diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2006-04-22 15:48:07 +0000 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2006-04-22 15:48:07 +0000 |
| commit | 1a816b9550055a8aa902785a095c99cc8ada4ec2 (patch) | |
| tree | d4b3b206f888ed19833c0c96617163c03bb9c7f5 /policy-rc.d | |
| parent | 467c4a7c279f801c7bd93bd555b4f7502cd0dcdc (diff) | |
New policy.d script, usable by policyrcd-script-zg2, to suppress anything if invoked within chroot.
Diffstat (limited to 'policy-rc.d')
| -rwxr-xr-x | policy-rc.d | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/policy-rc.d b/policy-rc.d new file mode 100755 index 0000000..f941daf --- /dev/null +++ b/policy-rc.d @@ -0,0 +1,65 @@ +#!/bin/sh + +# $Id: policy-rc.d,v 1.1 2006-04-22 15:48:07 jonas Exp $ +# +# Copyright © 2006 Jonas Smedegaard <dr@jones.dk> +# Description: Suppress system V scripts if invoked within a chroot. +# +# This program is free software; you can redistribute it and/or +# modify it under the terms of the GNU General Public License as +# published by the Free Software Foundation; either version 2, or (at +# your option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. + +# Policy-rc.d is mentioned in manpage invoke-rc.d(8) and documented at +# http://people.debian.org/~hmh/invokerc.d-policyrc.d-specification.txt + +set -e + +PRG=`basename $0` + +TEMP=`getopt -s sh --long list,quiet -n "$PRG" -- "$@"` +if [ $? != 0 ] ; then echo "Terminating..." >&2 ; exit 1 ; fi +eval set -- "$TEMP" + +quiet="" +list="" +while true ; do + case "$1" in + --quiet) quiet="1" ; shift ;; + --list) list="1" ; shift ;; + --) shift ; break ;; + *) echo "Internal error!" ; exit 1 ;; + esac +done +initscript="$1" +actions="$2" +runlevel="$3" + +if [ "$list" ]; then + cat <<EOF +The following policies are known to this policy daemon: + + default: All actions are allowed. + chroot: If invoked from within a chroot environment, + no actions are allowed, else all are allowed. + +This policy daemon care not about actions, so all standard actions +(start, [force-]stop, restart, [force-]reload and status), and any +additionally implemented ones, are supported. +EOF + exit 0 +fi + +if [ -r /proc/1/root ]; then + if ! [ "$quiet" ]; then + echo >2 "Chroot environment detected, suppressing sysV script." + fi + exit 101 +fi + +exit 0 |