c2c-oerpscenario team mailing list archive

[Ian Beardslee <853612@xxxxxxxxxxxxxxxxxx>]

Public bug reported:

Using OpenERP 6.0.3 the client fails with "Could not connect to server"
if the server's pg_hba.conf restricts access to 'template1'.

This bug may only affect people in a shared environment with multiple
apps with their own databases hosted on the same instance of postgres.
In a managed environment, it'd be expected that database access would be
controlled via pg_hba.conf

Initially we had /etc/postgresql/8.4/main/pg_hba.conf configured to
allow the 'openerp' user access to only the 'openerpdb' database.

 #/etc/postgresql/8.4/main/pg_hba.conf
 host openerpdb openerp 192.168.94.21/32 md5

The openerp-server.log file showed ..

[2011-09-15 13:58:04,013][postgres] ERROR:db.connection_pool:Connection to the database failed
Traceback (most recent call last):
  File "/usr/share/pyshared/openerp-server/sql_db.py", line 303, in borrow
    result = psycopg2.connect(dsn=dsn, connection_factory=PsycoConnection)
OperationalError: FATAL:  no pg_hba.conf entry for host "192.168.94.21", user "openerp", database "template1", SSL on
FATAL:  no pg_hba.conf entry for host "192.168.94.21", user "openerp", database "template1", SSL off

It seems that as part of connecting to the database the applications
connect to a database before enumerating the databases owned by the
'openerp' postgres user.

The immediate fix is to adjust the /etc/postgresql/8.4/main/pg_hba.conf
to allow access to template1

 #/etc/postgresql/8.4/main/pg_hba.conf 
 host openerpdb openerp 192.168.94.21/32 md5
 host template1 openerp 192.168.94.21/32 md5

** Affects: openobject-server
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of C2C
OERPScenario, which is subscribed to OpenERP Project Group.
https://bugs.launchpad.net/bugs/853612

Title:
  OpenERP client fails to connect with a restricted pg_hba.conf

Status in OpenERP Server:
  New

Bug description:
  Using OpenERP 6.0.3 the client fails with "Could not connect to
  server" if the server's pg_hba.conf restricts access to 'template1'.

  This bug may only affect people in a shared environment with multiple
  apps with their own databases hosted on the same instance of postgres.
  In a managed environment, it'd be expected that database access would
  be controlled via pg_hba.conf

  Initially we had /etc/postgresql/8.4/main/pg_hba.conf configured to
  allow the 'openerp' user access to only the 'openerpdb' database.

   #/etc/postgresql/8.4/main/pg_hba.conf
   host openerpdb openerp 192.168.94.21/32 md5

  The openerp-server.log file showed ..

  [2011-09-15 13:58:04,013][postgres] ERROR:db.connection_pool:Connection to the database failed
  Traceback (most recent call last):
    File "/usr/share/pyshared/openerp-server/sql_db.py", line 303, in borrow
      result = psycopg2.connect(dsn=dsn, connection_factory=PsycoConnection)
  OperationalError: FATAL:  no pg_hba.conf entry for host "192.168.94.21", user "openerp", database "template1", SSL on
  FATAL:  no pg_hba.conf entry for host "192.168.94.21", user "openerp", database "template1", SSL off

  It seems that as part of connecting to the database the applications
  connect to a database before enumerating the databases owned by the
  'openerp' postgres user.

  The immediate fix is to adjust the
  /etc/postgresql/8.4/main/pg_hba.conf to allow access to template1

   #/etc/postgresql/8.4/main/pg_hba.conf 
   host openerpdb openerp 192.168.94.21/32 md5
   host template1 openerp 192.168.94.21/32 md5

To manage notifications about this bug go to:
https://bugs.launchpad.net/openobject-server/+bug/853612/+subscriptions