#!/bin/sh # # CDDL HEADER START # # The contents of this file are subject to the terms of the # Common Development and Distribution License (the "License"). # You may not use this file except in compliance with the License. # # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE # or http://www.opensolaris.org/os/licensing. # See the License for the specific language governing permissions # and limitations under the License. # # When distributing Covered Code, include this CDDL HEADER in each # file and include the License file at usr/src/OPENSOLARIS.LICENSE. # If applicable, add the following below this CDDL HEADER, with the # fields enclosed by brackets "[]" replaced with your own identifying # information: Portions Copyright [yyyy] [name of copyright owner] # # CDDL HEADER END # # i.rbac # # Copyright (c) 2005, 2010, Oracle and/or its affiliates. All rights reserved. # # Script to build RBAC *_attr files from fragments installed by pkg. # This script is run by service svc:/system/rbac:default. # # Related RBAC *_attr files are: # # /etc/security/{prof_attr,exec_attr,auth_attr} # /etc/user_attr # # Allowable exit codes # # 0 - success # 2 - warning or possible error condition. Installation continues. A warning # message is displayed at the time of completion. # # i.rbac appears to depend on C locale export LC_ALL=C.UTF-8 umask 022 tmp_dir=${TMPDIR:-/tmp} PATH="/usr/bin:/usr/sbin:${PATH}" export PATH basename_cmd=basename cp_cmd=cp egrep_cmd=egrep mv_cmd=mv nawk_cmd=nawk rm_cmd=rm sed_cmd=sed sort_cmd=sort # $1 is the type # $2 is the "old/existing file" # $3 is the "new (to be merged)" file # $4 is the output file # returns 0 on success # returns 2 on failure if nawk fails with non-zero exit status # dbmerge() { # # Remove the ident lines. # ${egrep_cmd} -v '^#[pragma ]*ident' $2 > $4.old 2>/dev/null # # If the new file has a Sun copyright, remove the Sun copyright from the old # file. # newcr=`${egrep_cmd} '^# Copyright.*Sun Microsystems, Inc.' $3 \ 2>/dev/null` if [ -n "${newcr}" ]; then $sed_cmd -e '/^# Copyright.*Sun Microsystems, Inc./d' \ -e '/^# All rights reserved./d' \ -e '/^# Use is subject to license terms./d' \ $4.old > $4.$$ 2>/dev/null $mv_cmd $4.$$ $4.old fi # # If the new file has an Oracle copyright, remove both the Sun and Oracle # copyrights from the old file. # oracle_cr=`${egrep_cmd} '^# Copyright.*Oracle and/or its affiliates.' \ $3 2>/dev/null` if [ -n "${oracle_cr}" ]; then $sed_cmd -e '/^# Copyright.*Sun Microsystems, Inc./d' \ -e '/^# All rights reserved./d' \ -e '/^# Use is subject to license terms./d' \ -e '/^# Copyright.*Oracle and\/or its affiliates./d' \ $4.old > $4.$$ 2>/dev/null $mv_cmd $4.$$ $4.old fi # # If the new file has the CDDL, remove it from the old file. # newcr=`${egrep_cmd} '^# CDDL HEADER START' $3 2>/dev/null` if [ -n "${newcr}" ]; then $sed_cmd -e '/^# CDDL HEADER START/,/^# CDDL HEADER END/d' \ $4.old > $4.$$ 2>/dev/null $mv_cmd $4.$$ $4.old fi # # Remove empty lines and multiple instances of these comments: # $sed_cmd -e '/^# \/etc\/security\/exec_attr/d' -e '/^#$/d' \ -e '/^# execution attributes for profiles./d' \ -e '/^# See exec_attr([45])/d' \ -e '/^# \/etc\/user_attr/d' \ -e '/^# user attributes. see user_attr([45])/d' \ -e '/^# \/etc\/security\/prof_attr/d' \ -e '/^# profiles attributes. see prof_attr([45])/d' \ -e '/^# See prof_attr([45])/d' \ -e '/^# \/etc\/security\/auth_attr/d' \ -e '/^# authorizations. see auth_attr([45])/d' \ -e '/^# authorization attributes. see auth_attr([45])/d' \ $4.old > $4.$$ $mv_cmd $4.