Re: We should Axe /contrib/start-scripts

From: Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us>
To: Greg Stark <gsstark(at)mit(dot)edu>
Cc: Kevin Grittner <Kevin(dot)Grittner(at)wicourts(dot)gov>, Alvaro Herrera <alvherre(at)commandprompt(dot)com>, Chander Ganesan <chander(at)otg-nc(dot)com>, Josh Berkus <josh(at)agliodbs(dot)com>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org>
Subject: Re: We should Axe /contrib/start-scripts
Date: 2009-08-27 00:01:17
Message-ID: 24673.1251331277@sss.pgh.pa.us
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-hackers

Greg Stark <gsstark(at)mit(dot)edu> writes:
> On Thu, Aug 27, 2009 at 12:32 AM, Tom Lane<tgl(at)sss(dot)pgh(dot)pa(dot)us> wrote:
>> Attached is a simple patch that uses the environment-variable approach.

> So with this change you would have the startup script not remove the
> lock file?

Huh? The startup script shouldn't *ever* remove the lock file.
That's been true all along, and this doesn't change it.

> This could still fail if the startup script runs some other commands
> with & to background them and those commands happen to land with the
> pid of postgres? Or the startup script runs pg_ctl within a ( )
> subshell?

Yup, and that's been true all along too. This patch makes it possible
to write a safe initscript that uses pg_ctl --- it doesn't make it
impossible to write an unsafe one.

In practice, the situations where people would need to write unsafe
constructs have been largely eliminated anyway. Before we had a builtin
syslogger process, people often wanted to do something like

su - postgres -c "postmaster | logrotate"

which is quite unsafe because there's probably an intermediate shell
process. No need for that anymore. But notice this is just as unsafe
whether you use pg_ctl or postmaster directly ...

regards, tom lane

In response to

Responses

Browse pgsql-hackers by date

  From Date Subject
Next Message Tom Lane 2009-08-27 00:24:00 Re: MySQL Compatibility WAS: 8.5 release timetable, again
Previous Message Andrew Dunstan 2009-08-27 00:00:24 Re: pretty print viewdefs