head	1.8;
access;
symbols
	RELENG_8_4:1.8.0.2
	RELENG_9_1_0_RELEASE:1.7.4.1.4.2
	RELENG_9_1:1.7.4.1.0.4
	RELENG_9_1_BP:1.7.4.1
	RELENG_8_3_0_RELEASE:1.7.2.1.8.1
	RELENG_8_3:1.7.2.1.0.8
	RELENG_8_3_BP:1.7.2.1
	RELENG_9_0_0_RELEASE:1.7.4.1.2.1
	RELENG_9_0:1.7.4.1.0.2
	RELENG_9_0_BP:1.7.4.1
	RELENG_9:1.7.0.4
	RELENG_9_BP:1.7
	RELENG_7_4_0_RELEASE:1.5.2.2.6.1
	RELENG_8_2_0_RELEASE:1.7.2.1.6.1
	RELENG_7_4:1.5.2.2.0.6
	RELENG_7_4_BP:1.5.2.2
	RELENG_8_2:1.7.2.1.0.6
	RELENG_8_2_BP:1.7.2.1
	RELENG_8_1_0_RELEASE:1.7.2.1.4.1
	RELENG_8_1:1.7.2.1.0.4
	RELENG_8_1_BP:1.7.2.1
	RELENG_7_3_0_RELEASE:1.5.2.2.4.1
	RELENG_7_3:1.5.2.2.0.4
	RELENG_7_3_BP:1.5.2.2
	RELENG_8_0_0_RELEASE:1.7.2.1.2.1
	RELENG_8_0:1.7.2.1.0.2
	RELENG_8_0_BP:1.7.2.1
	RELENG_8:1.7.0.2
	RELENG_8_BP:1.7
	RELENG_7_2_0_RELEASE:1.5.2.2.2.1
	RELENG_7_2:1.5.2.2.0.2
	RELENG_7_2_BP:1.5.2.2
	RELENG_7_1_0_RELEASE:1.5.2.1.2.1
	RELENG_6_4_0_RELEASE:1.3.2.2.2.1
	RELENG_7_1:1.5.2.1.0.2
	RELENG_7_1_BP:1.5.2.1
	RELENG_6_4:1.3.2.2.0.2
	RELENG_6_4_BP:1.3.2.2
	RELENG_7_0_0_RELEASE:1.5.4.1
	RELENG_6_3_0_RELEASE:1.3.2.1
	RELENG_7_0:1.5.0.4
	RELENG_7_0_BP:1.5
	RELENG_6_3:1.3.2.1.0.6
	RELENG_6_3_BP:1.3.2.1
	RELENG_7:1.5.0.2
	RELENG_7_BP:1.5
	RELENG_6_2_0_RELEASE:1.3.2.1
	RELENG_6_2:1.3.2.1.0.4
	RELENG_6_2_BP:1.3.2.1
	RELENG_5_5_0_RELEASE:1.1.2.1
	RELENG_5_5:1.1.2.1.0.6
	RELENG_5_5_BP:1.1.2.1
	RELENG_6_1_0_RELEASE:1.3.2.1
	RELENG_6_1:1.3.2.1.0.2
	RELENG_6_1_BP:1.3.2.1
	RELENG_6_0_0_RELEASE:1.3
	RELENG_6_0:1.3.0.4
	RELENG_6_0_BP:1.3
	RELENG_6:1.3.0.2
	RELENG_6_BP:1.3
	RELENG_5_4_0_RELEASE:1.1.2.1
	RELENG_5_4:1.1.2.1.0.4
	RELENG_5_4_BP:1.1.2.1
	RELENG_5_3_0_RELEASE:1.1.2.1
	RELENG_5_3:1.1.2.1.0.2
	RELENG_5_3_BP:1.1.2.1
	RELENG_5:1.1.0.2;
locks; strict;
comment	@# @;


1.8
date	2012.11.17.01.49.06;	author svnexp;	state Exp;
branches
	1.8.2.1;
next	1.7;

1.7
date	2008.07.16.19.50.29;	author dougb;	state Exp;
branches
	1.7.2.1
	1.7.4.1;
next	1.6;

1.6
date	2007.12.08.22.26.30;	author dougb;	state Exp;
branches;
next	1.5;

1.5
date	2006.12.31.10.37.18;	author yar;	state Exp;
branches
	1.5.2.1
	1.5.4.1;
next	1.4;

1.4
date	2005.10.02.07.03.00;	author maxim;	state Exp;
branches;
next	1.3;

1.3
date	2005.04.02.00.01.03;	author trhodes;	state Exp;
branches
	1.3.2.1;
next	1.2;

