Dan,
At the selinux-policy-3.4.2, you pulled the latest upstreamed
refpolicy which contains a set of SE-PostgreSQL policies,
but it neglected to merge an interface invocation at
userdom_unpriv_user_template(), as follows:
optional_policy(`
postgresql_userdom_template($1,$1_t,$1_r)
')
It prevents user_t, staff_t, ... to access SE-PostgreSQL.
Could you update it?
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai(a)ak.jp.nec.com>