From 1013770dd22193928fab5a3e379dc5ebe5a260be Mon Sep 17 00:00:00 2001
From: Robert Haas <rhaas@postgresql.org>
Date: Fri, 19 Aug 2011 11:51:10 -0400
Subject: [PATCH] Allow sepgsql regression tests to be run from a user homedir.

KaiGai Kohei, with some changes by me.
---
 contrib/sepgsql/sepgsql-regtest.te | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/contrib/sepgsql/sepgsql-regtest.te b/contrib/sepgsql/sepgsql-regtest.te
index 3b1def75a5..a8fe2476a4 100644
--- a/contrib/sepgsql/sepgsql-regtest.te
+++ b/contrib/sepgsql/sepgsql-regtest.te
@@ -1,4 +1,4 @@
-policy_module(sepgsql-regtest, 1.02)
+policy_module(sepgsql-regtest, 1.03)
 
 gen_require(`
 	all_userspace_class_perms
@@ -24,6 +24,7 @@ postgresql_procedure_object(sepgsql_regtest_trusted_proc_exec_t)
 role sepgsql_regtest_dba_r;
 userdom_base_user_template(sepgsql_regtest_dba)
 userdom_manage_home_role(sepgsql_regtest_dba_r, sepgsql_regtest_dba_t)
+userdom_exec_user_home_content_files(sepgsql_regtest_dba_t)
 userdom_write_user_tmp_sockets(sepgsql_regtest_user_t)
 optional_policy(`
 	postgresql_admin(sepgsql_regtest_dba_t, sepgsql_regtest_dba_r)
@@ -40,6 +41,7 @@ optional_policy(`
 role sepgsql_regtest_user_r;
 userdom_base_user_template(sepgsql_regtest_user)
 userdom_manage_home_role(sepgsql_regtest_user_r, sepgsql_regtest_user_t)
+userdom_exec_user_home_content_files(sepgsql_regtest_user_t)
 userdom_write_user_tmp_sockets(sepgsql_regtest_user_t)
 optional_policy(`
 	postgresql_role(sepgsql_regtest_user_r, sepgsql_regtest_user_t)
-- 
2.40.0