diff --git a/contrib/pg_stat_statements/pg_stat_statements.c b/contrib/pg_stat_statements/pg_stat_statements.c index fa409d72b7..3ab1fd2db4 100644 --- a/contrib/pg_stat_statements/pg_stat_statements.c +++ b/contrib/pg_stat_statements/pg_stat_statements.c @@ -1869,8 +1869,7 @@ qtext_store(const char *query, int query_len, *query_offset = off; /* Now write the data into the successfully-reserved part of the file */ - fd = OpenTransientFile(PGSS_TEXT_FILE, O_RDWR | O_CREAT | PG_BINARY, - S_IRUSR | S_IWUSR); + fd = OpenTransientFile(PGSS_TEXT_FILE, O_RDWR | O_CREAT | PG_BINARY); if (fd < 0) goto error; @@ -1934,7 +1933,7 @@ qtext_load_file(Size *buffer_size) int fd; struct stat stat; - fd = OpenTransientFile(PGSS_TEXT_FILE, O_RDONLY | PG_BINARY, 0); + fd = OpenTransientFile(PGSS_TEXT_FILE, O_RDONLY | PG_BINARY); if (fd < 0) { if (errno != ENOENT) diff --git a/src/backend/access/heap/rewriteheap.c b/src/backend/access/heap/rewriteheap.c index bd560e47e1..f93c194e18 100644 --- a/src/backend/access/heap/rewriteheap.c +++ b/src/backend/access/heap/rewriteheap.c @@ -1013,8 +1013,7 @@ logical_rewrite_log_mapping(RewriteState state, TransactionId xid, src->off = 0; memcpy(src->path, path, sizeof(path)); src->vfd = PathNameOpenFile(path, - O_CREAT | O_EXCL | O_WRONLY | PG_BINARY, - S_IRUSR | S_IWUSR); + O_CREAT | O_EXCL | O_WRONLY | PG_BINARY); if (src->vfd < 0) ereport(ERROR, (errcode_for_file_access(), @@ -1133,8 +1132,7 @@ heap_xlog_logical_rewrite(XLogReaderState *r) xlrec->mapped_xid, XLogRecGetXid(r)); fd = OpenTransientFile(path, - O_CREAT | O_WRONLY | PG_BINARY, - S_IRUSR | S_IWUSR); + O_CREAT | O_WRONLY | PG_BINARY); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), @@ -1258,7 +1256,7 @@ CheckPointLogicalRewriteHeap(void) } else { - int fd = OpenTransientFile(path, O_RDONLY | PG_BINARY, 0); + int fd = OpenTransientFile(path, O_RDONLY | PG_BINARY); /* * The file cannot vanish due to concurrency since this function diff --git a/src/backend/access/transam/slru.c b/src/backend/access/transam/slru.c index 77edc51e1c..9dd77190ec 100644 --- a/src/backend/access/transam/slru.c +++ b/src/backend/access/transam/slru.c @@ -599,7 +599,7 @@ SimpleLruDoesPhysicalPageExist(SlruCtl ctl, int pageno) SlruFileName(ctl, path, segno); - fd = OpenTransientFile(path, O_RDWR | PG_BINARY, S_IRUSR | S_IWUSR); + fd = OpenTransientFile(path, O_RDWR | PG_BINARY); if (fd < 0) { /* expected: file doesn't exist */ @@ -654,7 +654,7 @@ SlruPhysicalReadPage(SlruCtl ctl, int pageno, int slotno) * SlruPhysicalWritePage). Hence, if we are InRecovery, allow the case * where the file doesn't exist, and return zeroes instead. */ - fd = OpenTransientFile(path, O_RDWR | PG_BINARY, S_IRUSR | S_IWUSR); + fd = OpenTransientFile(path, O_RDWR | PG_BINARY); if (fd < 0) { if (errno != ENOENT || !InRecovery) @@ -804,8 +804,7 @@ SlruPhysicalWritePage(SlruCtl ctl, int pageno, int slotno, SlruFlush fdata) * don't use O_EXCL or O_TRUNC or anything like that. */ SlruFileName(ctl, path, segno); - fd = OpenTransientFile(path, O_RDWR | O_CREAT | PG_BINARY, - S_IRUSR | S_IWUSR); + fd = OpenTransientFile(path, O_RDWR | O_CREAT | PG_BINARY); if (fd < 0) { slru_errcause = SLRU_OPEN_FAILED; diff --git a/src/backend/access/transam/timeline.c b/src/backend/access/transam/timeline.c index 63db8a981d..3d65e5624a 100644 --- a/src/backend/access/transam/timeline.c +++ b/src/backend/access/transam/timeline.c @@ -307,8 +307,7 @@ writeTimeLineHistory(TimeLineID newTLI, TimeLineID parentTLI, unlink(tmppath); /* do not use get_sync_bit() here --- want to fsync only at end of fill */ - fd = OpenTransientFile(tmppath, O_RDWR | O_CREAT | O_EXCL, - S_IRUSR | S_IWUSR); + fd = OpenTransientFile(tmppath, O_RDWR | O_CREAT | O_EXCL); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), @@ -325,7 +324,7 @@ writeTimeLineHistory(TimeLineID newTLI, TimeLineID parentTLI, else TLHistoryFilePath(path, parentTLI); - srcfd = OpenTransientFile(path, O_RDONLY, 0); + srcfd = OpenTransientFile(path, O_RDONLY); if (srcfd < 0) { if (errno != ENOENT) @@ -459,8 +458,7 @@ writeTimeLineHistoryFile(TimeLineID tli, char *content, int size) unlink(tmppath); /* do not use get_sync_bit() here --- want to fsync only at end of fill */ - fd = OpenTransientFile(tmppath, O_RDWR | O_CREAT | O_EXCL, - S_IRUSR | S_IWUSR); + fd = OpenTransientFile(tmppath, O_RDWR | O_CREAT | O_EXCL); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), diff --git a/src/backend/access/transam/twophase.c b/src/backend/access/transam/twophase.c index ae832917ce..5c58469425 100644 --- a/src/backend/access/transam/twophase.c +++ b/src/backend/access/transam/twophase.c @@ -1195,7 +1195,7 @@ ReadTwoPhaseFile(TransactionId xid, bool give_warnings) TwoPhaseFilePath(path, xid); - fd = OpenTransientFile(path, O_RDONLY | PG_BINARY, 0); + fd = OpenTransientFile(path, O_RDONLY | PG_BINARY); if (fd < 0) { if (give_warnings) @@ -1580,8 +1580,7 @@ RecreateTwoPhaseFile(TransactionId xid, void *content, int len) TwoPhaseFilePath(path, xid); fd = OpenTransientFile(path, - O_CREAT | O_TRUNC | O_WRONLY | PG_BINARY, - S_IRUSR | S_IWUSR); + O_CREAT | O_TRUNC | O_WRONLY | PG_BINARY); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), diff --git a/src/backend/access/transam/xlog.c b/src/backend/access/transam/xlog.c index a3e8ce092f..cfdba80fdd 100644 --- a/src/backend/access/transam/xlog.c +++ b/src/backend/access/transam/xlog.c @@ -3168,8 +3168,7 @@ XLogFileInit(XLogSegNo logsegno, bool *use_existent, bool use_lock) */ if (*use_existent) { - fd = BasicOpenFile(path, O_RDWR | PG_BINARY | get_sync_bit(sync_method), - S_IRUSR | S_IWUSR); + fd = BasicOpenFile(path, O_RDWR | PG_BINARY | get_sync_bit(sync_method)); if (fd < 0) { if (errno != ENOENT) @@ -3194,8 +3193,7 @@ XLogFileInit(XLogSegNo logsegno, bool *use_existent, bool use_lock) unlink(tmppath); /* do not use get_sync_bit() here --- want to fsync only at end of fill */ - fd = BasicOpenFile(tmppath, O_RDWR | O_CREAT | O_EXCL | PG_BINARY, - S_IRUSR | S_IWUSR); + fd = BasicOpenFile(tmppath, O_RDWR | O_CREAT | O_EXCL | PG_BINARY); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), @@ -3291,8 +3289,7 @@ XLogFileInit(XLogSegNo logsegno, bool *use_existent, bool use_lock) *use_existent = false; /* Now open original target segment (might not be file I just made) */ - fd = BasicOpenFile(path, O_RDWR | PG_BINARY | get_sync_bit(sync_method), - S_IRUSR | S_IWUSR); + fd = BasicOpenFile(path, O_RDWR | PG_BINARY | get_sync_bit(sync_method)); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), @@ -3333,7 +3330,7 @@ XLogFileCopy(XLogSegNo destsegno, TimeLineID srcTLI, XLogSegNo srcsegno, * Open the source file */ XLogFilePath(path, srcTLI, srcsegno); - srcfd = OpenTransientFile(path, O_RDONLY | PG_BINARY, 0); + srcfd = OpenTransientFile(path, O_RDONLY | PG_BINARY); if (srcfd < 0) ereport(ERROR, (errcode_for_file_access(), @@ -3347,8 +3344,7 @@ XLogFileCopy(XLogSegNo destsegno, TimeLineID srcTLI, XLogSegNo srcsegno, unlink(tmppath); /* do not use get_sync_bit() here --- want to fsync only at end of fill */ - fd = OpenTransientFile(tmppath, O_RDWR | O_CREAT | O_EXCL | PG_BINARY, - S_IRUSR | S_IWUSR); + fd = OpenTransientFile(tmppath, O_RDWR | O_CREAT | O_EXCL | PG_BINARY); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), @@ -3526,8 +3522,7 @@ XLogFileOpen(XLogSegNo segno) XLogFilePath(path, ThisTimeLineID, segno); - fd = BasicOpenFile(path, O_RDWR | PG_BINARY | get_sync_bit(sync_method), - S_IRUSR | S_IWUSR); + fd = BasicOpenFile(path, O_RDWR | PG_BINARY | get_sync_bit(sync_method)); if (fd < 0) ereport(PANIC, (errcode_for_file_access(), @@ -3593,7 +3588,7 @@ XLogFileRead(XLogSegNo segno, int emode, TimeLineID tli, snprintf(path, MAXPGPATH, XLOGDIR "/%s", xlogfname); } - fd = BasicOpenFile(path, O_RDONLY | PG_BINARY, 0); + fd = BasicOpenFile(path, O_RDONLY | PG_BINARY); if (fd >= 0) { /* Success! */ @@ -4084,7 +4079,7 @@ ValidateXLOGDirectoryStructure(void) { ereport(LOG, (errmsg("creating missing WAL directory \"%s\"", path))); - if (mkdir(path, S_IRWXU) < 0) + if (MakeDirectory(path) < 0) ereport(FATAL, (errmsg("could not create missing directory \"%s\": %m", path))); @@ -4428,8 +4423,7 @@ WriteControlFile(void) memcpy(buffer, ControlFile, sizeof(ControlFileData)); fd = BasicOpenFile(XLOG_CONTROL_FILE, - O_RDWR | O_CREAT | O_EXCL | PG_BINARY, - S_IRUSR | S_IWUSR); + O_RDWR | O_CREAT | O_EXCL | PG_BINARY); if (fd < 0) ereport(PANIC, (errcode_for_file_access(), @@ -4472,8 +4466,7 @@ ReadControlFile(void) * Read data... */ fd = BasicOpenFile(XLOG_CONTROL_FILE, - O_RDWR | PG_BINARY, - S_IRUSR | S_IWUSR); + O_RDWR | PG_BINARY); if (fd < 0) ereport(PANIC, (errcode_for_file_access(), @@ -4654,8 +4647,7 @@ UpdateControlFile(void) FIN_CRC32C(ControlFile->crc); fd = BasicOpenFile(XLOG_CONTROL_FILE, - O_RDWR | PG_BINARY, - S_IRUSR | S_IWUSR); + O_RDWR | PG_BINARY); if (fd < 0) ereport(PANIC, (errcode_for_file_access(), diff --git a/src/backend/access/transam/xlogutils.c b/src/backend/access/transam/xlogutils.c index bbae733d65..0eaba71ea8 100644 --- a/src/backend/access/transam/xlogutils.c +++ b/src/backend/access/transam/xlogutils.c @@ -691,7 +691,7 @@ XLogRead(char *buf, TimeLineID tli, XLogRecPtr startptr, Size count) XLogFilePath(path, tli, sendSegNo); - sendFile = BasicOpenFile(path, O_RDONLY | PG_BINARY, 0); + sendFile = BasicOpenFile(path, O_RDONLY | PG_BINARY); if (sendFile < 0) { diff --git a/src/backend/catalog/catalog.c b/src/backend/catalog/catalog.c index 92d943cac7..f50ae3e41d 100644 --- a/src/backend/catalog/catalog.c +++ b/src/backend/catalog/catalog.c @@ -444,7 +444,7 @@ GetNewRelFileNode(Oid reltablespace, Relation pg_class, char relpersistence) /* Check for existing file of same name */ rpath = relpath(rnode, MAIN_FORKNUM); - fd = BasicOpenFile(rpath, O_RDONLY | PG_BINARY, 0); + fd = BasicOpenFile(rpath, O_RDONLY | PG_BINARY); if (fd >= 0) { diff --git a/src/backend/commands/tablespace.c b/src/backend/commands/tablespace.c index 8559c3b6b3..6350f5b459 100644 --- a/src/backend/commands/tablespace.c +++ b/src/backend/commands/tablespace.c @@ -151,7 +151,7 @@ TablespaceCreateDbspace(Oid spcNode, Oid dbNode, bool isRedo) else { /* Directory creation failed? */ - if (mkdir(dir, S_IRWXU) < 0) + if (MakeDirectory(dir) < 0) { char *parentdir; @@ -173,7 +173,7 @@ TablespaceCreateDbspace(Oid spcNode, Oid dbNode, bool isRedo) get_parent_directory(parentdir); get_parent_directory(parentdir); /* Can't create parent and it doesn't already exist? */ - if (mkdir(parentdir, S_IRWXU) < 0 && errno != EEXIST) + if (MakeDirectory(parentdir) < 0 && errno != EEXIST) ereport(ERROR, (errcode_for_file_access(), errmsg("could not create directory \"%s\": %m", @@ -184,7 +184,7 @@ TablespaceCreateDbspace(Oid spcNode, Oid dbNode, bool isRedo) parentdir = pstrdup(dir); get_parent_directory(parentdir); /* Can't create parent and it doesn't already exist? */ - if (mkdir(parentdir, S_IRWXU) < 0 && errno != EEXIST) + if (MakeDirectory(parentdir) < 0 && errno != EEXIST) ereport(ERROR, (errcode_for_file_access(), errmsg("could not create directory \"%s\": %m", @@ -192,7 +192,7 @@ TablespaceCreateDbspace(Oid spcNode, Oid dbNode, bool isRedo) pfree(parentdir); /* Create database directory */ - if (mkdir(dir, S_IRWXU) < 0) + if (MakeDirectory(dir) < 0) ereport(ERROR, (errcode_for_file_access(), errmsg("could not create directory \"%s\": %m", @@ -279,7 +279,7 @@ CreateTableSpace(CreateTableSpaceStmt *stmt) /* * Check that location isn't too long. Remember that we're going to append * 'PG_XXX//_.'. FYI, we never actually - * reference the whole path here, but mkdir() uses the first two parts. + * reference the whole path here, but MakeDirectory() uses the first two parts. */ if (strlen(location) + 1 + strlen(TABLESPACE_VERSION_DIRECTORY) + 1 + OIDCHARS + 1 + OIDCHARS + 1 + FORKNAMECHARS + 1 + OIDCHARS > MAXPGPATH) @@ -574,7 +574,7 @@ create_tablespace_directories(const char *location, const Oid tablespaceoid) * Attempt to coerce target directory to safe permissions. If this fails, * it doesn't exist or has the wrong owner. */ - if (chmod(location, S_IRWXU) != 0) + if (chmod(location, PG_DIR_MODE_DEFAULT) != 0) { if (errno == ENOENT) ereport(ERROR, @@ -599,7 +599,7 @@ create_tablespace_directories(const char *location, const Oid tablespaceoid) if (stat(location_with_version_dir, &st) == 0 && S_ISDIR(st.st_mode)) { if (!rmtree(location_with_version_dir, true)) - /* If this failed, mkdir() below is going to error. */ + /* If this failed, MakeDirectory() below is going to error. */ ereport(WARNING, (errmsg("some useless files may be left behind in old database directory \"%s\"", location_with_version_dir))); @@ -610,7 +610,7 @@ create_tablespace_directories(const char *location, const Oid tablespaceoid) * The creation of the version directory prevents more than one tablespace * in a single location. */ - if (mkdir(location_with_version_dir, S_IRWXU) < 