diff options
-rw-r--r-- | doc/msec.spec | 2 | ||||
-rwxr-xr-x | init-sh/level1.sh | 10 | ||||
-rwxr-xr-x | init-sh/level2.sh | 6 | ||||
-rwxr-xr-x | init-sh/level3.sh | 5 | ||||
-rwxr-xr-x | init-sh/level4.sh | 14 | ||||
-rwxr-xr-x | init-sh/level5.sh | 4 | ||||
-rw-r--r-- | init-sh/lib.sh | 7 |
7 files changed, 9 insertions, 39 deletions
diff --git a/doc/msec.spec b/doc/msec.spec index 3553739..45ef518 100644 --- a/doc/msec.spec +++ b/doc/msec.spec @@ -1,7 +1,7 @@ Summary: Security Level & Program for the Linux Mandrake distribution Name: msec Version: 0.3 -Release: 7mdk +Release: 8mdk Source: ftp://mandrakesoft.com/pub/yoann/msec-0.3.tar.gz Copyright: GPL Group: System Environment/Base diff --git a/init-sh/level1.sh b/init-sh/level1.sh index 01177ba..3d5d300 100755 --- a/init-sh/level1.sh +++ b/init-sh/level1.sh @@ -27,7 +27,7 @@ AddRules "SYSLOG_WARN=yes" /etc/security/msec/security.conf # umask AddRules "umask 022" /etc/profile - +AddRules "SECURE_LEVEL=1" /etc/profile # Group usermod -G audio "${USERNAME}" @@ -38,10 +38,4 @@ xhost + localhost 2>&1 >& /dev/null lilo # Path -if [ ${HAVE_X}==1 ]; then - AddRules "PATH=$PATH:/usr/X11R6/bin:." /etc/profile -fi - - - - +AddRules "PATH=\$PATH:/usr/X11R6/bin:." /etc/profile diff --git a/init-sh/level2.sh b/init-sh/level2.sh index d9397d2..64027da 100755 --- a/init-sh/level2.sh +++ b/init-sh/level2.sh @@ -27,7 +27,7 @@ AddRules "SYSLOG_WARN=yes" /etc/security/msec/security.conf # Permissions AddRules "umask 002" /etc/profile - +AddRules "SECURE_LEVEL=2" /etc/profile # Group usermod -G audio ${USERNAME} >& /dev/null @@ -38,9 +38,7 @@ xhost + localhost 2>&1 >& /dev/null /sbin/lilo # Path -if [ ${HAVE_X}==1 ]; then - AddRules "PATH=$PATH:/usr/X11R6/bin" /etc/profile -fi +AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile diff --git a/init-sh/level3.sh b/init-sh/level3.sh index de4e5f3..1c1cfd9 100755 --- a/init-sh/level3.sh +++ b/init-sh/level3.sh @@ -37,14 +37,13 @@ AddRules "0 0-23 * * * root nice --adjustment=+19 /etc/security/msec/cron- # Permissions AddRules "umask 022" /etc/profile +AddRules "SECURE_LEVEL=3 /etc/profile /sbin/lilo # Path -if [ ${HAVE_X}==1 ]; then - AddRules "PATH=$PATH:/usr/X11R6/bin" /etc/profile -fi +AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile diff --git a/init-sh/level4.sh b/init-sh/level4.sh index f8e00a1..a255b35 100755 --- a/init-sh/level4.sh +++ b/init-sh/level4.sh @@ -60,17 +60,5 @@ done AddRules "umask 022" /etc/profile # Path - -if [ ${HAVE_X}==1 ]; then - AddRules "PATH=$PATH:/usr/X11R6/bin" /etc/profile -fi - - - - - - - - - +AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile diff --git a/init-sh/level5.sh b/init-sh/level5.sh index f78de51..b6fd09d 100755 --- a/init-sh/level5.sh +++ b/init-sh/level5.sh @@ -53,9 +53,7 @@ done AddRules "umask 077" /etc/profile # Path -if [ ${HAVE_X}==1 ]; then - AddRules "PATH=$PATH:/usr/X11R6/bin" /etc/profile -fi +AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile echo echo "You are now running your system in security level 5," diff --git a/init-sh/lib.sh b/init-sh/lib.sh index a48c945..61dfb9e 100644 --- a/init-sh/lib.sh +++ b/init-sh/lib.sh @@ -23,12 +23,6 @@ if [ -f /etc/security/msec/security.conf ]; then . /etc/security/msec/security.conf fi -if rpm -q XFree86 2>&1 > /dev/null; then - HAVE_X=1 -else - HAVE_X=0 -fi - USERNAME="blah" COMMENT="# Mandrake-Security : if you remove this comment, remove the next line too." @@ -155,7 +149,6 @@ CleanRules /etc/crontab # For all secure level AddRules "echo 1 > /proc/sys/net/ipv4/conf/all/rp_filter" /etc/rc.d/rc.firewall - # default group which must exist on the system groupadd audio >& /dev/null groupadd xgrp >& /dev/null |