Mike Palmiotto writes:
> On Fri, Jul 19, 2019 at 4:29 PM Tom Lane wrote:
>> I can confirm that the 0001 patch fixes things on my Fedora 30 box.
>> So that's good, though I don't know enough to evaluate it for style
>> or anything like that.
> I think the policy is in need of review/rewriting any
On Fri, Jul 19, 2019 at 4:29 PM Tom Lane wrote:
>
> Mike Palmiotto writes:
> > We probably need to polish this a bit more, but what do you think
> > about something similar to the attached patches? They should hopefully
> > reduce some of the complexity of running these regression tests.
>
> I ca
Mike Palmiotto writes:
> We probably need to polish this a bit more, but what do you think
> about something similar to the attached patches? They should hopefully
> reduce some of the complexity of running these regression tests.
I can confirm that the 0001 patch fixes things on my Fedora 30 box
On Fri, Jul 19, 2019 at 11:19 AM Tom Lane wrote:
>
> I got around to trying this, and lookee here:
>
> $ sudo sesearch -A -s sepgsql_regtest_user_t -t passwd_file_t
> allow domain file_type:blk_file map; [ domain_can_mmap_files ]:True
> allow domain file_type:chr_file map; [ domain_can_mmap_files
Mike Palmiotto writes:
> The sepgsql_regtest_user_t domain should be allowed to read any file
> labeled "passwd_file_t". We can check that with the `sesearch` tool,
> provided by the "setools-console" package on F30:
> % sudo sesearch -A -s sepgsql_regtest_user_t -t passwd_file_t
> allow domain f
Mike Palmiotto writes:
> On Thu, Jul 18, 2019 at 11:06 PM Tom Lane wrote:
>>> $ runcon -t sepgsql_regtest_user_t psql --help
>>> psql: fatal: could not look up effective user ID 1000: user does not exist
> You can rule out SELinux for this piece by running `sudo setenforce
> 0`. If the `runcon .
On Thu, Jul 18, 2019 at 11:06 PM Tom Lane wrote:
>
> Mike Palmiotto writes:
> > On Wed, Jul 17, 2019 at 12:32 PM Tom Lane wrote:
> >> $ runcon -t sepgsql_regtest_user_t psql --help
> >> psql: fatal: could not look up effective user ID 1000: user does not exist
You can rule out SELinux for this
Mike Palmiotto writes:
> On Wed, Jul 17, 2019 at 12:32 PM Tom Lane wrote:
>> $ runcon -t sepgsql_regtest_user_t psql --help
>> psql: fatal: could not look up effective user ID 1000: user does not exist
> I wonder what your password file is labeled. It ought to be:
> % ls -Z /etc/passwd
> system_
On Wed, Jul 17, 2019 at 12:32 PM Tom Lane wrote:
>
> I tried to run the contrib/sepgsql tests, following the instructions,
> on a recently-set-up Fedora 30 machine. I've done that successfully
> on previous Fedora releases, but it's no go with F30.
>
> First off, building the sepgsql-regtest.pp p
On 7/17/19 12:54 PM, Tom Lane wrote:
> I wrote:
>> I tried to run the contrib/sepgsql tests, following the instructions,
>> on a recently-set-up Fedora 30 machine. I've done that successfully
>> on previous Fedora releases, but it's no go with F30.
>> ...
>> I'm pretty sure the test recipe last wo
I wrote:
> I tried to run the contrib/sepgsql tests, following the instructions,
> on a recently-set-up Fedora 30 machine. I've done that successfully
> on previous Fedora releases, but it's no go with F30.
> ...
> I'm pretty sure the test recipe last worked for me on F28.
> Off to try F29.
On Fe
I tried to run the contrib/sepgsql tests, following the instructions,
on a recently-set-up Fedora 30 machine. I've done that successfully
on previous Fedora releases, but it's no go with F30.
First off, building the sepgsql-regtest.pp policy file spews
a bunch of complaints that I don't recall ha
12 matches
Mail list logo
