CVS commit: src/sbin/init

Tue, 29 Dec 2009 09:07:20 -0800 

Module Name:    src
Committed By:   elad
Date:           Tue Dec 29 17:07:17 UTC 2009

Modified Files:
        src/sbin/init: init.c

Log Message:
Keep an internal variable indicating whether securelevel is present, and
don't blindly try to get/set it. Prevents error messages that don't make
sense if securelevel isn't supported by the kernel.


To generate a diff of this commit:
cvs rdiff -u -r1.99 -r1.100 src/sbin/init/init.c

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/sbin/init/init.c
diff -u src/sbin/init/init.c:1.99 src/sbin/init/init.c:1.100
--- src/sbin/init/init.c:1.99	Sun Nov 22 18:40:26 2009
+++ src/sbin/init/init.c	Tue Dec 29 17:07:17 2009
@@ -1,4 +1,4 @@
-/*	$NetBSD: init.c,v 1.99 2009/11/22 18:40:26 mbalmer Exp $	*/
+/*	$NetBSD: init.c,v 1.100 2009/12/29 17:07:17 elad Exp $	*/
 
 /*-
  * Copyright (c) 1991, 1993
@@ -42,7 +42,7 @@
 #if 0
 static char sccsid[] = "@(#)init.c	8.2 (Berkeley) 4/28/95";
 #else
-__RCSID("$NetBSD: init.c,v 1.99 2009/11/22 18:40:26 mbalmer Exp $");
+__RCSID("$NetBSD: init.c,v 1.100 2009/12/29 17:07:17 elad Exp $");
 #endif
 #endif /* not lint */
 
@@ -170,8 +170,10 @@
 pid_t start_getty(session_t *);
 void transition_handler(int);
 void alrm_handler(int);
+int has_securelevel(void);
 void setsecuritylevel(int);
 int getsecuritylevel(void);
+int securelevel_present;
 int setupargv(session_t *, struct ttyent *);
 int clang;
 
@@ -325,6 +327,13 @@
 #endif /* !LETS_GET_SMALL && CHROOT*/
 
 	/*
+	 * Securelevel might not be supported by the kernel. Query for it, and
+	 * set a variable indicating whether we should attempt anything with it
+	 * or not.
+	 */
+	securelevel_present = has_securelevel();
+
+	/*
 	 * Start the state machine.
 	 */
 	transition(requested_transition);
@@ -481,6 +490,30 @@
 }
 
 /*
+ * Check if securelevel is present.
+ */
+int
+has_securelevel(void)
+{
+#ifdef KERN_SECURELVL
+	int name[2], curlevel;
+	size_t len;
+
+	name[0] = CTL_KERN;
+	name[1] = KERN_SECURELVL;
+	len = sizeof curlevel;
+	if (sysctl(name, 2, &curlevel, &len, NULL, 0) == -1) {
+		/* If it doesn't exist, it's okay. */
+		if (errno == ENOENT) 
+			return 0;
+	}
+	return 1;
+#else
+	return 0;
+#endif
+}
+
+/*
  * Get the security level of the kernel.
  */
 int
@@ -490,6 +523,9 @@
 	int name[2], curlevel;
 	size_t len;
 
+	if (!securelevel_present)
+		return -1;
+
 	name[0] = CTL_KERN;
 	name[1] = KERN_SECURELVL;
 	len = sizeof curlevel;
@@ -512,6 +548,9 @@
 #ifdef KERN_SECURELVL
 	int name[2], curlevel;
 
+	if (!securelevel_present)
+		return;
+
 	curlevel = getsecuritylevel();
 	if (newlevel == curlevel)
 		return;

Reply via email to