diff options
Diffstat (limited to 'etc/rc.d')
-rwxr-xr-x | etc/rc.d/Makefile | 2 | ||||
-rw-r--r-- | etc/rc.d/ugidfw | 52 |
2 files changed, 53 insertions, 1 deletions
diff --git a/etc/rc.d/Makefile b/etc/rc.d/Makefile index 61bc3e8..2d6f59d 100755 --- a/etc/rc.d/Makefile +++ b/etc/rc.d/Makefile @@ -34,7 +34,7 @@ FILES= DAEMON LOGIN NETWORKING SERVERS \ serial sppp sshd swap1 \ syscons sysctl syslogd \ timed tmp \ - usbd \ + ugidfw usbd \ var vinum virecover \ watchdogd \ ypbind yppasswdd ypserv \ diff --git a/etc/rc.d/ugidfw b/etc/rc.d/ugidfw new file mode 100644 index 0000000..7e033c8 --- /dev/null +++ b/etc/rc.d/ugidfw @@ -0,0 +1,52 @@ +#!/bin/sh +# +# $FreeBSD$ + +# PROVIDE: ugidfw +# REQUIRE: +# BEFORE: LOGIN +# KEYWORD: FreeBSD nojail + +. /etc/rc.subr + +name="ugidfw" +rcvar="ugidfw_enable" +start_cmd="ugidfw_start" +start_precmd="ugidfw_precmd" +stop_cmd="ugidfw_stop" + +ugidfw_precmd() +{ + if ! sysctl security.mac.bsdextended + then kldload mac_bsdextended + if [ "$?" -ne "0" ] + then warn Unable to load the mac_bsdextended module. + return 1 + else + return 0 + fi + fi + return 0 +} + +ugidfw_start() +{ + # set the default policy script if none was specified + [ -z "${bsdextended_script}" ] && bsdextended_script=/etc/rc.bsdextended + + if [ -r "${bsdextended_script}" ]; then + . "${bsdextended_script}" + echo -n 'MAC bsdextended rules loaded sucessfully.' + fi + echo '.' +} + +ugidfw_stop() +{ + # Disable the policy + # + kldunload mac_bsdextended +} + +load_rc_config $name +run_rc_command "$1" |