Hallo Andres,
>> [...]
>
> pg_upgrade in link mode intentionally wants to *permanently* disable a
> cluster. And it explicitly writes a log message about it. That's not a
> case to draw inferrence for this case.
Ok. My light knowledge of pg_upgrade inner working does not extend to this
level of precision.
>> I'd be okay with anything that works consistently accross all commands
>> [...]
>>
>> I'll admit that I'm moderately enthousiastic about "posmaster.pid" because
>> it does not do anymore what the file names says, but if it really works and
>> is used consistently by all commands, why not. In case of unexpected
>> problems, the file will probably have to be removed/fixed by hand. I also
>> think that the implemented mechanism should be made available in
>> "control_utils.c", not duplicated in every command.
>
> That's just a separate feature.
Possibly, although I'm not sure what in the above is a "separate feature",
I assume from the "pg_checksum --enable" implementation.
Is it the fact that there could (should, IMO) be some mechanisms to ensure
that mutually exclusive direct cluster-modification commands are not run
concurrently?
As "pg_checksums -e" is a potentially long running command, the likelyhood
of self-inflected wounds is raised significantly: I could do absurd things
on an enable-checksum-in-progress cluster on a previous version of the
patch. Thus as a reviewer I'm suggesting to fix the issue.
Or is it the fact that fixing on some critical errors would possibly
involve some manual intervention at some point?
Or is it something else?
--
Fabien.
