etc/rc.d/securelevel

   1 #!/bin/sh
   2 #
   3 # $NetBSD: securelevel,v 1.4 2002/03/22 04:34:00 thorpej Exp $
   4 # $FreeBSD: src/etc/rc.d/securelevel,v 1.6 2003/05/05 15:38:41 mtm Exp $
   5 # $DragonFly: src/etc/rc.d/securelevel,v 1.1 2003/07/24 06:35:37 dillon Exp $
   6 #
   7
   8 # PROVIDE: securelevel
   9 # KEYWORD: DragonFly FreeBSD NetBSD
  10
  11 . /etc/rc.subr
  12
  13 name="securelevel"
  14 start_cmd="securelevel_start"
  15 stop_cmd=":"
  16
  17 securelevel_start()
  18 {
  19         # Last chance to set sysctl variables that failed the first time.
  20         #
  21         /etc/rc.d/sysctl lastload
  22
  23         case ${OSTYPE} in
  24         DragonFly)
  25                  case ${kern_securelevel_enable} in
  26                 [Yy][Ee][Ss])
  27                         if [ ${kern_securelevel} -ge 0 ]; then
  28                                 echo 'Raising kernel security level: '
  29                                 ${SYSCTL_W} kern.securelevel=${kern_securelevel}
  30                         fi
  31                         ;;
  32                 esac
  33                 ;;
  34
  35         FreeBSD)
  36                 case ${kern_securelevel_enable} in
  37                 [Yy][Ee][Ss])
  38                         if [ ${kern_securelevel} -ge 0 ]; then
  39                                 echo 'Raising kernel security level: '
  40                                 ${SYSCTL_W} kern.securelevel=${kern_securelevel}
  41                         fi
  42                         ;;
  43                 esac
  44                 ;;
  45         NetBSD)
  46                 #       if $securelevel is set higher, change it here, else if
  47                 #       it is 0, change it to 1 here, before we start daemons
  48                 #       or login services.
  49                 #
  50                 osecurelevel=`sysctl -n kern.securelevel`
  51                 if [ -n "$securelevel" -a "$securelevel" != "$osecurelevel" ]; then
  52                         if [ "$securelevel" -lt "$osecurelevel" ]; then
  53                                 echo "Can't lower securelevel."
  54                                 exit 1
  55                         else
  56                                 echo -n "Setting securelevel: "
  57                                 ${SYSCTL_W} kern.securelevel=$securelevel
  58                         fi
  59                 else
  60                         if [ "$osecurelevel" = 0 ]; then
  61                                 echo -n "Setting securelevel: "
  62                                 ${SYSCTL_W} kern.securelevel=1
  63                         fi
  64                 fi
  65                 ;;
  66         esac
  67 }
  68
  69 load_rc_config $name
  70 run_rc_command "$1"