Thread: Trouble connecting to database using PQconnectdb (C/libpq)

Trouble connecting to database using PQconnectdb (C/libpq)

From

Joel Alpers

Date:

16 January 2010, 17:51:59

Hello -

I am working on moving my WEB pages, which include searches in a PostgreSQL
data base, through "libpq".

Old system:   Red Hat Linux 9, PostgreSQL 7.4.6

New system:  Fedora 11, PostgreSQL 8.4

When I re-compile the program (using updated gnu C++ compilers/libs),
the new version --will-- connect to the data base if I run the CGI program
from the command line, but will --NOT-- connect if I call the CGI program
from a web page.

Here is the C/C++ code:
------------------------------

const char *pcDbArgs = "user=joela  dbname=photodb  port=5432
host=192.168.111.7";
const char *pcDbName = "photodb";

  //
  // Connect to PostGresQL data base....
  //
  printf("\nCalling PQconnectdb(%s)\n", pcDbArgs);
  gpPhotoDb = PQconnectdb (pcDbArgs);
  if (PQstatus(gpPhotoDb) != CONNECTION_OK)
    vExit("Can't connect to database \"%s\" - %s\n", pcDbName,
          PQerrorMessage(gpPhotoDb));
  printf("Successful connection!\n\n");


(vExit is a simple function that formats an error message)


When run from an HTML page:
Error message:
------------------

Calling PQconnectdb(user=joela  dbname=photodb  port=5432  host=192.168.111.7)

*** Error - Can't connect to database "photodb" - could not connect to server: Permission denied
    Is the server running on host "192.168.111.7" and accepting
    TCP/IP connections on port 5432?



I have verified that the postgresql server --is-- running on the server
machine, and --is-- listening on 5432.

I am sure I am leaving something out, so please write if you need more info.

Any thoughts?

Thanks!

Joel.

--


+--------------------------------------------------------------------+
|  Joel K. Alpers
|  Expressive Black and White Images
|  http://www.jkalpers.com
+--------------------------------------------------------------------+

Re: Trouble connecting to database using PQconnectdb (C/libpq)

From

Tom Lane

Date:

16 January 2010, 18:54:29

Joel Alpers <joel@jkalpers.com> writes:
> New system:  Fedora 11, PostgreSQL 8.4

Fedora 11 enables selinux by default ...

> *** Error - Can't connect to database "photodb" - could not connect to server: Permission denied
>     Is the server running on host "192.168.111.7" and accepting
>     TCP/IP connections on port 5432?

Almost certainly, this represents selinux thinking that apache shouldn't
be making connections to random ports, and denying the socket open long
before it ever has a chance to get to postgres.

If you poke around in the selinux configuration options you can probably
find a switch that opens this up, but I don't know offhand what it is.

Or you could disable selinux, but if you're running a publicly visible
webserver I'd strongly recommend against that.  selinux will save your
bacon someday, but not if it's turned off.

            regards, tom lane

Re: Trouble connecting to database using PQconnectdb (C/libpq)

From

Joel Alpers

Date:

16 January 2010, 23:23:23

Tom Lane wrote:
> Joel Alpers <joel@jkalpers.com> writes:
>
>> New system:  Fedora 11, PostgreSQL 8.4
>>
>
> Fedora 11 enables selinux by default ...
>
>
>> *** Error - Can't connect to database "photodb" - could not connect to server: Permission denied
>>     Is the server running on host "192.168.111.7" and accepting
>>     TCP/IP connections on port 5432?
>>
>
> Almost certainly, this represents selinux thinking that apache shouldn't
> be making connections to random ports, and denying the socket open long
> before it ever has a chance to get to postgres.
>
> If you poke around in the selinux configuration options you can probably
> find a switch that opens this up, but I don't know offhand what it is.
>
> Or you could disable selinux, but if you're running a publicly visible
> webserver I'd strongly recommend against that.  selinux will save your
> bacon someday, but not if it's turned off.
>
>             regards, tom lane
>
>
Tom:

Thanks for the quick reply - looks like you were spot on with your analysis.

I temporarily set selinix to "permissive" and the web page works as it
should.

Now the trick will be to find a way to make them play well together -- I'll
check the postgres site where they have discussions archived...

Thanks again!!!

Joel.

--


+--------------------------------------------------------------------+
|  Joel K. Alpers
|  Expressive Black and White Images
|  http://www.jkalpers.com
+--------------------------------------------------------------------+

Re: Trouble connecting to database using PQconnectdb (C/libpq)

From

John R Pierce

Date:

16 January 2010, 23:34:55

>
> Now the trick will be to find a way to make them play well together --
> I'll
> check the postgres site where they have discussions archived...


you'll probably get more help from a selinux site or list.

Re: Trouble connecting to database using PQconnectdb (C/libpq)

From

Joel Alpers

Date:

16 January 2010, 23:45:35

John R Pierce wrote:
>
>>
>> Now the trick will be to find a way to make them play well together
>> -- I'll
>> check the postgres site where they have discussions archived...
>
>
> you'll probably get more help from a selinux site or list.
>
>
>
Yes, after I sent that reply I recalled that I was --on-- a postgres
list  --- sorry,
it's been a long few days fighting software.

I meant to say I would check on the Fedora forum!

Joel.


--


+--------------------------------------------------------------------+
|  Joel K. Alpers
|  Expressive Black and White Images
|  http://www.jkalpers.com
+--------------------------------------------------------------------+