Skip to content

Commit

Permalink
Set rules once
Browse files Browse the repository at this point in the history 
Use tr instead of paste to avoid unwanted newline
  • Loading branch information
@Freaky
Freaky committed Aug 19, 2023
1 parent 70817af commit 28a37eb
Showing 1 changed file with 3 additions and 5 deletions.
8 changes: 3 additions & 5 deletions portacl.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -171,10 +171,10 @@ portacl_check_sysctl_conf()
done
}

# Filter argument to return only valid rules and warn on errors
# Filter out invalid rules and warn on stderr
validate_ruleset()
{
echo -n "${1}" | awk '
awk '
BEGIN { RS=","; FS=":"; sep = "" }
{
if (NF == 4 &&
Expand All @@ -194,16 +194,14 @@ validate_ruleset()

portacl_start()
{
local rules="$(generate_ruleset | sort -ut : | paste -s -d ',' -)"
local rules="$(generate_ruleset | sort -ut : | tr '\n' , | validate_ruleset)"
local port_high="$(integer_or_default portacl_port_high 1023)"
local suser_exempt=1
local autoport_exempt=1

checkyesno portacl_suser_exempt || suser_exempt=0
checkyesno portacl_autoport_exempt || autoport_exempt=0

rules=$(validate_ruleset "${rules}")

${SYSCTL} security.mac.portacl.rules="${rules}" >/dev/null &&
${SYSCTL} security.mac.portacl.suser_exempt="${suser_exempt}" >/dev/null &&
${SYSCTL} security.mac.portacl.autoport_exempt="${autoport_exempt}" >/dev/null &&
Expand Down

0 comments on commit 28a37eb

Please sign in to comment.