diff options
Diffstat (limited to 'perl-install/security/msec.pm')
| -rw-r--r-- | perl-install/security/msec.pm | 34 |
1 files changed, 16 insertions, 18 deletions
diff --git a/perl-install/security/msec.pm b/perl-install/security/msec.pm index 791ad8ef0..4258653ef 100644 --- a/perl-install/security/msec.pm +++ b/perl-install/security/msec.pm @@ -1,7 +1,6 @@ package security::msec; use strict; -use MDK::Common::File; use MDK::Common; @@ -49,7 +48,7 @@ sub load_values { chop $val; $val =~ s/[()]//g; chop $opt if $separator eq '\('; # $opt =~ s/ //g if $separator eq '\('; - if_($val, $opt => $val); + if_(defined($val), $opt => $val); } cat_($msec->{$category}{values_file}); } @@ -60,7 +59,7 @@ sub load_values { sub get_function_value { my ($msec, $function) = @_; - $msec->{functions}{value}{$function} || "default"; + exists $msec->{functions}{value}{$function} ? $msec->{functions}{value}{$function} : "default"; } sub get_check_value { @@ -83,7 +82,7 @@ sub raw_checks_list { sub list_checks { my ($msec) = @_; - grep { !member($_, qw(MAIL_WARN MAIL_USER)) } $msec->raw_checks_list; + difference2([ $msec->raw_checks_list ], [ qw(MAIL_WARN MAIL_USER) ]); } sub list_functions { @@ -98,7 +97,7 @@ sub list_functions { enable_dns_spoofing_protection enable_ip_spoofing_protection enable_log_strange_packets enable_promisc_check no_password_aging_for)], 'system' => [qw(allow_autologin allow_issues allow_reboot allow_remote_root_login - allow_root_login allow_user_list allow_x_connections allow_xserver_to_listen + allow_root_login allow_user_list allow_xauth_from_root allow_x_connections allow_xserver_to_listen authorize_services enable_at_crontab enable_console_log enable_msec_cron enable_pam_wheel_for_su enable_password enable_security_check enable_sulogin password_aging password_history password_length set_root_umask @@ -133,6 +132,7 @@ sub set_check { sub apply_functions { my ($msec) = @_; my @list = sort($msec->list_functions('system'), $msec->list_functions('network')); + touch($msec->{functions}{values_file}) if !-e $msec->{functions}{values_file}; substInFile { foreach my $function (@list) { s/^$function.*\n// } if (eof) { @@ -147,28 +147,26 @@ sub apply_functions { sub apply_checks { my ($msec) = @_; my @list = sort $msec->raw_checks_list; - substInFile { - foreach my $check (@list) { s/^$check.*\n// } - if (eof) { - print "\n", join("\n", map { - my $value = $msec->get_check_value($_); - if_($value ne 'default', $_ . '=' . $value); - } @list), "\n"; - } - } $msec->{checks}{values_file}; + setVarsInSh($msec->{checks}{values_file}, + { + map { + my $value = $msec->get_check_value($_); + if_($value ne 'default', $_ => $value); + } @list + } + ); } sub reload { my ($msec) = @_; - my $num_level = 0; require security::level; - $num_level ||= security::level::get(); - $msec->{functions}{defaults_file} = "$::prefix/usr/share/msec/level.".$num_level; + my $num_level = security::level::get(); + $msec->{functions}{defaults_file} = "$::prefix/usr/share/msec/level.$num_level"; $msec->{functions}{default} = { $msec->load_defaults('functions') }; } sub new { - my $type = shift; + my ($type) = @_; my $msec = bless {}, $type; $msec->{functions}{values_file} = "$::prefix/etc/security/msec/level.local"; |