> For now, though, I don't mind living with my simple
> hack if indeed it simply means I risk losing a transaction
> during a crash. Or, actually, have simply increased that risk
> (the sequence flush/log id/CRASH is possible, after all).
>
No. This is why Vadim wants the second flush. If the machine
crashes like you describe the client will not be told "transaction
committed". The problem is when a client is told something,
that is not true after a crash, which can happen if the second
flush is left out.
> I'm a lot more comfortable with this than with the potential
> damage done during a crash when fsync'ing both log file and
> data is disabled, when the log can then be written by the
> system followed by a crash before the data tuples make it
> to disk.
>
Yes, this is a much better situation.
Andreas