rpms/sepostgresql/F-9 sepostgresql-policy-8.3.3-2.patch, NONE, 1.1 sepostgresql.spec, 1.23, 1.24
KaiGai Kohei (kaigai)
fedora-extras-commits at redhat.com
Fri Jul 11 07:04:15 UTC 2008
Author: kaigai
Update of /cvs/pkgs/rpms/sepostgresql/F-9
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv4355
Modified Files:
sepostgresql.spec
Added Files:
sepostgresql-policy-8.3.3-2.patch
Log Message:
sepostgresql-policy-8.3.3-2.patch is not added...
sepostgresql-policy-8.3.3-2.patch:
--- NEW FILE sepostgresql-policy-8.3.3-2.patch ---
diff -rpNU3 base/src/backend/security/sepgsql/policy/Makefile sepgsql/src/backend/security/sepgsql/policy/Makefile
--- base/src/backend/security/sepgsql/policy/Makefile 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/Makefile 2008-07-11 14:10:51.000000000 +0900
@@ -0,0 +1,41 @@
+#
+# contrib/sepgsql_policy/Makefile
+# Makefile of security policy module for SE-PostgreSQL
+#
+top_builddir = ../../../../..
+include $(top_builddir)/src/Makefile.global
+
+policy_basedir := /usr/share/selinux
+policy_makefile := $(policy_basedir)/devel/Makefile
+policy_types := targeted mls
+policy := $(strip $(shell $(AWK) -F= '/^SELINUXTYPE/{ print $$2 }' /etc/selinux/config))
+package_names := sepostgresql sepostgresql-devel
+prefix_ptn := "s/%%__prefix__%%/$(shell echo $(prefix)|sed 's/\//\\\//g')/g"
+bindir_ptn := "s/%%__bindir__%%/$(shell echo $(bindir)|sed 's/\//\\\//g')/g"
+libdir_ptn := "s/%%__libdir__%%/$(shell echo $(pkglibdir)|sed 's/\//\\\//g')/g"
+
+all:
+ $(foreach pkg, $(package_names), $(foreach p, $(policy_types), $(MAKE) $(MAKEOVERRIDES) policy=$(p) $(pkg).pp;))
+ $(foreach pkg, $(package_names), test -e $(pkg).pp.$(policy) && ln -sf $(pkg).pp.$(policy) $(pkg).pp;)
+
+.install-policy:
+ test -d $(DESTDIR)$(policy_basedir)/$(policy) || install -d $(DESTDIR)$(policy_basedir)/$(policy)
+ $(foreach pkg, $(package_names), install -p -m 644 $(pkg).pp.$(policy) $(DESTDIR)$(policy_basedir)/$(policy)/$(pkg).pp;)
+
+install: all
+ $(foreach p, $(policy_types), $(MAKE) $(MAKEOVERRIDES) policy=$(p) .install-policy;)
+
+%.pp: %.te %.if %.fc
+ rm -f $@
+ $(MAKE) NAME=$(policy) -f $(policy_makefile) $@
+ mv $@ $@.$(policy)
+
+sepostgresql-devel.fc: sepostgresql.fc.template
+ cat $< | grep -v ^/var | sed -e $(prefix_ptn) -e $(bindir_ptn) -e $(libdir_ptn) > $@
+
+sepostgresql.fc: sepostgresql.fc.template
+ cat $< | sed -e $(prefix_ptn) -e $(bindir_ptn) -e $(libdir_ptn) > $@
+
+clean:
+ $(MAKE) -f $(policy_makefile) clean
+ rm -f *.pp.* *.fc
diff -rpNU3 base/src/backend/security/sepgsql/policy/README sepgsql/src/backend/security/sepgsql/policy/README
--- base/src/backend/security/sepgsql/policy/README 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/README 2008-07-11 14:10:51.000000000 +0900
@@ -0,0 +1,49 @@
+The security policy module of SE-PostgreSQL
+-------------------------------------------
+
+o Introduction
+
+ We provide two kind of security policy modules.
+
+ One is "sepostgresql.pp" which contains full-set of security policy
+ and suitable for legacy base policy (selinux-policy-3.4.1, or prior).
+
+ The other is "sepostgresql-devel.pp" which provides several booleans
+ for developers, and suitable for newer base policy (selinux-policy-3.4.2,
+ or later).
+
+ In the selinux-policy-3.4.2, most part of the policy got upstreamed.
+ So, we don't need to install "sepostgresql.pp" explicitly on the newer
+ base security policy.
+
+ If you need to run regression test, or (don't) want to generate access
+ logs, install "sepostgresql-devel.pp" and turn on/off booleans.
+
+o Build & Installation
+
+ $ cd src/backend/security/sepgsql/policy
+ $ make
+ $ su
+ # /usr/sbin/semodule -i sepostgresql-devel.pp
+ or
+ # /usr/sbin/semodule -i sepostgresql.pp
+
+o Booleans
+
+- sepgsql_enable_users_ddl (default: on)
+ This boolean enables to control to execute DDL statement come from
+ confined users.
+
+- sepgsql_enable_auditallow (default: off)
+ This boolean enables to generate access allow logs except for tuple
+ level.
+
+- sepgsql_enable_auditdeny (default: on)
+ This boolean enables to generata access denied logs except for tuple
+ level.
+
+- sepgsql_regression_test_mode (default: off)
+ This boolean provides several permission to run regression test on
+ your home directory. It enables to load shared library files deployed
+ on home directory.
+ However, we don't recommend it to turn on in the operation phase.
diff -rpNU3 base/src/backend/security/sepgsql/policy/sepostgresql-devel.if sepgsql/src/backend/security/sepgsql/policy/sepostgresql-devel.if
--- base/src/backend/security/sepgsql/policy/sepostgresql-devel.if 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/sepostgresql-devel.if 2008-07-11 14:10:51.000000000 +0900
@@ -0,0 +1 @@
+## There are no interface declaration
diff -rpNU3 base/src/backend/security/sepgsql/policy/sepostgresql-devel.te sepgsql/src/backend/security/sepgsql/policy/sepostgresql-devel.te
--- base/src/backend/security/sepgsql/policy/sepostgresql-devel.te 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/sepostgresql-devel.te 2008-07-11 14:10:51.000000000 +0900
@@ -0,0 +1,82 @@
+policy_module(sepostgresql-devel, 3.11)
+
+gen_require(`
+ class db_database all_db_database_perms;
+ class db_table all_db_table_perms;
+ class db_procedure all_db_procedure_perms;
+ class db_column all_db_column_perms;
+ class db_tuple all_db_tuple_perms;
+ class db_blob all_db_blob_perms;
+
+ attribute domain, home_type;
+ attribute sepgsql_client_type;
+ attribute sepgsql_unconfined_type;
+
+ attribute sepgsql_database_type;
+ attribute sepgsql_table_type;
+ attribute sepgsql_sysobj_table_type;
+ attribute sepgsql_procedure_type;
+ attribute sepgsql_blob_type;
+ attribute sepgsql_module_type;
+')
+
+#################################
+#
+# SE-PostgreSQL Declarations
+#
+
+## <desc>
+## <p>
+## Allow to generate auditallow logs
+## </p>
+## </desc>
+gen_tunable(sepgsql_enable_auditallow, false)
+
+## <desc>
+## <p>
+## Allow to generate auditdeny logs
+## </p>
+## </desc>
+gen_tunable(sepgsql_enable_auditdeny, true)
+
+## <desc>
+## <p>
+## Allow widespread permissions for regression test
+## Don't set TRUE on operation phase
+## </p>
+## </desc>
+gen_tunable(sepgsql_regression_test_mode, false)
+
+########################################
+#
+# SE-PostgreSQL audit switch for debugging
+#
+tunable_policy(`sepgsql_enable_auditallow',`
+ auditallow domain sepgsql_database_type : db_database *;
+ auditallow domain sepgsql_table_type : db_table *;
+ auditallow domain sepgsql_table_type : db_column *;
+ auditallow domain sepgsql_procedure_type : db_procedure *;
+ auditallow domain sepgsql_blob_type : db_blob *;
+ auditallow domain sepgsql_module_type : db_database { install_module };
+ auditallow sepgsql_database_type sepgsql_module_type : db_database { load_module };
+')
+
+tunable_policy(`! sepgsql_enable_auditdeny',`
+ dontaudit domain sepgsql_database_type : db_database *;
+ dontaudit domain sepgsql_table_type : db_table *;
+ dontaudit domain sepgsql_table_type : db_column *;
+ dontaudit domain sepgsql_procedure_type : db_procedure *;
+ dontaudit domain sepgsql_blob_type : db_blob *;
+ dontaudit domain sepgsql_module_type : db_database { install_module };
+ dontaudit sepgsql_database_type sepgsql_module_type : db_database { load_module };
+')
+
+########################################
+#
+# SE-PostgreSQL regression test mode switch
+#
+tunable_policy(`sepgsql_regression_test_mode',`
+ allow sepgsql_client_type home_type : db_database { install_module };
+ allow sepgsql_unconfined_type home_type : db_database { install_module };
+ allow sepgsql_database_type home_type : db_database { load_module };
+')
diff -rpNU3 base/src/backend/security/sepgsql/policy/sepostgresql.fc.template sepgsql/src/backend/security/sepgsql/policy/sepostgresql.fc.template
--- base/src/backend/security/sepgsql/policy/sepostgresql.fc.template 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/sepostgresql.fc.template 2008-07-11 14:10:51.000000000 +0900
@@ -0,0 +1,15 @@
+#
+# SE-PostgreSQL install path
+#
+%%__prefix__%%(/.*)? -- gen_context(system_u:object_r:usr_t,s0)
+
+%%__bindir__%%/(se)?postgres -- gen_context(system_u:object_r:postgresql_exec_t,s0)
+%%__bindir__%%/(se)?pg_ctl -- gen_context(system_u:object_r:initrc_exec_t,s0)
+%%__bindir__%%/initdb(\.sepgsql)? -- gen_context(system_u:object_r:postgresql_exec_t,s0)
+%%__bindir__%%(/.*)? -- gen_context(system_u:object_r:bin_t,s0)
+
+%%__libdir__%%(/.*)? -- gen_context(system_u:object_r:lib_t,s0)
+
+/var/lib/sepgsql(/.*)? gen_context(system_u:object_r:postgresql_db_t,s0)
+/var/lib/sepgsql/pgstartup\.log gen_context(system_u:object_r:postgresql_log_t,s0)
+/var/log/sepostgresql\.log.* -- gen_context(system_u:object_r:postgresql_log_t,s0)
diff -rpNU3 base/src/backend/security/sepgsql/policy/sepostgresql.if sepgsql/src/backend/security/sepgsql/policy/sepostgresql.if
--- base/src/backend/security/sepgsql/policy/sepostgresql.if 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/sepostgresql.if 2008-07-11 14:10:51.000000000 +0900
@@ -0,0 +1,259 @@
+#######################################
+## <summary>
+## The userdomain template for the SE-PostgreSQL.
+## </summary>
+## <desc>
+## This template creates a delivered types which are used
+## for given userdomains.
+## </desc>
+## <param name="userdomain_prefix">
+## <summary>
+## The prefix of the user domain (e.g., user
+## is the prefix for user_t).
+## </summary>
+## </param>
+## <param name="user_domain">
+## <summary>
+## The type of the user domain.
+## </summary>
+## </param>
+## <param name="user_role">
+## <summary>
+## The role associated with the user domain.
