| From: | Andres Freund <andres(at)anarazel(dot)de> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Christoph Berg <myon(at)debian(dot)org>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org>, Robert Haas <robertmhaas(at)gmail(dot)com> |
| Subject: | Re: fsync-pgdata-on-recovery tries to write to more files than previously |
| Date: | 2015-05-24 00:52:45 |
| Message-ID: | 20150524005245.GD32396@alap3.anarazel.de |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On 2015-05-23 16:33:29 -0400, Tom Lane wrote:
> Christoph Berg <myon(at)debian(dot)org> writes:
> > the new fsync-pgdata-on-recovery code tries to open all files using
> > O_RDWR. At least on 9.1, this can make recovery fail:
>
> Hm. I wonder whether it would be all right to just skip files for which
> we get EPERM on open(). The argument being that if we can't write to the
> file, we should not be held responsible for fsync'ing it either. But
> I'm not sure whether EPERM would be the only relevant errno, or whether
> there are cases where this would mask real problems.
We could even try doing the a fsync with a readonly fd as a fallback,
but that's also pretty hacky.
How about, to avoid masking actual problems, we have a more
differentiated logic for the toplevel data directory? I think we could
just skip all non-directory files in there data_directory itself. None
of the files in the toplevel directory, with the exception of
postgresql.auto.conf, will ever get written to by PG itself. And if
there's readonly files somewhere in a subdirectory, I won't feel
particularly bad.
Greetings,
Andres Freund
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Bruce Momjian | 2015-05-24 01:36:50 | Re: Run pgindent now? |
| Previous Message | Noah Misch | 2015-05-24 00:14:45 | Re: RFC: Non-user-resettable SET SESSION AUTHORISATION |