[linux] PostgreSQL Error on Red Hat EL 5.5 - Any suggestions?

Seth Whelan whelan at nb.uw.edu
Mon Jul 12 09:41:20 PDT 2010

Previous message: [linux] PostgreSQL Error on Red Hat EL 5.5 - Any suggestions?
Next message: [linux] FWD: Likewise-open exploit on Ubuntu 10.04 with likewise-open5 package, Troj/BBDoS-B
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

If it only works with SELinux off then you can make a policy module to
allow whatever postgre is doing. The process is a bit laborious as you
typically have to keep allowing things a bit at a time until SELinux
stops complaining. Instructions can be found here (Note: this will only
work if you have the right tools installed; RHEL5 comes with them by
default):

http://docs.fedoraproject.org/en-US/Fedora/13/html/SELinux_FAQ/index.html

Look for the Q: entitled "I have some avc denials that I would like to
allow, how do I do this?".

I've done this with a different package (Cyrus-IMAP) and it will
eventually work if you keep at it. Let me know if you're interested in
further elaboration.

____________________________________
Seth Whelan
NESAC/BIO Senior Computer Specialist
Department of Bioengineering
University of Washington
Phone: (206) 616-8187

On 7/9/10 1:39 PM, Joshua Daniel Franklin wrote:

> Hi Michalis,

>

> You should run this command as root:

>

> /sbin/service postgresql start

>

> That allows system bookkeeping such as active

> pids; the script in /etc/init.d/ switch to

> running the db as postgres user automatically.

>

> Hope it helps,

> Joshua

>

>

> On 7/9/10 [9 Jul] 1:02 PM, Michalis Avraam wrote:

>> Dear all,

>>

>> A development server that has gone unused for a few months is acting

>> up now that it is needed. I am trying to run the installed PostgreSQL

>> (8.3.10) on it, but for some reason it fails to start. PostgreSQL was

>> successfully running for quite a while apparently, with no changes to

>> it done. Here is what I do:

>>

>> postgres# /sbin/service postgresql start

>> [ FAIL ]

>> Contents of log file:

>> runuser: cannot set groups: Operation not permitted

>>

>> If the same operation is run again through root, it runs fine, only if

>> SELinux is disabled (which is not desired).

>>

>> Any suggestions on how to correct this behavior so PostgreSQL can run

>> with SELinux enforcing?

>>

>> Thank you in advance,

>>

>> Michalis

>> Geography

>

>

Previous message: [linux] PostgreSQL Error on Red Hat EL 5.5 - Any suggestions?
Next message: [linux] FWD: Likewise-open exploit on Ubuntu 10.04 with likewise-open5 package, Troj/BBDoS-B
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Linux mailing list