-- -- Regression Tests for Label Management -- -- -- Setup -- CREATE TABLE t1 (a int, b text); INSERT INTO t1 VALUES (1, 'aaa'), (2, 'bbb'), (3, 'ccc'); SELECT * INTO t2 FROM t1 WHERE a % 2 = 0; CREATE FUNCTION f1 () RETURNS text AS 'SELECT sepgsql_getcon()' LANGUAGE sql; CREATE FUNCTION f2 () RETURNS text AS 'SELECT sepgsql_getcon()' LANGUAGE sql; SECURITY LABEL ON FUNCTION f2() IS 'system_u:object_r:sepgsql_trusted_proc_exec_t:s0'; CREATE FUNCTION f3 () RETURNS text AS 'BEGIN RAISE EXCEPTION ''an exception from f3()''; RETURN NULL; END;' LANGUAGE plpgsql; SECURITY LABEL ON FUNCTION f3() IS 'system_u:object_r:sepgsql_trusted_proc_exec_t:s0'; CREATE FUNCTION f4 () RETURNS text AS 'SELECT sepgsql_getcon()' LANGUAGE sql; SECURITY LABEL ON FUNCTION f4() IS 'system_u:object_r:sepgsql_regtest_trusted_proc_exec_t:s0'; -- -- Tests for default labeling behavior -- SELECT sepgsql_getcon(); -- confirm client privilege sepgsql_getcon ----------------------------------------------------- unconfined_u:unconfined_r:sepgsql_regtest_user_t:s0 (1 row) CREATE TABLE t3 (s int, t text); INSERT INTO t3 VALUES (1, 'sss'), (2, 'ttt'), (3, 'uuu'); SELECT objtype, objname, label FROM pg_seclabels WHERE provider = 'selinux' AND objtype in ('table', 'column') AND objname in ('t1', 't2', 't3'); objtype | objname | label ---------+---------+----------------------------------------------- table | t1 | unconfined_u:object_r:sepgsql_table_t:s0 table | t2 | unconfined_u:object_r:sepgsql_table_t:s0 table | t3 | unconfined_u:object_r:user_sepgsql_table_t:s0 (3 rows) -- -- Tests for SECURITY LABEL -- SELECT sepgsql_getcon(); -- confirm client privilege sepgsql_getcon ---------------------------------------------------- unconfined_u:unconfined_r:sepgsql_regtest_dba_t:s0 (1 row) SECURITY LABEL ON TABLE t1 IS 'system_u:object_r:sepgsql_ro_table_t:s0'; -- ok SECURITY LABEL ON TABLE t2 IS 'invalid security context'; -- be failed ERROR: SELinux: invalid security label: "invalid security context" SECURITY LABEL ON COLUMN t2 IS 'system_u:object_r:sepgsql_ro_table_t:s0'; -- be failed ERROR: improper relation name (too many dotted names): SECURITY LABEL ON COLUMN t2.b IS 'system_u:object_r:sepgsql_ro_table_t:s0'; -- ok -- -- Tests for Trusted Procedures -- SELECT sepgsql_getcon(); -- confirm client privilege sepgsql_getcon ----------------------------------------------------- unconfined_u:unconfined_r:sepgsql_regtest_user_t:s0 (1 row) SELECT f1(); -- normal procedure f1 ----------------------------------------------------- unconfined_u:unconfined_r:sepgsql_regtest_user_t:s0 (1 row) SELECT f2(); -- trusted procedure f2 ----------------------------------------------------- unconfined_u:unconfined_r:sepgsql_trusted_proc_t:s0 (1 row) SELECT f3(); -- trusted procedure that raises an error ERROR: an exception from f3() SELECT f4(); -- failed on domain transition ERROR: SELinux: security policy violation SELECT sepgsql_getcon(); -- client's label must be restored sepgsql_getcon ----------------------------------------------------- unconfined_u:unconfined_r:sepgsql_regtest_user_t:s0 (1 row) -- -- Clean up -- SELECT sepgsql_getcon(); -- confirm client privilege sepgsql_getcon ------------------------------------------------------ unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c255 (1 row) DROP TABLE IF EXISTS t1 CASCADE; DROP TABLE IF EXISTS t2 CASCADE; DROP TABLE IF EXISTS t3 CASCADE; DROP FUNCTION IF EXISTS f1() CASCADE; DROP FUNCTION IF EXISTS f2() CASCADE; DROP FUNCTION IF EXISTS f3() CASCADE; DROP FUNCTION IF EXISTS f4() CASCADE;