219 lines
8.5 KiB
Plaintext
219 lines
8.5 KiB
Plaintext
<!--
|
|
doc/src/sgml/ref/security_label.sgml
|
|
PostgreSQL documentation
|
|
-->
|
|
|
|
<refentry id="sql-security-label">
|
|
<indexterm zone="sql-security-label">
|
|
<primary>SECURITY LABEL</primary>
|
|
</indexterm>
|
|
|
|
<refmeta>
|
|
<refentrytitle>SECURITY LABEL</refentrytitle>
|
|
<manvolnum>7</manvolnum>
|
|
<refmiscinfo>SQL - Language Statements</refmiscinfo>
|
|
</refmeta>
|
|
|
|
<refnamediv>
|
|
<refname>SECURITY LABEL</refname>
|
|
<refpurpose>define or change a security label applied to an object</refpurpose>
|
|
</refnamediv>
|
|
|
|
<refsynopsisdiv>
|
|
<synopsis>
|
|
SECURITY LABEL [ FOR <replaceable class="parameter">provider</replaceable> ] ON
|
|
{
|
|
TABLE <replaceable class="parameter">object_name</replaceable> |
|
|
COLUMN <replaceable class="parameter">table_name</replaceable>.<replaceable class="parameter">column_name</replaceable> |
|
|
AGGREGATE <replaceable class="parameter">aggregate_name</replaceable> ( <replaceable>aggregate_signature</replaceable> ) |
|
|
DATABASE <replaceable class="parameter">object_name</replaceable> |
|
|
DOMAIN <replaceable class="parameter">object_name</replaceable> |
|
|
EVENT TRIGGER <replaceable class="parameter">object_name</replaceable> |
|
|
FOREIGN TABLE <replaceable class="parameter">object_name</replaceable>
|
|
FUNCTION <replaceable class="parameter">function_name</replaceable> [ ( [ [ <replaceable class="parameter">argmode</replaceable> ] [ <replaceable class="parameter">argname</replaceable> ] <replaceable class="parameter">argtype</replaceable> [, ...] ] ) ] |
|
|
LARGE OBJECT <replaceable class="parameter">large_object_oid</replaceable> |
|
|
MATERIALIZED VIEW <replaceable class="parameter">object_name</replaceable> |
|
|
[ PROCEDURAL ] LANGUAGE <replaceable class="parameter">object_name</replaceable> |
|
|
PROCEDURE <replaceable class="parameter">procedure_name</replaceable> [ ( [ [ <replaceable class="parameter">argmode</replaceable> ] [ <replaceable class="parameter">argname</replaceable> ] <replaceable class="parameter">argtype</replaceable> [, ...] ] ) ] |
|
|
PUBLICATION <replaceable class="parameter">object_name</replaceable> |
|
|
ROLE <replaceable class="parameter">object_name</replaceable> |
|
|
ROUTINE <replaceable class="parameter">routine_name</replaceable> [ ( [ [ <replaceable class="parameter">argmode</replaceable> ] [ <replaceable class="parameter">argname</replaceable> ] <replaceable class="parameter">argtype</replaceable> [, ...] ] ) ] |
|
|
SCHEMA <replaceable class="parameter">object_name</replaceable> |
|
|
SEQUENCE <replaceable class="parameter">object_name</replaceable> |
|
|
SUBSCRIPTION <replaceable class="parameter">object_name</replaceable> |
|
|
TABLESPACE <replaceable class="parameter">object_name</replaceable> |
|
|
TYPE <replaceable class="parameter">object_name</replaceable> |
|
|
VIEW <replaceable class="parameter">object_name</replaceable>
|
|
} IS '<replaceable class="parameter">label</replaceable>'
|
|
|
|
<phrase>where <replaceable>aggregate_signature</replaceable> is:</phrase>
|
|
|
|
* |
|
|
[ <replaceable>argmode</replaceable> ] [ <replaceable>argname</replaceable> ] <replaceable>argtype</replaceable> [ , ... ] |
|
|
[ [ <replaceable>argmode</replaceable> ] [ <replaceable>argname</replaceable> ] <replaceable>argtype</replaceable> [ , ... ] ] ORDER BY [ <replaceable>argmode</replaceable> ] [ <replaceable>argname</replaceable> ] <replaceable>argtype</replaceable> [ , ... ]
|
|
</synopsis>
|
|
</refsynopsisdiv>
|
|
|
|
<refsect1>
|
|
<title>Description</title>
|
|
|
|
<para>
|
|
<command>SECURITY LABEL</command> applies a security label to a database
|
|
object. An arbitrary number of security labels, one per label provider, can
|
|
be associated with a given database object. Label providers are loadable
|
|
modules which register themselves by using the function
|
|
<function>register_label_provider</function>.
