This patch reserves the last superuser_reserved_connections slots for

connections by the superuser only.

This patch replaces the last patch I sent a couple of days ago.

It closes a connection that has not been authorised by a superuser if it would
leave less than the GUC variable ReservedBackends
(superuser_reserved_connections in postgres.conf) backend process slots free
in the SISeg. This differs to the first patch which only reserved the last
ReservedBackends slots in the procState array. This has made the free slot
test more expensive due to the use of a lock.

After thinking about a comment on the first patch I've also made it a fatal
error if the number of reserved slots is not less than the maximum number of
connections.

Nigel J. Andrews

3 files changed, 21 insertions, 3 deletions

diff --git a/src/backend/utils/init/postinit.c b/src/backend/utils/init/postinit.c
index f36c1d981fa..b02e371a818 100644
--- a/src/backend/utils/init/postinit.c
+++ b/src/backend/utils/init/postinit.c
@@ -8,7 +8,7 @@
  *
  *
  * IDENTIFICATION
- *	  $Header: /cvsroot/pgsql/src/backend/utils/init/postinit.c,v 1.110 2002/08/29 07:22:28 ishii Exp $
+ *	  $Header: /cvsroot/pgsql/src/backend/utils/init/postinit.c,v 1.111 2002/08/29 21:02:12 momjian Exp $
  *
  *
  *-------------------------------------------------------------------------
@@ -395,6 +395,16 @@ InitPostgres(const char *dbname, const char *username)
 	/* close the transaction we started above */
 	if (!bootstrap)
 		CommitTransactionCommand();
+
+	/*
+	 * Check a normal user hasn't connected to a superuser reserved slot.
+	 * Do this here since we need the user information and that only happens
+	 * after we've started bringing the shared memory online. So we wait
+	 * until we've registered exit handlers and potentially shut an open
+	 * transaction down for an as safety conscious rejection as possible.
+	 */
+	if (CountEmptyBackendSlots() < ReservedBackends && !superuser())
+		elog(ERROR, "Non-superuser connection limit exceeded");
 }
 
 /*
diff --git a/src/backend/utils/misc/guc.c b/src/backend/utils/misc/guc.c
index 5114fcc38f2..e88882def40 100644
--- a/src/backend/utils/misc/guc.c
+++ b/src/backend/utils/misc/guc.c
@@ -5,7 +5,7 @@
  * command, configuration file, and command line options.
  * See src/backend/utils/misc/README for more information.
  *
- * $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.86 2002/08/29 17:14:33 tgl Exp $
+ * $Header: /cvsroot/pgsql/src/backend/utils/misc/guc.c,v 1.87 2002/08/29 21:02:12 momjian Exp $
  *
  * Copyright 2000 by PostgreSQL Global Development Group
  * Written by Peter Eisentraut <peter_e@gmx.net>.
@@ -537,7 +537,9 @@ static struct config_int
 	/*
 	 * Note: There is some postprocessing done in PostmasterMain() to make
 	 * sure the buffers are at least twice the number of backends, so the
-	 * constraints here are partially unused.
+	 * constraints here are partially unused. Similarly, the superuser
+	 * reserved number is checked to ensure it is less than the max
+	 * backends number.
 	 */
 	{
 		{ "max_connections", PGC_POSTMASTER }, &MaxBackends,
@@ -545,6 +547,11 @@ static struct config_int
 	},
 
 	{
+		{ "superuser_reserved_connections", PGC_POSTMASTER }, &ReservedBackends,
+		2, 0, INT_MAX, NULL, NULL
+	},
+
+	{
 		{ "shared_buffers", PGC_POSTMASTER }, &NBuffers,
 		DEF_NBUFFERS, 16, INT_MAX, NULL, NULL
 	},
diff --git a/src/backend/utils/misc/postgresql.conf.sample b/src/backend/utils/misc/postgresql.conf.sample
index c3e065ecdb8..11e9caaabcf 100644
--- a/src/backend/utils/misc/postgresql.conf.sample
+++ b/src/backend/utils/misc/postgresql.conf.sample
@@ -31,6 +31,7 @@
 #ssl = false
 
 #max_connections = 32
+#superuser_reserved_connections = 2
 
 #port = 5432 
 #hostname_lookup = false