[Pkg-sysvinit-commits] r249 - sysvinit/trunk/src
Thomas Hood
jdthood-guest at costa.debian.org
Thu Nov 24 16:02:21 UTC 2005
Author: jdthood-guest
Date: 2005-11-24 16:02:20 +0000 (Thu, 24 Nov 2005)
New Revision: 249
Modified:
sysvinit/trunk/src/init.c
Log:
Restore src/init.c man/init.8 to original
Modified: sysvinit/trunk/src/init.c
===================================================================
--- sysvinit/trunk/src/init.c 2005-11-24 15:46:28 UTC (rev 248)
+++ sysvinit/trunk/src/init.c 2005-11-24 16:02:20 UTC (rev 249)
@@ -80,157 +80,6 @@
sigaction(sig, &sa, NULL); \
} while(0)
-
-#ifdef WITH_SELINUX
-#include <sys/mman.h>
-#include <selinux/selinux.h>
-#include <sepol/sepol.h>
-#include <sys/mount.h>
-
-/* Mount point for selinuxfs. */
-#define SELINUXMNT "/selinux/"
-int enforcing = -1; /* SELinux enforcing mode */
-
-static int load_policy(int *enforce)
-{
- int fd=-1,ret=-1;
- int rc=0, orig_enforce;
- struct stat sb;
- void *map;
- char policy_file[PATH_MAX];
- int policy_version=0;
- extern char *selinux_mnt;
- FILE *cfg;
- char buf[4096];
- int seconfig = -2;
-
- selinux_getenforcemode(&seconfig);
-
- mount("none", "/proc", "proc", 0, 0);
- cfg = fopen("/proc/cmdline","r");
- if (cfg) {
- char *tmp;
- if (fgets(buf,4096,cfg) && (tmp = strstr(buf,"enforcing="))) {
- if (tmp == buf || isspace(*(tmp-1))) {
- enforcing=atoi(tmp+10);
- }
- }
- fclose(cfg);
- }
-#define MNT_DETACH 2
- umount2("/proc",MNT_DETACH);
-
- if (enforcing >=0)
- *enforce = enforcing;
- else if (seconfig == 1)
- *enforce = 1;
-
- if (mount("none", SELINUXMNT, "selinuxfs", 0, 0) < 0) {
- if (errno == ENODEV) {
- printf("SELinux not supported by kernel: %s\n",SELINUXMNT,strerror(errno));
- *enforce = 0;
- } else {
- printf("Failed to mount %s: %s\n",SELINUXMNT,strerror(errno));
- }
- return ret;
- }
-
- selinux_mnt = SELINUXMNT; /* set manually since we mounted it */
-
- policy_version=security_policyvers();
- if (policy_version < 0) {
- printf( "Can't get policy version: %s\n", strerror(errno));
- goto UMOUNT;
- }
-
- orig_enforce = rc = security_getenforce();
- if (rc < 0) {
- printf( "Can't get SELinux enforcement flag: %s\n", strerror(errno));
- goto UMOUNT;
- }
- if (enforcing >= 0) {
- *enforce = enforcing;
- } else if (seconfig == -1) {
- *enforce = 0;
- rc = security_disable();
- if (rc == 0) umount(SELINUXMNT);
- if (rc < 0) {
- rc = security_setenforce(0);
- if (rc < 0) {
- printf("Can't disable SELinux: %s\n", strerror(errno));
- goto UMOUNT;
- }
- }
- ret = 0;
- goto UMOUNT;
- } else if (seconfig >= 0) {
- *enforce = seconfig;
- if (orig_enforce != *enforce) {
- rc = security_setenforce(seconfig);
- if (rc < 0) {
- printf("Can't set SELinux enforcement flag: %s\n", strerror(errno));
- goto UMOUNT;
- }
- }
- }
-
- snprintf(policy_file,sizeof(policy_file),"%s.%d",selinux_binary_policy_path(),policy_version);
- fd = open(policy_file, O_RDONLY);
- if (fd < 0) {
- /* Check previous version to see if old policy is available
- */
- snprintf(policy_file,sizeof(policy_file),"%s.%d",selinux_binary_policy_path(),policy_version-1);
- fd = open(policy_file, O_RDONLY);
- if (fd < 0) {
- printf( "Can't open '%s.%d': %s\n",
- selinux_binary_policy_path(),policy_version,strerror(errno));
