On Tue, 2009-03-10 at 09:56 +0900, KaiGai Kohei wrote: > Joshua D. Drake wrote: ... > > Is there any possibility of having it be enabled at compile time? The > > default would be know but those distributions that would like to make > > use of it could? > > It was the design a half year ago, but Bruce suggested me a certain > feature should not be enabled/disabled by compile time options, > except for library/platform dependency. > > In addition, he also suggested > a feature should be turned on/off by configuration option, because of > it enables to distribute a single binary for more wider users. > > SE-PostgreSQL need the libselinux to communicate the in-kernel SELinux. > So, --enable-selinux is necessary on compile time, it is fair enough. > If we omit it, all the sepgsqlXXXX() invocations are replaced by empty > macros.
seems ok. Another option to disable it would be something similar to how we currently handle DTrace ? > If we compile it with --enable-selinux, it has two working modes > controled by a guc option: sepostgresql (bool). > If it is disabled, all the sepgsqlXXXX() invocations returns at > the head of themself without doing anything. > > I believe this behavior follows the previous suggestion. Have you been able to measure any speed difference between --enable-selinux on and off ? -- Hannu Krosing http://www.2ndQuadrant.com PostgreSQL Scalability and Availability Services, Consulting and Training -- Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-hackers
