Re: ALTER SYSTEM SET command to change postgresql.conf parameters (RE: Proposal for Allow postgresql.conf values to be changed via SQL [review])

Stephen Frost <sfrost@snowman.net>

From: Stephen Frost <sfrost@snowman.net>
To: Amit Kapila <amit.kapila16@gmail.com>
Cc: Alvaro Herrera <alvherre@2ndquadrant.com>, Robert Haas <robertmhaas@gmail.com>, Dimitri Fontaine <dimitri@2ndquadrant.fr>, Andres Freund <andres@2ndquadrant.com>, Josh Berkus <josh@agliodbs.com>, Tom Lane <tgl@sss.pgh.pa.us>, Fujii Masao <masao.fujii@gmail.com>, "pgsql-hackers@postgresql.org" <pgsql-hackers@postgresql.org>
Date: 2013-08-20T04:03:50Z
Lists: pgsql-hackers
* Amit Kapila (amit.kapila16@gmail.com) wrote:
>    Do you mean to say, that when user uses ALTER SYSTEM and include is
> disabled, then we can give ERROR in
>    ALTER SYSTEM, that to reflect the values, he need to enable it?
>    Actually in previous version of patch, there was WARNING on such a condition.
>    I agree that it can be detected and we issue Warning or Error, but
> I think it will be an un-necessary inconvenience
>    for user. However if you still vote for disable by default, I will
> modify the patch that way only.

It hardly seems unnecessary..  Otherwise we accept a command that won't
actually do anything, yes?  We usually notice or warn, at least, on such
cases (see similar things around GRANT/REVOKE...).

> The other part which needs suggestions is about un-safe parameters:
> I think for first version of feature, we can decide on some minimum
> list of parameters that will be considere un-safe and user will not be
> allowed to modify them with ALTER SYSTEM.

I do feel like it's easier to add things to the 'allowed' set later,
should we see some good justification for it, than to disallow things
already allowed.

> To start with we can consider below 4 parameters in that category and
> later on keep adding more parameters:
> data_directory, listen_addresses, port, shared_buffers.

What about include directives?

	Thanks,

		Stephen