aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorFlorin Grad <florin@mandriva.com>2001-11-28 15:39:36 +0000
committerFlorin Grad <florin@mandriva.com>2001-11-28 15:39:36 +0000
commit223ad2b149ae600e372b1315d7ff27ca37a99a0a (patch)
tree3c5e2b8073a070975fe5ad9849c9462550d34559
parente221c8318bfab76505b82b9796fe51f23bdb8cdf (diff)
downloadmsec-223ad2b149ae600e372b1315d7ff27ca37a99a0a.tar
msec-223ad2b149ae600e372b1315d7ff27ca37a99a0a.tar.gz
msec-223ad2b149ae600e372b1315d7ff27ca37a99a0a.tar.bz2
msec-223ad2b149ae600e372b1315d7ff27ca37a99a0a.tar.xz
msec-223ad2b149ae600e372b1315d7ff27ca37a99a0a.zip
add the /etc/sysconfig/mesc support for UMASK
-rwxr-xr-xinit-sh/level0.sh7
-rwxr-xr-xinit-sh/level1.sh7
-rwxr-xr-xinit-sh/level2.sh7
-rwxr-xr-xinit-sh/level3.sh7
-rwxr-xr-xinit-sh/level4.sh11
-rwxr-xr-xinit-sh/level5.sh4
6 files changed, 18 insertions, 25 deletions
diff --git a/init-sh/level0.sh b/init-sh/level0.sh
index c7ee590..83c1252 100755
--- a/init-sh/level0.sh
+++ b/init-sh/level0.sh
@@ -63,12 +63,11 @@ echo -e "\t- Security warning in syslog : no."
# /etc/profile.d/msec.{sh,csh}
export SECURE_LEVEL=0
echo "Setting secure level variable to 0 :"
-AddRules "export SECURE_LEVEL=0" /etc/profile.d/msec.sh
-AddRules "setenv SECURE_LEVEL 0" /etc/profile.d/msec.csh
+AddRules "SECURE_LEVEL=0" /etc/sysconfig/msec
echo "Setting umask to 022 (u=rw,g=r,o=r) :"
-AddRules "umask 022" /etc/profile.d/msec.sh
-AddRules "umask 022" /etc/profile.d/msec.csh
+AddRules "UMASK_ROOT=022" /etc/sysconfig/msec
+AddRules "UMASK_USER=022" /etc/sysconfig/msec
# Xserver
echo "Allowing users to connect X server from everywhere :"
diff --git a/init-sh/level1.sh b/init-sh/level1.sh
index 6fadfe5..5bcc2ae 100755
--- a/init-sh/level1.sh
+++ b/init-sh/level1.sh
@@ -63,12 +63,11 @@ echo -e "\t- Security warning in syslog : no."
# /etc/profile.d/msec.{sh,csh}
export SECURE_LEVEL=1
echo "Setting secure level variable to 1 :"
-AddRules "export SECURE_LEVEL=1" /etc/profile.d/msec.sh
-AddRules "setenv SECURE_LEVEL 1" /etc/profile.d/msec.csh
+AddRules "SECURE_LEVEL=1" /etc/sysconfig/msec
echo "Setting umask to 022 (u=rw,g=r,o=r) :"
-AddRules "umask 022" /etc/profile.d/msec.sh
-AddRules "umask 022" /etc/profile.d/msec.csh
+AddRules "UMASK_ROOT=022" /etc/sysconfig/msec
+AddRules "UMASK_USER=022" /etc/sysconfig/msec
# Xserver
echo "Allowing users to connect X server from localhost :"
diff --git a/init-sh/level2.sh b/init-sh/level2.sh
index e194a69..b1e903f 100755
--- a/init-sh/level2.sh
+++ b/init-sh/level2.sh
@@ -64,12 +64,11 @@ echo -e "\t- Security warning in syslog : yes."
