[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
series of /etc/rc* related patches
Here's my round of submits to straighten out the rc file collection.
It's still not entirely perfect but it's much better than before. In
rc.conf I basically did away with the notion that foo_flags=NO turned
off a service but instead used foo=NO to do the same. That way a user
doesn't have to edit or loose their _flags values in order to turn it
off.
I hope the files come through ok.
(and yes this email addr works)
--- netstart.orig Fri May 1 09:53:21 1998
+++ netstart Fri May 1 09:59:26 1998
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $OpenBSD: netstart,v 1.37 1998/03/28 00:11:00 deraadt Exp $
+# $OpenBSD: netstart,v 1.38 1998/05/01 10:01:12 pattonme Exp $
# /etc/myname contains my symbolic name
#
@@ -24,7 +24,7 @@
# Configure NAT before configuring network interfaces
#
-if [ "${ipnat}" = "YES" -a "${ipfilter}" = "YES" -a -f "${ipnat_rules}" ]; then
+if [ X"${ipnat}" = X"YES" -a X"${ipfilter}" = X"YES" -a -f "${ipnat_rules}" ]; then
echo 'configuring NAT'
ipnat -CF -f ${ipnat_rules}
else
@@ -82,7 +82,7 @@
cmd="ifconfig $1 $af $name "
if [ "${dt}" = "dest" ]; then cmd="$cmd $dtaddr"; fi
if [ -n "$mask" ]; then cmd="$cmd netmask $mask"; fi
- if [ -n "$bcaddr" -a "X$bcaddr" != "XNONE" ]; then
+ if [ -n "$bcaddr" -a X"$bcaddr" != X"NONE" ]; then
cmd="$cmd broadcast $bcaddr";
fi
cmd="$cmd $extras"
--- rc.conf.orig Wed Apr 29 16:40:19 1998
+++ rc.conf Fri May 1 09:33:51 1998
@@ -1,50 +1,73 @@
#!/bin/sh -
#
-# $OpenBSD: rc.conf,v 1.19 1998/04/07 06:11:54 deraadt Exp $
+# $OpenBSD: rc.conf,v 1.20 1998/05/01 09:40:54 pattonme Exp $
-# set these to "NO" to turn them off. otherwise, they're used as flags
-routed_flags=NO # for 'normal' use: routed_flags="-q"
-mrouted_flags=NO # for 'normal' use: mrouted_flags=""
-rarpd_flags=NO # for 'normal' use: rarpd_flags="-a"
-bootparamd_flags=NO # for 'normal' use: bootparamd_flags=""
-rbootd_flags=NO # for 'normal' use: rbootd_flags=""
-sendmail_flags=NO # for 'normal' use: sendmail_flags="-bd -q30m"
-smtpfwdd_flags=NO # for 'normal' use: smtpfwdd_flags="", no -bd above.
-named_flags=NO # for 'normal' use: named_flags=""
-timed_flags=NO # for 'normal' use: timed_flags=""
-photurisd_flags=NO # for 'normal' use: photurisd_flags=""
-mopd_flags=NO # for 'normal' use: mopd_flags="-a"
-httpd_flags=NO # for 'normal' use: httpd_flags=""
-
-# On some architectures, you must also disable console getty in /etc/ttys
-xdm_flags=NO # for 'normal' use: xdm_flags=""
-
-# set the following to "YES" to turn them on
+# set the servers to "YES" to turn them on.
+routed=NO
+routed_flags="" # for 'normal' use: routed_flags="-q"
+mrouted=NO
+mrouted_flags=""
+rarpd=NO
+rarpd_flags="-a"
+bootparamd=NO
+bootparamd_flags=""
+rbootd=NO
+rbootd_flags=""
+sendmail=NO
+sendmail_flags="-bd -q30m"
+smtpfwdd=NO
+smtpfwdd_flags=""
+smtpd=NO
+smtpd_flags="" # remove '-bd' from sendmail_flags
+named=NO
+named_flags=""
+timed=NO
+timed_flags=""
+phturisd=NO
+photurisd_flags=""
+mopd=NO
+mopd_flags="-a"
+httpd=NO
+httpd_flags=""
rwhod=NO
nfs_server=NO
-nfs_client=NO
+nfsd_flags="-tun 4" # Crank the 4 for a busy NFS fileserver
lockd=NO
+nfs_client=NO
+nfsiod_flags="-n 4" # Crank the 4 for a busy NFS client
gated=NO
+gated_flags=
kerberos_server=NO # kerberos server. run 'info kth-krb' for assistance.
kerberos_slave=NO # kerberos slave server.
amd=NO
+amd_dir=/tmp_mnt # AMD's mount directory
+amd_master=/etc/amd/master # AMD 'master' map
ipfilter=NO
+ipfilter_rules=/etc/ipf.rules # Rules for IP packet filtering
ipnat=NO # for "YES" ipfilter must also be "YES"
+ipnat_rules=/etc/ipnat.rules # Rules for Network Address Translation
+ipmon=NO # ipfilter logging
+ipmon_flags="-s"
+cron=YES
portmap=YES # almost always needed
inetd=YES # almost always needed
lpd=NO # printing daemons
check_quotas=YES # NO may be desireable in some YP environments
+syslogd_flags= # add more flags, ie. -u -a /chroot/dev/log
+yp_client=NO
+yp_server=NO
+ypserver_flags="" # E.g. -1 for YP v1, -d for DNS etc
+yppasswdd_flags="" # "-d /etc/yp" if passwd files are in /etc/yp
+
+
+# On some architectures, you must also disable console getty in /etc/ttys
+xdm=NO
+xdm_flags="" # for 'normal' use: xdm_flags=""
+
+# launch directives for rc.local daemons
+sshd=NO
+cfsd=NO
+snmpd=NO
+scon=NO
+scon_flags=""
-# miscellaneous other flags
-# only used if the appropriate server is marked YES above
-gated_flags=
-ypserv_flags= # E.g. -1 for YP v1, -d for DNS etc
-yppasswdd_flags= # "-d /etc/yp" if passwd files are in /etc/yp
-nfsd_flags="-tun 4" # Crank the 4 for a busy NFS fileserver
-nfsiod_flags="-n 4" # Crank the 4 for a busy NFS client
-amd_dir=/tmp_mnt # AMD's mount directory
-amd_master=/etc/amd/master # AMD 'master' map
-ipfilter_rules=/etc/ipf.rules # Rules for IP packet filtering
-ipnat_rules=/etc/ipnat.rules # Rules for Network Address Translation
-ipmon_flags=-s # To disable logging, use ipmon_flags=NO
-syslogd_flags= # add more flags, ie. -u -a /chroot/dev/log
--- rc.orig Fri May 1 09:16:12 1998
+++ rc Fri May 1 10:03:45 1998
@@ -1,4 +1,4 @@
-# $OpenBSD: rc,v 1.71 1998/04/07 06:11:52 deraadt Exp $
+# $OpenBSD: rc,v 1.72 1998/04/29 10:05:32 pattonme Exp $
# System startup script run by init on autoboot
# or after single-user.
@@ -87,10 +87,10 @@
rm -f /dev/log
syslogd ${syslogd_flags}
-# $named_flags is imported from /etc/rc.conf;
-# if $named_flags != NO, named is run.
-if [ "X${named_flags}" != X"NO" ]; then
- echo 'starting named'; named $named_flags
+# $named and $named_flags are imported from /etc/rc.conf;
+# if $named = YES, named is run.
+if [ X"${named}" = X"YES" ]; then
+ echo 'starting named'; named ${named_flags}
fi
# /etc/ifaliases, if it exists, contains the names of additional IP
@@ -109,35 +109,39 @@
)
fi
-if [ X"${ipfilter}" = X"YES" -a X"${ipmon_flags}" != X"NO" ]; then
+# $ipfilter, $ipmon, and $ipmon_flags are imported from /etc/rc.conf;
+# if $ipfilter and $ipmon = YES, ipmon is run.
+if [ X"${ipfilter}" = X"YES" -a X"${ipmon}" = X"YES" ]; then
echo 'starting ipmon'; ipmon ${ipmon_flags}
fi
-# $photurisd_flags is imported from /etc/rc.conf;
-# If $photurisd_flags == NO or /etc/photuris/photuris.conf doesn't exist, then
-# photurisd isn't run.
-if [ "X${photurisd_flags}" != X"NO" -a -e /etc/photuris/photuris.conf ]; then
+# $photurisd and $photurisd_flags is imported from /etc/rc.conf;
+# If $photurisd = YES, then photurisd is run.
+if [ X"${photurisd}" = X"YES" ]; then
echo 'starting photurisd'; photurisd ${photurisd_flags}
fi
echo -n 'starting rpc daemons:'
# $portmap is imported from /etc/rc.conf;
-# if $portmap == YES, the portmapper is started.
+# if $portmap = YES, the portmapper is started.
if [ X"${portmap}" = X"YES" ]; then
echo -n ' portmap'; portmap
fi
-if [ -d /var/yp/binding ]; then
- if [ -d /var/yp/`domainname` ]; then
+# $yp_client, $yp_server, $ypserver_flags, $yppasswdd_flags are
+# imported from /etc/rc.conf;
+# if $yp_client = YES, the yellowpages system is started.
+if [ X"${yp_client}" = X"YES" -a -d /var/yp/binding ]; then
+ if [ X"${yp_server}" = X"YES" -a -d /var/yp/`domainname` ]; then
# yp server capabilities needed...
- echo -n ' ypserv'; ypserv ${ypserv_flags}
+ echo -n ' ypserv'; ypserv ${ypserver_flags}
#echo -n ' ypxfrd'; ypxfrd
fi
echo -n ' ypbind'; ypbind
- if [ -d /var/yp/`domainname` ]; then
+ if [ X"${yp_server}" = X"YES" -a -d /var/yp/`domainname` ]; then
# if we are the master server, run rpc.yppasswdd
_host1=`ypwhich -m passwd 2> /dev/null`
_host2=`hostname`
@@ -157,35 +161,39 @@
fi
fi
-# $nfs_server is imported from /etc/rc.conf;
-# if $nfs_server == YES, the machine is setup for being an nfs server
-if [ X${nfs_server} = X"YES" -a -s /etc/exports -a \
+# $nfs_server, $nfsd_flags, $lockd are imported from /etc/rc.conf;
+# if $nfs_server = YES and /etc/exports has valid entires,
+# the machine is configured as an nfs server.
+# if $lockd = YES, start that as well.
+if [ X"${nfs_server}" = X"YES" -a -f /etc/exports -a \
`cat /etc/exports | sed -e '/^#/d' | wc -l` -ne 0 ]; then
- rm -f /var/db/mountdtab
+ rm -f /var/db/mountdtab
echo -n > /var/db/mountdtab
echo -n ' mountd'; mountd
echo -n ' nfsd'; nfsd ${nfsd_flags}
- if [ X${lockd} = X"YES" ]; then
+ if [ X"${lockd}" = X"YES" ]; then
echo -n ' rpc.lockd'; rpc.lockd
fi
fi
-# $nfs_client is imported from /etc/rc.conf;
-# if $nfs_client == YES, the machine is setup for being an nfs client
-if [ X${nfs_client} = X"YES" ]; then
+# $nfs_client and $nfsiod_flags are imported from /etc/rc.conf;
+# if $nfs_client = YES, the machine is setup for being an nfs client
+if [ X"${nfs_client}" = X"YES" ]; then
echo -n ' nfsiod'; nfsiod ${nfsiod_flags}
fi
-if [ X${amd} = X"YES" -a -d ${amd_dir} -a -e ${amd_master} ]; then
+# $amd, $amd_dir and $amd_master are imported from /etc/rc.conf;
+# if $amd = YES and the configuration files exist, amd is started.
+if [ X"${amd}" = X"YES" -a -d ${amd_dir} -a -f ${amd_master} ]; then
echo -n ' amd'
amd -l syslog -x error,noinfo,nostats -p \
-a ${amd_dir} `cat ${amd_master}` > /var/run/amd.pid
fi
-# $timed_flags is imported from /etc/rc.conf;
-# if $timed_flags == NO, timed isn't run.
-if [ "X${timed_flags}" != X"NO" ]; then
- echo -n ' timed'; timed $timed_flags
+# $timed and $timed_flags are imported from /etc/rc.conf;
+# if $timed = YES, timed is run.
+if [ X"${timed}" = X"YES" ]; then
+ echo -n ' timed'; timed ${timed_flags}
fi
echo '.'