0) + if (MakeDirectory(location_with_version_dir) < 0) { if (errno == EEXIST) ereport(ERROR, diff --git a/src/backend/libpq/be-fsstubs.c b/src/backend/libpq/be-fsstubs.c index bf45461b2f..e433446922 100644 --- a/src/backend/libpq/be-fsstubs.c +++ b/src/backend/libpq/be-fsstubs.c @@ -462,7 +462,7 @@ lo_import_internal(text *filename, Oid lobjOid) * open the file to be read in */ text_to_cstring_buffer(filename, fnamebuf, sizeof(fnamebuf)); - fd = OpenTransientFile(fnamebuf, O_RDONLY | PG_BINARY, S_IRWXU); + fd = OpenTransientFile(fnamebuf, O_RDONLY | PG_BINARY); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), @@ -531,16 +531,9 @@ be_lo_export(PG_FUNCTION_ARGS) /* * open the file to be written to - * - * Note: we reduce backend's normal 077 umask to the slightly friendlier - * 022. This code used to drop it all the way to 0, but creating - * world-writable export files doesn't seem wise. */ text_to_cstring_buffer(filename, fnamebuf, sizeof(fnamebuf)); - oumask = umask(S_IWGRP | S_IWOTH); - fd = OpenTransientFile(fnamebuf, O_CREAT | O_WRONLY | O_TRUNC | PG_BINARY, - S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); - umask(oumask); + fd = OpenTransientFile(fnamebuf, O_CREAT | O_WRONLY | O_TRUNC | PG_BINARY); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), @@ -563,6 +556,18 @@ be_lo_export(PG_FUNCTION_ARGS) CloseTransientFile(fd); inv_close(lobj); + /* + * Allow group read. This code used make export files world-writable but that + * doesn't seem wise. + */ + if (chmod(fnamebuf, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH) != 0) + { + ereport(ERROR, + (errcode_for_file_access(), + errmsg("could not set permissions on server file \"%s\": %m", + fnamebuf))); + } + PG_RETURN_INT32(1); } diff --git a/src/backend/postmaster/postmaster.c b/src/backend/postmaster/postmaster.c index 95180b2ef5..11d00b854a 100644 --- a/src/backend/postmaster/postmaster.c +++ b/src/backend/postmaster/postmaster.c @@ -4440,7 +4440,7 @@ internal_forkexec(int argc, char *argv[], Port *port) * As in OpenTemporaryFileInTablespace, try to make the temp-file * directory */ - mkdir(PG_TEMP_FILES_DIR, S_IRWXU); + MakeDirectory(PG_TEMP_FILES_DIR); fp = AllocateFile(tmpfilename, PG_BINARY_W); if (!fp) diff --git a/src/backend/postmaster/syslogger.c b/src/backend/postmaster/syslogger.c index 3255b42c7d..f58fe8e8f1 100644 --- a/src/backend/postmaster/syslogger.c +++ b/src/backend/postmaster/syslogger.c @@ -41,6 +41,7 @@ #include "postmaster/postmaster.h" #include "postmaster/syslogger.h" #include "storage/dsm.h" +#include "storage/fd.h" #include "storage/ipc.h" #include "storage/latch.h" #include "storage/pg_shmem.h" @@ -322,7 +323,7 @@ SysLoggerMain(int argc, char *argv[]) /* * Also, create new directory if not present; ignore errors */ - mkdir(Log_directory, S_IRWXU); + MakeDirectory(Log_directory); } if (strcmp(Log_filename, currentLogFilename) != 0) { @@ -564,7 +565,7 @@ SysLogger_Start(void) /* * Create log directory if not present; ignore errors */ - mkdir(Log_directory, S_IRWXU); + MakeDirectory(Log_directory); /* * The initial logfile is created right in the postmaster, to verify that diff --git a/src/backend/replication/logical/origin.c b/src/backend/replication/logical/origin.c index edc6efb8a6..edd539aa7a 100644 --- a/src/backend/replication/logical/origin.c +++ b/src/backend/replication/logical/origin.c @@ -547,8 +547,7 @@ CheckPointReplicationOrigin(void) * CheckpointLock. */ tmpfd = OpenTransientFile((char *) tmppath, - O_CREAT | O_EXCL | O_WRONLY | PG_BINARY, - S_IRUSR | S_IWUSR); + O_CREAT | O_EXCL | O_WRONLY | PG_BINARY); if (tmpfd < 0) ereport(PANIC, (errcode_for_file_access(), @@ -660,7 +659,7 @@ StartupReplicationOrigin(void) elog(DEBUG2, "starting up replication origin progress state"); - fd = OpenTransientFile((char *) path, O_RDONLY | PG_BINARY, 0); + fd = OpenTransientFile((char *) path, O_RDONLY | PG_BINARY); /* * might have had max_replication_slots == 0 last run, or we just brought diff --git a/src/backend/replication/logical/reorderbuffer.c b/src/backend/replication/logical/reorderbuffer.c index 657bafae57..98266e0613 100644 --- a/src/backend/replication/logical/reorderbuffer.c +++ b/src/backend/replication/logical/reorderbuffer.c @@ -2103,8 +2103,7 @@ ReorderBufferSerializeTXN(ReorderBuffer *rb, ReorderBufferTXN *txn) /* open segment, create it if necessary */ fd = OpenTransientFile(path, - O_CREAT | O_WRONLY | O_APPEND | PG_BINARY, - S_IRUSR | S_IWUSR); + O_CREAT | O_WRONLY | O_APPEND | PG_BINARY); if (fd < 0) ereport(ERROR, @@ -2348,7 +2347,7 @@ ReorderBufferRestoreChanges(ReorderBuffer *rb, ReorderBufferTXN *txn, NameStr(MyReplicationSlot->data.name), txn->xid, (uint32) (recptr >> 32), (uint32) recptr); - *fd = OpenTransientFile(path, O_RDONLY | PG_BINARY, 0); + *fd = OpenTransientFile(path, O_RDONLY | PG_BINARY); if (*fd < 0 && errno == ENOENT) { *fd = -1; @@ -3037,7 +3036,7 @@ ApplyLogicalMappingFile(HTAB *tuplecid_data, Oid relid, const char *fname) LogicalRewriteMappingData map; sprintf(path, "pg_logical/mappings/%s", fname); - fd = OpenTransientFile(path, O_RDONLY | PG_BINARY, 0); + fd = OpenTransientFile(path, O_RDONLY | PG_BINARY); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), diff --git a/src/backend/replication/logical/snapbuild.c b/src/backend/replication/logical/snapbuild.c index fba57a0470..ad65b9831d 100644 --- a/src/backend/replication/logical/snapbuild.c +++ b/src/backend/replication/logical/snapbuild.c @@ -1597,8 +1597,7 @@ SnapBuildSerialize(SnapBuild *builder, XLogRecPtr lsn) /* we have valid data now, open tempfile and write it there */ fd = OpenTransientFile(tmppath, - O_CREAT | O_EXCL | O_WRONLY | PG_BINARY, - S_IRUSR | S_IWUSR); + O_CREAT | O_EXCL | O_WRONLY | PG_BINARY); if (fd < 0) ereport(ERROR, (errmsg("could not open file \"%s\": %m", path))); @@ -1682,7 +1681,7 @@ SnapBuildRestore(SnapBuild *builder, XLogRecPtr lsn) sprintf(path, "pg_logical/snapshots/%X-%X.snap", (uint32) (lsn >> 32), (uint32) lsn); - fd = OpenTransientFile(path, O_RDONLY | PG_BINARY, 0); + fd = OpenTransientFile(path, O_RDONLY | PG_BINARY); if (fd < 0 && errno == ENOENT) return false; diff --git a/src/backend/replication/slot.c b/src/backend/replication/slot.c index a8a16f55e9..f44e2e0d8f 100644 --- a/src/backend/replication/slot.c +++ b/src/backend/replication/slot.c @@ -1166,13 +1166,13 @@ CreateSlotOnDisk(ReplicationSlot *slot) * It's just barely possible that some previous effort to create or drop a * slot with this name left a temp directory lying around. If that seems * to be the case, try to remove it. If the rmtree() fails, we'll error - * out at the mkdir() below, so we don't bother checking success. + * out at the MakeDirectory() below, so we don't bother checking success. */ if (stat(tmppath, &st) == 0 && S_ISDIR(st.st_mode)) rmtree(tmppath, true); /* Create and fsync the temporary slot directory. */ - if (mkdir(tmppath, S_IRWXU) < 0) + if (MakeDirectory(tmppath) < 0) ereport(ERROR, (errcode_for_file_access(), errmsg("could not create directory \"%s\": %m", @@ -1233,9 +1233,7 @@ SaveSlotToPath(ReplicationSlot *slot, const char *dir, int elevel) sprintf(tmppath, "%s/state.tmp", dir); sprintf(path, "%s/state", dir); - fd = OpenTransientFile(tmppath, - O_CREAT | O_EXCL | O_WRONLY | PG_BINARY, - S_IRUSR | S_IWUSR); + fd = OpenTransientFile(tmppath, O_CREAT | O_EXCL | O_WRONLY | PG_BINARY); if (fd < 0) { ereport(elevel, @@ -1354,7 +1352,7 @@ RestoreSlotFromDisk(const char *name) elog(DEBUG1, "restoring replication slot from \"%s\"", path); - fd = OpenTransientFile(path, O_RDWR | PG_BINARY, 0); + fd = OpenTransientFile(path, O_RDWR | PG_BINARY); /* * We do not need to handle this as we are rename()ing the directory into diff --git a/src/backend/replication/walsender.c b/src/backend/replication/walsender.c index 1fbe8ed71b..b3b1cc8d49 100644 --- a/src/backend/replication/walsender.c +++ b/src/backend/replication/walsender.c @@ -472,7 +472,7 @@ SendTimeLineHistory(TimeLineHistoryCmd *cmd) pq_sendint(&buf, len, 4); /* col1 len */ pq_sendbytes(&buf, histfname, len); - fd = OpenTransientFile(path, O_RDONLY | PG_BINARY, 0666); + fd = OpenTransientFile(path, O_RDONLY | PG_BINARY); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), @@ -2366,7 +2366,7 @@ retry: XLogFilePath(path, curFileTimeLine, sendSegNo); - sendFile = BasicOpenFile(path, O_RDONLY | PG_BINARY, 0); + sendFile = BasicOpenFile(path, O_RDONLY | PG_BINARY); if (sendFile < 0) { /* diff --git a/src/backend/storage/file/copydir.c b/src/backend/storage/file/copydir.c index 1e2691685a..f3d2b003aa 100644 --- a/src/backend/storage/file/copydir.c +++ b/src/backend/storage/file/copydir.c @@ -41,7 +41,7 @@ copydir(char *fromdir, char *todir, bool recurse) char fromfile[MAXPGPATH * 2]; char tofile[MAXPGPATH * 2]; - if (mkdir(todir, S_IRWXU) != 0) + if (MakeDirectory(todir) != 0) ereport(ERROR, (errcode_for_file_access(), errmsg("could not create directory \"%s\": %m", todir))); @@ -148,14 +148,13 @@ copy_file(char *fromfile, char *tofile) /* * Open the files */ - srcfd = OpenTransientFile(fromfile, O_RDONLY | PG_BINARY, 0); + srcfd = OpenTransientFile(fromfile, O_RDONLY | PG_BINARY); if (srcfd < 0) ereport(ERROR, (errcode_for_file_access(), errmsg("could not open file \"%s\": %m", fromfile))); - dstfd = OpenTransientFile(tofile, O_RDWR | O_CREAT | O_EXCL | PG_BINARY, - S_IRUSR | S_IWUSR); + dstfd = OpenTransientFile(tofile, O_RDWR | O_CREAT | O_EXCL | PG_BINARY); if (dstfd < 0) ereport(ERROR, (errcode_for_file_access(), diff --git a/src/backend/storage/file/fd.c b/src/backend/storage/file/fd.c index 83b061a036..e47fdceedd 100644 --- a/src/backend/storage/file/fd.c +++ b/src/backend/storage/file/fd.c @@ -604,7 +604,7 @@ durable_rename(const char *oldfile, const char *newfile, int elevel) if (fsync_fname_ext(oldfile, false, false, elevel) != 0) return -1; - fd = OpenTransientFile((char *) newfile, PG_BINARY | O_RDWR, 0); + fd = OpenTransientFile((char *) newfile, PG_BINARY | O_RDWR); if (fd < 0) { if (errno != ENOENT) @@ -917,6 +917,16 @@ set_max_safe_fds(void) } /* + * Open a file with BasicOpenFilePerm() and pass PG_FILE_MODE_DEFAULT to the + * fileMode parameter. + */ +int +BasicOpenFile(FileName fileName, int fileFlags) +{ + return BasicOpenFilePerm(fileName, fileFlags, PG_FILE_MODE_DEFAULT); +} + +/* * BasicOpenFile --- same as open(2) except can free other FDs if needed * * This is exported for use by places that really want a plain kernel FD, @@ -933,7 +943,7 @@ set_max_safe_fds(void) * this module wouldn't have any open files to close at that point anyway. */ int -BasicOpenFile(FileName fileName, int fileFlags, int fileMode) +BasicOpenFilePerm(FileName fileName, int fileFlags, int fileMode) { int fd; @@ -1084,8 +1094,8 @@ LruInsert(File file) * overall system file table being full. So, be prepared to release * another FD if necessary... */ - vfdP->fd = BasicOpenFile(vfdP->fileName, vfdP->fileFlags, - vfdP->fileMode); + vfdP->fd = BasicOpenFilePerm(vfdP->fileName, vfdP->fileFlags, + vfdP->fileMode); if (vfdP->fd < 0) { DO_DB(elog(LOG, "re-open failed: %m")); @@ -1293,6 +1303,16 @@ FileInvalidate(File file) #endif /* + * Open a file with PathNameOpenFilePerm() and pass PG_FILE_MODE_DEFAULT to the + * fileMode parameter. + */ +File +PathNameOpenFile(FileName fileName, int fileFlags) +{ + return PathNameOpenFilePerm(fileName, fileFlags, PG_FILE_MODE_DEFAULT); +} + +/* * open a file in an arbitrary directory * * NB: if the passed pathname is relative (which it usually is), @@ -1300,13 +1320,13 @@ FileInvalidate(File file) * (which should always be $PGDATA when this code is running). */ File -PathNameOpenFile(FileName fileName, int fileFlags, int fileMode) +PathNameOpenFilePerm(FileName fileName, int fileFlags, int fileMode) { char *fnamecopy; File file; Vfd *vfdP; - DO_DB(elog(LOG, "PathNameOpenFile: %s %x %o", + DO_DB(elog(LOG, "PathNameOpenFilePerm: %s %x %o", fileName, fileFlags, fileMode)); /* @@ -1324,7 +1344,7 @@ PathNameOpenFile(FileName fileName, int fileFlags, int fileMode) /* Close excess kernel FDs. */ ReleaseLruFiles(); - vfdP->fd = BasicOpenFile(fileName, fileFlags, fileMode); + vfdP->fd = BasicOpenFilePerm(fileName, fileFlags, fileMode); if (vfdP->fd < 0) { @@ -1461,23 +1481,21 @@ OpenTemporaryFileInTablespace(Oid tblspcOid, bool rejectError) * temp file that can be reused. */ file = PathNameOpenFile(tempfilepath, - O_RDWR | O_CREAT | O_TRUNC | PG_BINARY, - 0600); + O_RDWR | O_CREAT | O_TRUNC | PG_BINARY); if (file <= 0) { /* * We might need to create the tablespace's tempfile directory, if no * one has yet done so. * - * Don't check for error from mkdir; it could fail if someone else + * Don't check for error from MakeDirectory; it could fail if someone else * just did the same thing. If it doesn't work then we'll bomb out on * the second create attempt, instead. */ - mkdir(tempdirpath, S_IRWXU); + MakeDirectory(tempdirpath); file = PathNameOpenFile(tempfilepath, - O_RDWR | O_CREAT | O_TRUNC | PG_BINARY, - 0600); + O_RDWR | O_CREAT | O_TRUNC | PG_BINARY); if (file <= 0 && rejectError) elog(ERROR, "could not create temporary file \"%s\": %m", tempfilepath); @@ -2136,12 +2154,21 @@ TryAgain: return NULL; } +/* + * Open a file with OpenTransientFilePerm() and pass PG_FILE_MODE_DEFAULT to + * the fileMode parameter. + */ +int +OpenTransientFile(FileName fileName, int fileFlags) +{ + return OpenTransientFilePerm(fileName, fileFlags, PG_FILE_MODE_DEFAULT); +} /* * Like AllocateFile, but returns an unbuffered fd like open(2) */ int -OpenTransientFile(FileName fileName, int fileFlags, int fileMode) +OpenTransientFilePerm(FileName fileName, int fileFlags, int fileMode) { int fd; @@ -2158,7 +2185,7 @@ OpenTransientFile(FileName fileName, int fileFlags, int fileMode) /* Close excess kernel FDs. */ ReleaseLruFiles(); - fd = BasicOpenFile(fileName, fileFlags, fileMode); + fd = BasicOpenFilePerm(fileName, fileFlags, fileMode); if (fd >= 0) { @@ -3081,7 +3108,7 @@ pre_sync_fname(const char *fname, bool isdir, int elevel) if (isdir) return; - fd = OpenTransientFile((char *) fname, O_RDONLY | PG_BINARY, 0); + fd = OpenTransientFile((char *) fname, O_RDONLY | PG_BINARY); if (fd < 0) { @@ -3141,7 +3168,7 @@ fsync_fname_ext(const char *fname, bool isdir, bool ignore_perm, int elevel) else flags |= O_RDONLY; - fd = OpenTransientFile((char *) fname, flags, 0); + fd = OpenTransientFile((char *) fname, flags); /* * Some OSs don't allow us to open directories at all (Windows returns @@ -3213,3 +3240,22 @@ fsync_parent_path(const char *fname, int elevel) return 0; } + +/* + * Create a directory with MakeDirectoryPerm() and pass PG_DIR_MODE_DEFAULT to + * the directoryMode parameter. + */ +int +MakeDirectory(const char *directoryName) +{ + return MakeDirectoryPerm(directoryName, PG_DIR_MODE_DEFAULT); +} + +/* + * Create a directory with the specified mode. + */ +int +MakeDirectoryPerm(const char *directoryName, int directoryMode) +{ + return mkdir(directoryName, directoryMode); +} diff --git a/src/backend/storage/ipc/dsm_impl.c b/src/backend/storage/ipc/dsm_impl.c index 1500465d31..3cf34dbc4f 100644 --- a/src/backend/storage/ipc/dsm_impl.c +++ b/src/backend/storage/ipc/dsm_impl.c @@ -835,7 +835,7 @@ dsm_impl_mmap(dsm_op op, dsm_handle handle, Size request_size, /* Create new segment or open an existing one for attach or resize. */ flags = O_RDWR | (op == DSM_OP_CREATE ? O_CREAT | O_EXCL : 0); - if ((fd = OpenTransientFile(name, flags, 0600)) == -1) + if ((fd = OpenTransientFilePerm(name, flags, S_IRUSR | S_IWUSR)) == -1) { if (errno != EEXIST) ereport(elevel, diff --git a/src/backend/storage/ipc/ipc.c b/src/backend/storage/ipc/ipc.c index dfb47e7c39..f3c9d9f2d3 100644 --- a/src/backend/storage/ipc/ipc.c +++ b/src/backend/storage/ipc/ipc.c @@ -132,8 +132,8 @@ proc_exit(int code) else snprintf(gprofDirName, 32, "gprof/%d", (int) getpid()); - mkdir("gprof", S_IRWXU | S_IRWXG | S_IRWXO); - mkdir(gprofDirName, S_IRWXU | S_IRWXG | S_IRWXO); + MakeDirectoryPerm("gprof", S_IRWXU | S_IRWXG | S_IRWXO); + MakeDirectoryPerm(gprofDirName, S_IRWXU | S_IRWXG | S_IRWXO); chdir(gprofDirName); } #endif diff --git a/src/backend/storage/smgr/md.c b/src/backend/storage/smgr/md.c index 65e0abe9ec..64a4ccf0db 100644 --- a/src/backend/storage/smgr/md.c +++ b/src/backend/storage/smgr/md.c @@ -304,7 +304,7 @@ mdcreate(SMgrRelation reln, ForkNumber forkNum, bool isRedo) path = relpath(reln->smgr_rnode, forkNum); - fd = PathNameOpenFile(path, O_RDWR | O_CREAT | O_EXCL | PG_BINARY, 0600); + fd = PathNameOpenFile(path, O_RDWR | O_CREAT | O_EXCL | PG_BINARY); if (fd < 0) { @@ -317,7 +317,7 @@ mdcreate(SMgrRelation reln, ForkNumber forkNum, bool isRedo) * already, even if isRedo is not set. (See also mdopen) */ if (isRedo || IsBootstrapProcessingMode()) - fd = PathNameOpenFile(path, O_RDWR | PG_BINARY, 0600); + fd = PathNameOpenFile(path, O_RDWR | PG_BINARY); if (fd < 0) { /* be sure to report the error reported by create, not open */ @@ -430,7 +430,7 @@ mdunlinkfork(RelFileNodeBackend rnode, ForkNumber forkNum, bool isRedo) /* truncate(2) would be easier here, but Windows hasn't got it */ int fd; - fd = OpenTransientFile(path, O_RDWR | PG_BINARY, 0); + fd = OpenTransientFile(path, O_RDWR | PG_BINARY); if (fd >= 0) { int save_errno; @@ -583,7 +583,7 @@ mdopen(SMgrRelation reln, ForkNumber forknum, int behavior) path = relpath(reln->smgr_rnode, forknum); - fd = PathNameOpenFile(path, O_RDWR | PG_BINARY, 0600); + fd = PathNameOpenFile(path, O_RDWR | PG_BINARY); if (fd < 0) { @@ -594,7 +594,7 @@ mdopen(SMgrRelation reln, ForkNumber forknum, int behavior) * substitute for mdcreate() in bootstrap mode only. (See mdcreate) */ if (IsBootstrapProcessingMode()) - fd = PathNameOpenFile(path, O_RDWR | O_CREAT | O_EXCL | PG_BINARY, 0600); + fd = PathNameOpenFile(path, O_RDWR | O_CREAT | O_EXCL | PG_BINARY); if (fd < 0) { if ((behavior & EXTENSION_RETURN_NULL) && @@ -1780,7 +1780,7 @@ _mdfd_openseg(SMgrRelation reln, ForkNumber forknum, BlockNumber segno, fullpath = _mdfd_segpath(reln, forknum, segno); /* open the file */ - fd = PathNameOpenFile(fullpath, O_RDWR | PG_BINARY | oflags, 0600); + fd = PathNameOpenFile(fullpath, O_RDWR | PG_BINARY | oflags); pfree(fullpath); diff --git a/src/backend/utils/cache/relmapper.c b/src/backend/utils/cache/relmapper.c index f5394dc43d..41c2ba7f97 100644 --- a/src/backend/utils/cache/relmapper.c +++ b/src/backend/utils/cache/relmapper.c @@ -644,8 +644,7 @@ load_relmap_file(bool shared) } /* Read data ... */ - fd = OpenTransientFile(mapfilename, - O_RDONLY | PG_BINARY, S_IRUSR | S_IWUSR); + fd = OpenTransientFile(mapfilename, O_RDONLY | PG_BINARY); if (fd < 0) ereport(FATAL, (errcode_for_file_access(), @@ -745,9 +744,7 @@ write_relmap_file(bool shared, RelMapFile *newmap, realmap = &local_map; } - fd = OpenTransientFile(mapfilename, - O_WRONLY | O_CREAT | PG_BINARY, - S_IRUSR | S_IWUSR); + fd = OpenTransientFile(mapfilename, O_WRONLY | O_CREAT | PG_BINARY); if (fd < 0) ereport(ERROR, (errcode_for_file_access(), diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c index bc9f09a086..e520fbace9 100644 --- a/src/backend/utils/misc/guc.c +++ b/src/backend/utils/misc/guc.c @@ -7244,8 +7244,7 @@ AlterSystemSetConfigFile(AlterSystemStmt *altersysstmt) * truncate and reuse it. */ Tmpfd = BasicOpenFile(AutoConfTmpFileName, - O_CREAT | O_RDWR | O_TRUNC, - S_IRUSR | S_IWUSR); + O_CREAT | O_RDWR | O_TRUNC); if (Tmpfd < 0) ereport(ERROR, (errcode_for_file_access(), diff --git a/src/include/storage/fd.h b/src/include/storage/fd.h index faef39e78d..6a7b6121e9 100644 --- a/src/include/storage/fd.h +++ b/src/include/storage/fd.h @@ -22,7 +22,7 @@ * Use them for all file activity... * * File fd; - * fd = PathNameOpenFile("foo", O_RDONLY, 0600); + * fd = PathNameOpenFile("foo", O_RDONLY); * * AllocateFile(); * FreeFile(); @@ -59,13 +59,17 @@ extern int max_files_per_process; */ extern int max_safe_fds; +/* Define default file/directory modes. */ +#define PG_FILE_MODE_DEFAULT (S_IRUSR | S_IWUSR) +#define PG_DIR_MODE_DEFAULT (S_IRWXU) /* * prototypes for functions in fd.c */ /* Operations on virtual Files --- equivalent to Unix kernel file ops */ -extern File PathNameOpenFile(FileName fileName, int fileFlags, int fileMode); +extern File PathNameOpenFile(FileName fileName, int fileFlags); +extern File PathNameOpenFilePerm(FileName fileName, int fileFlags, int fileMode); extern File OpenTemporaryFile(bool interXact); extern void FileClose(File file); extern int FilePrefetch(File file, off_t offset, int amount, uint32 wait_event_info); @@ -94,11 +98,17 @@ extern struct dirent *ReadDir(DIR *dir, const char *dirname); extern int FreeDir(DIR *dir); /* Operations to allow use of a plain kernel FD, with automatic cleanup */ -extern int OpenTransientFile(FileName fileName, int fileFlags, int fileMode); +extern int OpenTransientFile(FileName fileName, int fileFlags); +extern int OpenTransientFilePerm(FileName fileName, int fileFlags, int fileMode); extern int CloseTransientFile(int fd); /* If you've really really gotta have a plain kernel FD, use this */ -extern int BasicOpenFile(FileName fileName, int fileFlags, int fileMode); +extern int BasicOpenFile(FileName fileName, int fileFlags); +extern int BasicOpenFilePerm(FileName fileName, int fileFlags, int fileMode); + +/* Operations to make directories */ +extern int MakeDirectory(const char *directoryName); +extern int MakeDirectoryPerm(const char *directoryName, int directoryMode); /* Miscellaneous support routines */ extern void InitFileAccess(void);