1 #!/sbin/sh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 # 23 # Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. 24 # 25 26 . /lib/svc/share/smf_include.sh 27 . /lib/svc/share/net_include.sh 28 29 # FMRI consts 30 AUTOFS_FMRI="svc:/system/filesystem/autofs" 31 DNS_CLIENT_FMRI="svc:/network/dns/client" 32 IPSEC_IKE_FMRI="svc:/network/ipsec/ike" 33 IPSEC_POLICY_FMRI="svc:/network/ipsec/policy" 34 IPFILTER_FMRI="svc:/network/ipfilter:default" 35 LDAP_CLIENT_FMRI="svc:/network/ldap/client" 36 LOCATION_FMRI="svc:/network/location:default" 37 MAPID_FMRI="svc:/network/nfs/mapid:default" 38 NIS_CLIENT_FMRI="svc:/network/nis/client" 39 NWAM_FMRI="svc:/network/physical:nwam" 40 41 # commands 42 CP=/usr/bin/cp 43 DHCPINFO=/sbin/dhcpinfo 44 DOMAINNAME=/usr/bin/domainname 45 GREP=/usr/bin/grep 46 LDAPCLIENT=/usr/sbin/ldapclient 47 MKDIR=/usr/bin/mkdir 48 MV=/usr/bin/mv 49 NAWK=/usr/bin/nawk 50 NWAMADM=/usr/sbin/nwamadm 51 NWAMCFG=/usr/sbin/nwamcfg 52 RM=/usr/bin/rm 53 SED=/usr/bin/sed 54 SVCADM=/usr/sbin/svcadm 55 SVCCFG=/usr/sbin/svccfg 56 SVCPROP=/usr/bin/svcprop 57 TOUCH=/usr/bin/touch 58 59 # Path to directories 60 ETC_DEFAULT_DOMAIN=/etc/defaultdomain 61 NIS_BIND_PATH=/var/yp/binding 62 LEGACY_LOC_PATH=/etc/nwam/loc/Legacy 63 USER_LOC_PATH=/etc/nwam/loc/User 64 SCRIPT_PATH=/etc/svc/volatile/nwam 65 66 # 67 # echoes DHCP controlled interfaces separated by commas 68 # 69 # Don't parse the output of ifconfig(1M) because interfaces that haven't 70 # acquired a DHCP lease also have the DHCP flag set. 71 # 72 get_dhcp_interfaces () { 73 # 74 # 1. parse netstat(1M) output for v4 interfaces in BOUND 75 # or INFORMATION state 76 # 2. make a space-separated list of interface names 77 # 78 netstat -D -f inet | $NAWK ' 79 $2 ~ /BOUND/ { printf "%s ", $1 } 80 $2 ~ /INFORMATION/ { printf "%s ", $1 }' 81 } 82 83 # 84 # get_dhcpinfo <code/identifier> 85 # 86 # echoes the value received through each interface controlled by DHCP; 87 # multiple values are echoed as a space-separated list 88 # 89 # returns: 90 # 0 => property is set 91 # 1 => property is not set 92 # 93 get_dhcpinfo () { 94 code=$1 95 96 # Get all interfaces with DHCP control, IFS is " " 97 interfaces=`get_dhcp_interfaces` 98 99 info="" 100 for intf in $interfaces; do 101 val=`$DHCPINFO -i $intf $code` 102 if [ $? -eq 0 ]; then 103 if [ "$info" = "" ]; then 104 info="$val" 105 else 106 info="$info $val" 107 fi 108 fi 109 done 110 echo $info 111 } 112 113 # 114 # set_smf_prop <fmri> <property name> <property value> 115 # 116 set_smf_prop () { 117 $SVCCFG -s $1 setprop $2 = astring: "$3" && return 118 } 119 120 # 121 # refresh_svc <fmri> 122 # 123 # Refreshes the service. 124 # 125 refresh_svc () { 126 $SVCADM refresh $1 127 } 128 129 # 130 # restart_svc <fmri> 131 # 132 # Restarts the service. 133 # 134 restart_svc () { 135 $SVCADM restart $1 136 } 137 138 # 139 # start_svc <fmri> 140 # 141 # Starts the service. If the service is already enabled, restarts it. If 142 # it is not enabled, temporarily enables it. 143 # 144 start_svc () { 145 if service_is_enabled $1; then 146 $SVCADM restart $1 147 else 148 $SVCADM enable -t $1 149 fi 150 } 151 152 # 153 # stop_svc <fmri> 154 # 155 # Temporarily disables the service. 