$$ $4.old # # Retain old and new header comments. # $sed_cmd -n -e '/^[^#]/,$d' -e '/^##/,$d' -e p $4.old > $4 $rm_cmd $4.old $sed_cmd -n -e '/^[^#]/,$d' -e '/^##/,$d' -e p $3 >> $4 # # If the output file now has both Sun and Oracle copyrights, remove # the Sun copyright. # sun_cr=`${egrep_cmd} '^# Copyright.*Sun Microsystems, Inc.' \ $4 2>/dev/null` oracle_cr=`${egrep_cmd} '^# Copyright.*Oracle and/or its affiliates.' \ $4 2>/dev/null` if [ -n "${sun_cr}" ] && [ -n "${oracle_cr}" ]; then $sed_cmd -e '/^# Copyright.*Sun Microsystems, Inc./d' \ -e '/^# All rights reserved./d' \ -e '/^# Use is subject to license terms./d' \ $4 > $4.$$ 2>/dev/null $mv_cmd $4.$$ $4 fi # # Handle line continuations (trailing \) # $sed_cmd \ -e '/\\$/{N;s/\\\n//;}' -e '/\\$/{N;s/\\\n//;}' \ -e '/\\$/{N;s/\\\n//;}' -e '/\\$/{N;s/\\\n//;}' \ -e '/\\$/{N;s/\\\n//;}' -e '/\\$/{N;s/\\\n//;}' \ $2 > $4.old $sed_cmd \ -e '/\\$/{N;s/\\\n//;}' -e '/\\$/{N;s/\\\n//;}' \ -e '/\\$/{N;s/\\\n//;}' -e '/\\$/{N;s/\\\n//;}' \ -e '/\\$/{N;s/\\\n//;}' -e '/\\$/{N;s/\\\n//;}' \ $3 > $4.new # # The nawk script below processes the old and new files using up to # three passes. If the old file is empty, only the final pass over # the new file is required. # if [ -s $4.old ]; then nawk_pass1=$4.old nawk_pass2=$4.new nawk_pass3=$4.new else nawk_pass1= nawk_pass2= nawk_pass3=$4.new fi # #!/usr/bin/nawk -f # # dbmerge type=[auth|prof|user|exec] [ old-file new-file ] new-file # # Merge two versions of an RBAC database file. The output # consists of the lines from the new-file, while preserving # user customizations in the old-file. # # Entries in the new-file replace corresponding entries in the # old-file, except as follows: For exec_attr, all old entries # for profiles contained in the new-file are discarded. For # user_attr, the "root" entry from the old-file is retained, # and new keywords from the new-file are merged into it. # # Records with the same key field(s) are merged, so that the # keyword/value section of each output record contains the union # of the keywords found in all input records with the same key # field(s). For selected multi-value keywords [1] the values from # the new-file are merged with retained values from the old-file. # Otherwise, the value for each keyword is the final value found # in the new-file, except for keywords in the user_attr entry for # "root" where values from the old-file are always retained. # # [1] The following file type and keyword combinations are merged: # prof_attr: auths, profiles, privs # user_attr: auths, profiles, roles # # The output is run through sort except for the comments # which will appear first in the output. # # $nawk_cmd ' # This script may be invoked with up to three file names. Each file # name corresponds to a separate processing pass. The passes are # defined as follows: # # Pass 1: Read existing data. # Data from the old-file is read into memory. # # Pass 2: Remove obsolete data. # Discard any data from the old-file that is part of profiles that # are also in the new-file. (As a special case, the user_attr entry # for 'root' is always retained.) # # Pass 3: Merge new data. # Data from the new-file is merged with the remaining old-file data. # (As a special case, exec_attr entries are replaced, not merged.) BEGIN { # The variable 'pass' specifies which type of processing to perform. # When processing only one file, skip passes 1 and 2. if (ARGC == 3) pass += 2; # The array 'keyword_behavior' specifies the special treatment of # [type, keyword] combinations subject to value merging. keyword_behavior["prof", "auths"] = "merge"; keyword_behavior["prof", "profiles"] = "merge"; keyword_behavior["prof", "privs"] = "merge"; keyword_behavior["user", "auths"] = "merge"; keyword_behavior["user", "profiles"] = "merge"; keyword_behavior["user", "roles"] = "merge"; FS=":" } # When FNR (current file record number) is 1 it indicates that nawk # is starting to read the next file specified on its command line, # and is beginning the next processing pass. FNR == 1 { pass++; } /^#/ || /^$/ { next; } { # For each input line, nawk automatically assigns the complete # line to $0 and also splits the line at field separators and # assigns each field to a variable $1..