On Wed, Dec 14, 2005 at 17:54:53 +0200, Devrim GUNDUZ <devrim@xxxxxxxxxxxxxxxxx> wrote: > Hi, > > On Wed, 2005-12-14 at 10:42 -0500, Tom Lane wrote: > > > Hmm. Two questions: > > > - Is SELinux enabled? > > > > I think that's the only question you need ;-). And the answer is > > probably "get a newer version of selinux-policy". Disallowing the > > postgres executable from writing on /dev/tty was one of the earlier > > policy mistakes ... > > I'm pleased to always disable SELinux :) . I remember to have an > OpenWebmail problem months ago that drove me crazy, and at last I found > that it was a SELinux problem. I like the targetted selinux as that gives you a bit more protection from unknown (to you) vulnerabilities in services. Right now the mandatory access is too much of a pain (for me at least) to use.
