Skip site navigation (1) Skip section navigation (2)

Re: How to shoot yourself in the foot: kill -9 postmaster

From: Hiroshi Inoue <Inoue(at)tpf(dot)co(dot)jp>
To: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
Cc: pgsql-hackers(at)postgreSQL(dot)org
Subject: Re: How to shoot yourself in the foot: kill -9 postmaster
Date: 2001-03-06 02:19:33
Message-ID: 3AA44935.EE47F7D9@tpf.co.jp (view raw or flat)
Thread:
Lists: pgsql-hackers
Tom Lane wrote:
> 
> Now, killing the postmaster -9 and not cleaning up the backends has
> always been a good way to shoot yourself in the foot, but up to now the
> worst thing that was likely to happen to you was isolated corruption in
> specific tables.  In the brave new world of WAL the stakes are higher,
> because the system will refuse to start up if it finds a corrupted
> checkpoint record.  Clueless admins who resort to kill -9 as a routine
> admin tool *will* lose their databases.  Moreover, the init scripts
> that are running around now are dangerous weapons if used with 7.1.
> 
> I think we need a stronger interlock to prevent this scenario, but I'm
> unsure what it should be.  Ideas?
> 

Seems the simplest way is to inhibit starting postmaster
if the pid file exists.
Another way is to use flock() if flock() is available.
We could flock() the pid file so that another postmaster
could detect the lock of the file.

Regards,
Hiroshi Inoue

In response to

Responses

pgsql-hackers by date

Next:From: Lamar OwenDate: 2001-03-06 02:23:55
Subject: Re: How to shoot yourself in the foot: kill -9 postmaster
Previous:From: Nathan MyersDate: 2001-03-06 02:19:25
Subject: Re: How to shoot yourself in the foot: kill -9 postmaster

Privacy Policy | About PostgreSQL
Copyright © 1996-2014 The PostgreSQL Global Development Group