rpms/sepostgresql/F-9 sepostgresql-pg_dump-8.3.6-2.patch, NONE, 1.1 sepostgresql-policy-8.3.6-2.patch, NONE, 1.1 sepostgresql-sepgsql-8.3.6-2.patch, NONE, 1.1 .cvsignore, 1.12, 1.13 sepostgresql.init, 1.28, 1.29 sepostgresql.spec, 1.30, 1.31 sources, 1.9, 1.10 sepostgresql-pg_dump-8.3.5-2.patch, 1.1, NONE sepostgresql-policy-8.3.5-2.patch, 1.1, NONE sepostgresql-sepgsql-8.3.5-2.patch, 1.2, NONE
KaiGai Kohei
kaigai at fedoraproject.org
Fri Feb 6 02:30:14 UTC 2009
- Previous message (by thread): rpms/fbreader/devel .cvsignore,1.10,1.11 sources,1.10,1.11
- Next message (by thread): rpms/sepostgresql/F-10 sepostgresql-pg_dump-8.3.6-2.patch, NONE, 1.1 sepostgresql-policy-8.3.6-2.patch, NONE, 1.1 sepostgresql-sepgsql-8.3.6-2.patch, NONE, 1.1 .cvsignore, 1.12, 1.13 sepostgresql.init, 1.28, 1.29 sepostgresql.spec, 1.29, 1.30 sources, 1.9, 1.10 sepostgresql-pg_dump-8.3.5-2.patch, 1.1, NONE sepostgresql-policy-8.3.5-2.patch, 1.1, NONE sepostgresql-sepgsql-8.3.5-2.patch, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: kaigai
Update of /cvs/pkgs/rpms/sepostgresql/F-9
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv30518
Modified Files:
.cvsignore sepostgresql.init sepostgresql.spec sources
Added Files:
sepostgresql-pg_dump-8.3.6-2.patch
sepostgresql-policy-8.3.6-2.patch
sepostgresql-sepgsql-8.3.6-2.patch
Removed Files:
sepostgresql-pg_dump-8.3.5-2.patch
sepostgresql-policy-8.3.5-2.patch
sepostgresql-sepgsql-8.3.5-2.patch
Log Message:
upgrade base postgresql 8.3.5->8.3.6
sepostgresql-pg_dump-8.3.6-2.patch:
--- NEW FILE sepostgresql-pg_dump-8.3.6-2.patch ---
diff -rpNU3 base/src/bin/initdb/initdb.c sepgsql/src/bin/initdb/initdb.c
--- base/src/bin/initdb/initdb.c 2008-11-05 09:57:00.000000000 +0900
+++ sepgsql/src/bin/initdb/initdb.c 2008-12-28 01:19:14.000000000 +0900
@@ -94,6 +94,7 @@ static bool debug = false;
static bool noclean = false;
static bool show_setting = false;
static char *xlog_dir = "";
+static char *pgace_feature = "none";
/* internal vars */
@@ -1212,6 +1213,11 @@ setup_config(void)
"#default_text_search_config = 'pg_catalog.simple'",
repltok);
+ snprintf(repltok, sizeof(repltok),
+ "pgace_feature = '%s'", pgace_feature);
+ conflines = replace_token(conflines,
+ "#pgace_feature = 'none'", repltok);
+
snprintf(path, sizeof(path), "%s/postgresql.conf", pg_data);
writefile(path, conflines);
@@ -2383,6 +2389,7 @@ usage(const char *progname)
printf(_(" -U, --username=NAME database superuser name\n"));
printf(_(" -W, --pwprompt prompt for a password for the new superuser\n"));
printf(_(" --pwfile=FILE read password for the new superuser from file\n"));
+ printf(_(" --pgace-feature=FEATURE specify an enhanced security feature\n"));
printf(_(" -?, --help show this help, then exit\n"));
printf(_(" -V, --version output version information, then exit\n"));
printf(_("\nLess commonly used options:\n"));
@@ -2417,6 +2424,7 @@ main(int argc, char *argv[])
{"auth", required_argument, NULL, 'A'},
{"pwprompt", no_argument, NULL, 'W'},
{"pwfile", required_argument, NULL, 9},
+ {"pgace-feature", required_argument, NULL, 10},
{"username", required_argument, NULL, 'U'},
{"help", no_argument, NULL, '?'},
{"version", no_argument, NULL, 'V'},
@@ -2531,6 +2539,9 @@ main(int argc, char *argv[])
case 9:
pwfilename = xstrdup(optarg);
break;
+ case 10:
+ pgace_feature = xstrdup(optarg);
+ break;
case 's':
show_setting = true;
break;
diff -rpNU3 base/src/bin/pg_dump/pg_ace_dump.h sepgsql/src/bin/pg_dump/pg_ace_dump.h
--- base/src/bin/pg_dump/pg_ace_dump.h 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/bin/pg_dump/pg_ace_dump.h 2008-10-14 15:38:18.000000000 +0900
@@ -0,0 +1,284 @@
+#ifndef PG_ACE_DUMP_H
+#define PG_ACE_DUMP_H
+
+#include "pg_backup.h"
+#include "pg_dump.h"
+
+#define PG_ACE_FEATURE_NOTHING 0
+#define PG_ACE_FEATURE_SELINUX 1
+
+#define SELINUX_SYSATTR_NAME "security_context"
+
+/*
+ * pg_ace_dumpCheckServerFeature
+ *
+ * This hook checks whether the server has required feature, or not.
+ */
+static inline void
+pg_ace_dumpCheckServerFeature(int feature, PGconn *conn)
+{
+ const char *serv_feature;
+
+ if (feature == PG_ACE_FEATURE_NOTHING)
+ return;
+
+ serv_feature = PQparameterStatus(conn, "pgace_security_feature");
+ if (!serv_feature)
+ {
+ fprintf(stderr, "could not get pgace_feature parameter.\n");
+ exit(1);
+ }
+
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ {
+ if (strcmp(serv_feature, "selinux") != 0)
+ {
+ fprintf(stderr, "server does not have SELinux feature\n");
+ exit(1);
+ }
+ }
+}
+
+/*
+ * pg_ace_dumpDatabaseXXXX
+ *
+ * These hooks gives a chance to inject a security system column
+ * on dumping pg_database system catalog.
+ * A modified part must have ",d.<security column>" style, and
+ * its result should be printed to buf.
+ */
+static inline const char *
+pg_ace_dumpDatabaseQuery(int feature)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ return (",d." SELINUX_SYSATTR_NAME);
+
+ return "";
+}
+
+static inline void
+pg_ace_dumpDatabasePrint(int feature, PQExpBuffer buf,
+ PGresult *res, int index)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ {
+ int i_security = PQfnumber(res, SELINUX_SYSATTR_NAME);
+ char *dbsecurity = PQgetvalue(res, index, i_security);
+
+ if (dbsecurity && dbsecurity[0] != '\0')
+ appendPQExpBuffer(buf, " SECURITY_CONTEXT = '%s'", dbsecurity);
+ }
+}
+
+/*
+ * pg_ace_dumpClassXXXX
+ *
+ * These hooks give a chance to inject a security system column
+ * on dumping pg_class system catalog. The modified part has to
+ * be formalized to ",c.<security column>" style. The result
+ * should be preserved at TableInfo->relsecurity to print later,
+ * if exist.
+ */
+static inline const char *
+pg_ace_dumpClassQuery(int feature)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ return (",c." SELINUX_SYSATTR_NAME);
+
+ return "";
+}
+
+static inline char *
+pg_ace_dumpClassPreserve(int feature, PGresult *res, int index)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ {
+ int attno = PQfnumber(res, SELINUX_SYSATTR_NAME);
+ char *relcontext;
+
+ if (attno < 0)
+ return NULL;
+
+ relcontext = PQgetvalue(res, index, attno);
+
+ if (!relcontext || relcontext[0] == '\0')
+ return NULL;
+
+ return strdup(relcontext);
+ }
+
+ return NULL;
+}
+
+static inline void
+pg_ace_dumpClassPrint(int feature, PQExpBuffer buf, TableInfo *tbinfo)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ {
+ char *relcontext = tbinfo->relsecurity;
+
+ if (relcontext)
+ appendPQExpBuffer(buf, " SECURITY_CONTEXT = '%s'", relcontext);
+
+ return;
+ }
+}
+
+/*
+ * pg_ace_dumpAttributeXXXX
+ *
+ * These hooks give a chance to inject a security system column
+ * on dumping pg_attribute system catalog. The modified part has
+ * to be formalized to ",a.<security conlumn>" style. The result
+ * should be preserved at TableInfo->attsecurity[index] to print
+ * later, if exist.
+ */
+static inline const char *
+pg_ace_dumpAttributeQuery(int feature)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ return (",a." SELINUX_SYSATTR_NAME);
+
+ return "";
+}
+
+static inline char *
+pg_ace_dumpAttributePreserve(int feature, PGresult *res, int index)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ {
+ int attno = PQfnumber(res, SELINUX_SYSATTR_NAME);
+ char *attcontext;
+
+ if (attno < 0)
+ return NULL;
+
+ attcontext = PQgetvalue(res, index, attno);
+ if (!attcontext || attcontext[0] == '\0')
+ return NULL;
+
+ return strdup(attcontext);
+ }
+
+ return NULL;
+}
+
+static inline void
+pg_ace_dumpAttributePrint(int feature, PQExpBuffer buf,
+ TableInfo *tbinfo, int index)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ {
+ char *relcontext = tbinfo->relsecurity;
+ char *attcontext = tbinfo->attsecurity[index];
+
+ if (attcontext)
+ {
+ if (relcontext && strcmp(relcontext, attcontext) == 0)
+ return;
+
+ appendPQExpBuffer(buf, " SECURITY_CONTEXT = '%s'", attcontext);
+ }
+ return;
+ }
+}
+
+/*
+ * pg_ace_dumpProcXXXX
+ *
+ * These hooks give a chance to inject a security system column
+ * on dumping pg_proc system catalog. The modified part has to be
+ * formalized to "<security conlumn>" style. The result should be
+ * printed later, if exist.
+ */
+static inline const char *
+pg_ace_dumpProcQuery(int feature)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ return ("," SELINUX_SYSATTR_NAME);
+
+ return "";
+}
+
+static inline void
+pg_ace_dumpProcPrint(int feature, PQExpBuffer buf,
+ PGresult *res, int index)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ {
+ int i_selinux = PQfnumber(res, SELINUX_SYSATTR_NAME);
+ char *prosecurity;
+
+ if (i_selinux < 0)
+ return;
+
+ prosecurity = PQgetvalue(res, index, i_selinux);
+ if (prosecurity && prosecurity[0] != '\0')
+ appendPQExpBuffer(buf, " SECURITY_CONTEXT = '%s'", prosecurity);
+ }
+}
+
+/*
+ * pg_ace_dumpTableDataQuery
+ *
+ * This hook gives a chance to inject a security attribute system column
+ * on dumping of user's table.
