堆栈内存溢出
  简体   繁体   English

我如何在没有密码的情况下从Apache中的脚本连接到本地Postgres数据库

[英]How do I connect to a local postgres database without password from a script within Apache

 原文  2015-06-04 09:48:05       python/ apache/ postgresql/ cgi

问题描述

I have a Python script that should load some data into postgres when a POST request is sent to Apache Webserver. 我有一个Python脚本,当POST请求发送到Apache Web服务器时,应该将一些数据加载到postgres中。 In the script a system user (dbuser) is used to connect to the database (which works fine with psql). 在脚本中,系统用户(dbuser)用于连接到数据库(与psql一起正常工作)。 The script however cannot connect when it is executed within Apache, returning the following error: 但是,该脚本在Apache中执行时无法连接,返回以下错误: 

Peer authentication failed for user dbuser

Is there a way to allow the script to connect without providing it the user password? 有没有办法允许脚本在不提供用户密码的情况下进行连接?

2 个解决方案

解决方案1
 1 已采纳  2015-06-04 09:48:05

The solution I've found uses ident authentication with user maps. 我找到的解决方案将身份验证与用户映射一起使用。

The first thing to notice is that, although an username is provided in the script, when connecting via Apache, that user is used for peer authentication (which fails, requiring a password). 首先要注意的是,尽管脚本中提供了用户名,但通过Apache连接时,该用户仍用于对等身份验证(失败,需要密码)。 However, the system user requesting access to postgresql is the one running Apache (namely www-data), thus enabling us to configure an user map, allowing is to authenticate to the server as another system user (thus leveraging ident authentication). 但是,请求访问postgresql的系统用户是运行Apache的系统用户(即www-data),因此使我们能够配置用户映射,从而允许将服务器身份验证为另一个系统用户(从而利用ident身份验证)。 Here follows the configuration files content: 以下是配置文件的内容:

In pg_ident.conf we configure the user map: 在pg_ident.conf中,我们配置用户映射: 

# MAPNAME      SYSTEM-USERNAME         PG-USERNAME
web            www-data                dbuser
web            dbuser                  dbuser

In pg_hba.conf we add the map as an option to the local peer authentication: 在pg_hba.conf中,我们将映射作为选项添加到本地对等身份验证中: 

# "local" is for Unix domain socket connections only
# TYPE  DATABASE     USER    ADDRESS     METHOD
local   all          all                 peer map=web

After reloading the server, the script can access the database as if it was executed directly the the user "dbuser", without the need for a password. 重新加载服务器后,该脚本可以访问数据库,就好像该数据库是直接由用户“ dbuser”执行的一样,而无需输入密码。

解决方案2
 0  2016-02-02 10:35:17

Try running the below command, it will enable apache to connect to database: 尝试运行以下命令,它将使apache连接到数据库:

setsebool -P httpd_can_network_connect_db 1 setsebool -P httpd_can_network_connect_db 1

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何连接到用户名密码保护的在线数据库? - How do I connect to a online database that is username-password protected? 如何在不使用密码的情况下连接MySQL? (PyMySQL) - How do I connect to MySQL without using a password? (PyMySQL) 如何从本地系统连接到 Linode 中的 postgres - How to connect to postgres in Linode from local system 如何从 ZC5FD214CDD0D2B3B4272E 中的 python 容器脚本连接到 Ubuntu 上的本地 SQL 服务器 - How do I connect to the local SQL server on Ubuntu from a python script in Docker container 我如何连接本地数据库? - how I connect local database? 如何在不引用输出的情况下从 SQL 数据库获取密码? - How do i get the password from the SQL database without it quoting the output? 如何将本地 Python 代码中的变量传递给写入 MySQL 数据库的远程 PHP 脚本? - How do I pass a variable from my local Python code to a remote PHP script that writes to a MySQL database? 如何制作pyodbc脚本,必要时可以在其中更新数据库密码 - How do I make a pyodbc script where I can update the database password if necessary 如何将 spyder 连接到 postgres 数据库? - How to connect spyder to a postgres database? 如何从 python 连接到外部数据库? - How do I connect to an outside database from python?
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM