Add a Securelevel sub-menu to the Security configuration menu,

permitting the administrator to select a securelevel top operate
at.  Include a helpfile summarizing some of the information from
init(8).  This allows for explicit configuration of securelevels,
which was previously implicit in Security Profile selection.
Currently, there are no checkboxes for the active securelevel,
because sysinstall's facilities for deriving "current settings"
from rc.conf may use only one variable, not two, and I opted for
the simplest approach at this point.

Approved by:	re (scottl)

3 files changed, 77 insertions, 0 deletions

diff --git a/usr.sbin/sade/config.c b/usr.sbin/sade/config.c
index 570cb61..27937e1 100644
--- a/usr.sbin/sade/config.c
+++ b/usr.sbin/sade/config.c
@@ -537,6 +537,52 @@ configOSF1(dialogMenuItem *self)
 #endif
 
 int
+configSecurelevel(dialogMenuItem *self)
+{
+    WINDOW *w = savescr();
+
+    dialog_clear_norefresh();
+    dmenuOpenSimple(&MenuSecurelevel, FALSE);
+    restorescr(w);
+    return DITEM_SUCCESS;
+}
+
+int
+configSecurelevelDisabled(dialogMenuItem *self)
+{
+
+    variable_set2("kern_securelevel_enable", "NO", 1);
+    return DITEM_SUCCESS;
+}
+
+int
+configSecurelevelSecure(dialogMenuItem *self)
+{
+
+    variable_set2("kern_securelevel_enable", "YES", 1);
+    variable_set2("kern_securelevel", "1", 1);
+    return DITEM_SUCCESS;
+}
+
+int
+configSecurelevelHighlySecure(dialogMenuItem *self)
+{
+
+    variable_set2("kern_securelevel_enable", "YES", 1);
+    variable_set2("kern_securelevel", "2", 1);
+    return DITEM_SUCCESS;
+}
+
+int
+configSecurelevelNetworkSecure(dialogMenuItem *self)
+{
+
+    variable_set2("kern_securelevel_enable", "YES", 1);
+    variable_set2("kern_securelevel", "3", 1);
+    return DITEM_SUCCESS;
+}
+
+int
 configSecurity(dialogMenuItem *self)
 {
     WINDOW *w = savescr();
diff --git a/usr.sbin/sade/menus.c b/usr.sbin/sade/menus.c
index ef4608c..46b7270 100644
--- a/usr.sbin/sade/menus.c
+++ b/usr.sbin/sade/menus.c
@@ -2229,6 +2229,8 @@ DMenu MenuSecurity = {
     NULL,
     { { "X Exit",      "Exit this menu (returning to previous)",
 	checkTrue, dmenuExit, NULL, NULL, '<', '<', '<' },
+      { " Securelevel",	"Configure securelevels for the system",
+	NULL, configSecurelevel },
 #if 0
       { " LOMAC",         "Use Low Watermark Mandatory Access Control at boot",
 	dmenuVarCheck,  dmenuToggleVariable, NULL, "lomac_enable=YES" },
@@ -2238,6 +2240,28 @@ DMenu MenuSecurity = {
       { NULL } },
 };
 
+DMenu MenuSecurelevel = {
+    DMENU_NORMAL_TYPE | DMENU_SELECTION_RETURNS,
+    "Securelevel Configuration Menu",
+    "This menu allows you to select the securelevel your system runs with.\n"
+    "When operating at a securelevel, certain root privileges are disabled,\n"
+    "which may increase resistance to exploits and protect system integrity.\n"
+    "In secure mode system flags may not be overriden by the root user,\n"
+    "access to direct kernel memory is limited, and kernel modules may not\n"
+    "be changed.  In highly secure mode, mounted file systems may not be\n"
+    "modified on-disk, tampering with the system clock is prohibited.  In\n"
+    "network secure mode configuration changes to firwalling are prohibited.\n",
+    "Select a securelevel to operate at - F1 for help",
+    "securelevel",
+    { { "X Exit",      "Exit this menu (returning to previous)",
+	checkTrue, dmenuExit, NULL, NULL, '<', '<', '<' },
+      { "Disabled", "Disable securelevels", NULL, configSecurelevelDisabled, },
+      { "Secure", "Secure mode", NULL, configSecurelevelSecure },
+      { "Highly Secure", "Highly secure mode", NULL, configSecurelevelHighlySecure }, 
+      { "Network Secure", "Network secure mode", NULL, configSecurelevelNetworkSecure },
+      { NULL } }
+};
+
 DMenu MenuFixit = {
     DMENU_NORMAL_TYPE,
     "Please choose a fixit option",
diff --git a/usr.sbin/sade/sade.h b/usr.sbin/sade/sade.h
index 9ba8336..507bfca 100644
--- a/usr.sbin/sade/sade.h
+++ b/usr.sbin/sade/sade.h
@@ -143,6 +143,7 @@
 #define VAR_IPADDR			"ipaddr"
 #define VAR_IPV6_ENABLE			"ipv6_enable"
 #define VAR_IPV6ADDR			"ipv6addr"
+#define VAR_KERN_SECURELEVEL		"kern_securelevel"
 #define VAR_KEYMAP			"keymap"
 #define VAR_LABEL			"label"
 #define VAR_LABEL_COUNT			"labelCount"
@@ -452,6 +453,7 @@ extern DMenu		MenuMediaTape;		/* Tape media menu				*/
 extern DMenu		MenuNetworkDevice;	/* Network device menu				*/
 extern DMenu		MenuNTP;		/* NTP time server menu				*/
 extern DMenu		MenuSecurity;		/* System security options menu			*/
+extern DMenu		MenuSecurelevel;	/* Securelevel menu */
 extern DMenu		MenuStartup;		/* Startup services menu			*/
 #ifdef WITH_SYSCONS
 extern DMenu		MenuSyscons;		/* System console configuration menu		*/
@@ -531,6 +533,11 @@ extern int	configMTAPostfix(dialogMenuItem *self);
 extern int	configMTAExim(dialogMenuItem *self);
 extern int	configRpcBind(dialogMenuItem *self);
 extern int	configWriteRC_conf(dialogMenuItem *self);
+extern int	configSecurelevel(dialogMenuItem *self);
+extern int	configSecurelevelDisabled(dialogMenuItem *self);
+extern int	configSecurelevelSecure(dialogMenuItem *self);
+extern int	configSecurelevelHighlySecure(dialogMenuItem *self);
+extern int	configSecurelevelNetworkSecure(dialogMenuItem *self);
 extern int	configEtcTtys(dialogMenuItem *self);
 #ifdef __i386__
 extern int	checkLoaderACPI(void);