On Wed, 25 Sep 2002, Jan Wieck wrote:
> "scott.marlowe" wrote:
>
> > Having a FILE called pg_xlog isn't the fix here, it's the result of the
> > fix, which is to take all the steps of moving the pg_xlog directory and
> > put them into one script file the user doesn't need to understand to do it
> > right. I.e. idiot proof the system as much as possible.
>
> And your script/program cannot modify postgresql.conf instead of
> creating a new file?
That's a minor point. It could be anywhere. It's just that much like a
symlink is visible from the shell with a simple ls -l, so too is pg_xlog
being a file an obvious sign that pg_xlog doesn't live here anymore.
> Please remember: "A fool with a tool is still a fool". You can
> provide programs and scripts as many as you want. There have
> allways been these idiots who did stuff like truncating pg_log
So, should we take out seatbelts from cars, safeties from guns, and have
everyone run about with sharp sticks too? :-) I know that the second we
make something more idiot proof, someone will make a better idiot, but
that doesn't mean we shouldn't make things more idiot proof, we should
just try to anticipate the majority of idiots (and let's face it, we can
all be idiots at the right moments sometimes.)
But, I have a few more questions about the signature file solution. Is
the signature file going to be updated by date or something everytime the
database is started up and shut down? If not, then it's quite possible
that someone could copy the pg_xlog dir somewhere, run it for a while,
then they change it back to the base pg_xlog will the database know that
those xlogs are stale and not start up, or will it start up and corrupt
the database with the old xlogs? As long as there's a time stamp in both
places it should work fine.