Re: SELinux & Redhat
| От | Tom Lane |
|---|---|
| Тема | Re: SELinux & Redhat |
| Дата | |
| Msg-id | 15121.1115395067@sss.pgh.pa.us обсуждение |
| Ответ на | Re: SELinux & Redhat (Jeff - <threshar@torgo.978.org>) |
| Ответы |
Re: SELinux & Redhat
|
| Список | pgsql-docs |
Jeff - <threshar@torgo.978.org> writes:
> When I run pg_dump w/these settings the following happens running
> pg_dump (.broken is hte original file from the rpm)
> bash-3.00$ /usr/bin/pg_dump.broken planet
> bash-3.00$
Does it work if you direct the output into a file, instead of letting it
come to your terminal (which seems a bit useless anyway)?
I've been bugging dwalsh about the fact that the selinux policy
disallows writes to /dev/tty to things it thinks are daemons;
that seems pretty stupid. But pg_dump isn't a daemon so there's
no reason for it to be restricted this way anyway...
> and what is interesting is it seems only sometimes things get logged
> to syslog about the failure.
Someone told me there's a rate limit on selinux complaints going to
syslog, to keep it from swamping your logs. I suspect there are some
actual bugs there too, because I've noticed cases where an action was
blocked and there wasn't any log message, nor enough activity to
justify a rate limit. Feel free to file a bugzilla report if you can
get a reproducible case.
regards, tom lane
В списке pgsql-docs по дате отправления: