Postgres Pro
Downloads
Home   >   mailing lists

Re: Adding support for SE-Linux security - Mailing list pgsql-hackers

From Bruce Momjian
Subject Re: Adding support for SE-Linux security
Date
Msg-id 200912090058.nB90wKw15505@momjian.us
Whole thread Raw
In response to Re: Adding support for SE-Linux security  (Robert Haas <robertmhaas@gmail.com>)
Responses Re: Adding support for SE-Linux security  (Magnus Hagander <magnus@hagander.net>)
List pgsql-hackers
Tree view 
Robert Haas wrote:
> Sorry.  I spent a lot of time for both CommitFest 2008-11 and
> CommitFest 2009-07 in the hopes of getting something committable, and
> I wasn't successful.  I'm just at the end of my rope.  It seems fairly
> clear that Tom isn't going to commit any piece of SE-PostgreSQL at
> all, ever.  So who's going to do it?  It doesn't make any sense to
> continue trucking along with this patch into the indefinite future if
> it has no hope of being committed.
> 
> Frankly, I think this comes down to money.  There are several
> PostgreSQL companies which employ very capable PostgreSQL committers.
> When someone is willing to pony up enough money to get those people
> interested (as, I gather, has happened with block-checksumming) then
> this will happen.  Until then, I don't believe anyone is going to
> volunteer to be responsible for a 10,000-line patch in their free
> time.  Tom is the only one crazy enough for that, and he said no.

I have offered to review/commit the patch.  I don't promise my effort
will be pretty, but I will get the job done.  I have not started yet
because I think we are still unclear if the feature is worth the
additional code maintenance.

I frankly think the patch should be thought of as the SE-Linux-specific
directory files, which KaiGai can maintain, and the other parts, which I
think I can handle.

> The next time someone submits a huge, unsolicited patch to do
> ANYTHING, we should do them a favor and tell them this up front,
> rather than a year and a half later.  Then they could have the
> appropriate conversations with the appropriate people and determine
> whether to budget for it or give up.  What has happened with this
> patch has not served KaiGai well, or improved the image of this
> community.

Yes, this has not been our finest hour.  :-(

I think the causes have been explained already:
o  early patches did not have community buy-ino  we are unclear about the size of the user communityo  we are unclear
whatthe end user will wanto  the feature is complexo  the features is in an unfamiliar problem-domain
 

--  Bruce Momjian  <bruce@momjian.us>        http://momjian.us EnterpriseDB
http://enterprisedb.com
 + If your life is a hard drive, Christ can be your backup. +

pgsql-hackers by date:

Previous
From: KaiGai Kohei
Date:
Subject: Re: Adding support for SE-Linux security
Next
From: Fujii Masao
Date:
Subject: Re: Streaming replication, some small issues