Print this page
XXX Remove nawk(1)
| Split |
Close |
| Expand all |
| Collapse all |
--- old/usr/src/cmd/svc/milestone/net-loc
+++ new/usr/src/cmd/svc/milestone/net-loc
1 1 #!/sbin/sh
2 2 #
3 3 # CDDL HEADER START
4 4 #
5 5 # The contents of this file are subject to the terms of the
6 6 # Common Development and Distribution License (the "License").
7 7 # You may not use this file except in compliance with the License.
8 8 #
9 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 10 # or http://www.opensolaris.org/os/licensing.
11 11 # See the License for the specific language governing permissions
12 12 # and limitations under the License.
13 13 #
14 14 # When distributing Covered Code, include this CDDL HEADER in each
15 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 16 # If applicable, add the following below this CDDL HEADER, with the
17 17 # fields enclosed by brackets "[]" replaced with your own identifying
18 18 # information: Portions Copyright [yyyy] [name of copyright owner]
19 19 #
20 20 # CDDL HEADER END
21 21 #
22 22 #
23 23 # Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved.
24 24 #
25 25
26 26 . /lib/svc/share/smf_include.sh
27 27 . /lib/svc/share/net_include.sh
28 28
29 29 # FMRI consts
30 30 AUTOFS_FMRI="svc:/system/filesystem/autofs"
31 31 DNS_CLIENT_FMRI="svc:/network/dns/client"
32 32 IPSEC_IKE_FMRI="svc:/network/ipsec/ike"
33 33 IPSEC_POLICY_FMRI="svc:/network/ipsec/policy"
34 34 IPFILTER_FMRI="svc:/network/ipfilter:default"
35 35 LDAP_CLIENT_FMRI="svc:/network/ldap/client"
36 36 LOCATION_FMRI="svc:/network/location:default"
37 37 MAPID_FMRI="svc:/network/nfs/mapid:default"
38 38 NIS_CLIENT_FMRI="svc:/network/nis/client"
|
↓ open down ↓ |
38 lines elided |
↑ open up ↑ |
39 39 NWAM_FMRI="svc:/network/physical:nwam"
40 40
41 41 # commands
42 42 CP=/usr/bin/cp
43 43 DHCPINFO=/sbin/dhcpinfo
44 44 DOMAINNAME=/usr/bin/domainname
45 45 GREP=/usr/bin/grep
46 46 LDAPCLIENT=/usr/sbin/ldapclient
47 47 MKDIR=/usr/bin/mkdir
48 48 MV=/usr/bin/mv
49 -NAWK=/usr/bin/nawk
49 +AWK=/usr/xpg4/bin/awk
50 50 NWAMADM=/usr/sbin/nwamadm
51 51 NWAMCFG=/usr/sbin/nwamcfg
52 52 RM=/usr/bin/rm
53 53 SED=/usr/bin/sed
54 54 SVCADM=/usr/sbin/svcadm
55 55 SVCCFG=/usr/sbin/svccfg
56 56 SVCPROP=/usr/bin/svcprop
57 57 TOUCH=/usr/bin/touch
58 58
59 59 # Path to directories
60 60 ETC_DEFAULT_DOMAIN=/etc/defaultdomain
61 61 NIS_BIND_PATH=/var/yp/binding
62 62 LEGACY_LOC_PATH=/etc/nwam/loc/Legacy
63 63 USER_LOC_PATH=/etc/nwam/loc/User
64 64 SCRIPT_PATH=/etc/svc/volatile/nwam
65 65
66 66 #
67 67 # echoes DHCP controlled interfaces separated by commas
|
↓ open down ↓ |
8 lines elided |
↑ open up ↑ |
68 68 #
69 69 # Don't parse the output of ifconfig(1M) because interfaces that haven't
70 70 # acquired a DHCP lease also have the DHCP flag set.