+## </summary>
+## </param>
+#
+template(`sepostgresql_userdom_template',`
+ gen_require(`
+ class db_database all_db_database_perms;
+ class db_table all_db_table_perms;
+ class db_procedure all_db_procedure_perms;
+ class db_column all_db_column_perms;
+ class db_tuple all_db_tuple_perms;
+ class db_blob all_db_blob_perms;
+
+ attribute sepgsql_client_type;
+ attribute sepgsql_database_type;
+ attribute sepgsql_sysobj_table_type;
+
+ type sepgsql_trusted_proc_t;
+ type sepgsql_trusted_proc_exec_t;
+ ')
+
+ ########################################
+ #
+ # Declarations
+ #
+
+ typeattribute $2 sepgsql_client_type;
+
+ type $1_sepgsql_blob_t;
+ postgresql_blob_object($1_sepgsql_blob_t)
+
+ type $1_sepgsql_proc_exec_t;
+ postgresql_procedure_object($1_sepgsql_proc_exec_t)
+
+ type $1_sepgsql_sysobj_t;
+ postgresql_system_table_object($1_sepgsql_sysobj_t)
+
+ type $1_sepgsql_table_t;
+ postgresql_table_object($1_sepgsql_table_t)
+
+ role $3 types sepgsql_trusted_proc_t;
+
+ ##############################
+ #
+ # Client local policy
+ #
+
+ tunable_policy(`sepgsql_enable_users_ddl',`
+ allow $2 $1_sepgsql_table_t : db_table { create drop };
+ type_transition $2 sepgsql_database_type:db_table $1_sepgsql_table_t;
+
+ allow $2 $1_sepgsql_table_t : db_column { create drop };
+
+ allow $2 $1_sepgsql_sysobj_t : db_tuple { update insert delete };
+ type_transition $2 sepgsql_sysobj_table_type:db_tuple $1_sepgsql_sysobj_t;
+ ')
+
+ allow $2 $1_sepgsql_table_t : db_table { getattr setattr use select update insert delete };
+ allow $2 $1_sepgsql_table_t : db_column { getattr setattr use select update insert };
+ allow $2 $1_sepgsql_table_t : db_tuple { use select update insert delete };
+ allow $2 $1_sepgsql_sysobj_t : db_tuple { use select };
+
+ allow $2 $1_sepgsql_proc_exec_t : db_procedure { create drop getattr setattr execute };
+ type_transition $2 sepgsql_database_type:db_procedure $1_sepgsql_proc_exec_t;
+
+ allow $2 $1_sepgsql_blob_t : db_blob { create drop getattr setattr read write };
+ type_transition $2 sepgsql_database_type:db_blob $1_sepgsql_blob_t;
+
+ allow $2 sepgsql_trusted_proc_t:process transition;
+ type_transition $2 sepgsql_trusted_proc_exec_t:process sepgsql_trusted_proc_t;
+')
+
+########################################
+## <summary>
+## Marks as a SE-PostgreSQL loadable shared library module
+## </summary>
+## <param name="type">
+## <summary>
+## Type marked as a database object type.
+## </summary>
+## </param>
+#
+interface(`sepostgresql_loadable_module',`
+ gen_require(`
+ attribute sepgsql_module_type;
+ ')
+
+ typeattribute $1 sepgsql_module_type;
+')
+
+########################################
+## <summary>
+## Marks as a SE-PostgreSQL database object type
+## </summary>
+## <param name="type">
+## <summary>
+## Type marked as a database object type.
+## </summary>
+## </param>
+#
+interface(`sepostgresql_database_object',`
+ gen_require(`
+ attribute sepgsql_database_type;
+ ')
+
+ typeattribute $1 sepgsql_database_type;
+')
+
+########################################
+## <summary>
+## Marks as a SE-PostgreSQL table/column/tuple object type
+## </summary>
+## <param name="type">
+## <summary>
+## Type marked as a table/column/tuple object type.
+## </summary>
+## </param>
+#
+interface(`sepostgresql_table_object',`
+ gen_require(`
+ attribute sepgsql_table_type;
+ ')
+
+ typeattribute $1 sepgsql_table_type;
+')
+
+########################################
+## <summary>
+## Marks as a SE-PostgreSQL system table/column/tuple object type
+## </summary>
+## <param name="type">
+## <summary>
+## Type marked as a table/column/tuple object type.
+## </summary>
+## </param>
+#
+interface(`sepostgresql_system_table_object',`
+ gen_require(`
+ attribute sepgsql_table_type;
+ attribute sepgsql_sysobj_table_type;
+ ')
+
+ typeattribute $1 sepgsql_table_type;
+ typeattribute $1 sepgsql_sysobj_table_type;
+')
+
+########################################
+## <summary>
+## Marks as a SE-PostgreSQL procedure object type
+## </summary>
+## <param name="type">
+## <summary>
+## Type marked as a database object type.
+## </summary>
+## </param>
+#
+interface(`sepostgresql_procedure_object',`
+ gen_require(`
+ attribute sepgsql_procedure_type;
+ ')
+
+ typeattribute $1 sepgsql_procedure_type;
+')
+
+########################################
+## <summary>
+## Marks as a SE-PostgreSQL binary large object type
+## </summary>
+## <param name="type">
+## <summary>
+## Type marked as a database binary large object type.
+## </summary>
+## </param>
+#
+interface(`sepostgresql_blob_object',`
+ gen_require(`
+ attribute sepgsql_blob_type;
+ ')
+
+ typeattribute $1 sepgsql_blob_type;
+')
+
+########################################
+## <summary>
+## Allow the specified domain unprivileged accesses to unifined database objects
+## managed by SE-PostgreSQL,
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`sepostgresql_unpriv_client',`
+ gen_require(`
+ class db_table all_db_table_perms;
+ class db_procedure all_db_procedure_perms;
+ class db_blob all_db_blob_perms;
+
+ attribute sepgsql_client_type;
+ attribute sepgsql_database_type;
+
+ type sepgsql_table_t;
+ type sepgsql_proc_t;
+ type sepgsql_blob_t;
+
+ type sepgsql_trusted_proc_t;
+ type sepgsql_trusted_proc_exec_t;
+ ')
+
+ typeattribute $1 sepgsql_client_type;
+
+ type_transition $1 sepgsql_database_type:db_table sepgsql_table_t;
+ type_transition $1 sepgsql_database_type:db_procedure sepgsql_proc_t;
+ type_transition $1 sepgsql_database_type:db_blob sepgsql_blob_t;
+
+ type_transition $1 sepgsql_trusted_proc_exec_t:process sepgsql_trusted_proc_t;
+ allow $1 sepgsql_trusted_proc_t:process transition;
+')
+
+########################################
+## <summary>
+## Allow the specified domain unconfined accesses to any database objects
+## managed by SE-PostgreSQL,
+## </summary>
+## <param name="domain">
+## <summary>
+## Domain allowed access.
+## </summary>
+## </param>
+#
+interface(`sepostgresql_unconfined',`
+ gen_require(`
+ attribute sepgsql_unconfined_type;
+ ')
+
+ typeattribute $1 sepgsql_unconfined_type;
+')
diff -rpNU3 base/src/backend/security/sepgsql/policy/sepostgresql.te sepgsql/src/backend/security/sepgsql/policy/sepostgresql.te
--- base/src/backend/security/sepgsql/policy/sepostgresql.te 1970-01-01 09:00:00.000000000 +0900
+++ sepgsql/src/backend/security/sepgsql/policy/sepostgresql.te 2008-07-11 14:10:51.000000000 +0900
@@ -0,0 +1,308 @@
+policy_module(sepostgresql, 3.11)
+
+gen_require(`
+ class db_database all_db_database_perms;
+ class db_table all_db_table_perms;
+ class db_procedure all_db_procedure_perms;
+ class db_column all_db_column_perms;
+ class db_tuple all_db_tuple_perms;
+ class db_blob all_db_blob_perms;
+
+ attribute domain, home_type;
+ type postgresql_t, unlabeled_t;
+
+ role system_r;
+')
+
+#################################
+#
+# SE-PostgreSQL Declarations
+#
+
+## <desc>
+## <p>
+## Allow to generate auditallow logs
+## </p>
+## </desc>
+gen_tunable(sepgsql_enable_auditallow, false)
+
+## <desc>
+## <p>
+## Allow to generate auditdeny logs
+## </p>
+## </desc>
+gen_tunable(sepgsql_enable_auditdeny, true)
+
+## <desc>
+## <p>
+## Allow unprivileged users to execute DDL statement
+## </p>
+## </desc>
+gen_tunable(sepgsql_enable_users_ddl, true)
+
+## <desc>
+## <p>
+## Allow widespread permissions for regression test
+## Don't set TRUE on operation phase
+## </p>
+## </desc>
