Deleted Added
sdiff udiff text old ( 242096 ) new ( 242107 )
full compact
kern_securelevel (242096) kern_securelevel (242107)
1#!/bin/sh
2#-
3# Copyright (c) 2012 Devin Teske
4# All Rights Reserved.
5#
6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions
8# are met:
9# 1. Redistributions of source code must retain the above copyright
10# notice, this list of conditions and the following disclaimer.
11# 2. Redistributions in binary form must reproduce the above copyright
12# notice, this list of conditions and the following disclaimer in the
13# documentation and/or other materials provided with the distribution.
14#
15# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO, THE
17# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20# DAMAGES (INLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25# SUCH DAMAGE.
26#
1#!/bin/sh
2#-
3# Copyright (c) 2012 Devin Teske
4# All Rights Reserved.
5#
6# Redistribution and use in source and binary forms, with or without
7# modification, are permitted provided that the following conditions
8# are met:
9# 1. Redistributions of source code must retain the above copyright
10# notice, this list of conditions and the following disclaimer.
11# 2. Redistributions in binary form must reproduce the above copyright
12# notice, this list of conditions and the following disclaimer in the
13# documentation and/or other materials provided with the distribution.
14#
15# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO, THE
17# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20# DAMAGES (INLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25# SUCH DAMAGE.
26#
27# $FreeBSD: head/usr.sbin/bsdconfig/security/kern_securelevel 242096 2012-10-25 21:04:11Z dteske $
27# $FreeBSD: head/usr.sbin/bsdconfig/security/kern_securelevel 242107 2012-10-26 00:31:25Z dteske $
28#
29############################################################ INCLUDES
30
31BSDCFG_SHARE="/usr/share/bsdconfig"
32. $BSDCFG_SHARE/common.subr || exit 1
33f_include $BSDCFG_SHARE/dialog.subr
34f_include $BSDCFG_SHARE/mustberoot.subr
35f_include $BSDCFG_SHARE/sysrc.subr
36
37BSDCFG_LIBE="/usr/libexec/bsdconfig" APP_DIR="130.security"
38f_include_lang $BSDCFG_LIBE/$APP_DIR/include/messages.subr
28#
29############################################################ INCLUDES
30
31BSDCFG_SHARE="/usr/share/bsdconfig"
32. $BSDCFG_SHARE/common.subr || exit 1
33f_include $BSDCFG_SHARE/dialog.subr
34f_include $BSDCFG_SHARE/mustberoot.subr
35f_include $BSDCFG_SHARE/sysrc.subr
36
37BSDCFG_LIBE="/usr/libexec/bsdconfig" APP_DIR="130.security"
38f_include_lang $BSDCFG_LIBE/$APP_DIR/include/messages.subr
39f_include_help SECURELEVEL $BSDCFG_LIBE/$APP_DIR/include/securelevel.hlp
40
39
40SECURELEVEL_HELPFILE=$BSDCFG_LIBE/$APP_DIR/include/securelevel.hlp
41
41ipgm=$( f_index_menu_selection $BSDCFG_LIBE/$APP_DIR/INDEX "$pgm" )
42[ $? -eq $SUCCESS -a "$ipgm" ] && pgm="$ipgm"
43
44############################################################ FUNCTIONS
45
46# dialog_menu_main
47#
48# Display the dialog(1)-based application main menu.
49#
50dialog_menu_main()
51{
52 local menu_list size
53 local hline="$hline_select_securelevel_to_operate_at"
54 local prompt="$msg_securelevels_menu_text"
55
56 menu_list="
57 'X $msg_exit' '$msg_exit_this_menu'
58 '$msg_disabled' '$msg_disable_securelevels'
59 '$msg_secure' '$msg_secure_mode'
60 '$msg_highly_secure' '$msg_highly_secure_mode'
61 '$msg_network_secure' '$msg_network_secure_mode'
62 " # END-QUOTE
63
64 size=$( eval f_dialog_menu_size \
65 \"\$DIALOG_TITLE\" \
66 \"\$DIALOG_BACKTITLE\" \
67 \"\$prompt\" \
68 \"\$hline\" \
69 $menu_list )
70
71 local dialog_menu
72 dialog_menu=$( eval $DIALOG \
73 --clear --title \"\$DIALOG_TITLE\" \
74 --backtitle \"\$DIALOG_BACKTITLE\" \
75 --hline \"\$hline\" \
76 --ok-label \"\$msg_ok\" \
77 --cancel-label \"\$msg_cancel\" \
78 --help-button \
79 ${USE_XDIALOG:+--help \"\"} \
80 --menu \"\$prompt\" $size \
81 $menu_list \
82 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD
83 )
84 local retval=$?
85 setvar DIALOG_MENU_$$ "$dialog_menu"
86 return $retval
87}
88
89############################################################ MAIN
90
91# Incorporate rc-file if it exists
92[ -f "$HOME/.bsdconfigrc" ] && f_include "$HOME/.bsdconfigrc"
93
94#
95# Process command-line arguments
96#
97while getopts hSX flag; do
98 case "$flag" in
99 h|\?) f_usage $BSDCFG_LIBE/$APP_DIR/USAGE "PROGRAM_NAME" "$pgm";;
100 esac
101done
102shift $(( $OPTIND - 1 ))
103
104#
105# Initialize
106#
107f_dialog_init
108f_dialog_title "$msg_securelevels_menu_title"
109f_dialog_backtitle "${ipgm:+bsdconfig }$pgm"
110f_mustberoot_init
111
112#
113# Launch application main menu
114#
115while :; do
116 dialog_menu_main
117 retval=$?
118 mtag=$( f_dialog_menutag )
119
120 if [ $retval -eq 2 ]; then
121 # The Help button was pressed
42ipgm=$( f_index_menu_selection $BSDCFG_LIBE/$APP_DIR/INDEX "$pgm" )
43[ $? -eq $SUCCESS -a "$ipgm" ] && pgm="$ipgm"
44
45############################################################ FUNCTIONS
46
47# dialog_menu_main
48#
49# Display the dialog(1)-based application main menu.
50#
51dialog_menu_main()
52{
53 local menu_list size
54 local hline="$hline_select_securelevel_to_operate_at"
55 local prompt="$msg_securelevels_menu_text"
56
57 menu_list="
58 'X $msg_exit' '$msg_exit_this_menu'
59 '$msg_disabled' '$msg_disable_securelevels'
60 '$msg_secure' '$msg_secure_mode'
61 '$msg_highly_secure' '$msg_highly_secure_mode'
62 '$msg_network_secure' '$msg_network_secure_mode'
63 " # END-QUOTE
64
65 size=$( eval f_dialog_menu_size \
66 \"\$DIALOG_TITLE\" \
67 \"\$DIALOG_BACKTITLE\" \
68 \"\$prompt\" \
69 \"\$hline\" \
70 $menu_list )
71
72 local dialog_menu
73 dialog_menu=$( eval $DIALOG \
74 --clear --title \"\$DIALOG_TITLE\" \
75 --backtitle \"\$DIALOG_BACKTITLE\" \
76 --hline \"\$hline\" \
77 --ok-label \"\$msg_ok\" \
78 --cancel-label \"\$msg_cancel\" \
79 --help-button \
80 ${USE_XDIALOG:+--help \"\"} \
81 --menu \"\$prompt\" $size \
82 $menu_list \
83 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD
84 )
85 local retval=$?
86 setvar DIALOG_MENU_$$ "$dialog_menu"
87 return $retval
88}
89
90############################################################ MAIN
91
92# Incorporate rc-file if it exists
93[ -f "$HOME/.bsdconfigrc" ] && f_include "$HOME/.bsdconfigrc"
94
95#
96# Process command-line arguments
97#
98while getopts hSX flag; do
99 case "$flag" in
100 h|\?) f_usage $BSDCFG_LIBE/$APP_DIR/USAGE "PROGRAM_NAME" "$pgm";;
101 esac
102done
103shift $(( $OPTIND - 1 ))
104
105#
106# Initialize
107#
108f_dialog_init
109f_dialog_title "$msg_securelevels_menu_title"
110f_dialog_backtitle "${ipgm:+bsdconfig }$pgm"
111f_mustberoot_init
112
113#
114# Launch application main menu
115#
116while :; do
117 dialog_menu_main
118 retval=$?
119 mtag=$( f_dialog_menutag )
120
121 if [ $retval -eq 2 ]; then
122 # The Help button was pressed
122 f_show_msg "%s" "$( f_include_help SECURELEVEL )"
123 f_show_help "$SECURELEVEL_HELPFILE"
123 continue
124 elif [ $retval -ne 0 ]; then
125 f_die
126 fi
127
128 break
129done
130
131case "$mtag" in
132"$msg_disabled")
133 f_sysrc_set kern_securelevel_enable "NO"
134 ;;
135"$msg_secure")
136 f_sysrc_set kern_securelevel_enable "YES"
137 f_sysrc_set kern_securelevel "1"
138 ;;
139"$msg_highly_secure")
140 f_sysrc_set kern_securelevel_enable "YES"
141 f_sysrc_set kern_securelevel "2"
142 ;;
143"$msg_network_secure")
144 f_sysrc_set kern_securelevel_enable "YES"
145 f_sysrc_set kern_securelevel "3"
146 ;;
147esac
148
149exit $SUCCESS
150
151################################################################################
152# END
153################################################################################
124 continue
125 elif [ $retval -ne 0 ]; then
126 f_die
127 fi
128
129 break
130done
131
132case "$mtag" in
133"$msg_disabled")
134 f_sysrc_set kern_securelevel_enable "NO"
135 ;;
136"$msg_secure")
137 f_sysrc_set kern_securelevel_enable "YES"
138 f_sysrc_set kern_securelevel "1"
139 ;;
140"$msg_highly_secure")
141 f_sysrc_set kern_securelevel_enable "YES"
142 f_sysrc_set kern_securelevel "2"
143 ;;
144"$msg_network_secure")
145 f_sysrc_set kern_securelevel_enable "YES"
146 f_sysrc_set kern_securelevel "3"
147 ;;
148esac
149
150exit $SUCCESS
151
152################################################################################
153# END
154################################################################################