From 2e45c143ef5963aa0f705350a017404c9b107f27 Mon Sep 17 00:00:00 2001
From: Tom Lane
Date: Tue, 23 Mar 2004 01:23:48 +0000
Subject: Replace the virtual_host and tcpip_socket parameters with a unified
 listen_addresses parameter, as per recent discussion.  The default behavior
 is now to listen on localhost, which eliminates the need for the -i
 postmaster switch in many scenarios.

Andrew Dunstan
---
 doc/src/sgml/client-auth.sgml    | 34 ++++++++++-------
 doc/src/sgml/ref/postmaster.sgml | 35 +++++++++++-------
 doc/src/sgml/runtime.sgml        | 79 ++++++++++++++++++----------------------
 3 files changed, 77 insertions(+), 71 deletions(-)

(limited to 'doc/src')

diff --git a/doc/src/sgml/client-auth.sgml b/doc/src/sgml/client-auth.sgml
index 4b7846e34f6..d93e03f8e5f 100644
--- a/doc/src/sgml/client-auth.sgml
+++ b/doc/src/sgml/client-auth.sgml
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.64 2004/03/09 16:57:46 neilc Exp $
+$PostgreSQL: pgsql/doc/src/sgml/client-auth.sgml,v 1.65 2004/03/23 01:23:48 tgl Exp $
 -->
 
 <chapter id="client-authentication">
@@ -112,13 +112,19 @@ hostnossl  <replaceable>database</replaceable>  <replaceable>user</replaceable>
      <listitem>
       <para>
        This record matches connection attempts made using TCP/IP.
-       Note that TCP/IP connections are disabled unless the server is
-       started with the <option>-i</option> option or the <xref
-       linkend="guc-tcpip-socket"> configuration parameter is
-       enabled. <literal>host</literal> records match either
+       <literal>host</literal> records match either
        <acronym>SSL</acronym> or non-<acronym>SSL</acronym> connection
        attempts.
       </para>
+     <note>
+      <para>
+       Remote TCP/IP connections will not be possible unless
+       the server is started with an appropriate value for the
+       <xref linkend="guc-listen-addresses"> configuration parameter,
+       since the default behavior is to listen for TCP/IP connections
+       only on the local loopback address <literal>localhost</>.
+      </para>
+     </note>
      </listitem>
     </varlistentry>
 
@@ -126,17 +132,17 @@ hostnossl  <replaceable>database</replaceable>  <replaceable>user</replaceable>
      <term><literal>hostssl</literal></term>
      <listitem>
       <para>
-       This record matches connection attempts made using TCP/IP. In
-       addition, this record requires that the connection is made with
-       <acronym>SSL</acronym>.
+       This record matches connection attempts made using TCP/IP,
+       but only when the connection is made with <acronym>SSL</acronym>
+       encryption.
       </para>
 
       <para>
        To make use of this option the server must be built with
-       <acronym>SSL</acronym> support enabled. Furthermore,
-       <acronym>SSL</acronym> must be enabled by setting the <xref
-       linkend="guc-ssl"> configuration parameter (see <xref
-       linkend="ssl-tcp"> for more information).
+       <acronym>SSL</acronym> support. Furthermore,
+       <acronym>SSL</acronym> must be enabled at server start time
+       by setting the <xref linkend="guc-ssl"> configuration parameter (see
+       <xref linkend="ssl-tcp"> for more information).
       </para>
      </listitem>
     </varlistentry>
@@ -146,8 +152,8 @@ hostnossl  <replaceable>database</replaceable>  <replaceable>user</replaceable>
      <listitem>
       <para>
        This record is similar to <literal>hostssl</> but with the
-	   opposite logic: it only matches connection attempts made over
-	   TCP/IP that do not use <acronym>SSL</acronym>.
+       opposite logic: it only matches connection attempts made over
+       TCP/IP that do not use <acronym>SSL</acronym>.
       </para>
      </listitem>
     </varlistentry>
diff --git a/doc/src/sgml/ref/postmaster.sgml b/doc/src/sgml/ref/postmaster.sgml
index 2affe14d613..cf74272b9bc 100644
--- a/doc/src/sgml/ref/postmaster.sgml
+++ b/doc/src/sgml/ref/postmaster.sgml
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/ref/postmaster.sgml,v 1.46 2004/03/09 16:57:47 neilc Exp $
+$PostgreSQL: pgsql/doc/src/sgml/ref/postmaster.sgml,v 1.47 2004/03/23 01:23:48 tgl Exp $
 PostgreSQL documentation
 -->
 
