Re: Error compiling sepgsql in PG9.1

I noticed that selinux_sepgsql_context_path(3) was also got merged at libselinux-2.0.83.
So, we could check correctness of library versions using existence of this function.

Does this patch expectedly abort the configure script on older libselinux installation?
I'm not available to setup Ubuntu environment immediately.

Thanks,
--
NEC Europe Ltd, SAP Global Competence Center
KaiGai Kohei <kohei(dot)kaigai(at)emea(dot)nec(dot)com>

> -----Original Message-----
> From: Kohei Kaigai [mailto:Kohei(dot)Kaigai(at)EMEA(dot)NEC(dot)COM]
> Sent: 24. Mai 2011 12:44
> To: Emanuel Calvo; Devrim GÜNDÜZ
> Cc: postgresql Forums; KaiGai Kohei
> Subject: RE: [GENERAL] Error compiling sepgsql in PG9.1
>
> > 2011/5/21 Devrim GÜNDÜZ <devrim(at)gunduz(dot)org>:
> > > On Sat, 2011-05-21 at 02:50 +0100, Kohei Kaigai wrote:
> > >> As documentation said, it needs libselinux 2.0.93 or higher.
> > >> This version supports selabel_lookup(3) for database object classes.
> > >
> > > AFAICS, we are not checking it during configure. It might be worth to
> > > add libselinux version check in the configure phase.
> > > --
> >
> > So it could be added into the configure the check and I think
> > a patch in the doc could complete this issue. That's rigth?
> >
> Correct.
>
> Now, configure script checks existence of libselinux using AC_CHECK_LIB(),
> but getpeercon(3) has been supported for a long time, thus, an older version
> of libselinux can also pass this test.
>
> What I want to check here is an existence of SELABEL_CTX_DB definition in
> selinux/label.h header file; supported on 2.0.93 or later.
>
> Do you have any good idea to check existence of a particular definition in
> a particular header file.
>
> -- in selinux/label.h
> /*
> * Available backends.
> */
>
> /* file contexts */
> #define SELABEL_CTX_FILE 0
> /* media contexts */
> #define SELABEL_CTX_MEDIA 1
> /* x contexts */
> #define SELABEL_CTX_X 2
> /* db objects */
> #define SELABEL_CTX_DB 3 <-- not exist libselinux older than 2.0.93
>
> Thanks,
> --
> NEC Europe Ltd, SAP Global Competence Center
> KaiGai Kohei <kohei(dot)kaigai(at)emea(dot)nec(dot)com>
>
>
> > -----Original Message-----
> > From: Emanuel Calvo [mailto:postgres(dot)arg(at)gmail(dot)com]
> > Sent: 24. Mai 2011 12:30
> > To: Devrim GÜNDÜZ
> > Cc: Kohei Kaigai; postgresql Forums; KaiGai Kohei
> > Subject: Re: [GENERAL] Error compiling sepgsql in PG9.1
> >
> > 2011/5/21 Devrim GÜNDÜZ <devrim(at)gunduz(dot)org>:
> > > On Sat, 2011-05-21 at 02:50 +0100, Kohei Kaigai wrote:
> > >> As documentation said, it needs libselinux 2.0.93 or higher.
> > >> This version supports selabel_lookup(3) for database object classes.
> > >
> > > AFAICS, we are not checking it during configure. It might be worth to
> > > add libselinux version check in the configure phase.
> > > --
> >
> > So it could be added into the configure the check and I think
> > a patch in the doc could complete this issue. That's rigth?
> >
> >
> >
> > --
> > --
> >               Emanuel Calvo
> >               Helpame.com