freebsd-dev/etc/rc.d/cleartmp
Eric Anholt b9a9947eca Create three additional X socket directories. Using X applications when another
user owns these directories or the sticky bit is unset may open security holes,
so simply create them at startup with the correct owner/mode.

MFC after:	1 day
2005-01-12 07:18:25 +00:00

41 lines
963 B
Bash
Executable File

#!/bin/sh
#
# $NetBSD: cleartmp,v 1.4 2002/03/22 04:33:58 thorpej Exp $
# $FreeBSD$
#
# PROVIDE: cleartmp
# REQUIRE: mountcritremote tmp
# BEFORE: DAEMON
. /etc/rc.subr
name="cleartmp"
rcvar=`set_rcvar clear_tmp`
start_cmd="cleartmp_start"
stop_cmd=":"
x11_socket_dirs="/tmp/.X11-unix /tmp/.ICE-unix /tmp/.font-unix /tmp/.XIM-unix"
cleartmp_start()
{
echo "Clearing /tmp."
#
# Prune quickly with one rm, then use find to clean up
# /tmp/[lq]* (this is not needed with mfs /tmp, but
# doesn't hurt anything).
#
(cd /tmp && rm -rf [a-km-pr-zA-Z]* &&
find -x . ! -name . ! -name lost+found ! -name quota.user \
! -name quota.group -exec rm -rf -- {} \; -type d -prune)
}
load_rc_config $name
run_rc_command "$1"
# Remove X lock files, since they will prevent you from restarting X.
rm -f /tmp/.X[0-9]-lock
# Create socket directories with correct permissions to avoid security problem.
rm -fr ${x11_socket_dirs}
mkdir -m 1777 ${x11_socket_dirs}