#!/usr/bin/perl # DrakSec # Copyright (C) 2002 MandrakeSoft (cbelisle@mandrakesoft.com) # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. use lib qw(/usr/lib/libDrakX); use standalone; #- warning, standalone must be loaded very first, for 'explanations' use common; use interactive; use any; use c; use security::msec; local $_ = join '', @ARGV; /-h/ and die "usage: draksec [--expert]\n"; $::expert = /-expert/ || cat_("/etc/sysconfig/system") =~ /^CLASS="?expert/m; #" $::isEmbedded = ($::XID, $::CCPID) = "@ARGV" =~ /--embedded (\w+) (\w+)/; $::isStandalone=1; my $in = 'interactive'->vnew('su', 'security'); begin: $::isEmbedded and kill USR2, $::CCPID; my $security = any::get_secure_level(''); my $libsafe = any::config_libsafe(''); my @logins = security::msec::get_user_list(''); my $email = "put.your\@email.here"; my $w; my (@options) = security::msec::get_config('', $security); my $expert_file = "/etc/security/msec/expert_mode"; my $expert_section = ""; #for $href (@options) { # for $href2 (keys %$href) { # %noref = %$href; # print "$href2 = $noref{$href2}{description}\n"; # } #} if (any::choose_security_level($in, \$security, \$libsafe, \$email)) { any::config_libsafe('', $libsafe); $w = $in->wait_message('', _("Setting security level")); $in->suspend; $ENV{LILO_PASSWORD} = ''; # make it non interactive system "/usr/sbin/msec", $security; $in->resume; $w = $in->wait_message('', _("Setting security user")); $in->suspend; security::msec::add_config('', "set_security_conf", "MAIL_USER", $email); security::msec::commit_changes(''); $in->resume; } while (-f $expert_file) { $expert_section = cat_($expert_file); %config_hash = %{ $options[$expert_section] }; # foreach $key (keys %config_hash) { # print "$key = $config_hash{$key}{val}\n"; # } if(any::choose_security_options($in, $security, $libsafe, \$email, \%config_hash)) { $w = $in->wait_message('', _("Setting security options")); $in->suspend; $in->resume; } rm_rf($expert_file); } !$::isEmbedded ? $in->exit(0) : kill(USR1, $::CCPID); goto begin;