Dear all, For what it's worth, here a report on building MonetDB from source on a Linux FC30 system with SELinux enabled. Thanks to Sjoerd for some crucial hints in getting it to work, and Roberto for the encouragement to not give up :-) First, build as usual: ./bootstrap ./configure --disable-debug --disable-developer --disable-assert --enable-optimize make -j Now, skip the usual `make install` and build rpm packages instead - this includes a single rpm that applies (almost) all the SELinux policies MonetDB needs. (Missing ones should be reported as bugs.) make rpm Install the created rpm packages in two steps, such that all directories that need policies have indeed been created (the SELinux rpm is under the noarch tree): find rpmbuild/RPMS/`uname -m` -name \*.rpm | xargs sudo dnf --disablerepo="*" install --skip-broken -y find rpmbuild/RPMS/noarch -name \*.rpm | xargs sudo dnf --disablerepo="*" install --skip-broken -y Start the server: sudo systemctl status monetdbd You can always uninstall the rpm packages with some more shell magic (replace x86_64 by `uname -m`): find rpmbuild/RPMS -name \*.rpm | sed -e 's/.*\/\(MonetDB.\+fedora30\)\(\.x86.64\|\.noarch\)\?\.rpm/\1/g' | xargs sudo dnf --disablerepo="*" -y rm This was sufficient for my, but if you are struggling with SELinux warnings/errors, it may be useful to know the following basics: You can check assigned filecontexts using ls -alRZ /var/monetdb5 These should align with the file contexts specified in monetdb.fc: grep monetdb5 /usr/share/doc/MonetDB-selinux/monetdb.fc Subsequently install those filecontexts and apply them as follows; e.g., for `.merovingian_properties` you would do: sudo semanage fcontext -a -t monetdbd_etc_t /var/monetdb5/.merovingian_properties sudo restorecon -v /var/monetdb5/.merovingian_properties Remaining issues are the following: + `make -j rpm` does not seem to work correctly. + `MonetDB-client-test` package does not want to install with the above command due to the --disablerepo flag. + SELinux complained about access to resource `cpu` - fixed by using the suggested `audit` in the error message. Good luck, hope it saves some people time! Arjen -- ==================================================================== ICIS, office M1.02.07 Radboud University Mercator 1 Faculty of Science Toernooiveld 212 arjen@cs.ru.nl NL-6525 EC Nijmegen, The Netherlands +31-(0)24-365 2354 ===================== http://www.informagus.nl/ ====================