diff --git a/Cargo.toml b/Cargo.toml index 50e88ee..3d9cbe1 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "block_copy_command" -version = "0.1.1" +version = "0.1.4" edition = "2021" description = "PostgreSQL extension that blocks COPY commands via a configurable ProcessUtility hook" authors = ["RustWizard"] diff --git a/META.json b/META.json new file mode 100644 index 0000000..bece32e --- /dev/null +++ b/META.json @@ -0,0 +1,39 @@ +{ + "name": "block_copy_command", + "abstract": "PostgreSQL extension that blocks COPY commands via a configurable ProcessUtility hook", + "description": "A PostgreSQL security extension that intercepts and blocks COPY commands using a ProcessUtility hook. Supports direction-specific blocking (COPY TO / COPY FROM), COPY PROGRAM blocking, per-role blocklists, superuser bypass, audit logging, and custom error hints.", + "version": "0.1.4", + "maintainer": "RustWizard ", + "license": "bsd", + "provides": { + "block_copy_command": { + "abstract": "Block COPY commands via a configurable ProcessUtility hook", + "file": "block_copy_command.control", + "version": "0.1.4" + } + }, + "resources": { + "homepage": "https://github.com/rustwizard/block_copy_command", + "bugtracker": { + "web": "https://github.com/rustwizard/block_copy_command/issues" + }, + "repository": { + "url": "https://github.com/rustwizard/block_copy_command.git", + "web": "https://github.com/rustwizard/block_copy_command", + "type": "git" + } + }, + "prereqs": { + "runtime": { + "requires": { + "PostgreSQL": "13.0.0" + } + } + }, + "tags": ["copy", "security", "hook", "pgrx", "rust"], + "generated_by": "hand", + "meta-spec": { + "version": "1.0.0", + "url": "https://pgxn.org/spec/" + } +} diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..24e76f2 --- /dev/null +++ b/Makefile @@ -0,0 +1,47 @@ +PG_CONFIG ?= pg_config + +PG_VER := $(shell $(PG_CONFIG) --version | grep -oE '[0-9]+' | head -1) +PG_PKGLIBDIR := $(shell $(PG_CONFIG) --pkglibdir) +PG_SHAREDIR := $(shell $(PG_CONFIG) --sharedir) +PG_BINDIR := $(shell $(PG_CONFIG) --bindir) + +EXTENSION = block_copy_command +PACKAGE_DIR = target/release/$(EXTENSION)-pg$(PG_VER) + +# .so on Linux, .dylib on macOS +UNAME_S := $(shell uname -s) +ifeq ($(UNAME_S),Darwin) + LIB_EXT = dylib +else + LIB_EXT = so +endif + +REGRESS = setup copy_blocked +REGRESS_OPTS = --inputdir=tests/pg_regress + +.PHONY: all package install installcheck clean + +all: package + +package: + cargo pgrx package --pg-config $(PG_CONFIG) + +install: package + install -m 755 \ + "$(PACKAGE_DIR)$(PG_PKGLIBDIR)/$(EXTENSION).$(LIB_EXT)" \ + "$(PG_PKGLIBDIR)/" + install -m 644 \ + "$(PACKAGE_DIR)$(PG_SHAREDIR)/extension/$(EXTENSION).control" \ + "$(PG_SHAREDIR)/extension/" + install -m 644 \ + "$(PACKAGE_DIR)$(PG_SHAREDIR)/extension/$(EXTENSION)"--*.sql \ + "$(PG_SHAREDIR)/extension/" + +installcheck: + "$(PG_BINDIR)/pg_regress" \ + $(REGRESS_OPTS) \ + --bindir="$(PG_BINDIR)" \ + $(REGRESS) + +clean: + cargo clean diff --git a/buildkit/pg_block_copy.yaml b/buildkit/pg_block_copy.yaml index b782a21..e04feea 100644 --- a/buildkit/pg_block_copy.yaml +++ b/buildkit/pg_block_copy.yaml @@ -1,9 +1,9 @@ apiVersion: v1 name: block_copy_command -version: "0.1.1" +version: "0.1.4" homepage: https://github.com/rustwizard/block_copy_command repository: https://github.com/rustwizard/block_copy_command -source: https://github.com/rustwizard/block_copy_command/archive/refs/tags/v0.1.1.tar.gz +source: https://github.com/rustwizard/block_copy_command/archive/refs/tags/v0.1.4.tar.gz description: PostgreSQL extension that blocks COPY commands via a configurable ProcessUtility hook license: BSD-3-Clause keywords: