aboutsummaryrefslogtreecommitdiffstats
path: root/share/msec
blob: 7e2c632a348b85706fa38ea3b91af673eff7299e (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
#!/bin/sh
#---------------------------------------------------------------
# Project         : Mandrakelinux
# Module          : share
# File            : msec
# Version         : $Id$
# Author          : Frederic Lepied
# Created On      : Thu Dec 13 11:36:50 2001
# Purpose         : entry script to run hardness script or change
#                  the security level.
#---------------------------------------------------------------

if [ "`whoami`" != "root" ]; then
    echo 'msec: sorry, you must be root !'
    exit 1
fi

LCK=/var/run/msec.pid

function cleanup() {
    rm -f $LCK
}

if [ -f $LCK ]; then
    if [ -d /proc/`cat $LCK` ]; then
    	exit 0
    else
    	rm -f $LCK
    fi
fi

echo -n $$ > $LCK

trap cleanup 0

MSEC=/usr/share/msec/msec.py
OPT=""

for a in "$@"; do
    if [ "$a" = '-o' ]; then
	OPT="$OPT -o"
	NEXT=1
    else
	if [ "$NEXT" = 1 ]; then
	    OPT="$OPT $a"
	else
	    last="$a"
	fi
	NEXT=0
    fi
done

if [ -n "$last" ]; then
    CHANGE=-c
    case "$last" in
	[0-5]) ;;
	*) [ -x /usr/share/msec/$last.py ] && MSEC=/usr/share/msec/$last.py;;
    esac
else
    # no args so try to guess if a custom msec is needed
    . /etc/sysconfig/msec
    
    case "$SECURE_LEVEL" in
	[0-5]) ;;
	*) MSEC=/usr/share/msec/$SECURE_LEVEL.py;;
    esac
fi

if [ ! -x "$MSEC" ]; then
    echo "$MSEC not found or not executable. Aborting" 1>&2
    exit 1
fi

if $MSEC "$@"; then
    . /etc/sysconfig/msec

    [ -z "$PERM_LEVEL" ] && PERM_LEVEL=$SECURE_LEVEL

    LOCAL=
    [ -f /etc/security/msec/perm.local ] && LOCAL=/etc/security/msec/perm.local

    /usr/share/msec/Perms.py $CHANGE $OPT /usr/share/msec/perm.$PERM_LEVEL $LOCAL
fi

# msec ends here