+gen_tunable(sepgsql_regression_test_mode, false)
+
+# database clients attribute
+attribute sepgsql_client_type;
+attribute sepgsql_unconfined_type;
+
+# database objects attribute
+attribute sepgsql_database_type;
+attribute sepgsql_table_type;
+attribute sepgsql_sysobj_table_type;
+attribute sepgsql_procedure_type;
+attribute sepgsql_blob_type;
+attribute sepgsql_module_type;
+
+# database object types
+type sepgsql_blob_t;
+sepostgresql_blob_object(sepgsql_blob_t)
+
+type sepgsql_db_t;
+sepostgresql_database_object(sepgsql_db_t)
+
+type sepgsql_fixed_table_t;
+sepostgresql_table_object(sepgsql_fixed_table_t)
+
+type sepgsql_proc_t;
+sepostgresql_procedure_object(sepgsql_proc_t)
+
+type sepgsql_ro_blob_t;
+sepostgresql_blob_object(sepgsql_ro_blob_t)
+
+type sepgsql_ro_table_t;
+sepostgresql_table_object(sepgsql_ro_table_t)
+
+type sepgsql_secret_blob_t;
+sepostgresql_blob_object(sepgsql_secret_blob_t)
+
+type sepgsql_secret_table_t;
+sepostgresql_table_object(sepgsql_secret_table_t)
+
+type sepgsql_sysobj_t;
+sepostgresql_system_table_object(sepgsql_sysobj_t)
+
+type sepgsql_table_t;
+sepostgresql_table_object(sepgsql_table_t)
+
+type sepgsql_trusted_proc_exec_t;
+sepostgresql_procedure_object(sepgsql_trusted_proc_exec_t)
+
+# Trusted Procedure Domain
+type sepgsql_trusted_proc_t;
+domain_type(sepgsql_trusted_proc_t)
+sepostgresql_unconfined(sepgsql_trusted_proc_t)
+role system_r types sepgsql_trusted_proc_t;
+
+########################################
+#
+# SE-PostgreSQL Local Policy
+#
+allow postgresql_t self:netlink_selinux_socket create_socket_perms;
+selinux_get_enforce_mode(postgresql_t)
+selinux_validate_context(postgresql_t)
+selinux_compute_access_vector(postgresql_t)
+selinux_compute_create_context(postgresql_t)
+selinux_compute_relabel_context(postgresql_t)
+seutil_libselinux_linked(postgresql_t)
+
+allow postgresql_t sepgsql_database_type:db_database *;
+type_transition postgresql_t postgresql_t:db_database sepgsql_db_t;
+
+allow postgresql_t sepgsql_module_type:db_database install_module;
+allow postgresql_t sepgsql_table_type:{ db_table db_column db_tuple } *;
+allow postgresql_t sepgsql_procedure_type:db_procedure *;
+allow postgresql_t sepgsql_blob_type:db_blob *;
+
+# server specific type transitions
+type_transition postgresql_t sepgsql_database_type:db_table sepgsql_sysobj_t;
+type_transition postgresql_t sepgsql_database_type:db_procedure sepgsql_proc_t;
+type_transition postgresql_t sepgsql_database_type:db_blob sepgsql_blob_t;
+
+# Database/Loadable module
+allow sepgsql_database_type sepgsql_module_type:db_database load_module;
+
+########################################
+#
+# Rules common to all clients
+#
+
+# Client domain constraint
+allow sepgsql_client_type sepgsql_db_t:db_database { getattr access get_param set_param };
+type_transition sepgsql_client_type sepgsql_client_type:db_database sepgsql_db_t;
+
+allow sepgsql_client_type sepgsql_fixed_table_t:db_table { getattr use select insert };
+allow sepgsql_client_type sepgsql_fixed_table_t:db_column { getattr use select insert };
+allow sepgsql_client_type sepgsql_fixed_table_t:db_tuple { use select insert };
+
+allow sepgsql_client_type sepgsql_table_t:db_table { getattr use select update insert delete };
+allow sepgsql_client_type sepgsql_table_t:db_column { getattr use select update insert };
+allow sepgsql_client_type sepgsql_table_t:db_tuple { use select update insert delete };
+
+allow sepgsql_client_type sepgsql_ro_table_t:db_table { getattr use select };
+allow sepgsql_client_type sepgsql_ro_table_t:db_column { getattr use select };
+allow sepgsql_client_type sepgsql_ro_table_t:db_tuple { use select };
+
+allow sepgsql_client_type sepgsql_secret_table_t:db_table getattr;
+allow sepgsql_client_type sepgsql_secret_table_t:db_column getattr;
+
+allow sepgsql_client_type sepgsql_sysobj_t:db_table { getattr use select };
+allow sepgsql_client_type sepgsql_sysobj_t:db_column { getattr use select };
+allow sepgsql_client_type sepgsql_sysobj_t:db_tuple { use select };
+
+allow sepgsql_client_type sepgsql_proc_t:db_procedure { getattr execute };
+allow sepgsql_client_type sepgsql_trusted_proc_t:db_procedure { getattr execute entrypoint };
+
+allow sepgsql_client_type sepgsql_blob_t:db_blob { create drop getattr setattr read write };
+allow sepgsql_client_type sepgsql_ro_blob_t:db_blob { getattr read };
+allow sepgsql_client_type sepgsql_secret_blob_t:db_blob getattr;
+
+tunable_policy(`sepgsql_enable_users_ddl',`
+ allow sepgsql_client_type sepgsql_table_t:db_table { create drop setattr };
+ allow sepgsql_client_type sepgsql_table_t:db_column { create drop setattr };
+ allow sepgsql_client_type sepgsql_sysobj_t:db_tuple { update insert delete };
+')
+
+########################################
+#
+# Unconfined access to this module
+#
+
+allow sepgsql_unconfined_type sepgsql_database_type:db_database *;
+allow sepgsql_unconfined_type sepgsql_table_type:{ db_table db_column db_tuple } *;
+allow sepgsql_unconfined_type sepgsql_blob_type:db_blob *;
+allow sepgsql_unconfined_type { sepgsql_proc_t sepgsql_trusted_proc_t }:db_procedure *;
+allow sepgsql_unconfined_type sepgsql_procedure_type:db_procedure { create drop getattr setattr relabelfrom relabelto };
+allow sepgsql_unconfined_type sepgsql_module_type:db_database install_module;
+
+type_transition sepgsql_unconfined_type sepgsql_unconfined_type:db_database sepgsql_db_t;
+type_transition sepgsql_unconfined_type sepgsql_database_type:db_table sepgsql_table_t;
+type_transition sepgsql_unconfined_type sepgsql_database_type:db_procedure sepgsql_proc_t;
+type_transition sepgsql_unconfined_type sepgsql_database_type:db_blob sepgsql_blob_t;
+
+
+########################################
+#
+# Allow permission to external domains
+#
+
+# relabelfrom for invalid security context
+allow sepgsql_unconfined_type unlabeled_t:db_database { setattr relabelfrom };
+allow sepgsql_unconfined_type unlabeled_t:db_table { setattr relabelfrom };
+allow sepgsql_unconfined_type unlabeled_t:db_procedure { setattr relabelfrom };
+allow sepgsql_unconfined_type unlabeled_t:db_column { setattr relabelfrom };
+allow sepgsql_unconfined_type unlabeled_t:db_tuple { update relabelfrom };
+allow sepgsql_unconfined_type unlabeled_t:db_blob { setattr relabelfrom };
+
+# administrative client domain
+optional_policy(`
+ gen_require(`
+ type unconfined_t;
+ ')
+ sepostgresql_unconfined(unconfined_t)
+')
+
+optional_policy(`
+ gen_require(`
+ type sysadm_t;
+ ')
+ sepostgresql_unconfined(sysadm_t)
+')
+
+# unprivilleged client domain
+optional_policy(`
+ gen_require(`
+ type user_t;
+ role user_r;
