blob: f10e7e4ab0449e6e7ad0e57a2a88812129a884e4 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
|
#!/bin/sh
#
# Enables MSEC policy on system startup
#
# description: Enables MSEC security policy on system startup
# chkconfig: 345 13 20
#
### BEGIN INIT INFO
# Provides: msec
# Default-Start: 3 4 5
# Short-Description: Enables MSEC security policy
# Description: Enables MSEC security settings, defined by current policy
### END INIT INFO
# Source function library.
. /etc/rc.d/init.d/functions
if [ ! -f /etc/security/msec/security.conf ] ; then
# no msec configuration, aborting
exit
fi
. /etc/security/msec/security.conf
# See how we were called.
case "$1" in
start)
if [ "$ENABLE_STARTUP_MSEC" = "yes" ]; then
gprintf "Enabling MSEC security policy"
/usr/sbin/msec -q
echo_success
echo
fi
if [ "$ENABLE_STARTUP_PERMS" = "yes" ]; then
gprintf "Setting and checking MSEC permissions"
/usr/sbin/msecperms -q
echo_success
echo
elif [ "$ENABLE_STARTUP_PERMS" = "enforce" ]; then
gprintf "Setting and enforcing MSEC permissions"
/usr/sbin/msecperms -q
echo_success
echo
fi
;;
stop)
# nothing to do
;;
status)
if [ "$ENABLE_STARTUP_MSEC" = "yes" ]; then
gprintf "MSEC security policy on startup: enabled"
else
gprintf "MSEC security policy on startup: disabled"
fi
echo
if [ "$ENABLE_STARTUP_PERMS" = "yes" ]; then
gprintf "MSEC permissions on startup: enabled"
elif [ "$ENABLE_STARTUP_PERMS" = "enforce" ]; then
gprintf "MSEC permissions on startup: enforced"
else
gprintf "MSEC permissions on startup: disabled"
fi
echo
;;
restart)
$0 stop
$0 start
;;
*)
gprintf "Usage: %s\n" "$0 {start|stop|restart|status}"
exit 1
esac
exit 0
|
