SELinux question
Paul Howarth
paul at city-fan.org
Wed May 31 14:36:24 UTC 2006
Zoltan Boszormenyi wrote:
> Paul Howarth írta:
>> Zoltan Boszormenyi wrote:
>>> What puzzled me is starting postgresql failed at boot
>>> but not the manual "service postgresql start" after bootup.
>>> (Maybe different contexts are applied to the logged-in root
>>> and the init program?)
>>
>> Running the initscript should be exactly the same as the boot process.
>> Starting the service manually (without the initscript) would be
>> different though, as no domain transition would happen.
>
> Both
>
> service postgresql start
>
> and
>
> su - postgres
> PGDATA=/home1/pgsql pg_ctl start
>
> started successfully if I logged in as root or under "su -" from my
> mortal uid.
> (The postgresql initscript uses "runuser" instead of "su" IIRC.)
>
>> Do the AVCs logged during the boot process show the process running as
>> postgresql_t? If you do a "ps uaxZ", is it running as postgresql_t or
>> unconfined_t?
>
> It's running under postgresql_t.
Does it run under postgresql_t if you start it using pg_ctl?
>> I've just responded to another poster with almost exactly the same
>> issue. I think this might be worth a wiki page.
>
> It would be a good idea.
I'll do that when the other poster's last issue (default file contexts)
is resolved.
Paul.
More information about the users
mailing list