File policycoreutils-initscript.patch of Package policycoreutils
Index: restorecond/restorecond.init
===================================================================
--- restorecond/restorecond.init.orig
+++ restorecond/restorecond.init
@@ -1,14 +1,23 @@
#!/bin/sh
#
-# restorecond: Daemon used to maintain path file context
+# /etc/init.d/restorecond
#
-# chkconfig: - 12 87
-# description: restorecond uses inotify to look for creation of new files \
-# listed in the /etc/selinux/restorecond.conf file, and restores the \
-# correct security context.
+### BEGIN INIT INFO
+# Provides: restorecond
+# Required-Start: $remote_fs
+# Should-Start:
+# Required-Stop: $remote_fs
+# Should-Stop:
+# Default-Start: 3 4 5
+# Default-Stop: 0 1 2 3 4 6
+# Short-Description: Daemon used to maintain path file context
+# Description: Restorecond uses inotify to look for creation of new files
+# listed in the /etc/selinux/restorecond.conf file, and restores the correct
+# security context.
+### END INIT INFO
#
# processname: /usr/sbin/restorecond
-# config: /etc/selinux/restorecond.conf
+# config: /etc/selinux/restorecond.conf
# pidfile: /var/run/restorecond.pid
#
# Return values according to LSB for all commands but status:
@@ -22,42 +31,61 @@
# 7 - program is not running
PATH=/sbin:/bin:/usr/bin:/usr/sbin
+PROG_BIN=/usr/sbin/restorecond
+LOCK_FILE=/var/lock/restorecond
+PROG_CONF=/etc/selinux/restorecond.conf
# Source function library.
-. /etc/rc.d/init.d/functions
+. /etc/rc.status
-[ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled || exit 7
+# Check whether SELinux is enabled
+if [ ! -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled ; then
+ echo $"SELinux should be enabled to run this daemon"
+ rc_failed 1
+ rc_status -v
+ rc_exit
+fi
# Check that we are root ... so non-root users stop here
-test $EUID = 0 || exit 4
+if [ $EUID -ne 0 ] ; then
+ echo $"Access denied. Only root can run this daemon"
+ rc_failed 4
+ rc_status -v
+ rc_exit
+fi
+
+# Check whether program binary exists
+if [ ! -x $PROG_BIN ] ; then
+ echo $"$PROG_BIN does not exist or has no executable permission"
+ rc_failed 5
+ rc_status -v
+ rc_exit
+fi
+
+# Check whether the required conf file exists
+if [ ! -f $PROG_CONF ] ; then
+ echo $"$PROG_CONF not found"
+ rc_failed 6
+ rc_status -v
+ rc_exit
+fi
-test -x /usr/sbin/restorecond || exit 5
-test -f /etc/selinux/restorecond.conf || exit 6
-
-RETVAL=0
-
-start()
+start()
{
- echo -n $"Starting restorecond: "
- unset HOME MAIL USER USERNAME
- daemon /usr/sbin/restorecond
- RETVAL=$?
- touch /var/lock/subsys/restorecond
- echo
- return $RETVAL
+ echo -n $"Starting restorecond: "
+ unset HOME MAIL USER USERNAME
+ startproc -p $LOCK_FILE $PROG_BIN
+ rc_status -v
}
-stop()
+stop()
{
- echo -n $"Shutting down restorecond: "
- killproc restorecond
- RETVAL=$?
- rm -f /var/lock/subsys/restorecond
- echo
- return $RETVAL
+ echo -n $"Shutting down restorecond: "
+ killproc -p $LOCK_FILE -TERM $PROG_BIN
+ rc_status -v
}
-restart()
+restart()
{
stop
start
@@ -72,18 +100,20 @@ case "$1" in
stop
;;
status)
- status restorecond
- RETVAL=$?
+ echo -n $"Checking for restorecond: "
+ checkproc -p $LOCK_FILE $PROG_BIN
+ rc_status -v
;;
force-reload|restart|reload)
restart
;;
condrestart)
- [ -e /var/lock/subsys/restorecond ] && restart || :
+ [ -e $LOCK_FILE ] && restart || :
;;
*)
- echo $"Usage: $0 {start|stop|restart|force-reload|status|condrestart}"
- RETVAL=3
+ echo $"Usage: $0 {start|stop|restart|reload|force-reload|status|condrestart}"
+ rc_failed 3
+ rc_status -v
esac
-exit $RETVAL
+rc_exit
Index: sandbox/sandbox.init
===================================================================
--- sandbox/sandbox.init.orig
+++ sandbox/sandbox.init
@@ -1,11 +1,22 @@
#!/bin/bash
-## BEGIN INIT INFO
+### BEGIN INIT INFO
# Provides: sandbox
-# Default-Start: 3 4 5
-# Default-Stop: 0 1 2 3 4 6
-# Required-Start:
+# Required-Start: $remote_fs
+# Should-Start:
+# Required-Stop: $remote_fs
+# Should-Stop:
+# Default-Start: 3 5
+# Default-Stop: 0 1 2 3 6
+# Required-Start: Set up / mountpoint to be shared, /var/tmp, /tmp, /home/sandbox unshared
+# Short-Description:
+# Description: sandbox, xguest and other apps that want to use pam_namespace \
+# require this script be run at boot. This service script does \
+# not actually run any service but sets up: \
+# / to be shared by any app that starts a separate namespace
+# If you do not use sandbox, xguest or pam_namespace you can turn \
+# this service off.\
#
-## END INIT INFO
+### END INIT INFO
# sandbox: Set up / mountpoint to be shared, /var/tmp, /tmp, /home/sandbox unshared
#
# chkconfig: 345 1 99
@@ -19,9 +30,9 @@
#
# Source function library.
-. /etc/init.d/functions
+. /etc/rc.status
-LOCKFILE=/var/lock/subsys/sandbox
+LOCKFILE=/var/lock/sandbox
base=${0##*/}
@@ -31,7 +42,7 @@ start() {
[ -f "$LOCKFILE" ] && return 0
touch $LOCKFILE
- mount --make-rshared / || return $?
+ mount --make-rshared / || return $?
return 0
}
@@ -68,9 +79,13 @@ case "$1" in
status)
status
;;
+ reload)
+ # unused
+ exit 3
+ ;;
*)
- echo $"Usage: $0 {start|stop|status|restart}"
+ echo $"Usage: $0 {start|stop|status|restart|reload}"
exit 3
;;
esac
Index: mcstrans/src/mcstrans.init
===================================================================
--- mcstrans/src/mcstrans.init.orig
+++ mcstrans/src/mcstrans.init
@@ -20,7 +20,7 @@
PATH=/sbin:/bin:/usr/bin:/usr/sbin
prog="mcstransd"
-lockfile=/var/lock/subsys/$prog
+lockfile=/var/lock/$prog
# Source function library.
. /etc/init.d/functions