Cross Reference: /freebsd-10.2-release/usr.sbin/bsdconfig/security/kern_securelevel

97403Sobrien#!/bin/sh
97403Sobrien#-
169691Skan# Copyright (c) 2012 Devin Teske
169691Skan# All Rights Reserved.
117397Skan#
97403Sobrien# Redistribution and use in source and binary forms, with or without
97403Sobrien# modification, are permitted provided that the following conditions
97403Sobrien# are met:
97403Sobrien# 1. Redistributions of source code must retain the above copyright
97403Sobrien#    notice, this list of conditions and the following disclaimer.
97403Sobrien# 2. Redistributions in binary form must reproduce the above copyright
97403Sobrien#    notice, this list of conditions and the following disclaimer in the
97403Sobrien#    documentation and/or other materials provided with the distribution.
97403Sobrien#
97403Sobrien# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
97403Sobrien# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO, THE
97403Sobrien# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
97403Sobrien# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
97403Sobrien# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
169691Skan# DAMAGES (INLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
97403Sobrien# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
97403Sobrien# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
97403Sobrien# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
97403Sobrien# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
97403Sobrien# SUCH DAMAGE.
97403Sobrien#
97403Sobrien# $FreeBSD: head/usr.sbin/bsdconfig/security/kern_securelevel 244675 2012-12-25 10:47:45Z dteske $
97403Sobrien#
97403Sobrien############################################################ INCLUDES
97403Sobrien
97403SobrienBSDCFG_SHARE="/usr/share/bsdconfig"
169691Skan. $BSDCFG_SHARE/common.subr || exit 1
169691Skanf_dprintf "%s: loading includes..." "$0"
169691Skanf_include $BSDCFG_SHARE/dialog.subr
169691Skanf_include $BSDCFG_SHARE/mustberoot.subr
169691Skanf_include $BSDCFG_SHARE/sysrc.subr
132720Skan
132720SkanBSDCFG_LIBE="/usr/libexec/bsdconfig" APP_DIR="130.security"
97403Sobrienf_include_lang $BSDCFG_LIBE/$APP_DIR/include/messages.subr
97403Sobrien
97403SobrienSECURELEVEL_HELPFILE=$BSDCFG_LIBE/$APP_DIR/include/securelevel.hlp
97403Sobrien
169691Skanipgm=$( f_index_menusel_keyword $BSDCFG_LIBE/$APP_DIR/INDEX "$pgm" )
169691Skan[ $? -eq $SUCCESS -a "$ipgm" ] && pgm="$ipgm"
169691Skan
97403Sobrien############################################################ FUNCTIONS
169691Skan
97403Sobrien# dialog_menu_main
169691Skan#
169691Skan# Display the dialog(1)-based application main menu.
169691Skan#
169691Skandialog_menu_main()
169691Skan{
169691Skan	local menu_list size
169691Skan	local hline="$hline_select_securelevel_to_operate_at"
169691Skan	local prompt="$msg_securelevels_menu_text"
169691Skan
169691Skan	menu_list="
169691Skan		'X $msg_exit'         '$msg_exit_this_menu'
169691Skan		'$msg_disabled'       '$msg_disable_securelevels'
169691Skan		'$msg_secure'         '$msg_secure_mode'
169691Skan		'$msg_highly_secure'  '$msg_highly_secure_mode'
169691Skan		'$msg_network_secure' '$msg_network_secure_mode'
169691Skan	" # END-QUOTE
169691Skan
169691Skan	size=$( eval f_dialog_menu_size \
169691Skan	        	\"\$DIALOG_TITLE\"     \
169691Skan	        	\"\$DIALOG_BACKTITLE\" \
169691Skan	                \"\$prompt\"           \
169691Skan	        	\"\$hline\"            \
169691Skan	        	$menu_list             )
169691Skan
169691Skan	local dialog_menu
169691Skan	dialog_menu=$( eval $DIALOG \
169691Skan		--clear --title \"\$DIALOG_TITLE\" \
169691Skan		--backtitle \"\$DIALOG_BACKTITLE\" \
169691Skan		--hline \"\$hline\"                \
169691Skan		--ok-label \"\$msg_ok\"            \
169691Skan		--cancel-label \"\$msg_cancel\"    \
169691Skan		--help-button                      \
169691Skan		${USE_XDIALOG:+--help \"\"}        \
169691Skan		--menu \"\$prompt\" $size          \
169691Skan		$menu_list                         \
169691Skan		2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD
169691Skan	)
169691Skan	local retval=$?
169691Skan	setvar DIALOG_MENU_$$ "$dialog_menu"
169691Skan	return $retval
169691Skan}
169691Skan
169691Skan############################################################ MAIN
169691Skan
169691Skan# Incorporate rc-file if it exists
169691Skan[ -f "$HOME/.bsdconfigrc" ] && f_include "$HOME/.bsdconfigrc"
169691Skan
169691Skan#
169691Skan# Process command-line arguments
169691Skan#
169691Skanwhile getopts hSX flag; do
169691Skan	case "$flag" in
169691Skan	h|\?) f_usage $BSDCFG_LIBE/$APP_DIR/USAGE "PROGRAM_NAME" "$pgm";;
169691Skan	esac
169691Skandone
169691Skanshift $(( $OPTIND - 1 ))
169691Skan
169691Skan#
169691Skan# Initialize
169691Skan#
169691Skanf_dialog_title "$msg_securelevels_menu_title"
169691Skanf_dialog_backtitle "${ipgm:+bsdconfig }$pgm"
169691Skanf_mustberoot_init
169691Skan
169691Skan#
169691Skan# Launch application main menu
169691Skan#
169691Skanwhile :; do
169691Skan	dialog_menu_main
169691Skan	retval=$?
169691Skan	mtag=$( f_dialog_menutag )
169691Skan
169691Skan	if [ $retval -eq 2 ]; then
169691Skan		# The Help button was pressed
169691Skan		f_show_help "$SECURELEVEL_HELPFILE"
169691Skan		continue
169691Skan	elif [ $retval -ne 0 ]; then
169691Skan		f_die
169691Skan	fi
169691Skan
169691Skan	break
169691Skandone
169691Skan
169691Skancase "$mtag" in
169691Skan"$msg_disabled")
169691Skan	f_sysrc_set kern_securelevel_enable "NO"
169691Skan	;;
169691Skan"$msg_secure")
169691Skan	f_sysrc_set kern_securelevel_enable "YES"
169691Skan	f_sysrc_set kern_securelevel "1"
169691Skan	;;
169691Skan"$msg_highly_secure")
169691Skan	f_sysrc_set kern_securelevel_enable "YES"
169691Skan	f_sysrc_set kern_securelevel "2"
169691Skan	;;
169691Skan"$msg_network_secure")
169691Skan	f_sysrc_set kern_securelevel_enable "YES"
169691Skan	f_sysrc_set kern_securelevel "3"
169691Skan	;;
169691Skanesac
169691Skan
169691Skanexit $SUCCESS
169691Skan
169691Skan################################################################################
169691Skan# END
169691Skan################################################################################
169691Skan