# /etc/profile.d/msec.{sh,csh}
export SECURE_LEVEL=2
echo "Setting secure level variable to 2 :"
-AddRules "export SECURE_LEVEL=2" /etc/profile.d/msec.sh
-AddRules "setenv SECURE_LEVEL 2" /etc/profile.d/msec.csh
+AddRules "SECURE_LEVEL=2" /etc/sysconfig/msec
echo "Setting umask to 022 (u=rw,g=r,o=r) :"
-AddRules "umask 022" /etc/profile.d/msec.sh
-AddRules "umask 022" /etc/profile.d/msec.csh
+AddRules "UMASK_ROOT=022" /etc/sysconfig/msec
+AddRules "UMASK_USER=022" /etc/sysconfig/msec
# Xserver
echo "Allowing users to connect X server from localhost :"
diff --git a/init-sh/level3.sh b/init-sh/level3.sh
index f0b8178..08ef348 100755
--- a/init-sh/level3.sh
+++ b/init-sh/level3.sh
@@ -71,12 +71,11 @@ AddRules "0 4 * * * root /usr/share/msec/security.sh" /etc/crontab
# /etc/profile.d/msec.{sh,csh}
export SECURE_LEVEL=3
echo "Setting secure level variable to 3 :"
-AddRules "export SECURE_LEVEL=3" /etc/profile.d/msec.sh
-AddRules "setenv SECURE_LEVEL 3" /etc/profile.d/msec.csh
+AddRules "SECURE_LEVEL=3" /etc/sysconfig/msec
echo "Setting umask to 022 (u=rw,g=r,o=r) :"
-AddRules "umask 022" /etc/profile.d/msec.sh
-AddRules "umask 022" /etc/profile.d/msec.csh
+AddRules "UMASK_ROOT=022" /etc/sysconfig/msec
+AddRules "UMASK_USER=022" /etc/sysconfig/msec
# Do not boot on a shell
AllowReboot
diff --git a/init-sh/level4.sh b/init-sh/level4.sh
index 575f16e..932042d 100755
--- a/init-sh/level4.sh
+++ b/init-sh/level4.sh
@@ -80,12 +80,9 @@ echo "Adding \"diff\" & \"global\" security check in crontab (scheduled every mi
AddRules "0 4 * * * root /usr/share/msec/security.sh" /etc/crontab
# Server update
-echo "Setting secure level variable to 4 :"
-AddRules "export SECURE_LEVEL=4" /etc/profile.d/msec.sh
-AddRules "setenv SECURE_LEVEL 4" /etc/profile.d/msec.csh
-
-
export SECURE_LEVEL=4
+echo "Setting secure level variable to 4 :"
+AddRules "SECURE_LEVEL=4" /etc/sysconfig/msec
IFS="
"
@@ -107,8 +104,8 @@ echo -e "done.\n";
# /etc/profile.d/msec.{sh,csh}
echo "Setting umask to 022 (u=rw,g=rx) for root, 077 (u=rw) for user :"
-AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/profile.d/msec.sh
-AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/profile.d/msec.csh
+AddRules "UMASK_ROOT=022" /etc/sysconfig/msec
+AddRules "UMASK_USER=077" /etc/sysconfig/msec
if [[ -f /lib/libsafe.so.2 ]]; then
echo "Enabling stack overflow protection :"
diff --git a/init-sh/level5.sh b/init-sh/level5.sh
index 3d434f1..7ea4873 100755
--- a/init-sh/level5.sh
+++ b/init-sh/level5.sh
@@ -117,8 +117,8 @@ echo -e "done.\n";
# /etc/profile.d/msec.{sh,csh}
echo "Setting umask to 077 (u=rw) :"
-AddRules "umask 077" /etc/profile.d/msec.sh
-AddRules "umask 077" /etc/profile.d/msec.csh
+AddRules "UMASK_ROOT=077" /etc/sysconfig/msec
+AddRules "UMASK_USER=077" /etc/sysconfig/msec
if [[ -f /lib/libsafe.so.2]]; then
echo "Enabling stack overflow protection :"