Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sbin/init Keep an internal variable indicating whether secur...
details: https://anonhg.NetBSD.org/src/rev/34bb5204bd3f
branches: trunk
changeset: 750387:34bb5204bd3f
user: elad <elad%NetBSD.org@localhost>
date: Tue Dec 29 17:07:17 2009 +0000
description:
Keep an internal variable indicating whether securelevel is present, and
don't blindly try to get/set it. Prevents error messages that don't make
sense if securelevel isn't supported by the kernel.
diffstat:
sbin/init/init.c | 43 +++++++++++++++++++++++++++++++++++++++++--
1 files changed, 41 insertions(+), 2 deletions(-)
diffs (94 lines):
diff -r 78c45358a959 -r 34bb5204bd3f sbin/init/init.c
--- a/sbin/init/init.c Tue Dec 29 17:06:10 2009 +0000
+++ b/sbin/init/init.c Tue Dec 29 17:07:17 2009 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: init.c,v 1.99 2009/11/22 18:40:26 mbalmer Exp $ */
+/* $NetBSD: init.c,v 1.100 2009/12/29 17:07:17 elad Exp $ */
/*-
* Copyright (c) 1991, 1993
@@ -42,7 +42,7 @@
#if 0
static char sccsid[] = "@(#)init.c 8.2 (Berkeley) 4/28/95";
#else
-__RCSID("$NetBSD: init.c,v 1.99 2009/11/22 18:40:26 mbalmer Exp $");
+__RCSID("$NetBSD: init.c,v 1.100 2009/12/29 17:07:17 elad Exp $");
#endif
#endif /* not lint */
@@ -170,8 +170,10 @@
pid_t start_getty(session_t *);
void transition_handler(int);
void alrm_handler(int);
+int has_securelevel(void);
void setsecuritylevel(int);
int getsecuritylevel(void);
+int securelevel_present;
int setupargv(session_t *, struct ttyent *);
int clang;
@@ -325,6 +327,13 @@
#endif /* !LETS_GET_SMALL && CHROOT*/
/*
+ * Securelevel might not be supported by the kernel. Query for it, and
+ * set a variable indicating whether we should attempt anything with it
+ * or not.
+ */
+ securelevel_present = has_securelevel();
+
+ /*
* Start the state machine.
*/
transition(requested_transition);
@@ -481,6 +490,30 @@
}
/*
+ * Check if securelevel is present.
+ */
+int
+has_securelevel(void)
+{
+#ifdef KERN_SECURELVL
+ int name[2], curlevel;
+ size_t len;
+
+ name[0] = CTL_KERN;
+ name[1] = KERN_SECURELVL;
+ len = sizeof curlevel;
+ if (sysctl(name, 2, &curlevel, &len, NULL, 0) == -1) {
+ /* If it doesn't exist, it's okay. */
+ if (errno == ENOENT)
+ return 0;
+ }
+ return 1;
+#else
+ return 0;
+#endif
+}
+
+/*
* Get the security level of the kernel.
*/
int
@@ -490,6 +523,9 @@
int name[2], curlevel;
size_t len;
+ if (!securelevel_present)
+ return -1;
+
name[0] = CTL_KERN;
name[1] = KERN_SECURELVL;
len = sizeof curlevel;
@@ -512,6 +548,9 @@
#ifdef KERN_SECURELVL
int name[2], curlevel;
+ if (!securelevel_present)
+ return;
+
curlevel = getsecuritylevel();
if (newlevel == curlevel)
return;
Home |
Main Index |
Thread Index |
Old Index