Participants
Joel Alpers
Joel Alpers
Tom Lane
Tom Lane
John R Pierce
John R Pierce
Attachments
Show all attachments
Thread Outline
#1Joel AlpersJoel Alpers
Jan 16, 2010
#2Tom LaneTom Laneto Joel Alpers (#1)
Jan 16, 2010
#3Joel AlpersJoel Alpersto Tom Lane (#2)
Jan 17, 2010
#4John R PierceJohn R Pierceto Joel Alpers (#3)
Jan 17, 2010
#5Joel AlpersJoel Alpersto John R Pierce (#4)
Jan 17, 2010

Trouble connecting to database using PQconnectdb (C/libpq)

Started by Joel Alpersabout 16 years ago5 messagesgeneral
Jump to latest
#1Joel Alpers
Joel Alpers
joel@jkalpers.com

Hello -

I am working on moving my WEB pages, which include searches in a PostgreSQL
data base, through "libpq".

Old system: Red Hat Linux 9, PostgreSQL 7.4.6

New system: Fedora 11, PostgreSQL 8.4

When I re-compile the program (using updated gnu C++ compilers/libs),
the new version --will-- connect to the data base if I run the CGI program
from the command line, but will --NOT-- connect if I call the CGI program
from a web page.

Here is the C/C++ code:
------------------------------

const char *pcDbArgs = "user=joela dbname=photodb port=5432
host=192.168.111.7";
const char *pcDbName = "photodb";

//
// Connect to PostGresQL data base....
//
printf("\nCalling PQconnectdb(%s)\n", pcDbArgs);
gpPhotoDb = PQconnectdb (pcDbArgs);
if (PQstatus(gpPhotoDb) != CONNECTION_OK)
vExit("Can't connect to database \"%s\" - %s\n", pcDbName,
PQerrorMessage(gpPhotoDb));
printf("Successful connection!\n\n");

(vExit is a simple function that formats an error message)

When run from an HTML page:
Error message:
------------------

Calling PQconnectdb(user=joela dbname=photodb port=5432 host=192.168.111.7)

*** Error - Can't connect to database "photodb" - could not connect to server: Permission denied
Is the server running on host "192.168.111.7" and accepting
TCP/IP connections on port 5432?

I have verified that the postgresql server --is-- running on the server
machine, and --is-- listening on 5432.

I am sure I am leaving something out, so please write if you need more info.

Any thoughts?

Thanks!

Joel.

-- 

+--------------------------------------------------------------------+
|  Joel K. Alpers
|  Expressive Black and White Images
|  http://www.jkalpers.com
+--------------------------------------------------------------------+
#2Tom Lane
Tom Lane
tgl@sss.pgh.pa.us
In reply to: Joel Alpers (#1)
Re: Trouble connecting to database using PQconnectdb (C/libpq)

Joel Alpers <joel@jkalpers.com> writes:

New system: Fedora 11, PostgreSQL 8.4

Fedora 11 enables selinux by default ...

*** Error - Can't connect to database "photodb" - could not connect to server: Permission denied
Is the server running on host "192.168.111.7" and accepting
TCP/IP connections on port 5432?

Almost certainly, this represents selinux thinking that apache shouldn't
be making connections to random ports, and denying the socket open long
before it ever has a chance to get to postgres.

If you poke around in the selinux configuration options you can probably
find a switch that opens this up, but I don't know offhand what it is.

Or you could disable selinux, but if you're running a publicly visible
webserver I'd strongly recommend against that. selinux will save your
bacon someday, but not if it's turned off.

regards, tom lane

#3Joel Alpers
Joel Alpers
joel@jkalpers.com
In reply to: Tom Lane (#2)
Re: Trouble connecting to database using PQconnectdb (C/libpq)

Tom Lane wrote:

Joel Alpers <joel@jkalpers.com> writes:

New system: Fedora 11, PostgreSQL 8.4

Fedora 11 enables selinux by default ...

*** Error - Can't connect to database "photodb" - could not connect to server: Permission denied
Is the server running on host "192.168.111.7" and accepting
TCP/IP connections on port 5432?

Almost certainly, this represents selinux thinking that apache shouldn't
be making connections to random ports, and denying the socket open long
before it ever has a chance to get to postgres.

If you poke around in the selinux configuration options you can probably
find a switch that opens this up, but I don't know offhand what it is.

Or you could disable selinux, but if you're running a publicly visible
webserver I'd strongly recommend against that. selinux will save your
bacon someday, but not if it's turned off.

regards, tom lane

Tom:

Thanks for the quick reply - looks like you were spot on with your analysis.

I temporarily set selinix to "permissive" and the web page works as it
should.

Now the trick will be to find a way to make them play well together -- I'll
check the postgres site where they have discussions archived...

Thanks again!!!

Joel.

-- 

+--------------------------------------------------------------------+
|  Joel K. Alpers
|  Expressive Black and White Images
|  http://www.jkalpers.com
+--------------------------------------------------------------------+
#4John R Pierce
John R Pierce
pierce@hogranch.com
In reply to: Joel Alpers (#3)
Re: Trouble connecting to database using PQconnectdb (C/libpq)

Now the trick will be to find a way to make them play well together --
I'll
check the postgres site where they have discussions archived...

you'll probably get more help from a selinux site or list.

#5Joel Alpers
Joel Alpers
joel@jkalpers.com
In reply to: John R Pierce (#4)
Re: Trouble connecting to database using PQconnectdb (C/libpq)

John R Pierce wrote:

Now the trick will be to find a way to make them play well together
-- I'll
check the postgres site where they have discussions archived...

you'll probably get more help from a selinux site or list.

Yes, after I sent that reply I recalled that I was --on-- a postgres
list --- sorry,
it's been a long few days fighting software.

I meant to say I would check on the Fedora forum!

Joel.

-- 

+--------------------------------------------------------------------+
|  Joel K. Alpers
|  Expressive Black and White Images
|  http://www.jkalpers.com
+--------------------------------------------------------------------+
← Back to Topics