Greg Stark <gsst...@mit.edu> writes: > On Thu, Aug 27, 2009 at 12:32 AM, Tom Lane<t...@sss.pgh.pa.us> wrote: >> Attached is a simple patch that uses the environment-variable approach.
> So with this change you would have the startup script not remove the > lock file? Huh? The startup script shouldn't *ever* remove the lock file. That's been true all along, and this doesn't change it. > This could still fail if the startup script runs some other commands > with & to background them and those commands happen to land with the > pid of postgres? Or the startup script runs pg_ctl within a ( ) > subshell? Yup, and that's been true all along too. This patch makes it possible to write a safe initscript that uses pg_ctl --- it doesn't make it impossible to write an unsafe one. In practice, the situations where people would need to write unsafe constructs have been largely eliminated anyway. Before we had a builtin syslogger process, people often wanted to do something like su - postgres -c "postmaster | logrotate" which is quite unsafe because there's probably an intermediate shell process. No need for that anymore. But notice this is just as unsafe whether you use pg_ctl or postmaster directly ... regards, tom lane -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers