[Pkg-postgresql-public] Bug#737661: postgresql-common: unix domain socket cannot be created when running SELinux
Martin Lang
lang at automata.rwth-aachen.de
Tue Feb 4 20:22:52 UTC 2014
Package: postgresql-common
Version: 134wheezy4
Severity: important
Tags: patch
Dear Maintainer,
when trying to start postgresql with SELinux active
in enforcing mode the creation of a unix domain socket
in /run/postgresql fails.
The reason for this problem is that the context of
/var/run/postgresql is not restored after its new
creation in the startup script at
/usr/share/postgresql-common/init.d-functions.
As a consequence it stays labeled with var_run_t
although it has to be labeled postgresql_var_run_t.
The problem can be fixed by calling restorecon after the
creation of the directory. The implementation in the
attached patch does not affect systems with SELinux
disabled but fixes the problem on systems with active
SELinux.
-- System Information:
Debian Release: 7.3
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages postgresql-common depends on:
ii adduser 3.113+nmu3
ii debconf [debconf-2.0] 1.5.49
ii logrotate 3.8.1-4
ii lsb-base 4.1+Debian8+deb7u1
ii postgresql-client-common 134wheezy4
ii procps 1:3.3.3-3
ii ssl-cert 1.0.32
postgresql-common recommends no packages.
postgresql-common suggests no packages.
-- debconf information excluded
-------------- next part --------------
A non-text attachment was scrubbed...
Name: postgresql-common.patch
Type: text/x-diff
Size: 514 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-postgresql-public/attachments/20140204/716ba9dd/attachment.patch>
More information about the Pkg-postgresql-public
mailing list