-18 22:29:11 PANIC serves too many masters