| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>, Joe Conway <mail(at)joeconway(dot)com> |
| Subject: | Re: security_context_t marked as deprecated in libselinux 3.1 |
| Date: | 2020-08-13 05:22:41 |
| Message-ID: | 20200813052241.GG11663@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Wed, Aug 12, 2020 at 10:50:21PM -0400, Tom Lane wrote:
> Ummm ... aren't you going to get some cast-away-const warnings now?
> Or are all of the called functions declared as taking "const char *"
> not just "char *"?
Let me see.. The function signatures we use have been visibly changed
in 9eb9c932, which comes down to a point between 2.2.2 and 2.3, and
there are two of them we care about, both use now "const char *":
- security_check_context_raw()
- security_compute_create_name_raw()
We claim in the docs that the minimum version of libselinux supported
is 2.1.10 (7a86fe1a from march 2012).
Then, the only buildfarm animal I know of testing selinux is
rhinoceros, that uses CentOS 7.1, and this visibly already bundles
libselinux 2.5 that was released in 2016 (2b69984), per the RPM list
here:
http://mirror.centos.org/centos/7/
Joe, what's the version of libselinux used in rhinoceros? 2.5?
Based on this information, what if we increased the minimum support to
2.3 then? That's a release from 2014, and maintaining such legacy
code does not seem much worth the effort IMO.
--
Michael
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Jesse Zhang | 2020-08-13 05:24:41 | Re: run pgindent on a regular basis / scripted manner |
| Previous Message | Noah Misch | 2020-08-13 05:21:37 | Re: run pgindent on a regular basis / scripted manner |