Print this page
XXX Remove nawk(1)


  40 #
  41 # Default *.conf files
  42 # Set appropriate config SMF property to these files when NWAM is stopped
  43 # and corresponding config properties in the Legacy location are emtpy
  44 #
  45 IPF6_DEFAULT_CONFIG_FILE=/etc/ipf/ipf6.conf
  46 IPNAT_DEFAULT_CONFIG_FILE=/etc/ipf/ipnat.conf
  47 IPPOOL_DEFAULT_CONFIG_FILE=/etc/ipf/ippool.conf
  48 IPSEC_IKE_DEFAULT_CONFIG_FILE=/etc/inet/ike/config
  49 IPSEC_POLICY_DEFAULT_CONFIG_FILE=/etc/inet/ipsecinit.conf
  50 
  51 # commands
  52 BASENAME=/usr/bin/basename
  53 CAT=/usr/bin/cat
  54 CP=/usr/bin/cp
  55 DOMAINNAME=/usr/bin/domainname
  56 GREP=/usr/bin/grep
  57 LDAPCLIENT=/usr/sbin/ldapclient
  58 MKDIR=/usr/bin/mkdir
  59 MKFIFO=/usr/bin/mkfifo
  60 NAWK=/usr/bin/nawk
  61 NWAMCFG=/usr/sbin/nwamcfg
  62 RM=/usr/bin/rm
  63 SVCADM=/usr/sbin/svcadm
  64 SVCCFG=/usr/sbin/svccfg
  65 SVCPROP=/usr/bin/svcprop
  66 
  67 # Path to directories
  68 # We don't have a writable file system so we write to /etc/svc/volatile and
  69 # then later copy anything interesting to /etc/nwam.
  70 VOL_NWAM_PATH=/etc/svc/volatile/nwam
  71 VOL_LEGACY_PATH=$VOL_NWAM_PATH/Legacy
  72 PERM_LEGACY_PATH=/etc/nwam/loc/Legacy
  73 NIS_BIND_PATH=/var/yp/binding
  74 
  75 #
  76 # copy_to_legacy_loc <file>
  77 #
  78 # Copies the file to the Legacy location directory
  79 # (in /etc/svc/volatile/nwam/Legacy)
  80 #


 157         DNS_NAMESERVICE_SERVERS=""
 158         DNS_NAMESERVICE_SEARCH=""
 159         NIS_NAMESERVICE_CONFIGSRC=""
 160         NIS_NAMESERVICE_SERVERS=""
 161         LDAP_NAMESERVICE_CONFIGSRC=""
 162         LDAP_NAMESERVICE_SERVERS=""
 163         DEFAULT_DOMAIN=""
 164 
 165         # Copy /etc/nsswitch.conf file
 166         copy_to_legacy_loc /etc/nsswitch.conf
 167         NAMESERVICES_CONFIG_FILE="$VOL_LEGACY_PATH/nsswitch.conf"
 168         
 169         # Gather DNS info from resolv.conf if present.
 170         if [ -f /etc/resolv.conf ]; then
 171                 NAMESERVICES="dns,"
 172                 $GREP -i "added by dhcp" /etc/nsswitch.conf >/dev/null
 173                 if [ $? -eq 0 ]; then
 174                         DNS_NAMESERVICE_CONFIGSRC="dhcp"
 175                 else
 176                         DNS_NAMESERVICE_CONFIGSRC="manual"
 177                         DNS_NAMESERVICE_DOMAIN=`$NAWK '$1 == "domain" {\
 178                             print $2 }' < /etc/resolv.conf`
 179                         DNS_NAMESERVICE_SERVERS=`$NAWK '$1 == "nameserver" \
 180                             { printf "%s,", $2 }' < /etc/resolv.conf`
 181                         DNS_NAMESERVICE_SEARCH=`$NAWK '$1 == "search" \
 182                             { printf "%s,", $2 }' < /etc/resolv.conf`
 183                         copy_to_legacy_loc /etc/resolv.conf
 184                 fi
 185         fi
 186 
 187         # Gather NIS info from appropriate file if present.
 188         if service_is_enabled $NIS_CLIENT_FMRI; then
 189                 NAMESERVICES="${NAMESERVICES}nis,"
 190                 NIS_NAMESERVICE_CONFIGSRC="manual"
 191                 DEFAULT_DOMAIN=`$CAT /etc/defaultdomain`
 192 
 193                 yp_servers=`$NAWK '{ printf "%s ", $1 }' \
 194                     < $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers`
 195                 for serv in $yp_servers; do
 196                         if is_valid_addr $serv; then
 197                                 addr="$serv,"
 198                         else
 199                                 addr=`$GREP -iw $serv /etc/inet/hosts | \
 200                                     $NAWK '{ printf "%s,", $1 }'`
 201                         fi
 202                         NIS_NAMESERVICE_SERVERS="${NIS_NAMESERVICE_SERVERS}$addr"
 203                 done
 204         fi
 205 
 206         # Gather LDAP info via ldapclient(1M).
