Greetings,
* Tom Lane (tgl@sss.pgh.pa.us) wrote:
> Stephen Frost <sfrost@snowman.net> writes:
> > Yeah, being able to pick up on this remotely seems like it'd be quite
> > nice. I'm not really thrilled with the idea, but the best I've got
> > offhand for this would be a new role that's "pg_recovery_login" where an
> > admin can GRANT that role to the roles they'd like to be able to use to
> > login during the recovery process and then, for those roles, we write
> > out flat files to allow authentication without access to pg_authid,
>
> We got rid of those flat files for good and sufficient reasons. I really
> really don't want to go back to having such.
Yeah, certainly is part of the reason that I didn't really like that
idea either.
> I wonder though whether we really need authentication here. pg_ping
> already exposes whether the database is up, to anyone who can reach the
> postmaster port at all. Would it be so horrible if the "can't accept
> connections" error message included a detail about "recovery is X%
> done"?
Ultimately it seems like it would depend on exactly what we are thinking
of returning there. A simple percentage of recovery which has been
completed doesn't seem like it'd really be revealing too much
information though.
Thanks,
Stephen