From: | Robert Haas <rhaas(at)postgresql(dot)org> |
---|---|
To: | pgsql-committers(at)postgresql(dot)org |
Subject: | pgsql: Support SECURITY LABEL on databases, tablespaces, and roles. |
Date: | 2011-07-20 17:18:39 |
Message-ID: | E1QjaPv-0004Lz-AC@gemulon.postgresql.org |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-committers |
Support SECURITY LABEL on databases, tablespaces, and roles.
This requires a new shared catalog, pg_shseclabel.
Along the way, fix the security_label regression tests so that they
don't monkey with the labels of any pre-existing objects. This is
unlikely to matter in practice, since only the label for the "dummy"
provider was being manipulated. But this way still seems cleaner.
KaiGai Kohei, with fairly extensive hacking by me.
Branch
------
master
Details
-------
http://git.postgresql.org/pg/commitdiff/463f2625a5fb183b6a8925ccde98bb3889f921d9
Modified Files
--------------
doc/src/sgml/catalogs.sgml | 78 +++++++++++
doc/src/sgml/ref/security_label.sgml | 3 +
src/backend/catalog/Makefile | 2 +-
src/backend/catalog/catalog.c | 3 +
src/backend/catalog/system_views.sql | 32 ++++-
src/backend/commands/dbcommands.c | 5 +-
src/backend/commands/seclabel.c | 183 ++++++++++++++++++++++++-
src/backend/commands/tablespace.c | 4 +-
src/backend/commands/user.c | 4 +-
src/backend/parser/gram.y | 3 +
src/bin/pg_dump/dumputils.c | 44 ++++++
src/bin/pg_dump/dumputils.h | 4 +
src/bin/pg_dump/pg_dump.c | 18 +++
src/bin/pg_dump/pg_dumpall.c | 56 ++++++--
src/include/catalog/catversion.h | 2 +-
src/include/catalog/indexing.h | 3 +
src/include/catalog/pg_shseclabel.h | 41 ++++++
src/include/commands/seclabel.h | 1 +
src/test/regress/expected/rules.out | 6 +-
src/test/regress/expected/sanity_check.out | 3 +-
src/test/regress/input/security_label.source | 35 ++++-
src/test/regress/output/security_label.source | 45 +++++-
22 files changed, 534 insertions(+), 41 deletions(-)
From | Date | Subject | |
---|---|---|---|
Next Message | Bruce Momjian | 2011-07-20 20:38:57 | pgsql: In pg_upgrade, use pg_strudup(), for consistency. |
Previous Message | Tom Lane | 2011-07-20 17:04:18 | pgsql: Rewrite libxml error handling to be more robust. |