selinux warnings when initializing PostgreSQL

Florin Andrei florin at andrei.myip.org
Fri Apr 15 05:58:05 UTC 2005


On Thu, 2005-04-14 at 22:54 -0700, Florin Andrei wrote:

> Apr 14 22:47:52 demo kernel: audit(1113544072.328:0): avc:  denied
> { read } for  pid=3042 exe=/bin/cp name=config dev=hda2 ino=1212848
> scontext=root:system_r:postgresql_t
> tcontext=user_u:object_r:selinux_config_t tclass=file
> Apr 14 22:47:52 demo kernel: audit(1113544072.334:0): avc:  denied
> { getattr } for  pid=3042 exe=/bin/cp path=/etc/selinux/config dev=hda2
> ino=1212848 scontext=root:system_r:postgresql_t
> tcontext=user_u:object_r:selinux_config_t tclass=file

Hm, and now i'm getting something very similar when running a simple DB
initialization script (create databases, create users, create tables,
assign privileges) that before (with non-updated FC4t2) did not give any
SELinux warnings.

Apr 14 22:55:47 demo kernel: audit(1113544547.453:0): avc:  denied
{ read } for  pid=3269 exe=/bin/cp name=config dev=hda2 ino=1212848
scontext=root:system_r:postgresql_t
tcontext=user_u:object_r:selinux_config_t tclass=file
Apr 14 22:55:47 demo kernel: audit(1113544547.459:0): avc:  denied
{ getattr } for  pid=3269 exe=/bin/cp path=/etc/selinux/config dev=hda2
ino=1212848 scontext=root:system_r:postgresql_t
tcontext=user_u:object_r:selinux_config_t tclass=file

-- 
Florin Andrei

http://florin.myip.org/




More information about the test mailing list