rpms/sepostgresql/devel sepostgresql-8.4.patch, NONE, 1.1 .cvsignore, 1.14, 1.15 sepostgresql.init, 1.34, 1.35 sepostgresql.spec, 1.38, 1.39 sources, 1.11, 1.12 sepostgresql-core-8.3.patch, 1.3, NONE sepostgresql-test-8.3.patch, 1.2, NONE sepostgresql-utils-8.3.patch, 1.1, NONE

[KaiGai Kohei]

Author: kaigai

Update of /cvs/pkgs/rpms/sepostgresql/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv25126

Modified Files:
	.cvsignore sepostgresql.init sepostgresql.spec sources 
Added Files:
	sepostgresql-8.4.patch 
Removed Files:
	sepostgresql-core-8.3.patch sepostgresql-test-8.3.patch 
	sepostgresql-utils-8.3.patch 
Log Message:
update SE-PostgreSQL to the v8.4.x series


sepostgresql-8.4.patch:
 configure                                                          |  113 
 configure.in                                                       |   13 
 src/Makefile.global.in                                             |    1 
 src/backend/Makefile                                               |    7 
 src/backend/access/common/heaptuple.c                              |   15 
 src/backend/access/common/tupdesc.c                                |    6 
 src/backend/access/heap/heapam.c                                   |   12 
 src/backend/access/heap/tuptoaster.c                               |   12 
 src/backend/access/transam/xact.c                                  |   15 
 src/backend/bootstrap/bootparse.y                                  |    9 
 src/backend/bootstrap/bootstrap.c                                  |    8 
 src/backend/catalog/Makefile                                       |    4 
 src/backend/catalog/aclchk.c                                       |   22 
 src/backend/catalog/catalog.c                                      |    6 
 src/backend/catalog/dependency.c                                   |   35 
 src/backend/catalog/heap.c                                         |   83 
 src/backend/catalog/index.c                                        |   26 
 src/backend/catalog/namespace.c                                    |   20 
 src/backend/catalog/pg_aggregate.c                                 |    3 
 src/backend/catalog/pg_largeobject.c                               |    7 
 src/backend/catalog/pg_namespace.c                                 |    4 
 src/backend/catalog/pg_proc.c                                      |   30 
 src/backend/catalog/pg_security.c                                  |  680 +++++
 src/backend/catalog/toasting.c                                     |    9 
 src/backend/commands/aggregatecmds.c                               |    4 
 src/backend/commands/alter.c                                       |   33 
 src/backend/commands/cluster.c                                     |   11 
 src/backend/commands/conversioncmds.c                              |    4 
 src/backend/commands/copy.c                                        |  252 !!
 src/backend/commands/dbcommands.c                                  |   95 
 src/backend/commands/foreigncmds.c                                 |    7 
 src/backend/commands/functioncmds.c                                |   88 
 src/backend/commands/lockcmds.c                                    |    4 
 src/backend/commands/proclang.c                                    |   15 
 src/backend/commands/schemacmds.c                                  |   60 
 src/backend/commands/sequence.c                                    |   16 
 src/backend/commands/tablecmds.c                                   |  192 +
 src/backend/commands/trigger.c                                     |    4 
 src/backend/commands/tsearchcmds.c                                 |    7 
 src/backend/commands/typecmds.c                                    |    9 
 src/backend/executor/execJunk.c                                    |    5 
 src/backend/executor/execMain.c                                    |  141 +
 src/backend/executor/execScan.c                                    |   24 
 src/backend/executor/execTuples.c                                  |   14 
 src/backend/executor/execUtils.c                                   |    6 
 src/backend/executor/functions.c                                   |    6 
 src/backend/executor/nodeSubplan.c                                 |    4 
 src/backend/executor/spi.c                                         |    2 
 src/backend/libpq/be-fsstubs.c                                     |   67 
 src/backend/nodes/copyfuncs.c                                      |   22 
 src/backend/nodes/equalfuncs.c                                     |   19 
 src/backend/nodes/outfuncs.c                                       |    4 
 src/backend/optimizer/plan/createplan.c                            |    3 
 src/backend/optimizer/util/clauses.c                               |    3 
 src/backend/optimizer/util/relnode.c                               |    2 
 src/backend/parser/analyze.c                                       |   46 
 src/backend/parser/gram.y                                          |  105 
 src/backend/parser/parse_target.c                                  |   63 
 src/backend/postmaster/autovacuum.c                                |    2 
 src/backend/postmaster/postmaster.c                                |   43 
 src/backend/security/Makefile                                      |   13 
 src/backend/security/rowlevel.c                                    |  121 +
 src/backend/security/sepgsql/Makefile                              |   16 
 src/backend/security/sepgsql/avc.c                                 |  889 +++++++
 src/backend/security/sepgsql/checker.c                             |  420 +++
 src/backend/security/sepgsql/dummy.c                               |   79 
 src/backend/security/sepgsql/hooks.c                               | 1170 ++++++++++
 src/backend/security/sepgsql/label.c                               |  685 +++++
 src/backend/security/sepgsql/misc.c                                |  304 ++
 src/backend/security/sepgsql/perms.c                               |  463 +++
 src/backend/security/sepgsql/policy/Makefile                       |   28 
 src/backend/security/sepgsql/policy/sepostgresql-devel.fc.template |   12 
 src/backend/security/sepgsql/policy/sepostgresql-devel.te          |  119 +
 src/backend/storage/file/fd.c                                      |    7 
 src/backend/storage/ipc/ipci.c                                     |    2 
 src/backend/storage/large_object/inv_api.c                         |  118 !
 src/backend/tcop/pquery.c                                          |    2 
 src/backend/tcop/utility.c                                         |   36 
 src/backend/utils/adt/genfile.c                                    |    4 
 src/backend/utils/adt/ri_triggers.c                                |   18 
 src/backend/utils/adt/trigfuncs.c                                  |    4 
 src/backend/utils/cache/plancache.c                                |    9 
 src/backend/utils/cache/relcache.c                                 |   22 
 src/backend/utils/cache/syscache.c                                 |   25 
 src/backend/utils/fmgr/dfmgr.c                                     |    7 
 src/backend/utils/fmgr/fmgr.c                                      |    2 
 src/backend/utils/init/postinit.c                                  |   11 
 src/backend/utils/misc/guc.c                                       |   27 
 src/backend/utils/misc/postgresql.conf.sample                      |    4 
 src/backend/utils/misc/superuser.c                                 |   15 
 src/bin/initdb/initdb.c                                            |   13 
 src/bin/pg_dump/pg_dump.c                                          |  161 !
 src/bin/pg_dump/pg_dump.h                                          |    2 
 src/bin/pg_dump/pg_dumpall.c                                       |   72 
 src/include/access/htup.h                                          |   32 
 src/include/access/sysattr.h                                       |   14 
 src/include/access/tupdesc.h                                       |    1 
 src/include/catalog/dependency.h                                   |    3 
 src/include/catalog/heap.h                                         |   11 
 src/include/catalog/indexing.h                                     |    5 
 src/include/catalog/pg_attribute.h                                 |    4 
 src/include/catalog/pg_namespace.h                                 |    2 
 src/include/catalog/pg_proc.h                                      |   21 
 src/include/catalog/pg_proc_fn.h                                   |    3 
 src/include/catalog/pg_security.h                                  |  104 
 src/include/catalog/toasting.h                                     |    3 
 src/include/commands/alter.h                                       |    1 
 src/include/commands/dbcommands.h                                  |    1 
 src/include/commands/defrem.h                                      |    1 
 src/include/commands/schemacmds.h                                  |    1 
 src/include/commands/tablecmds.h                                   |    3 
 src/include/executor/executor.h                                    |    7 
 src/include/executor/tuptable.h                                    |    1 
 src/include/libpq/be-fsstubs.h                                     |    3 
 src/include/nodes/nodes.h                                          |    1 
 src/include/nodes/parsenodes.h                                     |   18 
 src/include/nodes/plannodes.h                                      |    7 
 src/include/nodes/relation.h                                       |    9 
 src/include/pg_config.h.in                                         |    3 
 src/include/security/rowlevel.h                                    |   44 
 src/include/security/sepgsql.h                                     |  514 ++++
 src/include/storage/fd.h                                           |    1 
 src/include/storage/large_object.h                                 |    3 
 src/include/storage/lwlock.h                                       |    1 
 src/include/utils/errcodes.h                                       |    5 
 src/include/utils/syscache.h                                       |    2 
 src/test/regress/expected/sanity_check.out                         |    3 
 127 files changed, 7638 insertions(+), 1 deletion(-), 595 modifications(!)

--- NEW FILE sepostgresql-8.4.patch ---
diff -Nrpc base/configure sepgsql/configure
*** base/configure	Tue Jun 30 01:26:47 2009
--- sepgsql/configure	Wed Jul 15 21:17:18 2009
*************** with_libxml
*** 710,715 ****
--- 710,716 ----
  with_libxslt
  with_system_tzdata
  with_zlib
+ enable_selinux
  GREP
  EGREP
  ELF_SYS
*************** Optional Features:
*** 1378,1383 ****
--- 1379,1385 ----
    --enable-thread-safety  make client libraries thread-safe
    --enable-thread-safety-force
                            force thread-safety despite thread test failure
+   --enable-selinux        enable to build with SELinux support
    --disable-float4-byval  disable float4 passed by value
    --disable-float8-byval  disable float8 passed by value
    --disable-largefile     omit support for large files
*************** fi
*** 5532,5537 ****
--- 5534,5645 ----
  
  
  #
+ # SELinux support
+ #
+ 
+ pgac_args="$pgac_args enable_selinux"
+ 
+ # Check whether --enable-selinux was given.
+ if test "${enable_selinux+set}" = set; then
+   enableval=$enable_selinux;
+   case $enableval in
+     yes)
+       :
+       ;;
+     no)
+       :
+       ;;
+     *)
+       { { echo "$as_me:$LINENO: error: no argument expected for --enable-selinux option" >&5
+ echo "$as_me: error: no argument expected for --enable-selinux option" >&2;}
+    { (exit 1); exit 1; }; }
+       ;;
+   esac
+ 
+ else
+   enable_selinux=no
+ 
+ fi
+ 
+ 
+ if test "$enable_selinux" = yes; then
+     { echo "$as_me:$LINENO: checking for avc_netlink_loop in -lselinux" >&5
+ echo $ECHO_N "checking for avc_netlink_loop in -lselinux... $ECHO_C" >&6; }
+ if test "${ac_cv_lib_selinux_avc_netlink_loop+set}" = set; then
+   echo $ECHO_N "(cached) $ECHO_C" >&6
+ else
+   ac_check_lib_save_LIBS=$LIBS
+ LIBS="-lselinux  $LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h.  */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h.  */
+ 
+ /* Override any GCC internal prototype to avoid an error.
+    Use char because int might match the return type of a GCC
+    builtin and then its argument prototype would still apply.  */
+ #ifdef __cplusplus
+ extern "C"
+ #endif
+ char avc_netlink_loop ();
+ int
+ main ()
+ {
+ return avc_netlink_loop ();
+   ;
+   return 0;
+ }
+ _ACEOF
+ rm -f conftest.$ac_objext conftest$ac_exeext
+ if { (ac_try="$ac_link"
+ case "(($ac_try" in
+   *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+   *) ac_try_echo=$ac_try;;
+ esac
+ eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+   (eval "$ac_link") 2>conftest.er1
+   ac_status=$?
+   grep -v '^ *+' conftest.er1 >conftest.err
+   rm -f conftest.er1
+   cat conftest.err >&5
+   echo "$as_me:$LINENO: \$? = $ac_status" >&5
+   (exit $ac_status); } && {
+ 	 test -z "$ac_c_werror_flag" ||
+ 	 test ! -s conftest.err
+        } && test -s conftest$ac_exeext &&
+        $as_test_x conftest$ac_exeext; then
+   ac_cv_lib_selinux_avc_netlink_loop=yes
+ else
+   echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+ 
+ 	ac_cv_lib_selinux_avc_netlink_loop=no
+ fi
+ 
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+       conftest$ac_exeext conftest.$ac_ext
+ LIBS=$ac_check_lib_save_LIBS
+ fi
+ { echo "$as_me:$LINENO: result: $ac_cv_lib_selinux_avc_netlink_loop" >&5
+ echo "${ECHO_T}$ac_cv_lib_selinux_avc_netlink_loop" >&6; }
+ if test $ac_cv_lib_selinux_avc_netlink_loop = yes; then
+ 
+ cat >>confdefs.h <<_ACEOF
+ #define HAVE_SELINUX 1
+ _ACEOF
+ 
+ 
+ else
+   { { echo "$as_me:$LINENO: error: \"--enable-selinux requires libselinux.\"" >&5
+ echo "$as_me: error: \"--enable-selinux requires libselinux.\"" >&2;}
+    { (exit 1); exit 1; }; }
+ fi
+ 
+ fi
+ 
+ #
  # Elf
  #
  
