At 2015-06-01 23:35:23 -0500, htfoot@gmail.com wrote:
>
> No, it won't prevent the incredibly stupid from doing incredibly
> stupid things, nothing will.
I hate to speechify, but I think we should try hard to avoid framing
such questions in terms of "incredibly stupid" people and the things
they might do.
We have anecdotal and circumstantial evidence that the names pg_xlog and
pg_clog have given some people the impression that they can delete files
therein. Sometimes do this when their server is in imminent danger of
running out of space, sometimes not. But our documentation makes it
clear that these files are important.
I think naming these directories to convey the right impression is a
straightforward interface design problem, and we also know that big
flashing red warnings are less effective than one might hope for. I
do not think a bigger, stripier warning is worth doing in isolation.
I do think it's worth choosing better names.
-- Abhijit
P.S. Unrelated to Michael's mail, but I also don't think it's worth
debating whether people will run "rm -rf *log" or "rm -rf log/*" or
whatever other variant you can think of. I'm arguing for correcting
a mis-perception, not try to dodge specific harmful commands. Tom's
proposal of using a symlink but dropping it after third-party tools
have had time to catch up seems like the best approach to me.
