From 72159dfb6ec7f58de0440ec6e55183caf7015143ca8baf1a7b34b6e3c822452c Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Thu, 18 Mar 2010 15:05:19 +0000 Subject: [PATCH 1/6] Updating link to change in openSUSE:Factory/libselinux revision 15.0 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=c2c351f284ec3d408fa7d757b1eaa3fb From 56b6dc1745f92511c212221ac4a15fa93b6c06ac5a9e4c6fc0d17931c37c6c1a Mon Sep 17 00:00:00 2001 From: Thomas Biege Date: Wed, 7 Apr 2010 13:40:02 +0000 Subject: [PATCH 2/6] Accepting request 37222 from home:thomasbiege:branches:security:SELinux Copy from home:thomasbiege:branches:security:SELinux/libselinux via accept of submit request 37222 revision 5. Request was accepted with message: ok OBS-URL: https://build.opensuse.org/request/show/37222 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=29 --- libselinux.changes | 10 +++++++++ selinux-ready | 53 +++++++++++++++++++++++++++++++++++++++------- 2 files changed, 55 insertions(+), 8 deletions(-) diff --git a/libselinux.changes b/libselinux.changes index 5abd001..16f35a5 100644 --- a/libselinux.changes +++ b/libselinux.changes @@ -1,3 +1,13 @@ +------------------------------------------------------------------- +Wed Apr 7 13:26:59 UTC 2010 - thomas@novell.com + +- selinux-ready: fixed init ramfs checking + +------------------------------------------------------------------- +Wed Apr 7 12:59:41 UTC 2010 - thomas@novell.com + +- added new selinux-ready script + ------------------------------------------------------------------- Thu Feb 25 14:57:16 UTC 2010 - prusnak@suse.cz diff --git a/selinux-ready b/selinux-ready index 3139506..bdc24a1 100644 --- a/selinux-ready +++ b/selinux-ready @@ -22,7 +22,7 @@ check_dir() check_filesystem() { FSPATH="/proc/filesystems" - FSNAME="selinuxfs" + FSNAME="securityfs" grep -w $FSNAME $FSPATH 1>&2 >/dev/null @@ -37,11 +37,11 @@ check_filesystem() check_boot() { - BPARAM="security=selinux.*selinux=1.*enforcing=?" # XXX order not mandatory + BPARAM="selinux=1" printf "\tcheck_boot: Assuming GRUB as bootloader.\n" - BLINE=$(grep -E $BPARAM /boot/grub/menu.lst 2>/dev/null) # XXX check for multiple lines in config + BLINE=$(grep -- $BPARAM /boot/grub/menu.lst 2>/dev/null) # XXX check for multiple lines in config if [ $? == 0 ]; then K=$(echo $BLINE | awk -F' ' '{print $2}') @@ -80,20 +80,51 @@ check_mkinitrd() cd initrd-extracted gunzip -c $TD/i.cpio.gz | cpio -i --force-local --no-absolute-filenames 2>/dev/null grep -E -- $MCMD boot/* 2>&1 >/dev/null - FLG=$? + FLG1=$? + grep -E -- load_policy boot/* 2>&1 >/dev/null + FLG2=$? popd 2>&1>/dev/null - if [ $FLG == 0 ];then + if [ $FLG1 == 0 -a $FLG2 == 0 ];then printf "\tcheck_mkinitrd: OK. Your initrd seems to be correct.\n" return 0 else printf "\tcheck_mkinitrd: ERR. Your initrd seems not to mount /proc of\n" - printf "\t the root filesystem during boot, this may be a\n" - printf "\t reason for SELinux not working.\n" + printf "\t the root filesystem during boot and/or load_policy\n" + printf "\t is missing,\n" + printf "\t this may be a reason for SELinux not working.\n" return 1 fi } +check_initupstart() +{ + CFGFILE="/etc/selinux/config" + + if ! [ -f $CFGFILE ]; then + printf "\tcheck_initupstart: ERR. $CFGFILE does not exist.\n" + return 1; + fi + + POL=$(grep SELINUXTYPE $CFGFILE | sed "s/SELINUXTYPE\s*=\s*"//) + + if ! [ -f /etc/selinux/$POL/booleans ]; then + printf "\tcheck_initupstart: ERR. booleans file for policy $POL does not exist.\n" + return 1 + fi + + INITUS=$(grep init_upstart /etc/selinux/$POL/booleans | sed "s/.*init_upstart\s*=\s*//") + + if [ "$INITUS" == 1 ]; then + printf "\tcheck_initupstart: OK. init_upstart in $POL/booleans is set to 1.\n" + return 0 + else + printf "\tcheck_initupstart: ERR. init_upstart in $POL/booleans is NOT set to 1 ($INITUS).\n" + return 1 + fi + +} + check_packages() { PKGLST="checkpolicy policycoreutils selinux-tools libselinux1 libsepol1 libsemanage1 selinux-policy" @@ -120,8 +151,13 @@ check_config() { CF="/etc/selinux/config" + if [ -f $CF ];then printf "\tcheck_config: OK. Config file seems to be there.\n" + if ! [ $(stat --printf=%a $CF) -eq "644" ]; then + printf "\tcheck_config: ERR. Config file '$CF' has wrong permissions.\n" + return 1 + fi return 0 else printf "\tcheck_config: ERR. Config file '$CF' is missing.\n" @@ -138,6 +174,7 @@ check_boot check_mkinitrd check_packages check_config +check_initupstart rm -rf $TD - +#echo $TD From 84260a568ed3a12859060891553902d5aae3f0a21c654b5b4a54e2710a0a043f Mon Sep 17 00:00:00 2001 From: Thomas Biege Date: Thu, 8 Apr 2010 08:06:15 +0000 Subject: [PATCH 3/6] Accepting request 37315 from home:thomasbiege:branches:security:SELinux Copy from home:thomasbiege:branches:security:SELinux/libselinux via accept of submit request 37315 revision 2. Request was accepted with message: ok OBS-URL: https://build.opensuse.org/request/show/37315 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=30 --- libselinux.changes | 6 ++++++ selinux-ready | 37 ++++++++++++++++++++++++++++++++++++- 2 files changed, 42 insertions(+), 1 deletion(-) diff --git a/libselinux.changes b/libselinux.changes index 16f35a5..3da3a65 100644 --- a/libselinux.changes +++ b/libselinux.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Thu Apr 8 06:37:34 UTC 2010 - thomas@novell.com + +- selinux-ready: added functions for checking PAM config and + policy boolean init_upstart + ------------------------------------------------------------------- Wed Apr 7 13:26:59 UTC 2010 - thomas@novell.com diff --git a/selinux-ready b/selinux-ready index bdc24a1..2d639c6 100644 --- a/selinux-ready +++ b/selinux-ready @@ -97,6 +97,41 @@ check_mkinitrd() fi } +check_pam() +{ + AA_PAM=0 + SE_PAM=0 + + # test for AA pam module + grep apparmor /etc/pam.d/* 2>&1 >/dev/null + FLG=$? + if [ $FLG == 0 ]; then + AA_PAM=1 + fi + + # test for SELinux pam module + grep selinux /etc/pam.d/* 2>&1 >/dev/null + FLG=$? + if [ $FLG == 0 ]; then + SE_PAM=1 + fi + + # suggest config + if [ $SE_PAM == 1 ] && [ $AA_PAM == 0 ]; then + printf "\tcheck_pam: OK. Your PAM configuration seems to be correct.\n" + return 0 + fi + printf "\tcheck_pam: ERR. Your PAM configuration seems to be incorrect.\n" + if [ $AA_PAM == 1 ]; then + printf " execute 'pam-config -d --apparmor' as root\n" + fi + if [ $SE_PAM == 0 ]; then + printf " execute 'pam-config -a --selinux' as root\n" + fi + + return 1 +} + check_initupstart() { CFGFILE="/etc/selinux/config" @@ -175,6 +210,6 @@ check_mkinitrd check_packages check_config check_initupstart +check_pam rm -rf $TD -#echo $TD From de18b4dd925980348b13d5138fef397ebc0e90babb7840ad6f6c948ec210fd5e Mon Sep 17 00:00:00 2001 From: Thomas Biege Date: Fri, 9 Apr 2010 07:41:21 +0000 Subject: [PATCH 4/6] Accepting request 37464 from home:thomasbiege:branches:security:SELinux Copy from home:thomasbiege:branches:security:SELinux/libselinux via accept of submit request 37464 revision 2. Request was accepted with message: ok OBS-URL: https://build.opensuse.org/request/show/37464 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=31 --- libselinux.changes | 6 ++++++ selinux-ready | 14 ++++++++++++++ 2 files changed, 20 insertions(+) diff --git a/libselinux.changes b/libselinux.changes index 3da3a65..407a06c 100644 --- a/libselinux.changes +++ b/libselinux.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Fri Apr 9 07:27:27 UTC 2010 - thomas@novell.com + +- selinux-ready: added function to check for restorecond in + runlevel 3/5 + ------------------------------------------------------------------- Thu Apr 8 06:37:34 UTC 2010 - thomas@novell.com diff --git a/selinux-ready b/selinux-ready index 2d639c6..48b59a3 100644 --- a/selinux-ready +++ b/selinux-ready @@ -160,6 +160,19 @@ check_initupstart() } +check_runlevel() +{ + #ls -q /etc/rc.d/rc[35].d/S*restorecond 1>&2 >/dev/null + + #if [ $? == 0 ]; then + if [ -x /etc/rc.d/rc3.d/S*restorecond ] || [ -x /etc/rc.d/rc5.d/S*restorecond ]; then + printf "\tcheck_runlevel: OK. your system is using restorecond in runlevel 3 and/or 5.\n" + return 0; + fi + printf "\tcheck_runlevel: ERR. please execute 'yast2 runlevel' and enable restorecond.\n" + return 1 +} + check_packages() { PKGLST="checkpolicy policycoreutils selinux-tools libselinux1 libsepol1 libsemanage1 selinux-policy" @@ -211,5 +224,6 @@ check_packages check_config check_initupstart check_pam +check_runlevel rm -rf $TD From 789565776abae5384812b244c11262897c97821203dbb26951271ebeeb38f844 Mon Sep 17 00:00:00 2001 From: OBS User autobuild Date: Fri, 23 Apr 2010 17:09:33 +0000 Subject: [PATCH 5/6] Accepting request 38022 from security:SELinux checked in (request 38022) OBS-URL: https://build.opensuse.org/request/show/38022 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=32 --- libselinux.changes | 22 ---------- selinux-ready | 102 ++++----------------------------------------- 2 files changed, 8 insertions(+), 116 deletions(-) diff --git a/libselinux.changes b/libselinux.changes index 407a06c..5abd001 100644 --- a/libselinux.changes +++ b/libselinux.changes @@ -1,25 +1,3 @@ -------------------------------------------------------------------- -Fri Apr 9 07:27:27 UTC 2010 - thomas@novell.com - -- selinux-ready: added function to check for restorecond in - runlevel 3/5 - -------------------------------------------------------------------- -Thu Apr 8 06:37:34 UTC 2010 - thomas@novell.com - -- selinux-ready: added functions for checking PAM config and - policy boolean init_upstart - -------------------------------------------------------------------- -Wed Apr 7 13:26:59 UTC 2010 - thomas@novell.com - -- selinux-ready: fixed init ramfs checking - -------------------------------------------------------------------- -Wed Apr 7 12:59:41 UTC 2010 - thomas@novell.com - -- added new selinux-ready script - ------------------------------------------------------------------- Thu Feb 25 14:57:16 UTC 2010 - prusnak@suse.cz diff --git a/selinux-ready b/selinux-ready index 48b59a3..3139506 100644 --- a/selinux-ready +++ b/selinux-ready @@ -22,7 +22,7 @@ check_dir() check_filesystem() { FSPATH="/proc/filesystems" - FSNAME="securityfs" + FSNAME="selinuxfs" grep -w $FSNAME $FSPATH 1>&2 >/dev/null @@ -37,11 +37,11 @@ check_filesystem() check_boot() { - BPARAM="selinux=1" + BPARAM="security=selinux.