Re: [HACKERS] TODO Done. Superuser backend slot reservations

[only replying to -patches, this doesn't belong on -hackers AFAICS ]

"Nigel J. Andrews" <nandrews(at)investsystems(dot)co(dot)uk> writes:
> Added GUC superuser_reserved_connections such that non-superuser connections
> are only acceptable in the first
> (max_connections - superuser_reserved_connections) backend slots.

I'd prefer that we not change the meaning of max_connections. I had in
mind the following:

- max_connections denotes the # of "regular" connections to
the database (i.e. admin & non-admin)
- max_admin_connections denotes an additional # of backend
slots that are reserved for connections from superusers. Not
sure if this should default to zero or not
- Therefore, the # of backend slots created is
(max_connections + max_admin_connections)

> In addition, this limit is only checked on initialisation of a backend
> process. So reserved slots can be taken by connections that subsequently
> lose superuser priviledges thus evading the lower limit on backends.

How can that happen?

+ /*
+ * Force ReservedBackends is less than MaxBackends if need be.
+ * A cluster only allowing superuser connections seems silly whereas
+ * a cluster reserving none for superusers doesn't.
+ */
+ if (ReservedBackends >= MaxBackends)
+ ReservedBackends = MaxBackends - 1;

IMHO, we should elog(FATAL) here, or at least emit a warning.

Cheers,

Neil

--
Neil Conway <neilc(at)samurai(dot)com> || PGP Key ID: DB3C29FC