Bug 189764 - Postgres dblink not working with SELinux enabled
Summary: Postgres dblink not working with SELinux enabled
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: 5
Hardware: i386
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-04-24 14:05 UTC by Manish Gupta
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

(edit)
Clone Of:
(edit)
Last Closed: 2007-03-28 20:06:14 UTC


Attachments (Terms of Use)

Description Manish Gupta 2006-04-24 14:05:45 UTC
Recently, I upgraded one of my server from FC4 to FC5. This also upgraded
postgresql to 8.1.3. The upgrade was flawless as my earlier FC4 install was a
vanilla install. Unfortunately, I cannot get dblink to work in this version of
postgresql. I created two fresh databases and tried... still no luck. I keep
getting the following error:

bulbulbo=# select dblink_connect('hostaddr=127.0.0.1 dbname=bulbulfo user=bulbul
password=password');

ERROR:  could not establish connection
DETAIL:  could not connect to server: Permission denied
      Is the server running on host "127.0.0.1" and accepting
      TCP/IP connections on port 5432?

bulbulbo=# select dblink_connect('dbname=bulbulfo user=bulbul');
ERROR:  could not establish connection
DETAIL:  could not connect to server: Permission denied
       Is the server running locally and accepting
       connections on Unix domain socket "/tmp/.s.PGSQL.5432"?


My pg_hba.conf is as follows:
----------------------
local   all         all                               trust
# IPv4 local connections:
host    all         all         127.0.0.1/32          password
host    all         all         192.168.0.0/24        password
host    all         all         10.1.2.0/24           password

# IPv6 local connections:
host    all         all         ::1/128               sameuser
--------------------

The error seems to be client authentication error. I researched and found that
the message "could not establish connection" seems to be coming from dblink.c
(inside contrib/dblink), and it gets triggred when it is unable to create
connection to the database. I though that this may be happening because libpq is
not working properly. So, I compiled a simple program, written in C, that uses
libpq and that program works fine.

However, the dblink works fine when I disable SELinux on the machine. This led
me to believe that this might be happening because of policy.

Thanks

Manish

Comment 1 Daniel Walsh 2006-04-25 00:22:16 UTC
FIxed in selinux-policy-2.2.34-3.fc5


Comment 3 Daniel Walsh 2007-03-28 20:06:14 UTC
Closing bugs



Note You need to log in before you can comment on or make changes to this bug.