terminate-psql-sessions: Only terminate if we have permissions.

We have been semi-accidentally relying on the fact that terminate-psql-sessions fails silently when there are PIDs we don't have permission to terminate. This actually happens somewhat often, generally when we're doing a series of operations in quick succession by different users, because postgres processes live a little longer than the `psql` shell that started them. As part of adding ON_STOP_ERROR to all of our postgres commands, it makes sense to enforce we don't fail here, but that means we need to actually filter the target PIDs to only ones we can actually kill. Signed-off-by: Anders Kaseorg <anders@zulipchat.com>
2019-04-23 14:41:42 -07:00 · 2019-04-23 14:41:42 -07:00 · 9937734e50
parent c012362fde
commit 9937734e50
1 changed files with 7 additions and 2 deletions
--- a/scripts/setup/terminate-psql-sessions
+++ b/scripts/setup/terminate-psql-sessions
@ -26,6 +26,11 @@ root)
    ;;
 esac

-"${psql[@]}" <<EOF
-SELECT pg_terminate_backend(pid) FROM pg_stat_activity WHERE datname IN ($tables);
+"${psql[@]}" -v ON_ERROR_STOP=1 <<EOF
+SELECT pg_terminate_backend(s.pid)
+    FROM pg_stat_activity s, pg_roles r
+    WHERE
+        s.datname IN ($tables)
+        AND r.rolname = CURRENT_USER
+        AND (s.usename = r.rolname OR r.rolsuper = 't');
 EOF