1.2
date	2004.10.14.04.37.57;	author trhodes;	state Exp;
branches;
next	1.1;

1.1
date	2004.09.29.00.12.28;	author trhodes;	state Exp;
branches
	1.1.2.1;
next	;

1.8.2.1
date	2012.11.17.01.49.06;	author svnexp;	state dead;
branches;
next	1.8.2.2;

1.8.2.2
date	2013.03.28.13.02.44;	author svnexp;	state Exp;
branches;
next	;

1.7.2.1
date	2009.08.03.08.13.06;	author kensmith;	state Exp;
branches
	1.7.2.1.2.1
	1.7.2.1.4.1
	1.7.2.1.6.1
	1.7.2.1.8.1;
next	1.7.2.2;

1.7.2.2
date	2012.11.17.10.35.57;	author svnexp;	state Exp;
branches;
next	;

1.7.2.1.2.1
date	2009.10.25.01.10.29;	author kensmith;	state Exp;
branches;
next	;

1.7.2.1.4.1
date	2010.06.14.02.09.06;	author kensmith;	state Exp;
branches;
next	;

1.7.2.1.6.1
date	2010.12.21.17.09.25;	author kensmith;	state Exp;
branches;
next	;

1.7.2.1.8.1
date	2012.03.03.06.15.13;	author kensmith;	state Exp;
branches;
next	1.7.2.1.8.2;

1.7.2.1.8.2
date	2012.11.17.08.24.38;	author svnexp;	state Exp;
branches;
next	;

1.7.4.1
date	2011.09.23.00.51.37;	author kensmith;	state Exp;
branches
	1.7.4.1.2.1
	1.7.4.1.4.1;
next	1.7.4.2;

1.7.4.2
date	2012.11.17.11.36.11;	author svnexp;	state Exp;
branches;
next	;

1.7.4.1.2.1
date	2011.11.11.04.20.22;	author kensmith;	state Exp;
branches;
next	1.7.4.1.2.2;

1.7.4.1.2.2
date	2012.11.17.08.36.11;	author svnexp;	state Exp;
branches;
next	;

1.7.4.1.4.1
date	2012.08.05.23.54.33;	author kensmith;	state Exp;
branches;
next	1.7.4.1.4.2;

1.7.4.1.4.2
date	2012.11.17.08.47.01;	author svnexp;	state Exp;
branches;
next	;

1.5.2.1
date	2008.01.28.07.55.44;	author dougb;	state Exp;
branches
	1.5.2.1.2.1;
next	1.5.2.2;

1.5.2.2
date	2009.03.24.02.48.54;	author dougb;	state Exp;
branches
	1.5.2.2.2.1
	1.5.2.2.4.1
	1.5.2.2.6.1;
next	1.5.2.3;

1.5.2.3
date	2012.11.17.08.01.23;	author svnexp;	state Exp;
branches;
next	;

1.5.2.1.2.1
date	2008.11.25.02.59.29;	author kensmith;	state Exp;
branches;
next	;

1.5.2.2.2.1
date	2009.04.15.03.14.26;	author kensmith;	state Exp;
branches;
next	;

1.5.2.2.4.1
date	2010.02.10.00.26.20;	author kensmith;	state Exp;
branches;
next	;

1.5.2.2.6.1
date	2010.12.21.17.10.29;	author kensmith;	state Exp;
branches;
next	1.5.2.2.6.2;

1.5.2.2.6.2
date	2012.11.17.08.16.37;	author svnexp;	state Exp;
branches;
next	;

1.5.4.1
date	2008.01.28.07.58.32;	author dougb;	state Exp;
branches;
next	;

1.3.2.1
date	2005.11.04.18.18.20;	author maxim;	state Exp;
branches;
next	1.3.2.2;

1.3.2.2
date	2008.01.28.08.22.33;	author dougb;	state Exp;
branches
	1.3.2.2.2.1;
next	1.3.2.3;

1.3.2.3
date	2012.11.17.07.39.09;	author svnexp;	state Exp;
branches;
next	;

1.3.2.2.2.1
date	2008.10.02.02.57.24;	author kensmith;	state Exp;
branches;
next	;

1.1.2.1
date	2004.10.14.04.36.15;	author trhodes;	state Exp;
branches;
next	;


desc
@@


1.8
log
@Switching exporter and resync
@
text
@#!/bin/sh
#
# $FreeBSD: head/etc/rc.d/ugidfw 180564 2008-07-16 19:50:29Z dougb $

# PROVIDE: ugidfw
# BEFORE: LOGIN
# KEYWORD: nojail shutdown

. /etc/rc.subr

name="ugidfw"
rcvar="ugidfw_enable"
start_cmd="ugidfw_start"
stop_cmd="ugidfw_stop"
required_modules="mac_bsdextended"

ugidfw_load()
{
	if [ -r "${bsdextended_script}" ]; then
		. "${bsdextended_script}"
	fi
}

ugidfw_start()
{
	[ -z "${bsdextended_script}" ] && bsdextended_script=/etc/rc.bsdextended

	if [ -r "${bsdextended_script}" ]; then
		ugidfw_load
		echo "MAC bsdextended rules loaded."
	fi
}

ugidfw_stop()
{
	# Disable the policy
	#
	kldunload mac_bsdextended
}

load_rc_config $name
run_rc_command "$1"
@


1.8.2.1
log
@file ugidfw was added on branch RELENG_8_4 on 2013-03-28 13:02:44 +0000
@
text
@d1 42
@


1.8.2.2
log
@## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/248810
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
@
text
@a0 42
#!/bin/sh
#
# $FreeBSD: releng/8.4/etc/rc.d/ugidfw 180564 2008-07-16 19:50:29Z dougb $

# PROVIDE: ugidfw
# BEFORE: LOGIN
# KEYWORD: nojail shutdown

. /etc/rc.subr

name="ugidfw"
rcvar="ugidfw_enable"
start_cmd="ugidfw_start"
stop_cmd="ugidfw_stop"
required_modules="mac_bsdextended"

ugidfw_load()
{
	if [ -r "${bsdextended_script}" ]; then
		. "${bsdextended_script}"
	fi
}

ugidfw_start()
{
	[ -z "${bsdextended_script}" ] && bsdextended_script=/etc/rc.bsdextended

	if [ -r "${bsdextended_script}" ]; then
		ugidfw_load
		echo "MAC bsdextended rules loaded."
	fi
}

ugidfw_stop()
{
	# Disable the policy
	#
	kldunload mac_bsdextended
}

load_rc_config $name
run_rc_command "$1"
@


1.7
log
@SVN rev 180564 on 2008-07-16 19:50:29Z by dougb

Add the shutdown KEYWORD to those scripts that start persistent services
to allow them to do a "clean" shutdown.

I purposely avoided making changes to network-related stuff since the
system shutting down is pretty conclusive, and there may be complicated
dependencies on the network that I would rather not try to unravel.

I also skipped kerberos-related stuff for the reasons above, and
because I have no way to test it.
@
text
@d3 1
a3 1
# $FreeBSD$
@


1.7.4.1
log
@SVN rev 225736 on 2011-09-23 00:51:37Z by kensmith

Copy head to stable/9 as part of 9.0-RELEASE release cycle.

Approved by:	re (implicit)
@
text
@@


1.7.4.2
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 242902
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r242902 | dteske | 2012-11-11 23:29:45 +0000 (Sun, 11 Nov 2012) | 10 lines
## SVN ##
## SVN ## Fix a regression introduced by SVN r211417 that saw the breakage of a feature
## SVN ## documented in usr.sbin/sysinstall/help/shortcuts.hlp (reproduced below):
## SVN ##
## SVN ## If /usr/sbin/sysinstall is linked to another filename, say
## SVN ## `/usr/local/bin/configPackages', then the basename will be used
## SVN ## as an implicit command name.
## SVN ##
## SVN ## Reviewed by:	adrian (co-mentor)
## SVN ## Approved by:	adrian (co-mentor)
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d3 1
a3 1
# $FreeBSD: stable/9/etc/rc.d/ugidfw 180564 2008-07-16 19:50:29Z dougb $
@


1.7.4.1.4.1
log
@SVN rev 239080 on 2012-08-05 23:54:33Z by kensmith

Copy stable/9 to releng/9.1 as part of the 9.1-RELEASE release process.

Approved by:	re (implicit)
@
text
@@


1.7.4.1.4.2
log
@Switch importer
@
text
@d3 1
a3 1
# $FreeBSD: releng/9.1/etc/rc.d/ugidfw 180564 2008-07-16 19:50:29Z dougb $
@


1.7.4.1.2.1
log
@SVN rev 227445 on 2011-11-11 04:20:22Z by kensmith

Copy stable/9 to releng/9.0 as part of the FreeBSD 9.0-RELEASE release
cycle.

Approved by:	re (implicit)
@
text
@@


1.7.4.1.2.2
log
@Switch importer
@
text
@d3 1
a3 1
# $FreeBSD: releng/9.0/etc/rc.d/ugidfw 180564 2008-07-16 19:50:29Z dougb $
@


1.7.2.1
log
@SVN rev 196045 on 2009-08-03 08:13:06Z by kensmith

Copy head to stable/8 as part of 8.0 Release cycle.

Approved by:	re (Implicit)
@
text
@@


1.7.2.2
log
@## SVN ##
## SVN ## Exported commit - http://svnweb.freebsd.org/changeset/base/ 242909
## SVN ## CVS IS DEPRECATED: http://wiki.freebsd.org/CvsIsDeprecated
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ## r242909 | dim | 2012-11-12 07:47:19 +0000 (Mon, 12 Nov 2012) | 20 lines
## SVN ##
## SVN ## MFC r242625:
## SVN ##
## SVN ## Remove duplicate const specifiers in many drivers (I hope I got all of
## SVN ## them, please let me know if not).  Most of these are of the form:
## SVN ##
## SVN ## static const struct bzzt_type {
## SVN ##       [...list of members...]
## SVN ## } const bzzt_devs[] = {
## SVN ##       [...list of initializers...]
## SVN ## };
## SVN ##
## SVN ## The second const is unnecessary, as arrays cannot be modified anyway,
## SVN ## and if the elements are const, the whole thing is const automatically
## SVN ## (e.g. it is placed in .rodata).
## SVN ##
## SVN ## I have verified this does not change the binary output of a full kernel
## SVN ## build (except for build timestamps embedded in the object files).
## SVN ##
## SVN ## Reviewed by:	yongari, marius
## SVN ##
## SVN ## ------------------------------------------------------------------------
## SVN ##
@
text
@d3 1
a3 1
# $FreeBSD: stable/8/etc/rc.d/ugidfw 180564 2008-07-16 19:50:29Z dougb $
@


1.7.2.1.8.1
log
@SVN rev 232438 on 2012-03-03 06:15:13Z by kensmith

Copy stable/8 to releng/8.3 as part of 8.3-RELEASE release cycle.

Approved by:	re (implicit)
@
text
@@


1.7.2.1.8.2
log
@Switch importer
@
text
@d3 1
a3 1
# $FreeBSD: releng/8.3/etc/rc.d/ugidfw 180564 2008-07-16 19:50:29Z dougb $
@


1.7.2.1.6.1
log
@SVN rev 216617 on 2010-12-21 17:09:25Z by kensmith

Copy stable/8 to releng/8.2 in preparation for FreeBSD-8.2 release.

Approved by:	re (implicit)
@
text
@@


1.7.2.1.4.1
log
@SVN rev 209145 on 2010-06-14 02:09:06Z by kensmith

Copy stable/8 to releng/8.1 in preparation for 8.1-RC1.

Approved by:	re (implicit)
@
text
@@


1.7.2.1.2.1
log
@SVN rev 198460 on 2009-10-25 01:10:29Z by kensmith

Copy stable/8 to releng/8.0 as part of 8.0-RELEASE release procedure.

Approved by:	re (implicit)
@
text
@@


1.6
log
@Remove empty REQUIRE line
@
text
@d7 1
a7 1
# KEYWORD: nojail
@


1.5
log
@Use $required_modules wherever suitable.  Use load_kld() in special
cases.  So we get rid of quite a few lines of duplicated code.
@
text
@a5 1
# REQUIRE:
@


1.5.4.1
log
@MFC the purely cosmetic changes, including removal of $NetBSD$ Ids,
a few spurious #'s, an empty REQUIRE, and a never-used KEYWORD.

Approved by:	re (kensmith)
@
text
@d6 1
@


1.5.2.1
log
@MFC the purely cosmetic changes, including removal of $NetBSD$ Ids,
a few spurious #'s, an empty REQUIRE, and a never-used KEYWORD.
@
text
@d6 1
@


1.5.2.2
log
@SVN rev 190362 on 2009-03-24 02:48:54Z by dougb

MFC r180564, addition of the SHUTDOWN keyword to those scripts that
start persistent services.
@
text
@d7 1
a7 1
# KEYWORD: nojail shutdown
@


1.5.2.3
log
@Switch importer
@
text
@d3 1
a3 1
# $FreeBSD: stable/7/etc/rc.d/ugidfw 220110 2011-03-28 19:29:30Z dougb $
@


1.5.2.2.6.1
log
@SVN rev 216618 on 2010-12-21 17:10:29Z by kensmith

Copy stable/7 to releng/7.4 in preparation for FreeBSD-7.4 release.

Approved by:	re (implicit)
@
text
@@


1.5.2.2.6.2
log
@Switch importer
@
text
@d3 1
a3 1
# $FreeBSD: releng/7.4/etc/rc.d/ugidfw 190362 2009-03-24 02:48:54Z dougb $
@


1.5.2.2.4.1
log
@SVN rev 203736 on 2010-02-10 00:26:20Z by kensmith

Copy stable/7 to releng/7.3 as part of the 7.3-RELEASE process.

Approved by:	re (implicit)
@
text
@@


1.5.2.2.2.1
log
@SVN rev 191087 on 2009-04-15 03:14:26Z by kensmith

Create releng/7.2 from stable/7 in preparation for 7.2-RELEASE.

Approved by:	re (implicit)
@
text
@@


1.5.2.1.2.1
log
@SVN rev 185281 on 2008-11-25 02:59:29Z by kensmith

Create releng/7.1 in preparation for moving into RC phase of 7.1 release
cycle.

Approved by:	re (implicit)
@
text
@@


1.4
log
@o Remove unfinished code and make it possible to override
bsdextended_script from rc.conf(5):

Not objected by:	trhodes
@
text
@a14 1
start_precmd="ugidfw_precmd"
d16 1
a24 14
ugidfw_precmd()
{
	if ! sysctl security.mac.bsdextended
          then kldload mac_bsdextended
	    if [ "$?" -ne "0" ]
	      then warn Unable to load the mac_bsdextended module.
	      return 1
	else
	  return 0
	  fi
	fi
	return 0
}

@


1.3
log
@Add a ugidfw_load() function and fix up some of the scripting in this file.
This will allow better integration with the ports system.

Submitted by:	clement
@
text
@a21 1
		echo -n " ${_bsdextended_profile}"
d41 1
a41 7
	# check for existing profiles and set the default policy script 
	# if none was specified
	[ -z "${bsdextended_profiles}" ] && {
	  bsdextended_profiles=default
	  [ -z "${bsdextended_script}" ] && bsdextended_script=/etc/rc.bsdextended
	  bsdextended_default_script=/etc/rc.bsdextended
	}
d43 4
a46 6
	echo -n "Loading MAC bsdextended rules:" 
	for _bsdextended_profile in ${bsdextended_profiles}; do
	  eval bsdextended_script=\"\$bsdextended_${_bsdextended_profile}_script\"
	  ugidfw_load
	done
	echo '.'
@


1.3.2.1
log
@MFC rev. 1.4: remove unfinished code and make it possible to override
bsdextended_script from rc.conf(5).
@
text
@d22 1
d42 7
a48 1
	[ -z "${bsdextended_script}" ] && bsdextended_script=/etc/rc.bsdextended
d50 6
a55 4
	if [ -r "${bsdextended_script}" ]; then
		ugidfw_load
		echo "MAC bsdextended rules loaded."
	fi
@


1.3.2.2
log
@MFC the purely cosmetic changes, including removal of $NetBSD$ Ids,
a few spurious #'s, an empty REQUIRE, and a never-used KEYWORD.
@
text
@d6 1
@


1.3.2.3
log
@Switch importer
@
text
@d3 1
a3 1
# $FreeBSD: stable/6/etc/rc.d/ugidfw 175742 2008-01-28 08:22:33Z dougb $
@


1.3.2.2.2.1
log
@SVN rev 183531 on 2008-10-02 02:57:24Z by kensmith

Create releng/6.4 from stable/6 in preparation for 6.4-RC1.

Approved by:	re (implicit)
@
text
@@


1.2
log
@Remove requirement on FreeBSD keyword.

Skipped by:	mtm (/me glares at mtm)  :)
@
text
@d18 8
d42 7
a48 2
	# set the default policy script if none was specified
	[ -z "${bsdextended_script}" ] && bsdextended_script=/etc/rc.bsdextended
d50 5
a54 4
	if [ -r "${bsdextended_script}" ]; then
		. "${bsdextended_script}"
		echo -n 'MAC bsdextended rules loaded sucessfully.'
	fi
@


1.1
log
@Give users the ability to load a mac_bsdextended(4) ruleset on boot (defaults
to NO of course).  Provide a basic ruleset file, rc.bsdextended, but allow
the filename to be overridden through rc.conf.

Discussed with:	rwatson (awhile ago)
@
text
@d8 1
a8 1
# KEYWORD: FreeBSD nojail
@


1.1.2.1
log
@MFC: Bring in the startup files to permit loading of mac_bsdextended(4)
rules on system initialization.

Remove requirement on FreeBSD keyword.

Approved by:	re (kensmith)
@
text
@d8 1
a8 1
# KEYWORD: nojail
@