71 71 #
72 72 get_dhcp_interfaces () {
73 73 #
74 74 # 1. parse netstat(1M) output for v4 interfaces in BOUND
75 75 # or INFORMATION state
76 76 # 2. make a space-separated list of interface names
77 77 #
78 - netstat -D -f inet | $NAWK '
78 + netstat -D -f inet | $AWK '
79 79 $2 ~ /BOUND/ { printf "%s ", $1 }
80 80 $2 ~ /INFORMATION/ { printf "%s ", $1 }'
81 81 }
82 82
83 83 #
84 84 # get_dhcpinfo <code/identifier>
85 85 #
86 86 # echoes the value received through each interface controlled by DHCP;
87 87 # multiple values are echoed as a space-separated list
88 88 #
89 89 # returns:
90 90 # 0 => property is set
91 91 # 1 => property is not set
92 92 #
93 93 get_dhcpinfo () {
94 94 code=$1
95 95
96 96 # Get all interfaces with DHCP control, IFS is " "
97 97 interfaces=`get_dhcp_interfaces`
98 98
99 99 info=""
100 100 for intf in $interfaces; do
101 101 val=`$DHCPINFO -i $intf $code`
102 102 if [ $? -eq 0 ]; then
103 103 if [ "$info" = "" ]; then
104 104 info="$val"
105 105 else
106 106 info="$info $val"
107 107 fi
108 108 fi
109 109 done
110 110 echo $info
111 111 }
112 112
113 113 #
114 114 # set_smf_prop <fmri> <property name> <property value>
115 115 #
116 116 set_smf_prop () {
117 117 $SVCCFG -s $1 setprop $2 = astring: "$3" && return
118 118 }
119 119
120 120 #
121 121 # refresh_svc <fmri>
122 122 #
123 123 # Refreshes the service.
124 124 #
125 125 refresh_svc () {
126 126 $SVCADM refresh $1
127 127 }
128 128
129 129 #
130 130 # restart_svc <fmri>
131 131 #
132 132 # Restarts the service.
133 133 #
134 134 restart_svc () {
135 135 $SVCADM restart $1
136 136 }
137 137
138 138 #
139 139 # start_svc <fmri>
140 140 #
141 141 # Starts the service. If the service is already enabled, restarts it. If
142 142 # it is not enabled, temporarily enables it.
143 143 #
144 144 start_svc () {
145 145 if service_is_enabled $1; then
146 146 $SVCADM restart $1
147 147 else
148 148 $SVCADM enable -t $1
149 149 fi
150 150 }
151 151
152 152 #
153 153 # stop_svc <fmri>
154 154 #
155 155 # Temporarily disables the service.
156 156 #
157 157 stop_svc () {
158 158 $SVCADM disable -t $1
159 159 }
160 160
161 161 #
162 162 # copy_default <dir> <file>
163 163 #
164 164 # Copies <dir>/<file>.dfl to <dir>/<file>
165 165 #
166 166 copy_default () {
167 167 $CP -p $1/$2.dfl $1/$2
168 168 }
169 169
170 170 #
171 171 # do_dns <location>
172 172 #
173 173 # Installs DNS information on /etc/resolv.conf for location
174 174 #
175 175 # Returns 0 on success, 1 on failure
176 176 #
177 177 do_dns () {
178 178 loc=$1
179 179 file=/etc/resolv.conf
180 180
181 181 # Write out to temporary file first
182 182 $TOUCH $file.$$
183 183
184 184 DNS_CONFIGSRC=`nwam_get_loc_list_prop $loc dns-nameservice-configsrc`
185 185 if [ -z "$DNS_CONFIGSRC" ]; then
186 186 echo "missing 'dns-nameservice-configsrc' property for '$loc'"
187 187 return 1
188 188 fi
189 189
190 190 for configsrc in $DNS_CONFIGSRC; do
191 191 case "$configsrc" in
192 192 'manual')
193 193 DNS_SERVERS=`nwam_get_loc_list_prop $loc \
