The way the concurrent backups are implemented is fundamentally unsafe.
If barman for some reason (such a a simple out of disk space) crashes after running pgespresso_start_backup(), it will leave the server with a "leaked" reference counter, and the server will never exit backup mode. There needs to be protection against this, similar to how pg_basebackup does it. Just bypassing the safety features in the backend is very dangerous, especially for something as important as backups.
This needs to be fixed in coordination with pgespresso (I've filed a couple of bugs there as well). Proper reference counting needs to be implemented. I suggest a look at the implementation of the base backup protocol for an idea of how this could be done - basically you need server side protection aganist a disconnected client that will automatically terminate the backup.
Log in to post a comment.