Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitd79a601

Browse files
committed
Improve sepgsql and SECURITY LABEL documentation.
KaiGai Kohei, based on feedback from Yeb Havinga, with somecorrections by me.
1 parent550cd07 commitd79a601

File tree

2 files changed

+32
-4
lines changed

2 files changed

+32
-4
lines changed

‎doc/src/sgml/ref/security_label.sgml

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -203,4 +203,12 @@ SECURITY LABEL FOR selinux ON TABLE mytable IS 'system_u:object_r:sepgsql_table_
203203
There is no <command>SECURITY LABEL</command> command in the SQL standard.
204204
</para>
205205
</refsect1>
206+
207+
<refsect1>
208+
<title>See Also</title>
209+
<simplelist type="inline">
210+
<member><xref linkend="sepgsql"></member>
211+
<member><xref linkend="dummy-seclabel"></member>
212+
</simplelist>
213+
</refsect1>
206214
</refentry>

‎doc/src/sgml/sepgsql.sgml

Lines changed: 24 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -96,11 +96,13 @@ Policy from config file: targeted
9696

9797
<para>
9898
The following instructions that assume your installation is under the
99-
<filename>/usr/local/pgsql</> directory. Adjust the paths shown below as
100-
appropriate for your installation.
99+
<filename>/usr/local/pgsql</> directory and the database cluster is
100+
under the <filename>/path/to/database</> directory. Adjust the paths
101+
shown below as appropriate for your installation.
101102
</para>
102103

103104
<screen>
105+
$ export PGDATA=/path/to/database
104106
$ initdb
105107
$ vi $PGDATA/postgresql.conf
106108
$ for DBNAME in template0 template1 postgres; do
@@ -113,6 +115,16 @@ $ for DBNAME in template0 template1 postgres; do
113115
If the installation process completes without error, you can now start the
114116
server normally.
115117
</para>
118+
119+
<para>
120+
Please note that you may see the following notifications depending on
121+
the combination of a particular version of <productname>libselinux</>
122+
and <productname>selinux-policy</>.
123+
<screen>
124+
/etc/selinux/targeted/contexts/sepgsql_contexts: line 33 has invalid object type db_blobs
125+
</screen>
126+
This message is harmless and may be safely ignored.
127+
</para>
116128
</sect2>
117129

118130
<sect2 id="sepgsql-regression">
@@ -124,7 +136,15 @@ $ for DBNAME in template0 template1 postgres; do
124136
</para>
125137

126138
<para>
127-
First, build and install the policy package for the regression test.
139+
First, set up <productname>sepgsql</productname> according to
140+
the <xref linkend="sepgsql-installation">. The regression test is
141+
intended to be run on a system with a working SE-Linux implementation.
142+
The current operating system user must be able to connect to the database
143+
as superuser without authentication.
144+
</para>
145+
146+
<para>
147+
Second, build and install the policy package for the regression test.
128148
The <filename>sepgsql-regtest.pp</> is a special purpose policy package
129149
which provides a set of rules to be allowed during the regression tests.
130150
It should be built from the policy source file
@@ -149,7 +169,7 @@ sepgsql-regtest 1.03
149169
</screen>
150170

151171
<para>
152-
Second, turn on <literal>sepgsql_regression_test_mode</>.
172+
Third, turn on <literal>sepgsql_regression_test_mode</>.
153173
We don't enable all the rules in the <filename>sepgsql-regtest.pp</>
154174
by default, for your system's safety.
155175
The <literal>sepgsql_regression_test_mode</literal> parameter is associated

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp