1238438Sdteske#!/bin/sh 2238438Sdteske#- 3249746Sdteske# Copyright (c) 2012-2013 Devin Teske 4252980Sdteske# All rights reserved. 5238438Sdteske# 6238438Sdteske# Redistribution and use in source and binary forms, with or without 7238438Sdteske# modification, are permitted provided that the following conditions 8238438Sdteske# are met: 9238438Sdteske# 1. Redistributions of source code must retain the above copyright 10238438Sdteske# notice, this list of conditions and the following disclaimer. 11238438Sdteske# 2. Redistributions in binary form must reproduce the above copyright 12238438Sdteske# notice, this list of conditions and the following disclaimer in the 13238438Sdteske# documentation and/or other materials provided with the distribution. 14238438Sdteske# 15238438Sdteske# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 16252987Sdteske# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 17238438Sdteske# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 18238438Sdteske# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 19238438Sdteske# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 20252987Sdteske# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 21238438Sdteske# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22238438Sdteske# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 23238438Sdteske# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 24238438Sdteske# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 25238438Sdteske# SUCH DAMAGE. 26238438Sdteske# 27238438Sdteske# $FreeBSD$ 28238438Sdteske# 29238438Sdteske############################################################ INCLUDES 30238438Sdteske 31240684SdteskeBSDCFG_SHARE="/usr/share/bsdconfig" 32240684Sdteske. $BSDCFG_SHARE/common.subr || exit 1 33244675Sdteskef_dprintf "%s: loading includes..." "$0" 34240684Sdteskef_include $BSDCFG_SHARE/dialog.subr 35240684Sdteskef_include $BSDCFG_SHARE/mustberoot.subr 36240684Sdteskef_include $BSDCFG_SHARE/sysrc.subr 37238438Sdteske 38240684SdteskeBSDCFG_LIBE="/usr/libexec/bsdconfig" APP_DIR="130.security" 39238438Sdteskef_include_lang $BSDCFG_LIBE/$APP_DIR/include/messages.subr 40238438Sdteske 41260678Sdteskef_index_menusel_keyword $BSDCFG_LIBE/$APP_DIR/INDEX "$pgm" ipgm && 42260678Sdteske pgm="${ipgm:-$pgm}" 43238438Sdteske 44238438Sdteske############################################################ FUNCTIONS 45238438Sdteske 46238438Sdteske# dialog_menu_main 47238438Sdteske# 48238438Sdteske# Display the dialog(1)-based application main menu. 49238438Sdteske# 50238438Sdteskedialog_menu_main() 51238438Sdteske{ 52251264Sdteske local prompt="$msg_menu_text" 53251264Sdteske local menu_list=" 54251540Sdteske 'X $msg_exit' '$msg_exit_this_menu' 55251264Sdteske " # END-QUOTE 56251264Sdteske local defaultitem= # Calculated below 57238438Sdteske local hline="$hline_arrows_tab_enter" 58238438Sdteske 59249751Sdteske # Obtain default-item (adjusted below for dynamic tags) 60251244Sdteske f_dialog_default_fetch defaultitem 61249751Sdteske local ditem="${defaultitem%%[$IFS]*}" 62249751Sdteske 63249751Sdteske # 64249751Sdteske # Add dynamically tagged entry for kern_securelevels 65249751Sdteske # 66251264Sdteske local mark=" " 67238438Sdteske case "$( f_sysrc_get kern_securelevel_enable )" in 68238438Sdteske [Yy][Ee][Ss]) 69238438Sdteske local kern_securelevel="$( f_sysrc_get kern_securelevel )" 70238438Sdteske if [ ${#kern_securelevel} -eq 1 ] && 71249751Sdteske f_isinteger "$kern_securelevel" && 72249751Sdteske [ $kern_securelevel -lt 9 ] 73249751Sdteske then 74249751Sdteske mark="$kern_securelevel" 75249751Sdteske else 76249751Sdteske mark="X" 77249751Sdteske fi ;; 78249751Sdteske *) 79249751Sdteske mark=" " 80238438Sdteske esac 81249751Sdteske menu_list="$menu_list 82249751Sdteske '2 [$mark] $msg_securelevel' '$msg_securelevel_desc'" 83238438Sdteske 84249751Sdteske # Update default-item if appropriate 85249751Sdteske [ "$ditem" = 2 ] && defaultitem="2 [$mark] $msg_securelevel" 86249751Sdteske 87249751Sdteske # 88249751Sdteske # Add dynamically tagged entry for nfs_reserved_port_only 89249751Sdteske # 90238438Sdteske case "$( f_sysrc_get nfs_reserved_port_only )" in 91249751Sdteske [Yy][Ee][Ss]) mark="X" ;; 92249751Sdteske *) mark=" " ;; 93238438Sdteske esac 94249751Sdteske menu_list="$menu_list 95249751Sdteske '3 [$mark] $msg_nfs_port' '$msg_nfs_port_desc'" 96238438Sdteske 97249751Sdteske # Update default-item if appropriate 98249751Sdteske [ "$ditem" = 3 ] && defaultitem="3 [$mark] $msg_nfs_port" 99249751Sdteske 100251190Sdteske local height width rows 101251190Sdteske eval f_dialog_menu_size height width rows \ 102251190Sdteske \"\$DIALOG_TITLE\" \ 103251190Sdteske \"\$DIALOG_BACKTITLE\" \ 104251190Sdteske \"\$prompt\" \ 105251190Sdteske \"\$hline\" \ 106251190Sdteske $menu_list 107238438Sdteske 108251236Sdteske local menu_choice 109251236Sdteske menu_choice=$( eval $DIALOG \ 110249751Sdteske --title \"\$DIALOG_TITLE\" \ 111238438Sdteske --backtitle \"\$DIALOG_BACKTITLE\" \ 112238438Sdteske --hline \"\$hline\" \ 113238438Sdteske --ok-label \"\$msg_ok\" \ 114238438Sdteske --cancel-label \"\$msg_cancel\" \ 115249751Sdteske --default-item \"\$defaultitem\" \ 116251190Sdteske --menu \"\$prompt\" \ 117251190Sdteske $height $width $rows \ 118238438Sdteske $menu_list \ 119240768Sdteske 2>&1 >&$DIALOG_TERMINAL_PASSTHRU_FD 120240768Sdteske ) 121240768Sdteske local retval=$? 122251236Sdteske f_dialog_data_sanitize menu_choice 123251236Sdteske f_dialog_menutag_store "$menu_choice" 124249751Sdteske 125249751Sdteske # Only update default-item on success 126256181Sdteske [ $retval -eq $DIALOG_OK ] && f_dialog_default_store "$menu_choice" 127249751Sdteske 128240768Sdteske return $retval 129238438Sdteske} 130238438Sdteske 131238438Sdteske############################################################ MAIN 132238438Sdteske 133238438Sdteske# Incorporate rc-file if it exists 134238438Sdteske[ -f "$HOME/.bsdconfigrc" ] && f_include "$HOME/.bsdconfigrc" 135238438Sdteske 136238438Sdteske# 137238438Sdteske# Process command-line arguments 138238438Sdteske# 139250633Sdteskewhile getopts h$GETOPTS_STDARGS flag; do 140238438Sdteske case "$flag" in 141252178Sdteske h|\?) f_usage $BSDCFG_LIBE/$APP_DIR/USAGE "PROGRAM_NAME" "$pgm" ;; 142238438Sdteske esac 143238438Sdteskedone 144238438Sdteskeshift $(( $OPTIND - 1 )) 145238438Sdteske 146238438Sdteske# 147238438Sdteske# Initialize 148238438Sdteske# 149238438Sdteskef_dialog_title "$msg_system_security_options_menu" 150238438Sdteskef_dialog_backtitle "${ipgm:+bsdconfig }$pgm" 151238438Sdteskef_mustberoot_init 152238438Sdteske 153238438Sdteske# 154251933Sdteske# Launch application main menu (loop for menu update after selection) 155238438Sdteske# 156238438Sdteskewhile :; do 157251236Sdteske dialog_menu_main || f_die 158251236Sdteske f_dialog_menutag_fetch mtag 159238438Sdteske 160238438Sdteske case "$mtag" in 161251540Sdteske "X $msg_exit") break ;; 162238438Sdteske "2 ["?"] $msg_securelevel") # Configure securelevels for the system 163238438Sdteske $BSDCFG_LIBE/$APP_DIR/kern_securelevel ${USE_XDIALOG:+-X} ;; 164238438Sdteske "3 [X] $msg_nfs_port") # Require that NFS clients use reserved ports 165260678Sdteske f_eval_catch "$0" f_sysrc_set \ 166260678Sdteske 'f_sysrc_set nfs_reserved_port_only NO' ;; 167238438Sdteske "3 [ ] $msg_nfs_port") # Same; Toggle value 168260678Sdteske f_eval_catch "$0" f_sysrc_set \ 169260678Sdteske 'f_sysrc_set nfs_reserved_port_only YES' ;; 170252017Sdteske *) 171252017Sdteske f_die 1 "$msg_unknown_security_menu_selection" 172238438Sdteske esac 173238438Sdteskedone 174238438Sdteske 175238438Sdteskeexit $SUCCESS 176238438Sdteske 177238438Sdteske################################################################################ 178238438Sdteske# END 179238438Sdteske################################################################################ 180