Re: Postgres 9.3 and SELinux

Hi,

On Wed, 2014-06-18 at 14:18 +0100, Nate wrote:
> I'm hope this is the right place to report. I had to make some changes
> to the file contexts in order to make Postgres 9.3 work in my
> environment (64-bit CentOS 6.5, SELinux)

I'm not surprised if there are more issues with SELinux, since my tests
never ever covered it, and I always disable SElinux :(

> Below is the pertinent output of semanage -o -:
>
> fcontext -a -f 'all files' -t postgresql_initrc_exec_t
> '/etc/rc\.d/init\.d/postgresql-9.3'
> fcontext -a -f 'all files' -t postgresql_exec_t '/usr/pgsql-9.3/bin/postgres'
> fcontext -a -f 'all files' -t postgresql_db_t '/var/lib/pgsql/9.3/data(/.*)?'
> fcontext -a -f 'all files' -t postgresql_log_t
> '/var/lib/pgsql/9.3/pgstartup\.log.*'
>
> My understanding of SELinux is rudimentary, so I may have missed some
> necessary rules, but these are the minimum that made it work in my
> environment. I believe this stems from the YUM packages not installing
> Postgres in the locations CentOS expects?

That is correct. CentOS expects them to be under /usr/bin
and /var/lib/pgsql/data. Our RPMs install them into versioned directory.

I think we should add these to spec file, so that people won't have
these issues later on.

Objections? Jeff?

Regards,

--
Devrim GÜNDÜZ
Principal Systems Engineer @ EnterpriseDB: http://www.enterprisedb.com
PostgreSQL Danışmanı/Consultant, Red Hat Certified Engineer
Twitter: @DevrimGunduz , @DevrimGunduzTR