+ * It must have ",<security column>" style.
+ */
+static inline const char *
+pg_ace_dumpTableDataQuery(int feature)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ return ("," SELINUX_SYSATTR_NAME);
+
+ return "";
+}
+
+/*
+ * pg_ace_dumpCopyColumnList
+ *
+ * This hook gives a chance to inject a security attribute column within
+ * COPY statement. When a column is added, you have to return true. It
+ * enables to set needComma 'true', otherwise 'false'.
+ */
+static inline bool
+pg_ace_dumpCopyColumnList(int feature, PQExpBuffer buf)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ {
+ appendPQExpBuffer(buf, SELINUX_SYSATTR_NAME);
+ return true;
+ }
+
+ return false;
+}
+
+/*
+ * pg_ace_dumpBlobComments
+ *
+ * This hook gives a chance to inject a query to restore a security
+ * attribute of binary large object.
+ */
+static inline void
+pg_ace_dumpBlobComments(int feature, Archive *AH, PGconn *conn, Oid blobOid)
+{
+ if (feature == PG_ACE_FEATURE_SELINUX)
+ {
+ PGresult *res;
+ char query[256];
+
+ snprintf(query, sizeof(query),
+ "SELECT lo_get_security(%u)", blobOid);
+ res = PQexec(conn, query);
+ if (!res)
+ return;
+
+ if (PQresultStatus(res) == PGRES_TUPLES_OK && PQntuples(res) == 1)
+ archprintf(AH, "SELECT lo_set_security(%u, '%s');\n",
+ blobOid, PQgetvalue(res, 0, 0));
+
+ PQclear(res);
+ }
+}
+
+#endif
diff -rpNU3 base/src/bin/pg_dump/pg_dump.c sepgsql/src/bin/pg_dump/pg_dump.c
--- base/src/bin/pg_dump/pg_dump.c 2009-02-02 11:47:17.000000000 +0900
+++ sepgsql/src/bin/pg_dump/pg_dump.c 2009-02-02 11:58:34.000000000 +0900
@@ -50,6 +50,7 @@ int optreset;
#include "pg_backup_archiver.h"
#include "dumputils.h"
+#include "pg_ace_dump.h"
extern char *optarg;
extern int optind,
@@ -118,6 +119,8 @@ static int g_numNamespaces;
/* flag to turn on/off dollar quoting */
static int disable_dollar_quoting = 0;
+/* flag to turn on/off security attribute support */
+static int pg_ace_feature = PG_ACE_FEATURE_NOTHING;
static void help(const char *progname);
static void expand_schema_name_patterns(SimpleStringList *patterns,
@@ -267,6 +270,7 @@ main(int argc, char **argv)
{"disable-dollar-quoting", no_argument, &disable_dollar_quoting, 1},
{"disable-triggers", no_argument, &disable_triggers, 1},
{"use-set-session-authorization", no_argument, &use_setsessauth, 1},
+ {"security-context", no_argument, &pg_ace_feature, PG_ACE_FEATURE_SELINUX},
{NULL, 0, NULL, 0}
};
@@ -419,6 +423,8 @@ main(int argc, char **argv)
disable_triggers = 1;
else if (strcmp(optarg, "use-set-session-authorization") == 0)
use_setsessauth = 1;
+ else if (strcmp(optarg, "security-context") == 0)
+ pg_ace_feature = PG_ACE_FEATURE_SELINUX;
else
{
fprintf(stderr,
@@ -549,6 +555,8 @@ main(int argc, char **argv)
std_strings = PQparameterStatus(g_conn, "standard_conforming_strings");
g_fout->std_strings = (std_strings && strcmp(std_strings, "on") == 0);
+ pg_ace_dumpCheckServerFeature(pg_ace_feature, g_conn);
+
/* Set the datestyle to ISO to ensure the dump's portability */
do_sql_command(g_conn, "SET DATESTYLE = ISO");
@@ -771,6 +779,7 @@ help(const char *progname)
printf(_(" --use-set-session-authorization\n"
" use SESSION AUTHORIZATION commands instead of\n"
" ALTER OWNER commands to set ownership\n"));
+ printf(_(" --security-context enable to dump security context of SE-PostgreSQL\n"));
printf(_("\nConnection options:\n"));
printf(_(" -h, --host=HOSTNAME database server host or socket directory\n"));
@@ -1171,7 +1180,8 @@ dumpTableData_insert(Archive *fout, void
if (fout->remoteVersion >= 70100)
{
appendPQExpBuffer(q, "DECLARE _pg_dump_cursor CURSOR FOR "
- "SELECT * FROM ONLY %s",
+ "SELECT * %s FROM ONLY %s",
+ pg_ace_dumpTableDataQuery(pg_ace_feature),
fmtQualifiedId(tbinfo->dobj.namespace->dobj.name,
classname));
}
@@ -1785,11 +1795,14 @@ dumpBlobComments(Archive *AH, void *arg)
Oid blobOid;
char *comment;
+ blobOid = atooid(PQgetvalue(res, i, 0));
+
+ pg_ace_dumpBlobComments(pg_ace_feature, AH, g_conn, blobOid);
+
/* ignore blobs without comments */
if (PQgetisnull(res, i, 1))
continue;
- blobOid = atooid(PQgetvalue(res, i, 0));
comment = PQgetvalue(res, i, 1);
printfPQExpBuffer(commentcmd, "COMMENT ON LARGE OBJECT %u IS ",
@@ -2927,6 +2940,7 @@ getTables(int *numTables)
"d.refobjsubid as owning_col, "
"(SELECT spcname FROM pg_tablespace t WHERE t.oid = c.reltablespace) AS reltablespace, "
"array_to_string(c.reloptions, ', ') as reloptions "
+ "%s "
"from pg_class c "
"left join pg_depend d on "
"(c.relkind = '%c' and "
@@ -2936,6 +2950,7 @@ getTables(int *numTables)
"where relkind in ('%c', '%c', '%c', '%c') "
"order by c.oid",
username_subquery,
+ pg_ace_dumpClassQuery(pg_ace_feature),
RELKIND_SEQUENCE,
RELKIND_RELATION, RELKIND_SEQUENCE,
RELKIND_VIEW, RELKIND_COMPOSITE_TYPE);
@@ -3132,6 +3147,7 @@ getTables(int *numTables)
}
tblinfo[i].reltablespace = strdup(PQgetvalue(res, i, i_reltablespace));
tblinfo[i].reloptions = strdup(PQgetvalue(res, i, i_reloptions));
+ tblinfo[i].relsecurity = pg_ace_dumpClassPreserve(pg_ace_feature, res, i);
/* other fields were zeroed above */
@@ -4363,11 +4379,13 @@ getTableAttrs(TableInfo *tblinfo, int nu
appendPQExpBuffer(q, "SELECT a.attnum, a.attname, a.atttypmod, a.attstattarget, a.attstorage, t.typstorage, "
"a.attnotnull, a.atthasdef, a.attisdropped, a.attislocal, "
"pg_catalog.format_type(t.oid,a.atttypmod) as atttypname "
+ "%s " /* security context, if required */
"from pg_catalog.pg_attribute a left join pg_catalog.pg_type t "
"on a.atttypid = t.oid "
"where a.attrelid = '%u'::pg_catalog.oid "
"and a.attnum > 0::pg_catalog.int2 "
"order by a.attrelid, a.attnum",
+ pg_ace_dumpAttributeQuery(pg_ace_feature),
tbinfo->dobj.catId.oid);
}
else if (g_fout->remoteVersion >= 70100)
@@ -4426,6 +4444,7 @@ getTableAttrs(TableInfo *tblinfo, int nu
tbinfo->typstorage = (char *) malloc(ntups * sizeof(char));
tbinfo->attisdropped = (bool *) malloc(ntups * sizeof(bool));
tbinfo->attislocal = (bool *) malloc(ntups * sizeof(bool));
+ tbinfo->attsecurity = (char **) malloc(ntups * sizeof(char *));
tbinfo->notnull = (bool *) malloc(ntups * sizeof(bool));
tbinfo->attrdefs = (AttrDefInfo **) malloc(ntups * sizeof(AttrDefInfo *));
tbinfo->inhAttrs = (bool *) malloc(ntups * sizeof(bool));
@@ -4457,6 +4476,8 @@ getTableAttrs(TableInfo *tblinfo, int nu
tbinfo->inhAttrs[j] = false;
tbinfo->inhAttrDef[j] = false;
tbinfo->inhNotNull[j] = false;
+
+ tbinfo->attsecurity[j] = pg_ace_dumpAttributePreserve(pg_ace_feature, res, j);
}
PQclear(res);
@@ -6460,8 +6481,10 @@ dumpFunc(Archive *fout, FuncInfo *finfo)
"provolatile, proisstrict, prosecdef, "
"proconfig, procost, prorows, "
"(SELECT lanname FROM pg_catalog.pg_language WHERE oid = prolang) as lanname "
+ "%s " /* security context, if required */
"FROM pg_catalog.pg_proc "
"WHERE oid = '%u'::pg_catalog.oid",
+ pg_ace_dumpProcQuery(pg_ace_feature),
finfo->dobj.catId.oid);
}
else if (g_fout->remoteVersion >= 80100)
@@ -6699,6 +6722,8 @@ dumpFunc(Archive *fout, FuncInfo *finfo)
if (prosecdef[0] == 't')
appendPQExpBuffer(q, " SECURITY DEFINER");
+ pg_ace_dumpProcPrint(pg_ace_feature, q, res, 0);
+
/*
* COST and ROWS are emitted only if present and not default, so as not to
* break backwards-compatibility of the dump without need. Keep this code
@@ -8780,6 +8805,8 @@ dumpTableSchema(Archive *fout, TableInfo
if (tbinfo->notnull[j] && !tbinfo->inhNotNull[j])
appendPQExpBuffer(q, " NOT NULL");
+ pg_ace_dumpAttributePrint(pg_ace_feature, q, tbinfo, j);
+
actual_atts++;
}
}
@@ -8827,6 +8854,8 @@ dumpTableSchema(Archive *fout, TableInfo
if (tbinfo->reloptions && strlen(tbinfo->reloptions) > 0)
appendPQExpBuffer(q, "\nWITH (%s)", tbinfo->reloptions);
+ pg_ace_dumpClassPrint(pg_ace_feature, q, tbinfo);
+
appendPQExpBuffer(q, ";\n");
/* Loop dumping statistics and storage statements */
@@ -10244,6 +10273,10 @@ fmtCopyColumnList(const TableInfo *ti)
appendPQExpBuffer(q, "(");
needComma = false;
+
+ if (pg_ace_dumpCopyColumnList(pg_ace_feature, q))
+ needComma = true;
+
for (i = 0; i < numatts; i++)
{
if (attisdropped[i])
diff -rpNU3 base/src/bin/pg_dump/pg_dump.h sepgsql/src/bin/pg_dump/pg_dump.h
--- base/src/bin/pg_dump/pg_dump.h 2009-02-02 11:47:17.000000000 +0900
+++ sepgsql/src/bin/pg_dump/pg_dump.h 2009-02-02 11:58:34.000000000 +0900
