Stephen Frost wrote: > Yes, it *is* impossible to do safe backups with the existing API. There > is an unquestionable race condition where a system restart will cause > your system to not come back up without you going in and removing the > backup_label file- and the only way you make that race window small is > to remove the backup_label file right after you run pg_start_backup and > copy it, and then PUT IT BACK at the end before you call pg_stop_backup, > which is insane, but otherwise the 'race window' is the ENTIRE length of > the backup.
I just have an idea: What about an option to keep WAL around for the duration of an exclusive backup? That way PostgreSQL can still restart after a crash. It will take longer than expected, but it will work. But then, perhaps the long recovery time is only marginally better than having to manually delete the backup_label file... Yours, Laurenz Albe
