1
0
mirror of https://github.com/pgbackrest/pgbackrest.git synced 2025-01-18 04:58:51 +02:00

2288 Commits

Author SHA1 Message Date
David Steele
03a7bda511 Refactor recovery file generation.
Separate the generation of recovery values and formatting them into recovery.conf format.  This is generally a good idea, but also makes the code ready to deal with a different recovery file in PostgreSQL 12.

Also move the recovery file logic out of cmdRestore() into restoreRecoveryWrite().
2019-09-27 09:19:12 -04:00
David Steele
cf1e96e827 Refactor handling of ignored files in restore delta cleanup.
Replace the boolean logic with a simple list that will be checked to see if the file should be ignored.
2019-09-27 08:50:33 -04:00
David Steele
c41fb575fb Add standby restore type.
This restore type automatically adds standby_mode=on to recovery.conf.

This could be accomplished previously by setting --recovery-option=standby_mode=on but PostgreSQL 12 requires standby mode to be enabled by a special file named standby.signal.

The new restore type allows us to maintain a common interface between PostgreSQL versions.
2019-09-26 17:39:45 -04:00
David Steele
8979336819 Comment out unprivileged user documentation.
We haven't had the time to complete this documentation and it has suffered bit rot.

This prevents us from building the docs on PostgreSQL >= 11 so just comment it all out until it can be updated.
2019-09-26 16:02:39 -04:00
David Steele
451ae397be The restore command is implemented entirely in C.
For the most part this is a direct migration of the Perl code into C.

There is one important behavioral change with regard to how file permissions are handled.  The Perl code tried to set ownership as it was in the manifest even when running as an unprivileged user.  This usually just led to errors and frustration.

The C code works like this:

If a restore is run as a non-root user (the typical scenario) then all files restored will belong to the user/group executing pgBackRest. If existing files are not owned by the executing user/group then an error will result if the ownership cannot be updated to the executing user/group. In that case the file ownership will need to be updated by a privileged user before the restore can be retried.

If a restore is run as the root user then pgBackRest will attempt to recreate the ownership recorded in the manifest when the backup was made. Only user/group names are stored in the manifest so the same names must exist on the restore host for this to work. If the user/group name cannot be found locally then the user/group of the PostgreSQL data directory will be used and finally root if the data directory user/group cannot be mapped to a name.

Reviewed by Cynthia Shang.
2019-09-26 07:52:02 -04:00
Cynthia Shang
92e48c856a Add missing asserts. 2019-09-26 07:27:07 -04:00
David Steele
f2781bdad4 Allow documentation to be built without encryption.
This is mainly useful for testing, where an encrypted repo is a real nuisance.
2019-09-25 16:38:13 -04:00
David Steele
e968acbdd7 Fix outdated comment.
This was probably missed when a new test was added and the timeline was updated.
2019-09-24 16:55:11 -04:00
David Steele
6af64df9b6 Thoughts on repository version 6. 2019-09-23 19:26:24 -04:00
David Steele
71349c89ae Add TEST_TITLE() macro.
This macro displays a title for each test.  A test frequently has multiple parts and it was hard to tell which subparts went together.  We used ad hoc indentation to do this.

Anything that is a not a title is automatically indented so manually indenting is not longer needed.  This should make the tests and the test output easier to read.
2019-09-23 17:56:17 -04:00
David Steele
2fd2fe509f Add TEST_RESULT_LOG*() and TEST_SYSTEM*() macros.
These macros encapsulate the functionality provided by direct calls to harnessLogResult() and system().  They both have _FMT() variants.

The primary advantage is that {[path]}, {[user]}, and {[group]} will be replaced with the test path, user, and group respectively.  This saves a log of strNewFmt() calls and makes the tests less noisy.
2019-09-23 17:20:47 -04:00
David Steele
d3a7055ee5 Only enable test.pl --debug-test-trace option when --debug also enabled.
The other way makes no sense and leads to compile errors since --debug-test-trace requires some code that is only enabled by --debug.
2019-09-23 15:15:04 -04:00
David Steele
072aeb8109 Add LFs to storage list tests.
This makes the diffs easier to read when testing.
2019-09-23 15:10:31 -04:00
David Steele
c969137021 Migrate backup manifest load/save to C.
The backup manifest stores a complete list of all files, links, and paths in a backup along with metadata such as checksums, sizes,
timestamps, etc.  A list of databases is also included for selective restore.

The purpose of the manifest is to allow the restore command to confidently reconstruct the PostgreSQL data directory and ensure that
nothing is missing or corrupt.  It is also useful for reporting, e.g. size of backup, backup time, etc.

For now, migrate enough functionality to implement the restore command.

