aboutsummaryrefslogtreecommitdiffstats
path: root/init-sh
diff options
context:
space:
mode:
Diffstat (limited to 'init-sh')
-rwxr-xr-xinit-sh/level0.sh21
-rwxr-xr-xinit-sh/level1.sh19
-rwxr-xr-xinit-sh/level2.sh21
-rwxr-xr-xinit-sh/level3.sh21
-rwxr-xr-xinit-sh/level4.sh25
-rwxr-xr-xinit-sh/level5.sh20
6 files changed, 86 insertions, 41 deletions
diff --git a/init-sh/level0.sh b/init-sh/level0.sh
index 05c8507..f3bd463 100755
--- a/init-sh/level0.sh
+++ b/init-sh/level0.sh
@@ -60,21 +60,28 @@ echo -e "\t- Security warning in syslog : no."
AddRules "SYSLOG_WARN=no" /etc/security/msec/security.conf
# end security check
-# /etc/profile
+# /etc/profile.d/msec.{sh,csh}
export SECURE_LEVEL=0
echo "Setting secure level variable to 0 :"
AddRules "export SECURE_LEVEL=0" /etc/profile.d/msec.sh
AddRules "setenv SECURE_LEVEL 0" /etc/profile.d/msec.csh
echo "Setting umask to 022 (u=rw,g=r,o=r) :"
-AddRules "umask 022" /etc/profile
-AddRules "umask 022" /etc/zprofile
+AddRules "umask 022" /etc/profile.d/msec.sh
+AddRules "umask 022" /etc/profile.d/msec.csh
echo "Adding \"non secure\" PATH variable :"
-AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile quiet
-AddRules "export PATH" /etc/profile
-AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/zprofile quiet
-AddRules "export PATH" /etc/zprofile
+if ! echo ${PATH} |grep -q /usr/X11R6/bin ; then
+ AddRules "export PATH=\$PATH:/usr/X11R6/bin" /etc/profile.d/msec.sh quiet
+ AddRules "setenv PATH \"\${PATH}:/usr/X11R6/bin\"" /etc/profile.d/msec.csh quiet
+fi
+if ! echo ${PATH} |grep -q /usr/games ; then
+ AddRules "export PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile.d/msec.sh quiet
+ AddRules "setenv PATH \"\${PATH}:/usr/games\"" /etc/profile.d/msec.csh quiet
+fi
+
+AddRules "export PATH=\$PATH:." /etc/profile.d/msec.sh quiet
+AddRules "setenv PATH \"\${PATH}:.\"" /etc/profile.d/msec.csh quiet
# Xserver
echo "Allowing users to connect X server from everywhere :"
diff --git a/init-sh/level1.sh b/init-sh/level1.sh
index 629163d..13d6454 100755
--- a/init-sh/level1.sh
+++ b/init-sh/level1.sh
@@ -67,14 +67,21 @@ AddRules "export SECURE_LEVEL=1" /etc/profile.d/msec.sh
AddRules "setenv SECURE_LEVEL 1" /etc/profile.d/msec.csh
echo "Setting umask to 022 (u=rw,g=r,o=r) :"
-AddRules "umask 022" /etc/profile
-AddRules "umask 022" /etc/zprofile
+AddRules "umask 022" /etc/profile.d/msec.sh
+AddRules "umask 022" /etc/profile.d/msec.csh
echo "Adding \"non secure\" PATH variable :"
-AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile quiet
-AddRules "export PATH" /etc/profile
-AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/zprofile quiet
-AddRules "export PATH" /etc/zprofile
+if ! echo ${PATH} |grep -q /usr/X11R6/bin ; then
+ AddRules "export PATH=\$PATH:/usr/X11R6/bin" /etc/profile.d/msec.sh quiet
+ AddRules "setenv PATH \"\${PATH}:/usr/X11R6/bin\"" /etc/profile.d/msec.csh quiet
+fi
+if ! echo ${PATH} |grep -q /usr/games ; then
+ AddRules "export PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile.d/msec.sh quiet
+ AddRules "setenv PATH \"\${PATH}:/usr/games\"" /etc/profile.d/msec.csh quiet
+fi
+
+AddRules "export PATH=\$PATH:." /etc/profile.d/msec.sh quiet
+AddRules "setenv PATH \"\${PATH}:.\"" /etc/profile.d/msec.csh quiet
# Xserver
echo "Allowing users to connect X server from localhost :"
diff --git a/init-sh/level2.sh b/init-sh/level2.sh
index 4e53d50..0c2b9d8 100755
--- a/init-sh/level2.sh
+++ b/init-sh/level2.sh
@@ -68,14 +68,21 @@ AddRules "export SECURE_LEVEL=2" /etc/profile.d/msec.sh
AddRules "setenv SECURE_LEVEL 2" /etc/profile.d/msec.csh
echo "Setting umask to 022 (u=rw,g=r,o=r) :"
-AddRules "umask 022" /etc/profile
-AddRules "umask 022" /etc/zprofile
+AddRules "umask 022" /etc/profile.d/msec.sh
+AddRules "umask 022" /etc/profile.d/msec.csh
-echo "Adding \"normal\" PATH variable :"
-AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet
-AddRules "export PATH" /etc/profile
-AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/zprofile quiet
-AddRules "export PATH" /etc/zprofile
+echo "Adding \"non secure\" PATH variable :"
+if ! echo ${PATH} |grep -q /usr/X11R6/bin ; then
+ AddRules "export PATH=\$PATH:/usr/X11R6/bin" /etc/profile.d/msec.sh quiet
+ AddRules "setenv PATH \"\${PATH}:/usr/X11R6/bin\"" /etc/profile.d/msec.csh quiet
+fi
+if ! echo ${PATH} |grep -q /usr/games ; then
+ AddRules "export PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile.d/msec.sh quiet
+ AddRules "setenv PATH \"\${PATH}:/usr/games\"" /etc/profile.d/msec.csh quiet
+fi
+
+AddRules "export PATH=\$PATH:." /etc/profile.d/msec.sh quiet
+AddRules "setenv PATH \"\${PATH}:.\"" /etc/profile.d/msec.csh quiet
# Xserver
echo "Allowing users to connect X server from localhost :"
diff --git a/init-sh/level3.sh b/init-sh/level3.sh
index 8ce3338..915d2e0 100755
--- a/init-sh/level3.sh
+++ b/init-sh/level3.sh
@@ -75,14 +75,21 @@ AddRules "export SECURE_LEVEL=3" /etc/profile.d/msec.sh
AddRules "setenv SECURE_LEVEL 3" /etc/profile.d/msec.csh
echo "Setting umask to 022 (u=rw,g=r,o=r) :"
-AddRules "umask 022" /etc/profile
-AddRules "umask 022" /etc/zprofile
+AddRules "umask 022" /etc/profile.d/msec.sh
+AddRules "umask 022" /etc/profile.d/msec.csh
-echo "Adding a \"normal\" PATH variable : "
-AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet
-AddRules "export PATH" /etc/profile
-AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/zprofile quiet
-AddRules "export PATH" /etc/zprofile
+echo "Adding \"non secure\" PATH variable :"
+if ! echo ${PATH} |grep -q /usr/X11R6/bin ; then
+ AddRules "export PATH=\$PATH:/usr/X11R6/bin" /etc/profile.d/msec.sh quiet
+ AddRules "setenv PATH \"\${PATH}:/usr/X11R6/bin\"" /etc/profile.d/msec.csh quiet
+fi
+if ! echo ${PATH} |grep -q /usr/games ; then
+ AddRules "export PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile.d/msec.sh quiet
+ AddRules "setenv PATH \"\${PATH}:/usr/games\"" /etc/profile.d/msec.csh quiet
+fi
+
+AddRules "export PATH=\$PATH:." /etc/profile.d/msec.sh quiet
+AddRules "setenv PATH \"\${PATH}:.\"" /etc/profile.d/msec.csh quiet
# Do not boot on a shell
AllowReboot
