| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | Jason Long <mailing(dot)list(at)supernovasoftware(dot)com> |
| Cc: | pgsql-general <pgsql-general(at)postgresql(dot)org> |
| Subject: | Re: archive command Permission Denied? |
| Date: | 2008-11-08 02:59:06 |
| Message-ID: | 29958.1226113146@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-general |
Jason Long <mailing(dot)list(at)supernovasoftware(dot)com> writes:
> I got this error
> /usr/sbin/sendmail: Permission denied
> So I guess I need to allow the use of sendmail.
> How is postgres running the command different from my doing it as the
> postgres user or cron running as the postgres user?
SELinux treats it differently: programs that are run as
network-accessible daemons get locked down to do only what the SELinux
policy says they should be able to do.
This is not unreasonable --- if someone managed to crack into your
Apache server, for instance, you'd be really glad that they weren't able
to use the breach to spam the world from your machine.
However, if you want your Postgres server able to do things not listed
in the SELinux policy for it, you'll need to adjust that policy. Or
disable SELinux ... but I don't really recommend doing that if your
machine is at all exposed to the internet.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Brent Wood | 2008-11-08 03:20:53 | Re: Specifying text to substitute for NULLs in selects |
| Previous Message | Nikolas Everett | 2008-11-08 01:49:47 | Re: options for launching sql script asynchronously from web app |