diff options
-rw-r--r-- | ChangeLog | 4 | ||||
-rwxr-xr-x | init-sh/level0.sh | 15 | ||||
-rwxr-xr-x | init-sh/level1.sh | 15 | ||||
-rwxr-xr-x | init-sh/level2.sh | 9 | ||||
-rwxr-xr-x | init-sh/level3.sh | 9 | ||||
-rwxr-xr-x | init-sh/level4.sh | 9 | ||||
-rwxr-xr-x | init-sh/level5.sh | 5 |
7 files changed, 32 insertions, 34 deletions
@@ -1,3 +1,7 @@ +2001-09-20 17:45 florin + + * init-sh/level*.sh: use /etc/profile.d instead of /etc/profile + 2001-09-19 15:37 florin * msec.spec: source2 is msec.logrotate and not msec diff --git a/init-sh/level0.sh b/init-sh/level0.sh index 92ecc4e..81054ff 100755 --- a/init-sh/level0.sh +++ b/init-sh/level0.sh @@ -63,19 +63,18 @@ echo -e "\t- Security warning in syslog : no." # /etc/profile export SECURE_LEVEL=0 echo "Setting secure level variable to 0 :" -AddRules "SECURE_LEVEL=0" /etc/profile -AddRules "SECURE_LEVEL=0" /etc/zrofile -AddRules "SECURE_LEVEL=0" /etc/profile.d/msec.sh +AddRules "export SECURE_LEVEL=0" /etc/profile.d/msec.sh +AddRules "setenv SECURE_LEVEL=0" /etc/profile.d/msec.csh -echo "Setting umask to 002 (u=rw,g=rw,o=r) :" -AddRules "umask 002" /etc/profile -AddRules "umask 002" /etc/zprofile +echo "Setting umask to 022 (u=rw,g=r,o=r) :" +AddRules "umask 022" /etc/profile +AddRules "umask 022" /etc/zprofile echo "Adding \"non secure\" PATH variable :" AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile quiet -AddRules "export PATH SECURE_LEVEL" /etc/profile +AddRules "export PATH" /etc/profile AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/zprofile quiet -AddRules "export PATH SECURE_LEVEL" /etc/zprofile +AddRules "export PATH" /etc/zprofile # Xserver echo "Allowing users to connect X server from everywhere :" diff --git a/init-sh/level1.sh b/init-sh/level1.sh index 6c7b1da..74bb009 100755 --- a/init-sh/level1.sh +++ b/init-sh/level1.sh @@ -63,19 +63,18 @@ echo -e "\t- Security warning in syslog : no." # /etc/profile export SECURE_LEVEL=1 echo "Setting secure level variable to 1 :" -AddRules "SECURE_LEVEL=1" /etc/profile.d/msec.sh -AddRules "SECURE_LEVEL=1" /etc/profile -AddRules "SECURE_LEVEL=1" /etc/zprofile +AddRules "export SECURE_LEVEL=1" /etc/profile.d/msec.sh +AddRules "setenv SECURE_LEVEL=1" /etc/profile.d/msec.csh -echo "Setting umask to 002 (u=rw,g=rw,o=r) :" -AddRules "umask 002" /etc/profile -AddRules "umask 002" /etc/zprofile +echo "Setting umask to 022 (u=rw,g=r,o=r) :" +AddRules "umask 022" /etc/profile +AddRules "umask 022" /etc/zprofile echo "Adding \"non secure\" PATH variable :" AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/profile quiet -AddRules "export PATH SECURE_LEVEL" /etc/profile +AddRules "export PATH" /etc/profile AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games:." /etc/zprofile quiet -AddRules "export PATH SECURE_LEVEL" /etc/zprofile +AddRules "export PATH" /etc/zprofile # Xserver echo "Allowing users to connect X server from localhost :" diff --git a/init-sh/level2.sh b/init-sh/level2.sh index e07a21c..0379d4f 100755 --- a/init-sh/level2.sh +++ b/init-sh/level2.sh @@ -64,9 +64,8 @@ echo -e "\t- Security warning in syslog : yes." # /etc/profile export SECURE_LEVEL=2 echo "Setting secure level variable to 2 :" -AddRules "SECURE_LEVEL=2" /etc/profile.d/msec.sh -AddRules "SECURE_LEVEL=2" /etc/profile -AddRules "SECURE_LEVEL=2" /etc/zprofile +AddRules "export SECURE_LEVEL=2" /etc/profile.d/msec.sh +AddRules "setenv SECURE_LEVEL=2" /etc/profile.d/msec.sh echo "Setting umask to 022 (u=rw,g=r,o=r) :" AddRules "umask 022" /etc/profile @@ -74,9 +73,9 @@ AddRules "umask 022" /etc/zprofile echo "Adding \"normal\" PATH variable :" AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet -AddRules "export PATH SECURE_LEVEL" /etc/profile +AddRules "export PATH" /etc/profile AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/zprofile quiet -AddRules "export PATH SECURE_LEVEL" /etc/zprofile +AddRules "export PATH" /etc/zprofile # Xserver echo "Allowing users to connect X server from localhost :" diff --git a/init-sh/level3.sh b/init-sh/level3.sh index d5c98ae..03f479a 100755 --- a/init-sh/level3.sh +++ b/init-sh/level3.sh @@ -71,9 +71,8 @@ AddRules "0 4 * * * root /usr/share/msec/security.sh" /etc/crontab # /etc/profile export SECURE_LEVEL=3 echo "Setting secure level variable to 3 :" -AddRules "SECURE_LEVEL=3" /etc/profile.d/msec.sh -AddRules "SECURE_LEVEL=3" /etc/profile -AddRules "SECURE_LEVEL=3" /etc/zprofile +AddRules "export SECURE_LEVEL=3" /etc/profile.d/msec.sh +AddRules "setenv SECURE_LEVEL=3" /etc/profile.d/msec.csh echo "Setting umask to 022 (u=rw,g=r,o=r) :" AddRules "umask 022" /etc/profile @@ -81,9 +80,9 @@ AddRules "umask 022" /etc/zprofile echo "Adding a \"normal\" PATH variable : " AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet -AddRules "export PATH SECURE_LEVEL" /etc/profile +AddRules "export PATH" /etc/profile AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/zprofile quiet -AddRules "export PATH SECURE_LEVEL" /etc/zprofile +AddRules "export PATH" /etc/zprofile # Do not boot on a shell AllowReboot diff --git a/init-sh/level4.sh b/init-sh/level4.sh index 43e63b4..aafb265 100755 --- a/init-sh/level4.sh +++ b/init-sh/level4.sh @@ -81,9 +81,8 @@ AddRules "0 4 * * * root /usr/share/msec/security.sh" /etc/crontab # Server update echo "Setting secure level variable to 4 :" -AddRules "SECURE_LEVEL=4" /etc/profile.d/msec.sh -AddRules "SECURE_LEVEL=4" /etc/profile -AddRules "SECURE_LEVEL=4" /etc/zprofile +AddRules "export SECURE_LEVEL=4" /etc/profile.d/msec.sh +AddRules "setenv SECURE_LEVEL=4" /etc/profile.d/msec.csh export SECURE_LEVEL=4 @@ -113,9 +112,9 @@ AddRules "if [[ \${UID} == 0 ]]; then umask 022; else umask 077; fi" /etc/zprofi echo "Adding \"normal\" PATH variable :" AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/profile quiet -AddRules "export PATH SECURE_LEVEL" /etc/profile +AddRules "export PATH" /etc/profile AddRules "PATH=\$PATH:/usr/X11R6/bin:/usr/games" /etc/zprofile quiet -AddRules "export PATH SECURE_LEVEL" /etc/zprofile +AddRules "export PATH" /etc/zprofile if [[ -f /lib/libsafe.so.1.3 ]]; then echo "Enabling stack overflow protection :" diff --git a/init-sh/level5.sh b/init-sh/level5.sh index f9a3ea6..024877e 100755 --- a/init-sh/level5.sh +++ b/init-sh/level5.sh @@ -91,9 +91,8 @@ LoaderUpdate; # Disable all server : echo "Setting secure level variable to 5 :" -AddRules "SECURE_LEVEL=5" /etc/profile.d/msec.sh -AddRules "SECURE_LEVEL=5" /etc/profile -AddRules "SECURE_LEVEL=5" /etc/zprofile +AddRules "export SECURE_LEVEL=5" /etc/profile.d/msec.sh +AddRules "setenv SECURE_LEVEL=5" /etc/profile.d/msec.csh IFS=" |