2011-01-24 09:44:48 +08:00
|
|
|
--
|
|
|
|
-- contrib/sepgsql/sepgsql.sql
|
|
|
|
--
|
|
|
|
-- [Step to install]
|
|
|
|
--
|
|
|
|
-- 1. Run initdb
|
|
|
|
-- to set up a new database cluster.
|
|
|
|
--
|
|
|
|
-- 2. Edit $PGDATA/postgresql.conf
|
|
|
|
-- to add 'MODULE_PATHNAME' to shared_preload_libraries.
|
|
|
|
--
|
|
|
|
-- Example)
|
|
|
|
-- shared_preload_libraries = 'MODULE_PATHNAME'
|
|
|
|
--
|
|
|
|
-- 3. Run this script for each databases
|
|
|
|
-- This script installs corresponding functions, and assigns initial
|
|
|
|
-- security labels on target database objects.
|
|
|
|
-- It can be run both single-user mode and multi-user mode, according
|
|
|
|
-- to your preference.
|
|
|
|
--
|
|
|
|
-- Example)
|
|
|
|
-- $ for DBNAME in template0 template1 postgres; \
|
|
|
|
-- do \
|
|
|
|
-- postgres --single -F -c exit_on_error=true -D $PGDATA $DBNAME \
|
|
|
|
-- < /path/to/script/sepgsql.sql > /dev/null \
|
|
|
|
-- done
|
|
|
|
--
|
|
|
|
-- 4. Start postmaster,
|
|
|
|
-- if you initialized the database in single-user mode.
|
|
|
|
--
|
|
|
|
LOAD 'MODULE_PATHNAME';
|
|
|
|
CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_getcon() RETURNS text AS 'MODULE_PATHNAME', 'sepgsql_getcon' LANGUAGE C;
|
2012-03-16 04:08:40 +08:00
|
|
|
CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_setcon(text) RETURNS bool AS 'MODULE_PATHNAME', 'sepgsql_setcon' LANGUAGE C;
|
2011-01-24 09:44:48 +08:00
|
|
|
CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_mcstrans_in(text) RETURNS text AS 'MODULE_PATHNAME', 'sepgsql_mcstrans_in' LANGUAGE C STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_mcstrans_out(text) RETURNS text AS 'MODULE_PATHNAME', 'sepgsql_mcstrans_out' LANGUAGE C STRICT;
|
|
|
|
CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_restorecon(text) RETURNS bool AS 'MODULE_PATHNAME', 'sepgsql_restorecon' LANGUAGE C;
|
|
|
|
SELECT sepgsql_restorecon(NULL);
|