| From: | Bruce Momjian <bruce(at)momjian(dot)us> |
|---|---|
| To: | PostgreSQL-development <pgsql-hackers(at)postgreSQL(dot)org> |
| Subject: | pg_upgrade using appname to lock out other users |
| Date: | 2011-06-15 03:01:13 |
| Message-ID: | 201106150301.p5F31DP22550@momjian.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
You might remember we added a postmaster/postgres -b switch to indicate
binary upgrade mode. The attached patch prevents any client without an
application_name of 'binary-upgrade' from connecting to the cluster
while it is binary upgrade mode. This helps prevent unauthorized users
from connecting during the upgrade. This will not help for clusters
that do not have the -b flag, e.g. pre-9.1.
Does this seem useful? Something for 9.1 or 9.2?
This idea came from Andrew Dunstan via IRC during a pg_upgrade run by
Stephen Frost when some clients accidentally connected. (Stephen reran
pg_upgrade successfully.)
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ It's impossible for everything to be true. +
| Attachment | Content-Type | Size |
|---|---|---|
| /rtmp/appname | text/x-diff | 1.2 KB |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Greg Sabino Mullane | 2011-06-15 03:04:21 | Re: procpid? |
| Previous Message | Itagaki Takahiro | 2011-06-15 02:53:16 | Re: possible connection leak in dblink? |