rdelaage
/
postgresql
mirror of https://git.postgresql.org/git/postgresql.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Replace the virtual_host and tcpip_socket parameters with a unified 

listen_addresses parameter, as per recent discussion.  The default behavior
is now to listen on localhost, which eliminates the need for the -i
postmaster switch in many scenarios.

Andrew Dunstan
This commit is contained in:
Tom Lane 2004-03-23 01:23:48 +00:00
parent 0d88dd1e50
commit 2e45c143ef
9 changed files with 147 additions and 159 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
doc/FAQ_QNX4
View File

@ -1,6 +1,6 @@
PostgreSQL on QNX 4
--------------------
last updated: $Date: 2002/07/09 04:47:07 $
last updated: $Date: 2004/03/23 01:23:47 $
current maintainer: Bernd Tegge (tegge@repas-aeg.de)
original author: Andreas Kardos (kardos@repas-aeg.de)
@ -23,10 +23,9 @@ functionality cannot be used. Shared library support could probably be
implemented in future.
QNX 4 does not support UNIX domain sockets. Clients must use TCP/IP
sockets. Therefore you either have to set "tcpip_socket = true" in
your postgresql.conf or to start postmaster with the -i option.
Furthermore it's advisable to set to set the PGHOST or SOCK environment
variable for postmaster in an environment using native QNX networking.
sockets. Therefore, do not set "listen_addresses" to empty in your
postgresql.conf file. In fact, it's advisable to explicitly set
"listen_addresses" in an environment using native QNX networking.
Otherwise the postmaster might not use the IP-Address you think it does :-)
Prerequisites:

34
doc/src/sgml/client-auth.sgml
View File

@ -1,5 +1,5 @@
<!--
$PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.64 2004/03/09 16:57:46 neilc Exp $
$PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.65 2004/03/23 01:23:48 tgl Exp $
-->
<chapter id="client-authentication">
@ -112,13 +112,19 @@ hostnossl <replaceable>database</replaceable> <replaceable>user</replaceable>
<listitem>
<para>
This record matches connection attempts made using TCP/IP.
Note that TCP/IP connections are disabled unless the server is
started with the <option>-i</option> option or the <xref
linkend="guc-tcpip-socket"> configuration parameter is
enabled. <literal>host</literal> records match either
<literal>host</literal> records match either
<acronym>SSL</acronym> or non-<acronym>SSL</acronym> connection
attempts.
</para>
<note>
<para>
Remote TCP/IP connections will not be possible unless
the server is started with an appropriate value for the
<xref linkend="guc-listen-addresses"> configuration parameter,
since the default behavior is to listen for TCP/IP connections
only on the local loopback address <literal>localhost</>.
</para>
</note>
</listitem>
</varlistentry>
@ -126,17 +132,17 @@ hostnossl <replaceable>database</replaceable> <replaceable>user</replaceable>
<term><literal>hostssl</literal></term>
<listitem>
<para>
This record matches connection attempts made using TCP/IP. In
addition, this record requires that the connection is made with
<acronym>SSL</acronym>.
This record matches connection attempts made using TCP/IP,
but only when the connection is made with <acronym>SSL</acronym>
encryption.
</para>
<para>
To make use of this option the server must be built with
<acronym>SSL</acronym> support enabled. Furthermore,
<acronym>SSL</acronym> must be enabled by setting the <xref
linkend="guc-ssl"> configuration parameter (see <xref
linkend="ssl-tcp"> for more information).
<acronym>SSL</acronym> support. Furthermore,
<acronym>SSL</acronym> must be enabled at server start time
by setting the <xref linkend="guc-ssl"> configuration parameter (see
<xref linkend="ssl-tcp"> for more information).
</para>
</listitem>
</varlistentry>
@ -146,8 +152,8 @@ hostnossl <replaceable>database</replaceable> <replaceable>user</replaceable>
<listitem>
<para>
This record is similar to <literal>hostssl</> but with the
opposite logic: it only matches connection attempts made over
TCP/IP that do not use <acronym>SSL</acronym>.
opposite logic: it only matches connection attempts made over
TCP/IP that do not use <acronym>SSL</acronym>.
</para>
</listitem>
</varlistentry>

