ugidfw revision 144515
1#!/bin/sh 2# 3# $FreeBSD: head/etc/rc.d/ugidfw 144515 2005-04-02 00:01:03Z trhodes $ 4 5# PROVIDE: ugidfw 6# REQUIRE: 7# BEFORE: LOGIN 8# KEYWORD: nojail 9 10. /etc/rc.subr 11 12name="ugidfw" 13rcvar="ugidfw_enable" 14start_cmd="ugidfw_start" 15start_precmd="ugidfw_precmd" 16stop_cmd="ugidfw_stop" 17 18ugidfw_load() 19{ 20 if [ -r "${bsdextended_script}" ]; then 21 . "${bsdextended_script}" 22 echo -n " ${_bsdextended_profile}" 23 fi 24} 25 26ugidfw_precmd() 27{ 28 if ! sysctl security.mac.bsdextended 29 then kldload mac_bsdextended 30 if [ "$?" -ne "0" ] 31 then warn Unable to load the mac_bsdextended module. 32 return 1 33 else 34 return 0 35 fi 36 fi 37 return 0 38} 39 40ugidfw_start() 41{ 42 # check for existing profiles and set the default policy script 43 # if none was specified 44 [ -z "${bsdextended_profiles}" ] && { 45 bsdextended_profiles=default 46 [ -z "${bsdextended_script}" ] && bsdextended_script=/etc/rc.bsdextended 47 bsdextended_default_script=/etc/rc.bsdextended 48 } 49 50 echo -n "Loading MAC bsdextended rules:" 51 for _bsdextended_profile in ${bsdextended_profiles}; do 52 eval bsdextended_script=\"\$bsdextended_${_bsdextended_profile}_script\" 53 ugidfw_load 54 done 55 echo '.' 56} 57 58ugidfw_stop() 59{ 60 # Disable the policy 61 # 62 kldunload mac_bsdextended 63} 64 65load_rc_config $name 66run_rc_command "$1" 67