 207         if [ -f /var/ldap/ldap_client_file ]; then
 208                 copy_to_legacy /var/ldap/ldap_client_file
 209                 NAMESERVICES="${NAMESERVICES}ldap,"
 210                 LDAP_NAMESERVICE_CONFIGSRC="manual"
 211                 LDAP_NAMESERVICE_SERVERS=`$LDAPCLIENT list 2>/dev/null | \
 212                     $NAWK '$1 == "preferredServerList:" { print $2 }'`
 213                 DEFAULT_DOMAIN=`$CAT /etc/defaultdomain`
 214         fi
 215 
 216         # Now, write nwamcfg commands for nameservices
 217         write_loc_prop "nameservices" $NAMESERVICES $CREATE_LOC_LEGACY_FILE
 218         write_loc_prop "nameservices-config-file" $NAMESERVICES_CONFIG_FILE \
 219             $CREATE_LOC_LEGACY_FILE
 220         write_loc_prop "dns-nameservice-configsrc" $DNS_NAMESERVICE_CONFIGSRC \
 221             $CREATE_LOC_LEGACY_FILE
 222         write_loc_prop "dns-nameservice-domain" $DNS_NAMESERVICE_DOMAIN \
 223             $CREATE_LOC_LEGACY_FILE
 224         write_loc_prop "dns-nameservice-servers" $DNS_NAMESERVICE_SERVERS \
 225             $CREATE_LOC_LEGACY_FILE
 226         write_loc_prop "dns-nameservice-search" $DNS_NAMESERVICE_SEARCH \
 227             $CREATE_LOC_LEGACY_FILE
 228         write_loc_prop "nis-nameservice-configsrc" $NIS_NAMESERVICE_CONFIGSRC \
 229             $CREATE_LOC_LEGACY_FILE
 230         write_loc_prop "nis-nameservice-servers" $NIS_NAMESERVICE_SERVERS \
 231             $CREATE_LOC_LEGACY_FILE
 232         write_loc_prop "ldap-nameservice-configsrc" $LDAP_NAMESERVICE_CONFIGSRC\


 348         if [ -f "$PERM_LEGACY_PATH/resolv.conf" ]; then
 349                 copy_from_legacy_loc /etc/resolv.conf
 350                 $SVCADM enable dns/client
 351         fi
 352 
 353         # set /etc/defaultdomain and domainname(1M)
 354         DEFAULT_DOMAIN=`nwam_get_loc_prop Legacy default-domain`
 355         if [ -n "$DEFAULT_DOMAIN" ]; then
 356                 $DOMAINNAME $DEFAULT_DOMAIN
 357                 $DOMAINNAME > /etc/defaultdomain
 358         fi
 359 
 360         # NIS - directory and ypserver in /var/yp/binding/
 361         NIS_CONFIGSRC=`nwam_get_loc_prop Legacy nis-nameservice-configsrc`
 362         NIS_SERVERS=`nwam_get_loc_prop Legacy nis-nameservice-servers`
 363         if [ -n "$NIS_CONFIGSRC" ]; then
 364                 if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then
 365                         $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN
 366                 fi
 367                 if [ -n "$NIS_SERVERS" ]; then
 368                         echo "$NIS_SERVERS" | $NAWK \
 369                             'FS="," { for (i = 1; i <= NF; i++) print $i }' \
 370                             > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers
 371                 fi
 372                 $SVCADM enable nis/client
 373         fi
 374 
 375         # LDAP - copy ldap_client_file to /var/ldap/ldap_client_file
 376         if [ -f "$PERM_LEGACY_PATH/ldap_client_file" ]; then
 377                 copy_from_legacy_loc /var/ldap/ldap_client_file
 378                 $SVCADM enable ldap/client
 379         fi
 380 
 381         # Copy back nfs NFSMAPID_DOMAIN
 382         NFSMAPID_DOMAIN=`nwam_get_loc_prop Legacy nfsv4-domain`
 383         if [ -n "$NFSMAPID_DOMAIN" ]; then
 384                 set_smf_prop $NFS_MAPID_FMRI \
