From c1c4f93056ceba4dcbb7779e5215e190587bea90 Mon Sep 17 00:00:00 2001 From: Tom Lane Date: Fri, 17 Jun 2011 19:13:08 -0400 Subject: [PATCH] Don't use "cp -i" in the example WAL archive_command. This is a dangerous example to provide because on machines with GNU cp, it will silently do the wrong thing and risk archive corruption. Worse, during the 9.0 cycle somebody "improved" the discussion by removing the warning that used to be there about that, and instead leaving the impression that the command would work as desired on most Unixen. It doesn't. Try to rectify the damage by providing an example that is safe most everywhere, and then noting that you can try cp -i if you want but you'd better test that. In back-patching this to all supported branches, I also added an example command for Windows, which wasn't provided before 9.0. --- doc/src/sgml/backup.sgml | 25 +++++++++++++------------ 1 file changed, 13 insertions(+), 12 deletions(-) diff --git a/doc/src/sgml/backup.sgml b/doc/src/sgml/backup.sgml index 03180cf108..bdffb4b859 100644 --- a/doc/src/sgml/backup.sgml +++ b/doc/src/sgml/backup.sgml @@ -579,7 +579,7 @@ tar -cf backup.tar /usr/local/pgsql/data character in the command. The simplest useful command is something like: -archive_command = 'cp -i %p /mnt/server/archivedir/%f </dev/null' # Unix +archive_command = 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f' # Unix archive_command = 'copy "%p" "C:\\server\\archivedir\\%f"' # Windows which will copy archivable WAL segments to the directory @@ -588,7 +588,7 @@ archive_command = 'copy "%p" "C:\\server\\archivedir\\%f"' # Windows %p and %f parameters have been replaced, the actual command executed might look like this: -cp -i pg_xlog/00000001000000A900000065 /mnt/server/archivedir/00000001000000A900000065 </dev/null +test ! -f /mnt/server/archivedir/00000001000000A900000065 && cp pg_xlog/00000001000000A900000065 /mnt/server/archivedir/00000001000000A900000065 A similar command will be generated for each new file to be archived. @@ -617,18 +617,19 @@ cp -i pg_xlog/00000001000000A900000065 /mnt/server/archivedir/00000001000000A900 preserve the integrity of your archive in case of administrator error (such as sending the output of two different servers to the same archive directory). + + + It is advisable to test your proposed archive command to ensure that it indeed does not overwrite an existing file, and that it returns - nonzero status in this case. On many Unix platforms, cp - -i causes copy to prompt before overwriting a file, and - < /dev/null causes the prompt (and overwriting) to - fail. If your platform does not support this behavior, you should - add a command to test for the existence of the archive file. For - example, something like: - -archive_command = 'test ! -f /mnt/server/archivedir/%f && cp %p /mnt/server/archivedir/%f' - - works correctly on most Unix variants. + nonzero status in this case. + The example command above for Unix ensures this by including a separate + test step. On some Unix platforms, cp has + switches such as -- 2.40.0