Bug 819611
Summary: | [RFE] SAM 1.0 Have PostgreSQL only listen on 127.0.0.1 instead of 127.0.0.1 and 0.0.0.0 | |||
---|---|---|---|---|
Product: | [Retired] Subscription Asset Manager | Reporter: | Kurt Seifried <kseifried> | |
Component: | katello-configure | Assignee: | Miroslav Suchý <msuchy> | |
Status: | CLOSED ERRATA | QA Contact: | Og Maciel <omaciel> | |
Severity: | medium | Docs Contact: | ||
Priority: | unspecified | |||
Version: | 1.0.0 | CC: | bkearney, esammons, gkhachik, lzap, msuchy, omaciel, tkolhar, tomckay | |
Target Milestone: | rc | Keywords: | FutureFeature, Triaged | |
Target Release: | --- | |||
Hardware: | All | |||
OS: | All | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Enhancement | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 820624 (view as bug list) | Environment: | ||
Last Closed: | 2013-02-21 19:16:06 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 816564, 820624, 876492 |
Description
Kurt Seifried
2012-05-07 17:46:39 UTC
Yeah, this is valid request I guess. But I am testing it right now if it does not hurt us. Candlepin use PGSQL too, not sure if they both connect to localhost. Uh for some reson my pull request got deleted. Resubmitting again: https://github.com/Katello/katello/pull/403 fixed in katello.git in commit aa6286b It was not clear why the applied fix added a line that was commented out: grep "listen_address" /var/lib/pgsql/data/postgresql.conf # "pg_ctl reload". Some settings, such as listen_addresses, require #listen_addresses = '*' FailedQA using: * candlepin-0.7.12-1.el6_3.noarch * candlepin-tomcat6-0.7.12-1.el6_3.noarch * katello-candlepin-cert-key-pair-1.0-1.noarch * katello-certs-tools-1.1.8-1h.el6_3.noarch * katello-cli-common-1.1.10-1h.el6_3.noarch * katello-cli-headpin-0.2.2-1.el6_2.noarch * katello-common-1.1.14-2h.el6_3.noarch * katello-configure-1.1.11-1h.el6_3.noarch * katello-glue-candlepin-1.1.14-2h.el6_3.noarch * katello-headpin-1.1.14-2h.el6_3.noarch * katello-headpin-all-1.1.14-2h.el6_3.noarch * katello-selinux-1.1.2-1h.el6_3.noarch # netstat -putna | grep 5432 tcp 0 0 127.0.0.1:5432 0.0.0.0:* LISTEN 2790/postmaster tcp 0 0 127.0.0.1:5432 127.0.0.1:56061 ESTABLISHED 8737/postgres tcp 0 0 127.0.0.1:5432 127.0.0.1:56272 ESTABLISHED 9242/postgres tcp 0 0 127.0.0.1:5432 127.0.0.1:56430 ESTABLISHED 9820/postgres tcp 0 0 ::1:5432 :::* LISTEN 2790/postmaster tcp 0 0 ::1:38356 ::1:5432 ESTABLISHED 8986/thin server (1 tcp 0 0 ::1:5432 ::1:38395 ESTABLISHED 9163/postgres: kate tcp 0 0 ::1:38318 ::1:5432 ESTABLISHED 8945/thin server (1 tcp 0 0 ::1:38489 ::1:5432 ESTABLISHED 9220/katello/delaye tcp 0 0 ::ffff:127.0.0.1:56272 ::ffff:127.0.0.1:5432 ESTABLISHED 8716/java tcp 0 0 ::1:5432 ::1:35893 ESTABLISHED 4373/postgres: kate tcp 0 0 ::1:5432 ::1:38321 ESTABLISHED 9123/postgres: kate tcp 0 0 ::1:35893 ::1:5432 ESTABLISHED 4361/katello/delaye tcp 0 0 ::1:5432 ::1:38489 ESTABLISHED 9222/postgres: kate tcp 0 0 ::ffff:127.0.0.1:56061 ::ffff:127.0.0.1:5432 ESTABLISHED 8716/java tcp 0 0 ::1:38311 ::1:5432 ESTABLISHED 8939/thin server (1 tcp 0 0 ::1:5432 ::1:38356 ESTABLISHED 9143/postgres: kate tcp 0 0 ::ffff:127.0.0.1:56430 ::ffff:127.0.0.1:5432 ESTABLISHED 8716/java tcp 0 0 ::1:38321 ::1:5432 ESTABLISHED 8934/thin server (1 tcp 0 0 ::1:5432 ::1:38311 ESTABLISHED 9113/postgres: kate tcp 0 0 ::1:38395 ::1:5432 ESTABLISHED 8967/thin server (1 tcp 0 0 ::1:5432 ::1:38318 ESTABLISHED 9121/postgres: kate As per Lukas recommendation I: * service iptables stop * telnet [my-system-ip] 5432 Trying [my-system-ip]... telnet: connect to address [my-system-ip]: Connection refused Verified: * candlepin-0.7.12-1.el6_3.noarch * candlepin-tomcat6-0.7.12-1.el6_3.noarch * katello-candlepin-cert-key-pair-1.0-1.noarch * katello-certs-tools-1.1.8-1h.el6_3.noarch * katello-cli-common-1.1.10-1h.el6_3.noarch * katello-cli-headpin-0.2.2-1.el6_2.noarch * katello-common-1.1.14-2h.el6_3.noarch * katello-configure-1.1.11-1h.el6_3.noarch * katello-glue-candlepin-1.1.14-2h.el6_3.noarch * katello-headpin-1.1.14-2h.el6_3.noarch * katello-headpin-all-1.1.14-2h.el6_3.noarch * katello-selinux-1.1.2-1h.el6_3.noarch Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHSA-2013-0544.html |