diff options
author | Gordon Tetlow <gordon@FreeBSD.org> | 2002-06-13 22:14:37 +0000 |
---|---|---|
committer | Gordon Tetlow <gordon@FreeBSD.org> | 2002-06-13 22:14:37 +0000 |
commit | 27bc1b287e497f817ea9d08f319e7c7dceb413c4 (patch) | |
tree | 3168589e209abd888b033397e3c46dee6131a116 /etc/rc.d/securelevel | |
parent | 1cfdefbb9f162da9aa9c045f07394f49aaef1db8 (diff) | |
download | src-test2-27bc1b287e497f817ea9d08f319e7c7dceb413c4.tar.gz src-test2-27bc1b287e497f817ea9d08f319e7c7dceb413c4.zip |
Notes
Diffstat (limited to 'etc/rc.d/securelevel')
-rwxr-xr-x | etc/rc.d/securelevel | 49 |
1 files changed, 36 insertions, 13 deletions
diff --git a/etc/rc.d/securelevel b/etc/rc.d/securelevel index c3f3121ef47b..dce65e59968a 100755 --- a/etc/rc.d/securelevel +++ b/etc/rc.d/securelevel @@ -1,10 +1,13 @@ #!/bin/sh # -# $NetBSD: securelevel,v 1.1 2000/08/21 23:31:24 lukem Exp $ +# $NetBSD: securelevel,v 1.4 2002/03/22 04:34:00 thorpej Exp $ +# $FreeBSD$ # # PROVIDE: securelevel # REQUIRE: aftermountlkm ipnat mountd +# BEFORE: DAEMON +# KEYWORD: FreeBSD NetBSD . /etc/rc.subr @@ -14,19 +17,39 @@ stop_cmd=":" securelevel_start() { - # if $securelevel is set, change it here, else if it is 0, - # change it to 1 here, before we start daemons or login services. - # - if [ -n "$securelevel" ]; then - echo -n "Setting securelevel: " - sysctl kern.securelevel=$securelevel - else - securelevel=`sysctl -n kern.securelevel` - if [ x"$securelevel" = x0 ]; then - echo -n "Setting securelevel: " - sysctl kern.securelevel=1 + case `${CMD_OSTYPE}` in + FreeBSD) + case ${kern_securelevel_enable} in + [Yy][Ee][Ss]) + if [ ${kern_securelevel} -ge 0 ]; then + echo 'Raising kernel security level: ' + ${SYSCTL_W} kern.securelevel=${kern_securelevel} + fi + ;; + esac + ;; + NetBSD) + # if $securelevel is set higher, change it here, else if + # it is 0, change it to 1 here, before we start daemons + # or login services. + # + osecurelevel=`sysctl -n kern.securelevel` + if [ -n "$securelevel" -a "$securelevel" != "$osecurelevel" ]; then + if [ "$securelevel" -lt "$osecurelevel" ]; then + echo "Can't lower securelevel." + exit 1 + else + echo -n "Setting securelevel: " + ${SYSCTL_W} kern.securelevel=$securelevel + fi + else + if [ "$osecurelevel" = 0 ]; then + echo -n "Setting securelevel: " + ${SYSCTL_W} kern.securelevel=1 + fi fi - fi + ;; + esac } load_rc_config $name |