[Bug 249522] Review Request: sepostgresql - Security-Enhanced PostgreSQL

bugzilla at redhat.com bugzilla at redhat.com
Tue Jul 31 16:12:39 UTC 2007 

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.

Summary: Review Request:  sepostgresql - Security-Enhanced PostgreSQL


https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=249522





------- Additional Comments From kaigai at kaigai.gr.jp  2007-07-31 12:12 EST -------
Thanks for your reviewing. The packages are updated based on them.
http://code.google.com/p/sepgsql/downloads/list
Spec URL: http://sepgsql.googlecode.com/files/sepostgresql.spec
SRPM URL: http://sepgsql.googlecode.com/files/sepostgresql-8.2.4-
0.407.beta.fc8.src.rpm

> (1).
> I could not build your package.
> What is selinux-policy-devel = "2.6.4-26.sepgsql.fc7"?
> It it included in fedora?
It is a modified selinux-policy package.
Several Definitions for database related object classes and access vectores are 
added. Because these definitons are currently included in the default selinux-
policy package, we also have to submit the additional definitions into the 
default selinux-policy package.

You can obtain the additional definitions from here:
http://sepgsql.googlecode.com/svn/policy/refpolicy-add-sepgsql-
definitions.fedora8.patch

> (2)
> You have to use more macros throughout spec file.
> Such as:
> sepostgresql -> %{name}
> /usr/share/selinux/devel/Makefile -> %{__datadir}/selinux/devel/Makefile
> and also /usr/sbin etc, you can replace them with macros.

Several standard paths are replaced by the macros.
/etc/rc.d/init.d -> %{_initrddir}
/usr/share -> %{_datadir}
However, I kept a part using /usr/sbin as a path of commands, like semodule,
because these are not changed when %{_prefix} of sepostgresql is over-written.
In addition, this manner follows the "Packaging SELinux Policy Modules (draft)".
  http://fedoraproject.org/wiki/PackagingDrafts/SELinux/PolicyModules

> (3)
> Your package does not include documentation.
The following line was added.
  %doc COPYRIGHT README HISTORY

SE-PostgreSQL is distributed under BSD license, as PostgreSQL.

> (4)
> I can not find download url for source files.

"Source0" got a full location to indicate full location, as follows:
Source0: ftp://ftp.postgresql.org/pub/source/v%{version}/postgresql-%
{version}.tar.gz

Thanks,

-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

More information about the Fedora-package-review mailing list