On Mon, Aug 12, 2013 at 10:08:07PM +0200, Pavel Raiskup wrote:
> > The patch moves the atexit setting up, as you suggested, but only does
> > that when pg_ctl succeeds (we know we started the server),
> 
> Yes, of course!
> 
> > PG 9.1+ will allow pg_ctl -w start to succeed even if there are
> > permissions problems;  earlier versions will not and will keep the
> > server running --- the user will have to stop the server after
> > pg_upgrade says it is running.
> 
> This makes it a complex, really..  We may not easily make the
> stop_postmaster resistant to non-running server.  Thus your solution must
> be good enough.

Well, stop_postmaster can run just fine with a stopped server, as we
allow the atexit() shutdown to ignore errors.  The larger question is
whether we should ever stop a server we are not sure we started.

The existing pg_upgrade logic checks if the servers are running first
with start_postmaster(throw_error = false), so in our existing code, we
could probably unconditionally shutdown the server even with a pg_ctl
error when using throw_error = true, but pg_upgrade is complex so I am
hesitant to make such a bold change.  Does anyone else have an opinion?

> > I am not going to backpatch this beyond 9.3 as it is risky code.  I have
> > improved the comments in this area.
> 
> Agree, it is OK for me — thanks for your work.

Sure.  You gave me something to study today, and highlighted an area of
the code that was very unclear.

-- 
  Bruce Momjian  <br...@momjian.us>        http://momjian.us
  EnterpriseDB                             http://enterprisedb.com

  + It's impossible for everything to be true. +


-- 
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers

Reply via email to