Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report.
Summary: Review Request: sepostgresql - Security-Enhanced PostgreSQL
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=249522
------- Additional Comments From kaigai@kaigai.gr.jp 2007-07-31 12:12 EST ------- Thanks for your reviewing. The packages are updated based on them. http://code.google.com/p/sepgsql/downloads/list Spec URL: http://sepgsql.googlecode.com/files/sepostgresql.spec SRPM URL: http://sepgsql.googlecode.com/files/sepostgresql-8.2.4- 0.407.beta.fc8.src.rpm
(1). I could not build your package. What is selinux-policy-devel = "2.6.4-26.sepgsql.fc7"? It it included in fedora?
It is a modified selinux-policy package. Several Definitions for database related object classes and access vectores are added. Because these definitons are currently included in the default selinux- policy package, we also have to submit the additional definitions into the default selinux-policy package.
You can obtain the additional definitions from here: http://sepgsql.googlecode.com/svn/policy/refpolicy-add-sepgsql- definitions.fedora8.patch
(2) You have to use more macros throughout spec file. Such as: sepostgresql -> %{name} /usr/share/selinux/devel/Makefile -> %{__datadir}/selinux/devel/Makefile and also /usr/sbin etc, you can replace them with macros.
Several standard paths are replaced by the macros. /etc/rc.d/init.d -> %{_initrddir} /usr/share -> %{_datadir} However, I kept a part using /usr/sbin as a path of commands, like semodule, because these are not changed when %{_prefix} of sepostgresql is over-written. In addition, this manner follows the "Packaging SELinux Policy Modules (draft)". http://fedoraproject.org/wiki/PackagingDrafts/SELinux/PolicyModules
(3) Your package does not include documentation.
The following line was added. %doc COPYRIGHT README HISTORY
SE-PostgreSQL is distributed under BSD license, as PostgreSQL.
(4) I can not find download url for source files.
"Source0" got a full location to indicate full location, as follows: Source0: ftp://ftp.postgresql.org/pub/source/v%{version}/postgresql-% {version}.tar.gz
Thanks,