@@ -194,10 +202,11 @@
# /var/crash should be a directory or a symbolic link
# to the crash directory if core dumps are to be saved.
if [ -d /var/crash ]; then
+ echo checking for core dump...
savecore /var/crash
fi
-if [ "X${check_quotas}" = X"YES" ]; then
+if [ X"${check_quotas}" = X"YES" ]; then
echo -n 'checking quotas:'
quotacheck -a
echo ' done.'
@@ -225,6 +234,7 @@
find . ! -name . ! -name lost+found ! -name quota.user \
! -name quota.group -exec rm -rf -- {} \; -type d -prune)
+# read in sysctl directives to modify system behavior
if [ -f /etc/sysctl.conf ]; then
(
# delete comments and blank lines
@@ -233,11 +243,12 @@
sysctl -w $1
shift 1
done
-)
+)
fi
+# start picky daemons before altering kernal security level
test -f /etc/rc.securelevel && . /etc/rc.securelevel
-if [ X${securelevel} != X"" ]; then
+if [ X"${securelevel}" != X"" ]; then
echo -n 'setting kernel security level: '
sysctl -w kern.securelevel=${securelevel}
fi
@@ -294,99 +305,115 @@
fi
echo -n standard daemons:
-echo -n ' cron'; cron
+
+# $cron is imported from /etc/rc.conf. If $cron = YES then run it.
+if [ X"${cron}" = X"YES" ]; then
+ echo -n ' cron'; cron
+fi
+
echo '.'
echo -n starting network daemons:
-# $gated and $routed_flags are imported from /etc/rc.conf.
-# If $gated == YES, gated is used; otherwise routed.
-# If $routed_flags == NO, routed isn't run.
-if [ X${gated} = X"YES" -a -e /etc/gated.conf ]; then
- echo -n ' gated'; gated $gated_flags
-elif [ "X${routed_flags}" != X"NO" ]; then
- echo -n ' routed'; routed $routed_flags
+# $gated, gated_flags, $routed, and $routed_flags are imported
+# from /etc/rc.conf.
+# If $gated = YES, gated is used; otherwise routed if $routed = YES.
+if [ X"${gated}" = X"YES" -a -f /etc/gated.conf ]; then
+ echo -n ' gated'; gated ${gated_flags}
+elif [ X"${routed}" = X"YES" ]; then
+ echo -n ' routed'; routed ${routed_flags}
fi
-# $mrouted_flags is imported from /etc/rc.conf;
-# If $mrouted_flags == NO, then mrouted isn't run.
-if [ "X${mrouted_flags}" != X"NO" ]; then
- echo -n ' mrouted'; mrouted $mrouted_flags
+# $mrouted and $mrouted_flags are imported from /etc/rc.conf;
+# If $mrouted = YES, then mrouted is run.
+if [ X"${mrouted}" = X"YES" ]; then
+ echo -n ' mrouted'; mrouted ${mrouted_flags}
fi
# $rwhod is imported from /etc/rc.conf;
-# if $rwhod == YES, rwhod is run.
-if [ X${rwhod} = X"YES" ]; then
+# if $rwhod = YES, rwhod is run.
+if [ X"${rwhod}" = X"YES" ]; then
echo -n ' rwhod'; rwhod
fi
-
-if [ X${lpd} = X"YES" ]; then
+# $lpd is imported from /etc/rc.conf;
+# if $lpd = YES, lpd is run.
+if [ X"${lpd}" = X"YES" ]; then
echo -n ' printer'; lpd
fi
-# $sendmail_flags is imported from /etc/rc.conf;
-# If $sendmail_flags == NO or /etc/sendmail.cf doesn't exist, then
-# sendmail isn't run. We call sendmail with a full path so that
-# SIGHUP works.
-if [ "X${sendmail_flags}" != X"NO" -a -s /etc/sendmail.cf ]; then
- echo -n ' sendmail'; /usr/sbin/sendmail ${sendmail_flags}
+# $httpd and $httpd_flags are imported from /etc/rc.conf;
+# if $httpd = YES, httpd is run.
+if [ "X${httpd}" = X"YES" ]; then
+ echo -n ' httpd'; /usr/sbin/httpd ${httpd_flags}
fi
-if [ "X${httpd_flags}" != X"NO" ]; then
- echo -n ' httpd'; /usr/sbin/httpd ${httpd_flags}
+# $sendmail and $sendmail_flags are imported from /etc/rc.conf;
+# If $sendmail = YES and /etc/sendmail.cf exists, then
+# sendmail is run. We call sendmail with a full path so that
+# SIGHUP works.