35
doc/src/sgml/ref/postmaster.sgml
View File

@ -1,5 +1,5 @@
<!--
$PostgreSQL: pgsql/doc/src/sgml/ref/postmaster.sgml,v 1.46 2004/03/09 16:57:47 neilc Exp $
$PostgreSQL: pgsql/doc/src/sgml/ref/postmaster.sgml,v 1.47 2004/03/23 01:23:48 tgl Exp $
PostgreSQL documentation
-->
@ -165,11 +165,17 @@ PostgreSQL documentation
<term><option>-h <replaceable class="parameter">hostname</replaceable></option></term>
<listitem>
<para>
Specifies the IP host name or address on which the
<command>postmaster</command> is to listen for
connections from client applications. Defaults to
listening on all configured addresses (including
<systemitem class="systemname">localhost</systemitem>).
Specifies the IP host name or address on which the
<command>postmaster</command> is to listen for TCP/IP
connections from client applications. The value can also be
a space-separated list of addresses, or <literal>*</> to specify
listening on all available interfaces. An empty value specifies
not listening on any IP addresses, in which case only Unix-domain
sockets can be used to connect to the <command>postmaster</command>.
Defaults to listening only
on <systemitem class="systemname">localhost</systemitem>.
This option is equivalent to setting <literal>listen_addresses</> in
<filename>postgresql.conf</>.
</para>
</listitem>
</varlistentry>
@ -178,14 +184,16 @@ PostgreSQL documentation
<term><option>-i</option></term>
<listitem>
<para>
Allows clients to connect via TCP/IP (Internet domain)
connections. Without this option, only local Unix domain
socket connections are accepted. This option corresponds
to setting <literal>tcpip_socket=true</> in <filename>postgresql.conf</>.
Allows remote clients to connect via TCP/IP (Internet domain)
connections. Without this option, only local connections are
accepted. This option is equivalent to setting
<literal>listen_addresses</> to <literal>*</> in
<filename>postgresql.conf</> or via <option>-h</>.
</para>
<para>
<option>--tcpip-socket=false</option> has the opposite
effect of this option.
This option is deprecated since it does not allow access to the
full functionality of <literal>listen_addresses</>. It's usually
better to set <literal>listen_addresses</> directly.
</para>
</listitem>
</varlistentry>
@ -206,8 +214,7 @@ PostgreSQL documentation
<term><option>-l</option></term>
<listitem>
<para>
Enables secure connections using SSL. The <option>-i</option>
option is also required. You must have compiled with SSL
Enables secure connections using SSL. You must have compiled with SSL
enabled to use this option.
</para>
</listitem>

