Layer: services

Module: postgresql

Tunables Interfaces

Description:

PostgreSQL relational database

Tunables:

postgresql_can_rsync

Default value

false

Description

Allow postgresql to use ssh and rsync for point-in-time recovery

postgresql_selinux_transmit_client_label

Default value

false

Description

Allow transmit client label to foreign database

postgresql_selinux_unconfined_dbadm

Default value

true

Description

Allow database admins to execute DML statement

postgresql_selinux_users_ddl

Default value

true

Description

Allow unprivileged users to execute DDL statement

Return

Interfaces:

postgresql_admin(
	
		domain
		
			,
		
		role
		
	)

Summary

All of the rules required to administrate an postgresql environment

Parameters

Parameter:	Description:
domain	Domain allowed access.
role	The role to be allowed to manage the postgresql domain.

postgresql_blob_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL binary large object type

Parameters

Parameter:	Description:
type	Type marked as a database binary large object type.

postgresql_database_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL database object type

Parameters

Parameter:	Description:
type	Type marked as a database object type.

postgresql_db_filetrans(
	
		domain
		
			,
		
		private type
		
			,
		
		object
		
			,
		
		name
		
	)

Summary

Create private objects at postgresql db directory.

Parameters

Parameter:	Description:
domain	Domain allowed access.
private type	The type of the object to be created.
object	The object class of the object being created.
name	The name of the object being created.

postgresql_domtrans(
	
		domain
		
	)

Summary

Execute postgresql in the postgresql domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

postgresql_exec(
	
		domain
		
	)

Summary

Execute Postgresql in the caller domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_filetrans_named_content(
	
		domain
		
	)

Summary

Transition to postgresql named content

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_language_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL procedural language object type

Parameters

Parameter:	Description:
type	Type marked as a procedural language object type.

postgresql_loadable_module(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL loadable shared library module

Parameters

Parameter:	Description:
type	Type marked as a database object type.

postgresql_manage_db(
	
		domain
		
	)

Summary

Allow the specified domain to manage postgresql's database.

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_procedure_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL procedure object type

Parameters

Parameter:	Description:
type	Type marked as a procedure object type.

postgresql_read_config(
	
		domain
		
	)

Summary

Allow the specified domain to read postgresql's etc.

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_role(
	
		user_role
		
			,
		
		user_domain
		
	)

Summary

Role access for SE-PostgreSQL.

Parameters

Parameter:	Description:
user_role	The role associated with the user domain.
user_domain	The type of the user domain.

postgresql_run(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute the postgresql program in the postgresql domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	The role to allow the postgresql domain.

postgresql_schema_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL schema object type

Parameters

Parameter:	Description:
type	Type marked as a schema object type.

postgresql_search_db(
	
		domain
		
	)

Summary

Allow the specified domain to search postgresql's database directory.

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_sequence_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL sequence type

Parameters

Parameter:	Description:
type	Type marked as a sequence type.

postgresql_signal(
	
		domain
		
	)

Summary

Allow domain to signal postgresql

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_signull(
	
		domain
		
	)

Summary

Allow domain to signull postgresql

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_stream_connect(
	
		domain
		
	)

Summary

Allow the specified domain to connect to postgresql with a unix socket.

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_system_table_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL system table/column/tuple object type

Parameters

Parameter:	Description:
type	Type marked as a table/column/tuple object type.

postgresql_table_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL table/column/tuple object type

Parameters

Parameter:	Description:
type	Type marked as a table/column/tuple object type.

postgresql_tcp_connect(
	
		domain
		
	)

Summary

Allow the specified domain to connect to postgresql with a tcp socket.

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_trusted_procedure_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL trusted procedure object type

Parameters

Parameter:	Description:
type	Type marked as a trusted procedure object type.

postgresql_unconfined(
	
		domain
		
	)

Summary

Allow the specified domain unconfined accesses to any database objects managed by SE-PostgreSQL,

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_unpriv_client(
	
		domain
		
	)

Summary

Allow the specified domain unprivileged accesses to unifined database objects managed by SE-PostgreSQL,

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_view_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL view object type

Parameters

Parameter:	Description:
type	Type marked as a view object type.

Return