diff options
| -rw-r--r-- | doc/msec.spec | 10 | ||||
| -rwxr-xr-x | init-sh/level1.sh | 12 | ||||
| -rwxr-xr-x | init-sh/level2.sh | 6 | ||||
| -rwxr-xr-x | init-sh/level3.sh | 6 | ||||
| -rwxr-xr-x | init-sh/level4.sh | 7 | ||||
| -rwxr-xr-x | init-sh/level5.sh | 5 | ||||
| -rw-r--r-- | init-sh/lib.sh | 4 |
7 files changed, 34 insertions, 16 deletions
diff --git a/doc/msec.spec b/doc/msec.spec index ddc05b7..ee28472 100644 --- a/doc/msec.spec +++ b/doc/msec.spec @@ -1,7 +1,7 @@ Summary: Security Level & Program for the Linux Mandrake distribution Name: msec Version: 0.4 -Release: 1mdk +Release: 3mdk Source: ftp://mandrakesoft.com/pub/yoann/msec-0.4.tar.gz Copyright: GPL Group: System Environment/Base @@ -48,6 +48,14 @@ rm -rf $RPM_BUILD_ROOT /usr/bin/promisc_check %changelog +* Wed Dec 1 1999 Yoann Vandoorselaere <yoann@mandrakesoft.com> +- Minor fix to lib.sh +- export profile variable... + +* Mon Nov 30 1999 Yoann Vandoorselaere <yoann@mandrakesoft.com> +- Many cron security check added. +- Print more infos. + * Mon Nov 29 1999 Yoann Vandoorselaere <yoann@mandrakesoft.com> - Released 0.4 : - Now have a custom mode, just answer the question. diff --git a/init-sh/level1.sh b/init-sh/level1.sh index 2fef869..fdeca03 100755 --- a/init-sh/level1.sh +++ b/init-sh/level1.sh @@ -56,11 +56,19 @@ echo -e "done.\n" # /etc/profile echo "Setting secure level variable to 1 :" AddRules "SECURE_LEVEL=1" /etc/profile -echo "Setting umask to 002 (user = rw, group = rw, o = r) :" +echo "Setting umask to 002 (u=rw,g=rw,o=r) :" AddRules "umask 002" /etc/profile echo "Adding \"non secure\" PATH variable :" -AddRules "PATH=\$PATH:/usr/X11R6/bin:." /etc/profile +AddRules "PATH=\$PATH:/usr/X11R6/bin:." /etc/profile quiet +AddRules "export PATH SECURE_LEVEL" /etc/profile # Group echo "Adding \"${USERNAME} to audio group :" usermod -G audio "${USERNAME}" + + + + + + + diff --git a/init-sh/level2.sh b/init-sh/level2.sh index ec80c5d..1c4ebd3 100755 --- a/init-sh/level2.sh +++ b/init-sh/level2.sh @@ -56,11 +56,11 @@ echo -e "done.\n" # /etc/profile echo "Setting secure level variable to 2 :" AddRules "SECURE_LEVEL=2" /etc/profile -echo "Setting umask to 022 (user = rw, group = r, o = r) :" +echo "Setting umask to 022 (u=rw,g=r,o=r) :" AddRules "umask 022" /etc/profile echo "Adding \"normal\" PATH variable :" -AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile - +AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile quiet +AddRules "export PATH SECURE_LEVEL" /etc/profile # Group echo "Adding \"${USERNAME} to audio group :" usermod -G audio "${USERNAME}" diff --git a/init-sh/level3.sh b/init-sh/level3.sh index 29ea9b7..d45c608 100755 --- a/init-sh/level3.sh +++ b/init-sh/level3.sh @@ -63,8 +63,8 @@ echo -e "done.\n" # /etc/profile echo "Setting secure level variable to 3 :" AddRules "SECURE_LEVEL=3" /etc/profile -echo "Setting umask to 022 (user = rw, group = r, o = r) :" +echo "Setting umask to 022 (u=rw,g=r,o=r) :" AddRules "umask 022" /etc/profile echo "Adding a \"normal\" PATH variable : " -AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile - +AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile quiet +AddRules "export PATH SECURE_LEVEL" /etc/profile diff --git a/init-sh/level4.sh b/init-sh/level4.sh index 421c5e0..f555a51 100755 --- a/init-sh/level4.sh +++ b/init-sh/level4.sh @@ -97,7 +97,8 @@ done echo -e "done.\n"; # /etc/profile -echo "Setting umask to 077 (user = rw) :" -AddRules "umask 077" /etc/profile +echo "Setting umask to 022 (u=rw,g=rx) for root, 077 (u=rw) for user :" +AddRules "if [ ${UID} == 0 ]; then umask 022; else umask 077; fi" echo "Adding \"normal\" PATH variable :" -AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile +AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile quiet +AddRules "export PATH SECURE_LEVEL" /etc/profile
\ No newline at end of file diff --git a/init-sh/level5.sh b/init-sh/level5.sh index 0b60c2d..3e1704c 100755 --- a/init-sh/level5.sh +++ b/init-sh/level5.sh @@ -93,10 +93,11 @@ done echo -e "done.\n"; # /etc/profile -echo "Setting umask to 077 (user = rw) :" +echo "Setting umask to 077 (u=rw) :" AddRules "umask 077" /etc/profile echo "Adding \"normal\" PATH variable :" -AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile +AddRules "PATH=\$PATH:/usr/X11R6/bin" /etc/profile quiet +AddRules "export PATH SECURE_LEVEL" /etc/profile echo echo "You are now running your system in security level 5," diff --git a/init-sh/lib.sh b/init-sh/lib.sh index 81c62c0..262b1db 100644 --- a/init-sh/lib.sh +++ b/init-sh/lib.sh @@ -47,7 +47,7 @@ AddRules () { echo "Modifying config in ${file}..." fi - if ! grep -qx "${string}" ${file}; then + if ! grep -Eqx "^${string}" ${file}; then echo "${COMMENT}" >> ${file}; echo "${string}" >> ${file}; fi @@ -60,7 +60,7 @@ CleanRules() { file=$1 ctrl=0 - echo -en "\t- Cleaning msec appended line in ${file} : " + echo -en "\t- Cleaning msec appended line in ${file} : " mv -f ${file} /tmp/secure.tmp touch ${file} |