Re: archive command Permission Denied? - Mailing list pgsql-general

From Tom Lane
Subject Re: archive command Permission Denied?
Date
Msg-id 29958.1226113146@sss.pgh.pa.us
Whole thread Raw
In response to Re: archive command Permission Denied?  (Jason Long <mailing.list@supernovasoftware.com>)
Responses Re: archive command Permission Denied?
List pgsql-general
Jason Long <mailing.list@supernovasoftware.com> writes:
> I got this error
> /usr/sbin/sendmail: Permission denied
> So I guess I need to allow the use of sendmail.

> How is postgres running the command different from my doing it as the
> postgres user or cron running as the postgres user?

SELinux treats it differently: programs that are run as
network-accessible daemons get locked down to do only what the SELinux
policy says they should be able to do.

This is not unreasonable --- if someone managed to crack into your
Apache server, for instance, you'd be really glad that they weren't able
to use the breach to spam the world from your machine.

However, if you want your Postgres server able to do things not listed
in the SELinux policy for it, you'll need to adjust that policy.  Or
disable SELinux ... but I don't really recommend doing that if your
machine is at all exposed to the internet.

            regards, tom lane

pgsql-general by date:

Previous
From: "Nikolas Everett"
Date:
Subject: Re: options for launching sql script asynchronously from web app
Next
From: "Brent Wood"
Date:
Subject: Re: Specifying text to substitute for NULLs in selects