Add SECURITY LABEL provider to acceptance test postgres db.

Author: jbunting

tests/build/Dockerfile

@@ -0,0 +1,6 @@
+FROM postgres:${PGVERSION:-latest}
+
+RUN apt-get update && apt-get install -y build-essential postgresql-server-dev-all
+COPY dummy_seclabel /opt/dummy_seclabel
+WORKDIR /opt/dummy_seclabel
+RUN make

tests/build/dummy_seclabel/Makefile

@@ -0,0 +1,13 @@
+# src/test/modules/dummy_seclabel/Makefile
+
+MODULES = dummy_seclabel
+PGFILEDESC = "dummy_seclabel - regression testing of the SECURITY LABEL statement"
+
+EXTENSION = dummy_seclabel
+DATA = dummy_seclabel--1.0.sql
+
+REGRESS = dummy_seclabel
+
+PG_CONFIG = pg_config
+PGXS := $(shell $(PG_CONFIG) --pgxs)
+include $(PGXS)

tests/build/dummy_seclabel/dummy_seclabel--1.0.sql

@@ -0,0 +1,8 @@
+/* src/test/modules/dummy_seclabel/dummy_seclabel--1.0.sql */
+
+-- complain if script is sourced in psql, rather than via CREATE EXTENSION
+\echo Use "CREATE EXTENSION dummy_seclabel" to load this file. \quit
+
+CREATE FUNCTION dummy_seclabel_dummy()
+    RETURNS pg_catalog.void
+AS 'MODULE_PATHNAME' LANGUAGE C;

tests/build/dummy_seclabel/dummy_seclabel.c

@@ -0,0 +1,60 @@
+/*
+ * dummy_seclabel.c
+ *
+ * Dummy security label provider.
+ *
+ * This module does not provide anything worthwhile from a security
+ * perspective, but allows regression testing independent of platform-specific
+ * features like SELinux.
+ *
+ * Portions Copyright (c) 1996-2023, PostgreSQL Global Development Group
+ * Portions Copyright (c) 1994, Regents of the University of California
+ */
+#include "postgres.h"
+
+#include "commands/seclabel.h"
+#include "fmgr.h"
+#include "miscadmin.h"
+#include "utils/rel.h"
+
+PG_MODULE_MAGIC;
+
+PG_FUNCTION_INFO_V1(dummy_seclabel_dummy);
+
+static void
+dummy_object_relabel(const ObjectAddress *object, const char *seclabel)
+{
+	if (seclabel == NULL ||
+		strcmp(seclabel, "unclassified") == 0 ||
+		strcmp(seclabel, "classified") == 0)
+		return;
+
+	if (strcmp(seclabel, "secret") == 0 ||
+		strcmp(seclabel, "top secret") == 0)
+	{
+		if (!superuser())
+			ereport(ERROR,
+					(errcode(ERRCODE_INSUFFICIENT_PRIVILEGE),
+					 errmsg("only superuser can set '%s' label", seclabel)));
+		return;
+	}
+	ereport(ERROR,
+			(errcode(ERRCODE_INVALID_NAME),
+			 errmsg("'%s' is not a valid security label", seclabel)));
+}
+
+void
+_PG_init(void)
+{
+	register_label_provider("dummy", dummy_object_relabel);
+}
+
+/*
+ * This function is here just so that the extension is not completely empty
+ * and the dynamic library is loaded when CREATE EXTENSION runs.
+ */
+Datum
+dummy_seclabel_dummy(PG_FUNCTION_ARGS)
+{
+	PG_RETURN_VOID();
+}

tests/build/dummy_seclabel/dummy_seclabel.control

@@ -0,0 +1,4 @@
+comment = 'Test code for SECURITY LABEL feature'
+default_version = '1.0'
+module_pathname = '$libdir/dummy_seclabel'
+relocatable = true

tests/docker-compose.yml

@@ -2,14 +2,17 @@ version: "3"
 
 services:
     postgres:
-        image: postgres:${PGVERSION:-latest}
+        build: build
+#        image: postgres:${PGVERSION:-latest}
         user: postgres
         command:
           - "postgres"
           - "-c"
           - "wal_level=logical"
           - "-c"
           - "max_replication_slots=10"
+          - "-c"
+          - "shared_preload_libraries=/opt/dummy_seclabel/dummy_seclabel"
         environment:
             POSTGRES_PASSWORD: ${PGPASSWORD}
         ports: