Setting the checksum flag is done after having finished all blocks, so
there is no problem. But we need to set this new flag before and reset
it afterwards, so in between strange things can happen (as the various
calls to exit() within error handling illustrates).
It seems writing a note like "pg_checksums is running" into the
postmaster.pid would work, and would give a hopefully useful hint to
somebody trying to start Postgres while pg_checksums is running:
postgres@kohn:~$ echo "pg_checksums running with pid 1231, cluster disabled" >
data/postmaster.pid
postgres@kohn:~$ pg_ctl -D data -l logfile start
pg_ctl: invalid data in PID file "data/postmaster.pid"
postgres@kohn:~$ echo $?
1
postgres@kohn:~$
Looks ok, but I'm unsure how portable it is though. What if started with
"postmater" directly?
If the DBA then just simply deletes postmaster.pid and starts over, well
then I call pilot error; though we could in theory change pg_ctl (or
whatever checks postmaster.pid) to emit an even more useful error
message if it encounters a "cluster is locked" keyword in it.
Not sure whether everybody likes that (or is future-proof for that
matter), but I like it better than adding a new field to the control
file, for the reasons Bernd outlined above.
ISTM that the point of the control file is exactly to tell what is current
the status of the cluster, so it is where this information really belongs?
AFAICS all commands take care of the status in some way to avoid
accidents.
--
Fabien.