$n. Assignment to $0 # re-splits the line into the field variables. Conversely, # assgnment to a variable $1..$n will cause $0 to be recomputed # from the field variable values. # # This code adds awareness of escaped field separators by using # a custom function to split the line into a temporary array. # It assigns the empty string to $0 to clear any excess field # variables, and assigns the desired elements of the temporary # array back to the field variables $1..$7. # # Subsequent code must not assign directly to $0 or the fields # will be re-split without regard to escaped field separators. split_escape($0, f, ":"); $0 = ""; $1 = f[1]; $2 = f[2]; $3 = f[3]; $4 = f[4]; $5 = f[5]; $6 = f[6]; $7 = f[7]; } type == "auth" { key = $1 ":" $2 ":" $3 ; if (pass == 1) { short_comment[key] = $4 ; long_comment[key] = $5; record[key] = $6; } else if (pass == 2) { delete short_comment[key]; delete long_comment[key]; delete record[key]; } else if (pass == 3) { if ( $4 != "" ) { short_comment[key] = $4 ; } if ( $5 != "" ) { long_comment[key] = $5 ; } record[key] = merge_attrs(record[key], $6); } } type == "prof" { key = $1 ":" $2 ":" $3 ; if (pass == 1) { comment[key] = $4; record[key] = $5; } else if (pass == 2) { delete comment[key]; delete record[key]; } else if (pass == 3) { if ( $4 != "" ) { comment[key] = $4 ; } if (key != "::") { record[key] = merge_attrs(record[key], $5); } } } type == "exec" { key = $1 ":" $2 ":" $3 ":" $4 ":" $5 ":" $6 ; if (pass == 1) { record[key] = $7; } else if (pass == 2) { # For exec_attr, deletion is based on the 'name' field only, # so that all old entries for the profile are removed. for (oldkey in record) { split_escape(oldkey, oldkey_fields, ":"); if (oldkey_fields[1] == $1) delete record[oldkey]; } } else if (pass == 3) { # Substitute new entries, do not merge. record[key] = $7; } } type == "user" { key = $1 ":" $2 ":" $3 ":" $4 ; if (pass == 1) { record[key] = $5; } else if (pass == 2) { if ($1 != "root") delete record[key]; } else if (pass == 3) { record[key] = merge_attrs(record[key], $5); } } END { for (key in record) { if (type == "prof") { if (key != "::") { print key ":" comment[key] ":" record[key]; } } else if (type == "auth") { print key ":" short_comment[key] ":" \ long_comment[key] ":" record[key]; } else print key ":" record[key]; } } function merge_attrs(old, new, cnt, new_cnt, i, j, list, new_list, keyword) { cnt = split_escape(old, list, ";"); new_cnt = split_escape(new, new_list, ";"); for (i = 1; i <= new_cnt; i++) { keyword = substr(new_list[i], 1, index(new_list[i], "=")-1); for (j = 1; j <= cnt; j++) { if (match(list[j], "^" keyword "=")) { list[j] = merge_values(keyword, list[j], new_list[i]); break; } } if (j > cnt) list[++cnt] = new_list[i]; } return unsplit(list, cnt, ";"); \ } function merge_values(keyword, old, new, cnt, new_cnt, i, j, list, new_list, d) { # Keywords with multivalued attributes that are subject to merging # are processed by the algorithm implemented further below. # Otherwise, the keyword is not subject to merging, and: # For user_attr, the existing value is retained. # For any other file, the new value is substituted. if (keyword_behavior[type, keyword] != "merge") { if (type == "user") { return old; } else { return new; } } cnt = split(substr(old, length(keyword)+2), list, ","); new_cnt = split(substr(new, length(keyword)+2), new_list, ","); # If the existing list contains "All", remove it and add it # to the new list; that way "All" will appear at the only valid # location, the end of the list. if (keyword == "profiles") { d = 0; for (i = 1; i <= cnt; i++) { if (list[i] != "All") list[++d] = list[i]; } if (cnt != d) { new_list[++new_cnt] = "All"; cnt = d; } } for (i = 1; i <= new_cnt; i++) { for (j = 1; j <= cnt; j++) { if (list[j] == new_list[i]) break; } if (j > cnt) list[++cnt] = new_list[i]; } return keyword "=" unsplit(list, cnt, ","); } # This function is similar to the nawk built-in split() function, # except that a "\" character may be used to escape any subsequent # character, so that the escaped character will not be treated as a # field separator or as part of a field separator regular expression. # The "\" characters will remain in the elements of the output array # variable upon completion. function split_escape(str, list, fs, cnt, saved, sep) { # default to global FS if (fs == "") fs = FS; # initialize empty list, cnt, saved split("", list, " "); cnt = 0; saved = ""; # track whether last token was a field separator sep = 0; # nonzero str length indicates more string left to scan while (length(str)) { if (match(str, fs) == 1) { # field separator, terminates current field list[++cnt] = saved; saved = ""; str = substr(str, RLENGTH + 1); sep = 1; } else if (substr(str, 1, 1) == "\\") { # escaped character saved = saved substr(str, 1, 2); str = substr(str, 3); sep = 0; } else { # regular character saved = saved substr(str, 1, 1); str = substr(str, 2); sep = 0; } } # if required, append final field to list if (sep || length(saved)) list[++cnt] = saved; return cnt; } function unsplit(list, cnt, delim, str) { str = list[1]; for (i = 2; i <= cnt; i++) str = str delim list[i]; return str; }' \ type=$1 $nawk_pass1 $nawk_pass2 $nawk_pass3 > $4.unsorted rc=$? $sort_cmd < $4.unsorted >> $4 return $rc } # $1 is the merged file # $2 is the target file # commit() { # Make sure that the last mv uses rename(2) by first moving to # the same filesystem. $mv_cmd $1 $2.$$ $mv_cmd $2.$$ $2 return $? } outfile="" type="" set_type_and_outfile() { # # Assumes basename $1 returns one of # prof_attr, exec_attr, auth_attr, or user_attr # fname=`$basename_cmd $1` type=`echo $fname | $sed_cmd -e s'/^\([a-z][a-z]*\)_attr$/\1/' ` case "$type" in "prof"|"exec"|"user"|"auth") ;; *) return 2 ;; esac outfile=$tmp_dir/rbac_${PKGINST}_${fname}_merge.$$ return 0 } cleanup() { $rm_cmd -f $outfile $outfile.old $outfile.new $outfile.unsorted return 0 } exit_status=0 # main while read newfile oldfile ; do if [ -n "$PKGINST" ] then # Install the file in the "fragment" directory. mkdir -m 755 -p ${oldfile}.d rm -f ${oldfile}.d/"$PKGINST" cp $newfile ${oldfile}.d/"$PKGINST" # Make sure that it is marked read-only. chmod a-w,a+r ${oldfile}.d/"$PKGINST" # We also execute the rest of the i.rbac script. fi if [ ! -f $oldfile ]; then cp $newfile $oldfile else set_type_and_outfile $newfile || set_type_and_outfile $oldfile if [ $? -ne 0 ]; then echo "$0 : $newfile not one of" \ " prof_attr, exec_attr, auth_attr, user_attr" exit_status=2 continue fi dbmerge $type $oldfile $newfile $outfile if [ $? -ne 0 ]; then echo "$0 : failed to merge $newfile with $oldfile" cleanup exit_status=2 continue fi commit $outfile $oldfile if [ $? -ne 0 ]; then echo "$0 : failed to mv $outfile to $2" cleanup exit_status=2 continue fi cleanup fi done if [ "$1" = "ENDOFCLASS" ]; then exit 0 fi exit $exit_status