mirror/postgresql
2
0
Fork 0
mirror of https://git.postgresql.org/git/postgresql.git synced 2025-02-05 19:09:58 +08:00
Code Issues Packages Projects Releases Wiki Activity
ffab494a4d
postgresql/contrib/sepgsql/database.c
Andres Freund b7eda3e0e3 Move generic snapshot related code from tqual.h to snapmgr.h. 
The code in tqual.c is largely heap specific. Due to the upcoming
pluggable storage work, it therefore makes sense to move it into
access/heap/ (as the file's header notes, the tqual name isn't very
good).

But the various statically allocated snapshot and snapshot
initialization functions are now (see previous commit) generic and do
not depend on functions declared in tqual.h anymore. Therefore move.
Also move XidInMVCCSnapshot as that's useful for future AMs, and
already used outside of tqual.c.

Author: Andres Freund
Discussion: https://postgr.es/m/20180703070645.wchpu5muyto5n647@alap3.anarazel.de
2019-01-21 17:06:41 -08:00

218 lines
5.2 KiB
C
Raw Blame History

/* -------------------------------------------------------------------------
*
* contrib/sepgsql/database.c
*
* Routines corresponding to database objects
*
* Copyright (c) 2010-2019, PostgreSQL Global Development Group
*
* -------------------------------------------------------------------------
*/
#include "postgres.h"
#include "access/genam.h"
#include "access/htup_details.h"
#include "access/sysattr.h"
#include "access/table.h"
#include "catalog/dependency.h"
#include "catalog/pg_database.h"
#include "catalog/indexing.h"
#include "commands/dbcommands.h"
#include "commands/seclabel.h"
#include "utils/builtins.h"
#include "utils/fmgroids.h"
#include "utils/snapmgr.h"
#include "sepgsql.h"
/*
* sepgsql_database_post_create
*
* This routine assigns a default security label on a newly defined
* database, and check permission needed for its creation.
*/
void
sepgsql_database_post_create(Oid databaseId, const char *dtemplate)
{
Relation rel;
ScanKeyData skey;
SysScanDesc sscan;
HeapTuple tuple;
char *tcontext;
char *ncontext;
ObjectAddress object;
Form_pg_database datForm;
StringInfoData audit_name;
/*
* Oid of the source database is not saved in pg_database catalog, so we
* collect its identifier using contextual information. If NULL, its
* default is "template1" according to createdb().
*/
if (!dtemplate)
dtemplate = "template1";
object.classId = DatabaseRelationId;
object.objectId = get_database_oid(dtemplate, false);
object.objectSubId = 0;
tcontext = sepgsql_get_label(object.classId,
object.objectId,
object.objectSubId);
/*
* check db_database:{getattr} permission
*/
initStringInfo(&audit_name);
appendStringInfo(&audit_name, "%s", quote_identifier(dtemplate));
sepgsql_avc_check_perms_label(tcontext,
SEPG_CLASS_DB_DATABASE,
SEPG_DB_DATABASE__GETATTR,
audit_name.data,
true);
/*
* Compute a default security label of the newly created database based on
* a pair of security label of client and source database.
*
* XXX - uncoming version of libselinux supports to take object name to
* handle special treatment on default security label.
*/
rel = table_open(DatabaseRelationId, AccessShareLock);
ScanKeyInit(&skey,
Anum_pg_database_oid,
BTEqualStrategyNumber, F_OIDEQ,
ObjectIdGetDatum(databaseId));
sscan = systable_beginscan(rel, DatabaseOidIndexId, true,
SnapshotSelf, 1, &skey);
tuple = systable_getnext(sscan);
if (!HeapTupleIsValid(tuple))
elog(ERROR, "could not find tuple for database %u", databaseId);
datForm = (Form_pg_database) GETSTRUCT(tuple);
ncontext = sepgsql_compute_create(sepgsql_get_client_label(),
tcontext,
SEPG_CLASS_DB_DATABASE,
NameStr(datForm->datname));
/*
* check db_database:{create} permission
*/
resetStringInfo(&audit_name);
appendStringInfo(&audit_name, "%s",
quote_identifier(NameStr(datForm->datname)));
sepgsql_avc_check_perms_label(ncontext,
SEPG_CLASS_DB_DATABASE,
SEPG_DB_DATABASE__CREATE,
audit_name.data,
true);
systable_endscan(sscan);
table_close(rel, AccessShareLock);
/*
* Assign the default security label on the new database
*/
object.classId = DatabaseRelationId;
object.objectId = databaseId;
object.objectSubId = 0;
SetSecurityLabel(&object, SEPGSQL_LABEL_TAG, ncontext);
pfree(ncontext);
pfree(tcontext);
}
/*
* sepgsql_database_drop
*
* It checks privileges to drop the supplied database
*/
void
sepgsql_database_drop(Oid databaseId)
{
ObjectAddress object;
char *audit_name;
/*
* check db_database:{drop} permission
*/
object.classId = DatabaseRelationId;
object.objectId = databaseId;
object.objectSubId = 0;
audit_name = getObjectIdentity(&object);
sepgsql_avc_check_perms(&object,
SEPG_CLASS_DB_DATABASE,
SEPG_DB_DATABASE__DROP,
audit_name,
true);
pfree(audit_name);
}
/*
* sepgsql_database_post_alter
*
* It checks privileges to alter the supplied database
*/
void
sepgsql_database_setattr(Oid databaseId)
{
ObjectAddress object;
char *audit_name;
/*
* check db_database:{setattr} permission
*/
object.classId = DatabaseRelationId;
object.objectId = databaseId;
object.objectSubId = 0;
audit_name = getObjectIdentity(&object);
sepgsql_avc_check_perms(&object,
SEPG_CLASS_DB_DATABASE,
SEPG_DB_DATABASE__SETATTR,
audit_name,
true);
pfree(audit_name);
}
/*
* sepgsql_database_relabel
*
* It checks privileges to relabel the supplied database with the `seclabel'
*/
void
sepgsql_database_relabel(Oid databaseId, const char *seclabel)
{
ObjectAddress object;
char *audit_name;
object.classId = DatabaseRelationId;
object.objectId = databaseId;
object.objectSubId = 0;
audit_name = getObjectIdentity(&object);
/*
* check db_database:{setattr relabelfrom} permission
*/
sepgsql_avc_check_perms(&object,
SEPG_CLASS_DB_DATABASE,
SEPG_DB_DATABASE__SETATTR |
SEPG_DB_DATABASE__RELABELFROM,
audit_name,
true);
/*
* check db_database:{relabelto} permission
*/
sepgsql_avc_check_perms_label(seclabel,
SEPG_CLASS_DB_DATABASE,
SEPG_DB_DATABASE__RELABELTO,
audit_name,
true);
pfree(audit_name);
}
Reference in New Issue View Git Blame Copy Permalink