Tags Tags

Bug#684429: postgresql 9.1 cant allow conection: port 5432 are not visible in any case

August 09th, 2012 - 05:40 pm ET by PICCORO McKAY Lenz | Report spam
Help Create a new topic
Package: postgresql-9.1
Version: 9.1.4-2~bpo60+1
Severity: important

I have installed the backported version of postgresql,
but if instaled this release first any user can connect by remote hosts,
i mean from another computer connections are impossible, the port 5432
are closed
even if postgres, firewall and any thing are configured without security!!!!
I put all information here and
I described how i solved but tthis method are not the right ok:

1) i installed all components from backports in clean env,
for postgres at today and sure there's no 8.X component instaled.
2) i have setup with trust for all users over local o remote,
using default port and listen on all address.

I cannot conect, also by scaning ports i can see the postgresql port open..

the firewall are all gone, no firewall rules , no other services using the port.

3)i reinstaled older version 8.4 for squeeze and then i can connect again..
in this process i also reinstall pgpool from 3 to 1.3
4)then back to newer backported included pgpool 3 and slony from testing
and now port apears by magic!

THIS ITS SERIOUSLY VERY RARE, i think postgresql 8.X let remaining some files
and then postgresql 9.X use and base thems..

sorry for no more information i not have more time for that.. but u must see
if this are in wheeze , due are a important bug that let unusefully
the DBMS 9.X in next stable!!!!

- pg_hba.conf file dump:
# Database administrative login by Unix domain socket
local all postgres peer
# TYPE DATABASE USER ADDRESS METHOD

# "local" is for Unix domain socket connections only
local all all trust
# IPv4 local connections:
host all all trust

- line to listen are here:
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost', '*' = all
# (change requires restart)
port = 5432 # (change requires restart)


- commands showing no ports available if host are used:

root@sysdevel:/var/log# /etc/init.d/postgresql restart
Restarting PostgreSQL 9.1 database server: main.
root@sysdevel:/var/log# netstat -nxl | grep PGSQL
unix 2 [ ACC ] STREAM LISTENING 940787
/var/run/postgresql/.s.PGSQL.5433
root@sysdevel:/var/log# nmap 37.10.254.20

Starting Nmap 5.00 ( http://nmap.org ) at 2012-08-09 11:45 VET
Interesting ports on 37.10.254.20:
Not shown: 996 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
8080/tcp open http-proxy

Nmap done: 1 IP address (1 host up) scanned in 5.55 seconds
root@sysdevel:/var/log# ifconfig
eth0 Link encap:Ethernet HWaddr bc:30:5b:e3:11:48
inet addr:37.10.254.20 Bcast:37.10.254.255 Mask:255.255.255.0
inet6 addr: fe80::be30:5bff:fee3:1148/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:57963800 errors:0 dropped:0 overruns:0 frame:0
TX packets:69683382 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:37871383513 (35.2 GiB) TX bytes:84903352963 (79.0 GiB)
Interrupt:16

Debian Release: 6.1
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-0.bpo.2-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages postgresql-9.1 depends on:
ii libc6 2.11.3-3 Embedded GNU C Library: Shared lib
ii libcomerr2 1.41.12-4stable1 common error description library
ii libgssapi-krb5-2 1.8.3+dfsg-4squeeze6 MIT Kerberos runtime libraries - k
ii libkrb5-3 1.8.3+dfsg-4squeeze6 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.23-7.2 OpenLDAP libraries
ii libpam0g 1.1.1-6.1+squeeze1 Pluggable Authentication Modules l
ii libpq5 9.1.4-2~bpo60+1 PostgreSQL C client library
ii libssl0.9.8 0.9.8o-4vnz1 SSL and crypto shared libraries
ii libxml2 2.7.8.dfsg-2+squeeze5 GNOME XML library
ii locales 2.11.3-3 Embedded GNU C Library: National L
ii postgresql-client- 9.1.4-2~bpo60+1 front-end programs for PostgreSQL
ii postgresql-common 130~bpo60+2 PostgreSQL database-cluster manage
ii ssl-cert 1.0.28 simple debconf wrapper for OpenSSL
ii tzdata 2012c-0squeeze1 time zone and daylight-saving time

postgresql-9.1 recommends no packages.

