Michael Paquier <michael.paqu...@gmail.com> writes: > On Tue, Aug 30, 2016 at 9:48 PM, Tom Lane <t...@sss.pgh.pa.us> wrote: >> Hm, StartupXLOG seems like a pretty random place to check that, especially >> since doing it there requires an extra stat() call. Why didn't you just >> make readRecoveryCommandFile() error out?
> Well, the idea is to do the check before doing anything on PGDATA and > leave it intact, particularly the post-crash fsync(). I don't see anything very exciting between the beginning of StartupXLOG and readRecoveryCommandFile. In particular, doing the fsync seems like a perfectly harmless and maybe-good thing. If there were some operation with potentially bad side-effects in that range, it would be dangerous anyway because of the risk of readRecoveryCommandFile erroring out due to invalid contents of recovery.conf. This might be an argument for re-ordering what we're doing in StartupXLOG, but that seems like an independent discussion. regards, tom lane -- Sent via pgsql-hackers mailing list (email@example.com) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers