From: | Bruce Momjian <bruce(at)momjian(dot)us> |
---|---|
To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
Cc: | Magnus Hagander <magnus(at)hagander(dot)net>, pgsql-hackers(at)postgresql(dot)org |
Subject: | Re: Yet another failure mode in pg_upgrade |
Date: | 2012-09-01 19:47:14 |
Message-ID: | 20120901194714.GE13604@momjian.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
On Sat, Sep 1, 2012 at 03:05:01PM -0400, Tom Lane wrote:
> Bruce Momjian <bruce(at)momjian(dot)us> writes:
> > My point is that we are still going to need traditional connections for
> > live checks.
>
> Yes, but that's not terribly relevant, IMO. All it means is that we
> don't want to invent some solution that doesn't go through libpq.
>
> > If we could find a solution for Windows, the socket in
> > current directory might be enough to lock things down, especially if we
> > put the socket in a new subdirectory that only we can read/write to.
>
> Who is "we"? Somebody else logged in under the postgres userid could
> still connect.
But they have to find the current directory to do that; seems unlikely.
They could kill -9 pg_upgrade too if they are the same user id.
> > Should I persue that in my patch?
>
> I think this is just a band-aid, and we shouldn't be putting more
> effort into it than needed to ensure that unexpected configuration
> settings won't break it. The right fix is a better form of
> standalone-backend mode. Maybe I will go pursue that, since nobody
> else seems to want to.
I am worried that is going to be a complex solution to a very minor
problem. Also, how is that going to get backpatched?
--
Bruce Momjian <bruce(at)momjian(dot)us> http://momjian.us
EnterpriseDB http://enterprisedb.com
+ It's impossible for everything to be true. +
From | Date | Subject | |
---|---|---|---|
Next Message | Tomas Vondra | 2012-09-01 20:10:00 | Re: too much pgbench init output |
Previous Message | Bruce Momjian | 2012-09-01 19:45:25 | Re: Yet another failure mode in pg_upgrade |