rpms / netlabel_tools

Clone
Source Code
GIT

Blame netlabel

f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 fc6 main rawhide
  1.   main
  2.   netlabel
Blob History Raw
e2baec2 
#!/bin/sh
e2baec2 
#
e2baec2 
# netlabel	Start CIPSO labeled networking
e2baec2 
#
e2baec2 
# chkconfig: - 09 91
e2baec2 
# description:	Starts and stops CIPSO labeled networking
e2baec2 
#
e2baec2 
# config: /etc/netlabel.rules
e2baec2 
#
e2baec2 
# Return values according to LSB for all commands but status:
e2baec2 
# 0 - success
e2baec2 
# 1 - generic or unspecified error
e2baec2 
# 2 - invalid or excess argument(s)
e2baec2 
# 3 - unimplemented feature (e.g. "reload")
e2baec2 
# 4 - insufficient privilege
e2baec2 
# 5 - program is not installed
e2baec2 
# 6 - program is not configured
e2baec2 
# 7 - program is not running
e2baec2
e2baec2 
PATH=/sbin:/bin:/usr/bin:/usr/sbin
e2baec2 
VAR_SUBSYS_NETLABEL=/var/lock/subsys/netlabel
e2baec2 
RULES=/etc/netlabel.rules
e2baec2
e2baec2 
# Source function library.
e2baec2 
. /etc/init.d/functions
e2baec2
e2baec2 
# Check that we are root ... so non-root users stop here
e2baec2 
test `id -u` = 0  || exit 4
e2baec2 
test -x /sbin/netlabelctl || exit 5
e2baec2 
test -f $RULES || exit 6
e2baec2
e2baec2 
start() {
e2baec2 
    ret_val="0"
e2baec2
e2baec2 
    # Loop through rules
e2baec2 
    while read LINE
e2baec2 
    do
e2baec2 
	# Skip comments and blank lines
e2baec2 
	if echo $LINE | egrep '^#|^$' >/dev/null ; then
e2baec2 
		continue
e2baec2 
	fi
e2baec2 
	/sbin/netlabelctl $LINE >/dev/null 2>&1
e2baec2 
	ret="$?"
e2baec2 
	if [ "$ret" != "0" ] ; then
e2baec2 
		ret_val="$ret"
e2baec2 
	fi
e2baec2 
    done < $RULES
e2baec2 
    touch $VAR_SUBSYS_NETLABEL
e2baec2 
    return $ret_val
e2baec2 
}
e2baec2
e2baec2 
stop() {
e2baec2 
    rm -f $VAR_SUBSYS_NETLABEL
e2baec2
e2baec2 
    # Delete rules
e2baec2 
    list=`/sbin/netlabelctl cipsov4 list 2>/dev/null`
e2baec2 
    ret="$?"
e2baec2 
    if [ x"$list" != "x" ] ; then
e2baec2 
	for line in "$list"
e2baec2 
	do
e2baec2 
		/sbin/netlabelctl cipsov4 del "doi:$line" 2>/dev/null
e2baec2 
    		ret="$?"
e2baec2 
	done
e2baec2 
    fi
e2baec2 
    return $ret
e2baec2 
}
e2baec2
e2baec2 
status() {
e2baec2 
    # Do not print status if lockfile is missing
e2baec2 
    if [ ! -f "$VAR_SUBSYS_NETLABEL" ]; then
e2baec2 
	echo $"Netlabel is stopped."
fd6a785 
	return 3
e2baec2 
    fi
e2baec2
e2baec2 
    # List rules
e2baec2 
    /sbin/netlabelctl -p cipsov4 list 2>/dev/null
e2baec2 
    ret1="$?"
86cb1e8 
    /sbin/netlabelctl -p mgmt protocols 2>/dev/null
e2baec2 
    ret2="$?"
e2baec2
e2baec2 
    if [ "$ret1" != "0" -o "$ret2" != "0" ] ; then
fd6a785 
	return 2
e2baec2 
    fi
e2baec2 
    return 0
e2baec2 
}
e2baec2
e2baec2 
restart() {
e2baec2 
    stop
e2baec2 
    start
e2baec2 
}
e2baec2
e2baec2 
case "$1" in
e2baec2 
    start)
e2baec2 
	stop
e2baec2 
	start
e2baec2 
	RETVAL="$?"
e2baec2 
	;;
e2baec2 
    stop)
e2baec2 
	stop
e2baec2 
	RETVAL="$?"
e2baec2 
	;;
e2baec2 
    restart)
e2baec2 
	restart
e2baec2 
	RETVAL="$?"
e2baec2 
	;;
e2baec2 
    condrestart)
e2baec2 
	[ -e "$VAR_SUBSYS_NETLABEL" ] && restart
e2baec2 
	;;
e2baec2 
    status)
e2baec2 
	status
e2baec2 
	RETVAL="$?"
e2baec2 
	;;
e2baec2 
    *)
e2baec2 
	echo $"Usage: $0 {start|stop|restart|condrestart|status}"
e2baec2 
	exit 3
e2baec2 
	;;
e2baec2 
esac
e2baec2
e2baec2 
exit $RETVAL
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.