On Friday 18 November 2005 16:41, Sam Drinkard wrote:
James B. Byrne wrote:
I have discovered that the default init script distributed with pgsql v8.1 sets the listening port to 5432 but does not enable tcp/ip connections. One must add the -i switch to the invocation line in the script.
As one of the authors of that initscript, I can state with certainty that is is intentional and by design. (See Craig's followups for why; you nailed the reasons, Craig).
I am not sure if this is an oversight or whether there is another way to tell postmaster to start with tcp/ip listening enabled that I am unaware of.
This has already been answered in this thread. Previously, the tcpip_socket parameter was used, but was changed (CVSweb for src/backend/utils/misc/postgresql.conf.sample): ++++++++++++++++++++++ Revision 1.109: download - view: text, markup, annotated - select for diffs Tue Mar 23 01:23:48 2004 UTC (19 months, 4 weeks ago) by tgl Branches: MAIN Diff to previous 1.108: preferred, colored Changes since revision 1.108: +3 -3 lines
Replace the virtual_host and tcpip_socket parameters with a unified listen_addresses parameter, as per recent discussion. The default behavior is now to listen on localhost, which eliminates the need for the -i postmaster switch in many scenarios.
Andrew Dunstan ++++++++++++++++++++++
However, I thought that this information might be of interest to anyone else running a non-distro version of pgsql.
This is true for the distro versions after the above mentioned change.
Note that the CentOS default 7.4 PostgreSQL uses tcpip_socket instead of listen_addresses, but that the default initscript still doesn't start postmaster with a -i.
Jim, also be aware that there is a non-password login from root on that distro, as well as the CentOS version. I found out the hard way after being compromised by some idiot portscanning me. No damage, but thought it odd to have a password-less service open to the world.
This is why -i was made non-default back in PostgreSQL 6.5 days. If the postgres database superuser were to be created by default with a password, then that password would also be well-known (search the pgsql-hackers list archives for some of the many discussions on this topic from the past). Thus, the PostgreSQL developers (myself included once I became RPM maintainer) decided to make TCP/IP listening not the default (it was already the default in the tarball distribution, and I decided to continue this in the RPM). This behavior is now different as of version 8 due to listen_addresses (see Andrew's comment in the CVS log entry above), as now it defaults to listening on localhost only (fixing the most common instance of a local php process accessing localhost:5432).
You will find me (at one of my other e-mail addresses) listed in many of those files, and at http://www.postgresql.org/developer/bios so this is one area I actually know a little about. Not a lot; but a little nonetheless.