PostgreSQL Source Code git master
dummy_seclabel.c
Go to the documentation of this file.
1/*
2 * dummy_seclabel.c
3 *
4 * Dummy security label provider.
5 *
6 * This module does not provide anything worthwhile from a security
7 * perspective, but allows regression testing independent of platform-specific
8 * features like SELinux.
9 *
10 * Portions Copyright (c) 1996-2025, PostgreSQL Global Development Group
11 * Portions Copyright (c) 1994, Regents of the University of California
12 */
13#include "postgres.h"
14
15#include "commands/seclabel.h"
16#include "fmgr.h"
17#include "miscadmin.h"
18#include "utils/rel.h"
19
21
23
24static void
25dummy_object_relabel(const ObjectAddress *object, const char *seclabel)
26{
27 if (seclabel == NULL ||
28 strcmp(seclabel, "unclassified") == 0 ||
29 strcmp(seclabel, "classified") == 0)
30 return;
31
32 if (strcmp(seclabel, "secret") == 0 ||
33 strcmp(seclabel, "top secret") == 0)
34 {
35 if (!superuser())
37 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
38 errmsg("only superuser can set '%s' label", seclabel)));
39 return;
40 }
42 (errcode(ERRCODE_INVALID_NAME),
43 errmsg("'%s' is not a valid security label", seclabel)));
44}
45
46void
48{
50}
51
52/*
53 * This function is here just so that the extension is not completely empty
54 * and the dynamic library is loaded when CREATE EXTENSION runs.
55 */
58{
60}
void _PG_init(void)
PG_MODULE_MAGIC
PG_FUNCTION_INFO_V1(dummy_seclabel_dummy)
static void dummy_object_relabel(const ObjectAddress *object, const char *seclabel)
Datum dummy_seclabel_dummy(PG_FUNCTION_ARGS)
int errcode(int sqlerrcode)
Definition: elog.c:853
int errmsg(const char *fmt,...)
Definition: elog.c:1070
#define ERROR
Definition: elog.h:39
#define ereport(elevel,...)
Definition: elog.h:149
#define PG_RETURN_VOID()
Definition: fmgr.h:349
#define PG_FUNCTION_ARGS
Definition: fmgr.h:193
uintptr_t Datum
Definition: postgres.h:69
void register_label_provider(const char *provider_name, check_object_relabel_type hook)
Definition: seclabel.c:570
bool superuser(void)
Definition: superuser.c:46