"Just Someone" <just.some@xxxxxxxxx> writes: > Some more clues that might help you see if there's a real problem, is > that the /var/lib/pgsql/data/postmaster.pid file is created with the a > SELinux context that's different from the rest. It is created with > system_u:object_r:file_t while the rest of the files are created with > root:object_r:postgresql_db_t. And the postmaster (when using runuser) > fails on accessing it according to the audit log. Hmm. That seems like a SELinux policy bug. It doesn't happen for me: the pid file is created with the same context the other files have. -rw------- postgres postgres root:object_r:postgresql_db_t postmaster.pid Are you sure that your SELinux policy is up-to-date? Maybe you need to do a restorecon on the postgres binaries and/or /var/lib/pgsql/data. > Some more info about the system: > * FC4 fully updated > * Postgres 8.1.3 built from the PGDG SRPMs > * Dual Opteron I tried it myself on a freshly-updated FC4 x86_64 system, using the current FC5 SRPMs, and couldn't see a problem. Red Hat's SRPMs are not exactly like the PGDG ones, but the only difference I can find that looks at all relevant to SELinux is this one in the init script: 132c134 < [ -x /usr/bin/chcon ] && /usr/bin/chcon -u system_u -r object_r -t postgresql_log_t "$PGLOG" --- > [ -x /usr/bin/chcon ] && /usr/bin/chcon -t postgresql_log_t "$PGLOG" and that's not about the pid file. regards, tom lane
