[mapserver-users] Remote PostGIS server connection problem

Matej Mailing mailing at tam.si
Thu Aug 23 13:06:41 PDT 2012 

Found it out - it was a firewall rule allowing to initiate all the
connections for the root user (as I was running both testing
procedures sugggested by Jeff and Stephen and of course it worked) and
not allowing outside 5432 connection to the particular remote server
:-)

Thanks for all the tips and ideas.

Best regards,
Matej

2012/8/23 Matej Mailing <mailing at tam.si>:
> Hi,
>
> as with the shp2img, I get a successful result also with
> mapserv QUERY_STRING='......' so the connection can be established
> (and it also works from one server to another via pgsql from console
> as mentioned in the previous mail).
>
> What could prevent Apache to allow the connection? I am little bit
> lost here also because of the fact that people on SELinux had an
> option to enable, but what can we do on FreeBSD? Still I don't know if
> it's OS or Apache's fault ...
>
> Thanks.
> Matej
>
> 2012/8/23 Stephen Woodbridge <woodbri at swoodbridge.com>:
>> Hi Matej,
>>
>> Are specifying a user name in your connection?
>>
>> If not then psql uses you user as the use name, but the apache uses whatever
>> name is associated with the apache user.
>>
>> Do you get an error if you run shp2img or if you run:
>>
>> /path/to/mapserv QUERY_STRING='your mapserver request arguments'
>>
>> -Steve
>>
>>
>> On 8/23/2012 9:02 AM, Matej Mailing wrote:
>>>
>>> Hi,
>>>
>>> I am running 6.0.1 on a FreeBSD host. Everything works perfect when I
>>> connect to the local PostGIS server (located on the same machine as
>>> the Mapserver is running on). When I try to connect to the PostGIS
>>> server that is not in the same network, I get the following error:
>>> "msDrawMap(): Image handling error. Failed to draw layer named
>>> 'LAYER_NAME'. msPostGISLayerOpen(): Query error. Database connection
>>> failed (could not connect to server: Permission denied Is the server
>>> running on host "IP" and accepting TCP/IP connections on port 5432? Is
>>> it allowing connections? Does the specified user exist? Is the
>>> password valid? Is the database on the standard port?
>>>
>>> 1. I can connect to the server IP on port 5432 via paql from console
>>> from the machine where Mapserver is running.
>>> 2. When doing tcpdump dst 5432 on the PostGIS server that is outside,
>>> I see no traffic comming in so basically when the error is displayed
>>> it is not due to remote server settings.
>>>
>>> I was browsing on the web and found out that people that were using
>>> SELinux had to enable the option httpd_can_network_connect. It seems
>>> like the Apache is not allowed to initiate a remote connection to a
>>> non-local IP address. Is it the Apache limitation? Is it the OS
>>> limitation or is it the Mapserver limitation (I am pretty sure that it
>>> isn't, but I don't know where to look anymore ...)
>>>
>>> After pulling my hair for several hours any help or idea would be very
>>> welcome :-)
>>>
>>> TIA,
>>> Matej
>>> _______________________________________________
>>> mapserver-users mailing list
>>> mapserver-users at lists.osgeo.org
>>> http://lists.osgeo.org/mailman/listinfo/mapserver-users
>>>
>>
>> _______________________________________________
>> mapserver-users mailing list
>> mapserver-users at lists.osgeo.org
>> http://lists.osgeo.org/mailman/listinfo/mapserver-users

More information about the mapserver-users mailing list