kern_securelevel revision 245401 
1238438Sdteske#!/bin/sh
2238438Sdteske#-
3238438Sdteske# Copyright (c) 2012 Devin Teske
4238438Sdteske# All Rights Reserved.
5238438Sdteske#
6238438Sdteske# Redistribution and use in source and binary forms, with or without
7238438Sdteske# modification, are permitted provided that the following conditions
8238438Sdteske# are met:
9238438Sdteske# 1. Redistributions of source code must retain the above copyright
10238438Sdteske#    notice, this list of conditions and the following disclaimer.
11238438Sdteske# 2. Redistributions in binary form must reproduce the above copyright
12238438Sdteske#    notice, this list of conditions and the following disclaimer in the
13238438Sdteske#    documentation and/or other materials provided with the distribution.
14238438Sdteske#
15238438Sdteske# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
16238438Sdteske# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO, THE
17238438Sdteske# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
18238438Sdteske# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
19238438Sdteske# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
20238438Sdteske# DAMAGES (INLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
21238438Sdteske# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
22238438Sdteske# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
23238438Sdteske# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
24238438Sdteske# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
25238438Sdteske# SUCH DAMAGE.
26238438Sdteske#
27238438Sdteske# $FreeBSD: head/usr.sbin/bsdconfig/security/kern_securelevel 245401 2013-01-14 01:09:23Z dteske $
28238438Sdteske#
29238438Sdteske############################################################ INCLUDES
30238438Sdteske
31240684SdteskeBSDCFG_SHARE="/usr/share/bsdconfig"
32240684Sdteske. $BSDCFG_SHARE/common.subr || exit 1
33244675Sdteskef_dprintf "%s: loading includes..." "$0"
34240684Sdteskef_include $BSDCFG_SHARE/dialog.subr
35240684Sdteskef_include $BSDCFG_SHARE/mustberoot.subr
36240684Sdteskef_include $BSDCFG_SHARE/sysrc.subr
37238438Sdteske
38240684SdteskeBSDCFG_LIBE="/usr/libexec/bsdconfig" APP_DIR="130.security"
39238438Sdteskef_include_lang $BSDCFG_LIBE/$APP_DIR/include/messages.subr
40238438Sdteske
41242107SdteskeSECURELEVEL_HELPFILE=$BSDCFG_LIBE/$APP_DIR/include/securelevel.hlp
42242107Sdteske
43243112Sdteskeipgm=$( f_index_menusel_keyword $BSDCFG_LIBE/$APP_DIR/INDEX "$pgm" )
44238438Sdteske[ $? -eq $SUCCESS -a "$ipgm" ] && pgm="$ipgm"
45238438Sdteske
46238438Sdteske############################################################ FUNCTIONS
47238438Sdteske
48238438Sdteske# dialog_menu_main
49238438Sdteske#
50238438Sdteske# Display the dialog(1)-based application main menu.
51238438Sdteske#
52238438Sdteskedialog_menu_main()
53238438Sdteske{
54238438Sdteske	local menu_list size
55238438Sdteske	local hline="$hline_select_securelevel_to_operate_at"
56238438Sdteske	local prompt="$msg_securelevels_menu_text"
57238438Sdteske
58238438Sdteske	menu_list="
59238438Sdteske		'X $msg_exit'         '$msg_exit_this_menu'
60238438Sdteske		'$msg_disabled'       '$msg_disable_securelevels'
61238438Sdteske		'$msg_secure'         '$msg_secure_mode'
62238438Sdteske		'$msg_highly_secure'  '$msg_highly_secure_mode'
63238438Sdteske		'$msg_network_secure' '$msg_network_secure_mode'
64238438Sdteske	" # END-QUOTE
65238438Sdteske
66238438Sdteske	size=$( eval f_dialog_menu_size \
67238438Sdteske	        	\"\$DIALOG_TITLE\"     \
68238438Sdteske	        	\"\$DIALOG_BACKTITLE\" \
69238438Sdteske	                \"\$prompt\"           \
70238438Sdteske	        	\"\$hline\"            \
71238438Sdteske	        	$menu_list             )
72238438Sdteske
73240768Sdteske	local dialog_menu
74240768Sdteske	dialog_menu=$( eval $DIALOG \
75238438Sdteske		--clear --title \"\$DIALOG_TITLE\" \
76238438Sdteske		--backtitle \"\$DIALOG_BACKTITLE\" \
77238438Sdteske		--hline \"\$hline\"                \
78238438Sdteske		--ok-label \"\$msg_ok\"            \
79238438Sdteske		--cancel-label \"\$msg_cancel\"    \
80241899Sdteske		--help-button                      \
81245401Sdteske		--help-label \"\$msg_help\"        \
82242096Sdteske		${USE_XDIALOG:+--help \"\"}        \
83238438Sdteske		--menu \"\$prompt\" $size          \
84238438Sdteske		$menu_list                         \
85240768Sdteske		2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD
86240768Sdteske	)
87240768Sdteske	local retval=$?
88240768Sdteske	setvar DIALOG_MENU_$$ "$dialog_menu"
89240768Sdteske	return $retval
90238438Sdteske}
91238438Sdteske
92238438Sdteske############################################################ MAIN
93238438Sdteske
94238438Sdteske# Incorporate rc-file if it exists
95238438Sdteske[ -f "$HOME/.bsdconfigrc" ] && f_include "$HOME/.bsdconfigrc"
96238438Sdteske
97238438Sdteske#
98238438Sdteske# Process command-line arguments
99238438Sdteske#
100238438Sdteskewhile getopts hSX flag; do
101238438Sdteske	case "$flag" in
102238438Sdteske	h|\?) f_usage $BSDCFG_LIBE/$APP_DIR/USAGE "PROGRAM_NAME" "$pgm";;
103238438Sdteske	esac
104238438Sdteskedone
105238438Sdteskeshift $(( $OPTIND - 1 ))
106238438Sdteske
107238438Sdteske#
108238438Sdteske# Initialize
109238438Sdteske#
110238438Sdteskef_dialog_title "$msg_securelevels_menu_title"
111238438Sdteskef_dialog_backtitle "${ipgm:+bsdconfig }$pgm"
112238438Sdteskef_mustberoot_init
113238438Sdteske
114238438Sdteske#
115238438Sdteske# Launch application main menu
116238438Sdteske#
117241899Sdteskewhile :; do
118241899Sdteske	dialog_menu_main
119241899Sdteske	retval=$?
120241899Sdteske	mtag=$( f_dialog_menutag )
121238438Sdteske
122241899Sdteske	if [ $retval -eq 2 ]; then
123241899Sdteske		# The Help button was pressed
124242107Sdteske		f_show_help "$SECURELEVEL_HELPFILE"
125241899Sdteske		continue
126241899Sdteske	elif [ $retval -ne 0 ]; then
127241899Sdteske		f_die
128241899Sdteske	fi
129238438Sdteske
130241899Sdteske	break
131241899Sdteskedone
132241899Sdteske
133238438Sdteskecase "$mtag" in
134238438Sdteske"$msg_disabled")
135238438Sdteske	f_sysrc_set kern_securelevel_enable "NO"
136238438Sdteske	;;
137238438Sdteske"$msg_secure")
138238438Sdteske	f_sysrc_set kern_securelevel_enable "YES"
139238438Sdteske	f_sysrc_set kern_securelevel "1" 
140238438Sdteske	;;
141238438Sdteske"$msg_highly_secure")
142238438Sdteske	f_sysrc_set kern_securelevel_enable "YES"
143238438Sdteske	f_sysrc_set kern_securelevel "2" 
144238438Sdteske	;;
145238438Sdteske"$msg_network_secure")
146238438Sdteske	f_sysrc_set kern_securelevel_enable "YES"
147238438Sdteske	f_sysrc_set kern_securelevel "3" 
148238438Sdteske	;;
149238438Sdteskeesac
150238438Sdteske
151238438Sdteskeexit $SUCCESS
152238438Sdteske
153238438Sdteske################################################################################
154238438Sdteske# END
155238438Sdteske################################################################################
156