Date: Tue, 24 Sep 2002 20:25:38 -0700 (PDT) From: Adam Migus <amigus@FreeBSD.org> To: Perforce Change Reviews <perforce@FreeBSD.org> Subject: PERFORCE change 18111 for review Message-ID: <200209250325.g8P3PcYt050480@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=18111 Change 18111 by amigus@amigus_ganymede on 2002/09/24 20:25:33 Tweak. Affected files ... .. //depot/projects/trustedbsd/misc/scripts/mac_boot.pl#4 edit .. //depot/projects/trustedbsd/misc/scripts/master_script.sh#2 edit .. //depot/projects/trustedbsd/misc/scripts/relabeluser#1 add .. //depot/projects/trustedbsd/misc/scripts/setup#1 add Differences ... ==== //depot/projects/trustedbsd/misc/scripts/mac_boot.pl#4 (text+ko) ==== @@ -63,14 +63,6 @@ print "Entering MAC/MLS boot script.\n"; -system ("passwd $CF_OPS{'so_username'}") -unless (-f $STATE_FILE); - -print "Labeling Security Officers files...\n" and -system ("/usr/local/sbin/mac_user_label.pl --directory /home/so". - "--file-label mls/high --run-label mls/equal") -unless (-f $STATE_FILE); - unless (-f $STATE_FILE) { print "Initializing filesystems for MAC/MLS...\n"; @@ -141,6 +133,14 @@ rename("/etc/fstab.update", "/etc/fstab"); } +system ("passwd $CF_OPS{'so_username'}") +unless (-f $STATE_FILE); + +print "Labeling Security Officers files...\n" and +system ("/usr/local/sbin/mac_user_label.pl --directory /home/so ". + "--file-label mls/high --run-label mls/equal") +unless (-f $STATE_FILE); + open(FH,">$STATE_FILE") || die "$program: cannot create $STATE_FILE: $!"; close (FH); ==== //depot/projects/trustedbsd/misc/scripts/master_script.sh#2 (text+ko) ==== @@ -31,7 +31,11 @@ install -m 555 -o root -g wheel mac_boot.pl /usr/local/sbin [ $? -ne 0 ] && echo "Error!" && exit 1 install -m 555 -o root -g wheel mac_default_label.pl /usr/local/sbin -touch /etc/.mac_installed +[ $? -ne 0 ] && echo "Error!" && exit 1 +install -m 555 -o root -g wheel mac_user_label.pl /usr/local/sbin +[ $? -ne 0 ] && echo "Error!" && exit 1 +install -m 555 -o root -g wheel relabeluser /usr/local/sbin +[ $? -ne 0 ] && echo "Error!" && exit 1 echo "Enabling boot program." mac_enable_boot.pl --etc-directory /etc \ @@ -49,17 +53,11 @@ [ $? -ne 0 ] && echo "Error!" && exit 1 mac_update_login_conf.pl --login-config-file /etc/login.conf \ - --user root \ + --user so \ --label "mls/low(low-high)" \ --tty-label "mls/low(low-high)" [ $? -ne 0 ] && echo "Error!" && exit 1 -mac_update_login_conf.pl --login-config-file /etc/login.conf \ - --user so \ - --label "mls/high(low-high)" \ - --tty-label "mls/high(low-high)" -[ $? -ne 0 ] && echo "Error!" && exit 1 - cap_mkdb /etc/login.conf [ $? -ne 0 ] && echo "Error!" && exit 1 @@ -67,3 +65,5 @@ mac_add_so_account.pl --username so --real-name "Security Officer" \ --shell /usr/local/bin/bash [ $? -ne 0 ] && echo "Error!" && exit 1 + +touch /etc/.mac_installed To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200209250325.g8P3PcYt050480>