Please do not reply directly to this email. All additional comments should be made in the comments box of this bug report. Summary: Review Request: sepostgresql - Security-Enhanced PostgreSQL https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=249522 ------- Additional Comments From kaigai@xxxxxxxxxxxx 2007-08-10 02:44 EST ------- Created an attachment (id=161040) --> (https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=161040&action=view) init script of sepostgresql-8.2.4-0.418.beta.fc8 Here is the new version of SE-PostgreSQL SpecURL: http://sepgsql.googlecode.com/files/sepostgresql.spec SrpmURL: http://sepgsql.googlecode.com/files/sepostgresql-8.2.4-0.418.beta.fc8.src.rpm (In reply to comment #24) > Well, actually unless bug 250494 is resolved, it seems that > I cannot go further on this review request?? Yes, it depends on selinux-package with object classes definition for SE-PostgreSQL, so it has to be resolved. Fortunatelly, these new object classes are merged into the upstreamed reference policy yesterday. I think it will be integrated within the selinux-policy package soon. http://marc.info/?l=selinux&m=118666527208126&w=2 The new version of SE-PostgreSQL contains some modifications of the init script. > However for initscripts: > * lock file and pid file > - Usually when daemon is running, there should be two files > - /var/run/<daemon name>.pid - contains the info of the pid > number > - /var/lock/subsys/<daemon name> I added a code to create lock file and pid file on startup, and to remove them on shutdown. rpmlint got a silent. I uses "/var/lock/subsys/${NAME}.lock" as a pathname of the lock file. It is same manner with postgresql's one, but rpmlint made warnings. Should it be replaced by an immediate value? > * status > - and what does "service sepostgresql status" return? > Usually the format is: > ---------------------------------------------------- > [root@localhost ~]# LANG=C service xfs status > xfs (pid 2343) is running... > ---------------------------------------------------- It displays the following message. ------------------------------------------ [root@masu ~]# service sepostgresql status sepostgresql: server is running (PID: 11726) [root@masu ~]# service sepostgresql stop Stopping sepostgresql service: [ OK ] [root@masu ~]# service sepostgresql status sepostgresql: no server running [root@masu ~]# echo $? 3 [root@masu ~]# ------------------------------------------ In addition, I updated the path of the commands run by /sbin/runuser as follows: | cd ${SEPGSQL_BIN} | /sbin/runuser sepgsql -- -c "./pg_ctl -D ${SEPGSQL_DATA} status" When /sbin/runuser is run with CWD sepgsql cannot access, typically /root, a noisy warnning message will be generated. "cd ${SEPGSQL_BIN}" ensure that sepgsql can be placed on his accesable CWD. -- Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is. _______________________________________________ Fedora-package-review mailing list Fedora-package-review@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-package-review