From 91249411c477fdb4c242026259a10a4f3f9c951a Mon Sep 17 00:00:00 2001 From: Yoann Vandoorselaere Date: Mon, 3 Jan 2000 10:43:24 +0000 Subject: *** empty log message *** --- ChangeLog | 4 ++++ init-sh/level0.sh | 8 +++++--- init-sh/level1.sh | 10 ++++------ init-sh/level2.sh | 6 ++++-- init-sh/level3.sh | 7 +++++-- init-sh/level4.sh | 6 ++++-- init-sh/level5.sh | 7 +++++-- 7 files changed, 31 insertions(+), 17 deletions(-) diff --git a/ChangeLog b/ChangeLog index ad36567..6900d8c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,7 @@ +2000-01-03 Yoann Vandoorselaere + * level 0-3 -> ctrl-alt-del allowed. + * level 4-5 -> ctrl-alt-del allowed for root. + 1999-12-29 Yoann Vandoorselaere * Removing grpuser manpage, because : 1 - grpuser is not to be used by user, ( and should not have a manpage ). diff --git a/init-sh/level0.sh b/init-sh/level0.sh index 1c1447f..6e0be37 100755 --- a/init-sh/level0.sh +++ b/init-sh/level0.sh @@ -77,11 +77,13 @@ echo "Adding system users to specific groups :" /etc/security/msec/init-sh/grpuser.sh --refresh echo -e "done.\n" -# Boot on a shell -echo -n "Setting up inittab to spawn a shell without asking a passwd : " +# Boot on a shell / authorize ctrl-alt-del +echo -n "Setting up inittab to spawn a shell on boot & to authorize any user to issue ctrl-alt-del : " tmpfile=`mktemp /tmp/secure.XXXXXX` cp /etc/inittab ${tmpfile} -cat ${tmpfile} | sed s'/\/sbin\/mingetty tty1/\/bin\/bash --login/' > /etc/inittab +cat ${tmpfile} | \ + sed s'/\/sbin\/mingetty tty1/\/bin\/bash --login/' | \ + sed s'/ca::ctrlaltdel:\/sbin\/shutdown -a -t3 -r now/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/' > /etc/inittab rm -f ${tmpfile} echo "done." diff --git a/init-sh/level1.sh b/init-sh/level1.sh index 269873b..32d00f1 100755 --- a/init-sh/level1.sh +++ b/init-sh/level1.sh @@ -80,13 +80,11 @@ grpconv echo -e "done.\n" # Do not boot on a shell -echo -n "Setting up inittab to ask a passwd on boot : " +echo -n "Setting up inittab to authorize any user to issue ctrl-alt-del : " tmpfile=`mktemp /tmp/secure.XXXXXX` cp /etc/inittab ${tmpfile} -cat ${tmpfile} | sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' > /etc/inittab +cat ${tmpfile} | \ + sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' | \ + sed s'/ca::ctrlaltdel:\/sbin\/shutdown -a -t3 -r now/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/' > /etc/inittab rm -f ${tmpfile} echo "done." - - - - diff --git a/init-sh/level2.sh b/init-sh/level2.sh index 379776a..e012f72 100755 --- a/init-sh/level2.sh +++ b/init-sh/level2.sh @@ -79,9 +79,11 @@ grpconv echo -e "done.\n" # Do not boot on a shell -echo -n "Setting up inittab to ask a passwd on boot : " +echo -n "Setting up inittab to authorize any user to issue ctrl-alt-del : " tmpfile=`mktemp /tmp/secure.XXXXXX` cp /etc/inittab ${tmpfile} -cat ${tmpfile} | sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' > /etc/inittab +cat ${tmpfile} | \ + sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' | \ + sed s'/ca::ctrlaltdel:\/sbin\/shutdown -a -t3 -r now/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/' > /etc/inittab rm -f ${tmpfile} echo "done." diff --git a/init-sh/level3.sh b/init-sh/level3.sh index b5d8ec0..20d5202 100755 --- a/init-sh/level3.sh +++ b/init-sh/level3.sh @@ -77,12 +77,15 @@ AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet AddRules "export PATH SECURE_LEVEL" /etc/profile # Do not boot on a shell -echo -n "Setting up inittab to ask a passwd on boot : " +echo -n "Setting up inittab to authorize any user to issue ctrl-alt-del : " tmpfile=`mktemp /tmp/secure.XXXXXX` cp /etc/inittab ${tmpfile} -cat ${tmpfile} | sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' > /etc/inittab +cat ${tmpfile} | \ + sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' | \ + sed s'/ca::ctrlaltdel:\/sbin\/shutdown -a -t3 -r now/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/' > /etc/inittab rm -f ${tmpfile} echo "done." + # Group were modified in lib.sh... grpconv diff --git a/init-sh/level4.sh b/init-sh/level4.sh index 6fbcf9b..2326b78 100755 --- a/init-sh/level4.sh +++ b/init-sh/level4.sh @@ -110,10 +110,12 @@ AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet AddRules "export PATH SECURE_LEVEL" /etc/profile # Do not boot on a shell -echo -n "Setting up inittab to ask a passwd on boot : " +echo -n "Setting up inittab to deny any user to issue ctrl-alt-del : " tmpfile=`mktemp /tmp/secure.XXXXXX` cp /etc/inittab ${tmpfile} -cat ${tmpfile} | sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' > /etc/inittab +cat ${tmpfile} | \ + sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' | \ + sed s'/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/ca::ctrlaltdel:\/sbin\/shutdown -a -t3 -r now/' > /etc/inittab rm -f ${tmpfile} echo "done." diff --git a/init-sh/level5.sh b/init-sh/level5.sh index f3752a6..03db3db 100755 --- a/init-sh/level5.sh +++ b/init-sh/level5.sh @@ -105,13 +105,16 @@ AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile quiet AddRules "export PATH SECURE_LEVEL" /etc/profile # Do not boot on a shell -echo -n "Setting up inittab to ask a passwd on boot : " +echo -n "Setting up inittab to deny any user to issue ctrl-alt-del : " tmpfile=`mktemp /tmp/secure.XXXXXX` cp /etc/inittab ${tmpfile} -cat ${tmpfile} | sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' > /etc/inittab +cat ${tmpfile} | \ + sed s'/\/bin\/bash --login/\/sbin\/mingetty tty1/' | \ + sed s'/ca::ctrlaltdel:\/sbin\/shutdown -t3 -r now/ca::ctrlaltdel:\/sbin\/shutdown -a -t3 -r now/' > /etc/inittab rm -f ${tmpfile} echo "done." + echo echo "You are now running your system in security level 5," echo "All services are disabled : try the chkconfig to enable one..." -- cgit v1.2.1