diff options
-rwxr-xr-x | init-sh/custom.sh | 3 | ||||
-rwxr-xr-x | init-sh/level0.sh | 5 | ||||
-rwxr-xr-x | init-sh/level1.sh | 5 | ||||
-rwxr-xr-x | init-sh/level2.sh | 5 | ||||
-rwxr-xr-x | init-sh/level3.sh | 5 | ||||
-rwxr-xr-x | init-sh/level4.sh | 6 | ||||
-rwxr-xr-x | init-sh/level5.sh | 6 | ||||
-rw-r--r-- | init-sh/lib.sh | 41 |
8 files changed, 38 insertions, 38 deletions
diff --git a/init-sh/custom.sh b/init-sh/custom.sh index f034c13..8707965 100755 --- a/init-sh/custom.sh +++ b/init-sh/custom.sh @@ -194,8 +194,7 @@ if [[ ${WRITE_CRON} == "true" ]]; then AddRules "0 4 * * * root /usr/share/msec/security.sh" /etc/crontab fi -LiloUpdate; -/sbin/lilo >& /dev/null +LoaderUpdate; ### clear diff --git a/init-sh/level0.sh b/init-sh/level0.sh index b67bdd8..9f4f4ee 100755 --- a/init-sh/level0.sh +++ b/init-sh/level0.sh @@ -54,11 +54,6 @@ echo -e "\t- Security warning in syslog : no." AddRules "SYSLOG_WARN=no" /etc/security/msec/security.conf # end security check -# lilo update -echo -n "Running lilo to record new config : " -/sbin/lilo >& /dev/null -echo -e "done.\n" - # /etc/profile export SECURE_LEVEL=0 echo "Setting secure level variable to 0 :" diff --git a/init-sh/level1.sh b/init-sh/level1.sh index 3aa5b04..172c29b 100755 --- a/init-sh/level1.sh +++ b/init-sh/level1.sh @@ -54,11 +54,6 @@ echo -e "\t- Security warning in syslog : no." AddRules "SYSLOG_WARN=no" /etc/security/msec/security.conf # end security check -# lilo update -echo -n "Running lilo to record new config : " -/sbin/lilo >& /dev/null -echo -e "done.\n" - # /etc/profile export SECURE_LEVEL=1 echo "Setting secure level variable to 1 :" diff --git a/init-sh/level2.sh b/init-sh/level2.sh index 5e11b9f..eb2641a 100755 --- a/init-sh/level2.sh +++ b/init-sh/level2.sh @@ -55,11 +55,6 @@ echo -e "\t- Security warning in syslog : yes." AddRules "SYSLOG_WARN=yes" /etc/security/msec/security.conf # end security check -# lilo update -echo -n "Running lilo to record new config : " -/sbin/lilo -echo -e "done.\n" - # /etc/profile export SECURE_LEVEL=2 echo "Setting secure level variable to 2 :" diff --git a/init-sh/level3.sh b/init-sh/level3.sh index 6a27e50..74f72a6 100755 --- a/init-sh/level3.sh +++ b/init-sh/level3.sh @@ -62,11 +62,6 @@ echo -e "\t- Security warning in syslog : yes." echo "Adding permission check in crontab (scheduled every midnight) :" AddRules "0 4 * * * root /usr/share/msec/security.sh" /etc/crontab -# lilo update -echo -n "Running lilo to record new config : " -/sbin/lilo >& /dev/null -echo -e "done.\n" - # /etc/profile export SECURE_LEVEL=3 echo "Setting secure level variable to 3 :" diff --git a/init-sh/level4.sh b/init-sh/level4.sh index ea7d93b..01508d7 100755 --- a/init-sh/level4.sh +++ b/init-sh/level4.sh @@ -73,12 +73,6 @@ AddRules "*/1 * * * * root /usr/share/msec/promisc_check.sh" /etc/crontab echo "Adding \"diff\" & \"global\" security check in crontab (scheduled every midnight) :" AddRules "0 4 * * * root /usr/share/msec/security.sh" /etc/crontab -# Do you want a password ? -LiloUpdate; -echo -n "Running lilo to record new config : " -/sbin/lilo >& /dev/null -echo -e "done.\n" - # Server update echo "Setting secure level variable to 4 :" AddRules "SECURE_LEVEL=4" /etc/profile diff --git a/init-sh/level5.sh b/init-sh/level5.sh index 1e83081..b1cf839 100755 --- a/init-sh/level5.sh +++ b/init-sh/level5.sh @@ -87,11 +87,7 @@ if [[ -f /sbin/accton ]]; then fi # Wanna password ? -LiloUpdate; - -echo -n "Running lilo to record new config : " -/sbin/lilo >& /dev/null -echo -e "done.\n" +LoaderUpdate; # Disable all server : echo "Setting secure level variable to 5 :" diff --git a/init-sh/lib.sh b/init-sh/lib.sh index 7b395a7..bf4de47 100644 --- a/init-sh/lib.sh +++ b/init-sh/lib.sh @@ -133,7 +133,19 @@ Ttylog() { } -LiloUpdate() { +LoaderUpdate() { + loader=/usr/sbin/detectloader + case "${loader}" in + "LILO") + file="/etc/lilo.conf" + at_exit="/sbin/lilo" + ;; + "GRUB") + file="/boot/grub/menu.lst" + at_exit="" + ;; + esac + if [[ ${LILO_PASSWORD+set} != set ]]; then echo "Do you want a password authentication at boot time ?" echo "Be very carefull," @@ -152,13 +164,32 @@ LiloUpdate() { if [[ ! -z ${password} ]]; then tmpfile=`mktemp /tmp/secure.XXXXXX` - cp /etc/lilo.conf ${tmpfile} - cat ${tmpfile} | grep -v password > /etc/lilo.conf + cp ${file} ${tmpfile} + cat ${tmpfile} | grep -v password > ${file} rm -f ${tmpfile} clear - AddBegRules "password=$password" /etc/lilo.conf + AddBegRules "password=$password" ${file} fi + + ${at_exit}; +} + +CleanLoaderRule() { + loader=/usr/sbin/detectloader + case "${loader}" in + "LILO") + file="/etc/lilo.conf" + at_exit="/sbin/lilo" + ;; + "GRUB") + file="/boot/grub/menu.lst" + at_exit="" + ;; + esac + + CleanRules ${file} + ${at_exit}; } # If we are currently installing our @@ -180,7 +211,7 @@ CommentUserRules /etc/securetty CleanRules /etc/security/msec/security.conf CommentUserRules /etc/security/msec/security.conf CleanRules /etc/profile -CleanRules /etc/lilo.conf +CleanLoaderRules CleanRules /etc/logrotate.conf CleanRules /etc/rc.d/rc.local CleanRules /etc/rc.d/rc.firewall |