Re: [HACKERS] [Pgsqlrpms-hackers] Safer auto-initdb for RPM init script
On Fri, Aug 25, 2006 at 07:21:50AM -0700, Joe Conway wrote: We also decided to turn off the init script execution entirely. The DBAs were more comfortable with a manual database startup for a production machine anyway (this is the way they typically handle Oracle databases also). They get paged if the server ever goes down unplanned, and in that event they like to check things out before bringing the db back up. For planned outages, database startup is simply part of the plan. I'd *really* like to have an official way to just disable the initdb code entirely. -- Jim C. Nasby, Sr. Engineering Consultant [EMAIL PROTECTED] Pervasive Software http://pervasive.comwork: 512-231-6117 vcard: http://jim.nasby.net/pervasive.vcf cell: 512-569-9461 ---(end of broadcast)--- TIP 4: Have you searched our list archives? http://archives.postgresql.org
Re: [HACKERS] [Pgsqlrpms-hackers] Safer auto-initdb for RPM init script
Jim C. Nasby wrote: On Fri, Aug 25, 2006 at 07:21:50AM -0700, Joe Conway wrote: We also decided to turn off the init script execution entirely. The DBAs were more comfortable with a manual database startup for a production machine anyway (this is the way they typically handle Oracle databases also). They get paged if the server ever goes down unplanned, and in that event they like to check things out before bringing the db back up. For planned outages, database startup is simply part of the plan. I'd *really* like to have an official way to just disable the initdb code entirely. This is trivial to do --- just add a /etc/some_dir/postgresql file that contains a line like AUTO_INITDB=0 to turn the auto-initdb'ing feature of the init script off. If the file is not present or AUTO_INITDB is not defined to zero in that file, then the code behaves as today. I don't recall what the configuration directory is called in Redhat systems, but there is one in there (in Debian it's /etc/default). -- Alvaro Herrerahttp://www.CommandPrompt.com/ The PostgreSQL Company - Command Prompt, Inc. ---(end of broadcast)--- TIP 6: explain analyze is your friend
Re: [HACKERS] [Pgsqlrpms-hackers] Safer auto-initdb for RPM init script
Tom Lane wrote: We've seen more than one report of corruption of PG databases that seemed to be due to the willingness of the RPM init script to run initdb if it thinks the data directory isn't there. This is pretty darn risky on an NFS volume, for instance, which might be offline at the instant the script looks. The failure case is - script doesn't see data directory - script runs initdb and starts postmaster - offline volume comes online - KABOOM Been there, done exactly that... I can still imagine ways for this to fail, eg if you run an RPM install or upgrade while your mountable data directory is offline. But it ought to be an order of magnitude safer than things are now. (Hm, maybe the %post script should only run during an RPM install, not an upgrade.) That's probably a good plan. Comments? Anyone see a better way? I can't think of any offhand that aren't too expensive. We ended up putting a root-owned empty data directory beneath the mount point, but that can't be automated. We also decided to turn off the init script execution entirely. The DBAs were more comfortable with a manual database startup for a production machine anyway (this is the way they typically handle Oracle databases also). They get paged if the server ever goes down unplanned, and in that event they like to check things out before bringing the db back up. For planned outages, database startup is simply part of the plan. Joe ---(end of broadcast)--- TIP 4: Have you searched our list archives? http://archives.postgresql.org