@@ -165,11 +165,17 @@ PostgreSQL documentation
       <term><option>-h <replaceable class="parameter">hostname</replaceable></option></term>
       <listitem>
        <para>
-	Specifies the IP host name or address on which the
-	<command>postmaster</command> is to listen for
-	connections from client applications.  Defaults to
-	listening on all configured addresses (including
-        <systemitem class="systemname">localhost</systemitem>).
+        Specifies the IP host name or address on which the
+        <command>postmaster</command> is to listen for TCP/IP
+        connections from client applications.  The value can also be
+        a space-separated list of addresses, or <literal>*</> to specify
+        listening on all available interfaces.  An empty value specifies
+        not listening on any IP addresses, in which case only Unix-domain
+        sockets can be used to connect to the <command>postmaster</command>.
+        Defaults to listening only
+        on <systemitem class="systemname">localhost</systemitem>.
+        This option is equivalent to setting <literal>listen_addresses</> in
+        <filename>postgresql.conf</>.
        </para>
       </listitem>
      </varlistentry>
@@ -178,14 +184,16 @@ PostgreSQL documentation
       <term><option>-i</option></term>
       <listitem>
        <para>
-        Allows clients to connect via TCP/IP (Internet domain)
-	connections.  Without this option, only local Unix domain
-        socket connections are accepted. This option corresponds
-        to setting <literal>tcpip_socket=true</> in <filename>postgresql.conf</>.
+        Allows remote clients to connect via TCP/IP (Internet domain)
+        connections.  Without this option, only local connections are
+        accepted.  This option is equivalent to setting
+        <literal>listen_addresses</> to <literal>*</> in
+        <filename>postgresql.conf</> or via <option>-h</>.
        </para>
        <para>
-        <option>--tcpip-socket=false</option> has the opposite
-        effect of this option.
+        This option is deprecated since it does not allow access to the
+        full functionality of <literal>listen_addresses</>.  It's usually
+        better to set <literal>listen_addresses</> directly.
        </para>
       </listitem>
      </varlistentry>
@@ -206,8 +214,7 @@ PostgreSQL documentation
       <term><option>-l</option></term>
       <listitem>
        <para>
-	Enables secure connections using SSL.  The <option>-i</option>
-	option is also required.  You must have compiled with SSL
+	Enables secure connections using SSL.  You must have compiled with SSL
 	enabled to use this option.
        </para>
       </listitem>
diff --git a/doc/src/sgml/runtime.sgml b/doc/src/sgml/runtime.sgml
index 1469d7be532..7b56e192575 100644
--- a/doc/src/sgml/runtime.sgml
+++ b/doc/src/sgml/runtime.sgml
@@ -1,5 +1,5 @@
 <!--
-$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.251 2004/03/15 17:57:51 momjian Exp $
+$PostgreSQL: pgsql/doc/src/sgml/runtime.sgml,v 1.252 2004/03/23 01:23:48 tgl Exp $
 -->
 
 <Chapter Id="runtime">
@@ -186,11 +186,7 @@ $ <userinput>postmaster -D /usr/local/pgsql/data &gt;logfile 2&gt;&amp;1 &amp;</
   <para>
    The <command>postmaster</command> also takes a number of other
    command line options. For more information, see the reference page
-   and <xref linkend="runtime-config"> below. In particular, in order
-   for the server to accept
-   TCP/IP<indexterm><primary>TCP/IP</primary></indexterm> connections
-   (rather than just Unix-domain socket ones), you must specify the
-   <option>-i</option> option.
+   and <xref linkend="runtime-config"> below.
   </para>
 
   <para>
@@ -333,7 +329,7 @@ FATAL:  could not create TCP/IP listen socket
      be a different problem. For example, trying to start a <command>postmaster</command>
      on a reserved port number may draw something like:
 <screen>
-$ <userinput>postmaster -i -p 666</userinput>
+$ <userinput>postmaster -p 666</userinput>
 LOG:  could not bind IPv4 socket: Permission denied
 HINT:  Is another postmaster already running on port 666? If not, wait a few seconds and retry.
 FATAL:  could not create TCP/IP listen socket
@@ -570,19 +566,38 @@ SET ENABLE_SEQSCAN TO OFF;
      <title>Connection Settings</title>
 
      <variablelist>
-     
-     <varlistentry id="guc-tcpip-socket" xreflabel="tcpip_socket">
-      <term><varname>tcpip_socket</varname> (<type>boolean</type>)</term>
+
+     <varlistentry id="guc-listen-addresses" xreflabel="listen_addresses">
+      <term><varname>listen_addresses</varname> (<type>string</type>)</term>
       <listitem>
        <para>
-        If this is true, then the server will accept TCP/IP connections.<indexterm><primary>TCP/IP</></>
-        Otherwise only local Unix domain socket connections are
-        accepted. It is off by default. This option can only be set at
-        server start.
+         Specifies the TCP/IP address(es) on which the server is
+         to listen for connections from client applications.  
+         The value takes the form of a space-separated list of host names
+         and/or numeric IP addresses.  The special entry <literal>*</>
+         corresponds to all available IP interfaces.
+         If the list is empty, the server does not listen on any IP interface
+         at all, in which case only Unix-domain sockets can be used to connect
+         to it.
+         The default value is <systemitem class="systemname">localhost</>,
+         which allows only local <quote>loopback</> connections to be made.
+         This parameter can only be set at server start.
        </para>
       </listitem>
      </varlistentry>
-  
+
+     <varlistentry id="guc-port" xreflabel="port">
+      <term><varname>port</varname> (<type>integer</type>)</term>
+      <indexterm><primary>port</></>
+      <listitem>
+       <para>
+        The TCP port the server listens on; 5432 by default.  Note that the
+        same port number is used for all IP addresses the server listens on.
+        This parameter can only be set at server start.
+       </para>
+      </listitem>
+     </varlistentry>
+
      <varlistentry id="guc-max-connections" xreflabel="max_connections">
       <term><varname>max_connections</varname> (<type>integer</type>)</term>
       <listitem>
@@ -628,17 +643,6 @@ SET ENABLE_SEQSCAN TO OFF;
       </listitem>
      </varlistentry>
 
-     <varlistentry id="guc-port" xreflabel="port">
-      <term><varname>port</varname> (<type>integer</type>)</term>
-      <indexterm><primary>port</></>
-      <listitem>
-       <para>
-        The TCP port the server listens on; 5432 by default. This
-        option can only be set at server start.
-       </para>
-      </listitem>
-     </varlistentry>
-
 
      <varlistentry id="guc-unix-socket-directory" xreflabel="unix_socket_directory">
       <term><varname>unix_socket_directory</varname> (<type>string</type>)</term>
@@ -648,6 +652,7 @@ SET ENABLE_SEQSCAN TO OFF;
         server is to listen for
         connections from client applications.  The default is normally
         <filename>/tmp</filename>, but can be changed at build time.
+	This parameter can only be set at server start.
        </para>
       </listitem>
      </varlistentry>
@@ -701,27 +706,15 @@ SET ENABLE_SEQSCAN TO OFF;
        </para>
       </listitem>
      </varlistentry>
-
-     <varlistentry id="guc-virtual-host" xreflabel="virtual_host">
-      <term><varname>virtual_host</varname> (<type>string</type>)</term>
-      <listitem>
-       <para>
-        Specifies the IP address(es) on which the server is
-        to listen for connections from client applications.  If specified,
-        it takes the form of a space-separated list of host names and/or
-        numeric IP addresses.  If the list is empty, the server listens
-        on all available addresses (including
-        <systemitem class="systemname">localhost</>).
-       </para>
-      </listitem>
-     </varlistentry>
      
      <varlistentry id="guc-rendezvous-name" xreflabel="rendezvous_name">
       <term><varname>rendezvous_name</varname> (<type>string</type>)</term>
       <listitem>
        <para>
         Specifies the Rendezvous broadcast name.  By default, the
-        computer name is used, specified as ''.
+        computer name is used, specified as an empty string ''.
+	This option is only meaningful on platforms that support Rendezvous.
+        This option can only be set at server start.
        </para>
       </listitem>
      </varlistentry>
@@ -3009,11 +3002,11 @@ dynamic_library_path = '/usr/local/lib/postgresql:/home/my_project/lib:$libdir'
        </row>
        <row>
         <entry><option>-h <replaceable>x</replaceable></option></entry>
-        <entry><literal>virtual_host = <replaceable>x</replaceable></></entry>
+        <entry><literal>listen_addresses = <replaceable>x</replaceable></></entry>
        </row>
        <row>
         <entry><option>-i</option></entry>
-        <entry><literal>tcpip_socket = on</></entry>
+        <entry><literal>listen_addresses = '*'</></entry>
        </row>
        <row>
         <entry><option>-k <replaceable>x</replaceable></option></entry>
-- 
cgit v1.2.3