@@ -238,6 +238,7 @@ typedef struct _tableInfo
char relkind;
char *reltablespace; /* relation tablespace */
char *reloptions; /* options specified by WITH (...) */
+ char *relsecurity; /* security attribute of the relation */
bool hasindex; /* does it have any indexes? */
bool hasrules; /* does it have any rules? */
bool hasoids; /* does it have OIDs? */
@@ -262,6 +263,7 @@ typedef struct _tableInfo
char *typstorage; /* type storage scheme */
bool *attisdropped; /* true if attr is dropped; don't dump it */
bool *attislocal; /* true if attr has local definition */
+ char **attsecurity; /* security attribute of attribute (column) */
/*
* Note: we need to store per-attribute notnull, default, and constraint
diff -rpNU3 base/src/bin/pg_dump/pg_dumpall.c sepgsql/src/bin/pg_dump/pg_dumpall.c
--- base/src/bin/pg_dump/pg_dumpall.c 2008-01-07 23:51:33.000000000 +0900
+++ sepgsql/src/bin/pg_dump/pg_dumpall.c 2008-07-11 14:10:51.000000000 +0900
@@ -27,6 +27,7 @@ int optreset;
#endif
#include "dumputils.h"
+#include "pg_ace_dump.h"
/* version string we expect back from pg_dump */
@@ -67,6 +68,9 @@ static int disable_triggers = 0;
static int use_setsessauth = 0;
static int server_version;
+/* flag to turn on/off security attribute support */
+static int pg_ace_feature = PG_ACE_FEATURE_NOTHING;
+
static FILE *OPF;
static char *filename = NULL;
@@ -119,6 +123,7 @@ main(int argc, char *argv[])
{"disable-dollar-quoting", no_argument, &disable_dollar_quoting, 1},
{"disable-triggers", no_argument, &disable_triggers, 1},
{"use-set-session-authorization", no_argument, &use_setsessauth, 1},
+ {"security-context", no_argument, &pg_ace_feature, PG_ACE_FEATURE_SELINUX},
{NULL, 0, NULL, 0}
};
@@ -290,6 +295,8 @@ main(int argc, char *argv[])
appendPQExpBuffer(pgdumpopts, " --disable-triggers");
else if (strcmp(optarg, "use-set-session-authorization") == 0)
/* no-op, still allowed for compatibility */ ;
+ else if (strcmp(optarg, "security-context") == 0)
+ pg_ace_feature = PG_ACE_FEATURE_SELINUX;
else
{
fprintf(stderr,
@@ -316,6 +323,8 @@ main(int argc, char *argv[])
appendPQExpBuffer(pgdumpopts, " --disable-triggers");
if (use_setsessauth)
appendPQExpBuffer(pgdumpopts, " --use-set-session-authorization");
+ if (pg_ace_feature == PG_ACE_FEATURE_SELINUX)
+ appendPQExpBuffer(pgdumpopts, " --security-context");
if (optind < argc)
{
@@ -391,6 +400,8 @@ main(int argc, char *argv[])
}
}
+ pg_ace_dumpCheckServerFeature(pg_ace_feature, conn);
+
/*
* Open the output file if required, otherwise use stdout
*/
@@ -505,6 +516,7 @@ help(void)
printf(_(" --use-set-session-authorization\n"
" use SESSION AUTHORIZATION commands instead of\n"
" OWNER TO commands\n"));
+ printf(_(" --security-context enables to dump security context of SE-PostgreSQL\n"));
printf(_("\nConnection options:\n"));
printf(_(" -h, --host=HOSTNAME database server host or socket directory\n"));
@@ -915,16 +927,18 @@ dumpCreateDB(PGconn *conn)
fprintf(OPF, "--\n-- Database creation\n--\n\n");
if (server_version >= 80100)
- res = executeQuery(conn,
+ appendPQExpBuffer(buf,
"SELECT datname, "
"coalesce(rolname, (select rolname from pg_authid where oid=(select datdba from pg_database where datname='template0'))), "
"pg_encoding_to_char(d.encoding), "
"datistemplate, datacl, datconnlimit, "
"(SELECT spcname FROM pg_tablespace t WHERE t.oid = d.dattablespace) AS dattablespace "
+ "%s "
"FROM pg_database d LEFT JOIN pg_authid u ON (datdba = u.oid) "
- "WHERE datallowconn ORDER BY 1");
+ "WHERE datallowconn ORDER BY 1",
+ pg_ace_dumpDatabaseQuery(pg_ace_feature));
else if (server_version >= 80000)
- res = executeQuery(conn,
+ appendPQExpBuffer(buf,
"SELECT datname, "
"coalesce(usename, (select usename from pg_shadow where usesysid=(select datdba from pg_database where datname='template0'))), "
"pg_encoding_to_char(d.encoding), "
@@ -933,7 +947,7 @@ dumpCreateDB(PGconn *conn)
"FROM pg_database d LEFT JOIN pg_shadow u ON (datdba = usesysid) "
"WHERE datallowconn ORDER BY 1");
else if (server_version >= 70300)
- res = executeQuery(conn,
+ appendPQExpBuffer(buf,
"SELECT datname, "
"coalesce(usename, (select usename from pg_shadow where usesysid=(select datdba from pg_database where datname='template0'))), "
"pg_encoding_to_char(d.encoding), "
@@ -942,7 +956,7 @@ dumpCreateDB(PGconn *conn)
"FROM pg_database d LEFT JOIN pg_shadow u ON (datdba = usesysid) "
"WHERE datallowconn ORDER BY 1");
else if (server_version >= 70100)
- res = executeQuery(conn,
+ appendPQExpBuffer(buf,
"SELECT datname, "
"coalesce("
"(select usename from pg_shadow where usesysid=datdba), "
@@ -958,7 +972,7 @@ dumpCreateDB(PGconn *conn)
* Note: 7.0 fails to cope with sub-select in COALESCE, so just deal
* with getting a NULL by not printing any OWNER clause.
*/
- res = executeQuery(conn,
+ appendPQExpBuffer(buf,
"SELECT datname, "
"(select usename from pg_shadow where usesysid=datdba), "
"pg_encoding_to_char(d.encoding), "
@@ -968,6 +982,7 @@ dumpCreateDB(PGconn *conn)
"FROM pg_database d "
"ORDER BY 1");
}
+ res = executeQuery(conn, buf->data);
for (i = 0; i < PQntuples(res); i++)
{
@@ -1021,6 +1036,8 @@ dumpCreateDB(PGconn *conn)
appendPQExpBuffer(buf, " CONNECTION LIMIT = %s",
dbconnlimit);
+ pg_ace_dumpDatabasePrint(pg_ace_feature, buf, res, i);
+
appendPQExpBuffer(buf, ";\n");
if (strcmp(dbistemplate, "t") == 0)
sepostgresql-policy-8.3.6-2.patch:
--- NEW FILE sepostgresql-policy-8.3.6-2.patch ---
diff -rpNU3 base/src/backend/security/sepgsql/policy/Makefile sepgsql/src/backend/security/sepgsql/policy/Makefile
--- base/src/backend/security/sepgsql/policy/Makefile 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/Makefile 2008-07-11 14:10:51.000000000 +0900
@@ -0,0 +1,41 @@
+#
+# contrib/sepgsql_policy/Makefile
+# Makefile of security policy module for SE-PostgreSQL
+#
+top_builddir = ../../../../..
+include $(top_builddir)/src/Makefile.global
+
+policy_basedir := /usr/share/selinux
+policy_makefile := $(policy_basedir)/devel/Makefile
+policy_types := targeted mls
+policy := $(strip $(shell $(AWK) -F= '/^SELINUXTYPE/{ print $$2 }' /etc/selinux/config))
+package_names := sepostgresql sepostgresql-devel
+prefix_ptn := "s/%%__prefix__%%/$(shell echo $(prefix)|sed 's/\//\\\//g')/g"
+bindir_ptn := "s/%%__bindir__%%/$(shell echo $(bindir)|sed 's/\//\\\//g')/g"
+libdir_ptn := "s/%%__libdir__%%/$(shell echo $(pkglibdir)|sed 's/\//\\\//g')/g"
+
+all:
+ $(foreach pkg, $(package_names), $(foreach p, $(policy_types), $(MAKE) $(MAKEOVERRIDES) policy=$(p) $(pkg).pp;))
+ $(foreach pkg, $(package_names), test -e $(pkg).pp.$(policy) && ln -sf $(pkg).pp.$(policy) $(pkg).pp;)
+
+.install-policy:
+ test -d $(DESTDIR)$(policy_basedir)/$(policy) || install -d $(DESTDIR)$(policy_basedir)/$(policy)
+ $(foreach pkg, $(package_names), install -p -m 644 $(pkg).pp.$(policy) $(DESTDIR)$(policy_basedir)/$(policy)/$(pkg).pp;)
+
+install: all
+ $(foreach p, $(policy_types), $(MAKE) $(MAKEOVERRIDES) policy=$(p) .install-policy;)
+
+%.pp: %.te %.if %.fc
+ rm -f $@
+ $(MAKE) NAME=$(policy) -f $(policy_makefile) $@
+ mv $@ $@.$(policy)
+
+sepostgresql-devel.fc: sepostgresql.fc.template
+ cat $< | grep -v ^/var | sed -e $(prefix_ptn) -e $(bindir_ptn) -e $(libdir_ptn) > $@
+
+sepostgresql.fc: sepostgresql.fc.template
+ cat $< | sed -e $(prefix_ptn) -e $(bindir_ptn) -e $(libdir_ptn) > $@
+
+clean:
+ $(MAKE) -f $(policy_makefile) clean
+ rm -f *.pp.* *.fc
diff -rpNU3 base/src/backend/security/sepgsql/policy/README sepgsql/src/backend/security/sepgsql/policy/README
--- base/src/backend/security/sepgsql/policy/README 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/README 2008-07-11 14:10:51.000000000 +0900
@@ -0,0 +1,49 @@
+The security policy module of SE-PostgreSQL
+-------------------------------------------
+
+o Introduction
+
+ We provide two kind of security policy modules.
+
+ One is "sepostgresql.pp" which contains full-set of security policy
+ and suitable for legacy base policy (selinux-policy-3.4.1, or prior).
+
+ The other is "sepostgresql-devel.pp" which provides several booleans
+ for developers, and suitable for newer base policy (selinux-policy-3.4.2,
+ or later).
+
+ In the selinux-policy-3.4.2, most part of the policy got upstreamed.
+ So, we don't need to install "sepostgresql.pp" explicitly on the newer
+ base security policy.
+
+ If you need to run regression test, or (don't) want to generate access
+ logs, install "sepostgresql-devel.pp" and turn on/off booleans.
+
+o Build & Installation
+
+ $ cd src/backend/security/sepgsql/policy
+ $ make
+ $ su
+ # /usr/sbin/semodule -i sepostgresql-devel.pp
+ or
+ # /usr/sbin/semodule -i sepostgresql.pp
+
+o Booleans
+
+- sepgsql_enable_users_ddl (default: on)
+ This boolean enables to control to execute DDL statement come from
+ confined users.
+
+- sepgsql_enable_auditallow (default: off)
+ This boolean enables to generate access allow logs except for tuple
+ level.
+
+- sepgsql_enable_auditdeny (default: on)
+ This boolean enables to generata access denied logs except for tuple
+ level.
+
+- sepgsql_regression_test_mode (default: off)
+ This boolean provides several permission to run regression test on
+ your home directory. It enables to load shared library files deployed
+ on home directory.
+ However, we don't recommend it to turn on in the operation phase.
diff -rpNU3 base/src/backend/security/sepgsql/policy/sepostgresql-devel.if sepgsql/src/backend/security/sepgsql/policy/sepostgresql-devel.if
--- base/src/backend/security/sepgsql/policy/sepostgresql-devel.if 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/sepostgresql-devel.if 2008-07-11 14:10:51.000000000 +0900
@@ -0,0 +1 @@
+## There are no interface declaration
diff -rpNU3 base/src/backend/security/sepgsql/policy/sepostgresql-devel.te sepgsql/src/backend/security/sepgsql/policy/sepostgresql-devel.te
--- base/src/backend/security/sepgsql/policy/sepostgresql-devel.te 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/sepostgresql-devel.te 2009-01-20 16:35:05.000000000 +0900
@@ -0,0 +1,120 @@
+policy_module(sepostgresql-devel, 3.23)
+
+gen_require(`
+ class db_database all_db_database_perms;
+ class db_table all_db_table_perms;
+ class db_procedure all_db_procedure_perms;
+ class db_column all_db_column_perms;
+ class db_tuple all_db_tuple_perms;
+ class db_blob all_db_blob_perms;
+
+ attribute sepgsql_client_type;
+ attribute sepgsql_unconfined_type;
+
+ attribute sepgsql_database_type;
+ attribute sepgsql_table_type;
+ attribute sepgsql_sysobj_table_type;
+ attribute sepgsql_procedure_type;
+ attribute sepgsql_blob_type;
+ attribute sepgsql_module_type;
+
+ # for regression test
+ type bin_t;
+ type user_home_t;
+ type sepgsql_trusted_proc_t;
+
+ attribute tmpfile;
+ attribute user_ptynode;
+')
+
+#################################
+#
+# Domain for Testcases
+#
+
+role sepgsql_test_r;
+
+userdom_unpriv_user_template(sepgsql_test)
+
+ifdef(`postgresql_role', `
+ postgresql_role(sepgsql_test_r, sepgsql_test_t)
+',`
+ postgresql_userdom_template(sepgsql_test, sepgsql_test_t, sepgsql_test_r)
+')
+
+allow sepgsql_test_t tmpfile : dir search_dir_perms;
+allow sepgsql_test_t tmpfile : file rw_file_perms;
+allow sepgsql_test_t user_ptynode : chr_file rw_file_perms;
+
+optional_policy(`
+ gen_require(`
+ type unconfined_t;
+ role unconfined_r;
+ ')
+ allow unconfined_t sepgsql_test_t : process transition;
+ role unconfined_r types sepgsql_test_t;
+ role unconfined_r types sepgsql_trusted_proc_t;
+')
+
+#################################
+#
+# SE-PostgreSQL Declarations
+#
+
+## <desc>
+## <p>
+## Allow to generate auditallow logs
+## </p>
+## </desc>
+gen_tunable(sepgsql_enable_auditallow, false)
+
+## <desc>
+## <p>
+## Allow to generate auditdeny logs
+## </p>
+## </desc>
+gen_tunable(sepgsql_enable_auditdeny, true)
+
+## <desc>
+## <p>
+## Allow widespread permissions for regression test
+## Don't set TRUE on operation phase
+## </p>
+## </desc>
+gen_tunable(sepgsql_regression_test_mode, false)
+
+########################################
+#
+# SE-PostgreSQL audit switch for debugging
+#
+tunable_policy(`sepgsql_enable_auditallow',`
+ auditallow domain sepgsql_database_type : db_database *;
+ auditallow domain sepgsql_table_type : db_table *;
+ auditallow domain sepgsql_table_type : db_column *;
+ auditallow domain sepgsql_table_type : db_tuple { relabelfrom relabelto };
+ auditallow domain sepgsql_procedure_type : db_procedure *;
+ auditallow domain sepgsql_blob_type : db_blob *;
+ auditallow domain sepgsql_module_type : db_database { install_module };
+ auditallow sepgsql_database_type sepgsql_module_type : db_database { load_module };
+')
+
+tunable_policy(`! sepgsql_enable_auditdeny',`
+ dontaudit domain sepgsql_database_type : db_database *;
+ dontaudit domain sepgsql_table_type : db_table *;
+ dontaudit domain sepgsql_table_type : db_column *;
+ dontaudit domain sepgsql_table_type : db_tuple { relabelfrom relabelto };
+ dontaudit domain sepgsql_procedure_type : db_procedure *;
+ dontaudit domain sepgsql_blob_type : db_blob *;
+ dontaudit domain sepgsql_module_type : db_database { install_module };
+ dontaudit sepgsql_database_type sepgsql_module_type : db_database { load_module };
+')
+
+########################################
+#
+# SE-PostgreSQL regression test mode switch
+#
+tunable_policy(`sepgsql_regression_test_mode',`
+ allow sepgsql_client_type user_home_t : db_database { install_module };
+ allow sepgsql_unconfined_type user_home_t : db_database { install_module };
+ allow sepgsql_database_type user_home_t : db_database { load_module };
+')
diff -rpNU3 base/src/backend/security/sepgsql/policy/sepostgresql.fc.template sepgsql/src/backend/security/sepgsql/policy/sepostgresql.fc.template
--- base/src/backend/security/sepgsql/policy/sepostgresql.fc.template 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/sepostgresql.fc.template 2008-07-11 14:10:51.000000000 +0900
@@ -0,0 +1,15 @@
+#
+# SE-PostgreSQL install path
+#
+%%__prefix__%%(/.*)? -- gen_context(system_u:object_r:usr_t,s0)
+
+%%__bindir__%%/(se)?postgres -- gen_context(system_u:object_r:postgresql_exec_t,s0)
+%%__bindir__%%/(se)?pg_ctl -- gen_context(system_u:object_r:initrc_exec_t,s0)
+%%__bindir__%%/initdb(\.sepgsql)? -- gen_context(system_u:object_r:postgresql_exec_t,s0)
+%%__bindir__%%(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
+
+%%__libdir__%%(/.*)? -- gen_context(system_u:object_r:lib_t,s0)
+
+/var/lib/sepgsql(/.*)? gen_context(system_u:object_r:postgresql_db_t,s0)
+/var/lib/sepgsql/pgstartup\.log gen_context(system_u:object_r:postgresql_log_t,s0)
+/var/log/sepostgresql\.log.* -- gen_context(system_u:object_r:postgresql_log_t,s0)
diff -rpNU3 base/src/backend/security/sepgsql/policy/sepostgresql.if sepgsql/src/backend/security/sepgsql/policy/sepostgresql.if
--- base/src/backend/security/sepgsql/policy/sepostgresql.if 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/sepostgresql.if 2008-07-11 17:12:06.000000000 +0900
@@ -0,0 +1,259 @@
+#######################################
+## <summary>
+## The userdomain template for the SE-PostgreSQL.
+## </summary>
+## <desc>
+## This template creates a delivered types which are used
+## for given userdomains.
+## </desc>
+## <param name="userdomain_prefix">
+## <summary>
+## The prefix of the user domain (e.g., user
+## is the prefix for user_t).
+## </summary>
+## </param>
+## <param name="user_domain">
+## <summary>
+## The type of the user domain.
+## </summary>
+## </param>
+## <param name="user_role">
+## <summary>
+## The role associated with the user domain.
+## </summary>
+## </param>
+#
+template(`sepgsql_userdom_template',`
+ gen_require(`
+ class db_database all_db_database_perms;
+ class db_table all_db_table_perms;
+ class db_procedure all_db_procedure_perms;
+ class db_column all_db_column_perms;
+ class db_tuple all_db_tuple_perms;
+ class db_blob all_db_blob_perms;
+
+ attribute sepgsql_client_type;
+ attribute sepgsql_database_type;
+ attribute sepgsql_sysobj_table_type;
+
+ type sepgsql_trusted_proc_t;
+ type sepgsql_trusted_proc_exec_t;
+ ')
+
+ ########################################
+ #
+ # Declarations
+ #
+
+ typeattribute $2 sepgsql_client_type;
+
+ type $1_sepgsql_blob_t;
+ sepgsql_blob_object($1_sepgsql_blob_t)
+
+ type $1_sepgsql_proc_exec_t;
+ sepgsql_procedure_object($1_sepgsql_proc_exec_t)
+
+ type $1_sepgsql_sysobj_t;
+ sepgsql_system_table_object($1_sepgsql_sysobj_t)
+
+ type $1_sepgsql_table_t;
+ sepgsql_table_object($1_sepgsql_table_t)
+
+ role $3 types sepgsql_trusted_proc_t;
+
+ ##############################
+ #
+ # Client local policy
+ #
+
+ tunable_policy(`sepgsql_enable_users_ddl',`
+ allow $2 $1_sepgsql_table_t : db_table { create drop };
+ type_transition $2 sepgsql_database_type:db_table $1_sepgsql_table_t;
+
+ allow $2 $1_sepgsql_table_t : db_column { create drop };
+
+ allow $2 $1_sepgsql_sysobj_t : db_tuple { update insert delete };
+ type_transition $2 sepgsql_sysobj_table_type:db_tuple $1_sepgsql_sysobj_t;
+ ')
+
+ allow $2 $1_sepgsql_table_t : db_table { getattr setattr use select update insert delete };
+ allow $2 $1_sepgsql_table_t : db_column { getattr setattr use select update insert };
+ allow $2 $1_sepgsql_table_t : db_tuple { use select update insert delete };
+ allow $2 $1_sepgsql_sysobj_t : db_tuple { use select };
+
+ allow $2 $1_sepgsql_proc_exec_t : db_procedure { create drop getattr setattr execute };
+ type_transition $2 sepgsql_database_type:db_procedure $1_sepgsql_proc_exec_t;
+
+ allow $2 $1_sepgsql_blob_t : db_blob { create drop getattr setattr read write };
+ type_transition $2 sepgsql_database_type:db_blob $1_sepgsql_blob_t;
+
+ allow $2 sepgsql_trusted_proc_t:process transition;
+ type_transition $2 sepgsql_trusted_proc_exec_t:process sepgsql_trusted_proc_t;
+')
+
+########################################
+## <summary>
+## Marks as a SE-PostgreSQL loadable shared library module
+## </summary>
+## <param name="type">
+## <summary>
+## Type marked as a database object type.
+## </summary>
+## </param>
+#
+interface(`sepgsql_loadable_module',`
+ gen_require(`
+ attribute sepgsql_module_type;
+ ')
+
+ typeattribute $1 sepgsql_module_type;
+')
+
+########################################
+## <summary>
+## Marks as a SE-PostgreSQL database object type
+## </summary>
+## <param name="type">
+## <summary>
+## Type marked as a database object type.
+## </summary>
+## </param>
+#
+interface(`sepgsql_database_object',`
+ gen_require(`
+ attribute sepgsql_database_type;
+ ')
+
+ typeattribute $1 sepgsql_database_type;
+')
+
+########################################
+## <summary>
+## Marks as a SE-PostgreSQL table/column/tuple object type
+## </summary>
+## <param name="type">
+## <summary>
+## Type marked as a table/column/tuple object type.
+## </summary>
+## </param>
+#
+interface(`sepgsql_table_object',`
+ gen_require(`
+ attribute sepgsql_table_type;
+ ')
+
+ typeattribute $1 sepgsql_table_type;
+')
+
+########################################
+## <summary>
+## Marks as a SE-PostgreSQL system table/column/tuple object type
+## </summary>
+## <param name="type">
+## <summary>
+## Type marked as a table/column/tuple object type.
+## </summary>
+## </param>
+#
+interface(`sepgsql_system_table_object',`
+ gen_require(`
+ attribute sepgsql_table_type;
+ attribute sepgsql_sysobj_table_type;
+ ')
+
+ typeattribute $1 sepgsql_table_type;
+ typeattribute $1 sepgsql_sysobj_table_type;
+')
+
+########################################
+## <summary>
+## Marks as a SE-PostgreSQL procedure object type
+## </summary>
+## <param name="type">
+## <summary>
+## Type marked as a database object type.
+## </summary>
+## </param>
+#
+interface(`sepgsql_procedure_object',`
+ gen_require(`
+ attribute sepgsql_procedure_type;
+ ')
+
+ typeattribute $1 sepgsql_procedure_type;
+')
+
+########################################
+## <summary>
+## Marks as a SE-PostgreSQL binary large object type
+## </summary>
+## <param name="type">
+## <summary>
+## Type marked as a database binary large object type.
+## </summary>
+## </param>
+#
+interface(`sepgsql_blob_object',`
+ gen_require(`
+ attribute sepgsql_blob_type;
+ ')
+
+ typeattribute $1 sepgsql_blob_type;
+')
+
+########################################
+## <summary>
+## Allow the specified domain unprivileged accesses to unifined database objects
+## managed by SE-PostgreSQL,
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`sepgsql_unpriv_client',`
+ gen_require(`
+ class db_table all_db_table_perms;
+ class db_procedure all_db_procedure_perms;
+ class db_blob all_db_blob_perms;
+
+ attribute sepgsql_client_type;
+ attribute sepgsql_database_type;
+
+ type sepgsql_table_t;
+ type sepgsql_proc_t;
+ type sepgsql_blob_t;
+
+ type sepgsql_trusted_proc_t;
+ type sepgsql_trusted_proc_exec_t;
+ ')
+
+ typeattribute $1 sepgsql_client_type;
+
+ type_transition $1 sepgsql_database_type:db_table sepgsql_table_t;
+ type_transition $1 sepgsql_database_type:db_procedure sepgsql_proc_t;
+ type_transition $1 sepgsql_database_type:db_blob sepgsql_blob_t;
+
+ type_transition $1 sepgsql_trusted_proc_exec_t:process sepgsql_trusted_proc_t;
+ allow $1 sepgsql_trusted_proc_t:process transition;
+')
+
+########################################
+## <summary>
+## Allow the specified domain unconfined accesses to any database objects
+## managed by SE-PostgreSQL,
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`sepgsql_unconfined',`
+ gen_require(`
+ attribute sepgsql_unconfined_type;
+ ')
+
+ typeattribute $1 sepgsql_unconfined_type;
+')
diff -rpNU3 base/src/backend/security/sepgsql/policy/sepostgresql.te sepgsql/src/backend/security/sepgsql/policy/sepostgresql.te
--- base/src/backend/security/sepgsql/policy/sepostgresql.te 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/sepostgresql.te 2008-07-11 17:12:06.000000000 +0900
@@ -0,0 +1,308 @@
+policy_module(sepostgresql, 3.11)
+
+gen_require(`
+ class db_database all_db_database_perms;
+ class db_table all_db_table_perms;
+ class db_procedure all_db_procedure_perms;
+ class db_column all_db_column_perms;
+ class db_tuple all_db_tuple_perms;
+ class db_blob all_db_blob_perms;
+
+ attribute domain, home_type;
+ type postgresql_t, unlabeled_t;
+
+ role system_r;
+')
+
+#################################
+#
+# SE-PostgreSQL Declarations
+#
+
+## <desc>
+## <p>
+## Allow to generate auditallow logs
+## </p>
+## </desc>
+gen_tunable(sepgsql_enable_auditallow, false)
+
+## <desc>
+## <p>
+## Allow to generate auditdeny logs
+## </p>
+## </desc>
+gen_tunable(sepgsql_enable_auditdeny, true)
+
+## <desc>
+## <p>
+## Allow unprivileged users to execute DDL statement
+## </p>
+## </desc>
+gen_tunable(sepgsql_enable_users_ddl, true)
+
+## <desc>
+## <p>
+## Allow widespread permissions for regression test
+## Don't set TRUE on operation phase
+## </p>
+## </desc>
+gen_tunable(sepgsql_regression_test_mode, false)
+
+# database clients attribute
+attribute sepgsql_client_type;
+attribute sepgsql_unconfined_type;
+
+# database objects attribute
+attribute sepgsql_database_type;
+attribute sepgsql_table_type;
+attribute sepgsql_sysobj_table_type;
+attribute sepgsql_procedure_type;
+attribute sepgsql_blob_type;
+attribute sepgsql_module_type;
+
+# database object types
+type sepgsql_blob_t;
+sepgsql_blob_object(sepgsql_blob_t)
+
+type sepgsql_db_t;
+sepgsql_database_object(sepgsql_db_t)
+
+type sepgsql_fixed_table_t;
+sepgsql_table_object(sepgsql_fixed_table_t)
+
+type sepgsql_proc_t;
+sepgsql_procedure_object(sepgsql_proc_t)
+
+type sepgsql_ro_blob_t;
+sepgsql_blob_object(sepgsql_ro_blob_t)
+
+type sepgsql_ro_table_t;
+sepgsql_table_object(sepgsql_ro_table_t)
+
+type sepgsql_secret_blob_t;
+sepgsql_blob_object(sepgsql_secret_blob_t)
+
+type sepgsql_secret_table_t;
+sepgsql_table_object(sepgsql_secret_table_t)
+
+type sepgsql_sysobj_t;
+sepgsql_system_table_object(sepgsql_sysobj_t)
+
+type sepgsql_table_t;
+sepgsql_table_object(sepgsql_table_t)
+
+type sepgsql_trusted_proc_exec_t;
+sepgsql_procedure_object(sepgsql_trusted_proc_exec_t)
+
+# Trusted Procedure Domain
+type sepgsql_trusted_proc_t;
+domain_type(sepgsql_trusted_proc_t)
+sepgsql_unconfined(sepgsql_trusted_proc_t)
+role system_r types sepgsql_trusted_proc_t;
+
+########################################
+#
+# SE-PostgreSQL Local Policy
+#
+allow postgresql_t self:netlink_selinux_socket create_socket_perms;
+selinux_get_enforce_mode(postgresql_t)
+selinux_validate_context(postgresql_t)
+selinux_compute_access_vector(postgresql_t)
+selinux_compute_create_context(postgresql_t)
+selinux_compute_relabel_context(postgresql_t)
+seutil_libselinux_linked(postgresql_t)
+
+allow postgresql_t sepgsql_database_type:db_database *;
+type_transition postgresql_t postgresql_t:db_database sepgsql_db_t;
+
+allow postgresql_t sepgsql_module_type:db_database install_module;
+allow postgresql_t sepgsql_table_type:{ db_table db_column db_tuple } *;
+allow postgresql_t sepgsql_procedure_type:db_procedure *;
+allow postgresql_t sepgsql_blob_type:db_blob *;
+
+# server specific type transitions
+type_transition postgresql_t sepgsql_database_type:db_table sepgsql_sysobj_t;
+type_transition postgresql_t sepgsql_database_type:db_procedure sepgsql_proc_t;
+type_transition postgresql_t sepgsql_database_type:db_blob sepgsql_blob_t;
+
+# Database/Loadable module
+allow sepgsql_database_type sepgsql_module_type:db_database load_module;
+
+########################################
+#
+# Rules common to all clients
+#
+
+# Client domain constraint
+allow sepgsql_client_type sepgsql_db_t:db_database { getattr access get_param set_param };
+type_transition sepgsql_client_type sepgsql_client_type:db_database sepgsql_db_t;
+
+allow sepgsql_client_type sepgsql_fixed_table_t:db_table { getattr use select insert };
+allow sepgsql_client_type sepgsql_fixed_table_t:db_column { getattr use select insert };
+allow sepgsql_client_type sepgsql_fixed_table_t:db_tuple { use select insert };
+
+allow sepgsql_client_type sepgsql_table_t:db_table { getattr use select update insert delete };
+allow sepgsql_client_type sepgsql_table_t:db_column { getattr use select update insert };
+allow sepgsql_client_type sepgsql_table_t:db_tuple { use select update insert delete };
+
+allow sepgsql_client_type sepgsql_ro_table_t:db_table { getattr use select };
+allow sepgsql_client_type sepgsql_ro_table_t:db_column { getattr use select };
+allow sepgsql_client_type sepgsql_ro_table_t:db_tuple { use select };
+
+allow sepgsql_client_type sepgsql_secret_table_t:db_table getattr;
+allow sepgsql_client_type sepgsql_secret_table_t:db_column getattr;
+
+allow sepgsql_client_type sepgsql_sysobj_t:db_table { getattr use select };
+allow sepgsql_client_type sepgsql_sysobj_t:db_column { getattr use select };
+allow sepgsql_client_type sepgsql_sysobj_t:db_tuple { use select };
+
+allow sepgsql_client_type sepgsql_proc_t:db_procedure { getattr execute };
+allow sepgsql_client_type sepgsql_trusted_proc_t:db_procedure { getattr execute entrypoint };
+
+allow sepgsql_client_type sepgsql_blob_t:db_blob { create drop getattr setattr read write };
+allow sepgsql_client_type sepgsql_ro_blob_t:db_blob { getattr read };
+allow sepgsql_client_type sepgsql_secret_blob_t:db_blob getattr;
+
+tunable_policy(`sepgsql_enable_users_ddl',`
+ allow sepgsql_client_type sepgsql_table_t:db_table { create drop setattr };
+ allow sepgsql_client_type sepgsql_table_t:db_column { create drop setattr };
+ allow sepgsql_client_type sepgsql_sysobj_t:db_tuple { update insert delete };
+')
+
+########################################
+#
+# Unconfined access to this module
+#
+
+allow sepgsql_unconfined_type sepgsql_database_type:db_database *;
+allow sepgsql_unconfined_type sepgsql_table_type:{ db_table db_column db_tuple } *;
+allow sepgsql_unconfined_type sepgsql_blob_type:db_blob *;
+allow sepgsql_unconfined_type { sepgsql_proc_t sepgsql_trusted_proc_t }:db_procedure *;
+allow sepgsql_unconfined_type sepgsql_procedure_type:db_procedure { create drop getattr setattr relabelfrom relabelto };
+allow sepgsql_unconfined_type sepgsql_module_type:db_database install_module;
+
+type_transition sepgsql_unconfined_type sepgsql_unconfined_type:db_database sepgsql_db_t;
+type_transition sepgsql_unconfined_type sepgsql_database_type:db_table sepgsql_table_t;
+type_transition sepgsql_unconfined_type sepgsql_database_type:db_procedure sepgsql_proc_t;
+type_transition sepgsql_unconfined_type sepgsql_database_type:db_blob sepgsql_blob_t;
+
+
+########################################
+#
+# Allow permission to external domains
+#
+
+# relabelfrom for invalid security context
+allow sepgsql_unconfined_type unlabeled_t:db_database { setattr relabelfrom };
+allow sepgsql_unconfined_type unlabeled_t:db_table { setattr relabelfrom };
+allow sepgsql_unconfined_type unlabeled_t:db_procedure { setattr relabelfrom };
+allow sepgsql_unconfined_type unlabeled_t:db_column { setattr relabelfrom };
+allow sepgsql_unconfined_type unlabeled_t:db_tuple { update relabelfrom };
+allow sepgsql_unconfined_type unlabeled_t:db_blob { setattr relabelfrom };
+
+# administrative client domain
+optional_policy(`
+ gen_require(`
+ type unconfined_t;
+ ')
+ sepgsql_unconfined(unconfined_t)
+')
+
+optional_policy(`
+ gen_require(`
+ type sysadm_t;
+ ')
+ sepgsql_unconfined(sysadm_t)
+')
+
+# unprivilleged client domain
+optional_policy(`
+ gen_require(`
+ type user_t;
+ role user_r;
+ ')
+ sepgsql_userdom_template(user,user_t,user_r)
+')
+
+optional_policy(`
+ gen_require(`
+ type staff_t;
+ role staff_r;
+ ')
+ sepgsql_userdom_template(staff,staff_t,staff_r)
+')
+
+optional_policy(`
+ gen_require(`
+ type guest_t;
+ role guest_r;
+ ')
+ sepgsql_userdom_template(guest,guest_t,guest_r)
+')
+
+optional_policy(`
+ gen_require(`
+ type xguest_t;
+ role xguest_r;
+ ')
+ sepgsql_userdom_template(xguest,xguest_t,xguest_r)
+')
+
+optional_policy(`
+ gen_require(`
+ type httpd_t;
+ ')
+ sepgsql_unpriv_client(httpd_t)
+')
+
+optional_policy(`
+ gen_require(`
+ type httpd_sys_script_t;
+ ')
+ sepgsql_unpriv_client(httpd_sys_script_t)
+')
+
+# SE-PostgreSQL loadable modules
+optional_policy(`
+ gen_require(`
+ type lib_t, textrel_shlib_t;
+ ')
+ sepgsql_loadable_module(lib_t)
+ sepgsql_loadable_module(textrel_shlib_t)
+')
+
+########################################
+#
+# SE-PostgreSQL audit switch for debugging
+#
+tunable_policy(`sepgsql_enable_auditallow',`
+ auditallow domain sepgsql_database_type : db_database *;
+ auditallow domain sepgsql_table_type : db_table *;
+ auditallow domain sepgsql_table_type : db_column *;
+ auditallow domain sepgsql_procedure_type : db_procedure *;
+ auditallow domain sepgsql_blob_type : db_blob *;
+ auditallow domain sepgsql_module_type : db_database { install_module };
+ auditallow sepgsql_database_type sepgsql_module_type : db_database { load_module };
+')
+
+tunable_policy(`! sepgsql_enable_auditdeny',`
+ dontaudit domain sepgsql_database_type : db_database *;
+ dontaudit domain sepgsql_table_type : db_table *;
+ dontaudit domain sepgsql_table_type : db_column *;
+ dontaudit domain sepgsql_procedure_type : db_procedure *;
+ dontaudit domain sepgsql_blob_type : db_blob *;
+ dontaudit domain sepgsql_module_type : db_database { install_module };
+ dontaudit sepgsql_database_type sepgsql_module_type : db_database { load_module };
+')
+
+dontaudit domain { sepgsql_table_type - sepgsql_sysobj_table_type } : db_tuple { use select update insert delete };
+
+########################################
+#
+# SE-PostgreSQL regression test mode switch
+#
+tunable_policy(`sepgsql_regression_test_mode',`
+ allow sepgsql_client_type home_type : db_database { install_module };
+ allow sepgsql_unconfined_type home_type : db_database { install_module };
+ allow sepgsql_database_type home_type : db_database { load_module };
+')
sepostgresql-sepgsql-8.3.6-2.patch:
--- NEW FILE sepostgresql-sepgsql-8.3.6-2.patch ---
diff -rpNU3 base/configure sepgsql/configure
--- base/configure 2009-02-02 11:47:17.000000000 +0900
+++ sepgsql/configure 2009-02-02 11:58:34.000000000 +0900
@@ -314,7 +314,7 @@ ac_includes_default="\
# include <unistd.h>
#endif"
-ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS configure_args build build_cpu build_vendor build_os host host_cpu host_vendor host_os PORTNAME docdir enable_nls WANTED_LANGUAGES default_port enable_shared enable_rpath enable_debug enable_profiling DTRACE DTRACEFLAGS enable_dtrace CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CPP GCC TAS autodepend INCLUDES enable_thread_safety with_tcl with_perl with_python with_gssapi with_krb5 krb_srvtab with_pam with_ldap with_bonjour with_openssl with_ossp_uuid XML2_CONFIG with_libxml with_libxslt with_system_tzdata with_zlib EGREP ELF_SYS LDFLAGS_SL LD with_gnu_ld ld_R_works RANLIB ac_ct_RANLIB STRIP ac_ct_STRIP STRIP_STATIC_LIB STRIP_SHARED
_LIB TAR LN_S AWK YACC YFLAGS FLEX FLEXFLAGS PERL perl_archlibexp perl_privlibexp perl_useshrplib perl_embed_ldflags PYTHON python_version python_configdir python_includespec python_libdir python_libspec python_additional_libs OSSP_UUID_LIBS HAVE_IPV6 LIBOBJS acx_pthread_config PTHREAD_CC PTHREAD_LIBS PTHREAD_CFLAGS LDAP_LIBS_FE LDAP_LIBS_BE HAVE_POSIX_SIGNALS MSGFMT MSGMERGE XGETTEXT localedir TCLSH TCL_CONFIG_SH TCL_INCLUDE_SPEC TCL_LIB_FILE TCL_LIBS TCL_LIB_SPEC TCL_SHARED_BUILD TCL_SHLIB_LD_LIBS NSGMLS JADE have_docbook DOCBOOKSTYLE COLLATEINDEX SGMLSPL vpath_build LTLIBOBJS'
+ac_subst_vars='SHELL PATH_SEPARATOR PACKAGE_NAME PACKAGE_TARNAME PACKAGE_VERSION PACKAGE_STRING PACKAGE_BUGREPORT exec_prefix prefix program_transform_name bindir sbindir libexecdir datadir sysconfdir sharedstatedir localstatedir libdir includedir oldincludedir infodir mandir build_alias host_alias target_alias DEFS ECHO_C ECHO_N ECHO_T LIBS configure_args build build_cpu build_vendor build_os host host_cpu host_vendor host_os PORTNAME docdir enable_nls WANTED_LANGUAGES default_port enable_shared enable_rpath enable_debug enable_profiling DTRACE DTRACEFLAGS enable_dtrace CC CFLAGS LDFLAGS CPPFLAGS ac_ct_CC EXEEXT OBJEXT CPP GCC TAS autodepend INCLUDES enable_thread_safety with_tcl with_perl with_python with_gssapi with_krb5 krb_srvtab with_pam with_ldap with_bonjour with_openssl with_ossp_uuid XML2_CONFIG with_libxml with_libxslt with_system_tzdata with_zlib enable_selinux EGREP ELF_SYS LDFLAGS_SL LD with_gnu_ld ld_R_works RANLIB ac_ct_RANLIB STRIP ac_ct_STRIP STRIP_STATIC_L
IB STRIP_SHARED_LIB TAR LN_S AWK YACC YFLAGS FLEX FLEXFLAGS PERL perl_archlibexp perl_privlibexp perl_useshrplib perl_embed_ldflags PYTHON python_version python_configdir python_includespec python_libdir python_libspec python_additional_libs OSSP_UUID_LIBS HAVE_IPV6 LIBOBJS acx_pthread_config PTHREAD_CC PTHREAD_LIBS PTHREAD_CFLAGS LDAP_LIBS_FE LDAP_LIBS_BE HAVE_POSIX_SIGNALS MSGFMT MSGMERGE XGETTEXT localedir TCLSH TCL_CONFIG_SH TCL_INCLUDE_SPEC TCL_LIB_FILE TCL_LIBS TCL_LIB_SPEC TCL_SHARED_BUILD TCL_SHLIB_LD_LIBS NSGMLS JADE have_docbook DOCBOOKSTYLE COLLATEINDEX SGMLSPL vpath_build LTLIBOBJS'
ac_subst_files=''
# Initialize some variables set by options.
@@ -871,6 +871,7 @@ Optional Features:
--enable-cassert enable assertion checks (for debugging)
--enable-thread-safety make client libraries thread-safe
--enable-thread-safety-force force thread-safety despite thread test failure
+ --enable-selinux build with SELinux support
--disable-largefile omit support for large files
Optional Packages:
@@ -4619,6 +4620,115 @@ fi;
#
+# SELinux support
+#
+
+pgac_args="$pgac_args enable_selinux"
+
+# Check whether --enable-selinux or --disable-selinux was given.
