PERFORCE change 45353 for review
Robert Watson
rwatson at FreeBSD.org
Wed Jan 14 20:21:42 GMT 2004
http://perforce.freebsd.org/chv.cgi?CH=45353
Change 45353 by rwatson at rwatson_tislabs on 2004/01/14 12:21:39
Create /var and /tmp as multi-label file systems, and perform
a touch of initial labeling. This was lost when rc.diskless[12]
moved to rcNG bits.
Affected files ...
.. //depot/projects/trustedbsd/mac/etc/rc.d/diskless#11 edit
.. //depot/projects/trustedbsd/mac/etc/rc.d/initdiskless#11 edit
Differences ...
==== //depot/projects/trustedbsd/mac/etc/rc.d/diskless#11 (text+ko) ====
@@ -47,7 +47,7 @@
if [ -n "$3" ]; then
bpi="-i $3"
fi
- /sbin/mdmfs $bpi -s $1 -M md $2
+ /sbin/mdmfs $bpi -s $1 -l -M md $2
}
# If there is a global system configuration file, suck it in.
@@ -95,6 +95,15 @@
;;
esac
+if sysctl security.mac > /dev/null 2>&1 ; then
+ setfmac biba/equal,mls/equal,te/equal /var/tmp
+ setfmac biba/equal,mls/equal,te/equal /var/tmp/vi.recover
+ setfmac biba/equal,mls/equal,te/equal /var/spool/lock
+ setfmac biba/equal,mls/equal,te/mailqueue_t /var/spool/mqueue
+ setfmac biba/equal,mls/equal,te/maildir_t /var/mail
+ setfmac biba/equal,mls/equal,te/equal /var/run
+fi
+
echo "+++ create log files based on the contents of /etc/newsyslog.conf"
LOGFILES=`/usr/bin/awk '$1 != "#" { printf "%s ", $1 } ' /etc/newsyslog.conf`
if [ -n "$LOGFILES" ]; then
==== //depot/projects/trustedbsd/mac/etc/rc.d/initdiskless#11 (text+ko) ====
@@ -103,7 +103,7 @@
# Create a generic memory disk
#
mount_md() {
- /sbin/mdmfs -i 4096 -s $1 -M md $2
+ /sbin/mdmfs -i 4096 -s $1 -l -M md $2
}
# Create the memory filesystem if it has not already been created
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list