Package: postgresql-common
Version: 134wheezy4
Severity: important
Tags: patch
Dear Maintainer,
when trying to start postgresql with SELinux active
in enforcing mode the creation of a unix domain socket
in /run/postgresql fails.
The reason for this problem is that the context of
/var/run/postgresql is not restored after its new
creation in the startup script at
/usr/share/postgresql-common/init.d-functions.
As a consequence it stays labeled with var_run_t
although it has to be labeled postgresql_var_run_t.
The problem can be fixed by calling restorecon after the
creation of the directory. The implementation in the
attached patch does not affect systems with SELinux
disabled but fixes the problem on systems with active
SELinux.
-- System Information:
Debian Release: 7.3
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages postgresql-common depends on:
ii adduser 3.113+nmu3
ii debconf [debconf-2.0] 1.5.49
ii logrotate 3.8.1-4
ii lsb-base 4.1+Debian8+deb7u1
ii postgresql-client-common 134wheezy4
ii procps 1:3.3.3-3
ii ssl-cert 1.0.32
postgresql-common recommends no packages.
postgresql-common suggests no packages.
-- debconf information excluded
--- init.d-functions 2012-10-08 10:06:34.000000000 +0200
+++ init.d-functions.fixed 2014-02-04 21:18:42.314620005 +0100
@@ -53,7 +53,8 @@
if [ -d /var/run/postgresql ]; then
chmod 2775 /var/run/postgresql
else
- install -d -m 2775 -o postgres -g postgres /var/run/postgresql
+ install -d -m 2775 -o postgres -g postgres /var/run/postgresql
+ [ -x /sbin/restorecon ] && restorecon -R /var/run/postgresql
fi
do_ctl_all start "$1" "Starting PostgreSQL $1 database server"
