PostgreSQL Source Code  git master
sepgsql.h
Go to the documentation of this file.
1 /* -------------------------------------------------------------------------
2  *
3  * contrib/sepgsql/sepgsql.h
4  *
5  * Definitions corresponding to SE-PostgreSQL
6  *
7  * Copyright (c) 2010-2020, PostgreSQL Global Development Group
8  *
9  * -------------------------------------------------------------------------
10  */
11 #ifndef SEPGSQL_H
12 #define SEPGSQL_H
13 
14 #include "catalog/objectaddress.h"
15 #include "fmgr.h"
16 
17 #include <selinux/selinux.h>
18 #include <selinux/avc.h>
19 
20 /*
21  * SE-PostgreSQL Label Tag
22  */
23 #define SEPGSQL_LABEL_TAG "selinux"
24 
25 /*
26  * SE-PostgreSQL performing mode
27  */
28 #define SEPGSQL_MODE_DEFAULT 1
29 #define SEPGSQL_MODE_PERMISSIVE 2
30 #define SEPGSQL_MODE_INTERNAL 3
31 #define SEPGSQL_MODE_DISABLED 4
32 
33 /*
34  * Internally used code of object classes
35  */
36 #define SEPG_CLASS_PROCESS 0
37 #define SEPG_CLASS_FILE 1
38 #define SEPG_CLASS_DIR 2
39 #define SEPG_CLASS_LNK_FILE 3
40 #define SEPG_CLASS_CHR_FILE 4
41 #define SEPG_CLASS_BLK_FILE 5
42 #define SEPG_CLASS_SOCK_FILE 6
43 #define SEPG_CLASS_FIFO_FILE 7
44 #define SEPG_CLASS_DB_DATABASE 8
45 #define SEPG_CLASS_DB_SCHEMA 9
46 #define SEPG_CLASS_DB_TABLE 10
47 #define SEPG_CLASS_DB_SEQUENCE 11
48 #define SEPG_CLASS_DB_PROCEDURE 12
49 #define SEPG_CLASS_DB_COLUMN 13
50 #define SEPG_CLASS_DB_TUPLE 14
51 #define SEPG_CLASS_DB_BLOB 15
52 #define SEPG_CLASS_DB_LANGUAGE 16
53 #define SEPG_CLASS_DB_VIEW 17
54 #define SEPG_CLASS_MAX 18
55 
56 /*
57  * Internally used code of access vectors
58  */
59 #define SEPG_PROCESS__TRANSITION (1<<0)
60 #define SEPG_PROCESS__DYNTRANSITION (1<<1)
61 #define SEPG_PROCESS__SETCURRENT (1<<2)
62 
63 #define SEPG_FILE__READ (1<<0)
64 #define SEPG_FILE__WRITE (1<<1)
65 #define SEPG_FILE__CREATE (1<<2)
66 #define SEPG_FILE__GETATTR (1<<3)
67 #define SEPG_FILE__UNLINK (1<<4)
68 #define SEPG_FILE__RENAME (1<<5)
69 #define SEPG_FILE__APPEND (1<<6)
70 
71 #define SEPG_DIR__READ (SEPG_FILE__READ)
72 #define SEPG_DIR__WRITE (SEPG_FILE__WRITE)
73 #define SEPG_DIR__CREATE (SEPG_FILE__CREATE)
74 #define SEPG_DIR__GETATTR (SEPG_FILE__GETATTR)
75 #define SEPG_DIR__UNLINK (SEPG_FILE__UNLINK)
76 #define SEPG_DIR__RENAME (SEPG_FILE__RENAME)
77 #define SEPG_DIR__SEARCH (1<<6)
78 #define SEPG_DIR__ADD_NAME (1<<7)
79 #define SEPG_DIR__REMOVE_NAME (1<<8)
80 #define SEPG_DIR__RMDIR (1<<9)
81 #define SEPG_DIR__REPARENT (1<<10)
82 
83 #define SEPG_LNK_FILE__READ (SEPG_FILE__READ)
84 #define SEPG_LNK_FILE__WRITE (SEPG_FILE__WRITE)
85 #define SEPG_LNK_FILE__CREATE (SEPG_FILE__CREATE)
86 #define SEPG_LNK_FILE__GETATTR (SEPG_FILE__GETATTR)
87 #define SEPG_LNK_FILE__UNLINK (SEPG_FILE__UNLINK)
88 #define SEPG_LNK_FILE__RENAME (SEPG_FILE__RENAME)
89 
90 #define SEPG_CHR_FILE__READ (SEPG_FILE__READ)
91 #define SEPG_CHR_FILE__WRITE (SEPG_FILE__WRITE)
92 #define SEPG_CHR_FILE__CREATE (SEPG_FILE__CREATE)
93 #define SEPG_CHR_FILE__GETATTR (SEPG_FILE__GETATTR)
94 #define SEPG_CHR_FILE__UNLINK (SEPG_FILE__UNLINK)
95 #define SEPG_CHR_FILE__RENAME (SEPG_FILE__RENAME)
96 
97 #define SEPG_BLK_FILE__READ (SEPG_FILE__READ)
98 #define SEPG_BLK_FILE__WRITE (SEPG_FILE__WRITE)
99 #define SEPG_BLK_FILE__CREATE (SEPG_FILE__CREATE)
100 #define SEPG_BLK_FILE__GETATTR (SEPG_FILE__GETATTR)
101 #define SEPG_BLK_FILE__UNLINK (SEPG_FILE__UNLINK)
102 #define SEPG_BLK_FILE__RENAME (SEPG_FILE__RENAME)
103 
104 #define SEPG_SOCK_FILE__READ (SEPG_FILE__READ)
105 #define SEPG_SOCK_FILE__WRITE (SEPG_FILE__WRITE)
106 #define SEPG_SOCK_FILE__CREATE (SEPG_FILE__CREATE)
107 #define SEPG_SOCK_FILE__GETATTR (SEPG_FILE__GETATTR)
108 #define SEPG_SOCK_FILE__UNLINK (SEPG_FILE__UNLINK)
109 #define SEPG_SOCK_FILE__RENAME (SEPG_FILE__RENAME)
110 
111 #define SEPG_FIFO_FILE__READ (SEPG_FILE__READ)
112 #define SEPG_FIFO_FILE__WRITE (SEPG_FILE__WRITE)
113 #define SEPG_FIFO_FILE__CREATE (SEPG_FILE__CREATE)
114 #define SEPG_FIFO_FILE__GETATTR (SEPG_FILE__GETATTR)
115 #define SEPG_FIFO_FILE__UNLINK (SEPG_FILE__UNLINK)
116 #define SEPG_FIFO_FILE__RENAME (SEPG_FILE__RENAME)
117 
118 #define SEPG_DB_DATABASE__CREATE (1<<0)
119 #define SEPG_DB_DATABASE__DROP (1<<1)
120 #define SEPG_DB_DATABASE__GETATTR (1<<2)
121 #define SEPG_DB_DATABASE__SETATTR (1<<3)
122 #define SEPG_DB_DATABASE__RELABELFROM (1<<4)
123 #define SEPG_DB_DATABASE__RELABELTO (1<<5)
124 #define SEPG_DB_DATABASE__ACCESS (1<<6)
125 #define SEPG_DB_DATABASE__LOAD_MODULE (1<<7)
126 
127 #define SEPG_DB_SCHEMA__CREATE (SEPG_DB_DATABASE__CREATE)
128 #define SEPG_DB_SCHEMA__DROP (SEPG_DB_DATABASE__DROP)
129 #define SEPG_DB_SCHEMA__GETATTR (SEPG_DB_DATABASE__GETATTR)
130 #define SEPG_DB_SCHEMA__SETATTR (SEPG_DB_DATABASE__SETATTR)
131 #define SEPG_DB_SCHEMA__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)
132 #define SEPG_DB_SCHEMA__RELABELTO (SEPG_DB_DATABASE__RELABELTO)
133 #define SEPG_DB_SCHEMA__SEARCH (1<<6)
134 #define SEPG_DB_SCHEMA__ADD_NAME (1<<7)
135 #define SEPG_DB_SCHEMA__REMOVE_NAME (1<<8)
136 
137 #define SEPG_DB_TABLE__CREATE (SEPG_DB_DATABASE__CREATE)
138 #define SEPG_DB_TABLE__DROP (SEPG_DB_DATABASE__DROP)
139 #define SEPG_DB_TABLE__GETATTR (SEPG_DB_DATABASE__GETATTR)
140 #define SEPG_DB_TABLE__SETATTR (SEPG_DB_DATABASE__SETATTR)
141 #define SEPG_DB_TABLE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)
142 #define SEPG_DB_TABLE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)
143 #define SEPG_DB_TABLE__SELECT (1<<6)
144 #define SEPG_DB_TABLE__UPDATE (1<<7)
145 #define SEPG_DB_TABLE__INSERT (1<<8)
146 #define SEPG_DB_TABLE__DELETE (1<<9)
147 #define SEPG_DB_TABLE__LOCK (1<<10)
148 #define SEPG_DB_TABLE__TRUNCATE (1<<11)
149 
150 #define SEPG_DB_SEQUENCE__CREATE (SEPG_DB_DATABASE__CREATE)
151 #define SEPG_DB_SEQUENCE__DROP (SEPG_DB_DATABASE__DROP)
152 #define SEPG_DB_SEQUENCE__GETATTR (SEPG_DB_DATABASE__GETATTR)
153 #define SEPG_DB_SEQUENCE__SETATTR (SEPG_DB_DATABASE__SETATTR)
154 #define SEPG_DB_SEQUENCE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)
155 #define SEPG_DB_SEQUENCE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)
156 #define SEPG_DB_SEQUENCE__GET_VALUE (1<<6)
157 #define SEPG_DB_SEQUENCE__NEXT_VALUE (1<<7)
158 #define SEPG_DB_SEQUENCE__SET_VALUE (1<<8)
159 
160 #define SEPG_DB_PROCEDURE__CREATE (SEPG_DB_DATABASE__CREATE)
161 #define SEPG_DB_PROCEDURE__DROP (SEPG_DB_DATABASE__DROP)
162 #define SEPG_DB_PROCEDURE__GETATTR (SEPG_DB_DATABASE__GETATTR)
163 #define SEPG_DB_PROCEDURE__SETATTR (SEPG_DB_DATABASE__SETATTR)
164 #define SEPG_DB_PROCEDURE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)
165 #define SEPG_DB_PROCEDURE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)
166 #define SEPG_DB_PROCEDURE__EXECUTE (1<<6)
167 #define SEPG_DB_PROCEDURE__ENTRYPOINT (1<<7)
168 #define SEPG_DB_PROCEDURE__INSTALL (1<<8)
169 
170 #define SEPG_DB_COLUMN__CREATE (SEPG_DB_DATABASE__CREATE)
171 #define SEPG_DB_COLUMN__DROP (SEPG_DB_DATABASE__DROP)
172 #define SEPG_DB_COLUMN__GETATTR (SEPG_DB_DATABASE__GETATTR)
173 #define SEPG_DB_COLUMN__SETATTR (SEPG_DB_DATABASE__SETATTR)
174 #define SEPG_DB_COLUMN__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)
175 #define SEPG_DB_COLUMN__RELABELTO (SEPG_DB_DATABASE__RELABELTO)
176 #define SEPG_DB_COLUMN__SELECT (1<<6)
177 #define SEPG_DB_COLUMN__UPDATE (1<<7)
178 #define SEPG_DB_COLUMN__INSERT (1<<8)
179 
180 #define SEPG_DB_TUPLE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)
181 #define SEPG_DB_TUPLE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)
182 #define SEPG_DB_TUPLE__SELECT (SEPG_DB_DATABASE__GETATTR)
183 #define SEPG_DB_TUPLE__UPDATE (SEPG_DB_DATABASE__SETATTR)
184 #define SEPG_DB_TUPLE__INSERT (SEPG_DB_DATABASE__CREATE)
185 #define SEPG_DB_TUPLE__DELETE (SEPG_DB_DATABASE__DROP)
186 
187 #define SEPG_DB_BLOB__CREATE (SEPG_DB_DATABASE__CREATE)
188 #define SEPG_DB_BLOB__DROP (SEPG_DB_DATABASE__DROP)
189 #define SEPG_DB_BLOB__GETATTR (SEPG_DB_DATABASE__GETATTR)
190 #define SEPG_DB_BLOB__SETATTR (SEPG_DB_DATABASE__SETATTR)
191 #define SEPG_DB_BLOB__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)
192 #define SEPG_DB_BLOB__RELABELTO (SEPG_DB_DATABASE__RELABELTO)
193 #define SEPG_DB_BLOB__READ (1<<6)
194 #define SEPG_DB_BLOB__WRITE (1<<7)
195 #define SEPG_DB_BLOB__IMPORT (1<<8)
196 #define SEPG_DB_BLOB__EXPORT (1<<9)
197 
198 #define SEPG_DB_LANGUAGE__CREATE (SEPG_DB_DATABASE__CREATE)
199 #define SEPG_DB_LANGUAGE__DROP (SEPG_DB_DATABASE__DROP)
200 #define SEPG_DB_LANGUAGE__GETATTR (SEPG_DB_DATABASE__GETATTR)
201 #define SEPG_DB_LANGUAGE__SETATTR (SEPG_DB_DATABASE__SETATTR)
202 #define SEPG_DB_LANGUAGE__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)
203 #define SEPG_DB_LANGUAGE__RELABELTO (SEPG_DB_DATABASE__RELABELTO)
204 #define SEPG_DB_LANGUAGE__IMPLEMENT (1<<6)
205 #define SEPG_DB_LANGUAGE__EXECUTE (1<<7)
206 
207 #define SEPG_DB_VIEW__CREATE (SEPG_DB_DATABASE__CREATE)
208 #define SEPG_DB_VIEW__DROP (SEPG_DB_DATABASE__DROP)
209 #define SEPG_DB_VIEW__GETATTR (SEPG_DB_DATABASE__GETATTR)
210 #define SEPG_DB_VIEW__SETATTR (SEPG_DB_DATABASE__SETATTR)
211 #define SEPG_DB_VIEW__RELABELFROM (SEPG_DB_DATABASE__RELABELFROM)
212 #define SEPG_DB_VIEW__RELABELTO (SEPG_DB_DATABASE__RELABELTO)
213 #define SEPG_DB_VIEW__EXPAND (1<<6)
214 
215 /*
216  * hooks.c
217  */
218 extern bool sepgsql_get_permissive(void);
219 extern bool sepgsql_get_debug_audit(void);
220 
221 /*
222  * selinux.c
223  */
224 extern bool sepgsql_is_enabled(void);
225 extern int sepgsql_get_mode(void);
226 extern int sepgsql_set_mode(int new_mode);
227 extern bool sepgsql_getenforce(void);
228 
229 extern void sepgsql_audit_log(bool denied,
230  const char *scontext,
231  const char *tcontext,
232  uint16 tclass,
233  uint32 audited,
234  const char *audit_name);
235 
236 extern void sepgsql_compute_avd(const char *scontext,
237  const char *tcontext,
238  uint16 tclass,
239  struct av_decision *avd);
240 
241 extern char *sepgsql_compute_create(const char *scontext,
242  const char *tcontext,
243  uint16 tclass,
244  const char *objname);
245 
246 extern bool sepgsql_check_perms(const char *scontext,
247  const char *tcontext,
248  uint16 tclass,
249  uint32 required,
250  const char *audit_name,
251  bool abort_on_violation);
252 
253 /*
254  * uavc.c
255  */
256 #define SEPGSQL_AVC_NOAUDIT ((void *)(-1))
257 extern bool sepgsql_avc_check_perms_label(const char *tcontext,
258  uint16 tclass,
259  uint32 required,
260  const char *audit_name,
261  bool abort_on_violation);
262 extern bool sepgsql_avc_check_perms(const ObjectAddress *tobject,
263  uint16 tclass,
264  uint32 required,
265  const char *audit_name,
266  bool abort_on_violation);
267 extern char *sepgsql_avc_trusted_proc(Oid functionId);
268 extern void sepgsql_avc_init(void);
269 
270 /*
271  * label.c
272  */
273 extern char *sepgsql_get_client_label(void);
274 extern void sepgsql_init_client_label(void);
275 extern char *sepgsql_get_label(Oid classId, Oid objectId, int32 subId);
276 
277 extern void sepgsql_object_relabel(const ObjectAddress *object,
278  const char *seclabel);
279 
280 /*
281  * dml.c
282  */
283 extern bool sepgsql_dml_privileges(List *rangeTabls, bool abort_on_violation);
284 
285 /*
286  * database.c
287  */
288 extern void sepgsql_database_post_create(Oid databaseId,
289  const char *dtemplate);
290 extern void sepgsql_database_drop(Oid databaseId);
291 extern void sepgsql_database_relabel(Oid databaseId, const char *seclabel);
292 extern void sepgsql_database_setattr(Oid databaseId);
293 
294 /*
295  * schema.c
296  */
297 extern void sepgsql_schema_post_create(Oid namespaceId);
298 extern void sepgsql_schema_drop(Oid namespaceId);
299 extern void sepgsql_schema_relabel(Oid namespaceId, const char *seclabel);
300 extern void sepgsql_schema_setattr(Oid namespaceId);
301 extern bool sepgsql_schema_search(Oid namespaceId, bool abort_on_violation);
302 extern void sepgsql_schema_add_name(Oid namespaceId);
303 extern void sepgsql_schema_remove_name(Oid namespaceId);
304 extern void sepgsql_schema_rename(Oid namespaceId);
305 
306 /*
307  * relation.c
308  */
309 extern void sepgsql_attribute_post_create(Oid relOid, AttrNumber attnum);
310 extern void sepgsql_attribute_drop(Oid relOid, AttrNumber attnum);
311 extern void sepgsql_attribute_relabel(Oid relOid, AttrNumber attnum,
312  const char *seclabel);
313 extern void sepgsql_attribute_setattr(Oid relOid, AttrNumber attnum);
314 extern void sepgsql_relation_post_create(Oid relOid);
315 extern void sepgsql_relation_drop(Oid relOid);
316 extern void sepgsql_relation_truncate(Oid relOid);
317 extern void sepgsql_relation_relabel(Oid relOid, const char *seclabel);
318 extern void sepgsql_relation_setattr(Oid relOid);
319 
320 /*
321  * proc.c
322  */
323 extern void sepgsql_proc_post_create(Oid functionId);
324 extern void sepgsql_proc_drop(Oid functionId);
325 extern void sepgsql_proc_relabel(Oid functionId, const char *seclabel);
326 extern void sepgsql_proc_setattr(Oid functionId);
327 extern void sepgsql_proc_execute(Oid functionId);
328 
329 #endif /* SEPGSQL_H */
sepgsql_getenforce
bool sepgsql_getenforce(void)
Definition: selinux.c:651
sepgsql_avc_check_perms_label
bool sepgsql_avc_check_perms_label(const char *tcontext, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:337
sepgsql_proc_drop
void sepgsql_proc_drop(Oid functionId)
Definition: proc.c:156
sepgsql_attribute_drop
void sepgsql_attribute_drop(Oid relOid, AttrNumber attnum)
Definition: relation.c:134
sepgsql_set_mode
int sepgsql_set_mode(int new_mode)
Definition: selinux.c:634
sepgsql_schema_rename
void sepgsql_schema_rename(Oid namespaceId)
Definition: schema.c:230
sepgsql_schema_drop
void sepgsql_schema_drop(Oid namespaceId)
Definition: schema.c:115
sepgsql_avc_check_perms
bool sepgsql_avc_check_perms(const ObjectAddress *tobject, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: uavc.c:419
sepgsql_init_client_label
void sepgsql_init_client_label(void)
Definition: label.c:405
sepgsql_get_client_label
char * sepgsql_get_client_label(void)
Definition: label.c:81
sepgsql_attribute_relabel
void sepgsql_attribute_relabel(Oid relOid, AttrNumber attnum, const char *seclabel)
Definition: relation.c:166
Oid
unsigned int Oid
Definition: postgres_ext.h:31
int32
signed int int32
Definition: c.h:362
sepgsql_schema_search
bool sepgsql_schema_search(Oid namespaceId, bool abort_on_violation)
Definition: schema.c:210
sepgsql_proc_setattr
void sepgsql_proc_setattr(Oid functionId)
Definition: proc.c:236
sepgsql_avc_init
void sepgsql_avc_init(void)
Definition: uavc.c:487
sepgsql_attribute_setattr
void sepgsql_attribute_setattr(Oid relOid, AttrNumber attnum)
Definition: relation.c:210
uint16
unsigned short uint16
Definition: c.h:373
sepgsql_avc_trusted_proc
char * sepgsql_avc_trusted_proc(Oid functionId)
Definition: uavc.c:444
sepgsql_get_mode
int sepgsql_get_mode(void)
Definition: selinux.c:625
sepgsql_schema_remove_name
void sepgsql_schema_remove_name(Oid namespaceId)
Definition: schema.c:224
sepgsql_attribute_post_create
void sepgsql_attribute_post_create(Oid relOid, AttrNumber attnum)
Definition: relation.c:44
uint32
unsigned int uint32
Definition: c.h:374
sepgsql_get_label
char * sepgsql_get_label(Oid classId, Oid objectId, int32 subId)
Definition: label.c:446
sepgsql_get_debug_audit
bool sepgsql_get_debug_audit(void)
Definition: hooks.c:75
sepgsql_proc_relabel
void sepgsql_proc_relabel(Oid functionId, const char *seclabel)
Definition: proc.c:199
sepgsql_database_post_create
void sepgsql_database_post_create(Oid databaseId, const char *dtemplate)
Definition: database.c:34
sepgsql_database_drop
void sepgsql_database_drop(Oid databaseId)
Definition: database.c:134
sepgsql_relation_setattr
void sepgsql_relation_setattr(Oid relOid)
Definition: relation.c:616
sepgsql_schema_add_name
void sepgsql_schema_add_name(Oid namespaceId)
Definition: schema.c:218
sepgsql_relation_drop
void sepgsql_relation_drop(Oid relOid)
Definition: relation.c:417
sepgsql_get_permissive
bool sepgsql_get_permissive(void)
Definition: hooks.c:64
attnum
int16 attnum
Definition: pg_attribute.h:79
sepgsql_dml_privileges
bool sepgsql_dml_privileges(List *rangeTabls, bool abort_on_violation)
Definition: dml.c:280
sepgsql_relation_post_create
void sepgsql_relation_post_create(Oid relOid)
Definition: relation.c:241
sepgsql_proc_execute
void sepgsql_proc_execute(Oid functionId)
Definition: proc.c:316
sepgsql_is_enabled
bool sepgsql_is_enabled(void)
Definition: selinux.c:616
sepgsql_schema_post_create
void sepgsql_schema_post_create(Oid namespaceId)
Definition: schema.c:37
sepgsql_compute_avd
void sepgsql_compute_avd(const char *scontext, const char *tcontext, uint16 tclass, struct av_decision *avd)
Definition: selinux.c:733
sepgsql_relation_relabel
void sepgsql_relation_relabel(Oid relOid, const char *seclabel)
Definition: relation.c:565
sepgsql_audit_log
void sepgsql_audit_log(bool denied, const char *scontext, const char *tcontext, uint16 tclass, uint32 audited, const char *audit_name)
Definition: selinux.c:678
sepgsql_check_perms
bool sepgsql_check_perms(const char *scontext, const char *tcontext, uint16 tclass, uint32 required, const char *audit_name, bool abort_on_violation)
Definition: selinux.c:899
sepgsql_object_relabel
void sepgsql_object_relabel(const ObjectAddress *object, const char *seclabel)
Definition: label.c:483
generate_unaccent_rules.required
required
Definition: generate_unaccent_rules.py:282
List
Definition: pg_list.h:50
AttrNumber
int16 AttrNumber
Definition: attnum.h:21
sepgsql_relation_truncate
void sepgsql_relation_truncate(Oid relOid)
Definition: relation.c:525
sepgsql_compute_create
char * sepgsql_compute_create(const char *scontext, const char *tcontext, uint16 tclass, const char *objname)
Definition: selinux.c:836
sepgsql_proc_post_create
void sepgsql_proc_post_create(Oid functionId)
Definition: proc.c:38
sepgsql_database_setattr
void sepgsql_database_setattr(Oid databaseId)
Definition: database.c:161
sepgsql_database_relabel
void sepgsql_database_relabel(Oid databaseId, const char *seclabel)
Definition: database.c:188
sepgsql_schema_setattr
void sepgsql_schema_setattr(Oid namespaceId)
Definition: schema.c:203
sepgsql_schema_relabel
void sepgsql_schema_relabel(Oid namespaceId, const char *seclabel)
Definition: schema.c:143