Thread: How to automatically start postmastrer with TCP/IP support (-i option) ???

----- Original Message -----
From: Uro Gruber <uros.gruber@sir-mag.com>
To: Paulo Parola <pgsql@brazilinfo.com>
Sent: Sunday, March 04, 2001 7:14 PM
Subject: Re: [GENERAL] How to automatically start postmastrer with TCP/IP
support (-i option) ???


> Hi,
>
> Sunday, March 04, 2001, 10:38:04 PM, you wrote:
>
> PP> Hi,
>
> PP> So my questions are:
>
> PP> 1) How should I make so that PostgreSQL is automatically started
accepting TCP/IP connections like I did by hand with the command above (
> PP> nohup /usr/bin/postmaster -i -D /var/lib/pgsql/data </dev/null
>>server.log 2>>1 &) ???
> Use command pg_ctl (read the manual)
>
> PP> Which file should I edit to add option '-i' for accepting TCP/IP
connections? Apparently, in shell script '/etc/rc.d/init.d/postgresql' the
line that starts the postmaster reads  'su -l postgres
> PP> -c "/usr/bin/pg_ctl -D $PGDATA -p /usr/bin/postmaster start >/dev/null
2>&1" < /dev/null', is that right?
> You don't have to edit any data, you can tell this in with command
> line i think option -o and then options switches.
>

It would not help me to issue the command from the command line, since I
need TCP/IP connections set everytime I reboot my server. Since the shell
script run by Linux to start the postmaster is '/etc/rc.d/init.d/postgresql'
I finally came to the correct syntax of the line I should edit in this file:

Original:
  su -l postgres -c "/usr/bin/pg_ctl -D $PGDATA -p /usr/bin/postmaster start
>/dev/null 2>&1" < /dev/null

Changed to:
  su -l postgres -c "/usr/bin/pg_ctl -o '-i' -D $PGDATA -p
/usr/bin/postmaster start >/dev/null 2>&1" < /dev/null

I then rebooted the server and it worked, as shown by the process running
which has option '-i' set :
postgres   836  0.0  2.0  5092 1288 ?        S    19:45   0:00
/usr/bin/postmaster -D /var/lib/pgsql/data -i

> PP> 2) With which user shall I connect to the database? User "apache" or
maybe user "nobody" ? Should I create a user 'apache' in PostgreSQL?
> Anyone you like. You just have to make user. First connect you have to
> make with pgsql user which is admin for sesrver and then you create
> another user. And again read the manual, everything is in it.
>

My question should be: with which user Apache accesses PostgreSQL? From the
message issued by PostgreSQL it is user 'apache'.

Does that mean that *any* tables accessed through the Web should be owned by
an user named 'apache' created with PostgreSQL program 'createuser'?

For example: database test is owned by user 'postgres'.

I then issue the following commands:

$ createuser apache
        Shall the new user be allowed to create databases? (y/n) n
        Shall the new user be allowed to create more new users? (y/n) n
        CREATE USER

$ psql -Upostgres teste
Welcome to psql, the PostgreSQL interactive terminal.

Type:  \copyright for distribution terms
       \h for help with SQL commands
       \? for help on internal slash commands
       \g or terminate with semicolon to execute query
       \q to quit

teste=# \c teste
You are now connected to database teste.

teste=# \l
        List of databases
 Database  |  Owner   | Encoding
-----------+----------+-----------
 template0 | postgres | SQL_ASCII
 template1 | postgres | SQL_ASCII
 teste     | postgres | SQL_ASCII
(3 rows)

teste=# \d
   List of relations
 Name  | Type  | Owner
-------+-------+--------
 teste | table | postgres

teste=# alter table teste owner to apache;
ALTER

teste=# \d
   List of relations
 Name  | Type  | Owner
-------+-------+--------
 teste | table | apache
(1 row)

And now my PHP script can connect to my table teste (owned by user 'apache')
in database teste (owned by user 'postgres').

Is this the correct way to do it?

TIA,
Paulo

>
>
> --
> ,
>  Uros                            mailto:uros.gruber@sir-mag.com
>
>
>

On Sun, Mar 04, 2001 at 08:07:20PM -0300, Paulo Parola wrote:
[ . . . ]
> >
>
> My question should be: with which user Apache accesses PostgreSQL? From the
> message issued by PostgreSQL it is user 'apache'.

On most systems it seems to be either wwwrun or nobody by default.

>
> Does that mean that *any* tables accessed through the Web should be owned by
> an user named 'apache' created with PostgreSQL program 'createuser'?

No, it just means that you need to grant this user permission to read
data from a table owned by someone else, or write to it if that's
necessary (think about whether to allow that or not; it might be a
security risk) with the grant command:

Command:     GRANT
Description: Grants access privilege to a user, a group or all users
Syntax:
GRANT privilege [, ...] ON object [, ...]
    TO { PUBLIC | GROUP group | username }

e.g.:

grant select on <table> to apache;


Regards, Frank

Hi,

On Sun, 4 Mar 2001, Paulo Parola wrote:

> Date: Sun, 4 Mar 2001 18:38:04 -0300
> From: Paulo Parola <pgsql@brazilinfo.com>
> To: pgsql-general@postgresql.org
> Subject: [GENERAL] How to automatically start postmastrer with TCP/IP
>     support (-i option) ???
>
> nohup /usr/bin/postmaster -i -D /var/lib/pgsql/data </dev/null >>server.log 2>>1 &
Version 7.1:

pg_ctl start -o "-i" -l path/xx.log -D /path/to/DadaDir


 MFG
    Daniel
--

#####################--Daniel Kraemer 79774 Albbruck--#######################
#                daniel@dany.s.netic.de dk@s.netic.de                       #
#############################################################################

Paulo Parola writes:

> I am trying to configure PostgreSQL 7.1 over RedHat 7.0 (according to
> Lamar Owen the RPM's for 7.1 were built on RedHat 6.2 and not 7.0 -
> does that implies any possible problems?).

Always rebuild from the source RPM.  Never trust binary RPMs unless you
have the exact same OS.

> 1) How should I make so that PostgreSQL is automatically started
> accepting TCP/IP connections like I did by hand with the command above
> ( nohup /usr/bin/postmaster -i -D /var/lib/pgsql/data </dev/null
> >>server.log 2>>1 &) ??? Which file should I edit to add option '-i'
> for accepting TCP/IP connections?

In $PGDATA/postgresql.conf, add a line 'tcpip_socket = on'.

> Apparently, in shell script '/etc/rc.d/init.d/postgresql' the line
> that starts the postmaster reads 'su -l postgres -c "/usr/bin/pg_ctl
> -D $PGDATA -p /usr/bin/postmaster start >/dev/null 2>&1" < /dev/null',
> is that right?

No.  It discards the log output.

> 2) With which user shall I connect to the database? User "apache" or
> maybe user "nobody" ? Should I create a user 'apache' in PostgreSQL?

Doesn't matter, but you have to make a user in PostgreSQL.  System users
are not automatically PostgreSQL users.

--
Peter Eisentraut      peter_e@gmx.net       http://yi.org/peter-e/

On Mon, Mar 05, 2001 at 08:14:08AM +0100, Frank Joerdens wrote:
> >
> > My question should be: with which user Apache accesses PostgreSQL? From the
> > message issued by PostgreSQL it is user 'apache'.
>
> On most systems it seems to be either wwwrun or nobody by default.
>
On some recent Linux distributions, it is now 'apache' instead of 'nobody'.

On Mon, Mar 05, 2001 at 10:19:11AM -0800, Samuel Sieb wrote:
> On Mon, Mar 05, 2001 at 08:14:08AM +0100, Frank Joerdens wrote:
> > >
> > > My question should be: with which user Apache accesses PostgreSQL? From the
> > > message issued by PostgreSQL it is user 'apache'.
> >
> > On most systems it seems to be either wwwrun or nobody by default.
> >
> On some recent Linux distributions, it is now 'apache' instead of 'nobody'.

on debian (potato, anyhow) it's "www-data" which is a bit of a
bear to type. (i'd love "www" or "apache" but nooooo...)

of course, in theory, you can munge your config files and have
apache masquerade as 'mongo' or 'lulu' or 'zipelna' if you want.

but keep in mind -- this being a security feature of postgresql
-- that linux user/login "gonzo" doesn't automatically get a
postgresql username "gonzo". so to connect to postgresql you need
to match up pg username with pg password. and in the config files
for postgres, there are options to specify whether, say,
linux/login username 'bubba' is allowed to connect to psql as
'doofus' ... or not.

i think.

--
It is always hazardous to ask "Why?" in science, but it is often
interesting to do so just the same.
        -- Isaac Asimov, 'The Genetic Code'

will@serensoft.com
http://groups.yahoo.com/group/newbieDoc -- we need your brain!
http://www.dontUthink.com/ -- your brain needs us!