156 # 157 stop_svc () { 158 $SVCADM disable -t $1 159 } 160 161 # 162 # copy_default <dir> <file> 163 # 164 # Copies <dir>/<file>.dfl to <dir>/<file> 165 # 166 copy_default () { 167 $CP -p $1/$2.dfl $1/$2 168 } 169 170 # 171 # do_dns <location> 172 # 173 # Installs DNS information on /etc/resolv.conf for location 174 # 175 # Returns 0 on success, 1 on failure 176 # 177 do_dns () { 178 loc=$1 179 file=/etc/resolv.conf 180 181 # Write out to temporary file first 182 $TOUCH $file.$$ 183 184 DNS_CONFIGSRC=`nwam_get_loc_list_prop $loc dns-nameservice-configsrc` 185 if [ -z "$DNS_CONFIGSRC" ]; then 186 echo "missing 'dns-nameservice-configsrc' property for '$loc'" 187 return 1 188 fi 189 190 for configsrc in $DNS_CONFIGSRC; do 191 case "$configsrc" in 192 'manual') 193 DNS_SERVERS=`nwam_get_loc_list_prop $loc \ 194 dns-nameservice-servers` 195 if [ -z "$DNS_SERVERS" ]; then 196 echo "DNS nameserver not set for '$loc'" 197 return 1 198 fi 199 DNS_DOMAIN=`nwam_get_loc_prop $loc \ 200 dns-nameservice-domain` 201 DNS_SEARCH=`nwam_get_loc_list_prop $loc \ 202 dns-nameservice-search` 203 ;; 204 'dhcp') 205 DNS_SEARCH=`get_dhcpinfo DNSdmain` 206 DNS_SERVERS=`get_dhcpinfo DNSserv` 207 # Use first search list entry as default domain 208 set -- $DNS_SEARCH 209 DNS_DOMAIN=$1 210 ;; 211 '*') 212 echo "Unrecognized DNS configsrc ${configsrc}; ignoring" 213 ;; 214 esac 215 216 # Write DNS settings 217 if [ -n "$DNS_DOMAIN" ]; then 218 echo "$DNS_DOMAIN" | $NAWK \ 219 '{ for (i = 1; i <= NF; i++) \ 220 print "domain ", $i }' >> $file.$$ 221 fi 222 if [ -n "$DNS_SEARCH" ]; then 223 echo "$DNS_SEARCH" | $NAWK \ 224 '{ printf("search"); \ 225 for (i = 1; i <= NF; i++) printf(" %s", $i); \ 226 printf("\n") }' >> $file.$$ 227 fi 228 if [ -n "$DNS_SERVERS" ]; then 229 echo "$DNS_SERVERS" | $NAWK \ 230 '{ for (i = 1; i <= NF; i++) \ 231 print "nameserver ", $i }' >> $file.$$ 232 fi 233 done 234 235 # Finally, copy our working version to the real thing 236 $MV -f $file.$$ $file 237 start_svc $DNS_CLIENT_FMRI 238 239 return 0 240 } 241 242 # 243 # do_nis <location> 244 # 245 # Installs NIS information on /var/yp/binding/ for location 246 # 247 # Returns 0 on success, 1 on failure 248 # 249 do_nis () { 250 loc=$1 251 252 NIS_CONFIGSRC=`nwam_get_loc_list_prop $loc nis-nameservice-configsrc` 253 if [ -z "$NIS_CONFIGSRC" ]; then 254 echo "missing 'nis-nameservice-configsrc' property for '$loc'" 255 return 1 256 fi 257 258 for configsrc in $NIS_CONFIGSRC; do 259 case "$configsrc" in 260 'manual') 261 NIS_SERVERS=`nwam_get_loc_list_prop $loc \ 262 nis-nameservice-servers` 263 DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 264 # user-specified default-domain always wins 265 if [ -n "$DEFAULT_DOMAIN" ]; then 266 $DOMAINNAME $DEFAULT_DOMAIN 267 $DOMAINNAME > $ETC_DEFAULT_DOMAIN 268 else 269 echo "'domainname' not set for '$loc'" 270 return 1 271 fi 272 ;; 273 'dhcp') 274 # Use only the first name 275 DEFAULT_DOMAIN=`get_dhcpinfo NISdmain | \ 276 $NAWK '{ print $1 }'` 277 NIS_SERVERS=`get_dhcpinfo NISservs` 278 $DOMAINNAME $DEFAULT_DOMAIN 279 $DOMAINNAME > $ETC_DEFAULT_DOMAIN 280 ;; 281 '*') 282 echo "Unrecognized NIS configsrc ${configsrc}; ignoring" 283 ;; 284 esac 285 286 # Place NIS settings in appropriate directory/file. 287 if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then 