+if [ X"${sendmail}" = X"YES" -a -f /etc/sendmail.cf ]; then
+ echo -n ' sendmail'; /usr/sbin/sendmail ${sendmail_flags}
fi
-# $smtpfwdd_flags is imported from /etc/rc.conf;
-# If $smtpfwdd_flags == NO, smtpfwdd isn't run.
-if [ "X${smtpfwdd_flags}" != X"NO" ]; then
+# $smtpfwdd and $smtpfwdd_flags are imported from /etc/rc.conf;
+# If $smtpfwdd = YES, smtpfwdd is run.
+if [ X"${smtpfwdd}" = X"YES" ]; then
echo -n ' smtpfwdd'; /usr/libexec/smtpfwdd ${smtpfwdd_flags}
fi
-
-if [ X${inetd} = X"YES" ]; then
+# $smtpd and $smtpd_flags are imported from /etc/rc.conf;
+# if $smtpd = YES, smtpd is run. Note the flags must contain "-D" for
+# deamon mode or else invoke via inetd.
+if [ X"${smtpd}" = X"YES" ]; then
+ echo -n ' smtpd'; /usr/libexec/smtpd ${smtpd_flags}
+
+# $inetd is imported from /etc/rc.conf;
+# if $inetd = YES then inetd is run.
+if [ X"${inetd}" = X"YES" ]; then
echo -n ' inetd'; inetd
fi
-# $rarpd_flags is imported from /etc/rc.conf;
-# If $rarpd_flags == NO or /etc/ethers doesn't exist, then
-# rarpd isn't run.
-if [ "X${rarpd_flags}" != X"NO" -a -s /etc/ethers ]; then
+# $rarpd and $rarpd_flags are imported from /etc/rc.conf;
+# If $rarpd = YES and /etc/ethers exists, then rarpd is run.
+if [ X"${rarpd}" = X"YES" -a -f /etc/ethers ]; then
echo -n ' rarpd'; rarpd ${rarpd_flags}
fi
-# $bootparamd_flags is imported from /etc/rc.conf;
-# If $bootparamd_flags == NO or /etc/bootparams doesn't exist, then
-# bootparamd isn't run.
-if [ "X${bootparamd_flags}" != X"NO" -a -s /etc/bootparams ]; then
+# $bootparamd and $bootparamd_flags are imported from /etc/rc.conf;
+# If $bootparamd = YES and /etc/bootparams exists, then
+# bootparamd is run.
+if [ X"${bootparamd}" = X"YES" -a -f /etc/bootparams ]; then
echo -n ' rpc.bootparamd'; rpc.bootparamd ${bootparamd_flags}
fi
-# $rbootd_flags is imported from /etc/rc.conf;
-# If $rbootd_flags == NO or /etc/rbootd.conf doesn't exist, then
-# rbootd isn't run.
-if [ "X${rbootd_flags}" != X"NO" -a -s /etc/rbootd.conf ]; then
+# $rbootd and $rbootd_flags are imported from /etc/rc.conf;
+# If $rbootd = YES and /etc/rbootd.conf exists, then rbootd is run.
+if [ X"${rbootd}" = X"YES" -a -f /etc/rbootd.conf ]; then
echo -n ' rbootd'; rbootd ${rbootd_flags}
fi
-# $mopd_flags is imported from /etc/rc.conf;
-# If $mopd_flags == NO or /tftpboot/mop doesn't exist, then
-# mopd isn't run.
-if [ "X${mopd_flags}" != X"NO" -a -d /tftpboot/mop ]; then
+# $mopd and $mopd_flags are imported from /etc/rc.conf;
+# If $mopd_flags = YES and /tftpboot/mop exists, then mopd is run.
+if [ X"${mopd}" = X"YES" -a -d /tftpboot/mop ]; then
echo -n ' mopd'; mopd ${mopd_flags}
fi
+echo '.'
+
+echo -n setting up environment:
+
if [ -x /usr/sbin/screenblank ]; then
- echo -n ' screenblank'; /usr/sbin/screenblank
+ echo -n ' screenblank'; /usr/sbin/screenblank
fi
-echo '.'
