Greg Smith wrote:
On Sat, 29 Dec 2007, Joshua D. Drake wrote:
"they've" has the potential to be "we"... As I recall the individual
made a reasonable effort to introduce the work that he was doing to the
community.
After a bit of hindsight research, I think SE-PostgreSQL suffered from
two timing problems combined with a cultural misperception. The first
timing issue was that those messages went out just as the 8.3 feature
freeze was going on. I know I looked at their stuff for a bit at that
point, remembered I had patches to work on, and that was it at that
point.
Yes, it was lack of my understanding of PostgreSQL development process.
The second problem is that just after the first message to the
list came out, RedHat released RHEL 5.0, which did a major reworking of
SELinux that everyone could for production systems immediately. I know
all my SELinux time at that point immediately switched to working
through the major improvements RHEL5 made rather than thinking about
their project.
The most of SELinux features on RHEL5.0 are based on Fedora core 6.
It does not contain any SE-PostgreSQL support.
We have to wait for next major release of RHEL to apply SE-PostgreSQL
features on production system. If you can try out it on non-production
system, Fedora 8 is the most recommendable environment.
The cultural problem is that their deliverable was a series of RPM
packages (for Fedora 7, ack). They also have a nice set of user
documentation. But you can't send a message to this hackers list asking
for feedback and hand that over as your reference. People here want
code. When I wander through the threads that died, I think this message
shows the mismatch best:
http://archives.postgresql.org/pgsql-hackers/2007-04/msg00722.php
Hmm...
I'll send it as a patch to discuss this feature.
Please wait for we can port it into the latest postgresql tree.
(Maybe, it is nonsense to discuss 8.2.x based patches.)
When Tom throws out an objection that a part of the design looks
sketchy, the only good way to respond is to throw the code out and let
him take a look. I never saw the SE-PostgreSQL group even showing diffs
of what they did; making it easy to get a fat context diff (with a bit
more context than usual) would have done wonders for their project.
You're not going to get help from this community if people have to
install a source RPM and do their own diff just to figure out what was
changed from the base.
Thanks for your indications.
--
OSS Platform Development Division, NEC
KaiGai Kohei <[EMAIL PROTECTED]>
---------------------------(end of broadcast)---------------------------
TIP 5: don't forget to increase your free space map settings
