EL7 and Apache private /tmp/ directories
| От | James Laska |
|---|---|
| Тема | EL7 and Apache private /tmp/ directories |
| Дата | |
| Msg-id | CAFyeYZ4_ymebdv7h4zTpT2r7XHt894-y=mSF9_R=ZTTyxuWkLg@mail.gmail.com обсуждение исходный текст |
| Ответы |
Re: EL7 and Apache private /tmp/ directories
|
| Список | pgsql-pkg-yum |
Greetings,
In EL7 (RHEL+CentOS), as a security measure, Apache processes get a private /tmp/ directory [1]. As a result, this means that any Apache processes attempting to connect to postgresql using a domain socket will be unable to connect.
EL7 (and Fedora) address this problem by updating the following setting in postgresql.conf [2]
Thanks,
James
[1] https://fedoraproject.org/wiki/Features/ServicesPrivateTmp
[2] http://bugzilla.redhat.com/825448
[3] http://pkgs.fedoraproject.org/cgit/postgresql.git/tree/postgresql-var-run-socket.patch
In EL7 (RHEL+CentOS), as a security measure, Apache processes get a private /tmp/ directory [1]. As a result, this means that any Apache processes attempting to connect to postgresql using a domain socket will be unable to connect.
EL7 (and Fedora) address this problem by updating the following setting in postgresql.conf [2]
unix_socket_directories = '/var/run/postgresql, /tmp'
And by modifying DEFAULT_PGSOCKET_DIR in pg_config_manual.h [3].
-#define DEFAULT_PGSOCKET_DIR "/tmp"
+#define DEFAULT_PGSOCKET_DIR "/var/run/postgresql"
Can these changes be included in the EL7 RPMs provided at yum.postgresql.org?
Thanks,
James
[1] https://fedoraproject.org/wiki/Features/ServicesPrivateTmp
[2] http://bugzilla.redhat.com/825448
[3] http://pkgs.fedoraproject.org/cgit/postgresql.git/tree/postgresql-var-run-socket.patch
В списке pgsql-pkg-yum по дате отправления: