I've got a PHP app with Postgresql for the datastore, and just migrated the db to a new managed offering provider. Now when I try and run the app on my local development machine (macOS 10.12.6), I encounter the following error trying to connect to the newly situated db:
PDOException: SQLSTATE[08006] [7] could not open certificate file "/var/root/.postgresql/postgresql.crt": Permission denied
There's a couple of interesting things about this:
-
If I try to connect to the same remote database via the
psqlclient, I have no problem, it drops me straight into a psql prompt where I can query away at the DB to my heart's content. -
I can execute PHP cli scripts that connect to the remote DB and query it without problem. PDO only throws an exception if I'm calling the connection code through a script invoked via an http request through a local Apache 2.4 server.
-
I am not at all shocked that permission is denied to access resources in
/var/root, but I am shocked that anything expected to run in userland would ever be checking there. It seems like permission should be denied by default for its contents, even if there was a.postgresql/subdirectory there (which there isn't).
#1 suggests this is not a pg_hba.conf or other client whitelist or network issue. #3 probably suggests perhaps I should have Apache switch to a non-root user, I'd guess, but beyond that I'm not sure what to make of it, and at any rate I have not placed a ~/.postgresql or postgresql.crt anywhere.
#2 suggests Apache2+libphp7.so doesn't know where to look for postgresql client certs... but the php binary does? This feels like the big clue, but I have no idea why it would be the case or how to fix it.
What are some next steps I could take to figure out how to get the web app connecting?
https://stackoverflow.com/questions/65622914/why-would-i-get-a-php-pdoexception-complaining-that-it-cant-make-a-postgres-con January 08, 2021 at 11:07AM
没有评论:
发表评论