rpms/sepostgresql/devel sepostgresql-pg_dump-8.3.1-2.patch, NONE, 1.1 sepostgresql-pgace-8.3.1-2.patch, NONE, 1.1 sepostgresql-sepgsql-8.3.1-2.patch, NONE, 1.1 .cvsignore, 1.8, 1.9 sepostgresql.init, 1.17, 1.18 sepostgresql.spec, 1.18, 1.19 sepostgresql.te, 1.17, 1.18 sources, 1.5, 1.6 sepostgresql-pg_dump-8.3.0-2.patch, 1.1, NONE sepostgresql-pgace-8.3.0-2.patch, 1.3, NONE sepostgresql-sepgsql-8.3.0-2.patch, 1.3, NONE
KaiGai Kohei (kaigai)
fedora-extras-commits at redhat.com
Thu Mar 27 17:24:14 UTC 2008
Author: kaigai
Update of /cvs/pkgs/rpms/sepostgresql/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv21506
Modified Files:
.cvsignore sepostgresql.init sepostgresql.spec sepostgresql.te
sources
Added Files:
sepostgresql-pg_dump-8.3.1-2.patch
sepostgresql-pgace-8.3.1-2.patch
sepostgresql-sepgsql-8.3.1-2.patch
Removed Files:
sepostgresql-pg_dump-8.3.0-2.patch
sepostgresql-pgace-8.3.0-2.patch
sepostgresql-sepgsql-8.3.0-2.patch
Log Message:
update base PostgreSQL version 8.3.0->8.3.1
sepostgresql-pg_dump-8.3.1-2.patch:
--- NEW FILE sepostgresql-pg_dump-8.3.1-2.patch ---
diff -rpNU3 pgace/src/bin/pg_dump/pg_dump.c sepgsql/src/bin/pg_dump/pg_dump.c
--- pgace/src/bin/pg_dump/pg_dump.c 2008-02-03 01:18:48.000000000 +0900
+++ sepgsql/src/bin/pg_dump/pg_dump.c 2008-02-03 01:26:35.000000000 +0900
@@ -118,6 +118,9 @@ static int g_numNamespaces;
/* flag to turn on/off dollar quoting */
static int disable_dollar_quoting = 0;
+/* flag to tuen on/off SE-PostgreSQL support */
+#define SELINUX_SYSATTR_NAME "security_context"
+static int enable_selinux = 0;
static void help(const char *progname);
static void expand_schema_name_patterns(SimpleStringList *patterns,
@@ -267,6 +270,7 @@ main(int argc, char **argv)
{"disable-dollar-quoting", no_argument, &disable_dollar_quoting, 1},
{"disable-triggers", no_argument, &disable_triggers, 1},
{"use-set-session-authorization", no_argument, &use_setsessauth, 1},
+ {"enable-selinux", no_argument, &enable_selinux, 1},
{NULL, 0, NULL, 0}
};
@@ -419,6 +423,8 @@ main(int argc, char **argv)
disable_triggers = 1;
else if (strcmp(optarg, "use-set-session-authorization") == 0)
use_setsessauth = 1;
+ else if (strcmp(optarg, "enable-selinux") == 0)
+ enable_selinux = 1;
else
{
fprintf(stderr,
@@ -549,6 +555,24 @@ main(int argc, char **argv)
std_strings = PQparameterStatus(g_conn, "standard_conforming_strings");
g_fout->std_strings = (std_strings && strcmp(std_strings, "on") == 0);
+ if (enable_selinux) {
+ /* confirm whther server support SELinux features */
+ const char *tmp = PQparameterStatus(g_conn, "security_sysattr_name");
+
+ if (!tmp) {
+ write_msg(NULL, "could not get security_sysattr_name from libpq\n");
+ exit(1);
+ }
+ if (!!strcmp(SELINUX_SYSATTR_NAME, tmp) != 0) {
+ write_msg(NULL, "server does not have SELinux feature\n");
+ exit(1);
+ }
+ if (g_fout->remoteVersion < 80204) {
+ write_msg(NULL, "server version is too old (%u)\n", g_fout->remoteVersion);
+ exit(1);
+ }
+ }
+
/* Set the datestyle to ISO to ensure the dump's portability */
do_sql_command(g_conn, "SET DATESTYLE = ISO");
@@ -771,6 +795,7 @@ help(const char *progname)
printf(_(" --use-set-session-authorization\n"
" use SESSION AUTHORIZATION commands instead of\n"
" ALTER OWNER commands to set ownership\n"));
+ printf(_(" --enable-selinux enable to dump security context in SE-PostgreSQL\n"));
printf(_("\nConnection options:\n"));
printf(_(" -h, --host=HOSTNAME database server host or socket directory\n"));
@@ -1160,7 +1185,8 @@ dumpTableData_insert(Archive *fout, void
if (fout->remoteVersion >= 70100)
{
appendPQExpBuffer(q, "DECLARE _pg_dump_cursor CURSOR FOR "
- "SELECT * FROM ONLY %s",
+ "SELECT * %s FROM ONLY %s",
+ (!enable_selinux ? "" : "," SELINUX_SYSATTR_NAME),
fmtQualifiedId(tbinfo->dobj.namespace->dobj.name,
classname));
}
@@ -1774,11 +1800,32 @@ dumpBlobComments(Archive *AH, void *arg)
Oid blobOid;
char *comment;
+ blobOid = atooid(PQgetvalue(res, i, 0));
+
+ /* dump security context of binary large object */
+ if (enable_selinux) {
+ PGresult *__res;
+ char query[512];
+
+ snprintf(query, sizeof(query),
+ "SELECT lo_get_security(%u)", blobOid);
+ __res = PQexec(g_conn, query);
+ check_sql_result(__res, g_conn, query, PGRES_TUPLES_OK);
+
+ if (PQntuples(__res) != 1) {
+ write_msg(NULL, "lo_get_security(%u) returns %d tuples\n",
+ blobOid, PQntuples(__res));
+ exit_nicely();
+ }
+ archprintf(AH, "SELECT lo_set_security(%u, '%s');\n",
+ blobOid, PQgetvalue(__res, 0, 0));
+ PQclear(__res);
+ }
+
/* ignore blobs without comments */
if (PQgetisnull(res, i, 1))
continue;
- blobOid = atooid(PQgetvalue(res, i, 0));
comment = PQgetvalue(res, i, 1);
printfPQExpBuffer(commentcmd, "COMMENT ON LARGE OBJECT %u IS ",
@@ -2886,6 +2933,7 @@ getTables(int *numTables)
int i_owning_col;
int i_reltablespace;
int i_reloptions;
+ int i_selinux;
/* Make sure we are in proper schema */
selectSourceSchema("pg_catalog");
@@ -2926,6 +2974,7 @@ getTables(int *numTables)
"d.refobjsubid as owning_col, "
"(SELECT spcname FROM pg_tablespace t WHERE t.oid = c.reltablespace) AS reltablespace, "
"array_to_string(c.reloptions, ', ') as reloptions "
+ "%s "
"from pg_class c "
"left join pg_depend d on "
"(c.relkind = '%c' and "
@@ -2935,6 +2984,7 @@ getTables(int *numTables)
"where relkind in ('%c', '%c', '%c', '%c') "
"order by c.oid",
username_subquery,
+ (!enable_selinux ? "" : ",c." SELINUX_SYSATTR_NAME),
RELKIND_SEQUENCE,
RELKIND_RELATION, RELKIND_SEQUENCE,
RELKIND_VIEW, RELKIND_COMPOSITE_TYPE);
@@ -3101,6 +3151,7 @@ getTables(int *numTables)
i_owning_col = PQfnumber(res, "owning_col");
i_reltablespace = PQfnumber(res, "reltablespace");
i_reloptions = PQfnumber(res, "reloptions");
+ i_selinux = PQfnumber(res, SELINUX_SYSATTR_NAME);
for (i = 0; i < ntups; i++)
{
@@ -3131,6 +3182,9 @@ getTables(int *numTables)
}
tblinfo[i].reltablespace = strdup(PQgetvalue(res, i, i_reltablespace));
tblinfo[i].reloptions = strdup(PQgetvalue(res, i, i_reloptions));
+ tblinfo[i].relsecurity = NULL;
+ if (i_selinux >= 0)
+ tblinfo[i].relsecurity = strdup(PQgetvalue(res, i, i_selinux));
/* other fields were zeroed above */
@@ -4319,6 +4373,7 @@ getTableAttrs(TableInfo *tblinfo, int nu
int i_atthasdef;
int i_attisdropped;
int i_attislocal;
+ int i_attselinux;
PGresult *res;
int ntups;
bool hasdefaults;
@@ -4362,11 +4417,13 @@ getTableAttrs(TableInfo *tblinfo, int nu
appendPQExpBuffer(q, "SELECT a.attnum, a.attname, a.atttypmod, a.attstattarget, a.attstorage, t.typstorage, "
"a.attnotnull, a.atthasdef, a.attisdropped, a.attislocal, "
"pg_catalog.format_type(t.oid,a.atttypmod) as atttypname "
+ "%s " /* security context, if required */
"from pg_catalog.pg_attribute a left join pg_catalog.pg_type t "
"on a.atttypid = t.oid "
"where a.attrelid = '%u'::pg_catalog.oid "
"and a.attnum > 0::pg_catalog.int2 "
"order by a.attrelid, a.attnum",
+ (!enable_selinux ? "" : ",a." SELINUX_SYSATTR_NAME),
tbinfo->dobj.catId.oid);
}
else if (g_fout->remoteVersion >= 70100)
@@ -4415,6 +4472,7 @@ getTableAttrs(TableInfo *tblinfo, int nu
i_atthasdef = PQfnumber(res, "atthasdef");
i_attisdropped = PQfnumber(res, "attisdropped");
i_attislocal = PQfnumber(res, "attislocal");
+ i_attselinux = PQfnumber(res, SELINUX_SYSATTR_NAME);
tbinfo->numatts = ntups;
tbinfo->attnames = (char **) malloc(ntups * sizeof(char *));
@@ -4425,6 +4483,7 @@ getTableAttrs(TableInfo *tblinfo, int nu
tbinfo->typstorage = (char *) malloc(ntups * sizeof(char));
tbinfo->attisdropped = (bool *) malloc(ntups * sizeof(bool));
tbinfo->attislocal = (bool *) malloc(ntups * sizeof(bool));
+ tbinfo->attsecurity = (char **) malloc(ntups * sizeof(char *));
tbinfo->notnull = (bool *) malloc(ntups * sizeof(bool));
tbinfo->attrdefs = (AttrDefInfo **) malloc(ntups * sizeof(AttrDefInfo *));
tbinfo->inhAttrs = (bool *) malloc(ntups * sizeof(bool));
@@ -4456,6 +4515,11 @@ getTableAttrs(TableInfo *tblinfo, int nu
tbinfo->inhAttrs[j] = false;
tbinfo->inhAttrDef[j] = false;
tbinfo->inhNotNull[j] = false;
+
+ /* security attribute, if defined */
+ tbinfo->attsecurity[j] = NULL;
+ if (i_attselinux >= 0 && !PQgetisnull(res, j, i_attselinux))
+ tbinfo->attsecurity[j] = strdup(PQgetvalue(res, j, i_attselinux));
}
PQclear(res);
@@ -6428,6 +6492,7 @@ dumpFunc(Archive *fout, FuncInfo *finfo)
char *proconfig;
char *procost;
char *prorows;
+ char *proselinux = NULL;
char *lanname;
char *rettypename;
int nallargs;
@@ -6459,8 +6524,10 @@ dumpFunc(Archive *fout, FuncInfo *finfo)
"provolatile, proisstrict, prosecdef, "
"proconfig, procost, prorows, "
"(SELECT lanname FROM pg_catalog.pg_language WHERE oid = prolang) as lanname "
+ "%s " /* security context, if required */
"FROM pg_catalog.pg_proc "
"WHERE oid = '%u'::pg_catalog.oid",
+ (!enable_selinux ? "" : "," SELINUX_SYSATTR_NAME),
finfo->dobj.catId.oid);
}
else if (g_fout->remoteVersion >= 80100)
@@ -6562,6 +6629,13 @@ dumpFunc(Archive *fout, FuncInfo *finfo)
prorows = PQgetvalue(res, 0, PQfnumber(res, "prorows"));
lanname = PQgetvalue(res, 0, PQfnumber(res, "lanname"));
+ if (enable_selinux) {
+ int i_selinux = PQfnumber(res, "security_context");
+
+ if (i_selinux >= 0 && !PQgetisnull(res, 0, i_selinux))
+ proselinux = PQgetvalue(res, 0, i_selinux);
+ }
+
/*
* See backend/commands/define.c for details of how the 'AS' clause is
* used.
@@ -6698,6 +6772,9 @@ dumpFunc(Archive *fout, FuncInfo *finfo)
if (prosecdef[0] == 't')
appendPQExpBuffer(q, " SECURITY DEFINER");
+ if (proselinux)
+ appendPQExpBuffer(q, " CONTEXT = '%s'", proselinux);
+
/*
* COST and ROWS are emitted only if present and not default, so as not to
* break backwards-compatibility of the dump without need. Keep this code
@@ -8779,6 +8856,9 @@ dumpTableSchema(Archive *fout, TableInfo
if (tbinfo->notnull[j] && !tbinfo->inhNotNull[j])
appendPQExpBuffer(q, " NOT NULL");
+ if (enable_selinux && tbinfo->attsecurity[j])
+ appendPQExpBuffer(q, " CONTEXT = '%s'", tbinfo->attsecurity[j]);
+
actual_atts++;
}
}
@@ -8826,6 +8906,9 @@ dumpTableSchema(Archive *fout, TableInfo
if (tbinfo->reloptions && strlen(tbinfo->reloptions) > 0)
appendPQExpBuffer(q, "\nWITH (%s)", tbinfo->reloptions);
+ if (enable_selinux && tbinfo->relsecurity)
+ appendPQExpBuffer(q, " CONTEXT = '%s'", tbinfo->relsecurity);
+
appendPQExpBuffer(q, ";\n");
/* Loop dumping statistics and storage statements */
@@ -10243,6 +10326,12 @@ fmtCopyColumnList(const TableInfo *ti)
appendPQExpBuffer(q, "(");
needComma = false;
+
+ if (enable_selinux) {
+ appendPQExpBuffer(q, SELINUX_SYSATTR_NAME);
+ needComma = true;
+ }
+
for (i = 0; i < numatts; i++)
{
if (attisdropped[i])
diff -rpNU3 pgace/src/bin/pg_dump/pg_dump.h sepgsql/src/bin/pg_dump/pg_dump.h
--- pgace/src/bin/pg_dump/pg_dump.h 2008-01-08 01:39:49.000000000 +0900
+++ sepgsql/src/bin/pg_dump/pg_dump.h 2008-01-10 18:25:12.000000000 +0900
@@ -238,6 +238,7 @@ typedef struct _tableInfo
char relkind;
char *reltablespace; /* relation tablespace */
char *reloptions; /* options specified by WITH (...) */
+ char *relsecurity; /* security attribute of the relation */
bool hasindex; /* does it have any indexes? */
bool hasrules; /* does it have any rules? */
bool hasoids; /* does it have OIDs? */
@@ -262,6 +263,7 @@ typedef struct _tableInfo
char *typstorage; /* type storage scheme */
bool *attisdropped; /* true if attr is dropped; don't dump it */
bool *attislocal; /* true if attr has local definition */
+ char **attsecurity; /* security attribute of attribute (column) */
/*
* Note: we need to store per-attribute notnull, default, and constraint
diff -rpNU3 pgace/src/bin/pg_dump/pg_dumpall.c sepgsql/src/bin/pg_dump/pg_dumpall.c
--- pgace/src/bin/pg_dump/pg_dumpall.c 2008-01-08 01:39:49.000000000 +0900
+++ sepgsql/src/bin/pg_dump/pg_dumpall.c 2008-01-10 18:25:12.000000000 +0900
@@ -67,6 +67,10 @@ static int disable_triggers = 0;
static int use_setsessauth = 0;
static int server_version;
+/* flag to tuen on/off SE-PostgreSQL support */
+#define SELINUX_SYSATTR_NAME "security_context"
+static int enable_selinux = 0;
+
static FILE *OPF;
static char *filename = NULL;
@@ -119,6 +123,7 @@ main(int argc, char *argv[])
{"disable-dollar-quoting", no_argument, &disable_dollar_quoting, 1},
{"disable-triggers", no_argument, &disable_triggers, 1},
{"use-set-session-authorization", no_argument, &use_setsessauth, 1},
+ {"enable-selinux", no_argument, NULL, 1001},
{NULL, 0, NULL, 0}
};
@@ -290,6 +295,10 @@ main(int argc, char *argv[])
appendPQExpBuffer(pgdumpopts, " --disable-triggers");
else if (strcmp(optarg, "use-set-session-authorization") == 0)
/* no-op, still allowed for compatibility */ ;
+ else if (strcmp(optarg, "enable-selinux") == 0) {
+ appendPQExpBuffer(pgdumpopts, " --enable-selinux");
+ enable_selinux = 1;
+ }
else
{
fprintf(stderr,
@@ -300,6 +309,11 @@ main(int argc, char *argv[])
}
break;
+ case 1001:
+ appendPQExpBuffer(pgdumpopts, " --enable-selinux");
+ enable_selinux = 1;
+ break;
+
case 0:
break;
@@ -391,6 +405,24 @@ main(int argc, char *argv[])
}
}
+ if (enable_selinux) {
+ /* confirm whther server support SELinux features */
+ const char *tmp = PQparameterStatus(conn, "security_sysattr_name");
+
+ if (!tmp) {
+ fprintf(stderr, "could not get security_sysattr_name from libpq\n");
+ exit(1);
+ }
+ if (!!strcmp(SELINUX_SYSATTR_NAME, tmp) != 0) {
+ fprintf(stderr, "server does not have SELinux feature\n");
+ exit(1);
+ }
+ if (server_version < 80204) {
+ fprintf(stderr, "server version is too old (%u)\n", server_version);
+ exit(1);
+ }
+ }
+
/*
* Open the output file if required, otherwise use stdout
*/
@@ -505,6 +537,7 @@ help(void)
printf(_(" --use-set-session-authorization\n"
" use SESSION AUTHORIZATION commands instead of\n"
" OWNER TO commands\n"));
+ printf(_(" --enable-selinux enable to dump security attribute\n"));
printf(_("\nConnection options:\n"));
printf(_(" -h, --host=HOSTNAME database server host or socket directory\n"));
@@ -915,16 +948,18 @@ dumpCreateDB(PGconn *conn)
fprintf(OPF, "--\n-- Database creation\n--\n\n");
if (server_version >= 80100)
- res = executeQuery(conn,
+ appendPQExpBuffer(buf,
"SELECT datname, "
"coalesce(rolname, (select rolname from pg_authid where oid=(select datdba from pg_database where datname='template0'))), "
"pg_encoding_to_char(d.encoding), "
"datistemplate, datacl, datconnlimit, "
"(SELECT spcname FROM pg_tablespace t WHERE t.oid = d.dattablespace) AS dattablespace "
+ "%s "
"FROM pg_database d LEFT JOIN pg_authid u ON (datdba = u.oid) "
- "WHERE datallowconn ORDER BY 1");
+ "WHERE datallowconn ORDER BY 1",
+ (!enable_selinux ? "" : "d." SELINUX_SYSATTR_NAME));
else if (server_version >= 80000)
- res = executeQuery(conn,
+ appendPQExpBuffer(buf,
"SELECT datname, "
"coalesce(usename, (select usename from pg_shadow where usesysid=(select datdba from pg_database where datname='template0'))), "
"pg_encoding_to_char(d.encoding), "
@@ -933,7 +968,7 @@ dumpCreateDB(PGconn *conn)
"FROM pg_database d LEFT JOIN pg_shadow u ON (datdba = usesysid) "
"WHERE datallowconn ORDER BY 1");
else if (server_version >= 70300)
- res = executeQuery(conn,
+ appendPQExpBuffer(buf,
"SELECT datname, "
"coalesce(usename, (select usename from pg_shadow where usesysid=(select datdba from pg_database where datname='template0'))), "
"pg_encoding_to_char(d.encoding), "
@@ -942,7 +977,7 @@ dumpCreateDB(PGconn *conn)
"FROM pg_database d LEFT JOIN pg_shadow u ON (datdba = usesysid) "
"WHERE datallowconn ORDER BY 1");
else if (server_version >= 70100)
- res = executeQuery(conn,
+ appendPQExpBuffer(buf,
"SELECT datname, "
"coalesce("
"(select usename from pg_shadow where usesysid=datdba), "
@@ -958,7 +993,7 @@ dumpCreateDB(PGconn *conn)
* Note: 7.0 fails to cope with sub-select in COALESCE, so just deal
* with getting a NULL by not printing any OWNER clause.
*/
- res = executeQuery(conn,
+ appendPQExpBuffer(buf,
"SELECT datname, "
"(select usename from pg_shadow where usesysid=datdba), "
"pg_encoding_to_char(d.encoding), "
@@ -968,6 +1003,7 @@ dumpCreateDB(PGconn *conn)
"FROM pg_database d "
"ORDER BY 1");
}
+ res = executeQuery(conn, buf->data);
for (i = 0; i < PQntuples(res); i++)
{
@@ -978,6 +1014,7 @@ dumpCreateDB(PGconn *conn)
char *dbacl = PQgetvalue(res, i, 4);
char *dbconnlimit = PQgetvalue(res, i, 5);
char *dbtablespace = PQgetvalue(res, i, 6);
+ char *dbsecurity = PQgetvalue(res, i, 7);
char *fdbname;
fdbname = strdup(fmtId(dbname));
@@ -1021,6 +1058,9 @@ dumpCreateDB(PGconn *conn)
appendPQExpBuffer(buf, " CONNECTION LIMIT = %s",
dbconnlimit);
+ if (enable_selinux && dbsecurity)
+ appendPQExpBuffer(buf, " CONTEXT = '%s'", dbsecurity);
+
appendPQExpBuffer(buf, ";\n");
if (strcmp(dbistemplate, "t") == 0)
sepostgresql-pgace-8.3.1-2.patch:
--- NEW FILE sepostgresql-pgace-8.3.1-2.patch ---
diff -rpNU3 base/src/backend/Makefile pgace/src/backend/Makefile
--- base/src/backend/Makefile 2008-01-07 23:51:33.000000000 +0900
+++ pgace/src/backend/Makefile 2008-01-08 01:39:49.000000000 +0900
@@ -16,7 +16,7 @@ include $(top_builddir)/src/Makefile.glo
DIRS = access bootstrap catalog parser commands executor lib libpq \
main nodes optimizer port postmaster regex rewrite \
- storage tcop tsearch utils $(top_builddir)/src/timezone
+ security storage tcop tsearch utils $(top_builddir)/src/timezone
SUBSYSOBJS = $(DIRS:%=%/SUBSYS.o)
diff -rpNU3 base/src/backend/access/common/heaptuple.c pgace/src/backend/access/common/heaptuple.c
--- base/src/backend/access/common/heaptuple.c 2008-01-07 23:51:33.000000000 +0900
+++ pgace/src/backend/access/common/heaptuple.c 2008-01-10 12:42:25.000000000 +0900
@@ -67,6 +67,7 @@
#include "access/heapam.h"
#include "access/tuptoaster.h"
#include "executor/tuptable.h"
+#include "security/pgace.h"
/* Does att's datatype allow packing into the 1-byte-header varlena format? */
@@ -473,6 +474,9 @@ heap_attisnull(HeapTuple tup, int attnum
case MinCommandIdAttributeNumber:
case MaxTransactionIdAttributeNumber:
case MaxCommandIdAttributeNumber:
+#ifdef SECURITY_SYSATTR_NAME
+ case SecurityAttributeNumber:
+#endif
/* these are never null */
break;
@@ -785,6 +789,11 @@ heap_getsysattr(HeapTuple tup, int attnu
case TableOidAttributeNumber:
result = ObjectIdGetDatum(tup->t_tableOid);
break;
+#ifdef SECURITY_SYSATTR_NAME
+ case SecurityAttributeNumber:
+ result = ObjectIdGetDatum(HeapTupleGetSecurity(tup));
+ break;
+#endif
default:
elog(ERROR, "invalid attnum: %d", attnum);
result = 0; /* keep compiler quiet */
@@ -816,6 +825,7 @@ heap_copytuple(HeapTuple tuple)
newTuple->t_tableOid = tuple->t_tableOid;
newTuple->t_data = (HeapTupleHeader) ((char *) newTuple + HEAPTUPLESIZE);
memcpy((char *) newTuple->t_data, (char *) tuple->t_data, tuple->t_len);
+ HeapTupleSetSecurity(newTuple, HeapTupleGetSecurity(tuple));
return newTuple;
}
@@ -909,6 +919,10 @@ heap_form_tuple(TupleDesc tupleDescripto
if (tupleDescriptor->tdhasoid)
len += sizeof(Oid);
+#ifdef SECURITY_SYSATTR_NAME
+ len += sizeof(Oid);
+#endif
+
hoff = len = MAXALIGN(len); /* align user data safely */
data_len = heap_compute_data_size(tupleDescriptor, values, isnull);
@@ -940,6 +954,10 @@ heap_form_tuple(TupleDesc tupleDescripto
if (tupleDescriptor->tdhasoid) /* else leave infomask = 0 */
td->t_infomask = HEAP_HASOID;
+#ifdef SECURITY_SYSATTR_NAME
+ td->t_infomask |= HEAP_HASSECURITY;
+#endif
+
heap_fill_tuple(tupleDescriptor,
values,
isnull,
@@ -1020,6 +1038,10 @@ heap_formtuple(TupleDesc tupleDescriptor
if (tupleDescriptor->tdhasoid)
len += sizeof(Oid);
+#ifdef SECURITY_SYSATTR_NAME
+ len += sizeof(Oid);
+#endif
+
hoff = len = MAXALIGN(len); /* align user data safely */
data_len = ComputeDataSize(tupleDescriptor, values, nulls);
@@ -1051,6 +1073,10 @@ heap_formtuple(TupleDesc tupleDescriptor
if (tupleDescriptor->tdhasoid) /* else leave infomask = 0 */
td->t_infomask = HEAP_HASOID;
+#ifdef SECURITY_SYSATTR_NAME
+ td->t_infomask |= HEAP_HASSECURITY;
+#endif
+
DataFill(tupleDescriptor,
values,
nulls,
@@ -1129,6 +1155,7 @@ heap_modify_tuple(HeapTuple tuple,
newTuple->t_tableOid = tuple->t_tableOid;
if (tupleDesc->tdhasoid)
HeapTupleSetOid(newTuple, HeapTupleGetOid(tuple));
+ HeapTupleSetSecurity(newTuple, HeapTupleGetSecurity(tuple));
return newTuple;
}
@@ -1201,6 +1228,7 @@ heap_modifytuple(HeapTuple tuple,
newTuple->t_tableOid = tuple->t_tableOid;
if (tupleDesc->tdhasoid)
HeapTupleSetOid(newTuple, HeapTupleGetOid(tuple));
+ HeapTupleSetSecurity(newTuple, HeapTupleGetSecurity(tuple));
return newTuple;
}
@@ -1847,6 +1875,10 @@ heap_form_minimal_tuple(TupleDesc tupleD
if (tupleDescriptor->tdhasoid)
len += sizeof(Oid);
+#ifdef SECURITY_SYSATTR_NAME
+ len += sizeof(Oid);
+#endif
+
hoff = len = MAXALIGN(len); /* align user data safely */
data_len = heap_compute_data_size(tupleDescriptor, values, isnull);
@@ -1868,6 +1900,10 @@ heap_form_minimal_tuple(TupleDesc tupleD
if (tupleDescriptor->tdhasoid) /* else leave infomask = 0 */
tuple->t_infomask = HEAP_HASOID;
+#ifdef SECURITY_SYSATTR_NAME
+ tuple->t_infomask |= HEAP_HASSECURITY;
+#endif
+
heap_fill_tuple(tupleDescriptor,
values,
isnull,
@@ -1979,6 +2015,11 @@ heap_addheader(int natts, /* max domain
hoff = offsetof(HeapTupleHeaderData, t_bits);
if (withoid)
hoff += sizeof(Oid);
+
+#ifdef SECURITY_SYSATTR_NAME
+ hoff += sizeof(Oid);
+#endif
+
hoff = MAXALIGN(hoff);
len = hoff + structlen;
@@ -1997,6 +2038,10 @@ heap_addheader(int natts, /* max domain
if (withoid) /* else leave infomask = 0 */
td->t_infomask = HEAP_HASOID;
+#ifdef SECURITY_SYSATTR_NAME
+ td->t_infomask |= HEAP_HASSECURITY;
+#endif
+
memcpy((char *) td + hoff, structure, structlen);
return tuple;
diff -rpNU3 base/src/backend/access/heap/heapam.c pgace/src/backend/access/heap/heapam.c
--- base/src/backend/access/heap/heapam.c 2008-03-19 09:48:23.000000000 +0900
+++ pgace/src/backend/access/heap/heapam.c 2008-03-19 10:08:35.000000000 +0900
@@ -50,6 +50,7 @@
#include "catalog/namespace.h"
#include "miscadmin.h"
#include "pgstat.h"
+#include "security/pgace.h"
#include "storage/procarray.h"
#include "storage/smgr.h"
#include "utils/datum.h"
@@ -1946,6 +1947,9 @@ heap_insert(Relation relation, HeapTuple
Oid
simple_heap_insert(Relation relation, HeapTuple tup)
{
+ if (!pgaceHeapTupleInsert(relation, tup, true, false))
+ elog(ERROR, "simple_heap_insert on %s failed due to security reason",
+ RelationGetRelationName(relation));
return heap_insert(relation, tup, GetCurrentCommandId(true), true, true);
}
@@ -2227,6 +2231,9 @@ simple_heap_delete(Relation relation, It
ItemPointerData update_ctid;
TransactionId update_xmax;
+ if (!pgaceHeapTupleDelete(relation, tid, true, false))
+ elog(ERROR, "simple_heap_delete on %s failed due to security reason",
+ RelationGetRelationName(relation));
result = heap_delete(relation, tid,
&update_ctid, &update_xmax,
GetCurrentCommandId(true), InvalidSnapshot,
@@ -2870,6 +2877,9 @@ simple_heap_update(Relation relation, It
ItemPointerData update_ctid;
TransactionId update_xmax;
+ if (!pgaceHeapTupleUpdate(relation, otid, tup, true, false))
+ elog(ERROR, "simple_heap_update on %s failed due to security reason",
+ RelationGetRelationName(relation));
result = heap_update(relation, otid, tup,
&update_ctid, &update_xmax,
GetCurrentCommandId(true), InvalidSnapshot,
[...3685 lines suppressed...]
+ AT_SetSecurityLabel, /* PGACE: set security label */
} AlterTableType;
typedef struct AlterTableCmd /* one subcommand of an ALTER TABLE */
@@ -1108,6 +1111,7 @@ typedef struct CreateStmt
List *options; /* options from WITH clause */
OnCommitAction oncommit; /* what do we do at COMMIT? */
char *tablespacename; /* table space to use, or NULL */
+ Node *pgaceItem; /* PGACE: security attribute */
} CreateStmt;
/* ----------
diff -rpNU3 base/src/include/nodes/plannodes.h pgace/src/include/nodes/plannodes.h
--- base/src/include/nodes/plannodes.h 2008-01-07 23:51:33.000000000 +0900
+++ pgace/src/include/nodes/plannodes.h 2008-01-08 01:39:49.000000000 +0900
@@ -73,6 +73,8 @@ typedef struct PlannedStmt
List *relationOids; /* OIDs of relations the plan depends on */
int nParamExec; /* number of PARAM_EXEC Params used */
+
+ Node *pgaceItem; /* PGACE: an opaque item for security purpose */
} PlannedStmt;
/* macro for fetching the Plan associated with a SubPlan node */
diff -rpNU3 base/src/include/pg_config.h.in pgace/src/include/pg_config.h.in
--- base/src/include/pg_config.h.in 2008-01-28 16:06:37.000000000 +0900
+++ pgace/src/include/pg_config.h.in 2008-01-28 16:14:33.000000000 +0900
@@ -637,6 +637,9 @@
your system. */
#undef PTHREAD_CREATE_JOINABLE
+/* The name of security attribute. */
+#undef SECURITY_SYSATTR_NAME
+
/* The size of a `size_t', as computed by sizeof. */
#undef SIZEOF_SIZE_T
diff -rpNU3 base/src/include/security/pgace.h pgace/src/include/security/pgace.h
--- base/src/include/security/pgace.h 1970-01-01 09:00:00.000000000 +0900
+++ pgace/src/include/security/pgace.h 2008-02-01 20:22:14.000000000 +0900
@@ -0,0 +1,147 @@
+/*
+ * include/security/pgace.h
+ * headers for PostgreSQL Access Control Extensions (PGACE)
+ * Copyright 2007 KaiGai Kohei <kaigai at kaigai.gr.jp>
+ */
+#ifndef PGACE_H
+#define PGACE_H
+
+#include "access/htup.h"
+#include "commands/trigger.h"
+#include "executor/execdesc.h"
+#include "nodes/parsenodes.h"
+#include "utils/builtins.h"
+#include "utils/rel.h"
+
+/*
+ * SECURITY_SYSATTR_NAME is the name of system column name
+ * for security attribute, defined in pg_config.h
+ * If it is not defined, security attribute support is disabled
+ *
+ * see, src/include/pg_config.h
+ */
+
+/******************************************************************
+ * Initialize / Finalize related hooks
+ ******************************************************************/
+extern Size pgaceShmemSize(void);
+extern void pgaceInitialize(bool is_bootstrap);
+extern bool pgaceInitializePostmaster(void);
+extern void pgaceFinalizePostmaster(void);
+
+/******************************************************************
+ * SQL proxy hooks
+ ******************************************************************/
+extern List *pgaceProxyQuery(List *queryList);
+extern void pgacePortalStart(Portal portal);
+extern void pgaceExecutorStart(QueryDesc *queryDesc, int eflags);
+
+/******************************************************************
+ * HeapTuple modification hooks
+ ******************************************************************/
+extern bool pgaceHeapTupleInsert(Relation rel, HeapTuple tuple,
+ bool is_internal, bool with_returning);
+extern bool pgaceHeapTupleUpdate(Relation rel, ItemPointer otid, HeapTuple newtup,
+ bool is_internal, bool with_returning);
+extern bool pgaceHeapTupleDelete(Relation rel, ItemPointer otid,
+ bool is_internal, bool with_returning);
+
+/******************************************************************
+ * Extended SQL statement hooks
+ ******************************************************************/
+extern DefElem *pgaceGramSecurityItem(char *defname, char *value);
+extern bool pgaceIsGramSecurityItem(DefElem *defel);
+extern void pgaceGramCreateRelation(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void pgaceGramCreateAttribute(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void pgaceGramAlterRelation(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void pgaceGramAlterAttribute(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void pgaceGramCreateDatabase(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void pgaceGramAlterDatabase(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void pgaceGramCreateFunction(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void pgaceGramAlterFunction(Relation rel, HeapTuple tuple, DefElem *defel);
+
+/******************************************************************
+ * DATABASE related hooks
+ ******************************************************************/
+extern void pgaceSetDatabaseParam(const char *name, char *argstring);
+extern void pgaceGetDatabaseParam(const char *name);
+
+/******************************************************************
+ * FUNCTION related hooks
+ ******************************************************************/
+extern void pgaceCallFunction(FmgrInfo *finfo);
+extern bool pgaceCallFunctionTrigger(FmgrInfo *finfo, TriggerData *tgdata);
+extern void pgaceCallFunctionFastPath(FmgrInfo *finfo);
+extern Datum pgacePreparePlanCheck(Relation rel);
+extern void pgaceRestorePlanCheck(Relation rel, Datum pgace_saved);
+
+/******************************************************************
+ * TABLE related hooks
+ ******************************************************************/
+extern void pgaceLockTable(Oid relid);
+
+/******************************************************************
+ * COPY TO/COPY FROM statement hooks
+ ******************************************************************/
+extern void pgaceCopyTable(Relation rel, List *attNumList, bool isFrom);
+extern bool pgaceCopyToTuple(Relation rel, List *attNumList, HeapTuple tuple);
+
+/******************************************************************
+ * Loadable shared library module hooks
+ ******************************************************************/
+extern void pgaceLoadSharedModule(const char *filename);
+
+/******************************************************************
+ * Binary Large Object (BLOB) hooks
+ ******************************************************************/
+extern void pgaceLargeObjectGetSecurity(HeapTuple tuple);
+extern void pgaceLargeObjectSetSecurity(HeapTuple tuple, Oid lo_security);
+extern void pgaceLargeObjectCreate(Relation rel, HeapTuple tuple);
+extern void pgaceLargeObjectDrop(Relation rel, HeapTuple tuple);
+extern void pgaceLargeObjectRead(Relation rel, HeapTuple tuple);
+extern void pgaceLargeObjectWrite(Relation rel, HeapTuple newtup, HeapTuple oldtup);
+extern void pgaceLargeObjectTruncate(Relation rel, Oid loid, HeapTuple headtup);
+extern void pgaceLargeObjectImport(int fd);
+extern void pgaceLargeObjectExport(int fd, Oid loid);
+
+/******************************************************************
+ * Security Label hooks
+ ******************************************************************/
+extern char *pgaceSecurityLabelIn(char *seclabel);
+extern char *pgaceSecurityLabelOut(char *seclabel);
+extern char *pgaceSecurityLabelCheckValid(char *seclabel);
+extern char *pgaceSecurityLabelOfLabel(char *new_label);
+
+/******************************************************************
+ * Extended node type hooks
+ ******************************************************************/
+extern Node *pgaceCopyObject(Node *orig);
+extern bool pgaceOutObject(StringInfo str, Node *node);
+extern void *pgaceReadObject(char *token);
+
+/******************************************************************
+ * PGACE common facilities (not a hooks)
+ ******************************************************************/
+/* Security attribute system column support */
+extern bool pgaceIsSecuritySystemColumn(int attrno);
+extern void pgaceFetchSecurityAttribute(JunkFilter *junkfilter, TupleTableSlot *slot, Oid *tts_security);
+extern void pgaceTransformSelectStmt(List *targetList);
+extern void pgaceTransformInsertStmt(List **p_icolumns, List **p_attrnos, List *targetList);
+
+/* Extended SQL statements related */
+extern List *pgaceRelationAttrList(CreateStmt *stmt);
+extern void pgaceCreateRelationCommon(Relation rel, HeapTuple tuple, List *pgace_attr_list);
+extern void pgaceCreateAttributeCommon(Relation rel, HeapTuple tuple, List *pgace_attr_list);
+extern void pgaceAlterRelationCommon(Relation rel, AlterTableCmd *cmd);
+
+/* SQL functions */
+extern Datum security_label_in(PG_FUNCTION_ARGS);
+extern Datum security_label_out(PG_FUNCTION_ARGS);
+extern Datum security_label_raw_in(PG_FUNCTION_ARGS);
+extern Datum security_label_raw_out(PG_FUNCTION_ARGS);
+extern Datum text_to_security_label(PG_FUNCTION_ARGS);
+extern Datum security_label_to_text(PG_FUNCTION_ARGS);
+extern Datum lo_get_security(PG_FUNCTION_ARGS);
+extern Datum lo_set_security(PG_FUNCTION_ARGS);
+
+#endif // PGACE_H
diff -rpNU3 base/src/include/utils/syscache.h pgace/src/include/utils/syscache.h
--- base/src/include/utils/syscache.h 2008-01-07 23:51:33.000000000 +0900
+++ pgace/src/include/utils/syscache.h 2008-01-08 01:39:49.000000000 +0900
@@ -76,6 +76,8 @@
#define TSTEMPLATEOID 45
#define TYPENAMENSP 46
#define TYPEOID 47
+#define SECURITYOID 48
+#define SECURITYLABEL 49
extern void InitCatalogCache(void);
extern void InitCatalogCachePhase2(void);
sepostgresql-sepgsql-8.3.1-2.patch:
--- NEW FILE sepostgresql-sepgsql-8.3.1-2.patch ---
diff -rpNU3 pgace/configure sepgsql/configure
--- pgace/configure 2008-03-19 10:08:35.000000000 +0900
+++ sepgsql/configure 2008-03-19 10:19:23.000000000 +0900
@@ -314,7 +314,7 @@ ac_includes_default="\
# include <unistd.h>
#endif"
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS configure_args build build_cpu build_vendor build_os host host_cpu host_vendor host_os PORTNAME docdir enable_nls WANTED_LANGUAGES default_port enable_shared enable_rpath enable_debug enable_profiling DTRACE DTRACEFLAGS enable_dtrace CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CPP GCC TAS autodepend INCLUDES enable_thread_safety with_tcl with_perl with_python with_gssapi with_krb5 krb_srvtab with_pam with_ldap with_bonjour with_openssl with_ossp_uuid XML2_CONFIG with_libxml with_libxslt with_system_tzdata with_zlib EGREP ELF_SYS LDFLAGS_SL LD with_gnu_ld ld_R_works RANLIB ac_ct_RANLIB STRIP ac_ct_STRIP STRIP_STATIC_LIB STRIP_SHARE!
D_LIB TAR LN_S AWK YACC YFLAGS FLEX FLEXFLAGS PERL perl_archlibexp perl_privlibexp perl_useshrplib perl_embed_ldflags PYTHON python_version python_configdir python_includespec python_libdir python_libspec python_additional_libs OSSP_UUID_LIBS HAVE_IPV6 LIBOBJS acx_pthread_config PTHREAD_CC PTHREAD_LIBS PTHREAD_CFLAGS LDAP_LIBS_FE LDAP_LIBS_BE HAVE_POSIX_SIGNALS MSGFMT MSGMERGE XGETTEXT localedir TCLSH TCL_CONFIG_SH TCL_INCLUDE_SPEC TCL_LIB_FILE TCL_LIBS TCL_LIB_SPEC TCL_SHARED_BUILD TCL_SHLIB_LD_LIBS NSGMLS JADE have_docbook DOCBOOKSTYLE COLLATEINDEX SGMLSPL vpath_build LTLIBOBJS'
+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS configure_args build build_cpu build_vendor build_os host host_cpu host_vendor host_os PORTNAME docdir enable_nls WANTED_LANGUAGES default_port enable_shared enable_rpath enable_debug enable_profiling DTRACE DTRACEFLAGS enable_dtrace CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CPP GCC TAS autodepend INCLUDES enable_thread_safety with_tcl with_perl with_python with_gssapi with_krb5 krb_srvtab with_pam with_ldap with_bonjour with_openssl with_ossp_uuid XML2_CONFIG with_libxml with_libxslt with_system_tzdata with_zlib enable_selinux EGREP ELF_SYS LDFLAGS_SL LD with_gnu_ld ld_R_works RANLIB ac_ct_RANLIB STRIP ac_ct_STRIP STRIP_STATIC_!
LIB STRIP_SHARED_LIB TAR LN_S AWK YACC YFLAGS FLEX FLEXFLAGS PERL perl_archlibexp perl_privlibexp perl_useshrplib perl_embed_ldflags PYTHON python_version python_configdir python_includespec python_libdir python_libspec python_additional_libs OSSP_UUID_LIBS HAVE_IPV6 LIBOBJS acx_pthread_config PTHREAD_CC PTHREAD_LIBS PTHREAD_CFLAGS LDAP_LIBS_FE LDAP_LIBS_BE HAVE_POSIX_SIGNALS MSGFMT MSGMERGE XGETTEXT localedir TCLSH TCL_CONFIG_SH TCL_INCLUDE_SPEC TCL_LIB_FILE TCL_LIBS TCL_LIB_SPEC TCL_SHARED_BUILD TCL_SHLIB_LD_LIBS NSGMLS JADE have_docbook DOCBOOKSTYLE COLLATEINDEX SGMLSPL vpath_build LTLIBOBJS'
ac_subst_files=''
# Initialize some variables set by options.
@@ -871,6 +871,7 @@ Optional Features:
--enable-cassert enable assertion checks (for debugging)
--enable-thread-safety make client libraries thread-safe
--enable-thread-safety-force force thread-safety despite thread test failure
+ --enable-selinux build with NSA SELinux support
--disable-largefile omit support for large files
Optional Packages:
@@ -4619,6 +4620,118 @@ fi;
#
+# NSA SELinux support
+#
+
+pgac_args="$pgac_args enable_selinux"
+
+# Check whether --enable-selinux or --disable-selinux was given.
+if test "${enable_selinux+set}" = set; then
+ enableval="$enable_selinux"
+
+ case $enableval in
+ yes)
+ :
+ ;;
+ no)
+ :
+ ;;
+ *)
+ { { echo "$as_me:$LINENO: error: no argument expected for --enable-selinux option" >&5
+echo "$as_me: error: no argument expected for --enable-selinux option" >&2;}
+ { (exit 1); exit 1; }; }
+ ;;
+ esac
+
+else
+ enable_selinux=no
+
+fi;
+
+if test "$enable_selinux" = yes; then
+ echo "$as_me:$LINENO: checking for getpeercon in -lselinux" >&5
+echo $ECHO_N "checking for getpeercon in -lselinux... $ECHO_C" >&6
+if test "${ac_cv_lib_selinux_getpeercon+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lselinux $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char getpeercon ();
+int
+main ()
+{
+getpeercon ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_lib_selinux_getpeercon=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_lib_selinux_getpeercon=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+echo "$as_me:$LINENO: result: $ac_cv_lib_selinux_getpeercon" >&5
+echo "${ECHO_T}$ac_cv_lib_selinux_getpeercon" >&6
+if test $ac_cv_lib_selinux_getpeercon = yes; then
+ cat >>confdefs.h <<\_ACEOF
+#define SECURITY_SYSATTR_NAME "security_context"
+_ACEOF
+
+ cat >>confdefs.h <<_ACEOF
+#define HAVE_SELINUX 1
+_ACEOF
+
+
+else
+ { { echo "$as_me:$LINENO: error: \"--enable-selinux requires libselinux.\"" >&5
+echo "$as_me: error: \"--enable-selinux requires libselinux.\"" >&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+fi
+
+#
# Elf
#
@@ -26006,6 +26119,7 @@ s, at with_libxml@,$with_libxml,;t t
s, at with_libxslt@,$with_libxslt,;t t
s, at with_system_tzdata@,$with_system_tzdata,;t t
s, at with_zlib@,$with_zlib,;t t
+s, at enable_selinux@,$enable_selinux,;t t
s, at EGREP@,$EGREP,;t t
s, at ELF_SYS@,$ELF_SYS,;t t
s, at LDFLAGS_SL@,$LDFLAGS_SL,;t t
diff -rpNU3 pgace/configure.in sepgsql/configure.in
--- pgace/configure.in 2008-03-19 10:08:35.000000000 +0900
+++ sepgsql/configure.in 2008-03-19 10:19:23.000000000 +0900
@@ -626,6 +626,19 @@ PGAC_ARG_BOOL(with, zlib, yes,
AC_SUBST(with_zlib)
#
+# NSA SELinux support
+#
+PGAC_ARG_BOOL(enable, selinux, no,
+ [ --enable-selinux build with NSA SELinux support])
+if test "$enable_selinux" = yes; then
+ AC_CHECK_LIB(selinux, getpeercon,
+ AC_DEFINE(SECURITY_SYSATTR_NAME, "security_context")
+ AC_DEFINE_UNQUOTED(HAVE_SELINUX, 1)
+ AC_SUBST(enable_selinux),
+ AC_MSG_ERROR("--enable-selinux requires libselinux."))
+fi
+
+#
# Elf
#
diff -rpNU3 pgace/src/Makefile.global.in sepgsql/src/Makefile.global.in
--- pgace/src/Makefile.global.in 2007-11-18 02:56:38.000000000 +0900
+++ sepgsql/src/Makefile.global.in 2007-11-22 23:10:13.000000000 +0900
@@ -165,6 +165,7 @@ enable_rpath = @enable_rpath@
enable_nls = @enable_nls@
enable_debug = @enable_debug@
enable_dtrace = @enable_dtrace@
+enable_selinux = @enable_selinux@
enable_thread_safety = @enable_thread_safety@
python_includespec = @python_includespec@
diff -rpNU3 pgace/src/backend/Makefile sepgsql/src/backend/Makefile
--- pgace/src/backend/Makefile 2008-01-08 01:39:49.000000000 +0900
+++ sepgsql/src/backend/Makefile 2008-01-08 12:56:27.000000000 +0900
@@ -32,6 +32,11 @@ LIBS := $(filter-out -lpgport, $(LIBS))
# The backend doesn't need everything that's in LIBS, however
LIBS := $(filter-out -lz -lreadline -ledit -ltermcap -lncurses -lcurses, $(LIBS))
+# SELinux support needs to link libselinux
+ifeq ($(enable_selinux), yes)
+LIBS += -lselinux
+endif
+
##########################################################################
all: submake-libpgport postgres $(POSTGRES_IMP)
diff -rpNU3 pgace/src/backend/security/Makefile sepgsql/src/backend/security/Makefile
--- pgace/src/backend/security/Makefile 2008-03-13 23:25:01.000000000 +0900
+++ sepgsql/src/backend/security/Makefile 2008-03-13 23:37:15.000000000 +0900
[...4434 lines suppressed...]
+ break;
+
+ case SECCLASS_DB_PROCEDURE:
+ /* :p.funcid */
+ token = pg_strtok(&length);
+ token = pg_strtok(&length);
+ seitem->p.funcid = (unsigned int) strtoul(token, NULL, 10);
+ break;
+
+ default:
+ elog(ERROR, "SELinux: unexpected SEvalItem node (tclass: %d)", seitem->tclass);
+ break;
+ }
+ return (void *) seitem;
+}
+
+/* ----------------------------------------------------------
+ * special cases in foreign key constraint
+ * ---------------------------------------------------------- */
+Oid sepgsqlPreparePlanCheck(Relation rel) {
+ Oid pgace_saved = fnoid_sepgsql_tuple_perm;
+ fnoid_sepgsql_tuple_perm = F_SEPGSQL_TUPLE_PERMS_ABORT;
+ return pgace_saved;
+}
+
+void sepgsqlRestorePlanCheck(Relation rel, Oid pgace_saved) {
+ fnoid_sepgsql_tuple_perm = pgace_saved;
+}
diff -rpNU3 pgace/src/include/catalog/pg_proc.h sepgsql/src/include/catalog/pg_proc.h
--- pgace/src/include/catalog/pg_proc.h 2008-01-08 01:39:49.000000000 +0900
+++ sepgsql/src/include/catalog/pg_proc.h 2008-01-08 12:56:27.000000000 +0900
@@ -4123,6 +4123,11 @@ DATA(insert OID = 3409 ( security_label_
DATA(insert OID = 3410 ( lo_get_security PGNSP PGUID 12 1 0 f f t f v 1 3403 "26" _null_ _null_ _null_ lo_get_security - _null_ _null_ ));
DATA(insert OID = 3411 ( lo_set_security PGNSP PGUID 12 1 0 f f t f v 2 16 "26 3403" _null_ _null_ _null_ lo_set_security - _null_ _null_ ));
+/* SE-PostgreSQL related function */
+DATA(insert OID = 3420 ( sepgsql_getcon PGNSP PGUID 12 1 0 f f t f v 0 3403 "" _null_ _null_ _null_ sepgsql_getcon - _null_ _null_ ));
+DATA(insert OID = 3421 ( sepgsql_tuple_perms PGNSP PGUID 12 1 0 f f t f v 4 16 "26 3403 23 2249" _null_ _null_ _null_ sepgsql_tuple_perms - _null_ _null_ ));
+DATA(insert OID = 3422 ( sepgsql_tuple_perms_abort PGNSP PGUID 12 1 0 f f t f v 4 16 "26 3403 23 2249" _null_ _null_ _null_ sepgsql_tuple_perms_abort - _null_ _null_ ));
+
/* enum related procs */
DATA(insert OID = 3504 ( anyenum_in PGNSP PGUID 12 1 0 f f t f i 1 3500 "2275" _null_ _null_ _null_ anyenum_in - _null_ _null_ ));
DESCR("I/O");
diff -rpNU3 pgace/src/include/pg_config.h.in sepgsql/src/include/pg_config.h.in
--- pgace/src/include/pg_config.h.in 2008-01-28 16:14:33.000000000 +0900
+++ sepgsql/src/include/pg_config.h.in 2008-01-28 16:19:11.000000000 +0900
@@ -366,6 +366,9 @@
/* Define to 1 if you have the <security/pam_appl.h> header file. */
#undef HAVE_SECURITY_PAM_APPL_H
+/* Define to 1 if you enable NSA SELinux support */
+#undef HAVE_SELINUX
+
/* Define to 1 if you have the `setproctitle' function. */
#undef HAVE_SETPROCTITLE
diff -rpNU3 pgace/src/include/security/sepgsql.h sepgsql/src/include/security/sepgsql.h
--- pgace/src/include/security/sepgsql.h 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/include/security/sepgsql.h 2008-02-04 17:40:05.000000000 +0900
@@ -0,0 +1,140 @@
+#ifndef SEPGSQL_H
+#define SEPGSQL_H
+
+/* system catalogs */
+#include "catalog/pg_security.h"
+#include "lib/stringinfo.h"
+#include "nodes/nodes.h"
+#include "nodes/parsenodes.h"
+#include "storage/large_object.h"
+
+#include <selinux/selinux.h>
+#include <selinux/flask.h>
+#include <selinux/av_permissions.h>
+
+/*
+ * Permission codes of internal representation
+ */
+#define SEPGSQL_PERMS_USE (1UL << (N_ACL_RIGHTS + 0))
+#define SEPGSQL_PERMS_SELECT (1UL << (N_ACL_RIGHTS + 1))
+#define SEPGSQL_PERMS_UPDATE (1UL << (N_ACL_RIGHTS + 2))
+#define SEPGSQL_PERMS_INSERT (1UL << (N_ACL_RIGHTS + 3))
+#define SEPGSQL_PERMS_DELETE (1UL << (N_ACL_RIGHTS + 4))
+#define SEPGSQL_PERMS_RELABELFROM (1UL << (N_ACL_RIGHTS + 5))
+#define SEPGSQL_PERMS_RELABELTO (1UL << (N_ACL_RIGHTS + 6))
+#define SEPGSQL_PERMS_READ (1UL << (N_ACL_RIGHTS + 7))
+#define SEPGSQL_PERMS_WRITE (1UL << (N_ACL_RIGHTS + 8))
+#define SEPGSQL_PERMS_ALL ((SEPGSQL_PERMS_WRITE << 1) - SEPGSQL_PERMS_USE)
+
+/*
+ * The implementation of PGACE/SE-PostgreSQL hooks
+ */
+
+/* Initialize / Finalize related hooks */
+extern Size sepgsqlShmemSize(void);
+extern void sepgsqlInitialize(bool is_bootstrap);
+extern int sepgsqlInitializePostmaster(void);
+extern void sepgsqlFinalizePostmaster(void);
+
+/* SQL proxy hooks */
+extern List *sepgsqlProxyQuery(Query *query);
+extern void sepgsqlVerifyQuery(PlannedStmt *pstmt);
+
+/* HeapTuple modification hooks */
+extern bool sepgsqlHeapTupleInsert(Relation rel, HeapTuple tuple,
+ bool is_internal, bool with_returning);
+extern bool sepgsqlHeapTupleUpdate(Relation rel, ItemPointer otid, HeapTuple newtup,
+ bool is_internal, bool with_returning);
+extern bool sepgsqlHeapTupleDelete(Relation rel, ItemPointer otid,
+ bool is_internal, bool with_returning);
+
+/* Extended SQL statement hooks */
+extern DefElem *sepgsqlGramSecurityItem(char *defname, char *value);
+extern bool sepgsqlIsGramSecurityItem(DefElem *defel);
+extern void sepgsqlGramCreateRelation(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void sepgsqlGramCreateAttribute(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void sepgsqlGramAlterRelation(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void sepgsqlGramAlterAttribute(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void sepgsqlGramCreateDatabase(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void sepgsqlGramAlterDatabase(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void sepgsqlGramCreateFunction(Relation rel, HeapTuple tuple, DefElem *defel);
