If you are used to patch Oracle databases you probably know how to use opatch to apply PSUs. How does PostgreSQL handle this? Do we need to patch the existing binaries to apply security fixes? The answer is: No.
Lets say you want to patch PostgreSQL from version 9.4.1 to version 9.4.5. What do you need to do?
For this little demo I’ll create a new database and a sample table in my 9.4.1 instance:
(postgres@[local]:5432) [postgres] > select version(); version -------------------------------------------------------------------------------------------------------------------------- PostgreSQL 9.4.1 on x86_64-unknown-linux-gnu, compiled by gcc (GCC) 4.8.3 20140911 (Red Hat 4.8.3-9), 64-bit (1 row) Time: 0.483 ms (postgres@[local]:5432) [postgres] > create database patch; CREATE DATABASE Time: 2533.745 ms (postgres@[local]:5432) [postgres] > c patch You are now connected to database "patch" as user "postgres". (postgres@[local]:5432) > create table test ( a int ); CREATE TABLE Time: 2.430 ms (postgres@[local]:5432) > insert into test (a) values ( generate_series(1,100)); INSERT 0 100 Time: 0.959 ms
If I now want to bring this version to 9.4.5 the first step I’ll need to do is to install the 9.4.5 binaries in a separate path. The binaries for my 9.4.1 installation are located here:
postgres@oel7:/home/postgres/ [PG1] ps -ef | grep PG1 postgres 2645 1 0 10:51 ? 00:00:00 /u01/app/postgres/product/94/db_1/bin/postgres -D /u02/pgdata/PG1 postgres 14439 11550 0 11:04 pts/1 00:00:00 grep --color=auto PG1
I already installed the 9.4.5 binaries here:
postgres@oel7:/home/postgres/ [PG1] ls /u01/app/postgres/product/94/db_5 bin include lib share
The only tasks I need to do from here on are a) stop the 9.4.1 version:
postgres@oel7:/home/postgres/ [PG1] which pg_ctl /u01/app/postgres/product/94/db_1/bin/pg_ctl postgres@oel7:/home/postgres/ [PG1] pg_ctl -D /u02/pgdata/PG1 stop -m fast waiting for server to shut down.... done server stopped postgres@oel7:/home/postgres/ [PG1] ps -ef | grep PG1 postgres 14452 11550 0 11:06 pts/1 00:00:00 grep --color=auto PG1 postgres@oel7:/home/postgres/ [PG1]
Once the old version is down I just can b) restart with the new binaries:
postgres@oel7:/home/postgres/ [PG1] which pg_ctl /u01/app/postgres/product/94/db_5/bin/pg_ctl postgres@oel7:/home/postgres/ [PG1] pg_ctl -D /u02/pgdata/PG1 start server starting postgres@oel7:/home/postgres/ [PG1] LOG: database system was shut down at 2015-12-01 11:06:31 CET LOG: MultiXact member wraparound protections are now enabled LOG: database system is ready to accept connections LOG: autovacuum launcher started
That’s it. The new version is now 9.4.5:
(postgres@[local]:5432) [postgres] > select version(); version -------------------------------------------------------------------------------------------------------------- PostgreSQL 9.4.5 on x86_64-unknown-linux-gnu, compiled by gcc (GCC) 4.8.3 20140911 (Red Hat 4.8.3-9), 64-bit (1 row) Time: 20.725 ms (postgres@[local]:5432) [postgres] > c patch You are now connected to database "patch" as user "postgres". (postgres@[local]:5432) > select count(*) from test; count ------- 100 (1 row) Time: 104.297 ms
Usually, for minor versions, you can just install the new binaries and start the instance from there. But anyway, be sure to read the release notes before doing it.