On 2020-Jul-07, movead.li@highgo.ca wrote:
> >ISTM that a reasonable compromise is that if you use -x (or -c, -m, -O)
> >and the input value is outside the range supported by existing files,
> >then it's a fatal error; unless you use --force, which turns it into
> >just a warning.
>
> I do not think '--force' is a good choice, so I add a '--test, -t' option to
> force to write a unsafe value to pg_control.
> Do you think it is an acceptable method?
The rationale for this interface is unclear to me. Please explain what
happens in each case?
In my proposal, we'd have:
* Bad value, no --force:
- program raises error, no work done.
* Bad value with --force:
- program raises warning but changes anyway.
* Good value, no --force:
- program changes value without saying anything
* Good value with --force:
- same
The rationale for this interface is convenient knowledgeable access: the
DBA runs the program with value X, and if the value is good, then
they're done. If the program raises an error, DBA has a choice: either
run with --force because they know what they're doing, or don't do
anything because they know that they would make a mess.
--
Álvaro Herrera https://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services