Reviewed by Cynthia Shang.
2019-09-23 13:50:46 -04:00
David Steele
5b64c93e8b Add local option for cfgExecParam().
cfgExecParam() was originally written to provide options for remote processes.  Remotes processes do not have access to the local config so it was necessary to pass every non-default option.

Local processes on the other hand, e.g. archive-get, archive-get-async, archive-push-async, and local, do have access to the local config and therefore don't need every parameter to be passed on the command-line.  The previous way was not wrong, but it was overly verbose and did not align with the way Perl had worked.

Update cfgExecParam() to accept a local option which excludes options from the command line which can be read from local configs.
2019-09-20 17:50:49 -04:00
David Steele
3f18040aab Rename MANIFEST_FILE to BACKUP_MANIFEST_FILE.
This is a bit more descriptive and avoids a naming conflict in the new C manifest code.
2019-09-20 08:13:36 -04:00
David Steele
174cb7b3af Add strPathAbsolute() and strLstRemoveIdx().
strPathAbsolute() generates an absolute path from an absolute base path and an absolute/relative path.

strLstRemoveIdx() is a support function based on lstRemoveIdx().
2019-09-19 22:42:28 -04:00
David Steele
9421493d09 Allow resets when generating local/remote command options.
Somehow this was left out of the original implementation, but it is particularly important for certain types of restores.
2019-09-19 22:34:12 -04:00
David Steele
e24b2e3f4d Only test timestamps for files.
In general we don't care about path and link times since they are easily recreated when restoring.

So, outside of storageInfo() we don't need to bother testing them.
2019-09-18 22:23:04 -04:00
David Steele
54638e8704 Add strLstRemove().
Allow a string to be removed from a StringList using the underlying lstRemove().
2019-09-18 22:17:22 -04:00
David Steele
a6a42b18a9 Use switch instead of if else tree in jsonFromKvInternal().
This is more efficient but more importantly it is easier to read.
2019-09-18 22:09:49 -04:00
David Steele
60d93df503 Use a callback to feed jobs to ProtocolParallel.
Loading jobs in advance uses a lot of memory in the case that there are millions of jobs to be performed.  We haven't seen this yet, but with backup and restore on the horizon it will become the norm.

Instead, use a callback so that jobs are only created as they are needed and can be freed as soon as they are completed.
2019-09-18 07:15:16 -04:00
David Steele
ce1c7b0252 Ignore write errors when the ls command is writing to stdout.
It's possible (even likely) that the ls output is being piped to something like head which will exit when it gets what it needs and leave us writing to a broken pipe.

It would be better to just ignore the broken pipe error but currently we don't store system error codes.
2019-09-17 21:04:38 -04:00
Cynthia Shang
8675699d08 Add FAQ for time-based Point-in-Time Recovery. 2019-09-16 14:09:53 -04:00
Cynthia Shang
49b421d372 Add documentation clarifications regarding standby repositories.
Clarify that placing the repository on a standby is not a robust configuration and recommend against it.
2019-09-16 13:56:25 -04:00
Cynthia Shang
09ef03b7ef Add FAQ regarding backup-standby. 2019-09-15 08:27:38 -04:00
Luca Ferrari
f9c8bd31de Add required FreeBSD header. 2019-09-14 14:10:04 -04:00
Cynthia Shang
56bf9d0566 Update HINT messages to conform to new standard detailed in CODING.md. 2019-09-14 12:21:08 -04:00
Cynthia Shang
c5f496b903 Rename parameter processId to processIdx in harnessFork.h for clarity. 2019-09-14 11:56:29 -04:00
David Steele
f57e119b25 Document the relationship between db-timeout and protocol-timeout.
Contributed by Cynthia Shang.
Suggested by James Chanco Jr.
2019-09-13 12:28:39 -04:00
David Steele
15d04ca19c Add recursion and json output to the ls command.
These features finally make the ls command practical.

Currently the JSON contains only name, type, and size.  We may add more fields in the future, but these seem like the minimum needed to be useful.
2019-09-12 16:29:50 -04:00
David Steele
e45baa1830 Add sorting, filters, and recursion to storageInfoList().
These are needed for the ls command and are also useful for testing.
2019-09-12 16:03:05 -04:00
David Steele
92365fb801 Disable missing-field-initializers warnings in unit testing.
This warning gives very unpredictable results between compiler versions and seems unrealistic since most of our structs are zeroed for initialization.

This warning has been disabled in the Makefile for a long time.
2019-09-12 15:55:18 -04:00
David Steele
f809d2f008 Ignore apt-get update errors in Travis CI.
Broken vendor packages have been causing builds to break due to an error on apt-get update.

Ignore errors and proceed directory to apt-get install.  It's possible that we'll try to reference an expired package version and get an error anyway, but that seems better than a guaranteed hard error.
2019-09-12 15:16:42 -04:00
David Steele
506c10f7f2 Sort and find improvements to List and StringList objects.
Push the responsibility for sort and find down to the List object by introducing a general comparator function that can be used for both sorting and finding.

Update insert and add functions to return the item added rather than the list.  This is more useful in the core code, though numerous updates to the tests were required.
2019-09-12 12:04:25 -04:00
David Steele
e4a071ce03 Add missing header in common/user module. 2019-09-12 10:56:45 -04:00
David Steele
b53305cc36 Update incorrect pipelining references to connection reuse.
Connection reuse and pipelining are not the same thing and should not have been conflated.

Update comments and release notes to reflect the correct usage.
2019-09-12 08:17:07 -04:00
David Steele
dca5b63f97 Move documentation job first for Travis CI.
Since this job has been running long recently this should improved overall performance when multiple commits are queued up.
2019-09-10 13:06:44 -04:00
David Steele
f4f21d0df7 Add groupIdFromName() and userIdFromName() to user module.
Update StorageWritePosix to use the new functions.

A side effect is that storageWritePosixOpen() will no longer error when the user/group name does not exist.  It will simply retain the original user/group, i.e. the user that executed the restore.

In general this is a feature since completing a restore is more important than setting permissions exactly from the source host.  However, some notification of this omission to the user would be beneficial.
2019-09-10 13:02:05 -04:00
David Steele
f8d0574759 Increase process timeout and emit occasional warnings.
Travis will timeout after 10 minutes with no output.  Emit a warning every 5 minutes to keep Travis alive and increase the total timeout to 20 minutes.

Documentation builds have been timing out a lot recently so hopefully this will help.
2019-09-10 12:29:36 -04:00
David Steele
e043c6b1bc Update comment missed in d957acb3. 2019-09-09 07:37:57 -04:00
David Steele
1049632873 Add user module for managing system users/groups.
Centralize the management of users and groups.

Also update Posix storage driver where users/groups were already in use.
2019-09-08 20:11:51 -04:00
David Steele
d957acb36b Add function to generate PostgreSQL tablespace identifier.
In PostgreSQL >= 9.0 each tablespace data is stored in a specially named directory so different major versions can share the same tablespace path.
2019-09-08 06:53:23 -04:00
David Steele
051128ed9e Add test macro for comparing String to zero-terminated strings.
This macro avoids the need to wrap the first parameter in strPtr() and should improve readability.
2019-09-08 06:47:52 -04:00
David Steele
0a96764cb8 Remove most references to PostgreSQL control and catalog versions.
The control and catalog versions were stored a variety of places in the optimistic hope that they would be useful.  In fact they never were.

We can't remove them from the backup.info and backup.manifest files due to backwards compatibility concerns, but we can at least avoid loading and storing them in C structures.

Add functions to the PostgreSQL interface which will return the control and catalog versions for any supported version of PostgreSQL to allow backwards compatibility for backup.info and backup.manifest.  These functions will be useful in other ways, e.g. generating the tablespace identifier in PostgreSQL >= 9.0.
2019-09-07 18:04:39 -04:00
David Steele
843a602080 Add user/group id to storageInfo().
This is required for some operations on Posix storage.
2019-09-07 15:41:55 -04:00
David Steele
1c7c1042b4 Remove extraneous semicolons and add spaces. 2019-09-07 12:32:25 -04:00
David Steele
2eb1d1fee3 Rename lstRemove() to lstRemoveIdx().
This works better with the names of upcoming functions and seems sensible even in isolation.
2019-09-06 16:50:57 -04:00
David Steele
dde0c2b0c9 Rename INFO_MANIFEST_FILE to MANIFEST_FILE.
This was missed in 5c314df0 when the module was renamed.
2019-09-06 16:43:53 -04:00
David Steele
4d84820021 Improve performance of info file load/save.
Info files required three copies in memory to be loaded (the original string, an ini representation, and the final info object). Not only was this memory inefficient but the Ini object does sequential scans when searching for keys making large files very slow to load.

This has not been an issue since archive.info and backup.info are very small, but it becomes a big deal when loading manifests with hundreds of thousands of files.

Instead of holding copies of the data in memory, use a callback to deliver the ini data directly to the object when loading. Use a similar method for save to avoid having an intermediate copy. Save is a bit complex because sections/keys must be written in alpha order or older versions of pgBackRest will not calculate the correct checksum.

Also move the load retry logic to helper functions rather than embedding it in the Info object. This allows for more flexibility in loading and ensures that stack traces will be available when developing unit tests.

Reviewed by Cynthia Shang.
2019-09-06 13:48:28 -04:00