+extern void sepgsqlGramAlterFunction(Relation rel, HeapTuple tuple, DefElem *defel);
+
+/* DATABASE related hooks */
+extern void sepgsqlSetDatabaseParam(const char *name, char *argstring);
+extern void sepgsqlGetDatabaseParam(const char *name);
+
+/* FUNCTION related hooks */
+extern void sepgsqlCallFunction(FmgrInfo *finfo, bool with_perm_check);
+extern bool sepgsqlCallFunctionTrigger(FmgrInfo *finfo, TriggerData *tgdata);
+extern Oid sepgsqlPreparePlanCheck(Relation rel);
+extern void sepgsqlRestorePlanCheck(Relation rel, Oid pgace_saved);
+
+/* TABLE related hooks */
+extern void sepgsqlLockTable(Oid relid);
+extern bool sepgsqlAlterTable(Relation rel, AlterTableCmd *cmd);
+
+/* COPY TO/COPY FROM statement hooks */
+extern void sepgsqlCopyTable(Relation rel, List *attnumlist, bool is_from);
+extern bool sepgsqlCopyToTuple(Relation rel, List *attnumlist, HeapTuple tuple);
+
+/* Loadable shared library module hooks */
+extern void sepgsqlLoadSharedModule(const char *filename);
+
+/* Binary Large Object (BLOB) hooks */
+extern void sepgsqlLargeObjectGetSecurity(HeapTuple tuple);
+extern void sepgsqlLargeObjectSetSecurity(HeapTuple tuple, Oid lo_security);
+extern void sepgsqlLargeObjectCreate(Relation rel, HeapTuple tuple);
+extern void sepgsqlLargeObjectDrop(Relation rel, HeapTuple tuple);
+extern void sepgsqlLargeObjectRead(Relation rel, HeapTuple tuple);
+extern void sepgsqlLargeObjectWrite(Relation rel, HeapTuple newtup, HeapTuple oldtup);
+extern void sepgsqlLargeObjectTruncate(Relation rel, Oid loid, HeapTuple headtup);
+extern void sepgsqlLargeObjectImport(void);
+extern void sepgsqlLargeObjectExport(void);
+
+/* Security Label hooks */
+extern char *sepgsqlSecurityLabelIn(char *context);
+extern char *sepgsqlSecurityLabelOut(char *context);
+extern char *sepgsqlSecurityLabelCheckValid(char *context);
+extern char *sepgsqlSecurityLabelOfLabel(char *context);
+
+/* Extended node type hooks */
+extern Node *sepgsqlCopyObject(Node *node);
+extern bool sepgsqlOutObject(StringInfo str, Node *node);
+extern void *sepgsqlReadObject(char *token);
+
+/*
+ * SE-PostgreSQL core functions
+ * src/backend/security/sepgsql/core.c
+ */
+extern bool sepgsqlIsEnabled(void);
+extern Oid sepgsqlGetServerContext(void);
+extern Oid sepgsqlGetClientContext(void);
+extern void sepgsqlSetClientContext(Oid new_ctx);
+extern Oid sepgsqlGetDatabaseContext(void);
+extern char *sepgsqlGetDatabaseName(void);
+
+/* userspace access vector cache related */
+extern void sepgsql_avc_permission(Oid ssid, Oid tsid, uint16 tclass,
+ uint32 perms, char *objname);
+extern bool sepgsql_avc_permission_noabort(Oid ssid, Oid tsid, uint16 tclass,
+ uint32 perms, char *objname);
+extern Oid sepgsql_avc_createcon(Oid ssid, Oid tsid, uint16 tclass);
+extern Oid sepgsql_avc_relabelcon(Oid ssid, Oid tsid, uint16 tclass);
+
+/*
+ * SE-PostgreSQL permission evaluation related
+ * src/backend/security/sepgsql/permission.c
+ */
+extern char *sepgsqlGetTupleName(Oid relid, HeapTuple tuple, NameData *name);
+extern Oid sepgsqlComputeImplicitContext(Relation rel, HeapTuple tuple);
+extern bool sepgsqlCheckTuplePerms(Relation rel, HeapTuple tuple, HeapTuple oldtup,
+ uint32 perms, bool abort);
+/*
+ * SE-PostgreSQL SQL FUNCTIONS
+ */
+extern Datum sepgsql_getcon(PG_FUNCTION_ARGS);
+extern Datum sepgsql_tuple_perms(PG_FUNCTION_ARGS);
+extern Datum sepgsql_tuple_perms_abort(PG_FUNCTION_ARGS);
+
+#endif /* SEPGSQL_H */
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/.cvsignore,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- .cvsignore 7 Feb 2008 01:26:25 -0000 1.8
+++ .cvsignore 27 Mar 2008 17:23:38 -0000 1.9
@@ -1 +1 @@
-postgresql-8.3.0.tar.bz2
+postgresql-8.3.1.tar.bz2
Index: sepostgresql.init
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sepostgresql.init,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- sepostgresql.init 9 Mar 2008 11:48:19 -0000 1.17
+++ sepostgresql.init 27 Mar 2008 17:23:38 -0000 1.18
@@ -7,9 +7,9 @@
# pidfile: /var/run/postmaster.pid
#---------------------------------------------------------------------
-PGVERSION="8.3.0"
+PGVERSION="8.3.1"
PGMAJORVERSION=`echo "$PGVERSION" | sed 's/^\([0-9]*\.[0-9a-z]*\).*$/\1/'`
-SEPGVERSION="2.129"
+SEPGVERSION="2.179"
# source function library
. /etc/rc.d/init.d/functions
Index: sepostgresql.spec
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sepostgresql.spec,v
retrieving revision 1.18
retrieving revision 1.19
diff -u -r1.18 -r1.19
--- sepostgresql.spec 9 Mar 2008 11:48:19 -0000 1.18
+++ sepostgresql.spec 27 Mar 2008 17:23:38 -0000 1.19
@@ -12,8 +12,8 @@
Summary: Security Enhanced PostgreSQL
Name: sepostgresql
-Version: 8.3.0
-Release: 2.129%{?sepgsql_extension}%{?dist}
+Version: 8.3.1
+Release: 2.179%{?sepgsql_extension}%{?dist}
License: BSD
Group: Applications/Databases
Url: http://code.google.com/p/sepgsql/
@@ -25,9 +25,9 @@
Source4: sepostgresql.fc
Source5: sepostgresql.8
Source6: sepostgresql.logrotate
-Patch0: sepostgresql-pgace-8.3.0-2.patch
-Patch1: sepostgresql-sepgsql-8.3.0-2.patch
-Patch2: sepostgresql-pg_dump-8.3.0-2.patch
+Patch0: sepostgresql-pgace-8.3.1-2.patch
+Patch1: sepostgresql-sepgsql-8.3.1-2.patch
+Patch2: sepostgresql-pg_dump-8.3.1-2.patch
Patch3: sepostgresql-fedora-prefix.patch
BuildRequires: perl glibc-devel bison flex readline-devel zlib-devel >= 1.0.4
Buildrequires: checkpolicy libselinux-devel >= 2.0.43 selinux-policy-devel selinux-policy >= 3.0.6
Index: sepostgresql.te
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sepostgresql.te,v
retrieving revision 1.17
retrieving revision 1.18
diff -u -r1.17 -r1.18
--- sepostgresql.te 9 Mar 2008 11:48:19 -0000 1.17
+++ sepostgresql.te 27 Mar 2008 17:23:38 -0000 1.18
@@ -1,4 +1,4 @@
-policy_module(sepostgresql, 2.129)
+policy_module(sepostgresql, 2.179)
gen_require(`
class db_database all_db_database_perms;
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sources,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -r1.5 -r1.6
--- sources 7 Feb 2008 01:26:25 -0000 1.5
+++ sources 27 Mar 2008 17:23:38 -0000 1.6
@@ -1 +1 @@
-53d6816eac7442f9bc8103439ebee22e postgresql-8.3.0.tar.bz2
+a5e0ed6a85b450dc217ec71da93243a7 postgresql-8.3.1.tar.bz2
--- sepostgresql-pg_dump-8.3.0-2.patch DELETED ---
--- sepostgresql-pgace-8.3.0-2.patch DELETED ---
--- sepostgresql-sepgsql-8.3.0-2.patch DELETED ---
More information about the fedora-extras-commits
mailing list