| From: | Kohei Kaigai <Kohei(dot)Kaigai(at)EMEA(dot)NEC(dot)COM> |
|---|---|
| To: | Emanuel Calvo <postgres(dot)arg(at)gmail(dot)com>, Devrim GÜNDÜZ <devrim(at)gunduz(dot)org> |
| Cc: | postgresql Forums <pgsql-general(at)postgresql(dot)org>, KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com> |
| Subject: | Re: Error compiling sepgsql in PG9.1 |
| Date: | 2011-05-24 11:44:09 |
| Message-ID: | A9F5079BABDEE646AEBDB6831725762C55601F0D04@EUEXCLU01.EU.NEC.COM |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general pgsql-hackers |
> 2011/5/21 Devrim GÜNDÜZ <devrim(at)gunduz(dot)org>:
> > On Sat, 2011-05-21 at 02:50 +0100, Kohei Kaigai wrote:
> >> As documentation said, it needs libselinux 2.0.93 or higher.
> >> This version supports selabel_lookup(3) for database object classes.
> >
> > AFAICS, we are not checking it during configure. It might be worth to
> > add libselinux version check in the configure phase.
> > --
>
> So it could be added into the configure the check and I think
> a patch in the doc could complete this issue. That's rigth?
>
Correct.
Now, configure script checks existence of libselinux using AC_CHECK_LIB(),
but getpeercon(3) has been supported for a long time, thus, an older version
of libselinux can also pass this test.
What I want to check here is an existence of SELABEL_CTX_DB definition in
selinux/label.h header file; supported on 2.0.93 or later.
Do you have any good idea to check existence of a particular definition in
a particular header file.
-- in selinux/label.h
/*
* Available backends.
*/
/* file contexts */
#define SELABEL_CTX_FILE 0
/* media contexts */
#define SELABEL_CTX_MEDIA 1
/* x contexts */
#define SELABEL_CTX_X 2
/* db objects */
#define SELABEL_CTX_DB 3 <-- not exist libselinux older than 2.0.93
Thanks,
--
NEC Europe Ltd, SAP Global Competence Center
KaiGai Kohei <kohei(dot)kaigai(at)emea(dot)nec(dot)com>
> -----Original Message-----
> From: Emanuel Calvo [mailto:postgres(dot)arg(at)gmail(dot)com]
> Sent: 24. Mai 2011 12:30
> To: Devrim GÜNDÜZ
> Cc: Kohei Kaigai; postgresql Forums; KaiGai Kohei
> Subject: Re: [GENERAL] Error compiling sepgsql in PG9.1
>
> 2011/5/21 Devrim GÜNDÜZ <devrim(at)gunduz(dot)org>:
> > On Sat, 2011-05-21 at 02:50 +0100, Kohei Kaigai wrote:
> >> As documentation said, it needs libselinux 2.0.93 or higher.
> >> This version supports selabel_lookup(3) for database object classes.
> >
> > AFAICS, we are not checking it during configure. It might be worth to
> > add libselinux version check in the configure phase.
> > --
>
> So it could be added into the configure the check and I think
> a patch in the doc could complete this issue. That's rigth?
>
>
>
> --
> --
> Emanuel Calvo
> Helpame.com
| From | Date | Subject | |
|---|---|---|---|
| Next Message | David Johnston | 2011-05-24 11:46:07 | Re: Returning Rows in Procedure |
| Previous Message | Emanuel Calvo | 2011-05-24 11:30:27 | Re: Error compiling sepgsql in PG9.1 |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2011-05-24 11:56:53 | Re: sepgsql: fix relkind handling on foreign tables |
| Previous Message | Emanuel Calvo | 2011-05-24 11:30:27 | Re: Error compiling sepgsql in PG9.1 |