Stephen Frost <sfrost@snowman.net> writes:
> Perhaps having the file be a heap file instead of anything a sysadmin
> can be asked to go hack would also make it more clear that this is an
> internal PG file which is to be managed only through PG and stop all
> this arguing about how "oh, they can just fix it by twiddling things in
> $PGDATA" is considered by some to be an acceptable solution.
Whether you think it's acceptable or not, sometimes it's *necessary*.
What if you set a combination of parameters that prevents Postgres from
starting?
Even if we could make config-in-a-catalog work, which I'm very dubious
of, I would think it far too unsafe to use.
We could of course fix that problem by only storing "safe" parameters
in a catalog, but then you lose the supposed appeal of a single-file
solution.
regards, tom lane
