[mapserver-users] Remote PostGIS server connection problem

Matej Mailing mailing at tam.si
Thu Aug 23 12:35:03 PDT 2012


Hi,

as with the shp2img, I get a successful result also with
mapserv QUERY_STRING='......' so the connection can be established
(and it also works from one server to another via pgsql from console
as mentioned in the previous mail).

What could prevent Apache to allow the connection? I am little bit
lost here also because of the fact that people on SELinux had an
option to enable, but what can we do on FreeBSD? Still I don't know if
it's OS or Apache's fault ...

Thanks.
Matej

2012/8/23 Stephen Woodbridge <woodbri at swoodbridge.com>:
> Hi Matej,
>
> Are specifying a user name in your connection?
>
> If not then psql uses you user as the use name, but the apache uses whatever
> name is associated with the apache user.
>
> Do you get an error if you run shp2img or if you run:
>
> /path/to/mapserv QUERY_STRING='your mapserver request arguments'
>
> -Steve
>
>
> On 8/23/2012 9:02 AM, Matej Mailing wrote:
>>
>> Hi,
>>
>> I am running 6.0.1 on a FreeBSD host. Everything works perfect when I
>> connect to the local PostGIS server (located on the same machine as
>> the Mapserver is running on). When I try to connect to the PostGIS
>> server that is not in the same network, I get the following error:
>> "msDrawMap(): Image handling error. Failed to draw layer named
>> 'LAYER_NAME'. msPostGISLayerOpen(): Query error. Database connection
>> failed (could not connect to server: Permission denied Is the server
>> running on host "IP" and accepting TCP/IP connections on port 5432? Is
>> it allowing connections? Does the specified user exist? Is the
>> password valid? Is the database on the standard port?
>>
>> 1. I can connect to the server IP on port 5432 via paql from console
>> from the machine where Mapserver is running.
>> 2. When doing tcpdump dst 5432 on the PostGIS server that is outside,
>> I see no traffic comming in so basically when the error is displayed
>> it is not due to remote server settings.
>>
>> I was browsing on the web and found out that people that were using
>> SELinux had to enable the option httpd_can_network_connect. It seems
>> like the Apache is not allowed to initiate a remote connection to a
>> non-local IP address. Is it the Apache limitation? Is it the OS
>> limitation or is it the Mapserver limitation (I am pretty sure that it
>> isn't, but I don't know where to look anymore ...)
>>
>> After pulling my hair for several hours any help or idea would be very
>> welcome :-)
>>
>> TIA,
>> Matej
>> _______________________________________________
>> mapserver-users mailing list
>> mapserver-users at lists.osgeo.org
>> http://lists.osgeo.org/mailman/listinfo/mapserver-users
>>
>
> _______________________________________________
> mapserver-users mailing list
> mapserver-users at lists.osgeo.org
> http://lists.osgeo.org/mailman/listinfo/mapserver-users



More information about the MapServer-users mailing list