Обсуждение: Another XP Pro experience
Everyone: I figured since others have been reporting issues with XP/Cygwin/PostgreSQL, I'd chime in with my own observations. (XP Pro SP1, Cygwin 1.3.18-1, PostgreSQL 7.2.3-2, cygipc 1.13-2), and make sure they (and any comments others add) get into the archives. (1) I didn't have the problem some have reported with with ipc-daemon --install-as-service; it worked fine for me. (2) I have been having intermittent failures. It took hours to even figure out how to replicate them, but I believe I have the pattern: In XP Pro, more than one user can be logged in interactively (a user can, rather than logging off, "Switch User", which leaves the first user's processes running). I have a privileged user (root) and an unprivileged user (me), in addition to the postgres user. AFAICT, the second user to log on to Windows cannot connect using psql (or seemingly by any other method). So if a user logs into the system, then another user logs in, the second can't connect. This is irrespective of RUNAS, etc. -- if I'm logged in as root on the GUI, I can connect as root, postgres, and/or me from that, uh, session (I don't know the Windows term for this). If I then switch users (without logging out of root), I can't connect as any user from the other GUI session. The message in the log under these circumstances is: postmaster: StreamConnection: accept: Connection aborted I also have an application which connects via JDBC running as a service on this box, and it appears to display similar behavior, though I haven't focused on using that application as a test case (I've been using psql). It's possible that I'll be able to come up with even more specific detail on what triggers the problem, but these are my conclusions after about 20 minutes of "confirmation" testing (logging in and out continuously is tedious work, and I had of course considered and discarded about 20 theories before even considering the possibility that the user ID of the session might matter in any way). Whether this is at the PostgreSQL level or the Cygwin level (or the cygipc level), I have no idea (not much of a Windows/UNIX hacker myself). This isn't a huge showstopper for me now that I know the rules, though it will lead to minor inconvenience now and again. If anyone wants me to run any other tests or check anything else, I'd be glad to do so (I don't want to bore you with cygcheck or anything unless there's some promising avenue down which someone wants to venture). -- David.
David,
On Mon, Jan 13, 2003 at 12:36:03AM -0500, David P. Caldwell wrote:
> In XP Pro, more than one user can be logged in interactively (a user
> can, rather than logging off, "Switch User", which leaves the first
> user's processes running).
I didn't know of the above -- thanks for the edification. Although, I'm
surprised that this adversely affects psql.
> I have a privileged user (root) and an unprivileged user (me), in
> addition to the postgres user. AFAICT, the second user to log on to
> Windows cannot connect using psql (or seemingly by any other method).
> So if a user logs into the system, then another user logs in, the
> second can't connect.
Does your postmaster accept TCP/IP connections (i.e., runs with the "-i"
option)? If so, can the second user connect via?
$ psql -h localhost
I will repeat my plea for help:
Note that I have no access to XP Home or Pro. So, I cannot update
my README until those with access provide the needed information.
Any help will be greatly appreciated.
Thanks,
Jason
--
PGP/GPG Key: http://www.tishler.net/jason/pubkey.asc or key servers
Fingerprint: 7A73 1405 7F2B E669 C19D 8784 1AFD E4CC ECF4 8EF6
Jason:
I don't know whether you prefer to be copied on these messages to the list or not, so I've done it this time.
To the topic,
Jason Tishler wrote:
Good thinkin'. Yes, I do accept TCP/IP connections, and yes, they do work even for the second user, at least this morning. But the "local" connections don't (I made sure to check again this morning now that I'm fully alert). As a caveat, I've been seeing failures with my JDBC application also (which is what caused me to start digging in the first place), which also (obviously) uses TCP/IP connections, so I will have to investigate further. Right now I can't reproduce those failures, so perhaps one of the 19 other changes/diagnostics I tried has fixed this somehow.
