On a system with selinux and sepgsql configured, search path resolution appears to fail if sepgsql is in enforcing mode, but selinux is in permissive mode (which, as I understand it, should cause sepgsql to behave as if it's in permissive mode anyway - and does for other operations). Regardless of whether my understanding of the interaction of the two permissive modes is correct, I don't believe the following should happen:
mls=# SELECT current_user;
current_user
--------------
postgres
(1 row)
mls=# SHOW search_path;
search_path
-----------------
"$user", public
(1 row)
mls=# \dn+ public
List of schemas
Name | Owner | Access privileges | Description
--------+----------+----------------------+------------------------
public | postgres | postgres=UC/postgres+| standard public schema
| | =UC/postgres |
(1 row)
mls=# CREATE TABLE tb_users(uid int primary key, name text, mail text, address text, salt text, phash text);
ERROR: no schema has been selected to create in
LINE 1: CREATE TABLE tb_users(uid int primary key, name text, mail t...
^
mls=# CREATE TABLE public.tb_users(uid int primary key, name text, mail text, address text, salt text, phash text);
CREATE TABLE
mls=# drop table tb_users;
ERROR: table "tb_users" does not exist
mls=# drop table public.tb_users;
DROP TABLE
This is on head, pulled yesterday.
--