194 194 dns-nameservice-servers`
195 195 if [ -z "$DNS_SERVERS" ]; then
196 196 echo "DNS nameserver not set for '$loc'"
197 197 return 1
198 198 fi
199 199 DNS_DOMAIN=`nwam_get_loc_prop $loc \
200 200 dns-nameservice-domain`
201 201 DNS_SEARCH=`nwam_get_loc_list_prop $loc \
202 202 dns-nameservice-search`
203 203 ;;
204 204 'dhcp')
205 205 DNS_SEARCH=`get_dhcpinfo DNSdmain`
206 206 DNS_SERVERS=`get_dhcpinfo DNSserv`
207 207 # Use first search list entry as default domain
|
↓ open down ↓ |
119 lines elided |
↑ open up ↑ |
208 208 set -- $DNS_SEARCH
209 209 DNS_DOMAIN=$1
210 210 ;;
211 211 '*')
212 212 echo "Unrecognized DNS configsrc ${configsrc}; ignoring"
213 213 ;;
214 214 esac
215 215
216 216 # Write DNS settings
217 217 if [ -n "$DNS_DOMAIN" ]; then
218 - echo "$DNS_DOMAIN" | $NAWK \
218 + echo "$DNS_DOMAIN" | $AWK \
219 219 '{ for (i = 1; i <= NF; i++) \
220 220 print "domain ", $i }' >> $file.$$
221 221 fi
222 222 if [ -n "$DNS_SEARCH" ]; then
223 - echo "$DNS_SEARCH" | $NAWK \
223 + echo "$DNS_SEARCH" | $AWK \
224 224 '{ printf("search"); \
225 225 for (i = 1; i <= NF; i++) printf(" %s", $i); \
226 226 printf("\n") }' >> $file.$$
227 227 fi
228 228 if [ -n "$DNS_SERVERS" ]; then
229 - echo "$DNS_SERVERS" | $NAWK \
229 + echo "$DNS_SERVERS" | $AWK \
230 230 '{ for (i = 1; i <= NF; i++) \
231 231 print "nameserver ", $i }' >> $file.$$
232 232 fi
233 233 done
234 234
235 235 # Finally, copy our working version to the real thing
236 236 $MV -f $file.$$ $file
237 237 start_svc $DNS_CLIENT_FMRI
238 238
239 239 return 0
240 240 }
241 241
242 242 #
243 243 # do_nis <location>
244 244 #
245 245 # Installs NIS information on /var/yp/binding/ for location
246 246 #
247 247 # Returns 0 on success, 1 on failure
248 248 #
249 249 do_nis () {
250 250 loc=$1
251 251
252 252 NIS_CONFIGSRC=`nwam_get_loc_list_prop $loc nis-nameservice-configsrc`
253 253 if [ -z "$NIS_CONFIGSRC" ]; then
254 254 echo "missing 'nis-nameservice-configsrc' property for '$loc'"
255 255 return 1
256 256 fi
257 257
258 258 for configsrc in $NIS_CONFIGSRC; do
259 259 case "$configsrc" in
260 260 'manual')
261 261 NIS_SERVERS=`nwam_get_loc_list_prop $loc \
262 262 nis-nameservice-servers`
263 263 DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain`
264 264 # user-specified default-domain always wins
265 265 if [ -n "$DEFAULT_DOMAIN" ]; then
|
↓ open down ↓ |
26 lines elided |
↑ open up ↑ |
266 266 $DOMAINNAME $DEFAULT_DOMAIN
267 267 $DOMAINNAME > $ETC_DEFAULT_DOMAIN
268 268 else
269 269 echo "'domainname' not set for '$loc'"
270 270 return 1
271 271 fi
272 272 ;;
273 273 'dhcp')
274 274 # Use only the first name
275 275 DEFAULT_DOMAIN=`get_dhcpinfo NISdmain | \
276 - $NAWK '{ print $1 }'`
276 + $AWK '{ print $1 }'`
277 277 NIS_SERVERS=`get_dhcpinfo NISservs`
278 278 $DOMAINNAME $DEFAULT_DOMAIN
279 279 $DOMAINNAME > $ETC_DEFAULT_DOMAIN
280 280 ;;
281 281 '*')
282 282 echo "Unrecognized NIS configsrc ${configsrc}; ignoring"
283 283 ;;
284 284 esac
285 285
286 286 # Place NIS settings in appropriate directory/file.
287 287 if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then
288 288 $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN
289 289 fi
290 290 if [ -n "$NIS_SERVERS" ]; then
291 - echo "$NIS_SERVERS" | $NAWK \
291 + echo "$NIS_SERVERS" | $AWK \
292 292 '{ for (i = 1; i <= NF; i++) print $i }' \
293 293 > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers
294 294 fi
295 295 done
296 296
297 297 start_svc $NIS_CLIENT_FMRI
298 298
299 299 return 0
300 300 }
301 301
302 302 #
303 303 # do_ldap <location>
304 304 #
305 305 # Installs LDAP information using ldapclient(1M) for location
306 306 #
307 307 # Returns 0 on success, 1 on failure
308 308 #
309 309 do_ldap () {
310 310 loc=$1
311 311
312 312 LDAP_CONFIGSRC=`nwam_get_loc_list_prop $loc ldap-nameservice-configsrc`
313 313 if [ -z "$LDAP_CONFIGSRC" ]; then
314 314 echo "missing 'ldap-nameservice-configsrc' property for '$loc'"
315 315 return 1
316 316 fi
317 317
318 318 for configsrc in $LDAP_CONFIGSRC; do
319 319 case "$configsrc" in
320 320 'manual')
321 321 LDAP_SERVERS=`nwam_get_loc_list_prop $loc \
322 322 ldap-nameservice-servers`
323 323 DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain`
324 324 if [ -z $LDAP_SERVERS -o -z $DEFAULT_DOMAIN ]; then
325 325 echo "LDAP configuration could not be set "\
326 326 "for '$loc'"
327 327 return 1
328 328 fi
329 329 $DOMAINNAME $DEFAULT_DOMAIN
330 330 $DOMAINNAME > $ETC_DEFAULT_DOMAIN
331 331 ;;
332 332 '*')
333 333 echo "Invalid LDAP configsrc ${configsrc}; ignoring"
334 334 ;;
335 335 esac
336 336
337 337 # Use ldapclient(1M) to initialize LDAP client settings.
338 338 if [ -n "$DEFAULT_DOMAIN" -o -n "$LDAP_SERVERS" ]; then
339 339 $LDAPCLIENT init -a domainName=$DEFAULT_DOMAIN \
340 340 $LDAP_SERVERS
341 341 fi
342 342 done
343 343
344 344 start_svc $LDAP_CLIENT_FMRI
345 345
346 346 return 0
347 347 }
348 348
349 349 #
350 350 # do_ns <location>
351 351 #
352 352 # Installs different nameservices for location
353 353 #
354 354 # Returns 0 on success, 1 on failure
355 355 #
356 356 do_ns () {
357 357 loc=$1
358 358
359 359 #
360 360 # Disable nameservices temporarily while we reconfigure. Copy
361 361 # /etc/nsswitch.files to /etc/nsswitch.conf first so that only "files"
362 362 # are used.
363 363 #
364 364 $CP -p /etc/nsswitch.files /etc/nsswitch.conf
365 365 stop_svc $DNS_CLIENT_FMRI
366 366 stop_svc $NIS_CLIENT_FMRI
367 367 stop_svc $LDAP_CLIENT_FMRI
368 368
369 369 #
370 370 # Remove /etc/defaultdomain and unset domainname(1M). If NIS
371 371 # and/or LDAP is configured, they will create /etc/defaultdomain
372 372 # and set the domainname(1M).
373 373 #
374 374 $RM -f $ETC_DEFAULT_DOMAIN
375 375 $DOMAINNAME " "
376 376
377 377 NAMESERVICES=`nwam_get_loc_list_prop $loc nameservices`
378 378 if [ -z "$NAMESERVICES" ]; then
379 379 echo "missing 'nameservices' property for location '$loc'"
380 380 return 1
381 381 fi
382 382
383 383 NAMESERVICES_CONFIG_FILE=`nwam_get_loc_prop \
384 384 $loc nameservices-config-file`
385 385 if [ -z "$NAMESERVICES_CONFIG_FILE" ]; then
386 386 echo "missing 'nameservices-config-file' property for '$loc'"
387 387 return 1
388 388 fi
389 389 $CP -p $NAMESERVICES_CONFIG_FILE /etc/nsswitch.conf
390 390
391 391 for ns in $NAMESERVICES; do
392 392 case "$ns" in
393 393 'files')
394 394 # no additional setup needed for files nameservice
395 395 ;;
396 396 'dns')
397 397 do_dns $loc || return 1
398 398 ;;
399 399 'nis')
400 400 do_nis $loc || return 1
401 401 ;;
402 402 'ldap')
403 403 do_ldap $loc || return 1
404 404 ;;
405 405 '*')
406 406 echo "Unrecognized nameservices value ${ns}; ignoring"
407 407 ;;
408 408 esac
409 409 done
410 410
411 411 #
412 412 # Restart other related services
413 413 #
414 414 # We explicitly restart here, as restart will only have an
415 415 # effect if the service is already enabled. We don't want
416 416 # to enable the service if it's currently disabled.
417 417 #
418 418 restart_svc $AUTOFS_FMRI
419 419
420 420 return 0
421 421 }
422 422
423 423 #
424 424 # do_sec <location>
425 425 #
426 426 # If config properties are set, update the SMF property and refresh the
427 427 # service. If config properties are not set, delete the SMF property and
428 428 # stop the service.
429 429 #
430 430 # Returns 0 on success, 1 on failure
431 431 #
432 432 do_sec () {
433 433 loc=$1
434 434
435 435 ike_file=`nwam_get_loc_prop $loc ike-config-file`
436 436 pol_file=`nwam_get_loc_prop $loc ipsecpolicy-config-file`
437 437 ipf_file=`nwam_get_loc_prop $loc ipfilter-config-file`
438 438 ipf6_file=`nwam_get_loc_prop $loc ipfilter-v6-config-file`
439 439 ipnat_file=`nwam_get_loc_prop $loc ipnat-config-file`
440 440 ippool_file=`nwam_get_loc_prop $loc ippool-config-file`
441 441
442 442 # IKE
443 443 if [ -n "$ike_file" ]; then
444 444 set_smf_prop $IPSEC_IKE_FMRI config/config_file $ike_file
445 445 refresh_svc $IPSEC_IKE_FMRI
446 446 start_svc $IPSEC_IKE_FMRI
447 447 else
448 448 stop_svc $IPSEC_IKE_FMRI
449 449 fi
450 450
451 451 # IPsec
452 452 if [ -n "$pol_file" ]; then
453 453 set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file
454 454 refresh_svc $IPSEC_POLICY_FMRI
455 455 start_svc $IPSEC_POLICY_FMRI
456 456 else
457 457 stop_svc $IPSEC_POLICY_FMRI
458 458 fi
459 459
460 460 # IPFilter
461 461 refresh_ipf=false
462 462 if [ -n "$ipf_file" ]; then
463 463 if [ "$ipf_file" = "/none" ]; then
464 464 set_smf_prop $IPFILTER_FMRI \
465 465 firewall_config_default/policy "none"
466 466 elif [ "$ipf_file" = "/deny" ]; then
467 467 set_smf_prop $IPFILTER_FMRI \
468 468 firewall_config_default/policy "deny"
469 469 elif [ "$ipf_file" = "/allow" ]; then
470 470 set_smf_prop $IPFILTER_FMRI \
471 471 firewall_config_default/policy "allow"
472 472 else
473 473 # custom policy with policy file
474 474 set_smf_prop $IPFILTER_FMRI \
475 475 firewall_config_default/policy "custom"
476 476 set_smf_prop $IPFILTER_FMRI \
477 477 firewall_config_default/custom_policy_file $ipf_file
478 478 fi
479 479 refresh_ipf=true
480 480 else
481 481 # change policy to "none", no need to clear custom_policy_file
482 482 set_smf_prop $IPFILTER_FMRI firewall_config_default/policy \
483 483 "none"
484 484 # IPFilter has to be refreshed to make the changes effective.
485 485 # Don't set $refresh_ipf as it keeps IPFilter online rather
486 486 # than disabled. Refresh after IPFilter is disabled below.
487 487 fi
488 488 if [ -n "$ipf6_file" ]; then
489 489 set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file
490 490 refresh_ipf=true
491 491 fi
492 492 if [ -n "$ipnat_file" ]; then
493 493 set_smf_prop $IPFILTER_FMRI config/ipnat_config_file $ipnat_file
494 494 refresh_ipf=true
495 495 fi
496 496 if [ -n "$ippool_file" ]; then
497 497 set_smf_prop $IPFILTER_FMRI config/ippool_config_file \
498 498 $ippool_file
499 499 refresh_ipf=true
500 500 fi
501 501
502 502 if [ "$refresh_ipf" = "true" ]; then
503 503 refresh_svc $IPFILTER_FMRI
504 504 start_svc $IPFILTER_FMRI
505 505 else
506 506 stop_svc $IPFILTER_FMRI
507 507 refresh_svc $IPFILTER_FMRI
508 508 fi
509 509
510 510 return 0
511 511 }
512 512
513 513 #
514 514 # do_nfsv4 <location>
515 515 #
516 516 # Updates NFSv4 domain for location in SMF
517 517 #
518 518 # Returns 0 on success, 1 on failure
519 519 #
520 520 do_nfsv4 () {
521 521 loc=$1
522 522
523 523 nfsv4domain=`nwam_get_loc_prop $loc nfsv4-domain`
524 524 if [ $? -eq 0 ]; then
525 525 set_smf_prop $MAPID_FMRI \
526 526 nfs-props/nfsmapid_domain $nfsv4domain
527 527 start_svc $MAPID_FMRI
528 528 else
529 529 stop_svc $MAPID_FMRI
530 530 fi
531 531
532 532 return 0
533 533 }
534 534
535 535 #
536 536 # activate_loc <location>
537 537 #
538 538 # Activates the given location
539 539 #
540 540 # Returns 0 on success, 1 on failure
541 541 #
542 542 activate_loc () {
543 543 loc=$1
544 544
545 545 echo activating $loc location
546 546
547 547 #
548 548 # if we fail to complete any part of the config,
549 549 # stop activation work and report failure.
550 550 #
551 551 do_sec $loc && do_ns $loc && do_nfsv4 $loc && return 0
552 552 return 1
553 553 }
554 554
555 555 #
556 556 # Script entry point
557 557 #
558 558 # Arguments to net-loc are
559 559 # method ('start' or 'refresh')
560 560
561 561 #
562 562 # If nwam is not enabled, do nothing and return OK.
563 563 #
564 564 service_is_enabled $NWAM_FMRI || exit $SMF_EXIT_OK
565 565
566 566 #
567 567 # In a shared-IP zone we need this service to be up, but all of the work
568 568 # it tries to do is irrelevant (and will actually lead to the service
569 569 # failing if we try to do it), so just bail out.
570 570 # In the global zone and exclusive-IP zones we proceed.
571 571 #
572 572 smf_configure_ip || exit $SMF_EXIT_OK
573 573
574 574 case "$1" in
575 575
576 576 'start')
577 577 #
578 578 # We need to create the default (NoNet and Automatic)
579 579 # locations, if they don't already exist. So: first check
580 580 # for the existence of each, and then run the appropriate
581 581 # nwamcfg script(s) as needed. Restart nwamd if a location is
582 582 # created, as it needs to read it in.
583 583 #
584 584 LOC_CREATED="false"
585 585 $NWAMCFG list loc Automatic >/dev/null 2>&1
586 586 if [ $? -eq 1 ]; then
587 587 $NWAMCFG -f /etc/nwam/loc/create_loc_auto
588 588 LOC_CREATED="true"
589 589 fi
590 590
591 591 $NWAMCFG list loc NoNet >/dev/null 2>&1
592 592 if [ $? -eq 1 ]; then
593 593 NONETPATH=/etc/nwam/loc/NoNet
594 594 NONETFILES="ipf.conf ipf6.conf"
595 595 for file in $NONETFILES; do
596 596 copy_default $NONETPATH $file
597 597 done
598 598 $NWAMCFG -f /etc/nwam/loc/create_loc_nonet
599 599 LOC_CREATED="true"
600 600 fi
601 601
602 602 if [ "$LOC_CREATED" = "true" ]; then
603 603 refresh_svc $NWAM_FMRI
604 604 fi
605 605
606 606 # location selection/activation happens below
607 607 ;;
608 608
609 609 'refresh')
610 610
611 611 # location selection/activation happens below
612 612 ;;
613 613
614 614 *)
615 615 echo "Usage: $0 start|refresh"
616 616 exit 1
617 617 ;;
618 618
619 619 esac
620 620
621 621 #
622 622 # If the Legacy location doesn't exist and the file to create the Legacy
623 623 # location exists, create the Legacy location. Make a copy of it as the user's
624 624 # intentions before upgrade. Then activate the User location if nis is
625 625 # involved. Because NIS affects more parts of the system (e.g. automounts) we
626 626 # are not willing to make NIS part of the Automatic location (i.e. enable it
627 627 # automatically based on external input) as we do with DHCP-driven DNS.
628 628 #
629 629 activate_user_loc=0
630 630 $NWAMCFG list loc Legacy >/dev/null 2>&1
631 631 if [ $? -eq 1 -a -f "$SCRIPT_PATH/create_loc_legacy" ]; then
632 632 #
633 633 # We built the script in and pointing to /etc/svc/volatile because we
634 634 # may not have a writable filesystem in net-nwam. So here we move the
635 635 # components and rewrite the script to point at the writable filesystem.
636 636 #
637 637 $CP -r $SCRIPT_PATH/Legacy /etc/nwam/loc
638 638 $MV $SCRIPT_PATH/create_loc_legacy $SCRIPT_PATH/vcreate_loc_legacy
639 639 $SED -e's,$SCRIPT_PATH/Legacy,$LEGACY_LOC_PATH,' \
640 640 $SCRIPT_PATH/vcreate_loc_legacy >$SCRIPT_PATH/create_loc_legacy
641 641 $RM -f $SCRIPT_PATH/vcreate_loc_legacy
642 642 $NWAMCFG -f $SCRIPT_PATH/create_loc_legacy
643 643 loc_ver=`$SVCPROP -c -p location_upgrade/version $LOCATION_FMRI \
644 644 2>/dev/null`
645 645 if [ $? -eq 1 ]; then
646 646 #
647 647 # We are rewriting configuration variables from the Legacy
648 648 # location to the User location. Use variable ULP to keep REs
649 649 # within a line.
