summaryrefslogtreecommitdiffstats
path: root/contrib/sepgsql/sepgsql.sql.in
blob: 917d12dbbedc851b00d8a54506e412358b13dec1 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
--
-- contrib/sepgsql/sepgsql.sql
--
-- [Step to install]
--
-- 1. Run initdb
--    to set up a new database cluster.
--
-- 2. Edit $PGDATA/postgresql.conf
--    to add 'MODULE_PATHNAME' to shared_preload_libraries.
--
--    Example)
--        shared_preload_libraries = 'MODULE_PATHNAME'
--
-- 3. Run this script for each databases
--    This script installs corresponding functions, and assigns initial
--    security labels on target database objects.
--    It can be run both single-user mode and multi-user mode, according
--    to your preference.
--
--    Example)
--      $ for DBNAME in template0 template1 postgres;     \
--        do                                              \
--          postgres --single -F -c exit_on_error=true -D $PGDATA $DBNAME \
--            < /path/to/script/sepgsql.sql > /dev/null   \
--        done
--
-- 4. Start postmaster,
--    if you initialized the database in single-user mode.
--
LOAD 'MODULE_PATHNAME';
CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_getcon() RETURNS text AS 'MODULE_PATHNAME', 'sepgsql_getcon' LANGUAGE C;
CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_setcon(text) RETURNS bool AS 'MODULE_PATHNAME', 'sepgsql_setcon' LANGUAGE C;
CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_mcstrans_in(text) RETURNS text AS 'MODULE_PATHNAME', 'sepgsql_mcstrans_in' LANGUAGE C STRICT;
CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_mcstrans_out(text) RETURNS text AS 'MODULE_PATHNAME', 'sepgsql_mcstrans_out' LANGUAGE C STRICT;
CREATE OR REPLACE FUNCTION pg_catalog.sepgsql_restorecon(text) RETURNS bool AS 'MODULE_PATHNAME', 'sepgsql_restorecon' LANGUAGE C;
SELECT sepgsql_restorecon(NULL);