Should really be stable now.

author: Yoann Vandoorselaere <yoann@mandriva.com> 1999-12-09 17:16:37 +0000
committer: Yoann Vandoorselaere <yoann@mandriva.com> 1999-12-09 17:16:37 +0000
commit: a9246801e5bce8060b3086ae5f3d443699b82171 (patch)
tree: 087e90506e9630ee7dba5ef3960ca2cc7146162a /init-sh/custom.sh
parent: 9422e4962af0d43308cfae95ab8e7370ee035525 (diff)
download: msec-a9246801e5bce8060b3086ae5f3d443699b82171.tar
msec-a9246801e5bce8060b3086ae5f3d443699b82171.tar.gz
msec-a9246801e5bce8060b3086ae5f3d443699b82171.tar.bz2
msec-a9246801e5bce8060b3086ae5f3d443699b82171.tar.xz
msec-a9246801e5bce8060b3086ae5f3d443699b82171.zip
1 files changed, 19 insertions, 19 deletions
diff --git a/init-sh/custom.sh b/init-sh/custom.sh
index c6963a9..46ba9af 100755
--- a/init-sh/custom.sh
+++ b/init-sh/custom.sh
@@ -5,7 +5,7 @@
 # Writen by Vandoorselaere Yoann <yoann@mandrakesoft.com>
 #
 
-if [ -f /etc/security/msec/init-sh/lib.sh ]; then
+if [[ -f /etc/security/msec/init-sh/lib.sh ]]; then
     . /etc/security/msec/init-sh/lib.sh
 fi
 
@@ -15,24 +15,24 @@ clear
 ###
 echo "Do you want your log file to be in append mode only ?"
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
     find /var/log/ -type f -exec chattr +a {} \;
 fi
 
 ###
 echo "Do you want all system events to be logged on tty12 ?"
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
     AddRules "*.* /dev/tty12" /etc/syslog.conf
 fi
 