650 650 #
651 651 ULP=$USER_LOC_PATH
652 652 $SED -e's,Legacy,User,' \
653 653 -e's,activation-mode=system,activation-mode=manual,' \
654 654 -e"s,\(ipfilter-config-file=\).*/\(.*\),\1$ULP/\2," \
655 655 -e"s,\(ipfilter-v6-config-file=\).*/\(.*\),\1$ULP/\2," \
656 656 -e"s,\(ipnat-config-file=\).*/\(.*\),\1$ULP/\2," \
657 657 -e"s,\(ippool-config-file=\).*/\(.*\),\1$ULP/\2," \
658 658 -e"s,\(ike-config-file=\).*/\(.*\),\1$ULP/\2," \
659 659 -e"s,\(ipsecpolicy-config-file=\).*/\(.*\),\1$ULP/\2," \
660 660 $SCRIPT_PATH/create_loc_legacy | \
661 661 $SED -e's,/etc/nwam/loc/User/none,/none,' \
662 662 -e's,/etc/nwam/loc/User/allow,/allow,' \
663 663 -e's,/etc/nwam/loc/User/deny,/deny,' \
664 664 >$SCRIPT_PATH/create_loc_user
665 665 #
666 666 # We are creating the User location here. The User location
667 667 # is an appromixation of the machine configuration when the
668 668 # user change or upgraded to this version of NWAM. First
669 669 # we make sure there isn't an existing User location or any
670 670 # existing User location data. We then copy all the data
671 671 # from the Legacy location and create a location pointing at
672 672 # that data. Lastly we create a version property to note
673 673 # that we have done this.
674 674 #
675 675 $NWAMCFG destroy loc User 2>/dev/null
676 676 $RM -rf $USER_LOC_PATH
677 677 $CP -r $LEGACY_LOC_PATH $USER_LOC_PATH
678 678 $RM -f $USER_LOC_PATH/resolv.conf
679 679 $NWAMCFG -f $SCRIPT_PATH/create_loc_user
680 680 # The User location is activated if 'nis' is in a non comment
681 681 # line of nsswitch.conf.
682 682 $GREP -v "^#" $USER_LOC_PATH/nsswitch.conf |\
683 683 $SED -e 's/[^:]*://' | $GREP nis >/dev/null 2>&1
684 684 if [ $? -eq 0 ]; then
685 685 activate_user_loc=1
686 686 fi
687 687 $SVCCFG -s $SMF_FMRI addpg location_upgrade application \
688 688 2>/dev/null
689 689 $SVCCFG -s $SMF_FMRI setprop location_upgrade/version = \
690 690 astring: "1"
691 691 fi
692 692 fi
693 693
694 694 #
695 695 # Activate a location. If we've just finished upgrading, and
696 696 # the User location should be activated, do that (and use nwamadm
697 697 # to do so, so the enabled property gets set and nwamd knows this
698 698 # selection has been made). Otherwise, if our location/selected
699 699 # property has a value, we activate that location; else we activate
700 700 # the NoNet location as a default value.
701 701 #
702 702 if [ $activate_user_loc -eq 1 ]; then
703 703 $NWAMADM enable -p loc User
704 704 else
705 705 sel_loc=`$SVCPROP -c -p location/selected $SMF_FMRI 2>/dev/null`
706 706 if [ $? -eq 1 ]; then
707 707 # location hasn't been selected; default to NoNet
708 708 activate_loc NoNet
709 709 else
710 710 #
711 711 # If the selected location does not exist, or if we fail
712 712 # to activate it completely, we fall back to the NoNet
713 713 # location. Also poke nwamd, so it will check conditions
714 714 # for a better choice.
715 715 #
716 716 $NWAMCFG list loc $sel_loc >/dev/null 2>&1
717 717 if [ $? -eq 1 ]; then
718 718 echo "location '$sel_loc' doesn't exist"
719 719 activate_loc NoNet
720 720 refresh_svc $NWAM_FMRI
721 721 else
722 722 # activate selected location
723 723 if ! activate_loc $sel_loc; then
724 724 echo "failed to activate '$sel_loc'"
725 725 activate_loc NoNet
726 726 refresh_svc $NWAM_FMRI
727 727 fi
728 728 fi
729 729 fi
730 730 fi
731 731
732 732 exit $SMF_EXIT_OK
|
↓ open down ↓ |
431 lines elided |
↑ open up ↑ |
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX