At 3/5/2001 04:30 PM, you wrote:
>Now, killing the postmaster -9 and not cleaning up the backends has
>always been a good way to shoot yourself in the foot, but up to now the
>worst thing that was likely to happen to you was isolated corruption in
>specific tables. In the brave new world of WAL the stakes are higher,
>because the system will refuse to start up if it finds a corrupted
>checkpoint record. Clueless admins who resort to kill -9 as a routine
>admin tool *will* lose their databases. Moreover, the init scripts
>that are running around now are dangerous weapons if used with 7.1.
>I think we need a stronger interlock to prevent this scenario, but I'm
>unsure what it should be. Ideas?
Is there anyway to see if the other processes (child) have a lock on the
On a lot of systems, when a daemon starts, will record the PID in a file so
it/'the admin' can do a 'shutdown' script with the PID listed.
Can child processes list themselves like child.PID in a configurable
directory, and have the starting process look for all of these and shut the
"orphaned" child processes down?
In response to
pgsql-hackers by date
|Next:||From: Alfred Perlstein||Date: 2001-03-05 23:47:51|
|Subject: Re: How to shoot yourself in the foot: kill -9 postmaster|
|Previous:||From: Tom Lane||Date: 2001-03-05 22:30:26|
|Subject: How to shoot yourself in the foot: kill -9 postmaster|