/*
* Functions to send signals to other backends.
*/
static bool
pg_signal_backend(int pid, int sig)
{
if (!superuser())
ereport(ERROR,
(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
(errmsg("must be superuser to signal other server processes"))));
if (!IsBackendPid(pid))
{
/*
* This is just a warning so a loop-through-resultset will not abort
* if one backend terminated on it's own during the run
*/
ereport(WARNING,
(errmsg("PID %d is not a PostgreSQL server process", pid)));
return false;
}
/* If we have setsid(), signal the backend's whole process group */
#ifdef HAVE_SETSID
if (kill(-pid, sig))
#else
if (kill(pid, sig))
#endif
{
/* Again, just a warning to allow loops */
ereport(WARNING,
(errmsg("could not send signal to process %d: %m", pid)));
return false;
}
return true;
}
static int
pg_signal_backend(int pid, int sig)
{
PGPROC *proc;
if (!superuser())
{
/*
* Since the user is not superuser, check for matching roles. Trust
* that BackendPidGetProc will return NULL if the pid isn't valid,
* even though the check for whether it's a backend process is below.
* The IsBackendPid check can't be relied on as definitive even if it
* was first. The process might end between successive checks
* regardless of their order. There's no way to acquire a lock on an
* arbitrary process to prevent that. But since so far all the callers
* of this mechanism involve some request for ending the process
* anyway, that it might end on its own first is not a problem.
*/
proc = BackendPidGetProc(pid);
if (proc == NULL || proc->roleId != GetUserId())
return SIGNAL_BACKEND_NOPERMISSION;
}
if (!IsBackendPid(pid))
{
/*
* This is just a warning so a loop-through-resultset will not abort
* if one backend terminated on it's own during the run
*/
ereport(WARNING,
(errmsg("PID %d is not a PostgreSQL server process", pid)));
return SIGNAL_BACKEND_ERROR;
}
/*
* Can the process we just validated above end, followed by the pid being
* recycled for a new process, before reaching here? Then we'd be trying
* to kill the wrong thing. Seems near impossible when sequential pid
* assignment and wraparound is used. Perhaps it could happen on a system
* where pid re-use is randomized. That race condition possibility seems
* too unlikely to worry about.
*/
/* If we have setsid(), signal the backend's whole process group */
#ifdef HAVE_SETSID
if (kill(-pid, sig))
#else
if (kill(pid, sig))
#endif
{
/* Again, just a warning to allow loops */
ereport(WARNING,
(errmsg("could not send signal to process %d: %m", pid)));
return SIGNAL_BACKEND_ERROR;
}
return SIGNAL_BACKEND_SUCCESS;
}