xref: /dragonfly/etc/rc.d/securelevel (revision 1d1731fa) 
1#!/bin/sh
2#
3# $NetBSD: securelevel,v 1.4 2002/03/22 04:34:00 thorpej Exp $
4# $FreeBSD: src/etc/rc.d/securelevel,v 1.6 2003/05/05 15:38:41 mtm Exp $
5# $DragonFly: src/etc/rc.d/securelevel,v 1.1 2003/07/24 06:35:37 dillon Exp $
6#
7
8# PROVIDE: securelevel
9# KEYWORD: DragonFly FreeBSD NetBSD
10
11. /etc/rc.subr
12
13name="securelevel"
14start_cmd="securelevel_start"
15stop_cmd=":"
16
17securelevel_start()
18{
19	# Last chance to set sysctl variables that failed the first time.
20	#
21	/etc/rc.d/sysctl lastload
22
23	case ${OSTYPE} in
24	DragonFly)
25		 case ${kern_securelevel_enable} in
26                [Yy][Ee][Ss])
27                        if [ ${kern_securelevel} -ge 0 ]; then
28                                echo 'Raising kernel security level: '
29                                ${SYSCTL_W} kern.securelevel=${kern_securelevel}
30                        fi
31                        ;;
32                esac
33                ;;
34
35	FreeBSD)
36		case ${kern_securelevel_enable} in
37		[Yy][Ee][Ss])
38			if [ ${kern_securelevel} -ge 0 ]; then
39				echo 'Raising kernel security level: '
40				${SYSCTL_W} kern.securelevel=${kern_securelevel}
41			fi
42			;;
43		esac
44		;;
45	NetBSD)
46		#	if $securelevel is set higher, change it here, else if
47		#	it is 0, change it to 1 here, before we start daemons
48		#	or login services.
49		#
50		osecurelevel=`sysctl -n kern.securelevel`
51		if [ -n "$securelevel" -a "$securelevel" != "$osecurelevel" ]; then
52			if [ "$securelevel" -lt "$osecurelevel" ]; then
53				echo "Can't lower securelevel."
54				exit 1
55			else
56				echo -n "Setting securelevel: "
57				${SYSCTL_W} kern.securelevel=$securelevel
58			fi
59		else
60			if [ "$osecurelevel" = 0 ]; then
61				echo -n "Setting securelevel: "
62				${SYSCTL_W} kern.securelevel=1
63			fi
64		fi
65		;;
66	esac
67}
68
69load_rc_config $name
70run_rc_command "$1"
71