磨砺技术珠矶,践行数据之道,追求卓越价值
回到上一级页面:PostgreSQL内部结构与源代码研究索引页 回到顶级页面:PostgreSQL索引页
本文的目的一是为了备忘,二是为了抛砖引玉,希望有更多的人来研究如何使用好PostgreSQL的hook机制。
在研究pg_stat_statments的源代码的时候,发现其中使用了hook机制:例如其中提到了如下几种hook:
void _PG_fini(void) { /* Uninstall hooks. */ shmem_startup_hook = prev_shmem_startup_hook; ExecutorStart_hook = prev_ExecutorStart; ExecutorRun_hook = prev_ExecutorRun; ExecutorFinish_hook = prev_ExecutorFinish; ExecutorEnd_hook = prev_ExecutorEnd; ProcessUtility_hook = prev_ProcessUtility; }
hook机制,是一把双刃剑:
它十分强大,可以让用户有机会切入到PostgreSQL的内部运行机制中,完成用户自定义的控制登录过程、查看系统状态、收集数据库活动的统计信息,甚至控制数据库中特定活动的执行。
当然,一般而言要求hook函数用C语言来编写,如果稍有不慎可能造成数据库系统失常乃至崩溃。
如果按照如下的日文网站的列举,其种类繁多,功能丰富:
http://postgresql.g.hatena.ne.jp/pgsql/20090325
遗憾的是,PostgreSQL的官方文档中没有讲如何使用hook的。只是在release note 中隐约提及。
目前,最权威的资料,来自于:http://wiki.postgresql.org/images/e/e3/Hooks_in_postgresql.pdf
为了进行初步的学习,参考了如下的URL的例子:
http://michael.otacoo.com/postgresql-2/hooks-in-postgres-super-superuser-restrictions/
下面描述建立hook的过程:
此处使用的是 ProcessUtility_hook,作为了例子,当我们从psql等发起 drop database xxx命令的时候。
本hook被激活,然后进行检查,如果被删除的数据库名为 fooddb,那么只有用户foo才有机会删除它。
步骤1:建立contrib目录:
[root@server contrib]# pwd /soft/postgresql-9.1.2/contrib [root@server contrib]# mkdir dbrestrict [root@server contrib]# cd dbrestrict
步骤2:编写程序代码:
需要指出的是,由于我用的是postgresql9.1.2,和上述URL中所用的数据库版本有所不同,故 standard_ProcessUtility 的入口参数有所不同。
[root@server dbrestrict]# pwd /soft/postgresql-9.1.2/contrib/dbrestrict [root@server dbrestrict]# cat dbrestrict.c /* * dbrestrict.c * Restrict drop of a given database to a given super-superuser only. * Michael Paquier, 2013 * Under license "do whatever you want with that" */ #include "postgres.h" #include "miscadmin.h" #include "tcop/utility.h" PG_MODULE_MAGIC; void _PG_init(void); void _PG_fini(void); static char *undroppabledb = "foodb"; static char *supersuperuser = "foo"; static ProcessUtility_hook_type prev_utility_hook = NULL; static void dbrestrict_utility(Node *parsetree, const char *queryString, ParamListInfo params,bool isTopLevel, DestReceiver *dest,char *completionTag); /* * Personal process for DB drop restriction */
static
void dbrestrict_utility(Node *parsetree,const char *queryString,ParamListInfo params,bool isTopLevel,DestReceiver *dest,char *completionTag) { /* Do our custom process on drop database */
switch (nodeTag(parsetree)) { case T_DropdbStmt: { DropdbStmt *stmt = (DropdbStmt *) parsetree; char *username = GetUserNameFromId(GetUserId()); /* * Check that only the authorized superuser foo can * drop the database undroppable_foodb. */
if (strcmp(stmt->dbname, undroppabledb) == 0 && strcmp(username, supersuperuser) != 0) ereport(ERROR, (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), errmsg("Only super-superuser \"%s\" can drop database \"%s\"", supersuperuser, undroppabledb))); break; } default: break; } /* Fallback to normal process */ standard_ProcessUtility(parsetree, queryString, params, isTopLevel,dest,completionTag); } /* * _PG_init * Install the hook. */
