Re: Re: ALTER SYSTEM SET command to change postgresql.conf parameters (RE: Proposal for Allow postgresql.conf values to be changed via SQL [review]) - Mailing list pgsql-hackers

From Stephen Frost
Subject Re: Re: ALTER SYSTEM SET command to change postgresql.conf parameters (RE: Proposal for Allow postgresql.conf values to be changed via SQL [review])
Date
Msg-id 20130802010649.GV2706@tamriel.snowman.net
Whole thread Raw
In response to Re: Re: ALTER SYSTEM SET command to change postgresql.conf parameters (RE: Proposal for Allow postgresql.conf values to be changed via SQL [review])  (Andres Freund <andres@2ndquadrant.com>)
Responses Re: Re: ALTER SYSTEM SET command to change postgresql.conf parameters (RE: Proposal for Allow postgresql.conf values to be changed via SQL [review])
List pgsql-hackers
* Andres Freund (andres@2ndquadrant.com) wrote:
> I agree that we need to do reasonable checks, like running GUC
> validators, but we simply can't control the overall system state. And
> it's not like this are errors that you couldn't get before. And we
> should (that's something to improve on) report the relevant guc + file
> in many cases.

You could get the errors before, sure, but when you did, you could read
the log output and go modify the *configuration files* (which things in
$PGDATA are *not*) and fix it and get the system back online.  If the
files in $PGDATA have to be modified to get the system online then they
are configuration files and should be in /etc.

> Even trying to do this completely will guarantee that this patch will
> never, ever, suceed. There simply is no way to reliably detect problems
> that have complex interactions with the rest of the system.

The patch will never be able to completely remove the need for external
config files, without changes to PG to deal with these conditions
better.

> We can improve the detection rate of problems after some real world
> experience. Don't make this unneccesarily complex.

Actually, putting it out there as "this can be used to modify anything
and means you can trivially make PG unstartable" is actually the wrong
move to make, imv.  Consider that, to deal with the issues caused, we'd
have to *remove* things from being modifyable through this function.
That's a whole lot harder to do from a backward-compatibility view than
adding things later as we improve PG to be able to still come up enough
to be useful even with configuration issues.
Thanks,
    Stephen

pgsql-hackers by date:

Previous
From: Andres Freund
Date:
Subject: Re: Re: ALTER SYSTEM SET command to change postgresql.conf parameters (RE: Proposal for Allow postgresql.conf values to be changed via SQL [review])
Next
From: David Johnston
Date:
Subject: Re: ALTER SYSTEM SET command to change postgresql.conf parameters (RE: Proposal for Allow postgresql.conf values to be changed via SQL [review])