Commit 8100069e authored by Loic's avatar Loic
Browse files

check the sysctl variables in jail before starting


Signed-off-by: Loic's avatarLoic <loic.f@hardenedbsd.org>
parent 0fc2b9bf
......@@ -56,12 +56,13 @@ secadm_prestart()
return 1
fi
if ! (sysctl -a | egrep -q "kern.features.integriforce|kern.features.secadm") ; then
echo "Missing secadm sysctl!"
return 1
fi
if [ ${jailed} -eq 0 ]; then
for check in integriforce secadm; do
if ! (sysctl -q kern.features.${check} > /dev/null 2>&1) ; then
echo "Missing secadm sysctl!"
return 1
fi
done
if ! /sbin/kldstat -qm secadm; then
/sbin/kldload secadm
fi
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment