diff options
Diffstat (limited to 'init-sh')
-rwxr-xr-x | init-sh/level0.sh | 7 | ||||
-rwxr-xr-x | init-sh/level1.sh | 7 | ||||
-rwxr-xr-x | init-sh/level2.sh | 7 | ||||
-rwxr-xr-x | init-sh/level3.sh | 7 | ||||
-rwxr-xr-x | init-sh/level4.sh | 11 | ||||
-rwxr-xr-x | init-sh/level5.sh | 4 |
6 files changed, 18 insertions, 25 deletions
diff --git a/init-sh/level0.sh b/init-sh/level0.sh index c7ee590..83c1252 100755 --- a/init-sh/level0.sh +++ b/init-sh/level0.sh @@ -63,12 +63,11 @@ echo -e "\t- Security warning in syslog : no." # /etc/profile.d/msec.{sh,csh} export SECURE_LEVEL=0 echo "Setting secure level variable to 0 :" -AddRules "export SECURE_LEVEL=0" /etc/profile.d/msec.sh -AddRules "setenv SECURE_LEVEL 0" /etc/profile.d/msec.csh +AddRules "SECURE_LEVEL=0" /etc/sysconfig/msec echo "Setting umask to 022 (u=rw,g=r,o=r) :" -AddRules "umask 022" /etc/profile.d/msec.sh -AddRules "umask 022" /etc/profile.d/msec.csh +AddRules "UMASK_ROOT=022" /etc/sysconfig/msec +AddRules "UMASK_USER=022" /etc/sysconfig/msec # Xserver echo "Allowing users to connect X server from everywhere :" diff --git a/init-sh/level1.sh b/init-sh/level1.sh index 6fadfe5..5bcc2ae 100755 --- a/init-sh/level1.sh +++ b/init-sh/level1.sh @@ -63,12 +63,11 @@ echo -e "\t- Security warning in syslog : no." # /etc/profile.d/msec.{sh,csh} export SECURE_LEVEL=1 echo "Setting secure level variable to 1 :" -AddRules "export SECURE_LEVEL=1" /etc/profile.d/msec.sh -AddRules "setenv SECURE_LEVEL 1" /etc/profile.d/msec.csh +AddRules "SECURE_LEVEL=1" /etc/sysconfig/msec echo "Setting umask to 022 (u=rw,g=r,o=r) :" -AddRules "umask 022" /etc/profile.d/msec.sh -AddRules "umask 022" /etc/profile.d/msec.csh +AddRules "UMASK_ROOT=022" /etc/sysconfig/msec +AddRules "UMASK_USER=022" /etc/sysconfig/msec # Xserver echo "Allowing users to connect X server from localhost :" diff --git a/init-sh/level2.sh b/init-sh/level2.sh index e194a69..b1e903f 100755 --- a/init-sh/level2.sh +++ b/init-sh/level2.sh @@ -64,12 +64,11 @@ echo -e "\t- Security warning in syslog : yes." # /etc/profile.d/msec.{sh,csh} export SECURE_LEVEL=2 echo "Setting secure level variable to 2 :" -AddRules "export SECURE_LEVEL=2" /etc/profile.d/msec.sh -AddRules "setenv SECURE_LEVEL 2" /etc/profile.d/msec.csh +AddRules "SECURE_LEVEL=2" /etc/sysconfig/msec echo "Setting umask to 022 (u=rw,g=r,o=r) :" -AddRules "umask 022" /etc/profile.d/msec.sh -AddRules "umask 022" /etc/profile.d/msec.csh +AddRules "UMASK_ROOT=022" /etc/sysconfig/msec +AddRules "UMASK_USER=022" /etc/sysconfig/msec # Xserver echo "Allowing users to connect X server from localhost :" diff --git a/init-sh/level3.sh b/init-sh/level3.sh index f0b8178..08ef348 100755 --- a/init-sh/level3.sh +++ b/init-sh/level3.sh @@ -71,12 +71,11 @@ AddRules "0 4 * * * root /usr/share/msec/security.sh" /etc/crontab # /etc/profile.d/msec.{sh,csh} export SECURE_LEVEL=3 echo "Setting secure level variable to 3 :" -AddRules "export SECURE_LEVEL=3" /etc/profile.d/msec.sh -AddRules "setenv SECURE_LEVEL 3" /etc/profile.d/msec.csh +AddRules "SECURE_LEVEL=3" /etc/sysconfig/msec echo "Setting umask to 022 (u=rw,g=r,o=r) :" -AddRules "umask 022" /etc/profile.d/msec.sh -AddRules "umask 022" /etc/profile.d/msec.csh +AddRules "UMASK_ROOT=022" /etc/sysconfig/msec +AddRules "UMASK_USER=022" /etc/sysconfig/msec # Do not boot on a shell AllowReboot diff --git a/init-sh/level4.sh b/init-sh/level4.sh index 575f16e..932042d 100755 --- a/init-sh/level4.sh +++ b/init-sh/level4.sh @@ -80,12 +80,9 @@ echo "Adding \"diff\" & \"global\" security check in crontab (scheduled every mi AddRules "0 4 * * * root /usr/share/msec/security.sh" /etc/crontab # Server update -echo "Setting secure level variable to 4 :" -AddRules "export SECURE_LEVEL=4" /etc/profile.d/msec.sh -AddRules "setenv SECURE_LEVEL 4" /etc/profile.d/msec.csh - - export SECURE_LEVEL=4 +echo "Setting secure level variable to 4 :" +AddRules "SECURE_LEVEL=4" /etc/sysconfig/msec IFS=" " @@ -107,8 +104,8 @@ echo -e "done.\n"; # /etc/profile.d/msec.{sh,csh} echo "Setting umask to 022 (u=rw,g=rx) for root, 077 (u=rw) for user :" -AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/profile.d/msec.sh -AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/profile.d/msec.csh +AddRules "UMASK_ROOT=022" /etc/sysconfig/msec +AddRules "UMASK_USER=077" /etc/sysconfig/msec if [[ -f /lib/libsafe.so.2 ]]; then echo "Enabling stack overflow protection :" diff --git a/init-sh/level5.sh b/init-sh/level5.sh index 3d434f1..7ea4873 100755 --- a/init-sh/level5.sh +++ b/init-sh/level5.sh @@ -117,8 +117,8 @@ echo -e "done.\n"; # /etc/profile.d/msec.{sh,csh} echo "Setting umask to 077 (u=rw) :" -AddRules "umask 077" /etc/profile.d/msec.sh -AddRules "umask 077" /etc/profile.d/msec.csh +AddRules "UMASK_ROOT=077" /etc/sysconfig/msec +AddRules "UMASK_USER=077" /etc/sysconfig/msec if [[ -f /lib/libsafe.so.2]]; then echo "Enabling stack overflow protection :" |