| From: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
|---|---|
| To: | pgsql-hackers(at)postgreSQL(dot)org |
| Subject: | Recent pg_regress changes break testing under SELinux |
| Date: | 2008-01-18 19:33:27 |
| Message-ID: | 11718.1200684807@sss.pgh.pa.us |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Who decided this part of pg_regress.c was a good idea?
/* try to create the test tablespace dir if it doesn't exist */
snprintf(testtablespace, MAXPGPATH, "%s/testtablespace", abs_builddir);
if (directory_exists(testtablespace))
rmtree(testtablespace, true);
make_directory(testtablespace);
The regression test Makefile is responsible for preparing that
directory, not pg_regress. This is important because in the Postgres
RPMs, we have to be careful to appease SELinux:
# The tests command the server to write into testtablespace and results.
# On a SELinux-enabled system this will fail unless we mark those directories
# as writable by the server.
cleandirs:
-rm -rf testtablespace results
mkdir testtablespace results
[ -x /usr/bin/chcon ] && /usr/bin/chcon -u system_u -r object_r -t postgresql_db_t testtablespace results
By blowing away the directory and remaking it, pg_regress causes this
carefully-applied labeling to be lost.
As far as I can see the rmtree/make_directory thrashing is useless, and
I'm going to remove it unless a pretty good counter-argument is made.
regards, tom lane
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Tom Lane | 2008-01-18 20:59:59 | Re: proposal: generic function, constructor function |
| Previous Message | Kevin Grittner | 2008-01-18 19:08:46 | Re: testing result overview (was: 8.3 beta testing suggestions welcome) |