diff --git a/init-sh/level4.sh b/init-sh/level4.sh
index 978e8d3..0ae716b 100755
--- a/init-sh/level4.sh
+++ b/init-sh/level4.sh
@@ -107,14 +107,23 @@ echo -e "done.\n";
# /etc/profile
echo "Setting umask to 022 (u=rw,g=rx) for root, 077 (u=rw) for user :"
-AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/profile
-AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/zprofile
-
-echo "Adding \"normal\" PATH variable :"
-AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet
-AddRules "export PATH" /etc/profile
-AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/zprofile quiet
-AddRules "export PATH" /etc/zprofile
+AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/profile.d/msec.sh
+AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/profile.d/msec.csh
+
+echo "Adding \"non secure\" PATH variable :"
+if ! echo ${PATH} |grep -q /usr/X11R6/bin ; then
+ AddRules "export SECURE_LEVEL=4" /etc/profile.d/msec.sh quiet
+ AddRules "export PATH=\$PATH:/usr/X11R6/bin" /etc/profile.d/msec.sh quiet
+ AddRules "setenv SECURE_LEVEL 4" /etc/profile.d/msec.csh quiet
+ AddRules "setenv PATH \"\${PATH}:/usr/X11R6/bin\"" /etc/profile.d/msec.csh quiet
+fi
+if ! echo ${PATH} |grep -q /usr/games ; then
+ AddRules "export PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile.d/msec.sh quiet
+ AddRules "setenv PATH \"\${PATH}:/usr/games\"" /etc/profile.d/msec.csh quiet
+fi
+
+AddRules "export PATH=\$PATH:." /etc/profile.d/msec.sh quiet
+AddRules "setenv PATH \"\${PATH}:.\"" /etc/profile.d/msec.csh quiet
if [[ -f /lib/libsafe.so.1.3 ]]; then
echo "Enabling stack overflow protection :"
diff --git a/init-sh/level5.sh b/init-sh/level5.sh
index f429712..ecb8fac 100755
--- a/init-sh/level5.sh
+++ b/init-sh/level5.sh
@@ -117,15 +117,23 @@ echo -e "done.\n";
# /etc/profile
echo "Setting umask to 077 (u=rw) :"
-AddRules "umask 077" /etc/profile
-AddRules "umask 077" /etc/zprofile
+AddRules "umask 077" /etc/profile.d/msec.sh
+AddRules "umask 077" /etc/profile.d/msec.csh
echo "Adding \"normal\" PATH variable :"
-AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile quiet
-AddRules "export PATH SECURE_LEVEL" /etc/profile
-AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/zprofile quiet
-AddRules "export PATH SECURE_LEVEL" /etc/zprofile
+if ! echo ${PATH} |grep -q /usr/X11R6/bin ; then
+ AddRules "export SECURE_LEVEL=5" /etc/profile.d/msec.sh quiet
+ AddRules "export PATH=\$PATH:/usr/X11R6/bin" /etc/profile.d/msec.sh quiet
+ AddRules "setenv SECURE_LEVEL 5" /etc/profile.d/msec.csh quiet
+ AddRules "setenv PATH \"\${PATH}:/usr/X11R6/bin\"" /etc/profile.d/msec.csh quiet
+fi
+if ! echo ${PATH} |grep -q /usr/games ; then
+ AddRules "export PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile.d/msec.sh quiet
+ AddRules "setenv PATH \"\${PATH}:/usr/games\"" /etc/profile.d/msec.csh quiet
+fi
+AddRules "export PATH=\$PATH:." /etc/profile.d/msec.sh quiet
+AddRules "setenv PATH \"\${PATH}:.\"" /etc/profile.d/msec.csh quiet
if [[ -f /lib/libsafe.so.1.3 ]]; then
echo "Enabling stack overflow protection :"