This is a static archive of our old OpenStreetMap Help Site. Please post any new questions and answers at community.osm.org.

error when try to use nominatim pgsql role “www-data” is not permitted to log in

0

After I installed nominatim when I access http://localhost/nominatim/search.php I get

string(19) "pgsql://@/nominatim" object(DB_Error)#2 (8) { ["error_message_prefix"]=> string(0) "" ["mode"]=> int(1) ["level"]=> int(1024) ["code"]=> int(-24) ["message"]=> string(24) "DB Error: connect failed" ["userinfo"]=> string(141) " [nativecode=pg_connect(): Unable to connect to PostgreSQL server: FATAL: role "www-data" is not permitted to log in]

This deals with www-data role on postrges. But on install I trowed:

psql -U postgres -c 'create role "www-data"'; psql -U postgres -d nominatim -c 'GRANT ALL PRIVILEGES ON DATABASE nominatim TO "www-data"';

Any clue?

asked 01 Feb '13, 19:04

mihai%20niculita's gravatar image

mihai niculita
16222
accept rate: 0%


One Answer:

1

I manged to resolve it by trowing:

psql -U postgres -c 'ALTER ROLE "www-data" WITH login;';

So i problem of PostGreSQL role creation.

answered 01 Feb '13, 20:22

mihai%20niculita's gravatar image

mihai niculita
16222
accept rate: 0%

2

Having "www-data" as a database user raises warning signs to me.

Remember that postgres users and system users are completely distinct. Your application (nominatim) should have a option to configure which database user is used to connect to the db. If the app doesn't specify anything, the current system user name is used to (try to) connect to the db.

www-data is typically the system user that runs the web server. It should not, as a whole, be allowed to connect to the db, for security and maintenance reasons.

(04 Feb '13, 09:00) Vincent de P... ♦
1

(continued) Create a "nominatim" db user instead (maybe one exists already), give it access to just your nominatim db, and configure nominatim to use that user when connecting.

(04 Feb '13, 09:04) Vincent de P... ♦

Source code available on GitHub .