7

Simply to avoid many problems in the first place I do not want my postgres server program to accept/listen to anything from any network (i.e. TCP/IP 4/6) connections.

My setup is a Postgres 9.1 on an Ubuntu 12.04 box and I thought tweeking /etc/postgresql/9.1/main/pg_hba.conf to not include those lines which commented out (see below) would cause postgres to "please not listen on network TCP/IP devices"

local   all             postgres        trust

TYPE  DATABASE        USER            ADDRESS                 METHOD


"local" is for Unix domain socket connections only


#local   all             all                                     md5


IPv4 local connections:


#host    all             all             127.0.0.1/32            md5


IPv6 local connections:


#host    all             all             ::1/128                 md5

Also I know that there is the -i command line to start the postgres server with if we YES want to listen on TCP/IP . I actually seek for the opposite thing a -??? meaning NO please do NOT listen on TCP/IP.

I used a netstat -utap | grep post and it shows that postgres besides my settings in /etc/postgresql/9.1/main/pg_hba.conf is still listening on TCP/IP.

QUESTION

What did I do wrong here? How can I shut off this TCP/IP listening attitude of my Postgres server? Having only unix socket listening I am happy to the max ;)

Thank you

Addition: I also perceive that postgres establishes a UDP connection to this 127.0.0.1:38860, what would this be about?

Community
  • 1
humanityANDpeace
  • 383
  • 1
  • 3
  • 10

2 Answers2

7

Maybe it is not the finest Solution / Answer to my question, but at least it will point anybody (facing the said challenge I had in my original question)

To disable listening on TCP/IP network I used this command line option when starting the server application:

postgres [other arguments] -c listen_addresses=''

Addition: The remaining open udp 127.0.0.1:38860 connection is supposedly linked to the purpose of the the statistics collector subprocess as suggested on postgresql.org

humanityANDpeace
  • 383
  • 1
  • 3
  • 10
0

Simple answer;

Change the listen_addresses configuration setting Here is an example;

ALTER SYSTEM SET listen_addresses TO '';

Then restart the Postgresql service

Documentation says

If the list is empty, the server does not listen on any IP interface at all, in which case only Unix-domain sockets can be used to connect to it.

Sahap Asci
  • 3,174
  • 1
  • 17
  • 28