| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Jeff Janes <jeff(dot)janes(at)gmail(dot)com>, Peter Eisentraut <peter_e(at)gmx(dot)net> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: pg_ctl non-idempotent behavior change |
| Date: | 2013-04-27 18:24:17 |
| Message-ID: | 437.1367087057@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Jeff Janes <jeff(dot)janes(at)gmail(dot)com> writes:
> After 87306184580c9c49717, if the postmaster dies without cleaning up (i.e.
> power outage), running "pg_ctl start" just gives this message and then
> exits:
> pg_ctl: another server might be running
> Under the old behavior, it would try to start the server anyway, and
> succeed, then go through recovery and give you back a functional system.
> From reading the archive, I can't really tell if this change in behavior
> was intentional.
Hmm. I rather thought we had agreed not to change the default behavior,
but the commit message fairly clearly says that the default behavior is
being changed. This case shows that that change was inadequately
thought through.
> Anyway it seems like a bad thing to me. Now the user has a system that
> will not start up, and is given no clue that they need to remove
> "postmaster.pid" and try again.
Yeah, this is not tolerable. We could think about improving the logic
to have a stronger check on whether the old server is really there or
not (ie it should be doing something more like pg_ping and less like
just checking if the pidfile is there). But given how close we are to
beta, maybe the best thing is to revert that change for now and put it
back on the to-think-about-for-9.4 list. Peter?
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2013-04-27 19:12:18 | Re: exactly what is COPY BOTH mode supposed to do in case of an error? |
| Previous Message | Tom Lane | 2013-04-27 18:06:02 | Re: Remaining beta blockers |