+if test "${enable_selinux+set}" = set; then
+ enableval="$enable_selinux"
+
+ case $enableval in
+ yes)
+ :
+ ;;
+ no)
+ :
+ ;;
+ *)
+ { { echo "$as_me:$LINENO: error: no argument expected for --enable-selinux option" >&5
+echo "$as_me: error: no argument expected for --enable-selinux option" >&2;}
+ { (exit 1); exit 1; }; }
+ ;;
+ esac
+
+else
+ enable_selinux=no
+
+fi;
+
+if test "$enable_selinux" = yes; then
+ echo "$as_me:$LINENO: checking for getpeercon in -lselinux" >&5
+echo $ECHO_N "checking for getpeercon in -lselinux... $ECHO_C" >&6
+if test "${ac_cv_lib_selinux_getpeercon+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+else
+ ac_check_lib_save_LIBS=$LIBS
+LIBS="-lselinux $LIBS"
+cat >conftest.$ac_ext <<_ACEOF
+/* confdefs.h. */
+_ACEOF
+cat confdefs.h >>conftest.$ac_ext
+cat >>conftest.$ac_ext <<_ACEOF
+/* end confdefs.h. */
+
+/* Override any gcc2 internal prototype to avoid an error. */
+#ifdef __cplusplus
+extern "C"
+#endif
+/* We use char because int might match the return type of a gcc2
+ builtin and then its argument prototype would still apply. */
+char getpeercon ();
+int
+main ()
+{
+getpeercon ();
+ ;
+ return 0;
+}
+_ACEOF
+rm -f conftest.$ac_objext conftest$ac_exeext
+if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5
+ (eval $ac_link) 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } &&
+ { ac_try='test -z "$ac_c_werror_flag"
+ || test ! -s conftest.err'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; } &&
+ { ac_try='test -s conftest$ac_exeext'
+ { (eval echo "$as_me:$LINENO: \"$ac_try\"") >&5
+ (eval $ac_try) 2>&5
+ ac_status=$?
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); }; }; then
+ ac_cv_lib_selinux_getpeercon=yes
+else
+ echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+ac_cv_lib_selinux_getpeercon=no
+fi
+rm -f conftest.err conftest.$ac_objext \
+ conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+echo "$as_me:$LINENO: result: $ac_cv_lib_selinux_getpeercon" >&5
+echo "${ECHO_T}$ac_cv_lib_selinux_getpeercon" >&6
+if test $ac_cv_lib_selinux_getpeercon = yes; then
+
+cat >>confdefs.h <<_ACEOF
+#define HAVE_SELINUX 1
+_ACEOF
+
+
+else
+ { { echo "$as_me:$LINENO: error: \"--enable-selinux requires libselinux.\"" >&5
+echo "$as_me: error: \"--enable-selinux requires libselinux.\"" >&2;}
+ { (exit 1); exit 1; }; }
+fi
+
+fi
+
+#
# Elf
#
@@ -26019,6 +26129,7 @@ s, at with_libxml@,$with_libxml,;t t
s, at with_libxslt@,$with_libxslt,;t t
s, at with_system_tzdata@,$with_system_tzdata,;t t
s, at with_zlib@,$with_zlib,;t t
+s, at enable_selinux@,$enable_selinux,;t t
s, at EGREP@,$EGREP,;t t
s, at ELF_SYS@,$ELF_SYS,;t t
s, at LDFLAGS_SL@,$LDFLAGS_SL,;t t
diff -rpNU3 base/configure.in sepgsql/configure.in
--- base/configure.in 2009-02-02 11:47:17.000000000 +0900
+++ sepgsql/configure.in 2009-02-02 11:58:34.000000000 +0900
@@ -626,6 +626,19 @@ PGAC_ARG_BOOL(with, zlib, yes,
AC_SUBST(with_zlib)
#
+# SELinux support
+#
+PGAC_ARG_BOOL(enable, selinux, no,
+ [ --enable-selinux build with SELinux support])
+if test "$enable_selinux" = yes; then
+ AC_CHECK_LIB(selinux, getpeercon,
+ AC_DEFINE_UNQUOTED(HAVE_SELINUX, 1,
+ [SE-PostgreSQL feature is enabled])
+ AC_SUBST(enable_selinux),
+ AC_MSG_ERROR("--enable-selinux requires libselinux."))
+fi
+
+#
# Elf
#
diff -rpNU3 base/contrib/sepgsql_policy/Makefile sepgsql/contrib/sepgsql_policy/Makefile
--- base/contrib/sepgsql_policy/Makefile 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/contrib/sepgsql_policy/Makefile 2008-06-26 11:44:44.000000000 +0900
@@ -0,0 +1,40 @@
+#
+# contrib/sepgsql_policy/Makefile
+# Makefile of security policy module for SE-PostgreSQL
+#
+top_builddir = ../..
+include $(top_builddir)/src/Makefile.global
+
+policy_basedir := /usr/share/selinux
+policy_makefile := $(policy_basedir)/devel/Makefile
+policy_types := targeted mls
+policy := $(strip $(shell $(AWK) -F= '/^SELINUXTYPE/{ print $$2 }' /etc/selinux/config))
+package_names := sepostgresql sepostgresql-devel
+prefix_ptn := "s/%%__prefix__%%/$(shell echo $(prefix)|sed 's/\//\\\//g')/g"
+bindir_ptn := "s/%%__bindir__%%/$(shell echo $(bindir)|sed 's/\//\\\//g')/g"
+libdir_ptn := "s/%%__libdir__%%/$(shell echo $(pkglibdir)|sed 's/\//\\\//g')/g"
+
+all:
+ $(foreach pkg, $(package_names), $(foreach p, $(policy_types), $(MAKE) $(MAKEOVERRIDES) policy=$(p) $(pkg).pp;))
+ $(foreach pkg, $(package_names), test -e $(pkg).pp.$(policy) && ln -sf $(pkg).pp.$(policy) $(pkg).pp;)
+
+.install-policy:
+ test -d $(DESTDIR)$(policy_basedir)/$(policy) || install -d $(DESTDIR)$(policy_basedir)/$(policy)
+ $(foreach pkg, $(package_names), install -p -m 644 $(pkg).pp.$(policy) $(DESTDIR)$(policy_basedir)/$(policy)/$(pkg).pp;)
+
+install: all
+ $(foreach p, $(policy_types), $(MAKE) $(MAKEOVERRIDES) policy=$(p) .install-policy;)
+
+%.pp: %.te %.if %.fc
[...12319 lines suppressed...]
+extern void sepgsqlLargeObjectCreate(Relation rel, HeapTuple tuple);
+
+extern void sepgsqlLargeObjectDrop(Relation rel, HeapTuple tuple, void **pgaceItem);
+
+extern void sepgsqlLargeObjectRead(LargeObjectDesc *lodesc, int length);
+
+extern void sepgsqlLargeObjectWrite(LargeObjectDesc *lodesc, int length);
+
+extern void sepgsqlLargeObjectTruncate(LargeObjectDesc *lodesc, int offset);
+
+extern void sepgsqlLargeObjectImport(Oid loid, int fdesc, const char *filename);
+
+extern void sepgsqlLargeObjectExport(Oid loid, int fdesc, const char *filename);
+
+extern void sepgsqlLargeObjectGetSecurity(Relation rel, HeapTuple tuple);
+
+extern void sepgsqlLargeObjectSetSecurity(Relation rel, HeapTuple newtup, HeapTuple oldtup);
+
+/* Security Label hooks */
+extern bool sepgsqlTupleDescHasSecLabel(Relation rel, List *relopts);
+
+extern char *sepgsqlTranslateSecurityLabelIn(const char *context);
+
+extern char *sepgsqlTranslateSecurityLabelOut(const char *context);
+
+extern bool sepgsqlCheckValidSecurityLabel(char *context);
+
+extern char *sepgsqlUnlabeledSecurityLabel(void);
+
+extern char *sepgsqlSecurityLabelOfLabel(void);
+
+/*
+ * SE-PostgreSQL core functions
+ * src/backend/security/sepgsql/core.c
+ */
+extern bool sepgsqlIsEnabled(void);
+
+extern const security_context_t sepgsqlGetServerContext(void);
+
+extern const security_context_t sepgsqlGetClientContext(void);
+
+extern const security_context_t sepgsqlGetDatabaseContext(void);
+
+extern const security_context_t sepgsqlGetUnlabeledContext(void);
+
+extern const security_context_t sepgsqlSwitchClientContext(security_context_t newcon);
+
+extern Oid sepgsqlGetDatabaseSecurityId(void);
+
+/*
+ * SE-PostgreSQL userspace avc functions
+ * src/backend/security/sepgsql/avc.c
+ */
+extern void sepgsqlAvcInit(void);
+
+extern void sepgsqlAvcSwitchClientContext(security_context_t context);
+
+extern void sepgsqlClientHasPermission(Oid target_security_id,
+ security_class_t tclass,
+ access_vector_t perms,
+ const char *objname);
+
+extern bool sepgsqlClientHasPermissionNoAbort(Oid target_security_id,
+ security_class_t tclass,
+ access_vector_t perms,
+ const char *objname);
+
+extern Oid sepgsqlClientCreateSid(Oid target_security_id,
+ security_class_t tclass);
+
+extern security_context_t
+sepgsqlClientCreateContext(Oid target_security_id,
+ security_class_t tclass);
+
+extern bool sepgsqlComputePermission(const security_context_t scontext,
+ const security_context_t tcontext,
+ security_class_t tclass,
+ access_vector_t perms,
+ const char *objname);
+
+extern security_context_t
+sepgsqlComputeCreateContext(const security_context_t scontext,
+ const security_context_t tcontext,
+ security_class_t tclass);
+
+/*
+ * SE-PostgreSQL permission evaluation related
+ * src/backend/security/sepgsql/permission.c
+ */
+extern const char *sepgsqlTupleName(Oid relid, HeapTuple tuple);
+
+extern security_class_t sepgsqlFileObjectClass(int fdesc, const char *filename);
+
+extern security_class_t sepgsqlTupleObjectClass(Oid relid, HeapTuple tuple);
+
+extern void sepgsqlSetDefaultContext(Relation rel, HeapTuple tuple);
+
+extern bool sepgsqlCheckTuplePerms(Relation rel, HeapTuple tuple, HeapTuple newtup,
+ uint32 perms, bool abort);
+
+extern void sepgsqlCheckModuleInstallPerms(const char *filename);
+
+/*
+ * workaround for older libselinux
