Обсуждение: stats and unix sockets
Hi all,
I have a requirement for PG (9.1) to run without any open port at all. Everything is fine, but the stats collector seems to be unable to work unless the port is left open on the fw. Is there any way to tell the stats they should use a unix socket in instead? Google did not offer much on the issue, thus far.
Bèrto
--
==============================
If Pac-Man had affected us as kids, we'd all be running around in a darkened room munching pills and listening to repetitive music.
==============================
If Pac-Man had affected us as kids, we'd all be running around in a darkened room munching pills and listening to repetitive music.
=?UTF-8?B?QsOocnRvIMOrZCBTw6hyYQ==?= <berto.d.sera@gmail.com> writes:
> I have a requirement for PG (9.1) to run without any open port at all.
That's a pretty stupid requirement. The stats collector socket is bound
to itself, so it's inaccessible from anywhere else (on machine or off)
regardless of firewall settings. There's no need to worry about it,
and no there is not a provision for doing it via unix socket instead.
regards, tom lane
Hi!
-- That's a pretty stupid requirement. The stats collector socket is bound
to itself, so it's inaccessible from anywhere else (on machine or off)
regardless of firewall settings. There's no need to worry about it,
and no there is not a provision for doing it via unix socket instead.
Indeed it is a totally harmless thing and the request makes little (if any) sense. I will pass the answer over and I do share your stance regarding excess in paranoid modes :)
Bèrto
==============================
If Pac-Man had affected us as kids, we'd all be running around in a darkened room munching pills and listening to repetitive music.
On Wed, Dec 21, 2011 at 9:21 AM, Bèrto ëd Sèra <berto.d.sera@gmail.com> wrote:
Hi!That's a pretty stupid requirement. The stats collector socket is bound
to itself, so it's inaccessible from anywhere else (on machine or off)
regardless of firewall settings. There's no need to worry about it,
and no there is not a provision for doing it via unix socket instead.Indeed it is a totally harmless thing and the request makes little (if any) sense. I will pass the answer over and I do share your stance regarding excess in paranoid modes :)
Can you create a virtual network interface, assign an address to it and have PostgreSQL listen to it in addition to the socket? I'm thinking not the eth0:X type but potentially what VirtualBox (vboxnet0), VMware (vmnet0) or other virtualization products do using brctl.
Greg
Hi!
This might actually be an option, I'll forward it to the admin, as I'm not personally in charge for this level of configuration on the box.
Can you create a virtual network interface, assign an address to it and have PostgreSQL listen to it in addition to the socket? I'm thinking not the eth0:X type but potentially what VirtualBox (vboxnet0), VMware (vmnet0) or other virtualization products do using brctl.
Thanks
Bèrto
--
==============================
If Pac-Man had affected us as kids, we'd all be running around in a darkened room munching pills and listening to repetitive music.
==============================
If Pac-Man had affected us as kids, we'd all be running around in a darkened room munching pills and listening to repetitive music.