无法让 PostgreSQL 9.4 侦听端口 5432
Unable to get PostgreSQL 9.4 to listen on port 5432
我正在使用 Linux VM (Ubuntu 15.10) 启动 Postgres 数据库,据我所知,一切都应该正确配置。
我的防火墙被禁用:
user@UBUNTUMACHINE:~$ sudo ufw status numbered Status: inactive
但它只监听端口 22
user@UBUNTUMACHINE:~$ netstat -an | grep "LISTEN "
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp6 0 0 :::22 :::* LISTEN
如果我启用防火墙,并告诉它监听 5432,它会出现在规则中:
user@UBUNTUMACHINE:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
22 ALLOW IN Anywhere
22/tcp ALLOW IN Anywhere
5432/tcp ALLOW IN Anywhere
5432 ALLOW IN Anywhere
22 (v6) ALLOW IN Anywhere (v6)
22/tcp (v6) ALLOW IN Anywhere (v6)
5432/tcp (v6) ALLOW IN Anywhere (v6)
5432 (v6) ALLOW IN Anywhere (v6)
但我得到的结果与上面的 netstat 相同。
据我研究这个问题可以看出,我的 postgresql.conf 文件中有正确的值:
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
port = 5432 # (change requires restart)
并且我已经尝试了 pg_hba.conf 文件中受信任的 IP 范围和特定 IP。
# Database administrative login by Unix domain socket
local all postgres ident sameuser
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres peer
#host replication postgres 127.0.0.1/32 md5
#host replication postgres ::1/128 md5
host all all 10.0.0.0/255 trust
host all all 10.11.0.0/255 trust
host all all 0.0.0.0/0 trust
最后,Postgres 是 运行,根据
user@UBUNTUMACHINE:~$ sudo service postgresql status
● postgresql.service - PostgreSQL RDBMS
Loaded: loaded (/lib/systemd/system/postgresql.service; enabled; vendor preset: enabled)
Active: active (exited) since Wed 2017-03-08 11:09:57 CST; 57min ago
Process: 787 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 787 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/postgresql.service
Mar 08 11:09:57 UBUNTUMACHINEsystemd[1]: Starting PostgreSQL RDBMS...
Mar 08 11:09:57 UBUNTUMACHINEsystemd[1]: Started PostgreSQL RDBMS.
Mar 08 11:32:21 UBUNTUMACHINEsystemd[1]: Started PostgreSQL RDBMS.
Mar 08 11:32:26 UBUNTUMACHINEsystemd[1]: Started PostgreSQL RDBMS.
- 日志告诉我地址 10.0.0.0/255 中的无效 CIDR 掩码
- :: 255 可能大于 32
Postgres 拒绝启动,因为它拒绝网络掩码 /255,它大于(32 位)IP 地址中可能的位数。您可能认为这对 .hba 解析器有点挑剔,但也可能被认为是配置错误。
在任何情况下:将 /255 替换为合理的内容,例如 /24(或 /16,因为您有其中两个条目)并且:替换 trust 在它似乎有效之后,通过更安全的方法。
我正在使用 Linux VM (Ubuntu 15.10) 启动 Postgres 数据库,据我所知,一切都应该正确配置。
我的防火墙被禁用:
user@UBUNTUMACHINE:~$ sudo ufw status numbered Status: inactive
但它只监听端口 22
user@UBUNTUMACHINE:~$ netstat -an | grep "LISTEN "
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN
tcp6 0 0 :::22 :::* LISTEN
如果我启用防火墙,并告诉它监听 5432,它会出现在规则中:
user@UBUNTUMACHINE:~$ sudo ufw status verbose
Status: active
Logging: on (low)
Default: deny (incoming), allow (outgoing), disabled (routed)
New profiles: skip
To Action From
-- ------ ----
22 ALLOW IN Anywhere
22/tcp ALLOW IN Anywhere
5432/tcp ALLOW IN Anywhere
5432 ALLOW IN Anywhere
22 (v6) ALLOW IN Anywhere (v6)
22/tcp (v6) ALLOW IN Anywhere (v6)
5432/tcp (v6) ALLOW IN Anywhere (v6)
5432 (v6) ALLOW IN Anywhere (v6)
但我得到的结果与上面的 netstat 相同。
据我研究这个问题可以看出,我的 postgresql.conf 文件中有正确的值:
#------------------------------------------------------------------------------
# CONNECTIONS AND AUTHENTICATION
#------------------------------------------------------------------------------
# - Connection Settings -
listen_addresses = '*' # what IP address(es) to listen on;
# comma-separated list of addresses;
# defaults to 'localhost'; use '*' for all
# (change requires restart)
port = 5432 # (change requires restart)
并且我已经尝试了 pg_hba.conf 文件中受信任的 IP 范围和特定 IP。
# Database administrative login by Unix domain socket
local all postgres ident sameuser
# TYPE DATABASE USER ADDRESS METHOD
# "local" is for Unix domain socket connections only
local all all md5
# IPv4 local connections:
host all all 127.0.0.1/32 md5
# IPv6 local connections:
host all all ::1/128 md5
# Allow replication connections from localhost, by a user with the
# replication privilege.
#local replication postgres peer
#host replication postgres 127.0.0.1/32 md5
#host replication postgres ::1/128 md5
host all all 10.0.0.0/255 trust
host all all 10.11.0.0/255 trust
host all all 0.0.0.0/0 trust
最后,Postgres 是 运行,根据
user@UBUNTUMACHINE:~$ sudo service postgresql status
● postgresql.service - PostgreSQL RDBMS
Loaded: loaded (/lib/systemd/system/postgresql.service; enabled; vendor preset: enabled)
Active: active (exited) since Wed 2017-03-08 11:09:57 CST; 57min ago
Process: 787 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
Main PID: 787 (code=exited, status=0/SUCCESS)
CGroup: /system.slice/postgresql.service
Mar 08 11:09:57 UBUNTUMACHINEsystemd[1]: Starting PostgreSQL RDBMS...
Mar 08 11:09:57 UBUNTUMACHINEsystemd[1]: Started PostgreSQL RDBMS.
Mar 08 11:32:21 UBUNTUMACHINEsystemd[1]: Started PostgreSQL RDBMS.
Mar 08 11:32:26 UBUNTUMACHINEsystemd[1]: Started PostgreSQL RDBMS.
- 日志告诉我地址 10.0.0.0/255 中的无效 CIDR 掩码
- :: 255 可能大于 32
Postgres 拒绝启动,因为它拒绝网络掩码 /255,它大于(32 位)IP 地址中可能的位数。您可能认为这对 .hba 解析器有点挑剔,但也可能被认为是配置错误。
在任何情况下:将 /255 替换为合理的内容,例如 /24(或 /16,因为您有其中两个条目)并且:替换 trust 在它似乎有效之后,通过更安全的方法。