79
doc/src/sgml/runtime.sgml
View File

@ -1,5 +1,5 @@
<!--
$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.251 2004/03/15 17:57:51 momjian Exp $
$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.252 2004/03/23 01:23:48 tgl Exp $
-->
<Chapter Id="runtime">
@ -186,11 +186,7 @@ $ <userinput>postmaster -D /usr/local/pgsql/data &gt;logfile 2&gt;&amp;1 &amp;</
<para>
The <command>postmaster</command> also takes a number of other
command line options. For more information, see the reference page
and <xref linkend="runtime-config"> below. In particular, in order
for the server to accept
TCP/IP<indexterm><primary>TCP/IP</primary></indexterm> connections
(rather than just Unix-domain socket ones), you must specify the
<option>-i</option> option.
and <xref linkend="runtime-config"> below.
</para>
<para>
@ -333,7 +329,7 @@ FATAL: could not create TCP/IP listen socket
be a different problem. For example, trying to start a <command>postmaster</command>
on a reserved port number may draw something like:
<screen>
$ <userinput>postmaster -i -p 666</userinput>
$ <userinput>postmaster -p 666</userinput>
LOG: could not bind IPv4 socket: Permission denied
HINT: Is another postmaster already running on port 666? If not, wait a few seconds and retry.
FATAL: could not create TCP/IP listen socket
@ -570,19 +566,38 @@ SET ENABLE_SEQSCAN TO OFF;
<title>Connection Settings</title>
<variablelist>
<varlistentry id="guc-tcpip-socket" xreflabel="tcpip_socket">
<term><varname>tcpip_socket</varname> (<type>boolean</type>)</term>
<varlistentry id="guc-listen-addresses" xreflabel="listen_addresses">
<term><varname>listen_addresses</varname> (<type>string</type>)</term>
<listitem>
<para>
If this is true, then the server will accept TCP/IP connections.<indexterm><primary>TCP/IP</></>
Otherwise only local Unix domain socket connections are
accepted. It is off by default. This option can only be set at
server start.
Specifies the TCP/IP address(es) on which the server is
to listen for connections from client applications.
The value takes the form of a space-separated list of host names
and/or numeric IP addresses. The special entry <literal>*</>
corresponds to all available IP interfaces.
If the list is empty, the server does not listen on any IP interface
at all, in which case only Unix-domain sockets can be used to connect
to it.
The default value is <systemitem class="systemname">localhost</>,
which allows only local <quote>loopback</> connections to be made.
This parameter can only be set at server start.
</para>
</listitem>
</varlistentry>
<varlistentry id="guc-port" xreflabel="port">
<term><varname>port</varname> (<type>integer</type>)</term>
<indexterm><primary>port</></>
<listitem>
<para>
The TCP port the server listens on; 5432 by default. Note that the
same port number is used for all IP addresses the server listens on.
This parameter can only be set at server start.
</para>
</listitem>
</varlistentry>
<varlistentry id="guc-max-connections" xreflabel="max_connections">
<term><varname>max_connections</varname> (<type>integer</type>)</term>
<listitem>
@ -628,17 +643,6 @@ SET ENABLE_SEQSCAN TO OFF;
</listitem>
</varlistentry>
<varlistentry id="guc-port" xreflabel="port">
<term><varname>port</varname> (<type>integer</type>)</term>
<indexterm><primary>port</></>
<listitem>
<para>
The TCP port the server listens on; 5432 by default. This
option can only be set at server start.
</para>
</listitem>
</varlistentry>
<varlistentry id="guc-unix-socket-directory" xreflabel="unix_socket_directory">
<term><varname>unix_socket_directory</varname> (<type>string</type>)</term>
@ -648,6 +652,7 @@ SET ENABLE_SEQSCAN TO OFF;
server is to listen for
connections from client applications. The default is normally
<filename>/tmp</filename>, but can be changed at build time.
This parameter can only be set at server start.
</para>
</listitem>
</varlistentry>
@ -701,27 +706,15 @@ SET ENABLE_SEQSCAN TO OFF;
</para>
</listitem>
</varlistentry>
<varlistentry id="guc-virtual-host" xreflabel="virtual_host">
<term><varname>virtual_host</varname> (<type>string</type>)</term>
<listitem>
<para>
Specifies the IP address(es) on which the server is
to listen for connections from client applications. If specified,
it takes the form of a space-separated list of host names and/or
numeric IP addresses. If the list is empty, the server listens
on all available addresses (including
<systemitem class="systemname">localhost</>).
</para>
</listitem>
</varlistentry>
<varlistentry id="guc-rendezvous-name" xreflabel="rendezvous_name">
<term><varname>rendezvous_name</varname> (<type>string</type>)</term>
<listitem>
<para>
Specifies the Rendezvous broadcast name. By default, the
computer name is used, specified as ''.
computer name is used, specified as an empty string ''.
This option is only meaningful on platforms that support Rendezvous.
This option can only be set at server start.
</para>
</listitem>
</varlistentry>
@ -3009,11 +3002,11 @@ dynamic_library_path = '/usr/local/lib/postgresql:/home/my_project/lib:$libdir'
</row>
<row>
<entry><option>-h <replaceable>x</replaceable></option></entry>
<entry><literal>virtual_host = <replaceable>x</replaceable></></entry>
<entry><literal>listen_addresses = <replaceable>x</replaceable></></entry>
</row>
<row>
<entry><option>-i</option></entry>
<entry><literal>tcpip_socket = on</></entry>
<entry><literal>listen_addresses = '*'</></entry>
</row>
<row>
<entry><option>-k <replaceable>x</replaceable></option></entry>

117
src/backend/postmaster/postmaster.c
View File

@ -37,7 +37,7 @@
*
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.375 2004/03/15 16:18:42 momjian Exp $
* $PostgreSQL: pgsql/src/backend/postmaster/postmaster.c,v 1.376 2004/03/23 01:23:48 tgl Exp $
*
* NOTES
*
@ -149,7 +149,7 @@ static Backend *ShmemBackendArray;
/* The socket number we are listening for connections on */
int PostPortNumber;
char *UnixSocketDir;
char *VirtualHost;
char *ListenAddresses;
/*
* MaxBackends is the limit on the number of backends we can start.
@ -202,7 +202,6 @@ static bool Reinit = true;
static int SendStop = false;
/* still more option variables */
bool NetServer = false; /* listen on TCP/IP */
bool EnableSSL = false;
bool SilentMode = false; /* silent mode (-S) */
@ -513,10 +512,10 @@ PostmasterMain(int argc, char *argv[])
SetConfigOption("fsync", "false", PGC_POSTMASTER, PGC_S_ARGV);
break;
case 'h':
SetConfigOption("virtual_host", optarg, PGC_POSTMASTER, PGC_S_ARGV);
SetConfigOption("listen_addresses", optarg, PGC_POSTMASTER, PGC_S_ARGV);
break;
case 'i':
SetConfigOption("tcpip_socket", "true", PGC_POSTMASTER, PGC_S_ARGV);
SetConfigOption("listen_addresses", "*", PGC_POSTMASTER, PGC_S_ARGV);
break;
case 'k':
SetConfigOption("unix_socket_directory", optarg, PGC_POSTMASTER, PGC_S_ARGV);
@ -704,11 +703,6 @@ PostmasterMain(int argc, char *argv[])
* Initialize SSL library, if specified.
*/
#ifdef USE_SSL
if (EnableSSL && !NetServer)
{
postmaster_error("TCP/IP connections must be enabled for SSL");
ExitPostmaster(1);
}
if (EnableSSL)
secure_initialize();
#endif
@ -753,68 +747,60 @@ PostmasterMain(int argc, char *argv[])
for (i = 0; i < MAXLISTEN; i++)
ListenSocket[i] = -1;
if (NetServer)
if (ListenAddresses)
{
if (VirtualHost && VirtualHost[0])
{
char *curhost,
*endptr;
char c = 0;
char *curhost,
*endptr;
char c;
curhost = VirtualHost;
for (;;)
{
while (*curhost == ' ') /* skip any extra spaces */
curhost++;
if (*curhost == '\0')
break;
endptr = strchr(curhost, ' ');
if (endptr)
{
c = *endptr;
*endptr = '\0';
}
curhost = ListenAddresses;
for (;;)
{
/* ignore whitespace */
while (isspace((unsigned char) *curhost))
curhost++;
if (*curhost == '\0')
break;
endptr = curhost;
while (*endptr != '\0' && !isspace((unsigned char) *endptr))
endptr++;
c = *endptr;
*endptr = '\0';
if (strcmp(curhost,"*") == 0)
status = StreamServerPort(AF_UNSPEC, NULL,
(unsigned short) PostPortNumber,
UnixSocketDir,
ListenSocket, MAXLISTEN);
else
status = StreamServerPort(AF_UNSPEC, curhost,
(unsigned short) PostPortNumber,
UnixSocketDir,
ListenSocket, MAXLISTEN);
if (status != STATUS_OK)
ereport(FATAL,
(errmsg("could not create listen socket for \"%s\"",
curhost)));
if (endptr)
{
*endptr = c;
curhost = endptr + 1;
}
else
break;
}
}
else
{
status = StreamServerPort(AF_UNSPEC, NULL,
(unsigned short) PostPortNumber,
UnixSocketDir,
ListenSocket, MAXLISTEN);
if (status != STATUS_OK)
ereport(FATAL,
(errmsg("could not create TCP/IP listen socket")));
ereport(WARNING,
(errmsg("could not create listen socket for \"%s\"",
curhost)));
*endptr = c;
if (c != '\0')
curhost = endptr+1;
else
break;
}
}
#ifdef USE_RENDEZVOUS
if (rendezvous_name != NULL)
{
DNSServiceRegistrationCreate(rendezvous_name,
"_postgresql._tcp.",
"",
htonl(PostPortNumber),
"",
(DNSServiceRegistrationReply) reg_reply,
NULL);
}
#endif
/* Register for Rendezvous only if we opened TCP socket(s) */
if (ListenSocket[0] != -1 && rendezvous_name != NULL)
{
DNSServiceRegistrationCreate(rendezvous_name,
"_postgresql._tcp.",
"",
htonl(PostPortNumber),
"",
(DNSServiceRegistrationReply) reg_reply,
NULL);
}
#endif
#ifdef HAVE_UNIX_SOCKETS
status = StreamServerPort(AF_UNIX, NULL,
@ -822,10 +808,17 @@ PostmasterMain(int argc, char *argv[])
UnixSocketDir,
ListenSocket, MAXLISTEN);
if (status != STATUS_OK)
ereport(FATAL,
ereport(WARNING,
(errmsg("could not create Unix-domain socket")));
#endif
/*
* check that we have some socket to listen on
*/
if (ListenSocket[0] == -1)
ereport(FATAL,
(errmsg("no socket configured to listen on")));
XLOGPathInit();
/*

