[Pkg-postgresql-public] Bug#684429: postgresql 9.1 cant allow conection: port 5432 are not visible in any case

PICCORO McKAY Lenz mckaygerhard at gmail.com
Thu Aug 9 21:30:20 UTC 2012 

Package: postgresql-9.1
Version: 9.1.4-2~bpo60+1
Severity: important

I have installed the backported version of postgresql,
but if instaled this release first any user can connect by remote hosts,
i mean from another computer connections are impossible, the port 5432
are closed
even if postgres, firewall and any thing are configured without security!!!!
I put all information here and
I described how i solved but tthis method are not the right ok:

1) i installed all components from backports in clean env,
for postgres at today and sure there's no 8.X component instaled.
2) i have setup with trust for all users over local o remote,
using default port and listen on all address.

I cannot conect, also by scaning ports i can see the postgresql port open..

the firewall are all gone, no firewall rules , no other services using the port.

3)i reinstaled older version 8.4 for squeeze and then i can connect again..
in this process i also reinstall pgpool from 3 to 1.3
4)then back to newer backported included pgpool 3 and slony from testing
and now port apears by magic!

THIS ITS SERIOUSLY VERY RARE, i think postgresql 8.X let remaining some files
and then postgresql 9.X use and base thems..

sorry for no more information i not have more time for that.. but u must see
if this are in wheeze , due are a important bug that let unusefully
the DBMS 9.X in next stable!!!!

------- pg_hba.conf file dump:
# Database administrative login by Unix domain socket
local   all             postgres                                peer
# TYPE  DATABASE        USER            ADDRESS                 METHOD

# "local" is for Unix domain socket connections only
local   all             all                                     trust
# IPv4 local connections:
host    all             all                                     trust

------- line to listen are here:
listen_addresses = '*'		# what IP address(es) to listen on;
					# comma-separated list of addresses;
					# defaults to 'localhost', '*' = all
					# (change requires restart)
port = 5432				# (change requires restart)


------- commands showing no ports available if host are used:

root at sysdevel:/var/log# /etc/init.d/postgresql restart
Restarting PostgreSQL 9.1 database server: main.
root at sysdevel:/var/log# netstat -nxl | grep PGSQL
unix  2      [ ACC ]     STREAM     LISTENING     940787
/var/run/postgresql/.s.PGSQL.5433
root at sysdevel:/var/log# nmap 37.10.254.20

Starting Nmap 5.00 ( http://nmap.org ) at 2012-08-09 11:45 VET
Interesting ports on 37.10.254.20:
Not shown: 996 closed ports
PORT     STATE SERVICE
22/tcp   open  ssh
80/tcp   open  http
111/tcp  open  rpcbind
8080/tcp open  http-proxy

Nmap done: 1 IP address (1 host up) scanned in 5.55 seconds
root at sysdevel:/var/log# ifconfig
eth0      Link encap:Ethernet  HWaddr bc:30:5b:e3:11:48
          inet addr:37.10.254.20  Bcast:37.10.254.255  Mask:255.255.255.0
          inet6 addr: fe80::be30:5bff:fee3:1148/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:57963800 errors:0 dropped:0 overruns:0 frame:0
          TX packets:69683382 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:37871383513 (35.2 GiB)  TX bytes:84903352963 (79.0 GiB)
          Interrupt:16

-- System Information:
Debian Release: 6.1
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-0.bpo.2-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages postgresql-9.1 depends on:
ii  libc6              2.11.3-3              Embedded GNU C Library: Shared lib
ii  libcomerr2         1.41.12-4stable1      common error description library
ii  libgssapi-krb5-2   1.8.3+dfsg-4squeeze6  MIT Kerberos runtime libraries - k
ii  libkrb5-3          1.8.3+dfsg-4squeeze6  MIT Kerberos runtime libraries
ii  libldap-2.4-2      2.4.23-7.2            OpenLDAP libraries
ii  libpam0g           1.1.1-6.1+squeeze1    Pluggable Authentication Modules l
ii  libpq5             9.1.4-2~bpo60+1       PostgreSQL C client library
ii  libssl0.9.8        0.9.8o-4vnz1          SSL and crypto shared libraries
ii  libxml2            2.7.8.dfsg-2+squeeze5 GNOME XML library
ii  locales            2.11.3-3              Embedded GNU C Library: National L
ii  postgresql-client- 9.1.4-2~bpo60+1       front-end programs for PostgreSQL
ii  postgresql-common  130~bpo60+2           PostgreSQL database-cluster manage
ii  ssl-cert           1.0.28                simple debconf wrapper for OpenSSL
ii  tzdata             2012c-0squeeze1       time zone and daylight-saving time

postgresql-9.1 recommends no packages.

Versions of packages postgresql-9.1 suggests:
pn  locales-all                   <none>     (no description available)
pn  oidentd | ident-server        <none>     (no description available)



--
Lenz McKAY Gerardo (PICCORO)
http://qglochekone.blogspot.com

More information about the Pkg-postgresql-public mailing list