diff options
| author |   schwarze <schwarze@openbsd.org> | 2014-08-24 19:00:46 +0000 |
|---|---|---|
| committer | schwarze <schwarze@openbsd.org> | 2014-08-24 19:00:46 +0000 |
| commit | 18eeafd9366b837a19a04bb6a884d51162fd3d7b (patch) | |
| tree | 1a74b129c432b896e2a6ffb00d565a49ab49c8da | |
| parent | Start all error messages with "rcctl: " such that it is clear where (diff) | |
| download | wireguard-openbsd-18eeafd9366b837a19a04bb6a884d51162fd3d7b.tar.xz wireguard-openbsd-18eeafd9366b837a19a04bb6a884d51162fd3d7b.zip | |
Whitelisting allowed services is safer and less confusing than
blacklisting auxiliary variables, and it makes the coupling
to rc.subr(8) less tight.
Feedback and OK ajacoutot@.
| -rw-r--r-- | usr.sbin/rcctl/rcctl.sh | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/usr.sbin/rcctl/rcctl.sh b/usr.sbin/rcctl/rcctl.sh index 19e3301fc8f..c4f049f88e4 100644 --- a/usr.sbin/rcctl/rcctl.sh +++ b/usr.sbin/rcctl/rcctl.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# $OpenBSD: rcctl.sh,v 1.18 2014/08/24 18:10:26 schwarze Exp $ +# $OpenBSD: rcctl.sh,v 1.19 2014/08/24 19:00:46 schwarze Exp $ # # Copyright (c) 2014 Antoine Jacoutot <ajacoutot@openbsd.org> # @@ -16,6 +16,9 @@ # ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF # OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. +_special_services="accounting check_quotas ipsec multicast_host multicast_router pf spamd_black" +readonly _special_services + # get local functions from rc.subr(8) FUNCS_ONLY=1 . /etc/rc.d/rc.subr @@ -72,9 +75,9 @@ svc_get_all() ( ls -A /etc/rc.d | grep -v rc.subr - for _i in ${_allowed_keys[@]}; do + for _i in ${_special_services}; do echo ${_i} - done | grep -Ev '(nfs_server|savecore_flag|amd_master|pf_rules|ipsec_rules|shlib_dirs|pkg_scripts)' + done ) | sort } @@ -150,7 +153,7 @@ svc_is_special() local _svc=$1 [ -n "${_svc}" ] || return - echo ${_allowed_keys[@]} | grep -qw ${_svc} + echo ${_special_services} | grep -qw ${_svc} } append_to_pkg_scripts() |