*************** with_libxml!$with_libxml$ac_delim
*** 28137,28147 ****
  with_libxslt!$with_libxslt$ac_delim
  with_system_tzdata!$with_system_tzdata$ac_delim
  with_zlib!$with_zlib$ac_delim
  GREP!$GREP$ac_delim
  EGREP!$EGREP$ac_delim
  ELF_SYS!$ELF_SYS$ac_delim
  LDFLAGS_SL!$LDFLAGS_SL$ac_delim
- LD!$LD$ac_delim
  _ACEOF
  
    if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then
--- 28245,28255 ----
  with_libxslt!$with_libxslt$ac_delim
  with_system_tzdata!$with_system_tzdata$ac_delim
  with_zlib!$with_zlib$ac_delim
+ enable_selinux!$enable_selinux$ac_delim
  GREP!$GREP$ac_delim
  EGREP!$EGREP$ac_delim
  ELF_SYS!$ELF_SYS$ac_delim
  LDFLAGS_SL!$LDFLAGS_SL$ac_delim
  _ACEOF
  
    if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then
*************** _ACEOF
*** 28183,28188 ****
--- 28291,28297 ----
  ac_delim='%!_!# '
  for ac_last_try in false false false false false :; do
    cat >conf$$subs.sed <<_ACEOF
+ LD!$LD$ac_delim
  with_gnu_ld!$with_gnu_ld$ac_delim
  ld_R_works!$ld_R_works$ac_delim
  RANLIB!$RANLIB$ac_delim
*************** vpath_build!$vpath_build$ac_delim
*** 28245,28251 ****
  LTLIBOBJS!$LTLIBOBJS$ac_delim
  _ACEOF
  
!   if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 60; then
      break
    elif $ac_last_try; then
      { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
--- 28354,28360 ----
  LTLIBOBJS!$LTLIBOBJS$ac_delim
  _ACEOF
  
!   if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 61; then
      break
    elif $ac_last_try; then
      { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
diff -Nrpc base/configure.in sepgsql/configure.in
*** base/configure.in	Tue Jun 30 01:26:47 2009
--- sepgsql/configure.in	Wed Jul 15 19:35:52 2009
*************** PGAC_ARG_BOOL(with, zlib, yes,
*** 764,769 ****
--- 764,782 ----
  AC_SUBST(with_zlib)
  
