mirror of
https://github.com/postgres/postgres.git
synced 2025-05-08 07:21:33 +03:00
e90a629e12
The regression tests for sepgsql were broken by changes in the base distro as-shipped policies. Specifically, definition of unconfined_t in the system default policy was changed to bypass multi-category rules, which the regression test depended on. Fix that by defining a custom privileged domain (sepgsql_regtest_superuser_t) and using it instead of system's unconfined_t domain. The new sepgsql_regtest_superuser_t domain performs almost like the current unconfined_t, but restricted by multi-category policy as the traditional unconfined_t was. The custom policy module is a self defined domain, and so should not be affected by related future system policy changes. However, it still uses the unconfined_u:unconfined_r pair for selinux-user and role. Those definitions have not been changed for several years and seem less risky to rely on than the unconfined_t domain. Additionally, if we define custom user/role, they would need to be manually defined at the operating system level, adding more complexity to an already non-standard and complex regression test. Applies only to 9.2. Unlike the previous similar patch, commit 794e2558b, this also fixes a bug related to processing SELECT INTO statement. Because v9.2 didn't have ObjectAccessPostCreate to inform the context when a relation is newly created, sepgsql had an alternative method. However, related code in sepgsql_object_access() neglected to consider T_CreateTableAsStmt, thus no label was assigned on the new relation. This logic was removed and replaced starting in 9.3. Patch by Kohei KaiGai.
53 lines
1.2 KiB
Bash
Executable File
53 lines
1.2 KiB
Bash
Executable File
#!/bin/sh
|
|
#
|
|
# A wrapper script to launch psql command in regression test
|
|
#
|
|
# Copyright (c) 2010-2012, PostgreSQL Global Development Group
|
|
#
|
|
# -------------------------------------------------------------------------
|
|
|
|
if [ $# -lt 1 ]; then
|
|
echo "usage: `basename $0` <command> [options...]"
|
|
exit 1
|
|
fi
|
|
|
|
RUNCON=`which runcon`
|
|
if [ ! -e "$RUNCON" ]; then
|
|
echo "runcon command is not found"
|
|
exit 1
|
|
fi
|
|
|
|
#
|
|
# Read SQL from stdin
|
|
#
|
|
TEMP=`mktemp`
|
|
CONTEXT="unconfined_u:unconfined_r:sepgsql_regtest_superuser_t:s0-s0:c0.c255"
|
|
|
|
while IFS='\\n' read LINE
|
|
do
|
|
if echo "$LINE" | grep -q "^-- @SECURITY-CONTEXT="; then
|
|
if [ -s "$TEMP" ]; then
|
|
if [ -n "$CONTEXT" ]; then
|
|
"$RUNCON" "$CONTEXT" $* < "$TEMP"
|
|
else
|
|
$* < $TEMP
|
|
fi
|
|
truncate -s0 $TEMP
|
|
fi
|
|
CONTEXT=`echo "$LINE" | sed 's/^-- @SECURITY-CONTEXT=//g'`
|
|
LINE="SELECT sepgsql_getcon(); -- confirm client privilege"
|
|
fi
|
|
echo "$LINE" >> $TEMP
|
|
done
|
|
|
|
if [ -s "$TEMP" ]; then
|
|
if [ -n "$CONTEXT" ]; then
|
|
"$RUNCON" "$CONTEXT" $* < "$TEMP"
|
|
else
|
|
$* < $TEMP
|
|
fi
|
|
fi
|
|
|
|
# cleanup temp file
|
|
rm -f $TEMP
|