 385                     nfs-props/nfsmapid_domain $NFSMAPID_DOMAIN
 386                 $SVCADM refresh $NFS_MAPID_FMRI
 387                 $SVCADM enable $NFS_MAPID_FMRI
 388         fi


 404                 set_smf_prop $IPSEC_IKE_FMRI config/config_file \
 405                     $IPSEC_IKE_DEFAULT_CONFIG_FILE
 406                 $SVCADM disable $IPSEC_IKE_FMRI
 407         fi
 408         if [ -n "$pol_file" ]; then
 409                 copy_from_legacy_loc $pol_file
 410                 set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file
 411                 $SVCADM refresh $IPSEC_POLICY_FMRI
 412                 $SVCADM enable $IPSEC_POLICY_FMRI
 413         else
 414                 set_smf_prop $IPSEC_POLICY_FMRI config/config_file \
 415                     $IPSEC_POLICY_DEFAULT_CONFIG_FILE
 416                 $SVCADM disable $IPSEC_POLICY_FMRI
 417         fi
 418 
 419         refresh_ipf=false
 420         if [ -n "$ipf_file" ]; then
 421                 # change /none, /allow, and /deny to firewall policy
 422                 if [ "$ipf_file" = "/none" -o "$ipf_file" = "/allow" \
 423                     -o "$ipf_file" = "/deny" ]; then
 424                         policy=`echo "$ipf_file" | $NAWK 'FS="/" { print $2 }'`
 425                         set_smf_prop $IPFILTER_FMRI \
 426                             firewall_config_default/policy $policy
 427                         # no need to clear custom_policy_file as it isn't "custom"
 428                 else
 429                         copy_from_legacy_loc $ipf_file
 430                         set_smf_prop $IPFILTER_FMRI \
 431                             firewall_config_default/policy "custom"
 432                         set_smf_prop $IPFILTER_FMRI \
 433                             firewall_config_default/custom_policy_file $ipf_file
 434                 fi
 435                 refresh_ipf=true
 436         fi
 437         if [ -n "$ipf6_file" ]; then
 438                 copy_from_legacy_loc $ipf6_file
 439                 set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file
 440                 refresh_ipf=true
 441         else
 442                 set_smf_prop $IPFILTER_FMRI config/ipf6_config_file \
 443                     $IPF6_DEFAULT_CONFIG_FILE
 444         fi




  40 #
  41 # Default *.conf files
  42 # Set appropriate config SMF property to these files when NWAM is stopped
  43 # and corresponding config properties in the Legacy location are emtpy
  44 #
  45 IPF6_DEFAULT_CONFIG_FILE=/etc/ipf/ipf6.conf
  46 IPNAT_DEFAULT_CONFIG_FILE=/etc/ipf/ipnat.conf
  47 IPPOOL_DEFAULT_CONFIG_FILE=/etc/ipf/ippool.conf
  48 IPSEC_IKE_DEFAULT_CONFIG_FILE=/etc/inet/ike/config
  49 IPSEC_POLICY_DEFAULT_CONFIG_FILE=/etc/inet/ipsecinit.conf
  50 
  51 # commands
  52 BASENAME=/usr/bin/basename
  53 CAT=/usr/bin/cat
  54 CP=/usr/bin/cp
  55 DOMAINNAME=/usr/bin/domainname
  56 GREP=/usr/bin/grep
  57 LDAPCLIENT=/usr/sbin/ldapclient
  58 MKDIR=/usr/bin/mkdir
  59 MKFIFO=/usr/bin/mkfifo
  60 AWK=/usr/xpg4/bin/awk
  61 NWAMCFG=/usr/sbin/nwamcfg
  62 RM=/usr/bin/rm
  63 SVCADM=/usr/sbin/svcadm
  64 SVCCFG=/usr/sbin/svccfg
  65 SVCPROP=/usr/bin/svcprop
  66 
  67 # Path to directories
  68 # We don't have a writable file system so we write to /etc/svc/volatile and
  69 # then later copy anything interesting to /etc/nwam.
