#
# This file is a part of ALT Linux SeLinux policy.
# Copyright (C) 2014 ALT Linux company, Andrew V. Stepanov <stanv@altlinux.org>
#
# Initial security label for SE-PostgreSQL
# For more information look up for: man sepgsql_contexts
#
# This file requires psql SELinux policy module
#

# <databases>
db_database     *                   generic_u:object_r:sepgsql_db_t:s0

# <schemas>
db_schema       *.*                 generic_u:object_r:sepgsql_schema_t:s0

# <tables>
db_table        *.pg_catalog.*      generic_u:object_r:sepgsql_sysobj_t:s0
db_table        *.*.*               generic_u:object_r:sepgsql_table_t:s0

# <column>
db_column       *.pg_catalog.*.*    generic_u:object_r:sepgsql_sysobj_t:s0
db_column       *.*.*.*             generic_u:object_r:sepgsql_table_t:s0

# <sequences>
db_sequence     *.*.*               generic_u:object_r:sepgsql_seq_t:s0

# <views>
db_view         *.*.*               generic_u:object_r:sepgsql_view_t:s0

# <procedures>
db_procedure    *.*.*               generic_u:object_r:sepgsql_proc_exec_t:s0

# <tuples> -- 9.3 still doesn't have it, ignore it
db_tuple        *.pg_catalog.*      generic_u:object_r:sepgsql_sysobj_t:s0
db_tuple        *.*.*               generic_u:object_r:sepgsql_table_t:s0

# <blobs>
db_blob         *.*                 generic_u:object_r:sepgsql_blob_t:s0

# <language> -- 9.3 still doesn't have it, ignore it
db_language     *.sql               generic_u:object_r:sepgsql_safe_lang_t:s0
db_language     *.plpgsql           generic_u:object_r:sepgsql_safe_lang_t:s0
db_language     *.pltcl             generic_u:object_r:sepgsql_safe_lang_t:s0
db_language     *.plperl            generic_u:object_r:sepgsql_safe_lang_t:s0
db_language     *.*                 generic_u:object_r:sepgsql_lang_t:s0
