I’m trying to connect to PostgreSQL Unix domain socket from a python web application with mod_wsgi. Relevant system components:
- CentOS 7 x64
- Python 2.7.5
- SELinux disabled
PostgreSQL is listening on standard port 5432 and I have no problems to use it via TCP/IP at 127.0.0.1:5432, but when I try to connect to its Unix domain socket, I have a following error:
Cannot connect to database: could not connect to server: No such file or directory Is the server running locally and accepting connections on Unix domain socket "/tmp/.s.PGSQL.5432"?*
/tmp/.s.PGSQL.5432 exists and I can connect using
However, when I stop apache with systemctl stop httpd.service and restart it again with
/usr/sbin/httpd -DFOREGROUND, everything works fine, including the pages that do require database access
With SELinux disabled, I do not understand why there is problems when httpd start with
systemctl start httpd.service.
unix_socket_directories = '/tmp,/var/pgsql_sock' in /var/lib/pgsql/9.3/data/postgresql.conf. I also changed config in
setting.py in my django app
HOST='/var/pgsql_sock'. Now it works fine with httpd.service.
You cannot use
/tmp to store sockets for interprocess communication in this scenario, because Apache uses private /tmp directories, a security feature that ensures that a process can only see its own /tmp directory; it cannot see what other processes write into /tmp because those other processes are actually writing into different directories.
This means that Apache cannot see the PostgreSQL socket.
You will need to continue using a local TCP connection.
You should also not disable SELinux, and use the correct boolean to allow the web server to talk to the database.
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.