LCOV - code coverage report
Current view: top level - src/bin/pg_combinebackup - pg_combinebackup.c (source / functions) Hit Total Coverage
Test: PostgreSQL 18devel Lines: 375 475 78.9 %
Date: 2025-04-24 13:15:39 Functions: 15 15 100.0 %
Legend: Lines: hit not hit

          Line data    Source code
       1             : /*-------------------------------------------------------------------------
       2             :  *
       3             :  * pg_combinebackup.c
       4             :  *      Combine incremental backups with prior backups.
       5             :  *
       6             :  * Copyright (c) 2017-2025, PostgreSQL Global Development Group
       7             :  *
       8             :  * IDENTIFICATION
       9             :  *    src/bin/pg_combinebackup/pg_combinebackup.c
      10             :  *
      11             :  *-------------------------------------------------------------------------
      12             :  */
      13             : #include "postgres_fe.h"
      14             : 
      15             : #include <dirent.h>
      16             : #include <fcntl.h>
      17             : #include <limits.h>
      18             : 
      19             : #ifdef HAVE_COPYFILE_H
      20             : #include <copyfile.h>
      21             : #endif
      22             : #ifdef __linux__
      23             : #include <sys/ioctl.h>
      24             : #include <linux/fs.h>
      25             : #endif
      26             : 
      27             : #include "access/xlog_internal.h"
      28             : #include "backup_label.h"
      29             : #include "common/checksum_helper.h"
      30             : #include "common/controldata_utils.h"
      31             : #include "common/file_perm.h"
      32             : #include "common/file_utils.h"
      33             : #include "common/logging.h"
      34             : #include "common/relpath.h"
      35             : #include "copy_file.h"
      36             : #include "fe_utils/option_utils.h"
      37             : #include "getopt_long.h"
      38             : #include "lib/stringinfo.h"
      39             : #include "load_manifest.h"
      40             : #include "reconstruct.h"
      41             : #include "write_manifest.h"
      42             : 
      43             : /* Incremental file naming convention. */
      44             : #define INCREMENTAL_PREFIX          "INCREMENTAL."
      45             : #define INCREMENTAL_PREFIX_LENGTH   (sizeof(INCREMENTAL_PREFIX) - 1)
      46             : 
      47             : /*
      48             :  * Tracking for directories that need to be removed, or have their contents
      49             :  * removed, if the operation fails.
      50             :  */
      51             : typedef struct cb_cleanup_dir
      52             : {
      53             :     char       *target_path;
      54             :     bool        rmtopdir;
      55             :     struct cb_cleanup_dir *next;
      56             : } cb_cleanup_dir;
      57             : 
      58             : /*
      59             :  * Stores a tablespace mapping provided using -T, --tablespace-mapping.
      60             :  */
      61             : typedef struct cb_tablespace_mapping
      62             : {
      63             :     char        old_dir[MAXPGPATH];
      64             :     char        new_dir[MAXPGPATH];
      65             :     struct cb_tablespace_mapping *next;
      66             : } cb_tablespace_mapping;
      67             : 
      68             : /*
      69             :  * Stores data parsed from all command-line options.
      70             :  */
      71             : typedef struct cb_options
      72             : {
      73             :     bool        debug;
      74             :     char       *output;
      75             :     bool        dry_run;
      76             :     bool        no_sync;
      77             :     cb_tablespace_mapping *tsmappings;
      78             :     pg_checksum_type manifest_checksums;
      79             :     bool        no_manifest;
      80             :     DataDirSyncMethod sync_method;
      81             :     CopyMethod  copy_method;
      82             : } cb_options;
      83             : 
      84             : /*
      85             :  * Data about a tablespace.
      86             :  *
      87             :  * Every normal tablespace needs a tablespace mapping, but in-place tablespaces
      88             :  * don't, so the list of tablespaces can contain more entries than the list of
      89             :  * tablespace mappings.
      90             :  */
      91             : typedef struct cb_tablespace
      92             : {
      93             :     Oid         oid;
      94             :     bool        in_place;
      95             :     char        old_dir[MAXPGPATH];
      96             :     char        new_dir[MAXPGPATH];
      97             :     struct cb_tablespace *next;
      98             : } cb_tablespace;
      99             : 
     100             : /* Directories to be removed if we exit uncleanly. */
     101             : static cb_cleanup_dir *cleanup_dir_list = NULL;
     102             : 
     103             : static void add_tablespace_mapping(cb_options *opt, char *arg);
     104             : static StringInfo check_backup_label_files(int n_backups, char **backup_dirs);
     105             : static uint64 check_control_files(int n_backups, char **backup_dirs);
     106             : static void check_input_dir_permissions(char *dir);
     107             : static void cleanup_directories_atexit(void);
     108             : static void create_output_directory(char *dirname, cb_options *opt);
     109             : static void help(const char *progname);
     110             : static bool parse_oid(char *s, Oid *result);
     111             : static void process_directory_recursively(Oid tsoid,
     112             :                                           char *input_directory,
     113             :                                           char *output_directory,
     114             :                                           char *relative_path,
     115             :                                           int n_prior_backups,
     116             :                                           char **prior_backup_dirs,
     117             :                                           manifest_data **manifests,
     118             :                                           manifest_writer *mwriter,
     119             :                                           cb_options *opt);
     120             : static int  read_pg_version_file(char *directory);
     121             : static void remember_to_cleanup_directory(char *target_path, bool rmtopdir);
     122             : static void reset_directory_cleanup_list(void);
     123             : static cb_tablespace *scan_for_existing_tablespaces(char *pathname,
     124             :                                                     cb_options *opt);
     125             : static void slurp_file(int fd, char *filename, StringInfo buf, int maxlen);
     126             : 
     127             : /*
     128             :  * Main program.
     129             :  */
     130             : int
     131          50 : main(int argc, char *argv[])
     132             : {
     133             :     static struct option long_options[] = {
     134             :         {"debug", no_argument, NULL, 'd'},
     135             :         {"dry-run", no_argument, NULL, 'n'},
     136             :         {"no-sync", no_argument, NULL, 'N'},
     137             :         {"output", required_argument, NULL, 'o'},
     138             :         {"tablespace-mapping", required_argument, NULL, 'T'},
     139             :         {"link", no_argument, NULL, 'k'},
     140             :         {"manifest-checksums", required_argument, NULL, 1},
     141             :         {"no-manifest", no_argument, NULL, 2},
     142             :         {"sync-method", required_argument, NULL, 3},
     143             :         {"clone", no_argument, NULL, 4},
     144             :         {"copy", no_argument, NULL, 5},
     145             :         {"copy-file-range", no_argument, NULL, 6},
     146             :         {NULL, 0, NULL, 0}
     147             :     };
     148             : 
     149             :     const char *progname;
     150             :     char       *last_input_dir;
     151             :     int         i;
     152             :     int         optindex;
     153             :     int         c;
     154             :     int         n_backups;
     155             :     int         n_prior_backups;
     156             :     int         version;
     157             :     uint64      system_identifier;
     158             :     char      **prior_backup_dirs;
     159             :     cb_options  opt;
     160             :     cb_tablespace *tablespaces;
     161             :     cb_tablespace *ts;
     162             :     StringInfo  last_backup_label;
     163             :     manifest_data **manifests;
     164             :     manifest_writer *mwriter;
     165             : 
     166          50 :     pg_logging_init(argv[0]);
     167          50 :     progname = get_progname(argv[0]);
     168          50 :     set_pglocale_pgservice(argv[0], PG_TEXTDOMAIN("pg_combinebackup"));
     169          50 :     handle_help_version_opts(argc, argv, progname, help);
     170             : 
     171          46 :     memset(&opt, 0, sizeof(opt));
     172          46 :     opt.manifest_checksums = CHECKSUM_TYPE_CRC32C;
     173          46 :     opt.sync_method = DATA_DIR_SYNC_METHOD_FSYNC;
     174          46 :     opt.copy_method = COPY_METHOD_COPY;
     175             : 
     176             :     /* process command-line options */
     177         144 :     while ((c = getopt_long(argc, argv, "dknNo:T:",
     178             :                             long_options, &optindex)) != -1)
     179             :     {
     180         100 :         switch (c)
     181             :         {
     182          12 :             case 'd':
     183          12 :                 opt.debug = true;
     184          12 :                 pg_logging_increase_verbosity();
     185          12 :                 break;
     186           2 :             case 'k':
     187           2 :                 opt.copy_method = COPY_METHOD_LINK;
     188           2 :                 break;
     189           0 :             case 'n':
     190           0 :                 opt.dry_run = true;
     191           0 :                 break;
     192           6 :             case 'N':
     193           6 :                 opt.no_sync = true;
     194           6 :                 break;
     195          40 :             case 'o':
     196          40 :                 opt.output = optarg;
     197          40 :                 break;
     198           2 :             case 'T':
     199           2 :                 add_tablespace_mapping(&opt, optarg);
     200           2 :                 break;
     201           4 :             case 1:
     202           4 :                 if (!pg_checksum_parse_type(optarg,
     203             :                                             &opt.manifest_checksums))
     204           0 :                     pg_fatal("unrecognized checksum algorithm: \"%s\"",
     205             :                              optarg);
     206           4 :                 break;
     207           2 :             case 2:
     208           2 :                 opt.no_manifest = true;
     209           2 :                 break;
     210           0 :             case 3:
     211           0 :                 if (!parse_sync_method(optarg, &opt.sync_method))
     212           0 :                     exit(1);
     213           0 :                 break;
     214           0 :             case 4:
     215           0 :                 opt.copy_method = COPY_METHOD_CLONE;
     216           0 :                 break;
     217          30 :             case 5:
     218          30 :                 opt.copy_method = COPY_METHOD_COPY;
     219          30 :                 break;
     220           0 :             case 6:
     221           0 :                 opt.copy_method = COPY_METHOD_COPY_FILE_RANGE;
     222           0 :                 break;
     223           2 :             default:
     224             :                 /* getopt_long already emitted a complaint */
     225           2 :                 pg_log_error_hint("Try \"%s --help\" for more information.", progname);
     226           2 :                 exit(1);
     227             :         }
     228             :     }
     229             : 
     230          44 :     if (optind >= argc)
     231             :     {
     232           2 :         pg_log_error("no input directories specified");
     233           2 :         pg_log_error_hint("Try \"%s --help\" for more information.", progname);
     234           2 :         exit(1);
     235             :     }
     236             : 
     237          42 :     if (opt.output == NULL)
     238           2 :         pg_fatal("no output directory specified");
     239             : 
     240             :     /* If no manifest is needed, no checksums are needed, either. */
     241          40 :     if (opt.no_manifest)
     242           2 :         opt.manifest_checksums = CHECKSUM_TYPE_NONE;
     243             : 
     244             :     /* Check that the platform supports the requested copy method. */
     245          40 :     if (opt.copy_method == COPY_METHOD_CLONE)
     246             :     {
     247             : #if (defined(HAVE_COPYFILE) && defined(COPYFILE_CLONE_FORCE)) || \
     248             :     (defined(__linux__) && defined(FICLONE))
     249             : 
     250           0 :         if (opt.dry_run)
     251           0 :             pg_log_debug("would use cloning to copy files");
     252             :         else
     253           0 :             pg_log_debug("will use cloning to copy files");
     254             : 
     255             : #else
     256             :         pg_fatal("file cloning not supported on this platform");
     257             : #endif
     258             :     }
     259          40 :     else if (opt.copy_method == COPY_METHOD_COPY_FILE_RANGE)
     260             :     {
     261             : #if defined(HAVE_COPY_FILE_RANGE)
     262             : 
     263           0 :         if (opt.dry_run)
     264           0 :             pg_log_debug("would use copy_file_range to copy blocks");
     265             :         else
     266           0 :             pg_log_debug("will use copy_file_range to copy blocks");
     267             : 
     268             : #else
     269             :         pg_fatal("copy_file_range not supported on this platform");
     270             : #endif
     271             :     }
     272             : 
     273             :     /* Read the server version from the final backup. */
     274          40 :     version = read_pg_version_file(argv[argc - 1]);
     275             : 
     276             :     /* Sanity-check control files. */
     277          40 :     n_backups = argc - optind;
     278          40 :     system_identifier = check_control_files(n_backups, argv + optind);
     279             : 
     280             :     /* Sanity-check backup_label files, and get the contents of the last one. */
     281          38 :     last_backup_label = check_backup_label_files(n_backups, argv + optind);
     282             : 
     283             :     /*
     284             :      * We'll need the pathnames to the prior backups. By "prior" we mean all
     285             :      * but the last one listed on the command line.
     286             :      */
     287          28 :     n_prior_backups = argc - optind - 1;
     288          28 :     prior_backup_dirs = argv + optind;
     289             : 
     290             :     /* Load backup manifests. */
     291          28 :     manifests = load_backup_manifests(n_backups, prior_backup_dirs);
     292             : 
     293             :     /*
     294             :      * Validate the manifest system identifier against the backup system
     295             :      * identifier.
     296             :      */
     297          80 :     for (i = 0; i < n_backups; i++)
     298             :     {
     299          54 :         if (manifests[i] &&
     300          54 :             manifests[i]->system_identifier != system_identifier)
     301             :         {
     302             :             char       *controlpath;
     303             : 
     304           2 :             controlpath = psprintf("%s/%s", prior_backup_dirs[i], XLOG_CONTROL_FILE);
     305             : 
     306           2 :             pg_fatal("%s: manifest system identifier is %" PRIu64 ", but control file has %" PRIu64,
     307             :                      controlpath,
     308             :                      manifests[i]->system_identifier,
     309             :                      system_identifier);
     310             :         }
     311             :     }
     312             : 
     313             :     /* Figure out which tablespaces are going to be included in the output. */
     314          26 :     last_input_dir = argv[argc - 1];
     315          26 :     check_input_dir_permissions(last_input_dir);
     316          26 :     tablespaces = scan_for_existing_tablespaces(last_input_dir, &opt);
     317             : 
     318             :     /*
     319             :      * Create output directories.
     320             :      *
     321             :      * We create one output directory for the main data directory plus one for
     322             :      * each non-in-place tablespace. create_output_directory() will arrange
     323             :      * for those directories to be cleaned up on failure. In-place tablespaces
     324             :      * aren't handled at this stage because they're located beneath the main
     325             :      * output directory, and thus the cleanup of that directory will get rid
     326             :      * of them. Plus, the pg_tblspc directory that needs to contain them
     327             :      * doesn't exist yet.
     328             :      */
     329          26 :     atexit(cleanup_directories_atexit);
     330          26 :     create_output_directory(opt.output, &opt);
     331          28 :     for (ts = tablespaces; ts != NULL; ts = ts->next)
     332           2 :         if (!ts->in_place)
     333           2 :             create_output_directory(ts->new_dir, &opt);
     334             : 
     335             :     /* If we need to write a backup_manifest, prepare to do so. */
     336          26 :     if (!opt.dry_run && !opt.no_manifest)
     337             :     {
     338          24 :         mwriter = create_manifest_writer(opt.output, system_identifier);
     339             : 
     340             :         /*
     341             :          * Verify that we have a backup manifest for the final backup; else we
     342             :          * won't have the WAL ranges for the resulting manifest.
     343             :          */
     344          24 :         if (manifests[n_prior_backups] == NULL)
     345           0 :             pg_fatal("cannot generate a manifest because no manifest is available for the final input backup");
     346             :     }
     347             :     else
     348           2 :         mwriter = NULL;
     349             : 
     350             :     /* Write backup label into output directory. */
     351          26 :     if (opt.dry_run)
     352           0 :         pg_log_debug("would generate \"%s/backup_label\"", opt.output);
     353             :     else
     354             :     {
     355          26 :         pg_log_debug("generating \"%s/backup_label\"", opt.output);
     356          26 :         last_backup_label->cursor = 0;
     357          26 :         write_backup_label(opt.output, last_backup_label,
     358             :                            opt.manifest_checksums, mwriter);
     359             :     }
     360             : 
     361             :     /* Process everything that's not part of a user-defined tablespace. */
     362          26 :     pg_log_debug("processing backup directory \"%s\"", last_input_dir);
     363          26 :     process_directory_recursively(InvalidOid, last_input_dir, opt.output,
     364             :                                   NULL, n_prior_backups, prior_backup_dirs,
     365             :                                   manifests, mwriter, &opt);
     366             : 
     367             :     /* Process user-defined tablespaces. */
     368          26 :     for (ts = tablespaces; ts != NULL; ts = ts->next)
     369             :     {
     370           2 :         pg_log_debug("processing tablespace directory \"%s\"", ts->old_dir);
     371             : 
     372             :         /*
     373             :          * If it's a normal tablespace, we need to set up a symbolic link from
     374             :          * pg_tblspc/${OID} to the target directory; if it's an in-place
     375             :          * tablespace, we need to create a directory at pg_tblspc/${OID}.
     376             :          */
     377           2 :         if (!ts->in_place)
     378             :         {
     379             :             char        linkpath[MAXPGPATH];
     380             : 
     381           2 :             snprintf(linkpath, MAXPGPATH, "%s/%s/%u", opt.output, PG_TBLSPC_DIR,
     382             :                      ts->oid);
     383             : 
     384           2 :             if (opt.dry_run)
     385           0 :                 pg_log_debug("would create symbolic link from \"%s\" to \"%s\"",
     386             :                              linkpath, ts->new_dir);
     387             :             else
     388             :             {
     389           2 :                 pg_log_debug("creating symbolic link from \"%s\" to \"%s\"",
     390             :                              linkpath, ts->new_dir);
     391           2 :                 if (symlink(ts->new_dir, linkpath) != 0)
     392           0 :                     pg_fatal("could not create symbolic link from \"%s\" to \"%s\": %m",
     393             :                              linkpath, ts->new_dir);
     394             :             }
     395             :         }
     396             :         else
     397             :         {
     398           0 :             if (opt.dry_run)
     399           0 :                 pg_log_debug("would create directory \"%s\"", ts->new_dir);
     400             :             else
     401             :             {
     402           0 :                 pg_log_debug("creating directory \"%s\"", ts->new_dir);
     403           0 :                 if (pg_mkdir_p(ts->new_dir, pg_dir_create_mode) == -1)
     404           0 :                     pg_fatal("could not create directory \"%s\": %m",
     405             :                              ts->new_dir);
     406             :             }
     407             :         }
     408             : 
     409             :         /* OK, now handle the directory contents. */
     410           2 :         process_directory_recursively(ts->oid, ts->old_dir, ts->new_dir,
     411             :                                       NULL, n_prior_backups, prior_backup_dirs,
     412             :                                       manifests, mwriter, &opt);
     413             :     }
     414             : 
     415             :     /* Finalize the backup_manifest, if we're generating one. */
     416          24 :     if (mwriter != NULL)
     417          22 :         finalize_manifest(mwriter,
     418          22 :                           manifests[n_prior_backups]->first_wal_range);
     419             : 
     420             :     /* fsync that output directory unless we've been told not to do so */
     421          24 :     if (!opt.no_sync)
     422             :     {
     423          18 :         if (opt.dry_run)
     424           0 :             pg_log_debug("would recursively fsync \"%s\"", opt.output);
     425             :         else
     426             :         {
     427          18 :             pg_log_debug("recursively fsyncing \"%s\"", opt.output);
     428          18 :             sync_pgdata(opt.output, version * 10000, opt.sync_method, true);
     429             :         }
     430             :     }
     431             : 
     432             :     /* Warn about the possibility of compromising the backups, when link mode */
     433          24 :     if (opt.copy_method == COPY_METHOD_LINK)
     434           2 :         pg_log_warning("--link mode was used; any modifications to the output "
     435             :                        "directory may destructively modify input directories");
     436             : 
     437             :     /* It's a success, so don't remove the output directories. */
     438          24 :     reset_directory_cleanup_list();
     439          24 :     exit(0);
     440             : }
     441             : 
     442             : /*
     443             :  * Process the option argument for the -T, --tablespace-mapping switch.
     444             :  */
     445             : static void
     446           2 : add_tablespace_mapping(cb_options *opt, char *arg)
     447             : {
     448           2 :     cb_tablespace_mapping *tsmap = pg_malloc0(sizeof(cb_tablespace_mapping));
     449             :     char       *dst;
     450             :     char       *dst_ptr;
     451             :     char       *arg_ptr;
     452             : 
     453             :     /*
     454             :      * Basically, we just want to copy everything before the equals sign to
     455             :      * tsmap->old_dir and everything afterwards to tsmap->new_dir, but if
     456             :      * there's more or less than one equals sign, that's an error, and if
     457             :      * there's an equals sign preceded by a backslash, don't treat it as a
     458             :      * field separator but instead copy a literal equals sign.
     459             :      */
     460           2 :     dst_ptr = dst = tsmap->old_dir;
     461         100 :     for (arg_ptr = arg; *arg_ptr != '\0'; arg_ptr++)
     462             :     {
     463          98 :         if (dst_ptr - dst >= MAXPGPATH)
     464           0 :             pg_fatal("directory name too long");
     465             : 
     466          98 :         if (*arg_ptr == '\\' && *(arg_ptr + 1) == '=')
     467             :             ;                   /* skip backslash escaping = */
     468          98 :         else if (*arg_ptr == '=' && (arg_ptr == arg || *(arg_ptr - 1) != '\\'))
     469             :         {
     470           2 :             if (tsmap->new_dir[0] != '\0')
     471           0 :                 pg_fatal("multiple \"=\" signs in tablespace mapping");
     472             :             else
     473           2 :                 dst = dst_ptr = tsmap->new_dir;
     474             :         }
     475             :         else
     476          96 :             *dst_ptr++ = *arg_ptr;
     477             :     }
     478           2 :     if (!tsmap->old_dir[0] || !tsmap->new_dir[0])
     479           0 :         pg_fatal("invalid tablespace mapping format \"%s\", must be \"OLDDIR=NEWDIR\"", arg);
     480             : 
     481             :     /*
     482             :      * All tablespaces are created with absolute directories, so specifying a
     483             :      * non-absolute path here would never match, possibly confusing users.
     484             :      *
     485             :      * In contrast to pg_basebackup, both the old and new directories are on
     486             :      * the local machine, so the local machine's definition of an absolute
     487             :      * path is the only relevant one.
     488             :      */
     489           2 :     if (!is_absolute_path(tsmap->old_dir))
     490           0 :         pg_fatal("old directory is not an absolute path in tablespace mapping: %s",
     491             :                  tsmap->old_dir);
     492             : 
     493           2 :     if (!is_absolute_path(tsmap->new_dir))
     494           0 :         pg_fatal("old directory is not an absolute path in tablespace mapping: %s",
     495             :                  tsmap->new_dir);
     496             : 
     497             :     /* Canonicalize paths to avoid spurious failures when comparing. */
     498           2 :     canonicalize_path(tsmap->old_dir);
     499           2 :     canonicalize_path(tsmap->new_dir);
     500             : 
     501             :     /* Add it to the list. */
     502           2 :     tsmap->next = opt->tsmappings;
     503           2 :     opt->tsmappings = tsmap;
     504           2 : }
     505             : 
     506             : /*
     507             :  * Check that the backup_label files form a coherent backup chain, and return
     508             :  * the contents of the backup_label file from the latest backup.
     509             :  */
     510             : static StringInfo
     511          38 : check_backup_label_files(int n_backups, char **backup_dirs)
     512             : {
     513          38 :     StringInfo  buf = makeStringInfo();
     514          38 :     StringInfo  lastbuf = buf;
     515             :     int         i;
     516          38 :     TimeLineID  check_tli = 0;
     517          38 :     XLogRecPtr  check_lsn = InvalidXLogRecPtr;
     518             : 
     519             :     /* Try to read each backup_label file in turn, last to first. */
     520         102 :     for (i = n_backups - 1; i >= 0; --i)
     521             :     {
     522             :         char        pathbuf[MAXPGPATH];
     523             :         int         fd;
     524             :         TimeLineID  start_tli;
     525             :         TimeLineID  previous_tli;
     526             :         XLogRecPtr  start_lsn;
     527             :         XLogRecPtr  previous_lsn;
     528             : 
     529             :         /* Open the backup_label file. */
     530          74 :         snprintf(pathbuf, MAXPGPATH, "%s/backup_label", backup_dirs[i]);
     531          74 :         pg_log_debug("reading \"%s\"", pathbuf);
     532          74 :         if ((fd = open(pathbuf, O_RDONLY, 0)) < 0)
     533           0 :             pg_fatal("could not open file \"%s\": %m", pathbuf);
     534             : 
     535             :         /*
     536             :          * Slurp the whole file into memory.
     537             :          *
     538             :          * The exact size limit that we impose here doesn't really matter --
     539             :          * most of what's supposed to be in the file is fixed size and quite
     540             :          * short. However, the length of the backup_label is limited (at least
     541             :          * by some parts of the code) to MAXPGPATH, so include that value in
     542             :          * the maximum length that we tolerate.