And yes, I'd be happy to keep you (and everyone) updated on my experiences with XP Pro and pgsql-cygwin. So far, that's my only platform-specific issue (others have been the standard file permissions issues on /var/log, /tmp/Multi*, /tmp/cygipc, etc.).
Speaking of permissions, for the real XP newbie (from whom Jason will eventually receive E-mail if we don't take pre-emptive action, and perhaps even if we do), it may be worth pointing out that file security settings are disabled by default, even on XP Pro. XP Pro starts in "simple file sharing" mode (turn it off in Windows Explorer | Tools | Folder Options), which presumably chooses a simple set of defaults and removes the "Security" tab from the file properties dialog. It took a while to find, since most MS documentation assumes you've turned it off in advance. (Quite jarring as it kept saying "click the 'Security' tab," which didn't exist.) The Cygwin ntsec stuff (chown etc.) seems to work fine though, regardless of "mode."
-- David.
I don't know whether you prefer to be copied on these messages to the list or not, so I've done it this time.
To the topic,
Jason Tishler wrote:
Jason:I have a privileged user (root) and an unprivileged user (me), in addition to the postgres user. AFAICT, the second user to log on to Windows cannot connect using psql (or seemingly by any other method). So if a user logs into the system, then another user logs in, the second can't connect.Does your postmaster accept TCP/IP connections (i.e., runs with the "-i" option)? If so, can the second user connect via? $ psql -h localhost I will repeat my plea for help: Note that I have no access to XP Home or Pro. So, I cannot update my README until those with access provide the needed information. Any help will be greatly appreciated. Thanks, Jason
Good thinkin'. Yes, I do accept TCP/IP connections, and yes, they do work even for the second user, at least this morning. But the "local" connections don't (I made sure to check again this morning now that I'm fully alert). As a caveat, I've been seeing failures with my JDBC application also (which is what caused me to start digging in the first place), which also (obviously) uses TCP/IP connections, so I will have to investigate further. Right now I can't reproduce those failures, so perhaps one of the 19 other changes/diagnostics I tried has fixed this somehow.
And yes, I'd be happy to keep you (and everyone) updated on my experiences with XP Pro and pgsql-cygwin. So far, that's my only platform-specific issue (others have been the standard file permissions issues on /var/log, /tmp/Multi*, /tmp/cygipc, etc.).
Speaking of permissions, for the real XP newbie (from whom Jason will eventually receive E-mail if we don't take pre-emptive action, and perhaps even if we do), it may be worth pointing out that file security settings are disabled by default, even on XP Pro. XP Pro starts in "simple file sharing" mode (turn it off in Windows Explorer | Tools | Folder Options), which presumably chooses a simple set of defaults and removes the "Security" tab from the file properties dialog. It took a while to find, since most MS documentation assumes you've turned it off in advance. (Quite jarring as it kept saying "click the 'Security' tab," which didn't exist.) The Cygwin ntsec stuff (chown etc.) seems to work fine though, regardless of "mode."
-- David.
David,
On Mon, Jan 13, 2003 at 08:51:06AM -0500, David P. Caldwell wrote:
> I don't know whether you prefer to be copied on these messages to the
> list or not, so I've done it this time.
Thanks for asking about my preferences -- it is appreciated. As long a
mailing list is one of the addressees, then I'm happy. My procmail
recipes will de-dup (or dup) to meet my needs. I don't make a fuss
about dups (because I don't get them unless I want to). However,
private email is another story... :,)
> Good thinkin'. Yes, I do accept TCP/IP connections, and yes, they do
> work even for the second user, at least this morning. But the "local"
> connections don't (I made sure to check again this morning now that
> I'm fully alert). As a caveat, I've been seeing failures with my JDBC
> application also (which is what caused me to start digging in the
> first place), which also (obviously) uses TCP /IP connections, so I
> will have to investigate further. Right now I can't reproduce those
> failures, so perhaps one of the 19 other changes/diagnostics I tried
> has fixed this somehow.
What is the permissions of the postmaster's AF_UNIX socket file?
$ ls -l /tmp/.s.PGSQL.5432
srwxrwxrwt 1 jt None 51 Jan 13 15:32 /tmp/.s.PGSQL.5432
Are yours more restrictive then above? If so, then this could explain
your local connection problems.
> And yes, I'd be happy to keep you (and everyone) updated on my
> experiences with XP Pro and pgsql-cygwin. So far, that's my only
> platform-specific issue (others have been the standard file
> permissions issues on /var/log, /tmp/Multi *, /tmp/cygipc, etc.).
Thanks!
> Speaking of permissions, for the real XP newbie (from whom Jason will
> eventually receive E-mail if we don't take pre-emptive action, and
> perhaps even if we do), it may be worth pointing out that file
> security settings are disabled by default, even on XP Pro.
> [snip]
Just a WAG, but maybe the above is confusing Cygwin's setup.exe (which
is a straight Win32 app and currently does *not* "use" ntsec) into
creating files and directories with problematic permissions?
Thanks,
Jason
--
PGP/GPG Key: http://www.tishler.net/jason/pubkey.asc or key servers
Fingerprint: 7A73 1405 7F2B E669 C19D 8784 1AFD E4CC ECF4 8EF6
Jason Tishler wrote:
$ ls -al .s*
srwxrwxrwt 1 postgres None 51 Jan 13 12:50 .s.PGSQL.5432=
-rw------- 1 postgres None 32 Jan 13 12:50 .s.PGSQL.5432.lock
Gosh, maybe if I paid the money to subscribe to MSDN I could sort this out ... :)
-- David.
Not that I can see through the UNIX side -- although the lockfile is.Good thinkin'. Yes, I do accept TCP/IP connections, and yes, they do work even for the second user, at least this morning. But the "local" connections don't (I made sure to check again this morning now that I'm fully alert). As a caveat, I've been seeing failures with my JDBC application also (which is what caused me to start digging in the first place), which also (obviously) uses TCP /IP connections, so I will have to investigate further. Right now I can't reproduce those failures, so perhaps one of the 19 other changes/diagnostics I tried has fixed this somehow.What is the permissions of the postmaster's AF_UNIX socket file? $ ls -l /tmp/.s.PGSQL.5432 srwxrwxrwt 1 jt None 51 Jan 13 15:32 /tmp/.s.PGSQL.5432 Are yours more restrictive then above? If so, then this could explain your local connection problems.
$ ls -al .s*
srwxrwxrwt 1 postgres None 51 Jan 13 12:50 .s.PGSQL.5432=
-rw------- 1 postgres None 32 Jan 13 12:50 .s.PGSQL.5432.lock
My own WAG would be "no" -- that the XP default is simply "skinning" the underlying permissions and that the change in modes only affects the UI level. As, um, "evidence" I would cite the fact that the option is under the "View" tab in Windows Explorer folder options, that unprivileged users appear to be allowed to change it, and that privileged users don't get a confirmation dialog when changing it. (A counterargument would be that unchecking that option in my unprivileged account currently appears to have no effect -- the "Security" tab still shows up on a file's property sheet.) It's possible the answer is somewhat in-between -- that it affects *defaults* at the API level, rather than just the UI level. (Toggling the mode using the privileged account at least doesn't appear to blow away the more "complicated" permissions.)Speaking of permissions, for the real XP newbie (from whom Jason will eventually receive E-mail if we don't take pre-emptive action, and perhaps even if we do), it may be worth pointing out that file security settings are disabled by default, even on XP Pro. [snip]Just a WAG, but maybe the above is confusing Cygwin's setup.exe (which is a straight Win32 app and currently does *not* "use" ntsec) into creating files and directories with problematic permissions?
Gosh, maybe if I paid the money to subscribe to MSDN I could sort this out ... :)
-- David.