| From: | Robert Haas <robertmhaas(at)gmail(dot)com> |
|---|---|
| To: | Kohei Kaigai <Kohei(dot)Kaigai(at)emea(dot)nec(dot)com> |
| Cc: | Yeb Havinga <yebhavinga(at)gmail(dot)com>, PgHacker <pgsql-hackers(at)postgresql(dot)org>, Kohei KaiGai <kaigai(at)kaigai(dot)gr(dot)jp> |
| Subject: | Re: [v9.1] sepgsql - userspace access vector cache |
| Date: | 2011-08-18 16:46:17 |
| Message-ID: | CA+TgmoZCB0Oyz8qVhuYgo7AULd89iQpdN2JBCM1-7u7uWJJknQ@mail.gmail.com |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
On Thu, Jul 21, 2011 at 5:29 AM, Kohei Kaigai <Kohei(dot)Kaigai(at)emea(dot)nec(dot)com> wrote:
> The attached patch is revised userspace-avc patch.
>
> List of updates:
> - The GUC of sepgsql.avc_threshold was removed.
> - "char *ucontext" of avc_cache was replaced by "bool tcontext_is_valid".
> - Comments added onto static variables
> - Comments of sepgsql_avc_unlabeled() was revised.
> - Comments of sepgsql_avc_compute() was simplified.
> - Comments of sepgsql_avc_check_perms_label() also mention about
> permissive domain, that performs similar to system's permissive mode.
> - selinux_status_close() become invoked on on_proc_exit() hook.
I tried to give this a test drive today but got stuck. I got sepgsql
compiled OK, but look what happens when I try to start the server:
[rhaas(at)f15selinux ~]$ postgres
FATAL: could not load library
"/home/rhaas/project/lib/postgresql/sepgsql.so":
/home/rhaas/project/lib/postgresql/sepgsql.so: undefined symbol:
getpeercon_raw
This is Fedora 15, with all available updates applied.
--
Robert Haas
EnterpriseDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Robert Haas | 2011-08-18 16:48:06 | Re: Displaying accumulated autovacuum cost |
| Previous Message | Magnus Hagander | 2011-08-18 16:00:22 | Re: Displaying accumulated autovacuum cost |