Add a ugidfw_load() function and fix up some of the scripting in this file.

This will allow better integration with the ports system. Submitted by: clement
svn path=/head/; revision=144515
2005-04-02 00:01:03 +00:00 · 2005-04-02 00:01:03 +00:00 · bfd02b7da8 · 2020-12-20 02:59:44 +00:00
commit bfd02b7da8
parent 8f3e5dd0aa
1 changed files with 20 additions and 6 deletions
--- a/etc/rc.d/ugidfw
+++ b/etc/rc.d/ugidfw
@ -15,6 +15,14 @@ start_cmd="ugidfw_start"
 start_precmd="ugidfw_precmd"
 stop_cmd="ugidfw_stop"

+ugidfw_load()
+{
+	if [ -r "${bsdextended_script}" ]; then
+		. "${bsdextended_script}"
+		echo -n " ${_bsdextended_profile}"
+	fi
+}
+
 ugidfw_precmd()
 {
 	if ! sysctl security.mac.bsdextended
@ -31,13 +39,19 @@ ugidfw_precmd()

 ugidfw_start()
 {
-	# set the default policy script if none was specified
-	[ -z "${bsdextended_script}" ] && bsdextended_script=/etc/rc.bsdextended
+	# check for existing profiles and set the default policy script 
+	# if none was specified
+	[ -z "${bsdextended_profiles}" ] && {
+	  bsdextended_profiles=default
+	  [ -z "${bsdextended_script}" ] && bsdextended_script=/etc/rc.bsdextended
+	  bsdextended_default_script=/etc/rc.bsdextended
+	}

-	if [ -r "${bsdextended_script}" ]; then
-		. "${bsdextended_script}"
-		echo -n 'MAC bsdextended rules loaded sucessfully.'
-	fi
+	echo -n "Loading MAC bsdextended rules:" 
+	for _bsdextended_profile in ${bsdextended_profiles}; do
+	  eval bsdextended_script=\"\$bsdextended_${_bsdextended_profile}_script\"
+	  ugidfw_load
+	done
 	echo '.'
 }