On 06/01/2009 02:03 AM, KaiGai Kohei wrote: > Dan, > > http://people.fedoraproject.org/~dwalsh/SELinux/F11/system_userdomain.patch > > It seems to me that the patch removes postgresql_role() from the > userdom_unpriv_user_template(), but it can prevent staff_t to access > SE-PostgreSQL. > > Could you fix it please? Ok I added optional_policy(` postgresql_role(staff_r, staff_t) ') to staff.te, I do not want all users to be able to manage postgresql. So this should be user type by user type decision. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
