httpd.service Cannot connect to database Centos 7

xav asked:

I’m trying to connect to PostgreSQL Unix domain socket from a python web application with mod_wsgi. Relevant system components:

  • CentOS 7 x64
  • Python 2.7.5
  • SELinux disabled

PostgreSQL is listening on standard port 5432 and I have no problems to use it via TCP/IP at 127.0.0.1:5432, but when I try to connect to its Unix domain socket, I have a following error:

Cannot connect to database:  could not connect to server: No such file or directory
     Is the server running locally and accepting
     connections on Unix domain socket "/tmp/.s.PGSQL.5432"?*

File /tmp/.s.PGSQL.5432 exists and I can connect using psql.

However, when I stop apache with systemctl stop httpd.service and restart it again with /usr/sbin/httpd -DFOREGROUND, everything works fine, including the pages that do require database access

With SELinux disabled, I do not understand why there is problems when httpd start with systemctl start httpd.service.

EDIT:

I’ve changed unix_socket_directories = '/tmp,/var/pgsql_sock' in /var/lib/pgsql/9.3/data/postgresql.conf. I also changed config in setting.py in my django app HOST='/var/pgsql_sock'. Now it works fine with httpd.service.

My answer:


You cannot use /tmp to store sockets for interprocess communication in this scenario, because Apache uses private /tmp directories, a security feature that ensures that a process can only see its own /tmp directory; it cannot see what other processes write into /tmp because those other processes are actually writing into different directories.

This means that Apache cannot see the PostgreSQL socket.

You will need to continue using a local TCP connection.

You should also not disable SELinux, and use the correct boolean to allow the web server to talk to the database.


View the full question and answer on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.