*selinux=1.*enforcing=?" # XXX order not mandatory printf "\tcheck_boot: Assuming GRUB as bootloader.\n" - BLINE=$(grep -- $BPARAM /boot/grub/menu.lst 2>/dev/null) # XXX check for multiple lines in config + BLINE=$(grep -E $BPARAM /boot/grub/menu.lst 2>/dev/null) # XXX check for multiple lines in config if [ $? == 0 ]; then K=$(echo $BLINE | awk -F' ' '{print $2}') @@ -80,99 +80,20 @@ check_mkinitrd() cd initrd-extracted gunzip -c $TD/i.cpio.gz | cpio -i --force-local --no-absolute-filenames 2>/dev/null grep -E -- $MCMD boot/* 2>&1 >/dev/null - FLG1=$? - grep -E -- load_policy boot/* 2>&1 >/dev/null - FLG2=$? + FLG=$? popd 2>&1>/dev/null - if [ $FLG1 == 0 -a $FLG2 == 0 ];then + if [ $FLG == 0 ];then printf "\tcheck_mkinitrd: OK. Your initrd seems to be correct.\n" return 0 else printf "\tcheck_mkinitrd: ERR. Your initrd seems not to mount /proc of\n" - printf "\t the root filesystem during boot and/or load_policy\n" - printf "\t is missing,\n" - printf "\t this may be a reason for SELinux not working.\n" + printf "\t the root filesystem during boot, this may be a\n" + printf "\t reason for SELinux not working.\n" return 1 fi } -check_pam() -{ - AA_PAM=0 - SE_PAM=0 - - # test for AA pam module - grep apparmor /etc/pam.d/* 2>&1 >/dev/null - FLG=$? - if [ $FLG == 0 ]; then - AA_PAM=1 - fi - - # test for SELinux pam module - grep selinux /etc/pam.d/* 2>&1 >/dev/null - FLG=$? - if [ $FLG == 0 ]; then - SE_PAM=1 - fi - - # suggest config - if [ $SE_PAM == 1 ] && [ $AA_PAM == 0 ]; then - printf "\tcheck_pam: OK. Your PAM configuration seems to be correct.\n" - return 0 - fi - printf "\tcheck_pam: ERR. Your PAM configuration seems to be incorrect.\n" - if [ $AA_PAM == 1 ]; then - printf " execute 'pam-config -d --apparmor' as root\n" - fi - if [ $SE_PAM == 0 ]; then - printf " execute 'pam-config -a --selinux' as root\n" - fi - - return 1 -} - -check_initupstart() -{ - CFGFILE="/etc/selinux/config" - - if ! [ -f $CFGFILE ]; then - printf "\tcheck_initupstart: ERR. $CFGFILE does not exist.\n" - return 1; - fi - - POL=$(grep SELINUXTYPE $CFGFILE | sed "s/SELINUXTYPE\s*=\s*"//) - - if ! [ -f /etc/selinux/$POL/booleans ]; then - printf "\tcheck_initupstart: ERR. booleans file for policy $POL does not exist.\n" - return 1 - fi - - INITUS=$(grep init_upstart /etc/selinux/$POL/booleans | sed "s/.*init_upstart\s*=\s*//") - - if [ "$INITUS" == 1 ]; then - printf "\tcheck_initupstart: OK. init_upstart in $POL/booleans is set to 1.\n" - return 0 - else - printf "\tcheck_initupstart: ERR. init_upstart in $POL/booleans is NOT set to 1 ($INITUS).\n" - return 1 - fi - -} - -check_runlevel() -{ - #ls -q /etc/rc.d/rc[35].d/S*restorecond 1>&2 >/dev/null - - #if [ $? == 0 ]; then - if [ -x /etc/rc.d/rc3.d/S*restorecond ] || [ -x /etc/rc.d/rc5.d/S*restorecond ]; then - printf "\tcheck_runlevel: OK. your system is using restorecond in runlevel 3 and/or 5.\n" - return 0; - fi - printf "\tcheck_runlevel: ERR. please execute 'yast2 runlevel' and enable restorecond.\n" - return 1 -} - check_packages() { PKGLST="checkpolicy policycoreutils selinux-tools libselinux1 libsepol1 libsemanage1 selinux-policy" @@ -199,13 +120,8 @@ check_config() { CF="/etc/selinux/config" - if [ -f $CF ];then printf "\tcheck_config: OK. Config file seems to be there.