| From: | Jeff Janes <jeff(dot)janes(at)gmail(dot)com> |
|---|---|
| To: | chenchuanling(at)msn(dot)com |
| Cc: | Pg Bugs <pgsql-bugs(at)postgresql(dot)org> |
| Subject: | Re: BUG #11365: denied apache cgi connect |
| Date: | 2014-09-07 21:50:56 |
| Message-ID: | CAMkU=1yHNO=cgj75h_0DBTOgPw_BLkMshrru8aRtU3hHPQKU2A@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-bugs |
On Sat, Sep 6, 2014 at 6:05 PM, <chenchuanling(at)msn(dot)com> wrote:
> The following bug has been logged on the website:
>
> Bug reference: 11365
> Logged by: chenchunling
> Email address: chenchuanling(at)msn(dot)com
> PostgreSQL version: 9.3.5
> Operating system: centos6.3
> Description:
>
> Centos 6.3 integrated 8.4.11 version no problem,but upgrade to version
> 9.3.5
> apache cgi connection denied.Must be set: setenforce 0, such ability can
> be.
>
> selinux log:
> Sep 6 20:39:55 test kernel: type=1400 audit(1410050395.142:792): avc:
> denied { connectto } for pid=9559 comm="servergi"
> path="/tmp/.s.PGSQL.5432"
> scontext=unconfined_u:system_r:httpd_sys_script_t:s0
> tcontext=unconfined_u:system_r:initrc_t:s0 tclass=unix_stream_socket
> Sep 6 20:39:55 test kernel: type=1400 audit(1410050395.144:793): avc:
> denied { connectto } for pid=9559 comm="servergi"
> path="/tmp/.s.PGSQL.5432"
> scontext=unconfined_u:system_r:httpd_sys_script_t:s0
> tcontext=unconfined_u:system_r:initrc_t:s0 tclass=unix_stream_socket
>
In addition to Tom's comments, you could try specifying "localhost" so that
it connects over TCP rather than linux sockets.
There are all kinds of things that go wrong with unix sockets. Packagers
put the sockets in weird places. Services run with private temp files that
mask the real socket directory with something else.
Cheers,
Jeff
| From | Date | Subject | |
|---|---|---|---|
| Next Message | John R Pierce | 2014-09-07 22:22:11 | Re: BUG #11365: denied apache cgi connect |
| Previous Message | Tom Lane | 2014-09-07 16:36:24 | Re: BUG #11365: denied apache cgi connect |