[Pkg-postgresql-public] Bug#737661: postgresql-common: unix domain socket cannot be created when running SELinux

Martin Lang lang at automata.rwth-aachen.de
Tue Feb 4 20:22:52 UTC 2014


Package: postgresql-common
Version: 134wheezy4
Severity: important
Tags: patch

Dear Maintainer,

when trying to start postgresql with SELinux active
in enforcing mode the creation of a unix domain socket
in /run/postgresql fails. 
The reason for this problem is that the context of 
/var/run/postgresql is not restored after its new
creation in the startup script at 
/usr/share/postgresql-common/init.d-functions. 
As a consequence it stays labeled with var_run_t
although it has to be labeled postgresql_var_run_t.

The problem can be fixed by calling restorecon after the
creation of the directory. The implementation in the 
attached patch does not affect systems with SELinux
disabled but fixes the problem on systems with active
SELinux.

-- System Information:
Debian Release: 7.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages postgresql-common depends on:
ii  adduser                   3.113+nmu3
ii  debconf [debconf-2.0]     1.5.49
ii  logrotate                 3.8.1-4
ii  lsb-base                  4.1+Debian8+deb7u1
ii  postgresql-client-common  134wheezy4
ii  procps                    1:3.3.3-3
ii  ssl-cert                  1.0.32

postgresql-common recommends no packages.

postgresql-common suggests no packages.

-- debconf information excluded
-------------- next part --------------
A non-text attachment was scrubbed...
Name: postgresql-common.patch
Type: text/x-diff
Size: 514 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-postgresql-public/attachments/20140204/716ba9dd/attachment.patch>


More information about the Pkg-postgresql-public mailing list