\n" - if ! [ $(stat --printf=%a $CF) -eq "644" ]; then - printf "\tcheck_config: ERR. Config file '$CF' has wrong permissions.\n" - return 1 - fi return 0 else printf "\tcheck_config: ERR. Config file '$CF' is missing.\n" @@ -222,8 +138,6 @@ check_boot check_mkinitrd check_packages check_config -check_initupstart -check_pam -check_runlevel rm -rf $TD + From e522556f15c75e3b4e97e440dade0b40f2239d78e51da5a1b7d74ea67934a8b6 Mon Sep 17 00:00:00 2001 From: OBS User buildservice-autocommit Date: Fri, 23 Apr 2010 17:09:34 +0000 Subject: [PATCH 6/6] Updating link to change in openSUSE:Factory/libselinux revision 16.0 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=a9b6679017fe3ea452018d9cfb04ecda --- libselinux-bindings.spec | 2 +- libselinux.changes | 22 +++++++++ libselinux.spec | 2 +- selinux-ready | 102 ++++++++++++++++++++++++++++++++++++--- 4 files changed, 118 insertions(+), 10 deletions(-) diff --git a/libselinux-bindings.spec b/libselinux-bindings.spec index c0b1253..06211c0 100644 --- a/libselinux-bindings.spec +++ b/libselinux-bindings.spec @@ -23,7 +23,7 @@ BuildRequires: libsepol-devel-static >= %{libsepol_ver} Name: libselinux-bindings Version: 2.0.91 -Release: 1 +Release: 2 Url: http://www.nsa.gov/selinux/ License: GPLv2 ; Public Domain, Freeware Group: System/Libraries diff --git a/libselinux.changes b/libselinux.changes index 5abd001..407a06c 100644 --- a/libselinux.changes +++ b/libselinux.changes @@ -1,3 +1,25 @@ +------------------------------------------------------------------- +Fri Apr 9 07:27:27 UTC 2010 - thomas@novell.com + +- selinux-ready: added function to check for restorecond in + runlevel 3/5 + +------------------------------------------------------------------- +Thu Apr 8 06:37:34 UTC 2010 - thomas@novell.com + +- selinux-ready: added functions for checking PAM config and + policy boolean init_upstart + +------------------------------------------------------------------- +Wed Apr 7 13:26:59 UTC 2010 - thomas@novell.com + +- selinux-ready: fixed init ramfs checking + +------------------------------------------------------------------- +Wed Apr 7 12:59:41 UTC 2010 - thomas@novell.com + +- added new selinux-ready script + ------------------------------------------------------------------- Thu Feb 25 14:57:16 UTC 2010 - prusnak@suse.cz diff --git a/libselinux.spec b/libselinux.spec index ad409a4..94abc5b 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -22,7 +22,7 @@ BuildRequires: libsepol-devel >= %{libsepol_ver} Name: libselinux Version: 2.0.91 -Release: 1 +Release: 2 Url: http://www.nsa.gov/selinux/ License: GPLv2 ; Public Domain, Freeware Group: System/Libraries diff --git a/selinux-ready b/selinux-ready index 3139506..48b59a3 100644 --- a/selinux-ready +++ b/selinux-ready @@ -22,7 +22,7 @@ check_dir() check_filesystem() { FSPATH="/proc/filesystems" - FSNAME="selinuxfs" + FSNAME="securityfs" grep -w $FSNAME $FSPATH 1>&2 >/dev/null @@ -37,11 +37,11 @@ check_filesystem() check_boot() { - BPARAM="security=selinux.*selinux=1.*enforcing=?" # XXX order not mandatory + BPARAM="selinux=1" printf "\tcheck_boot: Assuming GRUB as bootloader.