  #
[...13978 lines suppressed...]
+ #define sepgsqlExecScan(a,b,c)					(true)
+ #define sepgsqlSetupTuplePerms(a)				(0)
+ #define sepgsqlHeapTupleInsert(a,b,c)			do {} while(0)
+ #define sepgsqlHeapTupleUpdate(a,b,c)			do {} while(0)
+ 
+ /* core.c */
+ #define sepgsqlIsEnabled()						(false)
+ #define sepgsqlInitialize()						do {} while(0)
+ 
+ /* hooks.c */
+ #define sepgsqlCheckDatabaseCreate(a,b)			(InvalidOid)
+ #define sepgsqlCheckDatabaseDrop(a)				do {} while(0)
+ #define sepgsqlCheckDatabaseSetattr(a)			do {} while(0)
+ #define sepgsqlCheckDatabaseRelabel(a,b)		(InvalidOid)
+ #define sepgsqlCheckDatabaseAccess(a)			(true)
+ #define sepgsqlCheckDatabaseSuperuser()			(true)
+ #define sepgsqlCheckDatabaseInstallModule(a,b)	do {} while(0)
+ #define sepgsqlCheckDatabaseLoadModule(a)		do {} while(0)
+ 
+ #define sepgsqlCheckSchemaCreate(a,b,c)			(InvalidOid)
+ #define sepgsqlCheckSchemaDrop(a)				do {} while(0)
+ #define sepgsqlCheckSchemaSetattr(a)			do {} while(0)
+ #define sepgsqlCheckSchemaRelabel(a,b)			(InvalidOid)
+ #define sepgsqlCheckSchemaUsage(a)				(true)
+ 
+ #define sepgsqlCheckTableDrop(a)				do {} while(0)
+ #define sepgsqlCheckTableSetattr(a)				do {} while(0)
+ #define sepgsqlCheckTableRelabel(a,b)			(InvalidOid)
+ #define sepgsqlCheckTableLock(a)				do {} while(0)
+ #define sepgsqlCheckTableTruncate(a)			do {} while(0)
+ #define sepgsqlCheckTableReference(a,b,c)		do {} while(0)
+ 
+ #define sepgsqlCheckSequenceGetValue(a)			do {} while(0)
+ #define sepgsqlCheckSequenceNextValue(a)		do {} while(0)
+ #define sepgsqlCheckSequenceSetValue(a)			do {} while(0)
+ 
+ #define sepgsqlCheckColumnCreate(a,b,c)			(InvalidOid)
+ #define sepgsqlCheckColumnDrop(a,b)				do {} while(0)
+ #define sepgsqlCheckColumnSetattr(a,b)			do {} while(0)
+ #define sepgsqlCheckColumnRelabel(a,b,c)		(InvalidOid)
+ 
+ #define sepgsqlCheckProcedureCreate(a,b,c)		(InvalidOid)
+ #define sepgsqlCheckProcedureDrop(a)			do {} while(0)
+ #define sepgsqlCheckProcedureSetattr(a)			do {} while(0)
+ #define sepgsqlCheckProcedureRelabel(a,b)		(InvalidOid)
+ #define sepgsqlCheckProcedureExecute(a)			(true)
+ #define sepgsqlCheckProcedureEntrypoint(a,b)	do {} while(0)
+ #define sepgsqlCheckProcedureInstall(a)			do {} while(0)
+ 
+ #define sepgsqlCheckBlobCreate(a,b)				do {} while(0)
+ #define sepgsqlCheckBlobDrop(a,b)				do {} while(0)
+ #define sepgsqlCheckBlobRead(a)					do {} while(0)
+ #define sepgsqlCheckBlobWrite(a)				do {} while(0)
+ #define sepgsqlCheckBlobGetattr(a)				do {} while(0)
+ #define sepgsqlCheckBlobSetattr(a)				do {} while(0)
+ #define sepgsqlCheckBlobExport(a,b,c)			do {} while(0)
+ #define sepgsqlCheckBlobImport(a,b,c)			do {} while(0)
+ #define sepgsqlCheckBlobRelabel(a,b)			do {} while(0)
+ #define sepgsqlCheckFileRead(a,b)				do {} while(0)
+ #define sepgsqlCheckFileWrite(a,b)				do {} while(0)
+ 
+ #define sepgsqlCheckObjectDrop(a)				do {} while(0)
+ 
+ #define sepgsqlAllowFunctionInlined(a)			(true)
+ 
+ /* label.c */
+ #define sepgsqlTupleDescHasSecLabel(a,b)		(false)
+ #define sepgsqlSetDefaultSecLabel(a,b)			do {} while(0)
+ #define sepgsqlCreateTableColumns(a,b,c,d,e)	(NULL)
+ #define sepgsqlCopyTableColumns(a)				(NULL)
+ #define sepgsqlMetaSecurityLabel()				(NULL)
+ #define sepgsqlTransSecLabelIn(a)				(a)
+ #define sepgsqlTransSecLabelOut(a)				(a)
+ #define sepgsqlRawSecLabelIn(a)					(a)
+ #define sepgsqlRawSecLabelOut(a)				(a)
+ 
+ #endif	/* HAVE_SELINUX */
+ 
+ extern Datum sepgsql_getcon(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_server_getcon(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_get_user(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_get_role(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_get_type(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_get_range(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_set_user(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_set_role(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_set_type(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_set_range(PG_FUNCTION_ARGS);
+ 
+ #endif	/* SEPGSQL_H */
diff -Nrpc base/src/include/storage/fd.h sepgsql/src/include/storage/fd.h
*** base/src/include/storage/fd.h	Tue Jan 13 09:22:28 2009
--- sepgsql/src/include/storage/fd.h	Wed Jul 15 19:48:58 2009
*************** extern int	FileWrite(File file, char *bu
*** 68,73 ****
--- 68,74 ----
  extern int	FileSync(File file);
  extern off_t FileSeek(File file, off_t offset, int whence);
  extern int	FileTruncate(File file, off_t offset);
+ extern int	FileRawDescriptor(File file);
  
  /* Operations that allow use of regular stdio --- USE WITH CAUTION */
  extern FILE *AllocateFile(const char *name, const char *mode);
diff -Nrpc base/src/include/storage/large_object.h sepgsql/src/include/storage/large_object.h
*** base/src/include/storage/large_object.h	Sat Jan  3 12:25:21 2009
--- sepgsql/src/include/storage/large_object.h	Wed Jul 15 19:48:58 2009
*************** typedef struct LargeObjectDesc
*** 44,49 ****
--- 44,50 ----
  #define IFS_RDLOCK		(1 << 0)
  #define IFS_WRLOCK		(1 << 1)
  
+ 	Oid			secid;			/* security identifier of largeobject */
  } LargeObjectDesc;
  
  
*************** extern int	inv_tell(LargeObjectDesc *obj
*** 79,83 ****
--- 80,86 ----
  extern int	inv_read(LargeObjectDesc *obj_desc, char *buf, int nbytes);
  extern int	inv_write(LargeObjectDesc *obj_desc, const char *buf, int nbytes);
  extern void inv_truncate(LargeObjectDesc *obj_desc, int len);
+ extern Oid	inv_get_security(Oid loid);
+ extern void	inv_set_security(Oid loid, Oid secid);
  
  #endif   /* LARGE_OBJECT_H */
diff -Nrpc base/src/include/storage/lwlock.h sepgsql/src/include/storage/lwlock.h
*** base/src/include/storage/lwlock.h	Fri Mar  6 09:45:33 2009
--- sepgsql/src/include/storage/lwlock.h	Wed Jul 15 19:35:52 2009
*************** typedef enum LWLockId
*** 67,72 ****
--- 67,73 ----
  	AutovacuumLock,
  	AutovacuumScheduleLock,
  	SyncScanLock,
+ 	SepgsqlAvcLock,
  	/* Individual lock IDs end here */
  	FirstBufMappingLock,
  	FirstLockMgrLock = FirstBufMappingLock + NUM_BUFFER_PARTITIONS,
diff -Nrpc base/src/include/utils/errcodes.h sepgsql/src/include/utils/errcodes.h
*** base/src/include/utils/errcodes.h	Fri Mar  6 09:45:33 2009
--- sepgsql/src/include/utils/errcodes.h	Wed Jul 15 19:35:52 2009
***************
*** 347,352 ****
--- 347,357 ----
  #define ERRCODE_NO_DATA_FOUND				MAKE_SQLSTATE('P','0', '0','0','2')
  #define ERRCODE_TOO_MANY_ROWS				MAKE_SQLSTATE('P','0', '0','0','3')
  
+ /* Class SE - SE-PostgreSQL Error */
+ #define ERRCODE_SELINUX_ERROR				MAKE_SQLSTATE('S','E', '0','0','1')
+ #define ERRCODE_SELINUX_AUDIT				MAKE_SQLSTATE('S','E', '0','0','2')
+ #define ERRCODE_SELINUX_INFO				MAKE_SQLSTATE('S','E', '0','0','3')
+ 
  /* Class XX - Internal Error (PostgreSQL-specific error class) */
  /* (this is for "can't-happen" conditions and software bugs) */
  #define ERRCODE_INTERNAL_ERROR				MAKE_SQLSTATE('X','X', '0','0','0')
diff -Nrpc base/src/include/utils/syscache.h sepgsql/src/include/utils/syscache.h
*** base/src/include/utils/syscache.h	Sat Jan  3 12:25:21 2009
--- sepgsql/src/include/utils/syscache.h	Thu Jul 16 23:18:11 2009
*************** enum SysCacheIdentifier
*** 69,74 ****
--- 69,76 ----
  	RELNAMENSP,
  	RELOID,
  	RULERELNAME,
+ 	SECURITYATTR,
+ 	SECURITYSECID,
  	STATRELATT,
  	TSCONFIGMAP,
  	TSCONFIGNAMENSP,
diff -Nrpc base/src/test/regress/expected/sanity_check.out sepgsql/src/test/regress/expected/sanity_check.out
*** base/src/test/regress/expected/sanity_check.out	Tue Feb 10 10:10:02 2009
--- sepgsql/src/test/regress/expected/sanity_check.out	Thu Jul 16 23:18:11 2009
*************** SELECT relname, relhasindex
*** 112,117 ****
--- 112,118 ----
   pg_pltemplate           | t
   pg_proc                 | t
   pg_rewrite              | t
+  pg_security             | t
   pg_shdepend             | t
   pg_shdescription        | t
   pg_statistic            | t
*************** SELECT relname, relhasindex
*** 151,157 ****
   timetz_tbl              | f
   tinterval_tbl           | f
   varchar_tbl             | f
! (140 rows)
  
  --
  -- another sanity check: every system catalog that has OIDs should have
--- 152,158 ----
   timetz_tbl              | f
   tinterval_tbl           | f
   varchar_tbl             | f
! (141 rows)
  
  --
  -- another sanity check: every system catalog that has OIDs should have


Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/.cvsignore,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -p -r1.14 -r1.15
--- .cvsignore	27 Mar 2009 03:54:13 -0000	1.14
+++ .cvsignore	19 Aug 2009 12:00:29 -0000	1.15
@@ -1 +1 @@
-postgresql-8.3.7.tar.bz2
+postgresql-8.4.0.tar.bz2


Index: sepostgresql.init
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sepostgresql.init,v
retrieving revision 1.34
retrieving revision 1.35
diff -u -p -r1.34 -r1.35
--- sepostgresql.init	9 Jun 2009 07:29:38 -0000	1.34
+++ sepostgresql.init	19 Aug 2009 12:00:30 -0000	1.35
@@ -79,7 +79,7 @@ do_start() {
     test -x /sbin/restorecon && /sbin/restorecon ${SEPGSQL_LOG}
 
     cd ${SEPGSQL_BIN}
-    /sbin/runuser sepgsql -c "./sepg_ctl -l ${SEPGSQL_LOG} -D ${SEPGSQL_DATA} -o '${SEPGSQL_OPTS}' start" \
+    /sbin/runuser sepgsql -c "./sepg_ctl -w -t 10 -l ${SEPGSQL_LOG} -D ${SEPGSQL_DATA} -o '${SEPGSQL_OPTS}' start" \
         >> ${SEPGSQL_STARTUP_LOG} 2>&1 < /dev/null
     sleep 1
     PID=`/sbin/runuser sepgsql -c "./sepg_ctl -D ${SEPGSQL_DATA} status 2>/dev/null \
@@ -165,7 +165,7 @@ do_initdb() {
 	test -x /sbin/restorecon && /sbin/restorecon -R "${SEPGSQL_DATA}"
 	# Initialize the database
         cd ${SEPGSQL_BIN}
-	/sbin/runuser -- sepgsql -c "./initdb.sepgsql --enable-selinux -A 'ident sameuser' ${SEPGSQL_DATA}" \
+	/sbin/runuser -- sepgsql -c "./initdb.sepgsql --enable-selinux --pgdata='${SEPGSQL_DATA}' --auth='ident'" \
 	    >> "${SEPGSQL_STARTUP_LOG}" 2>&1 < /dev/null
 	if [ -f "${SEPGSQL_DATA}/PG_VERSION" ]; then
 	    echo_success


Index: sepostgresql.spec
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sepostgresql.spec,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -p -r1.38 -r1.39
--- sepostgresql.spec	27 Jul 2009 04:09:56 -0000	1.38
+++ sepostgresql.spec	19 Aug 2009 12:00:30 -0000	1.39
@@ -11,8 +11,8 @@
 
 Summary: Security Enhanced PostgreSQL
 Name: sepostgresql
-Version: 8.3.7
-Release: 1991%{?dist}
+Version: 8.4.0
+Release: 2237%{?dist}
 License: BSD
 Group: Applications/Databases
 Url: http://code.google.com/p/sepgsql/
@@ -21,13 +21,11 @@ Source0: ftp://ftp.postgresql.org/pub/so
 Source1: sepostgresql.init
 Source2: sepostgresql.8
 Source3: sepostgresql.logrotate
-Patch0: sepostgresql-core-8.3.patch
-Patch1: sepostgresql-utils-8.3.patch
-Patch2: sepostgresql-test-8.3.patch
-Patch3: sepostgresql-fedora-prefix.patch
+Patch0: sepostgresql-8.4.patch
+Patch1: sepostgresql-fedora-prefix.patch
 BuildRequires: perl glibc-devel bison flex readline-devel zlib-devel >= 1.0.4
 BuildRequires: checkpolicy libselinux-devel >= 2.0.80
-BuildRequires: selinux-policy >= 3.4.2
+BuildRequires: selinux-policy >= 3.6.8
 %if %{ssl}
 BuildRequires: openssl-devel
 %endif
@@ -36,8 +34,8 @@ Requires(post): policycoreutils /sbin/ch
 Requires(preun): /sbin/chkconfig /sbin/service
 Requires(postun): policycoreutils
 Requires: postgresql-server = %{version}
-Requires: policycoreutils >= 2.0.16 libselinux >= 2.0.43
-Requires: selinux-policy >= 3.4.2
+Requires: policycoreutils >= 2.0.16 libselinux >= 2.0.80
+Requires: selinux-policy >= 3.6.8
 Requires: tzdata logrotate
 
 %description
@@ -52,8 +50,6 @@ reference monitor to check any SQL query
 %setup -q -n postgresql-%{version}
 %patch0 -p1
 %patch1 -p1
-%patch2 -p1
-%patch3 -p1
 
 %build
 CFLAGS="${CFLAGS:-%optflags}" ; export CFLAGS
@@ -81,12 +77,9 @@ rm -rf %{buildroot}
 
 make DESTDIR=%{buildroot} install
 
-for store in %{selinux_policy_stores}
-do
-    install -d %{buildroot}%{_datadir}/selinux/${store}
-    install -p -m 644 src/backend/security/sepgsql/policy/sepostgresql-devel.pp.${store} \
-               %{buildroot}%{_datadir}/selinux/${store}/sepostgresql-devel.pp
-done
+install -d %{buildroot}%{_datadir}/selinux/packages
+install -p -m 644 src/backend/security/sepgsql/policy/sepostgresql-devel.pp \
+                  %{buildroot}%{_datadir}/selinux/packages
 
 # avoid to conflict with native postgresql package
 mv %{buildroot}%{_bindir}  %{buildroot}%{_bindir}.orig
@@ -142,7 +135,7 @@ do
     %{_sbindir}/semodule -s ${store} -r sepostgresql >& /dev/null || :
     if %{_sbindir}/semodule -s ${store} -l 2>/dev/null | grep -Eq "^sepostgresql-devel"; then
         %{_sbindir}/semodule -s ${store}    \
-            -i %{_datadir}/selinux/${store}/sepostgresql-devel.pp >& /dev/null || :
+            -i %{_datadir}/selinux/packages/sepostgresql-devel.pp >& /dev/null || :
     fi
 done
 
@@ -193,12 +186,15 @@ fi
 %{_datadir}/sepgsql/conversion_create.sql
 %{_datadir}/sepgsql/information_schema.sql
 %{_datadir}/sepgsql/sql_features.txt
-%attr(644,root,root) %{_datadir}/selinux/*/sepostgresql-devel.pp
+%attr(644,root,root) %{_datadir}/selinux/packages/sepostgresql-devel.pp
 %attr(700,sepgsql,sepgsql) %dir %{_localstatedir}/lib/sepgsql
 %attr(700,sepgsql,sepgsql) %dir %{_localstatedir}/lib/sepgsql/data
 %attr(700,sepgsql,sepgsql) %dir %{_localstatedir}/lib/sepgsql/backups
 
 %changelog
+* Wed Aug 19 2009 KaiGai Kohei <kaigai at kaigai.gr.jp> - 8.4.0-2237
+- Upgrade SE-PostgreSQL to 8.4.x series
+
 * Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 8.3.7-1991
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
 


Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sources,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -p -r1.11 -r1.12
--- sources	27 Mar 2009 03:54:13 -0000	1.11
+++ sources	19 Aug 2009 12:00:30 -0000	1.12
@@ -1 +1 @@
-7b7e91a2221e55fe1b167e663217a96d  postgresql-8.3.7.tar.bz2
+1f172d5f60326e972837f58fa5acd130  postgresql-8.4.0.tar.bz2


--- sepostgresql-core-8.3.patch DELETED ---


--- sepostgresql-test-8.3.patch DELETED ---


--- sepostgresql-utils-8.3.patch DELETED ---