With which user Apache accesses PostgreSQL (was Re: How to automatically start postmastrer with TCP/IP support (-i option) ???) - Mailing list pgsql-general

From Paulo Parola
Subject With which user Apache accesses PostgreSQL (was Re: How to automatically start postmastrer with TCP/IP support (-i option) ???)
Date
Msg-id 005601c0a4ff$df800a20$170aa8c0@gst.com.br
Whole thread Raw
In response to How to automatically start postmastrer with TCP/IP support (-i option) ???  ("Paulo Parola" <pgsql@brazilinfo.com>)
Responses Re: With which user Apache accesses PostgreSQL
List pgsql-general
----- Original Message -----
From: Uro Gruber <uros.gruber@sir-mag.com>
To: Paulo Parola <pgsql@brazilinfo.com>
Sent: Sunday, March 04, 2001 7:14 PM
Subject: Re: [GENERAL] How to automatically start postmastrer with TCP/IP
support (-i option) ???


> Hi,
>
> Sunday, March 04, 2001, 10:38:04 PM, you wrote:
>
> PP> Hi,
>
> PP> So my questions are:
>
> PP> 1) How should I make so that PostgreSQL is automatically started
accepting TCP/IP connections like I did by hand with the command above (
> PP> nohup /usr/bin/postmaster -i -D /var/lib/pgsql/data </dev/null
>>server.log 2>>1 &) ???
> Use command pg_ctl (read the manual)
>
> PP> Which file should I edit to add option '-i' for accepting TCP/IP
connections? Apparently, in shell script '/etc/rc.d/init.d/postgresql' the
line that starts the postmaster reads  'su -l postgres
> PP> -c "/usr/bin/pg_ctl -D $PGDATA -p /usr/bin/postmaster start >/dev/null
2>&1" < /dev/null', is that right?
> You don't have to edit any data, you can tell this in with command
> line i think option -o and then options switches.
>

It would not help me to issue the command from the command line, since I
need TCP/IP connections set everytime I reboot my server. Since the shell
script run by Linux to start the postmaster is '/etc/rc.d/init.d/postgresql'
I finally came to the correct syntax of the line I should edit in this file:

Original:
  su -l postgres -c "/usr/bin/pg_ctl -D $PGDATA -p /usr/bin/postmaster start
>/dev/null 2>&1" < /dev/null

Changed to:
  su -l postgres -c "/usr/bin/pg_ctl -o '-i' -D $PGDATA -p
/usr/bin/postmaster start >/dev/null 2>&1" < /dev/null

I then rebooted the server and it worked, as shown by the process running
which has option '-i' set :
postgres   836  0.0  2.0  5092 1288 ?        S    19:45   0:00
/usr/bin/postmaster -D /var/lib/pgsql/data -i

> PP> 2) With which user shall I connect to the database? User "apache" or
maybe user "nobody" ? Should I create a user 'apache' in PostgreSQL?
> Anyone you like. You just have to make user. First connect you have to
> make with pgsql user which is admin for sesrver and then you create
> another user. And again read the manual, everything is in it.
>

My question should be: with which user Apache accesses PostgreSQL? From the
message issued by PostgreSQL it is user 'apache'.

Does that mean that *any* tables accessed through the Web should be owned by
an user named 'apache' created with PostgreSQL program 'createuser'?

For example: database test is owned by user 'postgres'.

I then issue the following commands:

$ createuser apache
        Shall the new user be allowed to create databases? (y/n) n
        Shall the new user be allowed to create more new users? (y/n) n
        CREATE USER

$ psql -Upostgres teste
Welcome to psql, the PostgreSQL interactive terminal.

Type:  \copyright for distribution terms
       \h for help with SQL commands
       \? for help on internal slash commands
       \g or terminate with semicolon to execute query
       \q to quit

teste=# \c teste
You are now connected to database teste.

teste=# \l
        List of databases
 Database  |  Owner   | Encoding
-----------+----------+-----------
 template0 | postgres | SQL_ASCII
 template1 | postgres | SQL_ASCII
 teste     | postgres | SQL_ASCII
(3 rows)

teste=# \d
   List of relations
 Name  | Type  | Owner
-------+-------+--------
 teste | table | postgres

teste=# alter table teste owner to apache;
ALTER

teste=# \d
   List of relations
 Name  | Type  | Owner
-------+-------+--------
 teste | table | apache
(1 row)

And now my PHP script can connect to my table teste (owned by user 'apache')
in database teste (owned by user 'postgres').

Is this the correct way to do it?

TIA,
Paulo

>
>
> --
> ,
>  Uros                            mailto:uros.gruber@sir-mag.com
>
>
>


pgsql-general by date:

Previous
From: Bill Barnes
Date:
Subject: pgaccess on Win9x
Next
From: Jeff Davis
Date:
Subject: Re: postgres locks... [more information]