freebsd-skq/usr.sbin/bsdconfig/security/kern_securelevel
dteske e9cea34539 Standardize the way functions build their arguments leading up to a dialog
invocation. Specifically, "top-load" your arguments and in the order in-
which they will be displayed. For example, many [if not all] widgets display
information in the following order, top-to-bottom (visually):

+ backtitle (displayed behind the widget at top-left)
+ title (at the top of the `window')
+ prompt text (just below the title and above whatever widget you choose)
+ Depending on widget, _one_ of the following:
  - menu list
  - radio list
  - check list
  - text input box with initial text
  - [Xdialog(1)] 2x or 3x text input boxes
  - [dialog(1)] a multi-part form
  - progress bar
  - etc. (many more widget choices)
+ buttons (right below the selected widget)
+ [dialog(1)] the hline (displayed at bottom of `window')

NOTE: Xdialog(1) accepts and silently ignores --hline

When building local arguments for your dialog invocation, if the value can't
be cleanly loaded into a local, add "# Calculated below" to the end of the
local declaration while retaining the block order of argument declarations.

Move other local declarations that are not associated with this top-loading
the dialog arguments to right-above where they are first-used.

Also, standardize on the names of the arguments. For example, always use
$prompt (instead of sometimes $msg and sometimes $prompt); use $menu_list
or $shell_list or $radio_list for those respective widgets; ad nauseum.

While we're doing this, flush-out full arguments for many invocations that
were passing NULL strings (making it unapparent if you were staring at this
one invocation what argument that NULL string was supposed to represent).

Last, while we're in startup/rcconf let's remove the unnecessary use of a
GLOBAL (RCCONF_MENU_LIST) for the menu_list.
2013-06-02 20:02:50 +00:00

168 lines
5.0 KiB
Bash
Executable File

#!/bin/sh
#-
# Copyright (c) 2012-2013 Devin Teske
# All Rights Reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
#
# $FreeBSD$
#
############################################################ INCLUDES
BSDCFG_SHARE="/usr/share/bsdconfig"
. $BSDCFG_SHARE/common.subr || exit 1
f_dprintf "%s: loading includes..." "$0"
f_include $BSDCFG_SHARE/dialog.subr
f_include $BSDCFG_SHARE/mustberoot.subr
f_include $BSDCFG_SHARE/sysrc.subr
BSDCFG_LIBE="/usr/libexec/bsdconfig" APP_DIR="130.security"
f_include_lang $BSDCFG_LIBE/$APP_DIR/include/messages.subr
SECURELEVEL_HELPFILE=$BSDCFG_LIBE/$APP_DIR/include/securelevel.hlp
ipgm=$( f_index_menusel_keyword $BSDCFG_LIBE/$APP_DIR/INDEX "$pgm" )
[ $? -eq $SUCCESS -a "$ipgm" ] && pgm="$ipgm"
############################################################ FUNCTIONS
# dialog_menu_main
#
# Display the dialog(1)-based application main menu.
#
dialog_menu_main()
{
local prompt="$msg_securelevels_menu_text"
local menu_list="
'$msg_disabled' '$msg_disable_securelevels'
'$msg_secure' '$msg_secure_mode'
'$msg_highly_secure' '$msg_highly_secure_mode'
'$msg_network_secure' '$msg_network_secure_mode'
" # END-QUOTE
local defaultitem= # Calculated below
local hline="$hline_select_securelevel_to_operate_at"
local height width rows
eval f_dialog_menu_size height width rows \
\"\$DIALOG_TITLE\" \
\"\$DIALOG_BACKTITLE\" \
\"\$prompt\" \
\"\$hline\" \
$menu_list
case "$( f_sysrc_get kern_securelevel_enable )" in
[Yy][Ee][Ss]|[Tt][Rr][Uu][Ee]|[Oo][Nn]|1)
case "$( f_sysrc_get kern_securelevel )" in
1) defaultitem="$msg_secure" ;;
2) defaultitem="$msg_highly_secure" ;;
3) defaultitem="$msg_network_secure" ;;
esac ;;
*)
defaultitem="$msg_disabled"
esac
local menu_choice
menu_choice=$( eval $DIALOG \
--title \"\$DIALOG_TITLE\" \
--backtitle \"\$DIALOG_BACKTITLE\" \
--hline \"\$hline\" \
--ok-label \"\$msg_ok\" \
--cancel-label \"\$msg_cancel\" \
--help-button \
--help-label \"\$msg_help\" \
${USE_XDIALOG:+--help \"\"} \
--default-item \"\$defaultitem\" \
--menu \"\$prompt\" \
$height $width $rows \
$menu_list \
2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD
)
local retval=$?
f_dialog_menutag_store -s "$menu_choice"
return $retval
}
############################################################ MAIN
# Incorporate rc-file if it exists
[ -f "$HOME/.bsdconfigrc" ] && f_include "$HOME/.bsdconfigrc"
#
# Process command-line arguments
#
while getopts h$GETOPTS_STDARGS flag; do
case "$flag" in
h|\?) f_usage $BSDCFG_LIBE/$APP_DIR/USAGE "PROGRAM_NAME" "$pgm";;
esac
done
shift $(( $OPTIND - 1 ))
#
# Initialize
#
f_dialog_title "$msg_securelevels_menu_title"
f_dialog_backtitle "${ipgm:+bsdconfig }$pgm"
f_mustberoot_init
#
# Launch application main menu
#
while :; do
dialog_menu_main
retval=$?
f_dialog_menutag_fetch mtag
if [ $retval -eq 2 ]; then
# The Help button was pressed
f_show_help "$SECURELEVEL_HELPFILE"
continue
elif [ $retval -ne 0 ]; then
f_die
fi
break
done
case "$mtag" in
"$msg_disabled")
f_sysrc_set kern_securelevel_enable "NO"
;;
"$msg_secure")
f_sysrc_set kern_securelevel_enable "YES"
f_sysrc_set kern_securelevel "1"
;;
"$msg_highly_secure")
f_sysrc_set kern_securelevel_enable "YES"
f_sysrc_set kern_securelevel "2"
;;
"$msg_network_secure")
f_sysrc_set kern_securelevel_enable "YES"
f_sysrc_set kern_securelevel "3"
;;
esac
exit $SUCCESS
################################################################################
# END
################################################################################