| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> |
| Cc: | pgsql-hackers <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: could not stat promote trigger file leads to shutdown |
| Date: | 2019-11-14 15:38:30 |
| Message-ID: | 22295.1573745910@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Peter Eisentraut <peter(dot)eisentraut(at)2ndquadrant(dot)com> writes:
> I have seen the error
> could not stat promote trigger file "...": Permission denied
> because of a misconfiguration (for example, setting promote_trigger_file
> to point into a directory to which you don't have appropriate read or
> execute access).
> The problem is that because this happens in the startup process, the
> ERROR is turned into a FATAL and the whole instance shuts down. That
> seems like a harsh penalty. Would it be better to turn this ERROR into
> a WARNING?
It is harsh, but I suspect if we just logged the complaint, we'd get
bug reports about "Postgres isn't reacting to my trigger file",
because people don't read the postmaster log unless forced to.
Is there some more-visible way to report the problem, short of
shutting down?
(BTW, from this perspective, WARNING is especially bad because it
might not get logged at all. Better to use LOG.)
One thought is to try to detect the misconfiguration at postmaster
start --- better to fail at startup than sometime later. But I'm
not sure how reliably we could do that.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Martin Liška | 2019-11-14 15:52:05 | Re: segfault in geqo on experimental gcc animal |
| Previous Message | Jonathan S. Katz | 2019-11-14 15:07:03 | Re: 2019-11-14 Press Release Draft |