mirror of
				https://github.com/postgres/postgres.git
				synced 2025-10-24 00:03:18 -04:00 
			
		
		
		
	This is intended as infrastructure to allow sepgsql to cooperate with connection pooling software, by allowing the effective security label to be set for each new connection. KaiGai Kohei, reviewed by Yeb Havinga.
		
			
				
	
	
		
			38 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			MySQL
		
	
	
	
	
	
			
		
		
	
	
			38 lines
		
	
	
		
			1.6 KiB
		
	
	
	
		
			MySQL
		
	
	
	
	
	
| --
 | |
| -- contrib/sepgsql/sepgsql.sql
 | |
| --
 | |
| -- [Step to install]
 | |
| --
 | |
| -- 1. Run initdb
 | |
| --    to set up a new database cluster.
 | |
| --
 | |
| -- 2. Edit $PGDATA/postgresql.conf
 | |
| --    to add 'MODULE_PATHNAME' to shared_preload_libraries.
 | |
| --
 | |
| --    Example)
 | |
| --        shared_preload_libraries = 'MODULE_PATHNAME'
 | |
| --
 | |
| -- 3. Run this script for each databases
 | |
| --    This script installs corresponding functions, and assigns initial
 | |
| --    security labels on target database objects.
 | |
| --    It can be run both single-user mode and multi-user mode, according
 | |
| --    to your preference.
 | |
| --
 | |
| --    Example)
 | |
| --      $ for DBNAME in template0 template1 postgres;     \
 | |
| --        do                                              \
 | |
| --          postgres --single -F -c exit_on_error=true -D $PGDATA $DBNAME \
 | |
| --            < /path/to/script/sepgsql.sql > /dev/null   \
 | |
| --        done
 | |
| --
 | |
| -- 4. Start postmaster,
 | |
| --    if you initialized the database in single-user mode.
 | |
| --
 | |
| LOAD 'MODULE_PATHNAME';
 | |
| CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_getcon() RETURNS text AS 'MODULE_PATHNAME', 'sepgsql_getcon' LANGUAGE C;
 | |
| CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_setcon(text) RETURNS bool AS 'MODULE_PATHNAME', 'sepgsql_setcon' LANGUAGE C;
 | |
| CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_mcstrans_in(text) RETURNS text AS 'MODULE_PATHNAME', 'sepgsql_mcstrans_in' LANGUAGE C STRICT;
 | |
| CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_mcstrans_out(text) RETURNS text AS 'MODULE_PATHNAME', 'sepgsql_mcstrans_out' LANGUAGE C STRICT;
 | |
| CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_restorecon(text) RETURNS bool AS 'MODULE_PATHNAME', 'sepgsql_restorecon' LANGUAGE C;
 | |
| SELECT sepgsql_restorecon(NULL);
 |