Hello,
We encounter with a bigger Perl written applications the problem that in
the serverlog of a remote PostgreSQL server appear the following lines:
2023-11-20 10:45:55.826 CET [84269] FATAL: no pg_hba.conf entry for host "172.16.5.3", user "nobody", database "postgres", no encryption
...
The simplified code is this:
#!/usr/bin/perl
use DBI;
...
my $driver_name = "Pg";
...
my $dsn = "DBI:$driver_name:dbname = $db_name;host = $pghost;port = $pgport";
$__ref->{'dbh'} = DBI->connect($dsn, "$user_name", "$pass_name",
{'ChopBlanks' => 0, 'AutoCommit' => $autocommit, 'PrintError' => 0,
'LongReadLen' => 2500000 }) || do {
$__ref->{'errorString'} =
"can't open database <$__ref->{'databaseName'}>!\n${DBI::errstr}\n";
...
export DBI_TRACE='1=/tmp/dbitrace.log';
the environment in the moment of 'use DBI;' is only
PGHOST and PGPORT; the user is 'nobody' (which uses DBD::Pg to connect)
because the code is started by Apache as CGI-BIN; it took us a while
to understand what is causing the errors: the 'use DBI;' already
does a connect to the server and tries to read the names of the
available databases from the server:
/tmp/dbitrace.log:
DBI 1.643-ithread default trace level set to 0x0/1 (pid 117222 pi 2289910) at DBI.pm line 294 via SisisAdmin.pm line 10
-> DBI->install_driver(Pg) for linux perl=5.035002 pid=117222 ruid=65534 euid=65534
install_driver: DBD::Pg version 3.16.0 loaded from /usr/local/sisis-pap/perlbrew/perls/perl-5.35.2/lib/site_perl/5.35.2/x86_64-linux-thread-multi/DBD/Pg.pm
<- install_driver= DBI::dr=HASH(0x3926378)
!! The warn '0' was CLEARED by call to data_sources method
ERROR: 1 'connection to server at "sisis-db" (172.16.6.3), port 5432 failed: FATAL: no pg_hba.conf entry for host "172.16.5.3", user "nobody", database "postgres", no encryption' (err#0)
<- DESTROY(DBI::db=HASH(0x391fc98))= ( undef ) [1 items] at Pg.pm line 264
!! ERROR: 1 'connection to server at "sisis-db" (172.16.6.3), port 5432 failed: FATAL: no pg_hba.conf entry for host "172.16.5.3", user "nobody", database "postgres", no encryption' (err#0)
<- data_sources= ( ) [0 items] at DBI.pm line 1074
later in the code with the correct database to connect to and
credentials:
-> DBI->connect(dbi:Pg:dbname = sisis; host = sisis-db ; port = 5432, sisis, ****, HASH(0x3686bd8))
!! The ERROR '1' was CLEARED by call to connect method
<- connect('dbname = sisis; host = sisis-db ; port = 5432', 'sisis', ...)= ( DBI::db=HASH(0x3918428) ) [1 items] at DBI.pm line 679
<- STORE('RaiseError', 0)= ( 1 ) [1 items] at DBI.pm line 731
<- STORE('PrintError', 0)= ( 1 ) [1 items] at DBI.pm line 731
<- STORE('AutoCommit', 1)= ( 1 ) [1 items] at DBI.pm line 731
<- STORE('pg_enable_utf8', 1)= ( 1 ) [1 items] at DBI.pm line 734
<- STORE('LongReadLen', 2500000)= ( 1 ) [1 items] at DBI.pm line 734
$h->{'pg_utf8_flag'}=1 ignored for invalid driver-specific attribute
<- STORE('pg_utf8_flag', 1)= ( '' ) [1 items] at DBI.pm line 734
<- STORE('Username', 'sisis')= ( 1 ) [1 items] at DBI.pm line 734
<- STORE('ChopBlanks', 1)= ( 1 ) [1 items] at DBI.pm line 734
<- connected('dbi:Pg:dbname = sisis; host = sisis-db ; port = 5432', 'sisis', ...)= ( undef ) [1 items] at DBI.pm line 741
...
How could we avoid such connect to the database server without
the correct credentials?
Thanks
matthias
--
Matthias Apitz, ✉
gu...@unixarea.de,
http://www.unixarea.de/ +49-176-38902045
Public GnuPG key:
http://www.unixarea.de/key.pub