Bruce Momjian <pgman@candle.pha.pa.us> writes:
> we need to check to see which one has a WAL eof-of-segment marker (we
> have on of those, right?).
No, we don't.
> I think I see a solution. We are going to create a file during backup so
> we know the wal offsets and xids. If we see that file, we know either
> we have a restore of a backup or they currently running a backup.
... or the last backup attempt failed, but they forgot to remove the
file it left. Or we are doing crash recovery after the system lost
power while a backup was running. Or half a dozen other obvious scenarios.
> If we tell them not to restore while a backup is running (seems pretty
> obvious) we can then delete pg_xlog when the backup wal offset file
> exists. In other cases, we know the WAL files are valid to use.
We're not deleting pg_xlog, period. IMHO it's too dangerous even to
have such a function in the code.
My original suggestion was to *replace* individual xlog files with data
extracted from archive, and only after determining that the archive
indeed has a copy of that particular file (and we can fetch it).
This at least has a fighting chance of not losing information. Wiping
pg_xlog in toto on the basis of a guess about the system status is just
a form of russian roulette. Sooner or later you will wipe some xlog
files that you can't get back from archive.
regards, tom lane