+ */
+#ifndef DB_PROCEDURE__INSTALL
+#define DB_PROCEDURE__INSTALL 0x00000100UL
+#endif
+
+#endif /* SEPGSQL_H */
diff -rpNU3 base/src/include/storage/fd.h sepgsql/src/include/storage/fd.h
--- base/src/include/storage/fd.h 2008-01-07 23:51:33.000000000 +0900
+++ sepgsql/src/include/storage/fd.h 2008-06-14 02:36:58.000000000 +0900
@@ -67,6 +67,7 @@ extern int FileWrite(File file, char *bu
extern int FileSync(File file);
extern long FileSeek(File file, long offset, int whence);
extern int FileTruncate(File file, long offset);
+extern int FileRawDescriptor(File file);
/* Operations that allow use of regular stdio --- USE WITH CAUTION */
extern FILE *AllocateFile(const char *name, const char *mode);
diff -rpNU3 base/src/include/storage/lwlock.h sepgsql/src/include/storage/lwlock.h
--- base/src/include/storage/lwlock.h 2008-01-07 23:51:33.000000000 +0900
+++ sepgsql/src/include/storage/lwlock.h 2008-06-14 02:36:58.000000000 +0900
@@ -63,6 +63,7 @@ typedef enum LWLockId
AutovacuumLock,
AutovacuumScheduleLock,
SyncScanLock,
+ SepgsqlAvcLock,
/* Individual lock IDs end here */
FirstBufMappingLock,
FirstLockMgrLock = FirstBufMappingLock + NUM_BUFFER_PARTITIONS,
diff -rpNU3 base/src/include/utils/catcache.h sepgsql/src/include/utils/catcache.h
--- base/src/include/utils/catcache.h 2008-01-07 23:51:33.000000000 +0900
+++ sepgsql/src/include/utils/catcache.h 2008-06-14 02:36:58.000000000 +0900
@@ -172,6 +172,7 @@ extern HeapTuple SearchCatCache(CatCache
Datum v1, Datum v2,
Datum v3, Datum v4);
extern void ReleaseCatCache(HeapTuple tuple);
+extern void InsertCatCache(CatCache *cache, HeapTuple tuple);
extern CatCList *SearchCatCacheList(CatCache *cache, int nkeys,
Datum v1, Datum v2,
diff -rpNU3 base/src/include/utils/errcodes.h sepgsql/src/include/utils/errcodes.h
--- base/src/include/utils/errcodes.h 2008-01-07 23:51:33.000000000 +0900
+++ sepgsql/src/include/utils/errcodes.h 2008-12-02 11:39:45.000000000 +0900
@@ -339,6 +339,12 @@
#define ERRCODE_NO_DATA_FOUND MAKE_SQLSTATE('P','0', '0','0','2')
#define ERRCODE_TOO_MANY_ROWS MAKE_SQLSTATE('P','0', '0','0','3')
+/* Class SE - Security Error (PGACE/SE-PostgreSQL error class) */
+#define ERRCODE_PGACE_ERROR MAKE_SQLSTATE('S','E', '0','0','0')
+#define ERRCODE_SELINUX_ERROR MAKE_SQLSTATE('S','E', '0','1','1')
+#define ERRCODE_SELINUX_AUDIT MAKE_SQLSTATE('S','E', '0','1','2')
+#define ERRCODE_SELINUX_INFO MAKE_SQLSTATE('S','E', '0','1','3')
+
/* Class XX - Internal Error (PostgreSQL-specific error class) */
/* (this is for "can't-happen" conditions and software bugs) */
#define ERRCODE_INTERNAL_ERROR MAKE_SQLSTATE('X','X', '0','0','0')
diff -rpNU3 base/src/include/utils/syscache.h sepgsql/src/include/utils/syscache.h
--- base/src/include/utils/syscache.h 2008-01-07 23:51:33.000000000 +0900
+++ sepgsql/src/include/utils/syscache.h 2008-06-14 02:36:58.000000000 +0900
@@ -76,6 +76,8 @@
#define TSTEMPLATEOID 45
#define TYPENAMENSP 46
#define TYPEOID 47
+#define SECURITYOID 48
+#define SECURITYLABEL 49
extern void InitCatalogCache(void);
extern void InitCatalogCachePhase2(void);
@@ -84,6 +86,8 @@ extern HeapTuple SearchSysCache(int cach
Datum key1, Datum key2, Datum key3, Datum key4);
extern void ReleaseSysCache(HeapTuple tuple);
+extern void InsertSysCache(Oid relid, HeapTuple tuple);
+
/* convenience routines */
extern HeapTuple SearchSysCacheCopy(int cacheId,
Datum key1, Datum key2, Datum key3, Datum key4);
diff -rpNU3 base/src/test/regress/expected/sanity_check.out sepgsql/src/test/regress/expected/sanity_check.out
--- base/src/test/regress/expected/sanity_check.out 2007-11-25 12:49:12.000000000 +0900
+++ sepgsql/src/test/regress/expected/sanity_check.out 2008-11-24 19:46:15.000000000 +0900
@@ -111,6 +111,7 @@ SELECT relname, relhasindex
pg_pltemplate | t
pg_proc | t
pg_rewrite | t
+ pg_security | t
pg_shdepend | t
pg_shdescription | t
pg_statistic | t
@@ -149,7 +150,7 @@ SELECT relname, relhasindex
timetz_tbl | f
tinterval_tbl | f
varchar_tbl | f
-(138 rows)
+(139 rows)
--
-- another sanity check: every system catalog that has OIDs should have
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/F-9/.cvsignore,v
retrieving revision 1.12
retrieving revision 1.13
diff -u -r1.12 -r1.13
--- .cvsignore 5 Nov 2008 01:41:08 -0000 1.12
+++ .cvsignore 6 Feb 2009 02:30:13 -0000 1.13
@@ -1 +1 @@
-postgresql-8.3.5.tar.bz2
+postgresql-8.3.6.tar.bz2
Index: sepostgresql.init
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/F-9/sepostgresql.init,v
retrieving revision 1.28
retrieving revision 1.29
diff -u -r1.28 -r1.29
--- sepostgresql.init 5 Nov 2008 02:08:04 -0000 1.28
+++ sepostgresql.init 6 Feb 2009 02:30:14 -0000 1.29
@@ -7,9 +7,9 @@
# pidfile: /var/run/postmaster.pid
#---------------------------------------------------------------------
-PGVERSION="8.3.5"
+PGVERSION="8.3.6"
PGMAJORVERSION=`echo "$PGVERSION" | sed 's/^\([0-9]*\.[0-9a-z]*\).*$/\1/'`
-SEPGVERSION="2.1183"
+SEPGVERSION="2.1518"
# source function library
. /etc/rc.d/init.d/functions
@@ -38,7 +38,7 @@
# Check that networking is up.
test "${NETWORKING}" = "no" && exit 0
-test -f "${SEPGSQL_BIN}/postmaster" || exit 1
+test -f "${SEPGSQL_BIN}/sepostgres" || exit 1
script_result=0
@@ -165,7 +165,7 @@
test -x /sbin/restorecon && /sbin/restorecon -R "${SEPGSQL_DATA}"
# Initialize the database
cd ${SEPGSQL_BIN}
- /sbin/runuser -- sepgsql -c "./initdb.sepgsql -A 'ident sameuser' ${SEPGSQL_DATA}" \
+ /sbin/runuser -- sepgsql -c "./initdb.sepgsql --pgace-feature=selinux -A 'ident sameuser' ${SEPGSQL_DATA}" \
>> "${SEPGSQL_STARTUP_LOG}" 2>&1 < /dev/null
if [ -f "${SEPGSQL_DATA}/PG_VERSION" ]; then
echo_success
Index: sepostgresql.spec
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/F-9/sepostgresql.spec,v
retrieving revision 1.30
retrieving revision 1.31
diff -u -r1.30 -r1.31
--- sepostgresql.spec 5 Nov 2008 02:08:04 -0000 1.30
+++ sepostgresql.spec 6 Feb 2009 02:30:14 -0000 1.31
@@ -21,8 +21,8 @@
Summary: Security Enhanced PostgreSQL
Name: sepostgresql
-Version: 8.3.5
-Release: 2.1183%{?sepgsql_extension}%{?dist}
+Version: 8.3.6
+Release: 2.1518%{?sepgsql_extension}%{?dist}
License: BSD
Group: Applications/Databases
Url: http://code.google.com/p/sepgsql/
@@ -31,9 +31,9 @@
Source1: sepostgresql.init
Source2: sepostgresql.8
Source3: sepostgresql.logrotate
-Patch0: sepostgresql-sepgsql-8.3.5-2.patch
-Patch1: sepostgresql-policy-8.3.5-2.patch
-Patch2: sepostgresql-pg_dump-8.3.5-2.patch
+Patch0: sepostgresql-sepgsql-8.3.6-2.patch
+Patch1: sepostgresql-policy-8.3.6-2.patch
+Patch2: sepostgresql-pg_dump-8.3.6-2.patch
Patch3: sepostgresql-fedora-prefix.patch
BuildRequires: perl glibc-devel bison flex readline-devel zlib-devel >= 1.0.4
BuildRequires: checkpolicy libselinux-devel >= 2.0.43
@@ -214,6 +214,10 @@
%attr(700,sepgsql,sepgsql) %dir %{_localstatedir}/lib/sepgsql/backups
%changelog
+* Fri Feb 6 2009 <kaigai at kaigai.gr.jp> - 8.3.6-2.1518
+- upgrade base PostgreSQL version 8.3.5->8.3.6
+- backport features from 8.4devel tree
+
* Wed Nov 5 2008 <kaigai at kaigai.gr.jp> - 8.3.5-2.1182
- upgrade base PostgreSQL version 8.3.4->8.3.5
- backport cumulative bugfixes from 8.4devel series
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/F-9/sources,v
retrieving revision 1.9
retrieving revision 1.10
diff -u -r1.9 -r1.10
--- sources 5 Nov 2008 01:41:08 -0000 1.9
+++ sources 6 Feb 2009 02:30:14 -0000 1.10
@@ -1 +1 @@
-3bc028774d7a79e926be0c6a9c7ca209 postgresql-8.3.5.tar.bz2
+4f8c67d802bd03b5b844e268bba7d44a postgresql-8.3.6.tar.bz2
--- sepostgresql-pg_dump-8.3.5-2.patch DELETED ---
--- sepostgresql-policy-8.3.5-2.patch DELETED ---
--- sepostgresql-sepgsql-8.3.5-2.patch DELETED ---
- Previous message (by thread): rpms/fbreader/devel .cvsignore,1.10,1.11 sources,1.10,1.11
- Next message (by thread): rpms/sepostgresql/F-10 sepostgresql-pg_dump-8.3.6-2.patch, NONE, 1.1 sepostgresql-policy-8.3.6-2.patch, NONE, 1.1 sepostgresql-sepgsql-8.3.6-2.patch, NONE, 1.1 .cvsignore, 1.12, 1.13 sepostgresql.init, 1.28, 1.29 sepostgresql.spec, 1.29, 1.30 sources, 1.9, 1.10 sepostgresql-pg_dump-8.3.5-2.patch, 1.1, NONE sepostgresql-policy-8.3.5-2.patch, 1.1, NONE sepostgresql-sepgsql-8.3.5-2.patch, 1.2, NONE
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list