void _PG_init(void) { prev_utility_hook = ProcessUtility_hook; ProcessUtility_hook = dbrestrict_utility; } /* * _PG_fini * Uninstall the hook. */
void _PG_fini(void) { ProcessUtility_hook = prev_utility_hook; } [root@server dbrestrict]#
步骤3:建立Makefile:
[root@server dbrestrict]# cat Makefile # contrib/dbrestrict/Makefile MODULES = dbrestrict OBJS = dbrestreict.so ifdef USE_PGXS PG_CONFIG = pg_config PGXS := $(shell $(PG_CONFIG) --pgxs) include $(PGXS) else subdir = contrib/dbrestrict top_builddir = ../.. include $(top_builddir)/src/Makefile.global include $(top_srcdir)/contrib/contrib-global.mk endif [root@server dbrestrict]#
步骤4:编译和安装:
[root@server dbrestrict]# make gcc -O2 -Wall -Wmissing-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wendif-labels -Wformat-security -fno-strict-aliasing -fwrapv -fpic -I. -I. -I../../src/include -D_GNU_SOURCE -c -o dbrestrict.o dbrestrict.c gcc -O2 -Wall -Wmissing-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wendif-labels -Wformat-security -fno-strict-aliasing -fwrapv -fpic -L../../src/port -Wl,-rpath,'/usr/local/pgsql/lib',--enable-new-dtags -shared -o dbrestrict.so dbrestrict.o rm dbrestrict.o [root@server dbrestrict]# ls Makefile dbrestrict.c dbrestrict.so [root@server dbrestrict]# make install /bin/mkdir -p '/usr/local/pgsql/lib'
/bin/sh ../../config/install-sh -c -m 755 dbrestrict.so '/usr/local/pgsql/lib/' [root@server dbrestrict]#
步骤5:配置postgresql.conf文件:把编译好的名为dbrestrict的动态库,追加到 shared_preload_libraries中。
[postgres@server data]$ vim postgresql.conf
[postgres@server data]$ cat postgresql.conf | grep 'preload' shared_preload_libraries = 'dbrestrict' # (change requires restart) #local_preload_libraries = '' [postgres@server data]$
这中 shared_preload_libraries 机制还是不错的,事实上EnterpriseDB PPAS的postgresql.conf的此行是这样的:
shared_preload_libraries = '$libdir/dbms_pipe,$libdir/edb_gen'
步骤6:运行验证:
重新启动postgresql
[postgres@server pgsql]$ ./bin/pg_ctl -D ./data start server starting [postgres@server pgsql]$ LOG: loaded library "dbrestrict" LOG: database system was shut down at 2013-06-19 21:05:17 CST LOG: autovacuum launcher started LOG: database system is ready to accept connections
可以看到,对用户 foo 和 goo,他们意图drop database foodb时候,得到的信息是不同的;如果foo是super user,就已经可以删除数据库了:
postgres=# create database foodb; CREATE DATABASE postgres=# create role foo; CREATE ROLE postgres=# \c postgres foo; FATAL: role "foo" is not permitted to log in Previous connection kept postgres=# drop role foo; DROP ROLE postgres=# create role foo login; CREATE ROLE postgres=# \c postgres foo; You are now connected to database "postgres" as user "foo". postgres=> drop database foodb; ERROR: must be owner of database foodb postgres=> postgres=# create role goo login; CREATE ROLE postgres=# \c postgres goo; You are now connected to database "postgres" as user "goo". postgres=> drop database foodb; ERROR: Only super-superuser "foo" can drop database "foodb" postgres=>
结束!如果有可能,希望更进一步地学习PostgreSQL的各种hook,如果有人可以提供更加详细的信息,十分感谢!
磨砺技术珠矶,践行数据之道,追求卓越价值
回到上一级页面:PostgreSQL内部结构与源代码研究索引页 回到顶级页面:PostgreSQL索引页