\n" - BLINE=$(grep -E $BPARAM /boot/grub/menu.lst 2>/dev/null) # XXX check for multiple lines in config + BLINE=$(grep -- $BPARAM /boot/grub/menu.lst 2>/dev/null) # XXX check for multiple lines in config if [ $? == 0 ]; then K=$(echo $BLINE | awk -F' ' '{print $2}') @@ -80,20 +80,99 @@ check_mkinitrd() cd initrd-extracted gunzip -c $TD/i.cpio.gz | cpio -i --force-local --no-absolute-filenames 2>/dev/null grep -E -- $MCMD boot/* 2>&1 >/dev/null - FLG=$? + FLG1=$? + grep -E -- load_policy boot/* 2>&1 >/dev/null + FLG2=$? popd 2>&1>/dev/null - if [ $FLG == 0 ];then + if [ $FLG1 == 0 -a $FLG2 == 0 ];then printf "\tcheck_mkinitrd: OK. Your initrd seems to be correct.\n" return 0 else printf "\tcheck_mkinitrd: ERR. Your initrd seems not to mount /proc of\n" - printf "\t the root filesystem during boot, this may be a\n" - printf "\t reason for SELinux not working.\n" + printf "\t the root filesystem during boot and/or load_policy\n" + printf "\t is missing,\n" + printf "\t this may be a reason for SELinux not working.\n" return 1 fi } +check_pam() +{ + AA_PAM=0 + SE_PAM=0 + + # test for AA pam module + grep apparmor /etc/pam.d/* 2>&1 >/dev/null + FLG=$? + if [ $FLG == 0 ]; then + AA_PAM=1 + fi + + # test for SELinux pam module + grep selinux /etc/pam.d/* 2>&1 >/dev/null + FLG=$? + if [ $FLG == 0 ]; then + SE_PAM=1 + fi + + # suggest config + if [ $SE_PAM == 1 ] && [ $AA_PAM == 0 ]; then + printf "\tcheck_pam: OK. Your PAM configuration seems to be correct.\n" + return 0 + fi + printf "\tcheck_pam: ERR. Your PAM configuration seems to be incorrect.\n" + if [ $AA_PAM == 1 ]; then + printf " execute 'pam-config -d --apparmor' as root\n" + fi + if [ $SE_PAM == 0 ]; then + printf " execute 'pam-config -a --selinux' as root\n" + fi + + return 1 +} + +check_initupstart() +{ + CFGFILE="/etc/selinux/config" + + if ! [ -f $CFGFILE ]; then + printf "\tcheck_initupstart: ERR. $CFGFILE does not exist.\n" + return 1; + fi + + POL=$(grep SELINUXTYPE $CFGFILE | sed "s/SELINUXTYPE\s*=\s*"//) + + if ! [ -f /etc/selinux/$POL/booleans ]; then + printf "\tcheck_initupstart: ERR. booleans file for policy $POL does not exist.\n" + return 1 + fi + + INITUS=$(grep init_upstart /etc/selinux/$POL/booleans | sed "s/.*init_upstart\s*=\s*//") + + if [ "$INITUS" == 1 ]; then + printf "\tcheck_initupstart: OK. init_upstart in $POL/booleans is set to 1.\n" + return 0 + else + printf "\tcheck_initupstart: ERR. init_upstart in $POL/booleans is NOT set to 1 ($INITUS).\n" + return 1 + fi + +} + +check_runlevel() +{ + #ls -q /etc/rc.d/rc[35].d/S*restorecond 1>&2 >/dev/null + + #if [ $? == 0 ]; then + if [ -x /etc/rc.d/rc3.d/S*restorecond ] || [ -x /etc/rc.d/rc5.d/S*restorecond ]; then + printf "\tcheck_runlevel: OK. your system is using restorecond in runlevel 3 and/or 5.\n" + return 0; + fi + printf "\tcheck_runlevel: ERR. please execute 'yast2 runlevel' and enable restorecond.\n" + return 1 +} + check_packages() { PKGLST="checkpolicy policycoreutils selinux-tools libselinux1 libsepol1 libsemanage1 selinux-policy" @@ -120,8 +199,13 @@ check_config() { CF="/etc/selinux/config" + if [ -f $CF ];then printf "\tcheck_config: OK. Config file seems to be there.\n" + if ! [ $(stat --printf=%a $CF) -eq "644" ]; then + printf "\tcheck_config: ERR. Config file '$CF' has wrong permissions.\n" + return 1 + fi return 0 else printf "\tcheck_config: ERR. Config file '$CF' is missing.\n" @@ -138,6 +222,8 @@ check_boot check_mkinitrd check_packages check_config +check_initupstart +check_pam +check_runlevel rm -rf $TD -