+ ')
+ sepostgresql_userdom_template(user,user_t,user_r)
+')
+
+optional_policy(`
+ gen_require(`
+ type staff_t;
+ role staff_r;
+ ')
+ sepostgresql_userdom_template(staff,staff_t,staff_r)
+')
+
+optional_policy(`
+ gen_require(`
+ type guest_t;
+ role guest_r;
+ ')
+ sepostgresql_userdom_template(guest,guest_t,guest_r)
+')
+
+optional_policy(`
+ gen_require(`
+ type xguest_t;
+ role xguest_r;
+ ')
+ sepostgresql_userdom_template(xguest,xguest_t,xguest_r)
+')
+
+optional_policy(`
+ gen_require(`
+ type httpd_t;
+ ')
+ sepostgresql_unpriv_client(httpd_t)
+')
+
+optional_policy(`
+ gen_require(`
+ type httpd_sys_script_t;
+ ')
+ sepostgresql_unpriv_client(httpd_sys_script_t)
+')
+
+# SE-PostgreSQL loadable modules
+optional_policy(`
+ gen_require(`
+ type lib_t, textrel_shlib_t;
+ ')
+ sepostgresql_loadable_module(lib_t)
+ sepostgresql_loadable_module(textrel_shlib_t)
+')
+
+########################################
+#
+# SE-PostgreSQL audit switch for debugging
+#
+tunable_policy(`sepgsql_enable_auditallow',`
+ auditallow domain sepgsql_database_type : db_database *;
+ auditallow domain sepgsql_table_type : db_table *;
+ auditallow domain sepgsql_table_type : db_column *;
+ auditallow domain sepgsql_procedure_type : db_procedure *;
+ auditallow domain sepgsql_blob_type : db_blob *;
+ auditallow domain sepgsql_module_type : db_database { install_module };
+ auditallow sepgsql_database_type sepgsql_module_type : db_database { load_module };
+')
+
+tunable_policy(`! sepgsql_enable_auditdeny',`
+ dontaudit domain sepgsql_database_type : db_database *;
+ dontaudit domain sepgsql_table_type : db_table *;
+ dontaudit domain sepgsql_table_type : db_column *;
+ dontaudit domain sepgsql_procedure_type : db_procedure *;
+ dontaudit domain sepgsql_blob_type : db_blob *;
+ dontaudit domain sepgsql_module_type : db_database { install_module };
+ dontaudit sepgsql_database_type sepgsql_module_type : db_database { load_module };
+')
+
+dontaudit domain { sepgsql_table_type - sepgsql_sysobj_table_type } : db_tuple { use select update insert delete };
+
+########################################
+#
+# SE-PostgreSQL regression test mode switch
+#
+tunable_policy(`sepgsql_regression_test_mode',`
+ allow sepgsql_client_type home_type : db_database { install_module };
+ allow sepgsql_unconfined_type home_type : db_database { install_module };
+ allow sepgsql_database_type home_type : db_database { load_module };
+')
Index: sepostgresql.spec
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/F-9/sepostgresql.spec,v
retrieving revision 1.23
retrieving revision 1.24
diff -u -r1.23 -r1.24
--- sepostgresql.spec 11 Jul 2008 06:58:32 -0000 1.23
+++ sepostgresql.spec 11 Jul 2008 07:03:31 -0000 1.24
@@ -24,7 +24,7 @@
Summary: Security Enhanced PostgreSQL
Name: sepostgresql
Version: 8.3.3
-Release: 2.948%{?sepgsql_extension}%{?dist}
+Release: 2.949%{?sepgsql_extension}%{?dist}
License: BSD
Group: Applications/Databases
Url: http://code.google.com/p/sepgsql/
@@ -218,7 +218,7 @@
%attr(700,sepgsql,sepgsql) %dir %{_localstatedir}/lib/sepgsql/backups
%changelog
-* Fri Jul 11 2008 <kaigai at kaigai.gr.jp> - 8.3.3-2.948
+* Fri Jul 11 2008 <kaigai at kaigai.gr.jp> - 8.3.3-2.949
- Add OpenSSL support
- backport 8.4devel fixes
More information about the fedora-extras-commits
mailing list