Header And Logo
|
00001 /* 00002 * dummy_seclabel.c 00003 * 00004 * Dummy security label provider. 00005 * 00006 * This module does not provide anything worthwhile from a security 00007 * perspective, but allows regression testing independent of platform-specific 00008 * features like SELinux. 00009 * 00010 * Portions Copyright (c) 1996-2013, PostgreSQL Global Development Group 00011 * Portions Copyright (c) 1994, Regents of the University of California 00012 */ 00013 #include "postgres.h" 00014 00015 #include "commands/seclabel.h" 00016 #include "miscadmin.h" 00017 #include "utils/rel.h" 00018 00019 PG_MODULE_MAGIC; 00020 00021 /* Entrypoint of the module */ 00022 void _PG_init(void); 00023 00024 static void 00025 dummy_object_relabel(const ObjectAddress *object, const char *seclabel) 00026 { 00027 if (seclabel == NULL || 00028 strcmp(seclabel, "unclassified") == 0 || 00029 strcmp(seclabel, "classified") == 0) 00030 return; 00031 00032 if (strcmp(seclabel, "secret") == 0 || 00033 strcmp(seclabel, "top secret") == 0) 00034 { 00035 if (!superuser()) 00036 ereport(ERROR, 00037 (errcode(ERRCODE_INSUFFICIENT_PRIVILEGE), 00038 errmsg("only superuser can set '%s' label", seclabel))); 00039 return; 00040 } 00041 ereport(ERROR, 00042 (errcode(ERRCODE_INVALID_NAME), 00043 errmsg("'%s' is not a valid security label", seclabel))); 00044 } 00045 00046 void 00047 _PG_init(void) 00048 { 00049 register_label_provider("dummy", dummy_object_relabel); 00050 }
1.7.1