288 $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN 289 fi 290 if [ -n "$NIS_SERVERS" ]; then 291 echo "$NIS_SERVERS" | $NAWK \ 292 '{ for (i = 1; i <= NF; i++) print $i }' \ 293 > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers 294 fi 295 done 296 297 start_svc $NIS_CLIENT_FMRI 298 299 return 0 300 } 301 302 # 303 # do_ldap <location> 304 # 305 # Installs LDAP information using ldapclient(1M) for location 306 # 307 # Returns 0 on success, 1 on failure 308 # 309 do_ldap () { 310 loc=$1 311 312 LDAP_CONFIGSRC=`nwam_get_loc_list_prop $loc ldap-nameservice-configsrc` 313 if [ -z "$LDAP_CONFIGSRC" ]; then 314 echo "missing 'ldap-nameservice-configsrc' property for '$loc'" 315 return 1 316 fi 317 318 for configsrc in $LDAP_CONFIGSRC; do 319 case "$configsrc" in 320 'manual') 321 LDAP_SERVERS=`nwam_get_loc_list_prop $loc \ 322 ldap-nameservice-servers` 323 DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 324 if [ -z $LDAP_SERVERS -o -z $DEFAULT_DOMAIN ]; then 325 echo "LDAP configuration could not be set "\ 326 "for '$loc'" 327 return 1 328 fi 329 $DOMAINNAME $DEFAULT_DOMAIN 330 $DOMAINNAME > $ETC_DEFAULT_DOMAIN 331 ;; 332 '*') 333 echo "Invalid LDAP configsrc ${configsrc}; ignoring" 334 ;; 335 esac 336 337 # Use ldapclient(1M) to initialize LDAP client settings. 338 if [ -n "$DEFAULT_DOMAIN" -o -n "$LDAP_SERVERS" ]; then 339 $LDAPCLIENT init -a domainName=$DEFAULT_DOMAIN \ 340 $LDAP_SERVERS 341 fi 342 done 343 344 start_svc $LDAP_CLIENT_FMRI 345 346 return 0 347 } 348 349 # 350 # do_ns <location> 351 # 352 # Installs different nameservices for location 353 # 354 # Returns 0 on success, 1 on failure 355 # 356 do_ns () { 357 loc=$1 358 359 # 360 # Disable nameservices temporarily while we reconfigure. Copy 361 # /etc/nsswitch.files to /etc/nsswitch.conf first so that only "files" 362 # are used. 363 # 364 $CP -p /etc/nsswitch.files /etc/nsswitch.conf 365 stop_svc $DNS_CLIENT_FMRI 366 stop_svc $NIS_CLIENT_FMRI 367 stop_svc $LDAP_CLIENT_FMRI 368 369 # 370 # Remove /etc/defaultdomain and unset domainname(1M). If NIS 371 # and/or LDAP is configured, they will create /etc/defaultdomain 372 # and set the domainname(1M). 373 # 374 $RM -f $ETC_DEFAULT_DOMAIN 375 $DOMAINNAME " " 376 377 NAMESERVICES=`nwam_get_loc_list_prop $loc nameservices` 378 if [ -z "$NAMESERVICES" ]; then 379 echo "missing 'nameservices' property for location '$loc'" 380 return 1 381 fi 382 383 NAMESERVICES_CONFIG_FILE=`nwam_get_loc_prop \ 384 $loc nameservices-config-file` 385 if [ -z "$NAMESERVICES_CONFIG_FILE" ]; then 386 echo "missing 'nameservices-config-file' property for '$loc'" 387 return 1 388 fi 389 $CP -p $NAMESERVICES_CONFIG_FILE /etc/nsswitch.conf 390 391 for ns in $NAMESERVICES; do 392 case "$ns" in 393 'files') 394 # no additional setup needed for files nameservice 395 ;; 396 'dns') 397 do_dns $loc || return 1 398 ;; 399 'nis') 400 do_nis $loc || return 1 401 ;; 402 'ldap') 403 do_ldap $loc || return 1 404 ;; 405 '*') 406 echo "Unrecognized nameservices value ${ns}; ignoring" 407 ;; 408 esac 409 done 410 411 # 412 # Restart other related services 413 # 414 # We explicitly restart here, as restart will only have an 415 # effect if the service is already enabled. We don't want 416 # to enable the service if it's currently disabled. 417 # 418 restart_svc $AUTOFS_FMRI 419 420 return 0 421 } 422 423 # 424 # do_sec <location> 425 # 426 # If config properties are set, update the SMF property and refresh the 427 # service. If config properties are not set, delete the SMF property and 428 # stop the service. 429 # 430 # Returns 0 on success, 1 on failure 431 # 432 do_sec () { 433 loc=$1 434 435 ike_file=`nwam_get_loc_prop $loc ike-config-file` 436 pol_file=`nwam_get_loc_prop $loc ipsecpolicy-config-file` 437 ipf_file=`nwam_get_loc_prop $loc ipfilter-config-file` 438 ipf6_file=`nwam_get_loc_prop $loc ipfilter-v6-config-file` 439 ipnat_file=`nwam_get_loc_prop $loc ipnat-config-file` 440 ippool_file=`nwam_get_loc_prop $loc ippool-config-file` 441 442 # IKE 443 if [ -n "$ike_file" ]; then 444 set_smf_prop $IPSEC_IKE_FMRI config/config_file $ike_file 445 refresh_svc $IPSEC_IKE_FMRI 446 start_svc $IPSEC_IKE_FMRI 447 else 448 stop_svc $IPSEC_IKE_FMRI 449 fi 450 451 # IPsec 452 if [ -n "$pol_file" ]; then 453 set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file 454 refresh_svc $IPSEC_POLICY_FMRI 455 start_svc $IPSEC_POLICY_FMRI 456 else 457 stop_svc $IPSEC_POLICY_FMRI 458 fi 459 460 # IPFilter 461 refresh_ipf=false 462 if [ -n "$ipf_file" ]; then 463 if [ "$ipf_file" = "/none" ]; then 464 set_smf_prop $IPFILTER_FMRI \ 465 firewall_config_default/policy "none" 466 elif [ "$ipf_file" = "/deny" ]; then 467 set_smf_prop $IPFILTER_FMRI \ 468 firewall_config_default/policy "deny" 469 elif [ "$ipf_file" = "/allow" ]; then 470 set_smf_prop $IPFILTER_FMRI \ 471 firewall_config_default/policy "allow" 472 else 473 # custom policy with policy file 474 set_smf_prop $IPFILTER_FMRI \ 475 firewall_config_default/policy "custom" 476 set_smf_prop $IPFILTER_FMRI \ 477 firewall_config_default/custom_policy_file $ipf_file 478 fi 479 refresh_ipf=true 480 else 481 # change policy to "none", no need to clear custom_policy_file 482 set_smf_prop $IPFILTER_FMRI firewall_config_default/policy \ 483 "none" 484 # IPFilter has to be refreshed to make the changes effective. 485 # Don't set $refresh_ipf as it keeps IPFilter online rather 486 # than disabled. Refresh after IPFilter is disabled below. 487 fi 488 if [ -n "$ipf6_file" ]; then 489 set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file 490 refresh_ipf=true 491 fi 492 if [ -n "$ipnat_file" ]; then 493 set_smf_prop $IPFILTER_FMRI config/ipnat_config_file $ipnat_file 494 refresh_ipf=true 495 fi 496 if [ -n "$ippool_file" ]; then 497 set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 498 $ippool_file 499 refresh_ipf=true 500 fi 501 502 if [ "$refresh_ipf" = "true" ]; then 503 refresh_svc $IPFILTER_FMRI 504 start_svc $IPFILTER_FMRI 505 else 506 stop_svc $IPFILTER_FMRI 507 refresh_svc $IPFILTER_FMRI 508 fi 509 510 return 0 511 } 512 513 # 514 # do_nfsv4 <location> 515 # 516 # Updates NFSv4 domain for location in SMF 517 # 518 # Returns 0 on success, 1 on failure 519 # 520 do_nfsv4 () { 521 loc=$1 522 523 nfsv4domain=`nwam_get_loc_prop $loc nfsv4-domain` 524 if [ $? -eq 0 ]; then 525 set_smf_prop $MAPID_FMRI \ 526 nfs-props/nfsmapid_domain $nfsv4domain 527 start_svc $MAPID_FMRI 528 else 529 stop_svc $MAPID_FMRI 530 fi 531 532 return 0 533 } 534 535 # 536 # activate_loc <location> 537 # 538 # Activates the given location 539 # 540 # Returns 0 on success, 1 on failure 541 # 542 activate_loc () { 543 loc=$1 544 545 echo activating $loc location 546 547 # 548 # if we fail to complete any part of the config, 549 # stop activation work and report failure. 550 # 551 do_sec $loc && do_ns $loc && do_nfsv4 $loc && return 0 552 return 1 553 } 554 555 # 556 # Script entry point 557 # 558 # Arguments to net-loc are 559 # method ('start' or 'refresh') 560 561 # 562 # If nwam is not enabled, do nothing and return OK. 563 # 564 service_is_enabled $NWAM_FMRI || exit $SMF_EXIT_OK 565 566 # 567 # In a shared-IP zone we need this service to be up, but all of the work 568 # it tries to do is irrelevant (and will actually lead to the service 569 # failing if we try to do it), so just bail out. 570 # In the global zone and exclusive-IP zones we proceed. 571 # 572 smf_configure_ip || exit $SMF_EXIT_OK 573 574 case "$1" in 575 576 'start') 577 # 578 # We need to create the default (NoNet and Automatic) 579 # locations, if they don't already exist. So: first check 580 # for the existence of each, and then run the appropriate 581 # nwamcfg script(s) as needed. Restart nwamd if a location is 582 # created, as it needs to read it in. 583 # 584 LOC_CREATED="false" 585 $NWAMCFG list loc Automatic >/dev/null 2>&1 586 if [ $? -eq 1 ]; then 587 $NWAMCFG -f /etc/nwam/loc/create_loc_auto 588 LOC_CREATED="true" 589 fi 590 591 $NWAMCFG list loc NoNet >/dev/null 2>&1 592 if [ $? -eq 1 ]; then 593 NONETPATH=/etc/nwam/loc/NoNet 594 NONETFILES="ipf.conf ipf6.conf" 595 for file in $NONETFILES; do 596 copy_default $NONETPATH $file 597 done 598 $NWAMCFG -f /etc/nwam/loc/create_loc_nonet 599 LOC_CREATED="true" 600 fi 601 602 if [ "$LOC_CREATED" = "true" ]; then 603 refresh_svc $NWAM_FMRI 604 fi 605 606 # location selection/activation happens below 607 ;; 608 609 'refresh') 610 611 # location selection/activation happens below 612 ;; 613 614 *) 615 echo "Usage: $0 start|refresh" 616 exit 1 617 ;; 618 619 esac 620 621 # 622 # If the Legacy location doesn't exist and the file to create the Legacy 623 # location exists, create the Legacy location. Make a copy of it as the user's 624 # intentions before upgrade. Then activate the User location if nis is 625 # involved. Because NIS affects more parts of the system (e.g. automounts) we 626 # are not willing to make NIS part of the Automatic location (i.e. enable it 627 # automatically based on external input) as we do with DHCP-driven DNS. 628 # 629 activate_user_loc=0 630 $NWAMCFG list loc Legacy >/dev/null 2>&1 631 if [ $? -eq 1 -a -f "$SCRIPT_PATH/create_loc_legacy" ]; then 632 # 633 # We built the script in and pointing to /etc/svc/volatile because we 634 # may not have a writable filesystem in net-nwam. So here we move the 635 # components and rewrite the script to point at the writable filesystem. 636 # 637 $CP -r $SCRIPT_PATH/Legacy /etc/nwam/loc 638 $MV $SCRIPT_PATH/create_loc_legacy $SCRIPT_PATH/vcreate_loc_legacy 639 $SED -e's,$SCRIPT_PATH/Legacy,$LEGACY_LOC_PATH,' \ 640 $SCRIPT_PATH/vcreate_loc_legacy >$SCRIPT_PATH/create_loc_legacy 641 $RM -f $SCRIPT_PATH/vcreate_loc_legacy 642 $NWAMCFG -f $SCRIPT_PATH/create_loc_legacy 643 loc_ver=`$SVCPROP -c -p location_upgrade/version $LOCATION_FMRI \ 644 2>/dev/null` 645 if [ $? -eq 1 ]; then 646 # 647 # We are rewriting configuration variables from the Legacy 648 # location to the User location. Use variable ULP to keep REs 649 # within a line. 650 # 651 ULP=$USER_LOC_PATH 652 $SED -e's,Legacy,User,' \ 653 -e's,activation-mode=system,activation-mode=manual,' \ 654 -e"s,\(ipfilter-config-file=\).