Versions of packages postgresql-9.1 suggests:
pn locales-all <none> (no description available)
pn oidentd | ident-server <none> (no description available)



Lenz McKAY Gerardo (PICCORO)
http://qglochekone.blogspot.com


To UNSUBSCRIBE, email to debian-bugs-dist-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
email Follow the discussionReplies 4 repliesReplies Make a reply

Similar topics

Display all similar topics

Replies

#1 Christoph Berg
August 10th, 2012 - 03:50 am ET | Report spam

Control: tags -1 moreinfo

Re: PICCORO McKAY Lenz 2012-08-09 <CALci+FSPTEkxoLPeG3CLGacHqXQ+gb_oz3n-cw=
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost', '*' = all
# (change requires restart)
port = 5432 # (change requires restart)


- commands showing no ports available if host are used:

:/var/log# /etc/init.d/postgresql restart
Restarting PostgreSQL 9.1 database server: main.
:/var/log# netstat -nxl | grep PGSQL
unix 2 [ ACC ] STREAM LISTENING 940787
/var/run/postgresql/.s.PGSQL.5433



Hi,

could you try

/etc/init.d/postgresql stop
/etc/init.d/postgresql start

instead?

Christoph
| http://www.df7cb.de/





To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact
Replies Reply to this message
#2 PICCORO McKAY Lenz
August 10th, 2012 - 09:10 am ET | Report spam
err i said that i try ALL things.. yet start and then stop and then
start, not working.. bvefore send to u bug report i made a lot of
tests.. including install in others host (3 hosts).. i stop, then
stop pgpool, then start postgresql and then start pgpool

i try all ALL and when reinstall works.. also try installing only
minimal binaryes (only server and common debs) or installing all
including a wheeze/testing debian with testing postgresq deb's..

start and then stop did'n work!

also disable all security dont work..

On Fri, Aug 10, 2012 at 3:10 AM, Christoph Berg wrote:
Control: tags -1 moreinfo

Re: PICCORO McKAY Lenz 2012-08-09 <CALci+FSPTEkxoLPeG3CLGacHqXQ+gb_oz3n-cw=
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost', '*' = all
# (change requires restart)
port = 5432 # (change requires restart)


- commands showing no ports available if host are used:

:/var/log# /etc/init.d/postgresql restart
Restarting PostgreSQL 9.1 database server: main.
:/var/log# netstat -nxl | grep PGSQL
unix 2 [ ACC ] STREAM LISTENING 940787
/var/run/postgresql/.s.PGSQL.5433



Hi,

could you try

/etc/init.d/postgresql stop
/etc/init.d/postgresql start

instead?

Christoph
| http://www.df7cb.de/





Lenz McKAY Gerardo (PICCORO)
http://qglochekone.blogspot.com


To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact
Replies Reply to this message
#3 Christoph Berg
September 07th, 2012 - 04:50 pm ET | Report spam
Control: tag -1 unreproducible
Control: severity -1 normal

Re: PICCORO McKAY Lenz 2012-08-09 <CALci+FSPTEkxoLPeG3CLGacHqXQ+gb_oz3n-cw=
- line to listen are here:
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost', '*' = all
# (change requires restart)
port = 5432 # (change requires restart)


- commands showing no ports available if host are used:

:/var/log# /etc/init.d/postgresql restart
Restarting PostgreSQL 9.1 database server: main.
:/var/log# netstat -nxl | grep PGSQL
unix 2 [ ACC ] STREAM LISTENING 940787
/var/run/postgresql/.s.PGSQL.5433



Hi, a late followup here:

That command actually excludes the TCP ports, the correct command to
use here would be netstat -tlpn | grep 543.

Also, you have port 5433 listed here - please make sure the system is
really using the config file you think it is using. If things still
don't work, please provide logfiles so we can have a closer look.

Christoph
| http://www.df7cb.de/


To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact
Replies Reply to this message
#4 PICCORO McKAY Lenz
September 07th, 2012 - 05:10 pm ET | Report spam

ok, give me a bunch of days it would have to prepare new environment
control again, I'm busy now due the env are now under developers and in
very usage..

this only occurs on a clean install but using the package from
squeeze-backports or wheeze-testing (9.1) and not on upgrades or reinstalls
..

I could see that it was not-reproducible, i cited must be installed first
in a real system, not in a virtual space/machine, and directly for the
first time the backport package, or wheeze, i mean, by example, installing
debian OS and then request install all postgres packages but using
exclusively 9.1 (either from backport or testing)

On Fri, Sep 7, 2012 at 4:10 PM, Christoph Berg wrote:

Control: tag -1 unreproducible
Control: severity -1 normal

Re: PICCORO McKAY Lenz 2012-08-09 <CALci+FSPTEkxoLPeG3CLGacHqXQ+gb_oz3n-cw>
> - line to listen are here:
> listen_addresses = '*' # what IP address(es) to listen on;
> # comma-separated list of
addresses;
> # defaults to 'localhost', '*' > all
> # (change requires restart)
> port = 5432 # (change requires restart)
>
>
> - commands showing no ports available if host are used:
>
> :/var/log# /etc/init.d/postgresql restart
> Restarting PostgreSQL 9.1 database server: main.
> :/var/log# netstat -nxl | grep PGSQL
> unix 2 [ ACC ] STREAM LISTENING 940787
> /var/run/postgresql/.s.PGSQL.5433

Hi, a late followup here:

That command actually excludes the TCP ports, the correct command to
use here would be netstat -tlpn | grep 543.

Also, you have port 5433 listed here - please make sure the system is
really using the config file you think it is using. If things still
don't work, please provide logfiles so we can have a closer look.

Christoph
| http://www.df7cb.de/






Lenz McKAY Gerardo (PICCORO)
http://qglochekone.blogspot.com


<div><div>ok, give me a bunch of days it would have to prepare new environment control again, I&#39;m busy now due the env are now under developers and in very usage.. </div><div><br></div><div>this only occurs on a clean install but using the package from squeeze-backports or wheeze-testing (9.1) and not on upgrades or reinstalls ..</div>
<div><br></div><div>I could see that it was not-reproducible, i cited must be installed first in a real system, not in a virtual space/machine, and directly for the first time the backport package, or wheeze, i mean, by example, installing debian OS and then request install all postgres packages but using exclusively 9.1 (either from backport or testing)</div>
<br><div class="gmail_quote">On Fri, Sep 7, 2012 at 4:10 PM, Christoph Berg <span dir="ltr">&lt;<a href="mailto:" target="_blank"></a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Control: tag -1 unreproducible<br>
Control: severity -1 normal<br>
<br>
Re: PICCORO McKAY Lenz 2012-08-09 &lt;CALci+FSPTEkxoLPeG3CLGacHqXQ+gb_oz3n-cw=<a href="mailto:"></a>&gt;<br>
&gt; - line to listen are here:<br>
&gt; listen_addresses = &#39;*&#39;                # what IP address(es) to listen on;<br>
&gt;                                       # comma-separated list of addresses;<br>
&gt;                                       # defaults to &#39;localhost&#39;, &#39;*&#39; = all<br>
&gt;                                       # (change requires restart)<br>
&gt; port = 5432                           # (change requires restart)<br>
&gt;<br>
&gt;<br>
&gt; - commands showing no ports available if host are used:<br>
&gt;<br>
&gt; :/var/log# /etc/init.d/postgresql restart<br>
&gt; Restarting PostgreSQL 9.1 database server: main.<br>
&gt; :/var/log# netstat -nxl | grep PGSQL<br>
&gt; unix  2      [ ACC ]     STREAM     LISTENING     940787<br>
&gt; /var/run/postgresql/.s.PGSQL.5433<br>
<br>
Hi, a late followup here:<br>
<br>
That command actually excludes the TCP ports, the correct command to<br>
use here would be netstat -tlpn | grep 543.<br>
<br>
Also, you have port 5433 listed here - please make sure the system is<br>
really using the config file you think it is using. If things still<br>
don&#39;t work, please provide logfiles so we can have a closer look.<br>
<span class="HOEnZb"><font color="#888888"><br>
Christoph<br>
<a href="mailto:"></a> | <a href="http://www.df7cb.de/" target="_blank">http://www.df7cb.de/</a><br>
</font></span></blockquote></div><br><br clear="all"><div><br></div>-- <br><font color="#888888">Lenz McKAY Gerardo (PICCORO)</font><div><font color="#888888"><a href="http://qglochekone.blogspot.com" target="_blank">http://qglochekone.blogspot.com<...t;/div>
<br>
</div>



To UNSUBSCRIBE, email to
with a subject of "unsubscribe". Trouble? Contact
email Follow the discussion Replies Reply to this message
Help Create a new topicReplies Make a reply
Search Make your own search