I'm hoping that someone familiar with sepgsql can review this
portion of the materialized view patch and comment on whether it is
the best approach for dealing with the integration of these two
features. Basically, the patch as it stands treats a materialized
view as a table for purposes of sepgsql labels. I initially
invented new lables, but Robert suggested that this would make
materialized views unusable in an SE environment until the
corresponding labels were added at the OS level. It seems sane to
me because a materialized view exists on disk the same as a table,
but is populated differently -- from a view-like rule.
The portion of the patch which affects the contrib/sepgsql/ tree is
attached.
Thoughts?
-Kevin
*** a/contrib/sepgsql/dml.c
--- b/contrib/sepgsql/dml.c
***************
*** 191,196 **** check_relation_privileges(Oid relOid,
--- 191,197 ----
switch (relkind)
{
case RELKIND_RELATION:
+ case RELKIND_MATVIEW:
result = sepgsql_avc_check_perms(&object,
SEPG_CLASS_DB_TABLE,
required,
***************
*** 226,232 **** check_relation_privileges(Oid relOid,
/*
* Only columns owned by relations shall be checked
*/
! if (relkind != RELKIND_RELATION)
return true;
/*
--- 227,233 ----
/*
* Only columns owned by relations shall be checked
*/
! if (relkind != RELKIND_RELATION && relkind != RELKIND_MATVIEW)
return true;
/*
*** a/contrib/sepgsql/label.c
--- b/contrib/sepgsql/label.c
***************
*** 764,769 **** exec_object_restorecon(struct selabel_handle * sehnd, Oid catalogId)
--- 764,771 ----
objtype = SELABEL_DB_SEQUENCE;
else if (relForm->relkind == RELKIND_VIEW)
objtype = SELABEL_DB_VIEW;
+ else if (relForm->relkind == RELKIND_MATVIEW)
+ objtype = SELABEL_DB_TABLE;
else
continue; /* no need to assign security label */
***************
*** 782,788 **** exec_object_restorecon(struct selabel_handle * sehnd, Oid catalogId)
case AttributeRelationId:
attForm = (Form_pg_attribute) GETSTRUCT(tuple);
! if (get_rel_relkind(attForm->attrelid) != RELKIND_RELATION)
continue; /* no need to assign security label */
objtype = SELABEL_DB_COLUMN;
--- 784,791 ----
case AttributeRelationId:
attForm = (Form_pg_attribute) GETSTRUCT(tuple);
! if (get_rel_relkind(attForm->attrelid) != RELKIND_RELATION &&
! get_rel_relkind(attForm->attrelid) != RELKIND_MATVIEW)
continue; /* no need to assign security label */
objtype = SELABEL_DB_COLUMN;
*** a/contrib/sepgsql/relation.c
--- b/contrib/sepgsql/relation.c
***************
*** 54,61 **** sepgsql_attribute_post_create(Oid relOid, AttrNumber attnum)
Form_pg_attribute attForm;
/*
! * Only attributes within regular relation have individual security
! * labels.
*/
if (get_rel_relkind(relOid) != RELKIND_RELATION)
return;
--- 54,61 ----
Form_pg_attribute attForm;
/*
! * Only attributes within regular relation can have ALTER to add columns
! * with individual security labels.
*/
if (get_rel_relkind(relOid) != RELKIND_RELATION)
return;
***************
*** 159,165 **** sepgsql_attribute_relabel(Oid relOid, AttrNumber attnum,
ObjectAddress object;
char *audit_name;
! if (get_rel_relkind(relOid) != RELKIND_RELATION)
ereport(ERROR,
(errcode(ERRCODE_WRONG_OBJECT_TYPE),
errmsg("cannot set security label on non-regular columns")));
--- 159,166 ----
ObjectAddress object;
char *audit_name;
! if (get_rel_relkind(relOid) != RELKIND_RELATION &&
! get_rel_relkind(relOid) != RELKIND_MATVIEW)
ereport(ERROR,
(errcode(ERRCODE_WRONG_OBJECT_TYPE),
errmsg("cannot set security label on non-regular columns")));
***************
*** 252,257 **** sepgsql_relation_post_create(Oid relOid)
--- 253,259 ----
switch (classForm->relkind)
{
case RELKIND_RELATION:
+ case RELKIND_MATVIEW:
tclass = SEPG_CLASS_DB_TABLE;
tclass_text = "table";
break;
***************
*** 301,310 **** sepgsql_relation_post_create(Oid relOid)
SetSecurityLabel(&object, SEPGSQL_LABEL_TAG, rcontext);
/*
! * We also assigns a default security label on columns of the new regular
! * tables.
*/
! if (classForm->relkind == RELKIND_RELATION)
{
Relation arel;
ScanKeyData akey;
--- 303,313 ----
SetSecurityLabel(&object, SEPGSQL_LABEL_TAG, rcontext);
/*
! * We also assign a default security label on columns of new regular
! * tables and materialized views.
*/
! if (classForm->relkind == RELKIND_RELATION ||
! classForm->relkind == RELKIND_MATVIEW)
{
Relation arel;
ScanKeyData akey;
***************
*** 378,383 **** sepgsql_relation_drop(Oid relOid)
--- 381,387 ----
switch (relkind)
{
case RELKIND_RELATION:
+ case RELKIND_MATVIEW:
tclass = SEPG_CLASS_DB_TABLE;
break;
case RELKIND_SEQUENCE:
***************
*** 489,499 **** sepgsql_relation_relabel(Oid relOid, const char *seclabel)
tclass = SEPG_CLASS_DB_SEQUENCE;
else if (relkind == RELKIND_VIEW)
tclass = SEPG_CLASS_DB_VIEW;
else
ereport(ERROR,
(errcode(ERRCODE_WRONG_OBJECT_TYPE),
errmsg("cannot set security labels on relations except "
! "for tables, sequences or views")));
object.classId = RelationRelationId;
object.objectId = relOid;
--- 493,505 ----
tclass = SEPG_CLASS_DB_SEQUENCE;
else if (relkind == RELKIND_VIEW)
tclass = SEPG_CLASS_DB_VIEW;
+ else if (relkind == RELKIND_MATVIEW)
+ tclass = SEPG_CLASS_DB_TABLE;
else
ereport(ERROR,
(errcode(ERRCODE_WRONG_OBJECT_TYPE),
errmsg("cannot set security labels on relations except "
! "for tables, sequences, views, or materialized views")));
object.classId = RelationRelationId;
object.objectId = relOid;
***************
*** 536,541 **** sepgsql_relation_setattr(Oid relOid)
--- 542,548 ----
switch (get_rel_relkind(relOid))
{
case RELKIND_RELATION:
+ case RELKIND_MATVIEW:
tclass = SEPG_CLASS_DB_TABLE;
break;
case RELKIND_SEQUENCE:
*** a/contrib/sepgsql/sepgsql.h
--- b/contrib/sepgsql/sepgsql.h
***************
*** 32,37 ****
--- 32,39 ----
/*
* Internally used code of object classes
+ *
+ * NOTE: Materialized views are treated as tables for now.
*/
#define SEPG_CLASS_PROCESS 0
#define SEPG_CLASS_FILE 1
--
Sent via pgsql-hackers mailing list (pgsql-hackers@postgresql.org)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-hackers
