postgresql pg_dump won't run

Dr. Michael J. Chudobiak mjc at
Thu Dec 30 15:36:18 UTC 2004


I've just installed selinux on my FC3 server using the targeted policy, 
and everything went well except that I can no longer run 
/usr/bin/pg_dumpall as a root cron job for backing up postgresql 
databases. I get this sort of log message, even if I run 
pg_dump/pg_dumpall as the postgres user:

Dec 30 10:17:01 server2 kernel: audit(1104419821.285:0): avc:  denied  { 
execute_no_trans } for  pid=24740 exe=/bin/bash path=/usr/bin/pg_dump 
dev=md0 ino=346137 scontext=user_u:system_r:postgresql_t 
tcontext=system_u:object_r:postgresql_exec_t tclass=file

For now, I've disabled the postgres protection using 
system-config-security-level, and it works fine - but postgresql is 
unprotected of course.

Is there a way of running pg_dump and pg_dumpall under selinux, without 
abandoning or rewriting the targeted policy?

- Mike

More information about the fedora-selinux-list mailing list