Skip site navigation (1)
Skip section navigation (2)
Peripheral Links
Re: Spoofing as the postmaster
Greg Smith wrote: > On Sat, 29 Dec 2007, Joshua D. Drake wrote: > >> "they've" has the potential to be "we"... As I recall the individual >> made a reasonable effort to introduce the work that he was doing to the >> community. > > After a bit of hindsight research, I think SE-PostgreSQL suffered from > two timing problems combined with a cultural misperception. The first > timing issue was that those messages went out just as the 8.3 feature > freeze was going on. I know I looked at their stuff for a bit at that > point, remembered I had patches to work on, and that was it at that > point. Yes, it was lack of my understanding of PostgreSQL development process. > The second problem is that just after the first message to the > list came out, RedHat released RHEL 5.0, which did a major reworking of > SELinux that everyone could for production systems immediately. I know > all my SELinux time at that point immediately switched to working > through the major improvements RHEL5 made rather than thinking about > their project. The most of SELinux features on RHEL5.0 are based on Fedora core 6. It does not contain any SE-PostgreSQL support. We have to wait for next major release of RHEL to apply SE-PostgreSQL features on production system. If you can try out it on non-production system, Fedora 8 is the most recommendable environment. > The cultural problem is that their deliverable was a series of RPM > packages (for Fedora 7, ack). They also have a nice set of user > documentation. But you can't send a message to this hackers list asking > for feedback and hand that over as your reference. People here want > code. When I wander through the threads that died, I think this message > shows the mismatch best: > http://archives.postgresql.org/pgsql-hackers/2007-04/msg00722.php Hmm... I'll send it as a patch to discuss this feature. Please wait for we can port it into the latest postgresql tree. (Maybe, it is nonsense to discuss 8.2.x based patches.) > When Tom throws out an objection that a part of the design looks > sketchy, the only good way to respond is to throw the code out and let > him take a look. I never saw the SE-PostgreSQL group even showing diffs > of what they did; making it easy to get a fat context diff (with a bit > more context than usual) would have done wonders for their project. > You're not going to get help from this community if people have to > install a source RPM and do their own diff just to figure out what was > changed from the base. Thanks for your indications. -- OSS Platform Development Division, NEC KaiGai Kohei <kaigai(at)ak(dot)jp(dot)nec(dot)com>
In response to
- Re: Spoofing as the postmaster at 2007-12-29 23:55:04 from Greg Smith
pgsql-hackers by date
Next: From: Michael Akinde Date: 2008-01-07 09:40:23 Subject: Re: VACUUM FULL out of memory Previous: From: KaiGai Kohei Date: 2008-01-07 09:10:34 Subject: Re: Spoofing as the postmaster