rpms/sepostgresql/devel sepostgresql-8.4.patch, NONE, 1.1 .cvsignore, 1.14, 1.15 sepostgresql.init, 1.34, 1.35 sepostgresql.spec, 1.38, 1.39 sources, 1.11, 1.12 sepostgresql-core-8.3.patch, 1.3, NONE sepostgresql-test-8.3.patch, 1.2, NONE sepostgresql-utils-8.3.patch, 1.1, NONE
KaiGai Kohei
kaigai at fedoraproject.org
Wed Aug 19 12:00:31 UTC 2009
Author: kaigai
Update of /cvs/pkgs/rpms/sepostgresql/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv25126
Modified Files:
.cvsignore sepostgresql.init sepostgresql.spec sources
Added Files:
sepostgresql-8.4.patch
Removed Files:
sepostgresql-core-8.3.patch sepostgresql-test-8.3.patch
sepostgresql-utils-8.3.patch
Log Message:
update SE-PostgreSQL to the v8.4.x series
sepostgresql-8.4.patch:
configure | 113
configure.in | 13
src/Makefile.global.in | 1
src/backend/Makefile | 7
src/backend/access/common/heaptuple.c | 15
src/backend/access/common/tupdesc.c | 6
src/backend/access/heap/heapam.c | 12
src/backend/access/heap/tuptoaster.c | 12
src/backend/access/transam/xact.c | 15
src/backend/bootstrap/bootparse.y | 9
src/backend/bootstrap/bootstrap.c | 8
src/backend/catalog/Makefile | 4
src/backend/catalog/aclchk.c | 22
src/backend/catalog/catalog.c | 6
src/backend/catalog/dependency.c | 35
src/backend/catalog/heap.c | 83
src/backend/catalog/index.c | 26
src/backend/catalog/namespace.c | 20
src/backend/catalog/pg_aggregate.c | 3
src/backend/catalog/pg_largeobject.c | 7
src/backend/catalog/pg_namespace.c | 4
src/backend/catalog/pg_proc.c | 30
src/backend/catalog/pg_security.c | 680 +++++
src/backend/catalog/toasting.c | 9
src/backend/commands/aggregatecmds.c | 4
src/backend/commands/alter.c | 33
src/backend/commands/cluster.c | 11
src/backend/commands/conversioncmds.c | 4
src/backend/commands/copy.c | 252 !!
src/backend/commands/dbcommands.c | 95
src/backend/commands/foreigncmds.c | 7
src/backend/commands/functioncmds.c | 88
src/backend/commands/lockcmds.c | 4
src/backend/commands/proclang.c | 15
src/backend/commands/schemacmds.c | 60
src/backend/commands/sequence.c | 16
src/backend/commands/tablecmds.c | 192 +
src/backend/commands/trigger.c | 4
src/backend/commands/tsearchcmds.c | 7
src/backend/commands/typecmds.c | 9
src/backend/executor/execJunk.c | 5
src/backend/executor/execMain.c | 141 +
src/backend/executor/execScan.c | 24
src/backend/executor/execTuples.c | 14
src/backend/executor/execUtils.c | 6
src/backend/executor/functions.c | 6
src/backend/executor/nodeSubplan.c | 4
src/backend/executor/spi.c | 2
src/backend/libpq/be-fsstubs.c | 67
src/backend/nodes/copyfuncs.c | 22
src/backend/nodes/equalfuncs.c | 19
src/backend/nodes/outfuncs.c | 4
src/backend/optimizer/plan/createplan.c | 3
src/backend/optimizer/util/clauses.c | 3
src/backend/optimizer/util/relnode.c | 2
src/backend/parser/analyze.c | 46
src/backend/parser/gram.y | 105
src/backend/parser/parse_target.c | 63
src/backend/postmaster/autovacuum.c | 2
src/backend/postmaster/postmaster.c | 43
src/backend/security/Makefile | 13
src/backend/security/rowlevel.c | 121 +
src/backend/security/sepgsql/Makefile | 16
src/backend/security/sepgsql/avc.c | 889 +++++++
src/backend/security/sepgsql/checker.c | 420 +++
src/backend/security/sepgsql/dummy.c | 79
src/backend/security/sepgsql/hooks.c | 1170 ++++++++++
src/backend/security/sepgsql/label.c | 685 +++++
src/backend/security/sepgsql/misc.c | 304 ++
src/backend/security/sepgsql/perms.c | 463 +++
src/backend/security/sepgsql/policy/Makefile | 28
src/backend/security/sepgsql/policy/sepostgresql-devel.fc.template | 12
src/backend/security/sepgsql/policy/sepostgresql-devel.te | 119 +
src/backend/storage/file/fd.c | 7
src/backend/storage/ipc/ipci.c | 2
src/backend/storage/large_object/inv_api.c | 118 !
src/backend/tcop/pquery.c | 2
src/backend/tcop/utility.c | 36
src/backend/utils/adt/genfile.c | 4
src/backend/utils/adt/ri_triggers.c | 18
src/backend/utils/adt/trigfuncs.c | 4
src/backend/utils/cache/plancache.c | 9
src/backend/utils/cache/relcache.c | 22
src/backend/utils/cache/syscache.c | 25
src/backend/utils/fmgr/dfmgr.c | 7
src/backend/utils/fmgr/fmgr.c | 2
src/backend/utils/init/postinit.c | 11
src/backend/utils/misc/guc.c | 27
src/backend/utils/misc/postgresql.conf.sample | 4
src/backend/utils/misc/superuser.c | 15
src/bin/initdb/initdb.c | 13
src/bin/pg_dump/pg_dump.c | 161 !
src/bin/pg_dump/pg_dump.h | 2
src/bin/pg_dump/pg_dumpall.c | 72
src/include/access/htup.h | 32
src/include/access/sysattr.h | 14
src/include/access/tupdesc.h | 1
src/include/catalog/dependency.h | 3
src/include/catalog/heap.h | 11
src/include/catalog/indexing.h | 5
src/include/catalog/pg_attribute.h | 4
src/include/catalog/pg_namespace.h | 2
src/include/catalog/pg_proc.h | 21
src/include/catalog/pg_proc_fn.h | 3
src/include/catalog/pg_security.h | 104
src/include/catalog/toasting.h | 3
src/include/commands/alter.h | 1
src/include/commands/dbcommands.h | 1
src/include/commands/defrem.h | 1
src/include/commands/schemacmds.h | 1
src/include/commands/tablecmds.h | 3
src/include/executor/executor.h | 7
src/include/executor/tuptable.h | 1
src/include/libpq/be-fsstubs.h | 3
src/include/nodes/nodes.h | 1
src/include/nodes/parsenodes.h | 18
src/include/nodes/plannodes.h | 7
src/include/nodes/relation.h | 9
src/include/pg_config.h.in | 3
src/include/security/rowlevel.h | 44
src/include/security/sepgsql.h | 514 ++++
src/include/storage/fd.h | 1
src/include/storage/large_object.h | 3
src/include/storage/lwlock.h | 1
src/include/utils/errcodes.h | 5
src/include/utils/syscache.h | 2
src/test/regress/expected/sanity_check.out | 3
127 files changed, 7638 insertions(+), 1 deletion(-), 595 modifications(!)
--- NEW FILE sepostgresql-8.4.patch ---
diff -Nrpc base/configure sepgsql/configure
*** base/configure Tue Jun 30 01:26:47 2009
--- sepgsql/configure Wed Jul 15 21:17:18 2009
*************** with_libxml
*** 710,715 ****
--- 710,716 ----
with_libxslt
with_system_tzdata
with_zlib
+ enable_selinux
GREP
EGREP
ELF_SYS
*************** Optional Features:
*** 1378,1383 ****
--- 1379,1385 ----
--enable-thread-safety make client libraries thread-safe
--enable-thread-safety-force
force thread-safety despite thread test failure
+ --enable-selinux enable to build with SELinux support
--disable-float4-byval disable float4 passed by value
--disable-float8-byval disable float8 passed by value
--disable-largefile omit support for large files
*************** fi
*** 5532,5537 ****
--- 5534,5645 ----
#
+ # SELinux support
+ #
+
+ pgac_args="$pgac_args enable_selinux"
+
+ # Check whether --enable-selinux was given.
+ if test "${enable_selinux+set}" = set; then
+ enableval=$enable_selinux;
+ case $enableval in
+ yes)
+ :
+ ;;
+ no)
+ :
+ ;;
+ *)
+ { { echo "$as_me:$LINENO: error: no argument expected for --enable-selinux option" >&5
+ echo "$as_me: error: no argument expected for --enable-selinux option" >&2;}
+ { (exit 1); exit 1; }; }
+ ;;
+ esac
+
+ else
+ enable_selinux=no
+
+ fi
+
+
+ if test "$enable_selinux" = yes; then
+ { echo "$as_me:$LINENO: checking for avc_netlink_loop in -lselinux" >&5
+ echo $ECHO_N "checking for avc_netlink_loop in -lselinux... $ECHO_C" >&6; }
+ if test "${ac_cv_lib_selinux_avc_netlink_loop+set}" = set; then
+ echo $ECHO_N "(cached) $ECHO_C" >&6
+ else
+ ac_check_lib_save_LIBS=$LIBS
+ LIBS="-lselinux $LIBS"
+ cat >conftest.$ac_ext <<_ACEOF
+ /* confdefs.h. */
+ _ACEOF
+ cat confdefs.h >>conftest.$ac_ext
+ cat >>conftest.$ac_ext <<_ACEOF
+ /* end confdefs.h. */
+
+ /* Override any GCC internal prototype to avoid an error.
+ Use char because int might match the return type of a GCC
+ builtin and then its argument prototype would still apply. */
+ #ifdef __cplusplus
+ extern "C"
+ #endif
+ char avc_netlink_loop ();
+ int
+ main ()
+ {
+ return avc_netlink_loop ();
+ ;
+ return 0;
+ }
+ _ACEOF
+ rm -f conftest.$ac_objext conftest$ac_exeext
+ if { (ac_try="$ac_link"
+ case "(($ac_try" in
+ *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+ *) ac_try_echo=$ac_try;;
+ esac
+ eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5
+ (eval "$ac_link") 2>conftest.er1
+ ac_status=$?
+ grep -v '^ *+' conftest.er1 >conftest.err
+ rm -f conftest.er1
+ cat conftest.err >&5
+ echo "$as_me:$LINENO: \$? = $ac_status" >&5
+ (exit $ac_status); } && {
+ test -z "$ac_c_werror_flag" ||
+ test ! -s conftest.err
+ } && test -s conftest$ac_exeext &&
+ $as_test_x conftest$ac_exeext; then
+ ac_cv_lib_selinux_avc_netlink_loop=yes
+ else
+ echo "$as_me: failed program was:" >&5
+ sed 's/^/| /' conftest.$ac_ext >&5
+
+ ac_cv_lib_selinux_avc_netlink_loop=no
+ fi
+
+ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \
+ conftest$ac_exeext conftest.$ac_ext
+ LIBS=$ac_check_lib_save_LIBS
+ fi
+ { echo "$as_me:$LINENO: result: $ac_cv_lib_selinux_avc_netlink_loop" >&5
+ echo "${ECHO_T}$ac_cv_lib_selinux_avc_netlink_loop" >&6; }
+ if test $ac_cv_lib_selinux_avc_netlink_loop = yes; then
+
+ cat >>confdefs.h <<_ACEOF
+ #define HAVE_SELINUX 1
+ _ACEOF
+
+
+ else
+ { { echo "$as_me:$LINENO: error: \"--enable-selinux requires libselinux.\"" >&5
+ echo "$as_me: error: \"--enable-selinux requires libselinux.\"" >&2;}
+ { (exit 1); exit 1; }; }
+ fi
+
+ fi
+
+ #
# Elf
#
*************** with_libxml!$with_libxml$ac_delim
*** 28137,28147 ****
with_libxslt!$with_libxslt$ac_delim
with_system_tzdata!$with_system_tzdata$ac_delim
with_zlib!$with_zlib$ac_delim
GREP!$GREP$ac_delim
EGREP!$EGREP$ac_delim
ELF_SYS!$ELF_SYS$ac_delim
LDFLAGS_SL!$LDFLAGS_SL$ac_delim
- LD!$LD$ac_delim
_ACEOF
if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then
--- 28245,28255 ----
with_libxslt!$with_libxslt$ac_delim
with_system_tzdata!$with_system_tzdata$ac_delim
with_zlib!$with_zlib$ac_delim
+ enable_selinux!$enable_selinux$ac_delim
GREP!$GREP$ac_delim
EGREP!$EGREP$ac_delim
ELF_SYS!$ELF_SYS$ac_delim
LDFLAGS_SL!$LDFLAGS_SL$ac_delim
_ACEOF
if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then
*************** _ACEOF
*** 28183,28188 ****
--- 28291,28297 ----
ac_delim='%!_!# '
for ac_last_try in false false false false false :; do
cat >conf$$subs.sed <<_ACEOF
+ LD!$LD$ac_delim
with_gnu_ld!$with_gnu_ld$ac_delim
ld_R_works!$ld_R_works$ac_delim
RANLIB!$RANLIB$ac_delim
*************** vpath_build!$vpath_build$ac_delim
*** 28245,28251 ****
LTLIBOBJS!$LTLIBOBJS$ac_delim
_ACEOF
! if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 60; then
break
elif $ac_last_try; then
{ { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
--- 28354,28360 ----
LTLIBOBJS!$LTLIBOBJS$ac_delim
_ACEOF
! if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 61; then
break
elif $ac_last_try; then
{ { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5
diff -Nrpc base/configure.in sepgsql/configure.in
*** base/configure.in Tue Jun 30 01:26:47 2009
--- sepgsql/configure.in Wed Jul 15 19:35:52 2009
*************** PGAC_ARG_BOOL(with, zlib, yes,
*** 764,769 ****
--- 764,782 ----
AC_SUBST(with_zlib)
#
[...13978 lines suppressed...]
+ #define sepgsqlExecScan(a,b,c) (true)
+ #define sepgsqlSetupTuplePerms(a) (0)
+ #define sepgsqlHeapTupleInsert(a,b,c) do {} while(0)
+ #define sepgsqlHeapTupleUpdate(a,b,c) do {} while(0)
+
+ /* core.c */
+ #define sepgsqlIsEnabled() (false)
+ #define sepgsqlInitialize() do {} while(0)
+
+ /* hooks.c */
+ #define sepgsqlCheckDatabaseCreate(a,b) (InvalidOid)
+ #define sepgsqlCheckDatabaseDrop(a) do {} while(0)
+ #define sepgsqlCheckDatabaseSetattr(a) do {} while(0)
+ #define sepgsqlCheckDatabaseRelabel(a,b) (InvalidOid)
+ #define sepgsqlCheckDatabaseAccess(a) (true)
+ #define sepgsqlCheckDatabaseSuperuser() (true)
+ #define sepgsqlCheckDatabaseInstallModule(a,b) do {} while(0)
+ #define sepgsqlCheckDatabaseLoadModule(a) do {} while(0)
+
+ #define sepgsqlCheckSchemaCreate(a,b,c) (InvalidOid)
+ #define sepgsqlCheckSchemaDrop(a) do {} while(0)
+ #define sepgsqlCheckSchemaSetattr(a) do {} while(0)
+ #define sepgsqlCheckSchemaRelabel(a,b) (InvalidOid)
+ #define sepgsqlCheckSchemaUsage(a) (true)
+
+ #define sepgsqlCheckTableDrop(a) do {} while(0)
+ #define sepgsqlCheckTableSetattr(a) do {} while(0)
+ #define sepgsqlCheckTableRelabel(a,b) (InvalidOid)
+ #define sepgsqlCheckTableLock(a) do {} while(0)
+ #define sepgsqlCheckTableTruncate(a) do {} while(0)
+ #define sepgsqlCheckTableReference(a,b,c) do {} while(0)
+
+ #define sepgsqlCheckSequenceGetValue(a) do {} while(0)
+ #define sepgsqlCheckSequenceNextValue(a) do {} while(0)
+ #define sepgsqlCheckSequenceSetValue(a) do {} while(0)
+
+ #define sepgsqlCheckColumnCreate(a,b,c) (InvalidOid)
+ #define sepgsqlCheckColumnDrop(a,b) do {} while(0)
+ #define sepgsqlCheckColumnSetattr(a,b) do {} while(0)
+ #define sepgsqlCheckColumnRelabel(a,b,c) (InvalidOid)
+
+ #define sepgsqlCheckProcedureCreate(a,b,c) (InvalidOid)
+ #define sepgsqlCheckProcedureDrop(a) do {} while(0)
+ #define sepgsqlCheckProcedureSetattr(a) do {} while(0)
+ #define sepgsqlCheckProcedureRelabel(a,b) (InvalidOid)
+ #define sepgsqlCheckProcedureExecute(a) (true)
+ #define sepgsqlCheckProcedureEntrypoint(a,b) do {} while(0)
+ #define sepgsqlCheckProcedureInstall(a) do {} while(0)
+
+ #define sepgsqlCheckBlobCreate(a,b) do {} while(0)
+ #define sepgsqlCheckBlobDrop(a,b) do {} while(0)
+ #define sepgsqlCheckBlobRead(a) do {} while(0)
+ #define sepgsqlCheckBlobWrite(a) do {} while(0)
+ #define sepgsqlCheckBlobGetattr(a) do {} while(0)
+ #define sepgsqlCheckBlobSetattr(a) do {} while(0)
+ #define sepgsqlCheckBlobExport(a,b,c) do {} while(0)
+ #define sepgsqlCheckBlobImport(a,b,c) do {} while(0)
+ #define sepgsqlCheckBlobRelabel(a,b) do {} while(0)
+ #define sepgsqlCheckFileRead(a,b) do {} while(0)
+ #define sepgsqlCheckFileWrite(a,b) do {} while(0)
+
+ #define sepgsqlCheckObjectDrop(a) do {} while(0)
+
+ #define sepgsqlAllowFunctionInlined(a) (true)
+
+ /* label.c */
+ #define sepgsqlTupleDescHasSecLabel(a,b) (false)
+ #define sepgsqlSetDefaultSecLabel(a,b) do {} while(0)
+ #define sepgsqlCreateTableColumns(a,b,c,d,e) (NULL)
+ #define sepgsqlCopyTableColumns(a) (NULL)
+ #define sepgsqlMetaSecurityLabel() (NULL)
+ #define sepgsqlTransSecLabelIn(a) (a)
+ #define sepgsqlTransSecLabelOut(a) (a)
+ #define sepgsqlRawSecLabelIn(a) (a)
+ #define sepgsqlRawSecLabelOut(a) (a)
+
+ #endif /* HAVE_SELINUX */
+
+ extern Datum sepgsql_getcon(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_server_getcon(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_get_user(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_get_role(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_get_type(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_get_range(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_set_user(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_set_role(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_set_type(PG_FUNCTION_ARGS);
+ extern Datum sepgsql_set_range(PG_FUNCTION_ARGS);
+
+ #endif /* SEPGSQL_H */
diff -Nrpc base/src/include/storage/fd.h sepgsql/src/include/storage/fd.h
*** base/src/include/storage/fd.h Tue Jan 13 09:22:28 2009
--- sepgsql/src/include/storage/fd.h Wed Jul 15 19:48:58 2009
*************** extern int FileWrite(File file, char *bu
*** 68,73 ****
--- 68,74 ----
extern int FileSync(File file);
extern off_t FileSeek(File file, off_t offset, int whence);
extern int FileTruncate(File file, off_t offset);
+ extern int FileRawDescriptor(File file);
/* Operations that allow use of regular stdio --- USE WITH CAUTION */
extern FILE *AllocateFile(const char *name, const char *mode);
diff -Nrpc base/src/include/storage/large_object.h sepgsql/src/include/storage/large_object.h
*** base/src/include/storage/large_object.h Sat Jan 3 12:25:21 2009
--- sepgsql/src/include/storage/large_object.h Wed Jul 15 19:48:58 2009
*************** typedef struct LargeObjectDesc
*** 44,49 ****
--- 44,50 ----
#define IFS_RDLOCK (1 << 0)
#define IFS_WRLOCK (1 << 1)
+ Oid secid; /* security identifier of largeobject */
} LargeObjectDesc;
*************** extern int inv_tell(LargeObjectDesc *obj
*** 79,83 ****
--- 80,86 ----
extern int inv_read(LargeObjectDesc *obj_desc, char *buf, int nbytes);
extern int inv_write(LargeObjectDesc *obj_desc, const char *buf, int nbytes);
extern void inv_truncate(LargeObjectDesc *obj_desc, int len);
+ extern Oid inv_get_security(Oid loid);
+ extern void inv_set_security(Oid loid, Oid secid);
#endif /* LARGE_OBJECT_H */
diff -Nrpc base/src/include/storage/lwlock.h sepgsql/src/include/storage/lwlock.h
*** base/src/include/storage/lwlock.h Fri Mar 6 09:45:33 2009
--- sepgsql/src/include/storage/lwlock.h Wed Jul 15 19:35:52 2009
*************** typedef enum LWLockId
*** 67,72 ****
--- 67,73 ----
AutovacuumLock,
AutovacuumScheduleLock,
SyncScanLock,
+ SepgsqlAvcLock,
/* Individual lock IDs end here */
FirstBufMappingLock,
FirstLockMgrLock = FirstBufMappingLock + NUM_BUFFER_PARTITIONS,
diff -Nrpc base/src/include/utils/errcodes.h sepgsql/src/include/utils/errcodes.h
*** base/src/include/utils/errcodes.h Fri Mar 6 09:45:33 2009
--- sepgsql/src/include/utils/errcodes.h Wed Jul 15 19:35:52 2009
***************
*** 347,352 ****
--- 347,357 ----
#define ERRCODE_NO_DATA_FOUND MAKE_SQLSTATE('P','0', '0','0','2')
#define ERRCODE_TOO_MANY_ROWS MAKE_SQLSTATE('P','0', '0','0','3')
+ /* Class SE - SE-PostgreSQL Error */
+ #define ERRCODE_SELINUX_ERROR MAKE_SQLSTATE('S','E', '0','0','1')
+ #define ERRCODE_SELINUX_AUDIT MAKE_SQLSTATE('S','E', '0','0','2')
+ #define ERRCODE_SELINUX_INFO MAKE_SQLSTATE('S','E', '0','0','3')
+
/* Class XX - Internal Error (PostgreSQL-specific error class) */
/* (this is for "can't-happen" conditions and software bugs) */
#define ERRCODE_INTERNAL_ERROR MAKE_SQLSTATE('X','X', '0','0','0')
diff -Nrpc base/src/include/utils/syscache.h sepgsql/src/include/utils/syscache.h
*** base/src/include/utils/syscache.h Sat Jan 3 12:25:21 2009
--- sepgsql/src/include/utils/syscache.h Thu Jul 16 23:18:11 2009
*************** enum SysCacheIdentifier
*** 69,74 ****
--- 69,76 ----
RELNAMENSP,
RELOID,
RULERELNAME,
+ SECURITYATTR,
+ SECURITYSECID,
STATRELATT,
TSCONFIGMAP,
TSCONFIGNAMENSP,
diff -Nrpc base/src/test/regress/expected/sanity_check.out sepgsql/src/test/regress/expected/sanity_check.out
*** base/src/test/regress/expected/sanity_check.out Tue Feb 10 10:10:02 2009
--- sepgsql/src/test/regress/expected/sanity_check.out Thu Jul 16 23:18:11 2009
*************** SELECT relname, relhasindex
*** 112,117 ****
--- 112,118 ----
pg_pltemplate | t
pg_proc | t
pg_rewrite | t
+ pg_security | t
pg_shdepend | t
pg_shdescription | t
pg_statistic | t
*************** SELECT relname, relhasindex
*** 151,157 ****
timetz_tbl | f
tinterval_tbl | f
varchar_tbl | f
! (140 rows)
--
-- another sanity check: every system catalog that has OIDs should have
--- 152,158 ----
timetz_tbl | f
tinterval_tbl | f
varchar_tbl | f
! (141 rows)
--
-- another sanity check: every system catalog that has OIDs should have
Index: .cvsignore
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/.cvsignore,v
retrieving revision 1.14
retrieving revision 1.15
diff -u -p -r1.14 -r1.15
--- .cvsignore 27 Mar 2009 03:54:13 -0000 1.14
+++ .cvsignore 19 Aug 2009 12:00:29 -0000 1.15
@@ -1 +1 @@
-postgresql-8.3.7.tar.bz2
+postgresql-8.4.0.tar.bz2
Index: sepostgresql.init
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sepostgresql.init,v
retrieving revision 1.34
retrieving revision 1.35
diff -u -p -r1.34 -r1.35
--- sepostgresql.init 9 Jun 2009 07:29:38 -0000 1.34
+++ sepostgresql.init 19 Aug 2009 12:00:30 -0000 1.35
@@ -79,7 +79,7 @@ do_start() {
test -x /sbin/restorecon && /sbin/restorecon ${SEPGSQL_LOG}
cd ${SEPGSQL_BIN}
- /sbin/runuser sepgsql -c "./sepg_ctl -l ${SEPGSQL_LOG} -D ${SEPGSQL_DATA} -o '${SEPGSQL_OPTS}' start" \
+ /sbin/runuser sepgsql -c "./sepg_ctl -w -t 10 -l ${SEPGSQL_LOG} -D ${SEPGSQL_DATA} -o '${SEPGSQL_OPTS}' start" \
>> ${SEPGSQL_STARTUP_LOG} 2>&1 < /dev/null
sleep 1
PID=`/sbin/runuser sepgsql -c "./sepg_ctl -D ${SEPGSQL_DATA} status 2>/dev/null \
@@ -165,7 +165,7 @@ do_initdb() {
test -x /sbin/restorecon && /sbin/restorecon -R "${SEPGSQL_DATA}"
# Initialize the database
cd ${SEPGSQL_BIN}
- /sbin/runuser -- sepgsql -c "./initdb.sepgsql --enable-selinux -A 'ident sameuser' ${SEPGSQL_DATA}" \
+ /sbin/runuser -- sepgsql -c "./initdb.sepgsql --enable-selinux --pgdata='${SEPGSQL_DATA}' --auth='ident'" \
>> "${SEPGSQL_STARTUP_LOG}" 2>&1 < /dev/null
if [ -f "${SEPGSQL_DATA}/PG_VERSION" ]; then
echo_success
Index: sepostgresql.spec
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sepostgresql.spec,v
retrieving revision 1.38
retrieving revision 1.39
diff -u -p -r1.38 -r1.39
--- sepostgresql.spec 27 Jul 2009 04:09:56 -0000 1.38
+++ sepostgresql.spec 19 Aug 2009 12:00:30 -0000 1.39
@@ -11,8 +11,8 @@
Summary: Security Enhanced PostgreSQL
Name: sepostgresql
-Version: 8.3.7
-Release: 1991%{?dist}
+Version: 8.4.0
+Release: 2237%{?dist}
License: BSD
Group: Applications/Databases
Url: http://code.google.com/p/sepgsql/
@@ -21,13 +21,11 @@ Source0: ftp://ftp.postgresql.org/pub/so
Source1: sepostgresql.init
Source2: sepostgresql.8
Source3: sepostgresql.logrotate
-Patch0: sepostgresql-core-8.3.patch
-Patch1: sepostgresql-utils-8.3.patch
-Patch2: sepostgresql-test-8.3.patch
-Patch3: sepostgresql-fedora-prefix.patch
+Patch0: sepostgresql-8.4.patch
+Patch1: sepostgresql-fedora-prefix.patch
BuildRequires: perl glibc-devel bison flex readline-devel zlib-devel >= 1.0.4
BuildRequires: checkpolicy libselinux-devel >= 2.0.80
-BuildRequires: selinux-policy >= 3.4.2
+BuildRequires: selinux-policy >= 3.6.8
%if %{ssl}
BuildRequires: openssl-devel
%endif
@@ -36,8 +34,8 @@ Requires(post): policycoreutils /sbin/ch
Requires(preun): /sbin/chkconfig /sbin/service
Requires(postun): policycoreutils
Requires: postgresql-server = %{version}
-Requires: policycoreutils >= 2.0.16 libselinux >= 2.0.43
-Requires: selinux-policy >= 3.4.2
+Requires: policycoreutils >= 2.0.16 libselinux >= 2.0.80
+Requires: selinux-policy >= 3.6.8
Requires: tzdata logrotate
%description
@@ -52,8 +50,6 @@ reference monitor to check any SQL query
%setup -q -n postgresql-%{version}
%patch0 -p1
%patch1 -p1
-%patch2 -p1
-%patch3 -p1
%build
CFLAGS="${CFLAGS:-%optflags}" ; export CFLAGS
@@ -81,12 +77,9 @@ rm -rf %{buildroot}
make DESTDIR=%{buildroot} install
-for store in %{selinux_policy_stores}
-do
- install -d %{buildroot}%{_datadir}/selinux/${store}
- install -p -m 644 src/backend/security/sepgsql/policy/sepostgresql-devel.pp.${store} \
- %{buildroot}%{_datadir}/selinux/${store}/sepostgresql-devel.pp
-done
+install -d %{buildroot}%{_datadir}/selinux/packages
+install -p -m 644 src/backend/security/sepgsql/policy/sepostgresql-devel.pp \
+ %{buildroot}%{_datadir}/selinux/packages
# avoid to conflict with native postgresql package
mv %{buildroot}%{_bindir} %{buildroot}%{_bindir}.orig
@@ -142,7 +135,7 @@ do
%{_sbindir}/semodule -s ${store} -r sepostgresql >& /dev/null || :
if %{_sbindir}/semodule -s ${store} -l 2>/dev/null | grep -Eq "^sepostgresql-devel"; then
%{_sbindir}/semodule -s ${store} \
- -i %{_datadir}/selinux/${store}/sepostgresql-devel.pp >& /dev/null || :
+ -i %{_datadir}/selinux/packages/sepostgresql-devel.pp >& /dev/null || :
fi
done
@@ -193,12 +186,15 @@ fi
%{_datadir}/sepgsql/conversion_create.sql
%{_datadir}/sepgsql/information_schema.sql
%{_datadir}/sepgsql/sql_features.txt
-%attr(644,root,root) %{_datadir}/selinux/*/sepostgresql-devel.pp
+%attr(644,root,root) %{_datadir}/selinux/packages/sepostgresql-devel.pp
%attr(700,sepgsql,sepgsql) %dir %{_localstatedir}/lib/sepgsql
%attr(700,sepgsql,sepgsql) %dir %{_localstatedir}/lib/sepgsql/data
%attr(700,sepgsql,sepgsql) %dir %{_localstatedir}/lib/sepgsql/backups
%changelog
+* Wed Aug 19 2009 KaiGai Kohei <kaigai at kaigai.gr.jp> - 8.4.0-2237
+- Upgrade SE-PostgreSQL to 8.4.x series
+
* Sun Jul 26 2009 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 8.3.7-1991
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
Index: sources
===================================================================
RCS file: /cvs/pkgs/rpms/sepostgresql/devel/sources,v
retrieving revision 1.11
retrieving revision 1.12
diff -u -p -r1.11 -r1.12
--- sources 27 Mar 2009 03:54:13 -0000 1.11
+++ sources 19 Aug 2009 12:00:30 -0000 1.12
@@ -1 +1 @@
-7b7e91a2221e55fe1b167e663217a96d postgresql-8.3.7.tar.bz2
+1f172d5f60326e972837f58fa5acd130 postgresql-8.4.0.tar.bz2
--- sepostgresql-core-8.3.patch DELETED ---
--- sepostgresql-test-8.3.patch DELETED ---
--- sepostgresql-utils-8.3.patch DELETED ---
More information about the fedora-extras-commits
mailing list