 ###
 echo "Do you want to deny any machine to connect to yours ?"
 WaitAnswer
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
     echo "Do you want only localhost to be allowed ?"
     WaitAnswer; clear
-    if [ "${answer}" == "yes" ]; then
+    if [[ ${answer} == yes ]]; then
 	AddRules "ALL:ALL EXCEPT localhost:DENY" /etc/hosts.deny
     else
 	AddRules "ALL:ALL:DENY" /etc/hosts.deny
@@ -42,7 +42,7 @@ fi
 ###
 echo "Do you want root console login to be allowed ?" 
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
     AddRules "tty1" /etc/securetty quiet
     AddRules "tty2" /etc/securetty quiet
     AddRules "tty3" /etc/securetty quiet
@@ -53,7 +53,7 @@ fi
 ###
 echo "Do you want your system to daily check important security problem ?"
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
 	AddRules "CHECK_SECURITY=yes" /etc/security/msec/security.conf
 	AddRules "0 0-23 * * *    root    nice --adjustment=+19 /etc/security/msec/cron-sh/security_check.sh" /etc/crontab
 fi
@@ -61,7 +61,7 @@ fi
 ###
 echo "Do you want your system to daily check new open port listening ?"
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
 	AddRules "CHECK_OPEN_PORT=yes" /etc/security/msec/security.conf
 	AddRules "0 0-23 * * *    root    nice --adjustment=+19 /etc/security/msec/cron-sh/security_check.sh" /etc/crontab
 	AddRules "0 0-23 * * *    root    nice --adjustment=+19 /etc/security/msec/cron-sh/diff_check.sh" /etc/crontab
@@ -70,7 +70,7 @@ fi
 ###
 echo "Do you want your system to check for grave permission problem on senssibles files ?"
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
 	AddRules "CHECK_PERMS=yes" /etc/security/msec/security.conf
 	AddRules "0 0-23 * * *    root    nice --adjustment=+19 /etc/security/msec/cron-sh/security_check.sh" /etc/crontab
 fi
@@ -78,7 +78,7 @@ fi
 ###
 echo "Do you want your system to daily check SUID Root file change ?"
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
     AddRules "CHECK_SUID_ROOT=yes" /etc/security/msec/security.conf
     AddRules "0 0-23 * * *    root    nice --adjustment=+19 /etc/security/msec/cron-sh/diff_check.sh" /etc/crontab
 fi
@@ -86,7 +86,7 @@ fi
 ###
 echo "Do you want your system to daily check suid files md5 checksum changes ?"
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
 	AddRules "CHECK_SUID_MD5=yes" /etc/security/msec/security.conf
 	AddRules "0 0-23 * * *    root    nice --adjustment=+19 /etc/security/msec/cron-sh/diff_check.sh" /etc/crontab
 fi
@@ -94,7 +94,7 @@ fi
 ###
 echo "Do you want your system to daily check SUID Group file change ?"
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
     AddRules "CHECK_SUID_GROUP=yes" /etc/security/msec/security.conf
     AddRules "0 0-23 * * *    root    nice --adjustment=+19 /etc/security/msec/cron-sh/diff_check.sh" /etc/crontab
 fi
@@ -102,7 +102,7 @@ fi
 ###
 echo "Do you want your system to daily check Writeable file change ?"
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
     AddRules "CHECK_WRITEABLE=yes" /etc/security/msec/security.conf
     AddRules "0 0-23 * * *    root    nice --adjustment=+19 /etc/security/msec/cron-sh/diff_check.sh" /etc/crontab
 fi
@@ -110,7 +110,7 @@ fi
 ###
 echo "Do you want your system to daily check Unowned file change ?"
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
     AddRules "CHECK_UNOWNED=yes" /etc/security/msec/security.conf
     AddRules "0 0-23 * * *    root    nice --adjustment=+19 /etc/security/msec/cron-sh/diff_check.sh" /etc/crontab
 fi
@@ -119,7 +119,7 @@ fi
 echo "Do you want your system to verify every minutes if a network interface"
 echo "is in promiscuous state (which mean someone is probably running a sniffer on your machine ) ?"
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
     AddRules "CHECK_PROMISC=yes" /etc/security/msec/security.conf
     AddRules "*/1 * * * *    root    nice --adjustment=+19 /etc/security/msec/cron-sh/promisc_check.sh" /etc/crontab
 fi
@@ -132,7 +132,7 @@ LiloUpdate;
 echo "Do you want to disable your running server ( except important one )"
 echo "This is only valuable for server installed with rpm."
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
 	echo -n "Disabling all service, except : {"
 	chkconfig --list | awk '{print $1}' | while read service; do
    		if grep -qx ${service} /etc/security/msec/init-sh/server.4; then
@@ -155,7 +155,7 @@ echo "Do you want to disallow rpm to automatically enable a new installed server
 echo "yes = you will need to chkconfig (--add ) servername for the server to run on boot."
 echo "no  = rpm will do it for you, but you have less control of what is running on your machine."
 WaitAnswer; clear
-if [ "${answer}" == "yes" ]; then
+if [[ ${answer} == yes ]; then
 	export SECURE_LEVEL="4"
 	AddRules "SECURE_LEVEL=\"4\"" /etc/profile
 else
@@ -182,7 +182,7 @@ case "${answer}" in
 	AddRules "umask 022" /etc/profile
 	;;
 	"restricted")
-	AddRules "if [ \${UID} == 0 ]; then umask 022; else umask 077; fi" /etc/profile
+	AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/profile
 	;;
 	"paranoid")
 	AddRules "umask 077" /etc/profile
@@ -194,7 +194,7 @@ echo "Do you want a "." in your PATH variable ?"
 echo "This permit you to not use ./progname & to just type progname"
 echo "However this is a *high* security risk."
 WaitAnswer; clear
-if [ ${answer} == "yes" ]; then
+if [[ ${answer} == yes ]]; then
     AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile
 else
     AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile
author	Yoann Vandoorselaere <yoann@mandriva.com>	1999-12-09 17:16:37 +0000
committer	Yoann Vandoorselaere <yoann@mandriva.com>	1999-12-09 17:16:37 +0000
commit	a9246801e5bce8060b3086ae5f3d443699b82171 (patch)
tree	087e90506e9630ee7dba5ef3960ca2cc7146162a /init-sh/custom.sh
parent	9422e4962af0d43308cfae95ab8e7370ee035525 (diff)
download	msec-a9246801e5bce8060b3086ae5f3d443699b82171.tar msec-a9246801e5bce8060b3086ae5f3d443699b82171.tar.gz msec-a9246801e5bce8060b3086ae5f3d443699b82171.tar.bz2 msec-a9246801e5bce8060b3086ae5f3d443699b82171.tar.xz msec-a9246801e5bce8060b3086ae5f3d443699b82171.zip