Layer: services

Module: postgresql

Tunables Interfaces

Description:

PostgreSQL relational database

Tunables:

postgresql_can_rsync

Default value

false

Description

Allow postgresql to use ssh and rsync for point-in-time recovery

postgresql_selinux_transmit_client_label

Default value

false

Description

Allow transmit client label to foreign database

postgresql_selinux_unconfined_dbadm

Default value

true

Description

Allow database admins to execute DML statement

postgresql_selinux_users_ddl

Default value

true

Description

Allow unprivileged users to execute DDL statement

Return

Interfaces:

postgresql_admin(
	
		domain
		
			,
		
		role
		
	)

Summary

All of the rules required to administrate an postgresql environment

Parameters

Parameter:	Description:
domain	Domain allowed access.
role	The role to be allowed to manage the postgresql domain.

postgresql_blob_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL binary large object type

Parameters

Parameter:	Description:
type	Type marked as a database binary large object type.

postgresql_database_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL database object type

Parameters

Parameter:	Description:
type	Type marked as a database object type.

postgresql_domtrans(
	
		domain
		
	)

Summary

Execute postgresql in the postgresql domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.

postgresql_exec(
	
		domain
		
	)

Summary

Execute Postgresql in the caller domain.

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_filetrans_named_content(
	
		domain
		
	)

Summary

Transition to postgresql named content

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_language_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL procedural language object type

Parameters

Parameter:	Description:
type	Type marked as a procedural language object type.

postgresql_loadable_module(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL loadable shared library module

Parameters

Parameter:	Description:
type	Type marked as a database object type.

postgresql_manage_db(
	
		domain
		
	)

Summary

Allow the specified domain to manage postgresql's database.

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_procedure_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL procedure object type

Parameters

Parameter:	Description:
type	Type marked as a procedure object type.

postgresql_read_config(
	
		domain
		
	)

Summary

Allow the specified domain to read postgresql's etc.

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_role(
	
		user_role
		
			,
		
		user_domain
		
	)

Summary

Role access for SE-PostgreSQL.

Parameters

Parameter:	Description:
user_role	The role associated with the user domain.
user_domain	The type of the user domain.

postgresql_run(
	
		domain
		
			,
		
		role
		
	)

Summary

Execute the postgresql program in the postgresql domain.

Parameters

Parameter:	Description:
domain	Domain allowed to transition.
role	The role to allow the postgresql domain.

postgresql_schema_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL schema object type

Parameters

Parameter:	Description:
type	Type marked as a schema object type.

postgresql_search_db(
	
		domain
		
	)

Summary

Allow the specified domain to search postgresql's database directory.

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_sequence_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL sequence type

Parameters

Parameter:	Description:
type	Type marked as a sequence type.

postgresql_signal(
	
		domain
		
	)

Summary

Allow domain to signal postgresql

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_stream_connect(
	
		domain
		
	)

Summary

Allow the specified domain to connect to postgresql with a unix socket.

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_system_table_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL system table/column/tuple object type

Parameters

Parameter:	Description:
type	Type marked as a table/column/tuple object type.

postgresql_table_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL table/column/tuple object type

Parameters

Parameter:	Description:
type	Type marked as a table/column/tuple object type.

postgresql_tcp_connect(
	
		domain
		
	)

Summary

Allow the specified domain to connect to postgresql with a tcp socket.

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_trusted_procedure_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL trusted procedure object type

Parameters

Parameter:	Description:
type	Type marked as a trusted procedure object type.

postgresql_unconfined(
	
		domain
		
	)

Summary

Allow the specified domain unconfined accesses to any database objects managed by SE-PostgreSQL,

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_unpriv_client(
	
		domain
		
	)

Summary

Allow the specified domain unprivileged accesses to unifined database objects managed by SE-PostgreSQL,

Parameters

Parameter:	Description:
domain	Domain allowed access.

postgresql_view_object(
	
		type
		
	)

Summary

Marks as a SE-PostgreSQL view object type

Parameters

Parameter:	Description:
type	Type marked as a view object type.

Return