On Wed, 2008-01-02 at 09:50 -0800, Russ Allbery wrote: > Robert Collins <email@example.com> writes: > > On Wed, 2008-01-02 at 00:29 +0000, Colin Watson wrote: > > >> Some packages actually do need to shut down cleanly; in the case of a > >> database, for example, such a change could cause data loss. > > > Surely no more than a hard power failure(*), which databases (even such > > lightweight ones as sqlite) are designed to handle. > > You can still lose data transactions that weren't complete, and you may > have to go through an extended consistency check when the system comes > back up. Meh, two answers to my point that equate 'data loss' with 'incomplete transactions are not committed'. Incomplete transactions are *just that* - incomplete. Its why database clients use transactions and understand that errors (such as the db going away) mean their changes are not committed. If a database is asked to shutdown and a client has a 10 minute update running, you still end up with 'incomplete transaction not being completed' - unless of course you want to block indefinitely on each service. Your note about an extended consistency check is valid when a power loss has occurred but doesn't apply to the proposed fast shutdown as a signal is in fact sent to the database. (And BTW, if your database needs a huge consistency check on startup after a hard-down situation - consider changing database engine!). -Rob -- GPG key available at: <http://www.robertcollins.net/keys.txt>.
Description: This is a digitally signed message part