aboutsummaryrefslogtreecommitdiffstats
path: root/init-sh
diff options
context:
space:
mode:
Diffstat (limited to 'init-sh')
-rwxr-xr-xinit-sh/level0.sh8
-rwxr-xr-xinit-sh/level1.sh10
-rwxr-xr-xinit-sh/level2.sh6
-rwxr-xr-xinit-sh/level3.sh7
-rwxr-xr-xinit-sh/level4.sh6
-rwxr-xr-xinit-sh/level5.sh7
6 files changed, 27 insertions, 17 deletions
diff --git a/init-sh/level0.sh b/init-sh/level0.sh
index 1c1447f..6e0be37 100755
--- a/init-sh/level0.sh
+++ b/init-sh/level0.sh
@@ -77,11 +77,13 @@ echo "Adding system users to specific groups :"
/etc/security/msec/init-sh/grpuser.sh --refresh
echo -e "done.\n"
-# Boot on a shell
-echo -n "Setting up inittab to spawn a shell without asking a passwd : "
+# Boot on a shell / authorize ctrl-alt-del
+echo -n "Setting up inittab to spawn a shell on boot & to authorize any user to issue ctrl-alt-del : "
tmpfile=`mktemp /tmp/secure.XXXXXX`
cp /etc/inittab ${tmpfile}
-cat ${tmpfile} | sed s'/\/sbin\/mingetty tty1/\/bin\/bash --login/' > /etc/inittab
+cat ${tmpfile} | \
+ sed s'/\/sbin\/mingetty tty1/\/bin\/bash --login/' | \
+ sed s'/ca::ctrlaltdel:\/sbin\/shutdown -a -t3 -r now/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/' > /etc/inittab
rm -f ${tmpfile}
echo "done."
diff --git a/init-sh/level1.sh b/init-sh/level1.sh
index 269873b..32d00f1 100755
--- a/init-sh/level1.sh
+++ b/init-sh/level1.sh
@@ -80,13 +80,11 @@ grpconv
echo -e "done.\n"
# Do not boot on a shell
-echo -n "Setting up inittab to ask a passwd on boot : "
+echo -n "Setting up inittab to authorize any user to issue ctrl-alt-del : "
tmpfile=`mktemp /tmp/secure.XXXXXX`
cp /etc/inittab ${tmpfile}
-cat ${tmpfile} | sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' > /etc/inittab
+cat ${tmpfile} | \
+ sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' | \
+ sed s'/ca::ctrlaltdel:\/sbin\/shutdown -a -t3 -r now/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/' > /etc/inittab
rm -f ${tmpfile}
echo "done."
-
-
-
-
diff --git a/init-sh/level2.sh b/init-sh/level2.sh
index 379776a..e012f72 100755
--- a/init-sh/level2.sh
+++ b/init-sh/level2.sh
@@ -79,9 +79,11 @@ grpconv
echo -e "done.\n"
# Do not boot on a shell
-echo -n "Setting up inittab to ask a passwd on boot : "
+echo -n "Setting up inittab to authorize any user to issue ctrl-alt-del : "
tmpfile=`mktemp /tmp/secure.XXXXXX`
cp /etc/inittab ${tmpfile}
-cat ${tmpfile} | sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' > /etc/inittab
+cat ${tmpfile} | \
+ sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' | \
+ sed s'/ca::ctrlaltdel:\/sbin\/shutdown -a -t3 -r now/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/' > /etc/inittab
rm -f ${tmpfile}
echo "done."
diff --git a/init-sh/level3.sh b/init-sh/level3.sh
index b5d8ec0..20d5202 100755
--- a/init-sh/level3.sh
+++ b/init-sh/level3.sh
@@ -77,12 +77,15 @@ AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet
AddRules "export PATH SECURE_LEVEL" /etc/profile
# Do not boot on a shell
-echo -n "Setting up inittab to ask a passwd on boot : "
+echo -n "Setting up inittab to authorize any user to issue ctrl-alt-del : "
tmpfile=`mktemp /tmp/secure.XXXXXX`
cp /etc/inittab ${tmpfile}
-cat ${tmpfile} | sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' > /etc/inittab
+cat ${tmpfile} | \
+ sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' | \
+ sed s'/ca::ctrlaltdel:\/sbin\/shutdown -a -t3 -r now/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/' > /etc/inittab
rm -f ${tmpfile}
echo "done."
+
# Group were modified in lib.sh...
grpconv
diff --git a/init-sh/level4.sh b/init-sh/level4.sh
index 6fbcf9b..2326b78 100755
--- a/init-sh/level4.sh
+++ b/init-sh/level4.sh
@@ -110,10 +110,12 @@ AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet
AddRules "export PATH SECURE_LEVEL" /etc/profile
# Do not boot on a shell
-echo -n "Setting up inittab to ask a passwd on boot : "
+echo -n "Setting up inittab to deny any user to issue ctrl-alt-del : "
tmpfile=`mktemp /tmp/secure.XXXXXX`
cp /etc/inittab ${tmpfile}
-cat ${tmpfile} | sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' > /etc/inittab
+cat ${tmpfile} | \
+ sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' | \
+ sed s'/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/ca::ctrlaltdel:\/sbin\/shutdown -a -t3 -r now/' > /etc/inittab
rm -f ${tmpfile}
echo "done."
diff --git a/init-sh/level5.sh b/init-sh/level5.sh
index f3752a6..03db3db 100755
--- a/init-sh/level5.sh
+++ b/init-sh/level5.sh
@@ -105,13 +105,16 @@ AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile quiet
AddRules "export PATH SECURE_LEVEL" /etc/profile
# Do not boot on a shell
-echo -n "Setting up inittab to ask a passwd on boot : "
+echo -n "Setting up inittab to deny any user to issue ctrl-alt-del : "
tmpfile=`mktemp /tmp/secure.XXXXXX`
cp /etc/inittab ${tmpfile}
-cat ${tmpfile} | sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' > /etc/inittab
+cat ${tmpfile} | \
+ sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' | \
+ sed s'/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/ca::ctrlaltdel:\/sbin\/shutdown -a -t3 -r now/' > /etc/inittab
rm -f ${tmpfile}
echo "done."
+
echo
echo "You are now running your system in security level 5,"
echo "All services are disabled : try the chkconfig to enable one..."