[BACK]Return to securelevel CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / src / etc / rc.d

File: [cvs.NetBSD.org] / src / etc / rc.d / securelevel (download)

Revision 1.8, Tue Dec 29 17:06:10 2009 UTC (9 years, 2 months ago) by elad
Branch: MAIN
CVS Tags: yamt-pagecache-tag8, yamt-pagecache-base9, yamt-pagecache-base8, yamt-pagecache-base7, yamt-pagecache-base6, yamt-pagecache-base5, yamt-pagecache-base4, yamt-pagecache-base3, yamt-pagecache-base2, yamt-pagecache-base, yamt-pagecache, tls-maxphys-base, tls-maxphys, tls-earlyentropy-base, tls-earlyentropy, riastradh-xf86-video-intel-2-7-1-pre-2-21-15, riastradh-drm2-base3, riastradh-drm2-base2, riastradh-drm2-base1, riastradh-drm2-base, riastradh-drm2, prg-localcount2-base3, prg-localcount2-base2, prg-localcount2-base1, prg-localcount2-base, prg-localcount2, phil-wifi-base, phil-wifi, pgoyette-localcount-base, pgoyette-localcount-20170426, pgoyette-localcount-20170320, pgoyette-localcount-20170107, pgoyette-localcount-20161104, pgoyette-localcount-20160806, pgoyette-localcount-20160726, pgoyette-localcount, pgoyette-compat-merge-20190127, pgoyette-compat-base, pgoyette-compat-20190127, pgoyette-compat-20190118, pgoyette-compat-1226, pgoyette-compat-1126, pgoyette-compat-1020, pgoyette-compat-0930, pgoyette-compat-0906, pgoyette-compat-0728, pgoyette-compat-0625, pgoyette-compat-0521, pgoyette-compat-0502, pgoyette-compat-0422, pgoyette-compat-0415, pgoyette-compat-0407, pgoyette-compat-0330, pgoyette-compat-0322, pgoyette-compat-0315, pgoyette-compat, perseant-stdc-iso10646-base, perseant-stdc-iso10646, netbsd-8-base, netbsd-8-0-RELEASE, netbsd-8-0-RC2, netbsd-8-0-RC1, netbsd-8, netbsd-7-nhusb-base-20170116, netbsd-7-nhusb-base, netbsd-7-nhusb, netbsd-7-base, netbsd-7-2-RELEASE, netbsd-7-1-RELEASE, netbsd-7-1-RC2, netbsd-7-1-RC1, netbsd-7-1-2-RELEASE, netbsd-7-1-1-RELEASE, netbsd-7-1, netbsd-7-0-RELEASE, netbsd-7-0-RC3, netbsd-7-0-RC2, netbsd-7-0-RC1, netbsd-7-0-2-RELEASE, netbsd-7-0-1-RELEASE, netbsd-7-0, netbsd-7, netbsd-6-base, netbsd-6-1-RELEASE, netbsd-6-1-RC4, netbsd-6-1-RC3, netbsd-6-1-RC2, netbsd-6-1-RC1, netbsd-6-1-5-RELEASE, netbsd-6-1-4-RELEASE, netbsd-6-1-3-RELEASE, netbsd-6-1-2-RELEASE, netbsd-6-1-1-RELEASE, netbsd-6-1, netbsd-6-0-RELEASE, netbsd-6-0-RC2, netbsd-6-0-RC1, netbsd-6-0-6-RELEASE, netbsd-6-0-5-RELEASE, netbsd-6-0-4-RELEASE, netbsd-6-0-3-RELEASE, netbsd-6-0-2-RELEASE, netbsd-6-0-1-RELEASE, netbsd-6-0, netbsd-6, matt-nb8-mediatek-base, matt-nb8-mediatek, matt-nb6-plus-nbase, matt-nb6-plus-base, matt-nb6-plus, matt-mips64-premerge-20101231, localcount-20160914, khorben-n900, cherry-xenmp-base, cherry-xenmp, bouyer-socketcan-base1, bouyer-socketcan-base, bouyer-socketcan, bouyer-quota2-nbase, bouyer-quota2-base, bouyer-quota2, agc-symver-base, agc-symver, HEAD
Changes since 1.7: +7 -2 lines

Securelevel might not be present, properly complain instead of printing
error messages from sysctl(8).

#!/bin/sh
#
# $NetBSD: securelevel,v 1.8 2009/12/29 17:06:10 elad Exp $
#

# PROVIDE: securelevel
# REQUIRE: ipnat mountd
# BEFORE:  DAEMON

$_rc_subr_loaded . /etc/rc.subr

name="securelevel"
start_cmd="securelevel_start"
stop_cmd=":"

securelevel_start()
{
	#	if $securelevel is set higher, change it here, else if
	#	it is 0, change it to 1 here, before we start daemons
	#	or login services.
	#
	osecurelevel=$(sysctl -n kern.securelevel 2>&-)
	if [ $? != 0 ]; then
		echo "Can't set securelevel. (kern.securelevel sysctl not present.)"
		exit 1
	fi

	if [ -n "$securelevel" -a "$securelevel" != "$osecurelevel" ]; then
		if [ "$securelevel" -lt "$osecurelevel" ]; then
			echo "Can't lower securelevel."
			exit 1
		else
			echo -n "Setting securelevel: "
			sysctl -w kern.securelevel=$securelevel
		fi
	else
		if [ "$osecurelevel" = 0 ]; then
			echo -n "Setting securelevel: "
			sysctl -w kern.securelevel=1
		fi
 	fi
}

load_rc_config $name
run_rc_command "$1"