Subject Database Shutdown
Author Jim Starkey
There currently doesn't seem to be an architecturally controlled
mechanism to shutdown all active providers. The servers currently use a
crock called JRD_shutdown_all() which breaks the architecture in so many
ways I don't even want to talk about it.

In the old days, shutdown wasn't much of an issue as the last attachment
to a database caused it to go away. This is clearly insufficient for a
modern server.

Among the option that we need to consider are:

1. Staged shutdown -- don't accept any more connections, continue to
service existing connections, and shutdown when the last goes away.
2. Panic shutdown -- shut down now!
3. Shutdown local providers
4. [Remote shutdown???]

If shutdown is limited to local providers (I guess each provider decides
whether it is local or not), then there are no security issues --
anybody who started something can certainly stop it. If the facility is
extended to remote connections, then something more robust is required.

Do we need a mechanism to shutdown specific databases in a process? If
so, is it the same mechanism or a different one?

The simpliest alternative is

void fb_shutdown_local (bool panic);



Jim Starkey
Netfrastructure, Inc.
978 526-1376