[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SELinux question



Zoltan Boszormenyi wrote:
Paul Howarth írta:
Zoltan Boszormenyi wrote:
What puzzled me is starting postgresql failed at boot
but not the manual "service postgresql start" after bootup.
(Maybe different contexts are applied to the logged-in root
and the init program?)

Running the initscript should be exactly the same as the boot process. Starting the service manually (without the initscript) would be different though, as no domain transition would happen.

Both

service postgresql start

and

su - postgres
PGDATA=/home1/pgsql pg_ctl start

started successfully if I logged in as root or under "su -" from my mortal uid.
(The postgresql initscript uses "runuser" instead of "su" IIRC.)

Do the AVCs logged during the boot process show the process running as postgresql_t? If you do a "ps uaxZ", is it running as postgresql_t or unconfined_t?

It's running under postgresql_t.

Does it run under postgresql_t if you start it using pg_ctl?

I've just responded to another poster with almost exactly the same issue. I think this might be worth a wiki page.

It would be a good idea.

I'll do that when the other poster's last issue (default file contexts) is resolved.

Paul.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]