On 10/01/2017 04:48 PM, Andres Freund wrote: > On 2017-10-01 16:42:44 -0400, Tom Lane wrote: >> Andrew Dunstan <andrew.duns...@2ndquadrant.com> writes: >>> On 09/30/2017 10:32 PM, Andres Freund wrote: >>>> Heh. I'm inclined to take it out. We could add a --use-the-force-luke >>>> type parameter, but it doesn't seem worth it. >>> I agree, but I think we need this discussed on -hackers. Does anyone >>> have an objection to allowing "pg_ctl kill KILL somepid"? As Andres >>> points out, in most places you can just call kill from the command line >>> anyway, so disallowing it is not really a security feature. Having it >>> would let us have portable crash restart tests. >> +1 for portable tests, but it still seems like something we don't want >> to encourage users to use. What do you think of leaving it out of the >> documentation? > As far as I can tell we've not documented the set of acceptable signals > anywhere but the source. I think we can just keep it that way?
As documented it's in the help text: printf(_("\nAllowed signal names for kill:\n")); printf(" ABRT HUP INT QUIT TERM USR1 USR2\n"); So we can leave it out of there. OTOH I'm not a huge fan of security by obscurity. I guess this wouldn't be too bad a case. cheers andrew -- Andrew Dunstan https://www.2ndQuadrant.com PostgreSQL Development, 24x7 Support, Remote DBA, Training & Services -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers