[CentOS] postgresql copy to and selinux

Fri Jul 23 20:50:16 UTC 2010
Marcelo Roccasalva <marcelo-centos at irrigacion.gov.ar>

I need to run a "copy table to '/home/user/dir/copy.txt';" but I get
permission denied. Filesystem dir modes are ok and I get no event
logged in audit.log, but if I setenforce 0, I can do the copy. This
explains auditd silence:

# sesearch --audit |egrep postgres.*home
   dontaudit postgresql_t user_home_dir_t : dir { getattr search };
   dontaudit postgresql_t home_root_t : dir { getattr search };

I changed the "dir" type to tmpfs_t and I could write with "\copy" but
not with "copy".

Anyway, what are the best practices to allow postgresql "copy to" a
subdirectory of a home directory (without disabling selinux)? I'm
running centos 5.5.


"¿No será acaso que ésta vida moderna está teniendo más de moderna que
de vida?" (Mafalda)