Re: [v9.1] sepgsql - userspace access vector cache
Robert Haas <robertmhaas@gmail.com>
From: Robert Haas <robertmhaas@gmail.com>
To: Kohei Kaigai <Kohei.Kaigai@emea.nec.com>
Cc: Yeb Havinga <yebhavinga@gmail.com>,
PgHacker <pgsql-hackers@postgresql.org>, Kohei KaiGai <kaigai@kaigai.gr.jp>
Date: 2011-08-18T16:46:17Z
Lists: pgsql-hackers
Commits
Same data as JSON:
GET /api/v1/messages/:b64id/commits
the thread's linked commits as JSON, with link sources.
API reference →
-
Remove the limit on the number of entries allowed in catcaches, and
- 8b9bc234ad43 8.2.0 cited
On Thu, Jul 21, 2011 at 5:29 AM, Kohei Kaigai <Kohei.Kaigai@emea.nec.com> wrote: > The attached patch is revised userspace-avc patch. > > List of updates: > - The GUC of sepgsql.avc_threshold was removed. > - "char *ucontext" of avc_cache was replaced by "bool tcontext_is_valid". > - Comments added onto static variables > - Comments of sepgsql_avc_unlabeled() was revised. > - Comments of sepgsql_avc_compute() was simplified. > - Comments of sepgsql_avc_check_perms_label() also mention about > permissive domain, that performs similar to system's permissive mode. > - selinux_status_close() become invoked on on_proc_exit() hook. I tried to give this a test drive today but got stuck. I got sepgsql compiled OK, but look what happens when I try to start the server: [rhaas@f15selinux ~]$ postgres FATAL: could not load library "/home/rhaas/project/lib/postgresql/sepgsql.so": /home/rhaas/project/lib/postgresql/sepgsql.so: undefined symbol: getpeercon_raw This is Fedora 15, with all available updates applied. -- Robert Haas EnterpriseDB: http://www.enterprisedb.com The Enterprise PostgreSQL Company