-
if [ -f /sbin/kbd -a -f /etc/kbdtype ]; then
- kbd `cat /etc/kbdtype`
+ echo ' keyboard' kbd `cat /etc/kbdtype`
fi
-if [ -f /sbin/ldconfig ]; then
+echo '.'
+
+if [ -x /sbin/ldconfig ]; then
echo 'creating runtime link editor directory cache.'
_LIBS=
if [ -d /usr/local/lib ]; then
@@ -400,16 +427,16 @@
# Kerberos runs ONLY on the Kerberos servers
# Kadmin is runs only on the main server
-if [ X${kerberos_server} = X"YES" ]; then
+if [ X"${kerberos_server}" = X"YES" ]; then
echo 'kerberos server'
- /usr/libexec/kerberos >> /var/log/kerberos.log &
- /usr/libexec/kadmind -n >> /var/log/kadmind.log &
+ /usr/libexec/kerberos >> /var/log/kerberos &
+ /usr/libexec/kadmind -n >> /var/log/kadmind &
fi
# Kpropd runs only on Kerberos slave servers
-if [ X${kerberos_slave} = X"YES" ]; then
+if [ X"${kerberos_slave}" = X"YES" ]; then
echo 'kerberos slave server'
- /usr/libexec/kerberos -s >> /var/log/kerberos.log &
+ /usr/libexec/kerberos -s >> /var/log/kerberos &
/usr/libexec/kpropd -i &
fi
@@ -418,8 +445,8 @@
date
# Alternatively, on some architectures, xdm may be started in /etc/ttys.
-if [ "X${xdm_flags}" != X"NO" ]; then
- echo 'starting xdm...'; /usr/X11R6/bin/xdm
+if [ "X${xdm}" = X"YES" ]; then
+ echo 'starting xdm...'; /usr/X11R6/bin/xdm ${xdm_flags}
fi
exit 0
--- rc.local.orig Fri May 1 09:16:23 1998
+++ rc.local Fri May 1 09:50:57 1998
@@ -1,4 +1,4 @@
-# $OpenBSD: rc.local,v 1.22 1998/04/07 16:32:55 deraadt Exp $
+# $OpenBSD: rc.local,v 1.23 1998/04/28 17:00:00 pattonme Exp $
# site-specific startup actions, daemons, and other things which
# can be done AFTER your system goes into securemode. For actions
@@ -10,12 +10,16 @@
echo -n 'starting local daemons:'
-if [ -x /usr/local/sbin/sshd ]; then
+# $sshd is imported from /etc/rc.conf;
+# if $sshd = YES, sshd is run.
+if [ X"${sshd}" = X"YES" -x /usr/local/sbin/sshd ]; then
echo -n ' sshd'; /usr/local/sbin/sshd
#echo -n ' sshd2022'; /usr/local/sbin/sshd -p 2022
fi
-if [ -x /usr/local/sbin/cfsd ]; then
+# $cfsd is imported from /etc/rc.conf;
+# if $cfsd = YES, cfsd is run.
+if [ X"${cfsd}" = X"YES" -a -x /usr/local/sbin/cfsd ]; then
if ps auxc | grep -q '^ *root .* mountd$'; then
echo -n ' cfsd'; /usr/local/sbin/cfsd
mount -o port=3049,nfsv2,intr localhost:/null /crypt
@@ -24,13 +28,17 @@
fi
fi
-if [ -x /usr/local/sbin/snmpd ]; then
+# $snmpd is imported from /etc/rc.conf;
+# if $snmpd = YES, snmpd is run.
+if [ X"${snmpd}" = X"YES" -x /usr/local/sbin/snmpd ]; then
echo -n ' snmpd'; /usr/local/sbin/snmpd
fi
+# $scon and $scon_flags are imported from /etc/rc.conf;
+# if $scon = YES, scon is run.
# set pcvt screen saver time to 5min (see scon(1) for more options)
-#if test -x /usr/sbin/ispcvt -a -x /usr/sbin/scon && /usr/sbin/ispcvt; then
-# echo -n ' scon'; /usr/sbin/scon -t 300
-#fi
+if [ X"${scon}" = X"YES" -a -x /usr/sbin/ispcvt && /usr/sbin/scon ]; then
+ echo -n ' scon'; /usr/sbin/scon ${scon_flags}
+fi
echo '.'