Search Postgresql Archives

Re: Unable to connect to Postgresql

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 04/08/2017 06:26 AM, John Iliffe wrote:

On Saturday 08 April 2017 00:10:14 Adrian Klaver wrote:

On 04/07/2017 07:45 PM, Joe Conway wrote:

On 04/07/2017 05:35 PM, Adrian Klaver wrote:

On 04/07/2017 05:03 PM, John Iliffe wrote:

Running on Fedora 25 with SELinux in PERMISSIVE mode.  The audit
log shows no hits on Postgresql.


My going in position was/still is, that this is a SELinux security
problem
but I am finding SELinux to be the most opaque and badly documented
software
that I have ever had to deal with, which is why it is running in
permissive
mode at the moment.


Well what I know about SELinux would fit in the navel of a flea(tip
of the hat to David Niven), so I can not be of much help there. The
reason I am returned this thread to the list, there are folks that
do understand it.


If SELinux is running in permissive I don't see how it could be at
fault for your issue. Did you verify that (getenforce)?


--------------------------
[Fri Apr 07 17:03:28.597101 2017] [php7:warn] [pid 1797:tid
140599445419776] [client 192.168.1.10:45127] PHP Warning:
pg_connect(): Unable to connect to PostgreSQL server: could not
connect to server: No such file or directory\n\tIs the server
running locally and
accepting\n\tconnections on Unix domain socket
"/tmp/.s.PGSQL.5432"? in /httpd/iliffe/testfcgi.php on
line 121 ----------------------------


This might be a silly question, but is PHP running on the same server
as Postgres?


To add to this, previously you mentioned:

"Also, using the on board firewall (firewalld) to provide a secondary
domain where the actual business processes run. "

What exactly does that mean?

I'm trying/planning to use firewalld to keep certain remote addresses from
connecting to the mail server.  Since I have it anyway, I want to
strengthen the security by moving non-Internet connections internal of that
firewall so only Apache is exposed to the Internet and the databases, etc,
are internal.

This is a Unix domain socket connection so I don't think the firewall should
get involved.


So what if you change the connection to use -h localhost?



Since you raised the question, I added port 5432 to the open list in
firewalld but it didn't make any difference, still not connecting.



HTH,

Joe





--
Adrian Klaver
adrian.klaver@xxxxxxxxxxx


--
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux