postgresql pg_dump won't run
Daniel J Walsh
dwalsh at redhat.com
Fri Dec 31 03:59:55 UTC 2004
Dr. Michael J. Chudobiak wrote:
> Hi,
>
> I've just installed selinux on my FC3 server using the targeted
> policy, and everything went well except that I can no longer run
> /usr/bin/pg_dumpall as a root cron job for backing up postgresql
> databases. I get this sort of log message, even if I run
> pg_dump/pg_dumpall as the postgres user:
>
>
> Dec 30 10:17:01 server2 kernel: audit(1104419821.285:0): avc: denied
> { execute_no_trans } for pid=24740 exe=/bin/bash
> path=/usr/bin/pg_dump dev=md0 ino=346137
> scontext=user_u:system_r:postgresql_t
> tcontext=system_u:object_r:postgresql_exec_t tclass=file
>
>
> For now, I've disabled the postgres protection using
> system-config-security-level, and it works fine - but postgresql is
> unprotected of course.
>
> Is there a way of running pg_dump and pg_dumpall under selinux,
> without abandoning or rewriting the targeted policy?
>
>
> - Mike
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-selinux-list
Grab selinux-policy-targeted-1.17.30-2.62 off of
ftp://people.redhat.com/dwalsh/SELinux/FC3
More information about the selinux
mailing list