Re: Remote monitoring

From: "Marc Mitchell" <marcm(at)eisolution(dot)com>
To: "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>
Cc: "Ross J(dot) Reedstrom" <reedstrm(at)rice(dot)edu>, <pgsql-admin(at)postgresql(dot)org>
Subject: Re: Remote monitoring
Date: 2002-09-06 18:49:20
Message-ID: 00e101c255d6$1c615ba0$7501050a@eisolution.com
Views: Raw Message | Whole Thread | Download mbox | Resend email
Thread:
Lists: pgsql-admin

Setting the DISPLAY on the remote machine works fine if the remote machine
can directly access the local/client machine. It cannot in our case due to
firewall and NAT issues.

In this case we (thanks to Ross) use ssh (instead of the simpler slogin)
from client to remote server. However, you set DISPLAY on the local
machine, not the remote machine. The server side of ssh (sshd) sets up all
the required settings to send the X11 traffic back over the established
link. In fact, the ssh man page on our box explicitly states: "The user
should not manually set DISPLAY." meaning on the remote side.

One thing that was hampering this, at least within our install, was that
the postgres home directory on the remote server was owned by root and not
postgres. When ssh'ing into the box with the X11 forwarding enabled, the
daemon wants to create a file (".Xauthority") in the home directory of the
user on the remote machine. When this directory isn't writeable by the
user, the creation of this file fails and the X11 forwarding doesn't work
(and in fact screws up a lot of basic UI-rich apps like vi). Our solution
was to make that directory writeable by everyone. We tried pre-creating
just the file and chmod'ing but that didn't work apparently indicating the
process wants to re-create the file as opposed to appending to it.

Also, wasn't able to make this work in the situation where to ssh as user
"X" and then on the remote machine su to user "postgres". But I didn't try
very hard to figure it out once I got it working under the "postgres"
account. I suspect it would be do-able. This might be important if ssh
logins are restricted to certain accounts and those accounts don't include
"postgres" which would be needed to enable the query view functionality as
well as others.

Marc

----- Original Message -----
From: "Bruce Momjian" <pgman(at)candle(dot)pha(dot)pa(dot)us>
To: "Marc Mitchell" <marcm(at)eisolution(dot)com>
Cc: "Ross J. Reedstrom" <reedstrm(at)rice(dot)edu>; <pgsql-admin(at)postgresql(dot)org>
Sent: Friday, September 06, 2002 1:23 PM
Subject: Re: [ADMIN] Remote monitoring

> Marc Mitchell wrote:
> > Ross,
> >
> > You rock! This works perfectly! Thank you very much!
>
> The pgmonitor README does have this paragraph:
>
> Pgmonitor only works when run on the database server machine. To use it
> remotely, log into the remote machine, set the DISPLAY variable to point
> to your local X server, and start pgmonitor. Pgmonitor will then run on
> the remote machine, but will display on your local machine.
>
> --
> Bruce Momjian | http://candle.pha.pa.us
> pgman(at)candle(dot)pha(dot)pa(dot)us | (610) 359-1001
> + If your life is a hard drive, | 13 Roberts Road
> + Christ can be your backup. | Newtown Square, Pennsylvania
19073

In response to

Browse pgsql-admin by date

  From Date Subject
Next Message Andrew Sullivan 2002-09-06 20:51:59 Re: VACUUM on multi-CPU systems?
Previous Message Bruce Momjian 2002-09-06 18:41:06 Re: [OT] Remote monitoring (X tunneling via SSH)