Re: avc denied from postgresql

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Russell Coker wrote:

On Sat, 3 Jul 2004 09:39, Richard Hally <rhally@xxxxxxxxxxxxxx> wrote:

Russell Coker wrote:

Let's get back to basics and look at the concepts rather than AVC
messages.

/etc/rc.d/init.d/postgresql uses su to change uid to start the daemon,
this is a problem as it's not compatible with the usual su operation.


Huh? su (Substitute User) has been to "Change the effective userid and
group id" since I first learned about it in 1978. And is being used for
that purpose in the init.d/postgresql stript.



It's purpose is to change the effective UID/GID for interactive sessions.

From su(1) on Fedora: 
su - run a shell with substitute user and group IDs

From su(1) on Debian: 
su  is  used  to  become  another user during a login session.

There's no mention I could find in the documentation of using su for starting daemons.

I think that there is no good reason for using su in this manner, and some good reasons for not doing so. The postgresql start scripts will have to be changed.


/etc/rc.d/init.d/postgresql does lots of things other than just starting
a daemon, for example the code after:
echo -n $"Initializing database: "


Maybe we need a restorecon where it creates the data directory(if not
already present (a rare occurance)).


It might be rare in terms of the number of times the daemon is started, but from my understanding of the script it's expected to be done the first time the daemon is started. So it's inevitable that it happens at least once, and therefore we have to handle it.


The real work part of initializing the data directory is done with "su
-l postgres -c ..." just like the part that starts the server(i.e. su -l
postgres -c ...)

What is it about pam_selinux that is causing the problem?


The fact that there is no identity, role, and domain defined for Postgres. We can configure the SE Linux policy to allow this, but it's the wrong approach.

Ok, now I understand making a distinction about using su for starting a deamon.
What is the problem with defining a user role for postgres? And how would one go about doing that?

TFTH
Richard Hally

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux