* Robert Haas (robertmh...@gmail.com) wrote:
> On Thu, Oct 20, 2016 at 12:12 PM, Stephen Frost <sfr...@snowman.net> wrote:
> > That said, I'd also like to see a --force or similar option or mechanism
> > put in place to reduce the risk of users trashing their system because
> > they think pg_resetwal is "safe." ("It's just gonna reset things to make
> > the database start again, should be fine.").
>
> You know we already have that, right?Yes, but I was meaning an option which would be required to make pg_resetxlog actually *do* anything. In other words, I'd rather have it report some info back to the user, if it's run without the '--really-force' or what-have-you option, and only proceed with clearing the WAL or rewriting pg_control when '--really-force' is used. > > pg_destroydb almost seems like a better choice, though I suppose > > 'pg_clearwal' would be more acceptable. Doesn't have quite the same > > impact though. > > > > Not sure on the best answer here, but it's definitely foot-gun that some > > users have ended up using on themselves with depressing regularity. > > Just to provide some perspective from the other side of this, I [...] I wasn't suggesting that we remove the capability. There are certainly use-cases for it, but, unfortunately, I've seen a number of cases where users simply google'd an error that they got back when trying to start PG and found someone saying "well, I got this error, but then I ran pg_resetxlog, and now the database starts up again." It likely doesn't help that the top links tend to be to mailing list archives where pg_resetxlog was brought up. Thanks! Stephen
signature.asc
Description: Digital signature
