Yuichi Nakamura wrote:
Thanks for the reply, it looks to me that the problem is more like the policy and file_contexts were written for the way Debian(or some other distro) installs PostgresSQL and Fedora installs things differently. The most notable is that in the .fc it has the only postgresql_exec_t with a regex for /usr/lib(64)?/postgresql/bin/.* and on Fedora the executables are in /usr/bin.On Wed, 16 Jun 2004 00:31:58 -0400 Richard Hally <rhallyx@xxxxxxxxxxxxxx> wrote:
With the above change to the postgresql.fc I get the following avc denied messages when booting:
You must add /usr/bin/postgres -- system_u:object_r:postgresql_exec_t
to postgresql.fc
and , comment out session optional /lib/security/$ISA/pam_selinux.so multiple
from /etc/pam.d/su.
The question I have is: how do we handle these case where different distros put the same files in different places? Do we continue to add to the policy for each different distro?
Richard Hally
