Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Final (we hope) fix for getting PgSQL running during builds #1507

Merged
merged 2 commits into from
Jan 16, 2025
Merged

Final (we hope) fix for getting PgSQL running during builds #1507

Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
348646c
Final (we hope) fix for getting PgSQL running during builds
mfeit-internet2 Jan 16, 2025
a16caa0
Bumping postgresql-init release
mfeit-internet2 Jan 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
30 changes: 20 additions & 10 deletions postgresql-init/unibuild-packaging/rpm/postgresql-init.spec
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ Name: postgresql-init
# Note that the dot after this is for versions of this package rather
# than the Pg relese.
Version: %{_pscheduler_postgresql_version}.1
Release: 3%{?dist}
Release: 4%{?dist}

Summary: Initializes PostgreSQL
BuildArch: noarch
Expand Down Expand Up @@ -69,18 +69,19 @@ fi

# BEGIN PSQL FIXES

# The two fixes in this section work around problems created when Red
# Hat upgraded from 13.16 to 13.18.

# TODO: Remove if the software shiped with Alma/Rocky is ever fixed.
# Red Hat changed the way PostgreSQL was packaged between 13.16 and
# 13.18. Creating /run/postgresql was passed off to systemd-tmpfiles,
# which expects a reboot before it does its thing. This means the @
# system needs to be rebooted for PostgreSQL to function, which isn't
# acceptable here because builds require a functioning database.

# Fix 1: Create run directory and set permissions

if [ ! -d "%{_rundir}/postgresql/" ]; then
echo "%{_rundir}/postgresql/ does not exist. Creating it..."
mkdir -p "%{_rundir}/postgresql/"
chown postgres:postgres "%{_rundir}/postgresql/"
chmod 755 "%{_rundir}/postgresql/"
chown -R postgres:postgres "%{_rundir}/postgresql/"
chmod -R 755 "%{_rundir}/postgresql/"
fi

# Fix 2: Install SELinux policy to allow PostgreSQL to set up its
Expand All @@ -99,14 +100,23 @@ TE="${WORK}/psql.te"
rm -f "${TE}"
cat > "${TE}" << TE_EOF
module psql 1.0;

require {
type postgresql_t;
type var_run_t;
type postgresql_t; # PostgreSQL process type
type var_run_t; # PostgreSQL database files type
class sock_file read;
class sock_file write;
class sock_file create;
class sock_file open;
class sock_file getattr;
class sock_file setattr;
class sock_file unlink;
class sock_file append;
class sock_file rename;
}

allow postgresql_t var_run_t:sock_file { create setattr };
allow postgresql_t var_run_t:sock_file { read write create open getattr setattr unlink append rename };

TE_EOF

make -f /usr/share/selinux/devel/Makefile -C "${WORK}" psql.pp
Expand Down