     543             :          */
     544          74 :         slurp_file(fd, pathbuf, buf, 10000 + MAXPGPATH);
     545             : 
     546             :         /* Close the file. */
     547          74 :         if (close(fd) != 0)
     548           0 :             pg_fatal("could not close file \"%s\": %m", pathbuf);
     549             : 
     550             :         /* Parse the file contents. */
     551          74 :         parse_backup_label(pathbuf, buf, &start_tli, &start_lsn,
     552             :                            &previous_tli, &previous_lsn);
     553             : 
     554             :         /*
     555             :          * Sanity checks.
     556             :          *
     557             :          * XXX. It's actually not required that start_lsn == check_lsn. It
     558             :          * would be OK if start_lsn > check_lsn provided that start_lsn is
     559             :          * less than or equal to the relevant switchpoint. But at the moment
     560             :          * we don't have that information.
     561             :          */
     562          74 :         if (i > 0 && previous_tli == 0)
     563           2 :             pg_fatal("backup at \"%s\" is a full backup, but only the first backup should be a full backup",
     564             :                      backup_dirs[i]);
     565          72 :         if (i == 0 && previous_tli != 0)
     566           2 :             pg_fatal("backup at \"%s\" is an incremental backup, but the first backup should be a full backup",
     567             :                      backup_dirs[i]);
     568          70 :         if (i < n_backups - 1 && start_tli != check_tli)
     569           0 :             pg_fatal("backup at \"%s\" starts on timeline %u, but expected %u",
     570             :                      backup_dirs[i], start_tli, check_tli);
     571          70 :         if (i < n_backups - 1 && start_lsn != check_lsn)
     572           6 :             pg_fatal("backup at \"%s\" starts at LSN %X/%X, but expected %X/%X",
     573             :                      backup_dirs[i],
     574             :                      LSN_FORMAT_ARGS(start_lsn),
     575             :                      LSN_FORMAT_ARGS(check_lsn));
     576          64 :         check_tli = previous_tli;
     577          64 :         check_lsn = previous_lsn;
     578             : 
     579             :         /*
     580             :          * The last backup label in the chain needs to be saved for later use,
     581             :          * while the others are only needed within this loop.
     582             :          */
     583          64 :         if (lastbuf == buf)
     584          36 :             buf = makeStringInfo();
     585             :         else
     586          28 :             resetStringInfo(buf);
     587             :     }
     588             : 
     589             :     /* Free memory that we don't need any more. */
     590          28 :     if (lastbuf != buf)
     591          28 :         destroyStringInfo(buf);
     592             : 
     593             :     /*
     594             :      * Return the data from the first backup_info that we read (which is the
     595             :      * backup_label from the last directory specified on the command line).
     596             :      */
     597          28 :     return lastbuf;
     598             : }
     599             : 
     600             : /*
     601             :  * Sanity check control files and return system_identifier.
     602             :  */
     603             : static uint64
     604          40 : check_control_files(int n_backups, char **backup_dirs)
     605             : {
     606             :     int         i;
     607          40 :     uint64      system_identifier = 0;  /* placate compiler */
     608          40 :     uint32      data_checksum_version = 0;  /* placate compiler */
     609          40 :     bool        data_checksum_mismatch = false;
     610             : 
     611             :     /* Try to read each control file in turn, last to first. */
     612         120 :     for (i = n_backups - 1; i >= 0; --i)
     613             :     {
     614             :         ControlFileData *control_file;
     615             :         bool        crc_ok;
     616             :         char       *controlpath;
     617             : 
     618          82 :         controlpath = psprintf("%s/%s", backup_dirs[i], XLOG_CONTROL_FILE);
     619          82 :         pg_log_debug("reading \"%s\"", controlpath);
     620          82 :         control_file = get_controlfile_by_exact_path(controlpath, &crc_ok);
     621             : 
     622             :         /* Control file contents not meaningful if CRC is bad. */
     623          82 :         if (!crc_ok)
     624           0 :             pg_fatal("%s: CRC is incorrect", controlpath);
     625             : 
     626             :         /* Can't interpret control file if not current version. */
     627          82 :         if (control_file->pg_control_version != PG_CONTROL_VERSION)
     628           0 :             pg_fatal("%s: unexpected control file version",
     629             :                      controlpath);
     630             : 
     631             :         /* System identifiers should all match. */
     632          82 :         if (i == n_backups - 1)
     633          40 :             system_identifier = control_file->system_identifier;
     634          42 :         else if (system_identifier != control_file->system_identifier)
     635           2 :             pg_fatal("%s: expected system identifier %" PRIu64 ", but found %" PRIu64,
     636             :                      controlpath, system_identifier,
     637             :                      control_file->system_identifier);
     638             : 
     639             :         /*
     640             :          * Detect checksum mismatches, but only if the last backup in the
     641             :          * chain has checksums enabled.
     642             :          */
     643          80 :         if (i == n_backups - 1)
     644          40 :             data_checksum_version = control_file->data_checksum_version;
     645          40 :         else if (data_checksum_version != 0 &&
     646          40 :                  data_checksum_version != control_file->data_checksum_version)
     647           0 :             data_checksum_mismatch = true;
     648             : 
     649             :         /* Release memory. */
     650          80 :         pfree(control_file);
     651          80 :         pfree(controlpath);
     652             :     }
     653             : 
     654             :     /*
     655             :      * If debug output is enabled, make a note of the system identifier that
     656             :      * we found in all of the relevant control files.
     657             :      */
     658          38 :     pg_log_debug("system identifier is %" PRIu64, system_identifier);
     659             : 
     660             :     /*
     661             :      * Warn the user if not all backups are in the same state with regards to
     662             :      * checksums.
     663             :      */
     664          38 :     if (data_checksum_mismatch)
     665             :     {
     666           0 :         pg_log_warning("only some backups have checksums enabled");
     667           0 :         pg_log_warning_hint("Disable, and optionally reenable, checksums on the output directory to avoid failures.");
     668             :     }
     669             : 
     670          38 :     return system_identifier;
     671             : }
     672             : 
     673             : /*
     674             :  * Set default permissions for new files and directories based on the
     675             :  * permissions of the given directory. The intent here is that the output
     676             :  * directory should use the same permissions scheme as the final input
     677             :  * directory.
     678             :  */
     679             : static void
     680          26 : check_input_dir_permissions(char *dir)
     681             : {
     682             :     struct stat st;
     683             : 
     684          26 :     if (stat(dir, &st) != 0)
     685           0 :         pg_fatal("could not stat file \"%s\": %m", dir);
     686             : 
     687          26 :     SetDataDirectoryCreatePerm(st.st_mode);
     688          26 : }
     689             : 
     690             : /*
     691             :  * Clean up output directories before exiting.
     692             :  */
     693             : static void
     694          26 : cleanup_directories_atexit(void)
     695             : {
     696          28 :     while (cleanup_dir_list != NULL)
     697             :     {
     698           2 :         cb_cleanup_dir *dir = cleanup_dir_list;
     699             : 
     700           2 :         if (dir->rmtopdir)
     701             :         {
     702           2 :             pg_log_info("removing output directory \"%s\"", dir->target_path);
     703           2 :             if (!rmtree(dir->target_path, dir->rmtopdir))
     704           0 :                 pg_log_error("failed to remove output directory");
     705             :         }
     706             :         else
     707             :         {
     708           0 :             pg_log_info("removing contents of output directory \"%s\"",
     709             :                         dir->target_path);
     710           0 :             if (!rmtree(dir->target_path, dir->rmtopdir))
     711           0 :                 pg_log_error("failed to remove contents of output directory");
     712             :         }
     713             : 
     714           2 :         cleanup_dir_list = cleanup_dir_list->next;
     715           2 :         pfree(dir);
     716             :     }
     717          26 : }
     718             : 
     719             : /*
     720             :  * Create the named output directory, unless it already exists or we're in
     721             :  * dry-run mode. If it already exists but is not empty, that's a fatal error.
     722             :  *
     723             :  * Adds the created directory to the list of directories to be cleaned up
     724             :  * at process exit.
     725             :  */
     726             : static void
     727          28 : create_output_directory(char *dirname, cb_options *opt)
     728             : {
     729          28 :     switch (pg_check_dir(dirname))
     730             :     {
     731          28 :         case 0:
     732          28 :             if (opt->dry_run)
     733             :             {
     734           0 :                 pg_log_debug("would create directory \"%s\"", dirname);
     735           0 :                 return;
     736             :             }
     737          28 :             pg_log_debug("creating directory \"%s\"", dirname);
     738          28 :             if (pg_mkdir_p(dirname, pg_dir_create_mode) == -1)
     739           0 :                 pg_fatal("could not create directory \"%s\": %m", dirname);
     740          28 :             remember_to_cleanup_directory(dirname, true);
     741          28 :             break;
     742             : 
     743           0 :         case 1:
     744           0 :             pg_log_debug("using existing directory \"%s\"", dirname);
     745           0 :             remember_to_cleanup_directory(dirname, false);
     746           0 :             break;
     747             : 
     748           0 :         case 2:
     749             :         case 3:
     750             :         case 4:
     751           0 :             pg_fatal("directory \"%s\" exists but is not empty", dirname);
     752             : 
     753           0 :         case -1:
     754           0 :             pg_fatal("could not access directory \"%s\": %m", dirname);
     755             :     }
     756             : }
     757             : 
     758             : /*
     759             :  * help
     760             :  *
     761             :  * Prints help page for the program
     762             :  *
     763             :  * progname: the name of the executed program, such as "pg_combinebackup"
     764             :  */
     765             : static void
     766           2 : help(const char *progname)
     767             : {
     768           2 :     printf(_("%s reconstructs full backups from incrementals.\n\n"), progname);
     769           2 :     printf(_("Usage:\n"));
     770           2 :     printf(_("  %s [OPTION]... DIRECTORY...\n"), progname);
     771           2 :     printf(_("\nOptions:\n"));
     772           2 :     printf(_("  -d, --debug               generate lots of debugging output\n"));
     773           2 :     printf(_("  -k, --link                link files instead of copying\n"));
     774           2 :     printf(_("  -n, --dry-run             do not actually do anything\n"));
     775           2 :     printf(_("  -N, --no-sync             do not wait for changes to be written safely to disk\n"));
     776           2 :     printf(_("  -o, --output=DIRECTORY    output directory\n"));
     777           2 :     printf(_("  -T, --tablespace-mapping=OLDDIR=NEWDIR\n"
     778             :              "                            relocate tablespace in OLDDIR to NEWDIR\n"));
     779           2 :     printf(_("      --clone               clone (reflink) files instead of copying\n"));
     780           2 :     printf(_("      --copy                copy files (default)\n"));
     781           2 :     printf(_("      --copy-file-range     copy using copy_file_range() system call\n"));
     782           2 :     printf(_("      --manifest-checksums=SHA{224,256,384,512}|CRC32C|NONE\n"
     783             :              "                            use algorithm for manifest checksums\n"));
     784           2 :     printf(_("      --no-manifest         suppress generation of backup manifest\n"));
     785           2 :     printf(_("      --sync-method=METHOD  set method for syncing files to disk\n"));
     786           2 :     printf(_("  -V, --version             output version information, then exit\n"));
     787           2 :     printf(_("  -?, --help                show this help, then exit\n"));
     788             : 
     789           2 :     printf(_("\nReport bugs to <%s>.\n"), PACKAGE_BUGREPORT);
     790           2 :     printf(_("%s home page: <%s>\n"), PACKAGE_NAME, PACKAGE_URL);
     791           2 : }
     792             : 
     793             : /*
     794             :  * Try to parse a string as a non-zero OID without leading zeroes.
     795             :  *
     796             :  * If it works, return true and set *result to the answer, else return false.
     797             :  */
     798             : static bool
     799           4 : parse_oid(char *s, Oid *result)
     800             : {
     801             :     Oid         oid;
     802             :     char       *ep;
     803             : 
     804           4 :     errno = 0;
     805           4 :     oid = strtoul(s, &ep, 10);
     806           4 :     if (errno != 0 || *ep != '\0' || oid < 1 || oid > PG_UINT32_MAX)
     807           0 :         return false;
     808             : 
     809           4 :     *result = oid;
     810           4 :     return true;
     811             : }
     812             : 
     813             : /*
     814             :  * Copy files from the input directory to the output directory, reconstructing
     815             :  * full files from incremental files as required.
     816             :  *
     817             :  * If processing a user-defined tablespace, the tsoid should be the OID
     818             :  * of that tablespace and input_directory and output_directory should be the
     819             :  * toplevel input and output directories for that tablespace. Otherwise,
     820             :  * tsoid should be InvalidOid and input_directory and output_directory should
     821             :  * be the main input and output directories.
     822             :  *
     823             :  * relative_path is the path beneath the given input and output directories
     824             :  * that we are currently processing. If NULL, it indicates that we're
     825             :  * processing the input and output directories themselves.
     826             :  *
     827             :  * n_prior_backups is the number of prior backups that we have available.
     828             :  * This doesn't count the very last backup, which is referenced by
     829             :  * input_directory, just the older ones. prior_backup_dirs is an array of
     830             :  * the locations of those previous backups.
     831             :  */
     832             : static void
     833         708 : process_directory_recursively(Oid tsoid,
     834             :                               char *input_directory,
     835             :                               char *output_directory,
     836             :                               char *relative_path,
     837             :                               int n_prior_backups,
     838             :                               char **prior_backup_dirs,
     839             :                               manifest_data **manifests,
     840             :                               manifest_writer *mwriter,
     841             :                               cb_options *opt)
     842             : {
     843             :     char        ifulldir[MAXPGPATH];
     844             :     char        ofulldir[MAXPGPATH];
     845             :     char        manifest_prefix[MAXPGPATH];
     846             :     DIR        *dir;
     847             :     struct dirent *de;
     848         708 :     bool        is_pg_tblspc = false;
     849         708 :     bool        is_pg_wal = false;
     850         708 :     bool        is_incremental_dir = false;
     851         708 :     manifest_data *latest_manifest = manifests[n_prior_backups];
     852             :     pg_checksum_type checksum_type;
     853             : 
     854             :     /*
     855             :      * Classify this directory.
     856             :      *
     857             :      * We set is_pg_tblspc only for the toplevel pg_tblspc directory, because
     858             :      * the symlinks in that specific directory require special handling.
     859             :      *
     860             :      * We set is_pg_wal for the toplevel WAL directory and all of its
     861             :      * subdirectories, because those files are not included in the backup
     862             :      * manifest and hence need special treatment. (Since incremental backup
     863             :      * does not exist in pre-v10 versions, we don't have to worry about the
     864             :      * old pg_xlog naming.)
     865             :      *
     866             :      * We set is_incremental_dir for directories that can contain incremental
     867             :      * files requiring reconstruction. If such files occur outside these
     868             :      * directories, we want to just copy them straight to the output
     869             :      * directory. This is to protect against a user creating a file with a
     870             :      * strange name like INCREMENTAL.config and then complaining that
     871             :      * incremental backups don't work properly. The test here is a bit tricky:
     872             :      * incremental files occur in subdirectories of base, in pg_global itself,
     873             :      * and in subdirectories of pg_tblspc only if in-place tablespaces are
     874             :      * used.
     875             :      */
     876         708 :     if (OidIsValid(tsoid))
     877           6 :         is_incremental_dir = true;
     878         702 :     else if (relative_path != NULL)
     879             :     {
     880         676 :         is_pg_tblspc = strcmp(relative_path, PG_TBLSPC_DIR) == 0;
     881        1326 :         is_pg_wal = (strcmp(relative_path, "pg_wal") == 0 ||
     882         650 :                      strncmp(relative_path, "pg_wal/", 7) == 0);
     883         676 :         is_incremental_dir = strncmp(relative_path, "base/", 5) == 0 ||
     884        1244 :             strcmp(relative_path, "global") == 0 ||
     885         568 :             strncmp(relative_path, PG_TBLSPC_DIR_SLASH, 10) == 0;
     886             :     }
     887             : 
     888             :     /*
     889             :      * If we're under pg_wal, then we don't need checksums, because these
     890             :      * files aren't included in the backup manifest. Otherwise use whatever
     891             :      * type of checksum is configured.
     892             :      */
     893         708 :     if (!is_pg_wal)
     894         630 :         checksum_type = opt->manifest_checksums;
     895             :     else
     896          78 :         checksum_type = CHECKSUM_TYPE_NONE;
     897             : 
     898             :     /*
     899             :      * Append the relative path to the input and output directories, and
     900             :      * figure out the appropriate prefix to add to files in this directory
     901             :      * when looking them up in a backup manifest.
     902             :      */
     903         708 :     if (relative_path == NULL)
     904             :     {
     905          28 :         strlcpy(ifulldir, input_directory, MAXPGPATH);
     906          28 :         strlcpy(ofulldir, output_directory, MAXPGPATH);
     907          28 :         if (OidIsValid(tsoid))
     908           2 :             snprintf(manifest_prefix, MAXPGPATH, "%s/%u/", PG_TBLSPC_DIR, tsoid);
     909             :         else
     910          26 :             manifest_prefix[0] = '\0';
     911             :     }
     912             :     else
     913             :     {
     914         680 :         snprintf(ifulldir, MAXPGPATH, "%s/%s", input_directory,
     915             :                  relative_path);
     916         680 :         snprintf(ofulldir, MAXPGPATH, "%s/%s", output_directory,
     917             :                  relative_path);
     918         680 :         if (OidIsValid(tsoid))
     919           4 :             snprintf(manifest_prefix, MAXPGPATH, "%s/%u/%s/",
     920             :                      PG_TBLSPC_DIR, tsoid, relative_path);
     921             :         else
     922         676 :             snprintf(manifest_prefix, MAXPGPATH, "%s/", relative_path);
     923             :     }
     924             : 
     925             :     /*
     926             :      * Toplevel output directories have already been created by the time this
     927             :      * function is called, but any subdirectories are our responsibility.
     928             :      */
     929         708 :     if (relative_path != NULL)
     930             :     {
     931         680 :         if (opt->dry_run)
     932           0 :             pg_log_debug("would create directory \"%s\"", ofulldir);
     933             :         else
     934             :         {
     935         680 :             pg_log_debug("creating directory \"%s\"", ofulldir);
     936         680 :             if (mkdir(ofulldir, pg_dir_create_mode) == -1)
     937           0 :                 pg_fatal("could not create directory \"%s\": %m", ofulldir);
     938             :         }
     939             :     }
     940             : 
     941             :     /* It's time to scan the directory. */
     942         708 :     if ((dir = opendir(ifulldir)) == NULL)
     943           0 :         pg_fatal("could not open directory \"%s\": %m", ifulldir);
     944       28776 :     while (errno = 0, (de = readdir(dir)) != NULL)
     945             :     {
     946             :         PGFileType  type;
     947             :         char        ifullpath[MAXPGPATH];
     948             :         char        ofullpath[MAXPGPATH];
     949             :         char        manifest_path[MAXPGPATH];
     950       28074 :         Oid         oid = InvalidOid;
     951       28074 :         int         checksum_length = 0;
     952       28074 :         uint8      *checksum_payload = NULL;
     953             :         pg_checksum_context checksum_ctx;
     954             : 
     955             :         /* Ignore "." and ".." entries. */
     956       28074 :         if (strcmp(de->d_name, ".") == 0 ||
     957       27366 :             strcmp(de->d_name, "..") == 0)
     958        2146 :             continue;
     959             : 
     960             :         /* Construct input path. */
     961       26658 :         snprintf(ifullpath, MAXPGPATH, "%s/%s", ifulldir, de->d_name);
     962             : 
     963             :         /* Figure out what kind of directory entry this is. */
     964       26658 :         type = get_dirent_type(ifullpath, de, false, PG_LOG_ERROR);
     965       26658 :         if (type == PGFILETYPE_ERROR)
     966           0 :             exit(1);
     967             : 
     968             :         /*
     969             :          * If we're processing pg_tblspc, then check whether the filename
     970             :          * looks like it could be a tablespace OID. If so, and if the
     971             :          * directory entry is a symbolic link or a directory, skip it.
     972             :          *
     973             :          * Our goal here is to ignore anything that would have been considered
     974             :          * by scan_for_existing_tablespaces to be a tablespace.
     975             :          */
     976       26658 :         if (is_pg_tblspc && parse_oid(de->d_name, &oid) &&
     977           0 :             (type == PGFILETYPE_LNK || type == PGFILETYPE_DIR))
     978           2 :             continue;
     979             : 
     980             :         /* If it's a directory, recurse. */
     981       26656 :         if (type == PGFILETYPE_DIR)
     982             :         {
     983             :             char        new_relative_path[MAXPGPATH];
     984             : 
     985             :             /* Append new pathname component to relative path. */
     986         680 :             if (relative_path == NULL)
     987         440 :                 strlcpy(new_relative_path, de->d_name, MAXPGPATH);
     988             :             else
     989         240 :                 snprintf(new_relative_path, MAXPGPATH, "%s/%s", relative_path,
     990         240 :                          de->d_name);
     991             : 
     992             :             /* And recurse. */
     993         680 :             process_directory_recursively(tsoid,
     994             :                                           input_directory, output_directory,
     995             :                                           new_relative_path,
     996             :                                           n_prior_backups, prior_backup_dirs,
     997             :                                           manifests, mwriter, opt);
     998         676 :             continue;
     999             :         }
    1000             : 
    1001             :         /* Skip anything that's not a regular file. */
    1002       25976 :         if (type != PGFILETYPE_REG)
    1003             :         {
    1004           0 :             if (type == PGFILETYPE_LNK)
    1005           0 :                 pg_log_warning("skipping symbolic link \"%s\"", ifullpath);
    1006             :             else
    1007           0 :                 pg_log_warning("skipping special file \"%s\"", ifullpath);
    1008           0 :             continue;
    1009             :         }
    1010             : 
    1011             :         /*
    1012             :          * Skip the backup_label and backup_manifest files; they require
    1013             :          * special handling and are handled elsewhere.
    1014             :          */
    1015       25976 :         if (relative_path == NULL &&
    1016         190 :             (strcmp(de->d_name, "backup_label") == 0 ||
    1017         164 :              strcmp(de->d_name, "backup_manifest") == 0))
    1018          52 :             continue;
    1019             : 
    1020             :         /*
    1021             :          * If it's an incremental file, hand it off to the reconstruction
    1022             :          * code, which will figure out what to do.
    1023             :          */
    1024       25924 :         if (is_incremental_dir &&
    1025       25654 :             strncmp(de->d_name, INCREMENTAL_PREFIX,
    1026             :                     INCREMENTAL_PREFIX_LENGTH) == 0)
    1027             :         {
    1028             :             /* Output path should not include "INCREMENTAL." prefix. */
    1029       12926 :             snprintf(ofullpath, MAXPGPATH, "%s/%s", ofulldir,
    1030       12926 :                      de->d_name + INCREMENTAL_PREFIX_LENGTH);
    1031             : 
    1032             : 
    1033             :             /* Manifest path likewise omits incremental prefix. */
    1034       12926 :             snprintf(manifest_path, MAXPGPATH, "%s%s", manifest_prefix,
    1035       12926 :                      de->d_name + INCREMENTAL_PREFIX_LENGTH);
    1036             : 
    1037             :             /* Reconstruction logic will do the rest. */
    1038       12926 :             reconstruct_from_incremental_file(ifullpath, ofullpath,
    1039             :                                               manifest_prefix,
    1040       12926 :                                               de->d_name + INCREMENTAL_PREFIX_LENGTH,
    1041             :                                               n_prior_backups,
    1042             :                                               prior_backup_dirs,
    1043             :                                               manifests,
    1044             :                                               manifest_path,
    1045             :                                               checksum_type,
    1046             :                                               &checksum_length,
    1047             :                                               &checksum_payload,
    1048             :                                               opt->copy_method,
    1049       12926 :                                               opt->debug,
    1050       12926 :                                               opt->dry_run);
    1051             :         }
    1052             :         else
    1053             :         {
    1054             :             /* Construct the path that the backup_manifest will use. */
    1055       12998 :             snprintf(manifest_path, MAXPGPATH, "%s%s", manifest_prefix,
    1056       12998 :                      de->d_name);
    1057             : 
    1058             :             /*
    1059             :              * It's not an incremental file, so we need to copy the entire
    1060             :              * file to the output directory.
    1061             :              *
    1062             :              * If a checksum of the required type already exists in the
    1063             :              * backup_manifest for the final input directory, we can save some
    1064             :              * work by reusing that checksum instead of computing a new one.
