2011-12-21 09:12:43 -05:00
|
|
|
--
|
2012-03-09 15:18:45 -05:00
|
|
|
-- Regression Test for DDL of Object Permission Checks
|
2011-12-21 09:12:43 -05:00
|
|
|
--
|
|
|
|
|
|
|
|
|
|
-- confirm required permissions using audit messages
|
Fix sepgsql regression tests (9.2-only patch).
The regression tests for sepgsql were broken by changes in the
base distro as-shipped policies. Specifically, definition of
unconfined_t in the system default policy was changed to bypass
multi-category rules, which the regression test depended on.
Fix that by defining a custom privileged domain
(sepgsql_regtest_superuser_t) and using it instead of system's
unconfined_t domain. The new sepgsql_regtest_superuser_t domain
performs almost like the current unconfined_t, but restricted by
multi-category policy as the traditional unconfined_t was.
The custom policy module is a self defined domain, and so should not
be affected by related future system policy changes. However, it still
uses the unconfined_u:unconfined_r pair for selinux-user and role.
Those definitions have not been changed for several years and seem
less risky to rely on than the unconfined_t domain. Additionally, if
we define custom user/role, they would need to be manually defined
at the operating system level, adding more complexity to an already
non-standard and complex regression test.
Applies only to 9.2. Unlike the previous similar patch, commit 794e2558b,
this also fixes a bug related to processing SELECT INTO statement.
Because v9.2 didn't have ObjectAccessPostCreate to inform the context
when a relation is newly created, sepgsql had an alternative method.
However, related code in sepgsql_object_access() neglected to consider
T_CreateTableAsStmt, thus no label was assigned on the new relation.
This logic was removed and replaced starting in 9.3.
Patch by Kohei KaiGai.
2015-09-22 14:58:38 -07:00
|
|
|
-- @SECURITY-CONTEXT=unconfined_u:unconfined_r:sepgsql_regtest_superuser_t:s0
|
2011-12-21 09:12:43 -05:00
|
|
|
SET sepgsql.debug_audit = true;
|
|
|
|
|
SET client_min_messages = LOG;
|
|
|
|
|
|
2012-03-09 15:18:45 -05:00
|
|
|
--
|
|
|
|
|
-- CREATE Permission checks
|
|
|
|
|
--
|
2011-12-21 09:12:43 -05:00
|
|
|
CREATE DATABASE regtest_sepgsql_test_database;
|
|
|
|
|
|
2012-03-09 15:18:45 -05:00
|
|
|
CREATE USER regtest_sepgsql_test_user;
|
|
|
|
|
|
2011-12-21 09:12:43 -05:00
|
|
|
CREATE SCHEMA regtest_schema;
|
|
|
|
|
|
2012-03-09 15:18:45 -05:00
|
|
|
GRANT ALL ON SCHEMA regtest_schema TO regtest_sepgsql_test_user;
|
|
|
|
|
|
2011-12-21 09:12:43 -05:00
|
|
|
SET search_path = regtest_schema, public;
|
|
|
|
|
|
|
|
|
|
CREATE TABLE regtest_table (x serial primary key, y text);
|
|
|
|
|
|
|
|
|
|
ALTER TABLE regtest_table ADD COLUMN z int;
|
|
|
|
|
|
|
|
|
|
CREATE TABLE regtest_table_2 (a int) WITH OIDS;
|
|
|
|
|
|
|
|
|
|
-- corresponding toast table should not have label and permission checks
|
|
|
|
|
ALTER TABLE regtest_table_2 ADD COLUMN b text;
|
|
|
|
|
|
|
|
|
|
-- VACUUM FULL internally create a new table and swap them later.
|
|
|
|
|
VACUUM FULL regtest_table;
|
|
|
|
|
|
|
|
|
|
CREATE VIEW regtest_view AS SELECT * FROM regtest_table WHERE x < 100;
|
|
|
|
|
|
|
|
|
|
CREATE SEQUENCE regtest_seq;
|
|
|
|
|
|
|
|
|
|
CREATE TYPE regtest_comptype AS (a int, b text);
|
|
|
|
|
|
|
|
|
|
CREATE FUNCTION regtest_func(text,int[]) RETURNS bool LANGUAGE plpgsql
|
|
|
|
|
AS 'BEGIN RAISE NOTICE ''regtest_func => %'', $1; RETURN true; END';
|
|
|
|
|
|
|
|
|
|
CREATE AGGREGATE regtest_agg (
|
|
|
|
|
sfunc1 = int4pl, basetype = int4, stype1 = int4, initcond1 = '0'
|
|
|
|
|
);
|
|
|
|
|
|
2012-03-09 15:18:45 -05:00
|
|
|
-- CREATE objects owned by others
|
|
|
|
|
SET SESSION AUTHORIZATION regtest_sepgsql_test_user;
|
|
|
|
|
|
|
|
|
|
SET search_path = regtest_schema, public;
|
|
|
|
|
|
|
|
|
|
CREATE TABLE regtest_table_3 (x int, y serial);
|
|
|
|
|
|
|
|
|
|
CREATE VIEW regtest_view_2 AS SELECT * FROM regtest_table_3 WHERE x < y;
|
|
|
|
|
|
|
|
|
|
CREATE FUNCTION regtest_func_2(int) RETURNS bool LANGUAGE plpgsql
|
|
|
|
|
AS 'BEGIN RETURN $1 * $1 < 100; END';
|
|
|
|
|
|
|
|
|
|
RESET SESSION AUTHORIZATION;
|
|
|
|
|
|
2011-12-21 09:12:43 -05:00
|
|
|
--
|
2012-03-09 15:18:45 -05:00
|
|
|
-- DROP Permission checks (with clean-up)
|
2011-12-21 09:12:43 -05:00
|
|
|
--
|
|
|
|
|
|
2012-03-09 15:18:45 -05:00
|
|
|
DROP FUNCTION regtest_func(text,int[]);
|
|
|
|
|
DROP AGGREGATE regtest_agg(int);
|
|
|
|
|
|
|
|
|
|
DROP SEQUENCE regtest_seq;
|
|
|
|
|
DROP VIEW regtest_view;
|
|
|
|
|
|
|
|
|
|
ALTER TABLE regtest_table DROP COLUMN y;
|
|
|
|
|
ALTER TABLE regtest_table_2 SET WITHOUT OIDS;
|
|
|
|
|
|
|
|
|
|
DROP TABLE regtest_table;
|
|
|
|
|
|
|
|
|
|
DROP OWNED BY regtest_sepgsql_test_user;
|
|
|
|
|
|
|
|
|
|
DROP DATABASE regtest_sepgsql_test_database;
|
|
|
|
|
DROP USER regtest_sepgsql_test_user;
|
2011-12-21 09:12:43 -05:00
|
|
|
DROP SCHEMA IF EXISTS regtest_schema CASCADE;
|
