RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
selinux-refpolicy/policy
History
Sven Vermeulen 84497cc8e8 Postgresql 9.2 connects to its unix stream socket 
When starting postgresql, it fails with the (little saying) error message:
pg_ctl: could not start server

In the denials, we notice:
Nov 24 10:41:52 lerya kernel: [1628900.540506] type=1400
audit(1353750112.021:10143): avc:  denied  { connectto } for  pid=20481
comm="pg_ctl" path="/run/postgresql/.s.PGSQL.5432" ipaddr=...
scontext=system_u:system_r:postgresql_t tcontext=system_u:system_r:postgresql_t
tclass=unix_stream_socket

Hence, allow postgresql to connect to its own stream socket.

Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>
 		2013-01-03 10:32:41 -05:00
..
flask Rename epollwakeup capability2 permission to block_suspend to match the 2012-07-25 09:01:55 -04:00
modules Postgresql 9.2 connects to its unix stream socket 2013-01-03 10:32:41 -05:00
support Add optional file name to filetrans_pattern. 2011-11-02 08:48:25 -04:00
constraints Allow user and role changes on dynamic transitions with the same constraints as regular transitions. 2011-09-02 09:59:26 -04:00
global_booleans Move secure_mode_policyload into selinux module as that is the only place it is used. 2011-09-26 09:53:23 -04:00
global_tunables Rename allow_console tunable to console_login. 2011-01-14 11:44:42 -05:00
mcs Implement mcs_constrained_type 2012-11-28 16:12:25 -05:00
mls SEPostgresql changes from Kohei KaiGai. 2012-05-18 09:28:18 -04:00
policy_capabilities
users