From 3faf13ff57e140e83cd69d832d753d224942ac22 Mon Sep 17 00:00:00 2001
From: Eugeni Dodonov <eugeni@mandriva.org>
Date: Tue, 24 Mar 2009 14:01:44 +0000
Subject: Adding back missing files.

---
 msec.init      | 74 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 msec.logrotate | 16 +++++++++++++
 2 files changed, 90 insertions(+)
 create mode 100644 msec.init
 create mode 100644 msec.logrotate

diff --git a/msec.init b/msec.init
new file mode 100644
index 0000000..f10e7e4
--- /dev/null
+++ b/msec.init
@@ -0,0 +1,74 @@
+#!/bin/sh
+#
+# Enables MSEC policy on system startup
+#
+# description: Enables MSEC security policy on system startup
+# chkconfig: 345 13 20
+#
+### BEGIN INIT INFO
+# Provides: msec
+# Default-Start: 3 4 5
+# Short-Description: Enables MSEC security policy
+# Description: Enables MSEC security settings, defined by current policy
+### END INIT INFO
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+if [ ! -f /etc/security/msec/security.conf ] ; then
+	# no msec configuration, aborting
+	exit
+fi
+
+. /etc/security/msec/security.conf
+
+# See how we were called.
+case "$1" in
+  start)
+	if [ "$ENABLE_STARTUP_MSEC" = "yes" ]; then
+		gprintf "Enabling MSEC security policy"
+		/usr/sbin/msec -q
+		echo_success
+		echo
+	fi
+	if [ "$ENABLE_STARTUP_PERMS" = "yes" ]; then
+		gprintf "Setting and checking MSEC permissions"
+		/usr/sbin/msecperms -q
+		echo_success
+		echo
+	elif [ "$ENABLE_STARTUP_PERMS" = "enforce" ]; then
+		gprintf "Setting and enforcing MSEC permissions"
+		/usr/sbin/msecperms -q
+		echo_success
+		echo
+	fi
+	;;
+  stop)
+  	# nothing to do
+	;;
+  status)
+	if [ "$ENABLE_STARTUP_MSEC" = "yes" ]; then
+		gprintf "MSEC security policy on startup: enabled"
+	else
+		gprintf "MSEC security policy on startup: disabled"
+	fi
+	echo
+	if [ "$ENABLE_STARTUP_PERMS" = "yes" ]; then
+		gprintf "MSEC permissions on startup: enabled"
+	elif [ "$ENABLE_STARTUP_PERMS" = "enforce" ]; then
+		gprintf "MSEC permissions on startup: enforced"
+	else
+		gprintf "MSEC permissions on startup: disabled"
+	fi
+	echo
+	;;
+  restart)
+	$0 stop
+	$0 start
+	;;
+  *)
+	gprintf "Usage: %s\n" "$0 {start|stop|restart|status}"
+	exit 1
+esac
+
+exit 0
diff --git a/msec.logrotate b/msec.logrotate
new file mode 100644
index 0000000..38903b6
--- /dev/null
+++ b/msec.logrotate
@@ -0,0 +1,16 @@
+# We create the log files to keep logrotate quiet in the case where
+# uucico is not run at all between two log rotations. It would be nice if
+# logrotate could be configured to silently ignore the case of a log
+# file not existing
+
+/var/log/security.log {
+    create 644 root root
+	monthly
+	compress
+}
+
+# updating permissions on rotated logs
+sharedscripts
+postrotate
+	test -f /usr/sbin/msecperms && /usr/sbin/msecperms -q -e '/var/log/*'
+endscript
-- 
cgit v1.2.1