[Pkg-sysvinit-commits] r249 - sysvinit/trunk/src

Thomas Hood jdthood-guest at costa.debian.org
Thu Nov 24 16:02:21 UTC 2005 

Author: jdthood-guest
Date: 2005-11-24 16:02:20 +0000 (Thu, 24 Nov 2005)
New Revision: 249

Modified:
   sysvinit/trunk/src/init.c
Log:
Restore src/init.c man/init.8 to original

Modified: sysvinit/trunk/src/init.c
===================================================================
--- sysvinit/trunk/src/init.c	2005-11-24 15:46:28 UTC (rev 248)
+++ sysvinit/trunk/src/init.c	2005-11-24 16:02:20 UTC (rev 249)
@@ -80,157 +80,6 @@
 			sigaction(sig, &sa, NULL); \
 		} while(0)
 
-
-#ifdef WITH_SELINUX
-#include <sys/mman.h>
-#include <selinux/selinux.h>
-#include <sepol/sepol.h>
-#include <sys/mount.h>
-
-/* Mount point for selinuxfs. */
-#define SELINUXMNT "/selinux/"
-int enforcing = -1;		/* SELinux enforcing mode */
-
-static int load_policy(int *enforce)
-{
-  int fd=-1,ret=-1;
-  int rc=0, orig_enforce;
-  struct stat sb;
-  void *map;
-  char policy_file[PATH_MAX];
-  int policy_version=0;
-  extern char *selinux_mnt;
-  FILE *cfg;
-  char buf[4096];
-  int seconfig = -2;
-
-  selinux_getenforcemode(&seconfig);
-
-  mount("none", "/proc", "proc", 0, 0);
-  cfg = fopen("/proc/cmdline","r");
-  if (cfg) {
-    char *tmp;
-    if (fgets(buf,4096,cfg) && (tmp = strstr(buf,"enforcing="))) {
-      if (tmp == buf || isspace(*(tmp-1))) {
-        enforcing=atoi(tmp+10);
-      }
-    }
-    fclose(cfg);
-  }
-#define MNT_DETACH 2
-  umount2("/proc",MNT_DETACH);
-
-  if (enforcing >=0)
-    *enforce = enforcing;
-  else if (seconfig == 1)
-    *enforce = 1;
-
-  if (mount("none", SELINUXMNT, "selinuxfs", 0, 0) < 0) {
-    if (errno == ENODEV) {
-      printf("SELinux not supported by kernel: %s\n",SELINUXMNT,strerror(errno));
-      *enforce = 0;
-    } else {
-      printf("Failed to mount %s: %s\n",SELINUXMNT,strerror(errno));
-    }
-    return ret;
-  }
-
-  selinux_mnt = SELINUXMNT; /* set manually since we mounted it */
-
-  policy_version=security_policyvers();
-  if (policy_version < 0) {
-    printf( "Can't get policy version: %s\n", strerror(errno));
-    goto UMOUNT;
-  }
-
-  orig_enforce = rc = security_getenforce();
-  if (rc < 0) {
-    printf( "Can't get SELinux enforcement flag: %s\n", strerror(errno));
-    goto UMOUNT;
-  }
-  if (enforcing >= 0) {
-    *enforce = enforcing;
-  } else if (seconfig == -1) {
-    *enforce = 0;
-    rc = security_disable();
-    if (rc == 0) umount(SELINUXMNT);
-    if (rc < 0) {
-      rc = security_setenforce(0);
-      if (rc < 0) {
-        printf("Can't disable SELinux: %s\n", strerror(errno));
-        goto UMOUNT;
-      }
-    }
-    ret = 0;
-    goto UMOUNT;
-  } else if (seconfig >= 0) {
-    *enforce = seconfig;
-    if (orig_enforce != *enforce) {
-      rc = security_setenforce(seconfig);
-      if (rc < 0) {
-        printf("Can't set SELinux enforcement flag: %s\n", strerror(errno));
-        goto UMOUNT;
-      }
-    }
-  }
-
-  snprintf(policy_file,sizeof(policy_file),"%s.%d",selinux_binary_policy_path(),policy_version);
-  fd = open(policy_file, O_RDONLY);
-  if (fd < 0) {
-    /* Check previous version to see if old policy is available
-     */
-    snprintf(policy_file,sizeof(policy_file),"%s.%d",selinux_binary_policy_path(),policy_version-1);
-    fd = open(policy_file, O_RDONLY);
-    if (fd < 0) {
-      printf( "Can't open '%s.%d':  %s\n",
-          selinux_binary_policy_path(),policy_version,strerror(errno));
-      goto UMOUNT;
-    }
-  }
-
-  if (fstat(fd, &sb) < 0) {
-    printf("Can't stat '%s':  %s\n",
-        policy_file, strerror(errno));
-    goto UMOUNT;
-  }
-
-  map = mmap(NULL, sb.st_size, PROT_READ | PROT_WRITE, MAP_PRIVATE, fd, 0);
-  if (map == MAP_FAILED) {
-    printf( "Can't map '%s':  %s\n",
-        policy_file, strerror(errno));
-    goto UMOUNT;
-  }
-
-
-  /* Set booleans based on a booleans configuration file. */
-  ret = sepol_genbools(map, sb.st_size, selinux_booleans_path());
-  if (ret < 0) {
-    if (errno == ENOENT || errno == EINVAL) {
-      /* No booleans file or stale booleans in the file; non-fatal. */
-      printf("Warning!  Error while setting booleans:  %s\n"
-          , strerror(errno));
-    } else {
-      printf("Error while setting booleans:  %s\n",
-          strerror(errno));
-      goto UMOUNT;
-    }
-  }
-  printf("Loading security policy\n");
-  ret=security_load_policy(map, sb.st_size);
-  if (ret < 0) {
-    printf("security_load_policy failed\n");
-  }
-
- UMOUNT:
-  /*umount(SELINUXMNT); */
-  if ( fd >= 0) {
-    close(fd);
-  }
-  return(ret);
-}
-#endif
-
-
 /* Version information */
 char *Version = "@(#) init " VERSION "  " DATE "  miquels at cistron.nl";
 char *bootmsg = "version " VERSION " %s";
@@ -836,14 +685,6 @@
 		return;
 	}
 
-#ifdef __FreeBSD_kernel__
-	/* The kernel of FreeBSD expects userland to set TERM.  Usualy, we want
-	"cons25".  Later, gettys might disagree on this (i.e. we're not using
-	syscons) but some boot scripts, like /etc/init.d/xserver-xorg, still
-	need a non-dumb terminal. */
-	putenv ("TERM=cons25");
-#endif
-
 	(void) tcgetattr(fd, &tty);
 
 	tty.c_cflag &= CBAUD|CBAUDEX|CSIZE|CSTOPB|PARENB|PARODD;
@@ -1125,10 +966,8 @@
   				dup(f);
   				dup(f);
 			}
-			SETSIG(sa, SIGCHLD, SIG_DFL, SA_RESTART);
 			if ((pid = fork()) < 0) {
-  				initlog(L_VB, "cannot fork: %s",
-					strerror(errno));
+  				initlog(L_VB, "cannot fork");
 				exit(1);
 			}
 			if (pid > 0) {
@@ -1139,6 +978,7 @@
 				SETSIG(sa, SIGINT, SIG_IGN, SA_RESTART);
 				SETSIG(sa, SIGTSTP, SIG_IGN, SA_RESTART);
 				SETSIG(sa, SIGQUIT, SIG_IGN, SA_RESTART);
+				SETSIG(sa, SIGCHLD, SIG_DFL, SA_RESTART);
 
 				while ((rc = waitpid(pid, &st, 0)) != pid)
 					if (rc < 0 && errno == ECHILD)
@@ -1157,8 +997,7 @@
 				 *	this with a temporary process.
 				 */
 				if ((pid = fork()) < 0) {
-  					initlog(L_VB, "cannot fork: %s",
-						strerror(errno));
+  					initlog(L_VB, "cannot fork");
 					exit(1);
 				}
 				if (pid == 0) {
@@ -2656,7 +2495,7 @@
  */
 void usage(char *s)
 {
-	fprintf(stderr, "Usage: %s [-e env ] [-t seconds] 0123456SsQqAaBbCcUu\n", s);
+	fprintf(stderr, "Usage: %s 0123456SsQqAaBbCcUu\n", s);
 	exit(1);
 }
 
@@ -2760,7 +2599,6 @@
 	char			*p;
 	int			f;
 	int			isinit;
-	int			enforce = 0;
 
 	/* Get my own name */
 	if ((p = strrchr(argv[0], '/')) != NULL)
@@ -2824,21 +2662,6 @@
 		maxproclen += strlen(argv[f]) + 1;
 	}
 
-#ifdef WITH_SELINUX
-  	if (getenv("SELINUX_INIT") == NULL) {
-	  putenv("SELINUX_INIT=YES");
-	  if (load_policy(&enforce) == 0 ) {
-	    execv(myname, argv);
-	  } else {
-	    if (enforce > 0) {
-	      /* SELinux in enforcing mode but load_policy failed */
-	      /* At this point, we probably can't open /dev/console, so log() won't work */
-		    fprintf(stderr,"Enforcing mode requested but no policy loaded. Halting now.\n");
-	      exit(1);
-	    }
-	  }
-	}
-#endif  
 	/* Start booting. */
 	argv0 = argv[0];
 	argv[1] = NULL;

More information about the Pkg-sysvinit-commits mailing list