If the user is given the necessary rights, then can the connection process get a context of the user? Is there the possibility in principle? 24.03.2015, 21:11, "John R Pierce" <pierce@xxxxxxxxxxxx>: > On 3/24/2015 5:16 AM, Мартынов Александр wrote: >> There is postgres db with sepgsql enabled. When user connect to postgres db with psql, postgres create new process for each connection. These processes have selinux context unconfined_u:unconfined_r:postgresql_t. >> >> Is there a way to assign the process a context of user that connected to db? > > what if that user is on a different system connecting over the network? > > no, the only user the postgres server processes should run as are those > of the postgres server itself as it needs to read and write files in the > postgres data directory tree. > > -- > john, recycling bits in santa cruz > > -- > Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) > To make changes to your subscription: > http://www.postgresql.org/mailpref/pgsql-general -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
