X-Git-Url: http://gitweb.hugovil.com/?a=blobdiff_plain;f=stage4%2Fcis-hal;h=c4b4955b758a7b8ee53235bdf15c6db8a886d2dd;hb=b7d1d99f41dcf50a8635f608679947f4455a0c7c;hp=e1132363fccf2e6f71b6f6e2ff614a6bd836e7d0;hpb=afdcc2624aec2f5aaaf00aa211455ba54eaf0703;p=hvlinux.git
diff --git a/stage4/cis-hal b/stage4/cis-hal
index e113236..c4b4955 100755
--- a/stage4/cis-hal
+++ b/stage4/cis-hal
@@ -1,4 +1,4 @@
-1#!/bin/sh
+#!/bin/sh
set -o errexit
# First argument of this script is the package name.
@@ -26,7 +26,7 @@ cd ${LFS_TMP}/${PACKAGE}-build
--sysconfdir=/etc \
--libexecdir=/usr/lib/hal \
--localstatedir=/var \
- --disable-policy-kit \
+ --with-udev-prefix=/etc \
${CONFIGURE_OPTS}
make
make install
@@ -40,6 +40,53 @@ install -v -m740 ${SCRDIR}/bootscripts/hald /etc/rc.d/init.d
# script-name start stop
bootscript_add_rc3 hald 93 19
+# The default setup for HAL is to allow only certain users to invoke methods
+# such as Mount(). These are the root user and the user determined to be at the
+# active console using pam_console. If you are not set up to use
+# Linux-PAM-1.1.1 and pam_console, create a group that is allowed to invoke HAL
+# methods with the following commands:
+hv_groupadd -g 61 halusers
+cat > /etc/dbus-1/system.d/halusers.conf << "EOF"
+
+
+
+
+
+
+
+
+
+
+
+
+EOF
+
+# Now add the users you would like to the halusers group to use HAL:
+usermod -a -G halusers ${REGUSER}
+
+# With the above configuration in place, authorized users now have the ability
+# to unmount disk partitions mounted at non-standard locations such as /pub.
+# If you'd like to restrict this policy to only drives which are considered
+# removable or hotpluggable, add the following configuration file as the root user:
+cat > /etc/hal/fdi/policy/no-fixed-drives.fdi << "EOF"
+
+
+
+
+
+
+
+
+ true
+
+
+
+
+EOF
+
# If the system-wide D-BUS daemon was running during the
# installation of HAL, ensure you stop and restart the
# D-BUS daemon before attempting to start the hald daemon.