Thanks for your reply, Tom. Not sure exactly what you mean - this is a
php script executed via apache. php scripts w/in the same directory that
don't make database connections seem to work OK.
Your suggestion is a good one though - it may be an SELinux
configuration. I'll try to pursue that direction.
-- john
Tom Lane wrote:
John Cartwright <[EMAIL PROTECTED]> writes:
I'm using php 5.1.6 on a RHEL 5 system connecting to a postgresql server
version 8.2.3. I think that TCP connections are enabled correctly in
the server's pg_hba.conf and I can successfully connect from the client
using pgsql. However, trying to use pg_connect() w/ a call like:
$con = pg_connect("host='postgres1.ngdc.noaa.gov' port=5432
sslmode='allow' user='test' password='mypassword' dbname='test'")
fails saying:
Unable to connect to PostgreSQL server: could not connect to server:
Permission denied
Are you running the php script manually, or is it actually executing
inside a daemon such as Apache? If the latter, I'll bet this is a
SELinux issue --- SELinux is set up to constrain daemons a lot more
tightly than interactive commands, so that they can't easily be used to
break into your system.
I don't know much about how to fix it, other than the extremely
brute-force tool of "setenforce 0". On current Fedora it looks like the
way is probably "setsebool -P allow_user_postgresql_connect 1", but I'm
not sure if RHEL5 uses that approach or something older.
It's also possible that the policy is OK but you have some files
with the wrong security labeling.
regards, tom lane
--
Sent via pgsql-general mailing list (pgsql-general@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general
