selinux/sandbox/sandbox.init
Stephen Smalley 97bf196c89 Move policycoreutils/sandbox to sandbox.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2016-11-16 11:19:50 -05:00

77 lines
1.3 KiB
Bash

#!/bin/bash
## BEGIN INIT INFO
# Provides: sandbox
# Default-Start: 3 4 5
# Default-Stop: 0 1 2 3 4 6
# Required-Start:
#
## END INIT INFO
# sandbox: Set up / mountpoint to be shared, /var/tmp, /tmp, /home/sandbox unshared
#
# chkconfig: 345 1 99
#
# description: sandbox, xguest and other apps that want to use pam_namespace \
# require this script be run at boot. This service script does \
# not actually run any service but sets up: \
# / to be shared by any app that starts a separate namespace
# If you do not use sandbox, xguest or pam_namespace you can turn \
# this service off.\
#
# Source function library.
. /etc/init.d/functions
LOCKFILE=/var/lock/subsys/sandbox
base=${0##*/}
start() {
echo -n "Starting sandbox"
[ -f "$LOCKFILE" ] && return 0
touch $LOCKFILE
mount --make-rshared / || return $?
return 0
}
stop() {
echo -n "Stopping sandbox"
[ -f "$LOCKFILE" ] || return 1
}
status() {
if [ -f "$LOCKFILE" ]; then
echo "$base is running"
else
echo "$base is stopped"
fi
exit 0
}
case "$1" in
restart)
start && success || failure
;;
start)
start && success || failure
echo
;;
stop)
stop && success || failure
echo
;;
status)
status
;;
*)
echo $"Usage: $0 {start|stop|status|restart}"
exit 3
;;
esac