On Tue, Apr 10, 2018 at 10:27:19PM +0200, Daniel Gustafsson wrote: >> On 10 Apr 2018, at 06:21, Michael Paquier <mich...@paquier.xyz> wrote: > Does it really imply that? Either way, the tool could potentially be useful > for debugging a broken cluster so I’m not sure that stating it requires a > cleanly shut down server is useful.
Torn pages could lead to false positives. So I think that the tool's assumptions are right. > Thinking more on this, I don’t think the -f option should be in the tool until > we have the ability to turn on/off checksums. Since checksums are always on, > or always off, -f is at best confusing IMO. The attached patch removes -f, > when we can turn checksums on/off we can rethink how -f should behave. That's my impression as well, thanks for confirming. Your patch looks fine to me. I am wondering as well if we should not actually rename the tool? Why not naming it pg_checksums instead of pg_verify_checksums, and add an --action switch to it which can be used to work on checksums. The obvious option to support in v11 is a "verify" mode, but I would imagine that a "disable" and "enable" modes would be useful as well, and all the APIs are here already to be able to do an in-place update of the checksums, and then switch the control file properly. We have no idea at this stage if a patch to enable checksums while the cluster is online will be able to make it, still a way to switch checksums while the cluster is offline is both reliable and easy to implement. Not saying do to that for v11 of course, I would like to keep the door open for v12. -- Michael
signature.asc
Description: PGP signature