  70 VOL_NWAM_PATH=/etc/svc/volatile/nwam
  71 VOL_LEGACY_PATH=$VOL_NWAM_PATH/Legacy
  72 PERM_LEGACY_PATH=/etc/nwam/loc/Legacy
  73 NIS_BIND_PATH=/var/yp/binding
  74 
  75 #
  76 # copy_to_legacy_loc <file>
  77 #
  78 # Copies the file to the Legacy location directory
  79 # (in /etc/svc/volatile/nwam/Legacy)
  80 #


 157         DNS_NAMESERVICE_SERVERS=""
 158         DNS_NAMESERVICE_SEARCH=""
 159         NIS_NAMESERVICE_CONFIGSRC=""
 160         NIS_NAMESERVICE_SERVERS=""
 161         LDAP_NAMESERVICE_CONFIGSRC=""
 162         LDAP_NAMESERVICE_SERVERS=""
 163         DEFAULT_DOMAIN=""
 164 
 165         # Copy /etc/nsswitch.conf file
 166         copy_to_legacy_loc /etc/nsswitch.conf
 167         NAMESERVICES_CONFIG_FILE="$VOL_LEGACY_PATH/nsswitch.conf"
 168         
 169         # Gather DNS info from resolv.conf if present.
 170         if [ -f /etc/resolv.conf ]; then
 171                 NAMESERVICES="dns,"
 172                 $GREP -i "added by dhcp" /etc/nsswitch.conf >/dev/null
 173                 if [ $? -eq 0 ]; then
 174                         DNS_NAMESERVICE_CONFIGSRC="dhcp"
 175                 else
 176                         DNS_NAMESERVICE_CONFIGSRC="manual"
 177                         DNS_NAMESERVICE_DOMAIN=`$AWK '$1 == "domain" {\
 178                             print $2 }' < /etc/resolv.conf`
 179                         DNS_NAMESERVICE_SERVERS=`$AWK '$1 == "nameserver" \
 180                             { printf "%s,", $2 }' < /etc/resolv.conf`
 181                         DNS_NAMESERVICE_SEARCH=`$AWK '$1 == "search" \
 182                             { printf "%s,", $2 }' < /etc/resolv.conf`
 183                         copy_to_legacy_loc /etc/resolv.conf
 184                 fi
 185         fi
 186 
 187         # Gather NIS info from appropriate file if present.
 188         if service_is_enabled $NIS_CLIENT_FMRI; then
 189                 NAMESERVICES="${NAMESERVICES}nis,"
 190                 NIS_NAMESERVICE_CONFIGSRC="manual"
 191                 DEFAULT_DOMAIN=`$CAT /etc/defaultdomain`
 192 
 193                 yp_servers=`$AWK '{ printf "%s ", $1 }' \
 194                     < $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers`
 195                 for serv in $yp_servers; do
 196                         if is_valid_addr $serv; then
 197                                 addr="$serv,"
 198                         else
 199                                 addr=`$GREP -iw $serv /etc/inet/hosts | \
 200                                     $AWK '{ printf "%s,", $1 }'`
 201                         fi
 202                         NIS_NAMESERVICE_SERVERS="${NIS_NAMESERVICE_SERVERS}$addr"
 203                 done
 204         fi
 205 
 206         # Gather LDAP info via ldapclient(1M).
 207         if [ -f /var/ldap/ldap_client_file ]; then
 208                 copy_to_legacy /var/ldap/ldap_client_file
 209                 NAMESERVICES="${NAMESERVICES}ldap,"
 210                 LDAP_NAMESERVICE_CONFIGSRC="manual"
 211                 LDAP_NAMESERVICE_SERVERS=`$LDAPCLIENT list 2>/dev/null | \
 212                     $AWK '$1 == "preferredServerList:" { print $2 }'`
 213                 DEFAULT_DOMAIN=`$CAT /etc/defaultdomain`
 214         fi
 215 
 216         # Now, write nwamcfg commands for nameservices
 217         write_loc_prop "nameservices" $NAMESERVICES $CREATE_LOC_LEGACY_FILE
 218         write_loc_prop "nameservices-config-file" $NAMESERVICES_CONFIG_FILE \
 219             $CREATE_LOC_LEGACY_FILE
 220         write_loc_prop "dns-nameservice-configsrc" $DNS_NAMESERVICE_CONFIGSRC \
 221             $CREATE_LOC_LEGACY_FILE
 222         write_loc_prop "dns-nameservice-domain" $DNS_NAMESERVICE_DOMAIN \
 223             $CREATE_LOC_LEGACY_FILE
 224         write_loc_prop "dns-nameservice-servers" $DNS_NAMESERVICE_SERVERS \
 225             $CREATE_LOC_LEGACY_FILE
 226         write_loc_prop "dns-nameservice-search" $DNS_NAMESERVICE_SEARCH \
 227             $CREATE_LOC_LEGACY_FILE
 228         write_loc_prop "nis-nameservice-configsrc" $NIS_NAMESERVICE_CONFIGSRC \
 229             $CREATE_LOC_LEGACY_FILE
 230         write_loc_prop "nis-nameservice-servers" $NIS_NAMESERVICE_SERVERS \
 231             $CREATE_LOC_LEGACY_FILE
 232         write_loc_prop "ldap-nameservice-configsrc" $LDAP_NAMESERVICE_CONFIGSRC\


 348         if [ -f "$PERM_LEGACY_PATH/resolv.conf" ]; then
 349                 copy_from_legacy_loc /etc/resolv.conf
 350                 $SVCADM enable dns/client
 351         fi
 352 
 353         # set /etc/defaultdomain and domainname(1M)
 354         DEFAULT_DOMAIN=`nwam_get_loc_prop Legacy default-domain`
 355         if [ -n "$DEFAULT_DOMAIN" ]; then
 356                 $DOMAINNAME $DEFAULT_DOMAIN
 357                 $DOMAINNAME > /etc/defaultdomain
 358         fi
 359 
 360         # NIS - directory and ypserver in /var/yp/binding/
 361         NIS_CONFIGSRC=`nwam_get_loc_prop Legacy nis-nameservice-configsrc`
 362         NIS_SERVERS=`nwam_get_loc_prop Legacy nis-nameservice-servers`
 363         if [ -n "$NIS_CONFIGSRC" ]; then
 364                 if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then
 365                         $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN
 366                 fi
 367                 if [ -n "$NIS_SERVERS" ]; then
 368                         echo "$NIS_SERVERS" | $AWK \
 369                             'FS="," { for (i = 1; i <= NF; i++) print $i }' \
 370                             > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers
 371                 fi
 372                 $SVCADM enable nis/client
 373         fi
 374 
 375         # LDAP - copy ldap_client_file to /var/ldap/ldap_client_file
 376         if [ -f "$PERM_LEGACY_PATH/ldap_client_file" ]; then
 377                 copy_from_legacy_loc /var/ldap/ldap_client_file
 378                 $SVCADM enable ldap/client
 379         fi
 380 
 381         # Copy back nfs NFSMAPID_DOMAIN
 382         NFSMAPID_DOMAIN=`nwam_get_loc_prop Legacy nfsv4-domain`
 383         if [ -n "$NFSMAPID_DOMAIN" ]; then
 384                 set_smf_prop $NFS_MAPID_FMRI \
 385                     nfs-props/nfsmapid_domain $NFSMAPID_DOMAIN
 386                 $SVCADM refresh $NFS_MAPID_FMRI
 387                 $SVCADM enable $NFS_MAPID_FMRI
 388         fi


 404                 set_smf_prop $IPSEC_IKE_FMRI config/config_file \
 405                     $IPSEC_IKE_DEFAULT_CONFIG_FILE
 406                 $SVCADM disable $IPSEC_IKE_FMRI
 407         fi
 408         if [ -n "$pol_file" ]; then
 409                 copy_from_legacy_loc $pol_file
 410                 set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file
 411                 $SVCADM refresh $IPSEC_POLICY_FMRI
 412                 $SVCADM enable $IPSEC_POLICY_FMRI
 413         else
 414                 set_smf_prop $IPSEC_POLICY_FMRI config/config_file \
 415                     $IPSEC_POLICY_DEFAULT_CONFIG_FILE
 416                 $SVCADM disable $IPSEC_POLICY_FMRI
 417         fi
 418 
 419         refresh_ipf=false
 420         if [ -n "$ipf_file" ]; then
 421                 # change /none, /allow, and /deny to firewall policy
 422                 if [ "$ipf_file" = "/none" -o "$ipf_file" = "/allow" \
 423                     -o "$ipf_file" = "/deny" ]; then
 424                         policy=`echo "$ipf_file" | $AWK 'FS="/" { print $2 }'`
 425                         set_smf_prop $IPFILTER_FMRI \
 426                             firewall_config_default/policy $policy
 427                         # no need to clear custom_policy_file as it isn't "custom"
 428                 else
 429                         copy_from_legacy_loc $ipf_file
 430                         set_smf_prop $IPFILTER_FMRI \
 431                             firewall_config_default/policy "custom"
 432                         set_smf_prop $IPFILTER_FMRI \
 433                             firewall_config_default/custom_policy_file $ipf_file
 434                 fi
 435                 refresh_ipf=true
 436         fi
 437         if [ -n "$ipf6_file" ]; then
 438                 copy_from_legacy_loc $ipf6_file
 439                 set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file
 440                 refresh_ipf=true
 441         else
 442                 set_smf_prop $IPFILTER_FMRI config/ipf6_config_file \
 443                     $IPF6_DEFAULT_CONFIG_FILE
 444         fi