*/\(.*\),\1$ULP/\2," \ 655 -e"s,\(ipfilter-v6-config-file=\).*/\(.*\),\1$ULP/\2," \ 656 -e"s,\(ipnat-config-file=\).*/\(.*\),\1$ULP/\2," \ 657 -e"s,\(ippool-config-file=\).*/\(.*\),\1$ULP/\2," \ 658 -e"s,\(ike-config-file=\).*/\(.*\),\1$ULP/\2," \ 659 -e"s,\(ipsecpolicy-config-file=\).*/\(.*\),\1$ULP/\2," \ 660 $SCRIPT_PATH/create_loc_legacy | \ 661 $SED -e's,/etc/nwam/loc/User/none,/none,' \ 662 -e's,/etc/nwam/loc/User/allow,/allow,' \ 663 -e's,/etc/nwam/loc/User/deny,/deny,' \ 664 >$SCRIPT_PATH/create_loc_user 665 # 666 # We are creating the User location here. The User location 667 # is an appromixation of the machine configuration when the 668 # user change or upgraded to this version of NWAM. First 669 # we make sure there isn't an existing User location or any 670 # existing User location data. We then copy all the data 671 # from the Legacy location and create a location pointing at 672 # that data. Lastly we create a version property to note 673 # that we have done this. 674 # 675 $NWAMCFG destroy loc User 2>/dev/null 676 $RM -rf $USER_LOC_PATH 677 $CP -r $LEGACY_LOC_PATH $USER_LOC_PATH 678 $RM -f $USER_LOC_PATH/resolv.conf 679 $NWAMCFG -f $SCRIPT_PATH/create_loc_user 680 # The User location is activated if 'nis' is in a non comment 681 # line of nsswitch.conf. 682 $GREP -v "^#" $USER_LOC_PATH/nsswitch.conf |\ 683 $SED -e 's/[^:]*://' | $GREP nis >/dev/null 2>&1 684 if [ $? -eq 0 ]; then 685 activate_user_loc=1 686 fi 687 $SVCCFG -s $SMF_FMRI addpg location_upgrade application \ 688 2>/dev/null 689 $SVCCFG -s $SMF_FMRI setprop location_upgrade/version = \ 690 astring: "1" 691 fi 692 fi 693 694 # 695 # Activate a location. If we've just finished upgrading, and 696 # the User location should be activated, do that (and use nwamadm 697 # to do so, so the enabled property gets set and nwamd knows this 698 # selection has been made). Otherwise, if our location/selected 699 # property has a value, we activate that location; else we activate 700 # the NoNet location as a default value. 701 # 702 if [ $activate_user_loc -eq 1 ]; then 703 $NWAMADM enable -p loc User 704 else 705 sel_loc=`$SVCPROP -c -p location/selected $SMF_FMRI 2>/dev/null` 706 if [ $? -eq 1 ]; then 707 # location hasn't been selected; default to NoNet 708 activate_loc NoNet 709 else 710 # 711 # If the selected location does not exist, or if we fail 712 # to activate it completely, we fall back to the NoNet 713 # location. Also poke nwamd, so it will check conditions 714 # for a better choice. 715 # 716 $NWAMCFG list loc $sel_loc >/dev/null 2>&1 717 if [ $? -eq 1 ]; then 718 echo "location '$sel_loc' doesn't exist" 719 activate_loc NoNet 720 refresh_svc $NWAM_FMRI 721 else 722 # activate selected location 723 if ! activate_loc $sel_loc; then 724 echo "failed to activate '$sel_loc'" 725 activate_loc NoNet 726 refresh_svc $NWAM_FMRI 727 fi 728 fi 729 fi 730 fi 731 732 exit $SMF_EXIT_OK