94 (*next_object_access_hook) (access, classId, objectId, subId,
arg);
103 is_internal = pc_arg ? pc_arg->
is_internal :
false;
107 case DatabaseRelationId:
113 case NamespaceRelationId:
118 case RelationRelationId:
139 case ProcedureRelationId:
165 case DatabaseRelationId:
169 case NamespaceRelationId:
173 case RelationRelationId:
180 case ProcedureRelationId:
195 case RelationRelationId:
212 case DatabaseRelationId:
217 case NamespaceRelationId:
222 case RelationRelationId:
241 case ProcedureRelationId:
264 Assert(classId == NamespaceRelationId);
274 Assert(classId == ProcedureRelationId);
280 elog(
ERROR,
"unexpected object access type: %d", (
int) access);
315 const char *queryString,
347 if (strcmp(defel->
defname,
"template") == 0)
365 (
errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
366 errmsg(
"SELinux: LOAD is not permitted")));
381 (*next_ProcessUtility_hook) (pstmt, queryString,
382 context, params, queryEnv,
386 context, params, queryEnv,
391 sepgsql_context_info = saved_context_info;
408 (
errcode(ERRCODE_OBJECT_NOT_IN_PREREQUISITE_STATE),
409 errmsg(
"sepgsql must be loaded via shared_preload_libraries")));
416 if (is_selinux_enabled() < 1)
429 "Turn on/off permissive mode in SE-PostgreSQL",
447 "Turn on/off debug audit messages",
480 memset(&sepgsql_context_info, 0,
sizeof(sepgsql_context_info));
static ExecutorCheckPerms_hook_type next_exec_check_perms_hook
void sepgsql_attribute_drop(Oid relOid, AttrNumber attnum)
void(* ProcessUtility_hook_type)(PlannedStmt *pstmt, const char *queryString, ProcessUtilityContext context, ParamListInfo params, QueryEnvironment *queryEnv, DestReceiver *dest, QueryCompletion *qc)
void sepgsql_schema_setattr(Oid namespaceId)
void sepgsql_schema_drop(Oid namespaceId)
void sepgsql_relation_truncate(Oid relOid)
void sepgsql_database_drop(Oid databaseId)
const char * createdb_dtemplate
void sepgsql_init_client_label(void)
ProcessUtility_hook_type ProcessUtility_hook
int errcode(int sqlerrcode)
bool ereport_on_violation
bool sepgsql_getenforce(void)
#define SEPGSQL_MODE_DISABLED
static bool sepgsql_debug_audit
void sepgsql_proc_setattr(Oid functionId)
bool(* ExecutorCheckPerms_hook_type)(List *, bool)
void sepgsql_proc_execute(Oid functionId)
static bool sepgsql_exec_check_perms(List *rangeTabls, bool abort)
void sepgsql_schema_post_create(Oid namespaceId)
void sepgsql_proc_drop(Oid functionId)
void sepgsql_avc_init(void)
void sepgsql_attribute_setattr(Oid relOid, AttrNumber attnum)
void sepgsql_relation_post_create(Oid relOid)
void standard_ProcessUtility(PlannedStmt *pstmt, const char *queryString, ProcessUtilityContext context, ParamListInfo params, QueryEnvironment *queryEnv, DestReceiver *dest, QueryCompletion *qc)
int sepgsql_set_mode(int new_mode)
static bool sepgsql_permissive
bool sepgsql_get_debug_audit(void)
#define SEPGSQL_LABEL_TAG
#define GUC_NOT_IN_SAMPLE
bool sepgsql_dml_privileges(List *rangeTabls, bool abort_on_violation)
static sepgsql_context_info_t sepgsql_context_info
ExecutorCheckPerms_hook_type ExecutorCheckPerms_hook
void sepgsql_database_post_create(Oid databaseId, const char *dtemplate)
void sepgsql_proc_post_create(Oid functionId)
static object_access_hook_type next_object_access_hook
void register_label_provider(const char *provider_name, check_object_relabel_type hook)
bool sepgsql_schema_search(Oid namespaceId, bool abort_on_violation)
#define ereport(elevel,...)
object_access_hook_type object_access_hook
#define Assert(condition)
static void sepgsql_object_access(ObjectAccessType access, Oid classId, Oid objectId, int subId, void *arg)
void(* object_access_hook_type)(ObjectAccessType access, Oid classId, Oid objectId, int subId, void *arg)
bool sepgsql_get_permissive(void)
static void sepgsql_utility_command(PlannedStmt *pstmt, const char *queryString, ProcessUtilityContext context, ParamListInfo params, QueryEnvironment *queryEnv, DestReceiver *dest, QueryCompletion *qc)
void sepgsql_attribute_post_create(Oid relOid, AttrNumber attnum)
static ProcessUtility_hook_type next_ProcessUtility_hook
void sepgsql_object_relabel(const ObjectAddress *object, const char *seclabel)
int errmsg(const char *fmt,...)
void sepgsql_database_setattr(Oid databaseId)
void sepgsql_relation_setattr(Oid relOid)
void DefineCustomBoolVariable(const char *name, const char *short_desc, const char *long_desc, bool *valueAddr, bool bootValue, GucContext context, int flags, GucBoolCheckHook check_hook, GucBoolAssignHook assign_hook, GucShowHook show_hook)
void sepgsql_relation_drop(Oid relOid)
#define PERFORM_DELETION_INTERNAL