From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
---|---|
To: | Michael Paquier <michael(dot)paquier(at)gmail(dot)com> |
Cc: | Dave Page <dpage(at)pgadmin(dot)org>, Peter Eisentraut <peter_e(at)gmx(dot)net>, PostgreSQL Hackers <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: Getting rid of "accept incoming network connections" prompts on OS X |
Date: | 2014-10-24 13:39:59 |
Message-ID: | 28508.1414157999@sss.pgh.pa.us |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Michael Paquier <michael(dot)paquier(at)gmail(dot)com> writes:
> On Fri, Oct 24, 2014 at 8:26 AM, Dave Page <dpage(at)pgadmin(dot)org> wrote:
>> On Fri, Oct 24, 2014 at 7:18 AM, Peter Eisentraut <peter_e(at)gmx(dot)net> wrote:
>>> On 10/21/14 1:16 PM, Tom Lane wrote:
>>>> If you do any Postgres development on OS X, you've probably gotten
>>>> seriously annoyed by the way that, every single time you reinstall the
>>>> postmaster executable, you get a dialog box asking whether you'd like
>>>> to allow it to accept incoming network connections.
>>> I used to, but somehow I don't see this anymore. Just to be sure, I
>>> made sure the firewall is on, checked that postgres is not in the
>>> exception list, rebooted, built postgresql from scratch, ran make check,
>>> but no pop-up.
>>>
>>> I'm on Yosemite. Maybe this was changed.
>> I've never seen it on any version of OS X (I've worked my way from
>> Panther to Yosemite). There must be more to it...
I see it every darn time I've changed the postmaster executable.
Maybe there is a difference in security settings? I have the firewall
enabled and in Settings->Security->General, "Allow apps downloaded from:
Mac App Store and identified developers", which I think is the default.
[ experiments... ] Hm, setting that to "Anywhere" doesn't change the
results anyway.
> FWIW, with firewall at on, I am used to see this annoying popup window when
> starting an instance manually, make check never complains though.
Ah. pg_regress sets listen_addresses to empty so that no TCP ports
are opened, hence no firewall complaints from "make check". However,
as soon as you start a normal installation, you get the complaint,
as even an open port on 127.0.0.1 is enough to provoke it.
Peter, Dave: maybe you have tweaked things to keep listen_addresses
empty and rely only on Unix-socket connections?
regards, tom lane
From | Date | Subject | |
---|---|---|---|
Next Message | Robert Haas | 2014-10-24 13:45:59 | Re: Deferring some AtStart* allocations? |
Previous Message | Alex Goncharov | 2014-10-24 13:36:59 | Re: Trailing comma support in SELECT statements |