PERFORCE change 18111 for review

Wed Sep 25 03:25:38 GMT 2002

http://people.freebsd.org/~peter/p4db/chv.cgi?CH=18111

Change 18111 by amigus at amigus_ganymede on 2002/09/24 20:25:33

	Tweak.

Affected files ...

.. //depot/projects/trustedbsd/misc/scripts/mac_boot.pl#4 edit
.. //depot/projects/trustedbsd/misc/scripts/master_script.sh#2 edit
.. //depot/projects/trustedbsd/misc/scripts/relabeluser#1 add
.. //depot/projects/trustedbsd/misc/scripts/setup#1 add

Differences ...

==== //depot/projects/trustedbsd/misc/scripts/mac_boot.pl#4 (text+ko) ====

@@ -63,14 +63,6 @@
 
 print "Entering MAC/MLS boot script.\n";
 
-system ("passwd $CF_OPS{'so_username'}")
-unless (-f $STATE_FILE);
-
-print "Labeling Security Officers files...\n" and
-system ("/usr/local/sbin/mac_user_label.pl --directory /home/so".
-    "--file-label mls/high --run-label mls/equal")
-unless (-f $STATE_FILE);
-
 unless (-f $STATE_FILE) {
 	print "Initializing filesystems for MAC/MLS...\n";
 	
@@ -141,6 +133,14 @@
 	rename("/etc/fstab.update", "/etc/fstab"); 
 }
 
+system ("passwd $CF_OPS{'so_username'}")
+unless (-f $STATE_FILE);
+
+print "Labeling Security Officers files...\n" and
+system ("/usr/local/sbin/mac_user_label.pl --directory /home/so ".
+    "--file-label mls/high --run-label mls/equal")
+unless (-f $STATE_FILE);
+
 open(FH,">$STATE_FILE") || die "$program: cannot create $STATE_FILE: $!";
 close (FH);
 

==== //depot/projects/trustedbsd/misc/scripts/master_script.sh#2 (text+ko) ====

@@ -31,7 +31,11 @@
 install -m 555 -o root -g wheel mac_boot.pl /usr/local/sbin
 [ $? -ne 0 ] && echo "Error!" && exit 1
 install -m 555 -o root -g wheel mac_default_label.pl /usr/local/sbin
-touch /etc/.mac_installed
+[ $? -ne 0 ] && echo "Error!" && exit 1
+install -m 555 -o root -g wheel mac_user_label.pl /usr/local/sbin
+[ $? -ne 0 ] && echo "Error!" && exit 1
+install -m 555 -o root -g wheel relabeluser /usr/local/sbin
+[ $? -ne 0 ] && echo "Error!" && exit 1
 
 echo "Enabling boot program."
 mac_enable_boot.pl --etc-directory /etc \
@@ -49,17 +53,11 @@
 [ $? -ne 0 ] && echo "Error!" && exit 1
 
 mac_update_login_conf.pl --login-config-file /etc/login.conf \
-	--user root \
+	--user so \
 	--label "mls/low(low-high)" \
 	--tty-label "mls/low(low-high)"
 [ $? -ne 0 ] && echo "Error!" && exit 1
 
-mac_update_login_conf.pl --login-config-file /etc/login.conf \
-	--user so \
-	--label "mls/high(low-high)" \
-	--tty-label "mls/high(low-high)"
-[ $? -ne 0 ] && echo "Error!" && exit 1
-
 cap_mkdb /etc/login.conf
 [ $? -ne 0 ] && echo "Error!" && exit 1
 
@@ -67,3 +65,5 @@
 mac_add_so_account.pl --username so --real-name "Security Officer" \
 	--shell /usr/local/bin/bash
 [ $? -ne 0 ] && echo "Error!" && exit 1
+
+touch /etc/.mac_installed
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message