|
|
</para>
|
|
|
|
<note>
|
|
<para>
|
|
<function>register_label_provider</function> is not an SQL function; it can
|
|
only be called from C code loaded into the backend.
|
|
</para>
|
|
</note>
|
|
|
|
<para>
|
|
The label provider determines whether a given label is valid and whether
|
|
it is permissible to assign that label to a given object. The meaning of a
|
|
given label is likewise at the discretion of the label provider.
|
|
<productname>PostgreSQL</productname> places no restrictions on whether or how a
|
|
label provider must interpret security labels; it merely provides a
|
|
mechanism for storing them. In practice, this facility is intended to allow
|
|
integration with label-based mandatory access control (MAC) systems such as
|
|
<productname>SELinux</productname>. Such systems make all access control decisions
|
|
based on object labels, rather than traditional discretionary access control
|
|
(DAC) concepts such as users and groups.
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>Parameters</title>
|
|
|
|
<variablelist>
|
|
<varlistentry>
|
|
<term><replaceable class="parameter">object_name</replaceable></term>
|
|
<term><replaceable class="parameter">table_name.column_name</replaceable></term>
|
|
<term><replaceable class="parameter">aggregate_name</replaceable></term>
|
|
<term><replaceable class="parameter">function_name</replaceable></term>
|
|
<term><replaceable class="parameter">procedure_name</replaceable></term>
|
|
<term><replaceable class="parameter">routine_name</replaceable></term>
|
|
<listitem>
|
|
<para>
|
|
The name of the object to be labeled. Names of objects that reside in
|
|
schemas (tables, functions, etc.) can be schema-qualified.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><replaceable class="parameter">provider</replaceable></term>
|
|
<listitem>
|
|
<para>
|
|
The name of the provider with which this label is to be associated. The
|
|
named provider must be loaded and must consent to the proposed labeling
|
|
operation. If exactly one provider is loaded, the provider name may be
|
|
omitted for brevity.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><replaceable class="parameter">argmode</replaceable></term>
|
|
|
|
<listitem>
|
|
<para>
|
|
The mode of a function, procedure, or aggregate
|
|
argument: <literal>IN</literal>, <literal>OUT</literal>,
|
|
<literal>INOUT</literal>, or <literal>VARIADIC</literal>.
|
|
If omitted, the default is <literal>IN</literal>.
|
|
Note that <command>SECURITY LABEL</command> does not actually
|
|
pay any attention to <literal>OUT</literal> arguments, since only the input
|
|
arguments are needed to determine the function's identity.
|
|
So it is sufficient to list the <literal>IN</literal>, <literal>INOUT</literal>,
|
|
and <literal>VARIADIC</literal> arguments.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><replaceable class="parameter">argname</replaceable></term>
|
|
|
|
<listitem>
|
|
<para>
|
|
The name of a function, procedure, or aggregate argument.
|
|
Note that <command>SECURITY LABEL</command> does not actually
|
|
pay any attention to argument names, since only the argument data
|
|
types are needed to determine the function's identity.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><replaceable class="parameter">argtype</replaceable></term>
|
|
|
|
<listitem>
|
|
<para>
|
|
The data type of a function, procedure, or aggregate argument.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><replaceable class="parameter">large_object_oid</replaceable></term>
|
|
<listitem>
|
|
<para>
|
|
The OID of the large object.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><literal>PROCEDURAL</literal></term>
|
|
|
|
<listitem>
|
|
<para>
|
|
This is a noise word.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
|
|
<varlistentry>
|
|
<term><replaceable class="parameter">label</replaceable></term>
|
|
<listitem>
|
|
<para>
|
|
The new security label, written as a string literal; or <literal>NULL</literal>
|
|
to drop the security label.
|
|
</para>
|
|
</listitem>
|
|
</varlistentry>
|
|
</variablelist>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>Examples</title>
|
|
|
|
<para>
|
|
The following example shows how the security label of a table might
|
|
be changed.
|
|
|
|
<programlisting>
|
|
SECURITY LABEL FOR selinux ON TABLE mytable IS 'system_u:object_r:sepgsql_table_t:s0';
|
|
</programlisting></para>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>Compatibility</title>
|
|
<para>
|
|
There is no <command>SECURITY LABEL</command> command in the SQL standard.
|
|
</para>
|
|
</refsect1>
|
|
|
|
<refsect1>
|
|
<title>See Also</title>
|
|
<simplelist type="inline">
|
|
<member><xref linkend="sepgsql"/></member>
|
|
<member><filename>src/test/modules/dummy_seclabel</filename></member>
|
|
</simplelist>
|
|
</refsect1>
|
|
</refentry>
|