|From:||Alvaro Herrera <alvherre(at)2ndquadrant(dot)com>|
|Subject:||Re: pg_resetwal --next-transaction-id may cause database failed to restart.|
|Views:||Raw Message | Whole Thread | Download mbox | Resend email|
On 2020-Jul-07, movead(dot)li(at)highgo(dot)ca wrote:
> >ISTM that a reasonable compromise is that if you use -x (or -c, -m, -O)
> >and the input value is outside the range supported by existing files,
> >then it's a fatal error; unless you use --force, which turns it into
> >just a warning.
> I do not think '--force' is a good choice, so I add a '--test, -t' option to
> force to write a unsafe value to pg_control.
> Do you think it is an acceptable method?
The rationale for this interface is unclear to me. Please explain what
happens in each case?
In my proposal, we'd have:
* Bad value, no --force:
- program raises error, no work done.
* Bad value with --force:
- program raises warning but changes anyway.
* Good value, no --force:
- program changes value without saying anything
* Good value with --force:
The rationale for this interface is convenient knowledgeable access: the
DBA runs the program with value X, and if the value is good, then
they're done. If the program raises an error, DBA has a choice: either
run with --force because they know what they're doing, or don't do
anything because they know that they would make a mess.
Álvaro Herrera https://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
|Next Message||Alvaro Herrera||2020-07-07 15:08:30||Re: Cache lookup errors with functions manipulation object addresses|
|Previous Message||Magnus Hagander||2020-07-07 15:01:30||Re: TLS checking in pgstat|