-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On 09/19/2012 04:19 PM, Dominick Grift wrote:
On Wed, 2012-09-19 at 14:10 -0600, Dmitry Makovey wrote:
On September 19, 2012 15:53:10 Daniel J Walsh wrote:
Sure although I had no idea what PITR was until I asked google.
if I may suggest in tune with some other tunables (no pun intended)
postgres_can_rsync ?
PITR, while implemented in most cases just about the same as I outlined is more of a concept and could be implemented using alternative strategies (say, no SSH involved and dumping directly to NFS share), thus mentioning specific ability "rsync" may be more descriptive.
Just my .02CDN on the subject...
Thanks, good point
-- selinux mailing list selinux@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/selinux
Sadly it looks like we already have a boolean for this in Fedora fro sepostgresql.
optional_policy(` tunable_policy(`sepgsql_enable_pitr_implementation',` corenet_tcp_connect_ssh_port(postgresql_t) rsync_exec(postgresql_t) ssh_read_user_home_files(postgresql_t) ssh_exec(postgresql_t) ') ')
Since this has nothing specific to do with sepgsql, we can change the name of the boolean.