    1065             :              */
    1066       12998 :             if (checksum_type != CHECKSUM_TYPE_NONE &&
    1067             :                 latest_manifest != NULL)
    1068             :             {
    1069             :                 manifest_file *mfile;
    1070             : 
    1071        9094 :                 mfile = manifest_files_lookup(latest_manifest->files,
    1072             :                                               manifest_path);
    1073        9094 :                 if (mfile == NULL)
    1074             :                 {
    1075             :                     char       *bmpath;
    1076             : 
    1077             :                     /*
    1078             :                      * The directory is out of sync with the backup_manifest,
    1079             :                      * so emit a warning.
    1080             :                      */
    1081           0 :                     bmpath = psprintf("%s/%s", input_directory,
    1082             :                                       "backup_manifest");
    1083           0 :                     pg_log_warning("manifest file \"%s\" contains no entry for file \"%s\"",
    1084             :                                    bmpath, manifest_path);
    1085           0 :                     pfree(bmpath);
    1086             :                 }
    1087        9094 :                 else if (mfile->checksum_type == checksum_type)
    1088             :                 {
    1089        7156 :                     checksum_length = mfile->checksum_length;
    1090        7156 :                     checksum_payload = mfile->checksum_payload;
    1091             :                 }
    1092             :             }
    1093             : 
    1094             :             /*
    1095             :              * If we're reusing a checksum, then we don't need copy_file() to
    1096             :              * compute one for us, but otherwise, it needs to compute whatever
    1097             :              * type of checksum we need.
    1098             :              */
    1099       12998 :             if (checksum_length != 0)
    1100        7156 :                 pg_checksum_init(&checksum_ctx, CHECKSUM_TYPE_NONE);
    1101             :             else
    1102        5842 :                 pg_checksum_init(&checksum_ctx, checksum_type);
    1103             : 
    1104             :             /* Actually copy the file. */
    1105       12998 :             snprintf(ofullpath, MAXPGPATH, "%s/%s", ofulldir, de->d_name);
    1106       12998 :             copy_file(ifullpath, ofullpath, &checksum_ctx,
    1107       12998 :                       opt->copy_method, opt->dry_run);
    1108             : 
    1109             :             /*
    1110             :              * If copy_file() performed a checksum calculation for us, then
    1111             :              * save the results (except in dry-run mode, when there's no
    1112             :              * point).
    1113             :              */
    1114       12998 :             if (checksum_ctx.type != CHECKSUM_TYPE_NONE && !opt->dry_run)
    1115             :             {
    1116        1938 :                 checksum_payload = pg_malloc(PG_CHECKSUM_MAX_LENGTH);
    1117        1938 :                 checksum_length = pg_checksum_final(&checksum_ctx,
    1118             :                                                     checksum_payload);
    1119             :             }
    1120             :         }
    1121             : 
    1122             :         /* Generate manifest entry, if needed. */
    1123       25922 :         if (mwriter != NULL)
    1124             :         {
    1125             :             struct stat sb;
    1126             : 
    1127             :             /*
    1128             :              * In order to generate a manifest entry, we need the file size
    1129             :              * and mtime. We have no way to know the correct mtime except to
    1130             :              * stat() the file, so just do that and get the size as well.
    1131             :              *
    1132             :              * If we didn't need the mtime here, we could try to obtain the
    1133             :              * file size from the reconstruction or file copy process above,
    1134             :              * although that is actually not convenient in all cases. If we
    1135             :              * write the file ourselves then clearly we can keep a count of
    1136             :              * bytes, but if we use something like CopyFile() then it's
    1137             :              * trickier. Since we have to stat() anyway to get the mtime,
    1138             :              * there's no point in worrying about it.
    1139             :              */
    1140       23982 :             if (stat(ofullpath, &sb) < 0)
    1141           0 :                 pg_fatal("could not stat file \"%s\": %m", ofullpath);
    1142             : 
    1143             :             /* OK, now do the work. */
    1144       23982 :             add_file_to_manifest(mwriter, manifest_path,
    1145       23982 :                                  sb.st_size, sb.st_mtime,
    1146             :                                  checksum_type, checksum_length,
    1147             :                                  checksum_payload);
    1148             :         }
    1149             : 
    1150             :         /* Avoid leaking memory. */
    1151       25922 :         if (checksum_payload != NULL)
    1152       22018 :             pfree(checksum_payload);
    1153             :     }
    1154             : 
    1155         702 :     closedir(dir);
    1156         702 : }
    1157             : 
    1158             : /*
    1159             :  * Read the version number from PG_VERSION and convert it to the usual server
    1160             :  * version number format. (e.g. If PG_VERSION contains "14\n" this function
    1161             :  * will return 140000)
    1162             :  */
    1163             : static int
    1164          40 : read_pg_version_file(char *directory)
    1165             : {
    1166             :     char        filename[MAXPGPATH];
    1167             :     StringInfoData buf;
    1168             :     int         fd;
    1169             :     int         version;
    1170             :     char       *ep;
    1171             : 
    1172             :     /* Construct pathname. */
    1173          40 :     snprintf(filename, MAXPGPATH, "%s/PG_VERSION", directory);
    1174             : 
    1175             :     /* Open file. */
    1176          40 :     if ((fd = open(filename, O_RDONLY, 0)) < 0)
    1177           0 :         pg_fatal("could not open file \"%s\": %m", filename);
    1178             : 
    1179             :     /* Read into memory. Length limit of 128 should be more than generous. */
    1180          40 :     initStringInfo(&buf);
    1181          40 :     slurp_file(fd, filename, &buf, 128);
    1182             : 
    1183             :     /* Close the file. */
    1184          40 :     if (close(fd) != 0)
    1185           0 :         pg_fatal("could not close file \"%s\": %m", filename);
    1186             : 
    1187             :     /* Convert to integer. */
    1188          40 :     errno = 0;
    1189          40 :     version = strtoul(buf.data, &ep, 10);
    1190          40 :     if (errno != 0 || *ep != '\n')
    1191             :     {
    1192             :         /*
    1193             :          * Incremental backup is not relevant to very old server versions that
    1194             :          * used multi-part version number (e.g. 9.6, or 8.4). So if we see
    1195             :          * what looks like the beginning of such a version number, just bail
    1196             :          * out.
    1197             :          */
    1198           0 :         if (version < 10 && *ep == '.')
    1199           0 :             pg_fatal("%s: server version too old", filename);
    1200           0 :         pg_fatal("%s: could not parse version number", filename);
    1201             :     }
    1202             : 
    1203             :     /* Debugging output. */
    1204          40 :     pg_log_debug("read server version %d from file \"%s\"", version, filename);
    1205             : 
    1206             :     /* Release memory and return result. */
    1207          40 :     pfree(buf.data);
    1208          40 :     return version * 10000;
    1209             : }
    1210             : 
    1211             : /*
    1212             :  * Add a directory to the list of output directories to clean up.
    1213             :  */
    1214             : static void
    1215          28 : remember_to_cleanup_directory(char *target_path, bool rmtopdir)
    1216             : {
    1217          28 :     cb_cleanup_dir *dir = pg_malloc(sizeof(cb_cleanup_dir));
    1218             : 
    1219          28 :     dir->target_path = target_path;
    1220          28 :     dir->rmtopdir = rmtopdir;
    1221          28 :     dir->next = cleanup_dir_list;
    1222          28 :     cleanup_dir_list = dir;
    1223          28 : }
    1224             : 
    1225             : /*
    1226             :  * Empty out the list of directories scheduled for cleanup at exit.
    1227             :  *
    1228             :  * We want to remove the output directories only on a failure, so call this
    1229             :  * function when we know that the operation has succeeded.
    1230             :  *
    1231             :  * Since we only expect this to be called when we're about to exit, we could
    1232             :  * just set cleanup_dir_list to NULL and be done with it, but we free the
    1233             :  * memory to be tidy.
    1234             :  */
    1235             : static void
    1236          24 : reset_directory_cleanup_list(void)
    1237             : {
    1238          50 :     while (cleanup_dir_list != NULL)
    1239             :     {
    1240          26 :         cb_cleanup_dir *dir = cleanup_dir_list;
    1241             : 
    1242          26 :         cleanup_dir_list = cleanup_dir_list->next;
    1243          26 :         pfree(dir);
    1244             :     }
    1245          24 : }
    1246             : 
    1247             : /*
    1248             :  * Scan the pg_tblspc directory of the final input backup to get a canonical
    1249             :  * list of what tablespaces are part of the backup.
    1250             :  *
    1251             :  * 'pathname' should be the path to the toplevel backup directory for the
    1252             :  * final backup in the backup chain.
    1253             :  */
    1254             : static cb_tablespace *
    1255          26 : scan_for_existing_tablespaces(char *pathname, cb_options *opt)
    1256             : {
    1257             :     char        pg_tblspc[MAXPGPATH];
    1258             :     DIR        *dir;
    1259             :     struct dirent *de;
    1260          26 :     cb_tablespace *tslist = NULL;
    1261             : 
    1262          26 :     snprintf(pg_tblspc, MAXPGPATH, "%s/%s", pathname, PG_TBLSPC_DIR);
    1263          26 :     pg_log_debug("scanning \"%s\"", pg_tblspc);
    1264             : 
    1265          26 :     if ((dir = opendir(pg_tblspc)) == NULL)
    1266           0 :         pg_fatal("could not open directory \"%s\": %m", pg_tblspc);
    1267             : 
    1268          80 :     while (errno = 0, (de = readdir(dir)) != NULL)
    1269             :     {
    1270             :         Oid         oid;
    1271             :         char        tblspcdir[MAXPGPATH];
    1272             :         char        link_target[MAXPGPATH];
    1273             :         int         link_length;
    1274             :         cb_tablespace *ts;
    1275             :         cb_tablespace *otherts;
    1276             :         PGFileType  type;
    1277             : 
    1278             :         /* Silently ignore "." and ".." entries. */
    1279          54 :         if (strcmp(de->d_name, ".") == 0 || strcmp(de->d_name, "..") == 0)
    1280          52 :             continue;
    1281             : 
    1282             :         /* Construct full pathname. */
    1283           2 :         snprintf(tblspcdir, MAXPGPATH, "%s/%s", pg_tblspc, de->d_name);
    1284             : 
    1285             :         /* Ignore any file name that doesn't look like a proper OID. */
    1286           2 :         if (!parse_oid(de->d_name, &oid))
    1287             :         {
    1288           0 :             pg_log_debug("skipping \"%s\" because the filename is not a legal tablespace OID",
    1289             :                          tblspcdir);
    1290           0 :             continue;
    1291             :         }
    1292             : 
    1293             :         /* Only symbolic links and directories are tablespaces. */
    1294           2 :         type = get_dirent_type(tblspcdir, de, false, PG_LOG_ERROR);
    1295           2 :         if (type == PGFILETYPE_ERROR)
    1296           0 :             exit(1);
    1297           2 :         if (type != PGFILETYPE_LNK && type != PGFILETYPE_DIR)
    1298             :         {
    1299           0 :             pg_log_debug("skipping \"%s\" because it is neither a symbolic link nor a directory",
    1300             :                          tblspcdir);
    1301           0 :             continue;
    1302             :         }
    1303             : 
    1304             :         /* Create a new tablespace object. */
    1305           2 :         ts = pg_malloc0(sizeof(cb_tablespace));
    1306           2 :         ts->oid = oid;
    1307             : 
    1308             :         /*
    1309             :          * If it's a link, it's not an in-place tablespace. Otherwise, it must
    1310             :          * be a directory, and thus an in-place tablespace.
    1311             :          */
    1312           2 :         if (type == PGFILETYPE_LNK)
    1313             :         {
    1314             :             cb_tablespace_mapping *tsmap;
    1315             : 
    1316             :             /* Read the link target. */
    1317           2 :             link_length = readlink(tblspcdir, link_target, sizeof(link_target));
    1318           2 :             if (link_length < 0)
    1319           0 :                 pg_fatal("could not read symbolic link \"%s\": %m",
    1320             :                          tblspcdir);
    1321           2 :             if (link_length >= sizeof(link_target))
    1322           0 :                 pg_fatal("target of symbolic link \"%s\" is too long", tblspcdir);
    1323           2 :             link_target[link_length] = '\0';
    1324           2 :             if (!is_absolute_path(link_target))
    1325           0 :                 pg_fatal("target of symbolic link \"%s\" is relative", tblspcdir);
    1326             : 
    1327             :             /* Canonicalize the link target. */
    1328           2 :             canonicalize_path(link_target);
    1329             : 
    1330             :             /*
    1331             :              * Find the corresponding tablespace mapping and copy the relevant
    1332             :              * details into the new tablespace entry.
    1333             :              */
    1334           2 :             for (tsmap = opt->tsmappings; tsmap != NULL; tsmap = tsmap->next)
    1335             :             {
    1336           2 :                 if (strcmp(tsmap->old_dir, link_target) == 0)
    1337             :                 {
    1338           2 :                     strlcpy(ts->old_dir, tsmap->old_dir, MAXPGPATH);
    1339           2 :                     strlcpy(ts->new_dir, tsmap->new_dir, MAXPGPATH);
    1340           2 :                     ts->in_place = false;
    1341           2 :                     break;
    1342             :                 }
    1343             :             }
    1344             : 
    1345             :             /* Every non-in-place tablespace must be mapped. */
    1346           2 :             if (tsmap == NULL)
    1347           0 :                 pg_fatal("tablespace at \"%s\" has no tablespace mapping",
    1348             :                          link_target);
    1349             :         }
    1350             :         else
    1351             :         {
    1352             :             /*
    1353             :              * For an in-place tablespace, there's no separate directory, so
    1354             :              * we just record the paths within the data directories.
    1355             :              */
    1356           0 :             snprintf(ts->old_dir, MAXPGPATH, "%s/%s", pg_tblspc, de->d_name);
    1357           0 :             snprintf(ts->new_dir, MAXPGPATH, "%s/%s/%s", opt->output,
    1358           0 :                      PG_TBLSPC_DIR, de->d_name);
    1359           0 :             ts->in_place = true;
    1360             :         }
    1361             : 
    1362             :         /* Tablespaces should not share a directory. */
    1363           2 :         for (otherts = tslist; otherts != NULL; otherts = otherts->next)
    1364           0 :             if (strcmp(ts->new_dir, otherts->new_dir) == 0)
    1365           0 :                 pg_fatal("tablespaces with OIDs %u and %u both point at directory \"%s\"",
    1366             :                          otherts->oid, oid, ts->new_dir);
    1367             : 
    1368             :         /* Add this tablespace to the list. */
    1369           2 :         ts->next = tslist;
    1370           2 :         tslist = ts;
    1371             :     }
    1372             : 
    1373          26 :     if (closedir(dir) != 0)
    1374           0 :         pg_fatal("could not close directory \"%s\": %m", pg_tblspc);
    1375             : 
    1376          26 :     return tslist;
    1377             : }
    1378             : 
    1379             : /*
    1380             :  * Read a file into a StringInfo.
    1381             :  *
    1382             :  * fd is used for the actual file I/O, filename for error reporting purposes.
    1383             :  * A file longer than maxlen is a fatal error.
    1384             :  */
    1385             : static void
    1386         114 : slurp_file(int fd, char *filename, StringInfo buf, int maxlen)
    1387             : {
    1388             :     struct stat st;
    1389             :     ssize_t     rb;
    1390             : 
    1391             :     /* Check file size, and complain if it's too large. */
    1392         114 :     if (fstat(fd, &st) != 0)
    1393           0 :         pg_fatal("could not stat file \"%s\": %m", filename);
    1394         114 :     if (st.st_size > maxlen)
    1395           0 :         pg_fatal("file \"%s\" is too large", filename);
    1396             : 
    1397             :     /* Make sure we have enough space. */
    1398         114 :     enlargeStringInfo(buf, st.st_size);
    1399             : 
    1400             :     /* Read the data. */
    1401         114 :     rb = read(fd, &buf->data[buf->len], st.st_size);
    1402             : 
    1403             :     /*
    1404             :      * We don't expect any concurrent changes, so we should read exactly the
    1405             :      * expected number of bytes.
    1406             :      */
    1407         114 :     if (rb != st.st_size)
    1408             :     {
    1409           0 :         if (rb < 0)
    1410           0 :             pg_fatal("could not read file \"%s\": %m", filename);
    1411             :         else
    1412           0 :             pg_fatal("could not read file \"%s\": read %zd of %lld",
    1413             :                      filename, rb, (long long int) st.st_size);
    1414             :     }
    1415             : 
    1416             :     /* Adjust buffer length for new data and restore trailing-\0 invariant */
    1417         114 :     buf->len += rb;
    1418         114 :     buf->data[buf->len] = '\0';
    1419         114 : }

Generated by: LCOV version 1.14