18
src/backend/utils/misc/guc.c
View File

@ -10,7 +10,7 @@
* Written by Peter Eisentraut <peter_e@gmx.net>.
*
* IDENTIFICATION
* $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.191 2004/03/22 03:15:29 momjian Exp $
* $PostgreSQL: pgsql/src/backend/utils/misc/guc.c,v 1.192 2004/03/23 01:23:48 tgl Exp $
*
*--------------------------------------------------------------------
*/
@ -443,14 +443,6 @@ static struct config_bool ConfigureNamesBool[] =
&session_auth_is_superuser,
false, NULL, NULL
},
{
{"tcpip_socket", PGC_POSTMASTER, CONN_AUTH_SETTINGS,
gettext_noop("Makes the server accept TCP/IP connections."),
NULL
},
&NetServer,
false, NULL, NULL
},
{
{"ssl", PGC_POSTMASTER, CONN_AUTH_SECURITY,
gettext_noop("Enables SSL connections."),
@ -1711,12 +1703,12 @@ static struct config_string ConfigureNamesString[] =
},
{
{"virtual_host", PGC_POSTMASTER, CONN_AUTH_SETTINGS,
gettext_noop("Sets the host name or IP address to listen to."),
{"listen_addresses", PGC_POSTMASTER, CONN_AUTH_SETTINGS,
gettext_noop("Sets the host name or IP addresses to listen to."),
NULL
},
&VirtualHost,
"", NULL, NULL
&ListenAddresses,
"localhost", NULL, NULL
},
{

6
src/backend/utils/misc/postgresql.conf.sample
View File

@ -27,17 +27,17 @@
# - Connection Settings -
#tcpip_socket = false
#listen_addresses = 'localhost' # what IP interface(s) to listen on;
# defaults to localhost, '*' = any
#port = 5432
#max_connections = 100
# note: increasing max_connections costs about 500 bytes of shared
# memory per connection slot, in addition to costs from shared_buffers
# and max_locks_per_transaction.
#superuser_reserved_connections = 2
#port = 5432
#unix_socket_directory = ''
#unix_socket_group = ''
#unix_socket_permissions = 0777 # octal
#virtual_host = '' # what interface to listen on; defaults to any
#rendezvous_name = '' # defaults to the computer name
# - Security & Authentication -

3
src/bin/psql/tab-complete.c
View File

@ -3,7 +3,7 @@
*
* Copyright (c) 2000-2003, PostgreSQL Global Development Group
*
* $PostgreSQL: pgsql/src/bin/psql/tab-complete.c,v 1.101 2004/02/03 17:34:03 tgl Exp $
* $PostgreSQL: pgsql/src/bin/psql/tab-complete.c,v 1.102 2004/03/23 01:23:48 tgl Exp $
*/
/*----------------------------------------------------------------------
@ -560,7 +560,6 @@ psql_completion(char *text, int start, int end)
"syslog",
"syslog_facility",
"syslog_ident",
"tcpip_socket",
"TimeZone",
"trace_notify",
"transform_null_equals",

5
src/include/miscadmin.h
View File

@ -12,7 +12,7 @@
* Portions Copyright (c) 1996-2003, PostgreSQL Global Development Group
* Portions Copyright (c) 1994, Regents of the University of California
*
* $PostgreSQL: pgsql/src/include/miscadmin.h,v 1.153 2004/02/10 03:42:45 tgl Exp $
* $PostgreSQL: pgsql/src/include/miscadmin.h,v 1.154 2004/03/23 01:23:48 tgl Exp $
*
* NOTES
* some of the information in this file should be moved to
@ -212,7 +212,6 @@ extern bool VacuumCostActive;
* A few postmaster startup options are exported here so the
* configuration file processor can access them.
*/
extern bool NetServer;
extern bool EnableSSL;
extern bool SilentMode;
extern int MaxBackends;
@ -222,7 +221,7 @@ extern int PostPortNumber;
extern int Unix_socket_permissions;
extern char *Unix_socket_group;
extern char *UnixSocketDir;
extern char *VirtualHost;
extern char *ListenAddresses;
/*****************************************************************************