- goto UMOUNT;
- }
- }
-
- if (fstat(fd, &sb) < 0) {
- printf("Can't stat '%s': %s\n",
- policy_file, strerror(errno));
- goto UMOUNT;
- }
-
- map = mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
- if (map == MAP_FAILED) {
- printf( "Can't map '%s': %s\n",
- policy_file, strerror(errno));
- goto UMOUNT;
- }
-
-
- /* Set booleans based on a booleans configuration file. */
- ret = sepol_genbools(map, sb.st_size, selinux_booleans_path());
- if (ret < 0) {
- if (errno == ENOENT || errno == EINVAL) {
- /* No booleans file or stale booleans in the file; non-fatal. */
- printf("Warning! Error while setting booleans: %s\n"
- , strerror(errno));
- } else {
- printf("Error while setting booleans: %s\n",
- strerror(errno));
- goto UMOUNT;
- }
- }
- printf("Loading security policy\n");
- ret=security_load_policy(map, sb.st_size);
- if (ret < 0) {
- printf("security_load_policy failed\n");
- }
-
- UMOUNT:
- /*umount(SELINUXMNT); */
- if ( fd >= 0) {
- close(fd);
- }
- return(ret);
-}
-#endif
-
-
/* Version information */
char *Version = "@(#) init " VERSION " " DATE " miquels at cistron.nl";
char *bootmsg = "version " VERSION " %s";
@@ -836,14 +685,6 @@
return;
}
-#ifdef __FreeBSD_kernel__
- /* The kernel of FreeBSD expects userland to set TERM. Usualy, we want
- "cons25". Later, gettys might disagree on this (i.e. we're not using
- syscons) but some boot scripts, like /etc/init.d/xserver-xorg, still
- need a non-dumb terminal. */
- putenv ("TERM=cons25");
-#endif
-
(void) tcgetattr(fd, &tty);
tty.c_cflag &= CBAUD|CBAUDEX|CSIZE|CSTOPB|PARENB|PARODD;
@@ -1125,10 +966,8 @@
dup(f);
dup(f);
}
- SETSIG(sa, SIGCHLD, SIG_DFL, SA_RESTART);
if ((pid = fork()) < 0) {
- initlog(L_VB, "cannot fork: %s",
- strerror(errno));
+ initlog(L_VB, "cannot fork");
exit(1);
}
if (pid > 0) {
@@ -1139,6 +978,7 @@
SETSIG(sa, SIGINT, SIG_IGN, SA_RESTART);
SETSIG(sa, SIGTSTP, SIG_IGN, SA_RESTART);
SETSIG(sa, SIGQUIT, SIG_IGN, SA_RESTART);
+ SETSIG(sa, SIGCHLD, SIG_DFL, SA_RESTART);
while ((rc = waitpid(pid, &st, 0)) != pid)
if (rc < 0 && errno == ECHILD)
@@ -1157,8 +997,7 @@
* this with a temporary process.
*/
if ((pid = fork()) < 0) {
- initlog(L_VB, "cannot fork: %s",
- strerror(errno));
+ initlog(L_VB, "cannot fork");
exit(1);
}
if (pid == 0) {
@@ -2656,7 +2495,7 @@
*/
void usage(char *s)
{
- fprintf(stderr, "Usage: %s [-e env ] [-t seconds] 0123456SsQqAaBbCcUu\n", s);
+ fprintf(stderr, "Usage: %s 0123456SsQqAaBbCcUu\n", s);
exit(1);
}
@@ -2760,7 +2599,6 @@
char *p;
int f;
int isinit;
- int enforce = 0;
/* Get my own name */
if ((p = strrchr(argv[0], '/')) != NULL)
@@ -2824,21 +2662,6 @@
maxproclen += strlen(argv[f]) + 1;
}
-#ifdef WITH_SELINUX
- if (getenv("SELINUX_INIT") == NULL) {
- putenv("SELINUX_INIT=YES");
- if (load_policy(&enforce) == 0 ) {
- execv(myname, argv);
- } else {
- if (enforce > 0) {
- /* SELinux in enforcing mode but load_policy failed */
- /* At this point, we probably can't open /dev/console, so log() won't work */
- fprintf(stderr,"Enforcing mode requested but no policy loaded. Halting now.\n");
- exit(1);
- }
- }
- }
-#endif
/* Start booting. */
argv0 = argv[0];
argv[1] = NULL;
More information about the Pkg-sysvinit-commits
mailing list