Tom Lane wrote: > Alvaro Herrera <alvhe...@commandprompt.com> writes: > > *** WARNING *** The program 'postgres' uses the Apple Bonjour compatibility > > layer of Avahi. > > *** WARNING *** Please fix your application to use the native API of Avahi! > > *** WARNING *** For more information see > > <http://0pointer.de/avahi-compat?s=libdns_sd&e=postgres> > > LOG: DNSServiceRegister() failed: error code -65540 > > Hmm, I read in their documentation that the dns_sd.h interface was > deprecated, but not that it had been intentionally disabled. > Seems like they want to drive users away rather than attract them.
I think it is supposed to work; the code suggests that it should. I can't quite find out what the error number is supposed to mean though. The source is here: http://avahi.sourcearchive.com/documentation/0.6.25-1ubuntu1/avahi-compat-libdns__sd_2compat_8c-source.html ... ah! here it is -- BadParam: http://avahi.sourcearchive.com/documentation/0.6.25-1ubuntu1/dns__sd_8h-source.html > The patch as I gave it intentionally didn't change any user-visible > behavior, but one thing that is bothering me is that if USE_BONJOUR > is selected, the postmaster will *always* try to advertise itself > via DNS-SD. There's no provision for enabling the feature or not > at run time, which is a bad thing for packagers: they have to decide > for their users whether to turn it on. There was discussion in > connection with the Avahi patch last year to the effect that some > people thought advertising the postmaster might be a security issue > for them. So I'm thinking we ought to fix that while we're messing > with it. > > The two possibilities for that seem to be to change the meaning of > bonjour_name = '' (have it mean "no advertisement" instead of > "default to service name = computer's name"), or to add a separate > boolean GUC. If the latter, is the default 'on' or 'off'? Opinions? I have a mild preference towards having a new GUC to shut it off explicitely; and the default should be off to avoid the possible security hole (equivalent to having listen_addresses default to localhost, I think. On the other hand, if listen_addresses is set to that, there is no security hole. I assume we're only publishing on addresses we're listening on, not all addresses?) -- Alvaro Herrera http://www.CommandPrompt.com/ PostgreSQL Replication, Consulting, Custom Development, 24x7 support -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
