xref: /illumos-gate/usr/src/cmd/allocate/svc-allocate (revision bc1f688b4872ace323eaddbb1a6365d054e7bf56)
1#! /bin/sh
2#
3#
4# CDDL HEADER START
5#
6# The contents of this file are subject to the terms of the
7# Common Development and Distribution License (the "License").
8# You may not use this file except in compliance with the License.
9#
10# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
11# or http://www.opensolaris.org/os/licensing.
12# See the License for the specific language governing permissions
13# and limitations under the License.
14#
15# When distributing Covered Code, include this CDDL HEADER in each
16# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
17# If applicable, add the following below this CDDL HEADER, with the
18# fields enclosed by brackets "[]" replaced with your own identifying
19# information: Portions Copyright [yyyy] [name of copyright owner]
20#
21# CDDL HEADER END
22#
23# Copyright (c) 1993, 2010, Oracle and/or its affiliates. All rights reserved.
24#
25
26. /lib/svc/share/smf_include.sh
27
28DEVALLOC=/etc/security/device_allocate
29DEVMAPS=/etc/security/device_maps
30DEVFSADM=/usr/sbin/devfsadm
31MKDEVALLOC=/usr/sbin/mkdevalloc
32MKDEVMAPS=/usr/sbin/mkdevmaps
33HALFDI=/etc/hal/fdi/policy/30user/90-solaris-device-allocation.fdi
34
35# dev_allocation_convert
36#	All the real work gets done in this function
37
38dev_allocation_convert()
39{
40#
41# If allocation already configured, just return
42#
43if [ -f ${HALFDI} -a -f ${DEVALLOC} -a -f ${DEVMAPS} ]; then
44    return
45fi
46
47# Prevent automount of removable and hotpluggable volume
48# by forcing volume.ignore HAL property on all such volumes.
49if [ ! -f ${HALFDI} ]; then
50	cat > ${HALFDI} <<FDI
51<?xml version="1.0" encoding="UTF-8"?>
52<deviceinfo version="0.2">
53  <device>
54    <match key="info.capabilities" contains="volume">
55      <match key="@block.storage_device:storage.removable" bool="true">
56        <merge key="volume.ignore" type="bool">true</merge>
57      </match>
58      <match key="@block.storage_device:storage.hotpluggable" bool="true">
59        <merge key="volume.ignore" type="bool">true</merge>
60      </match>
61    </match>
62  </device>
63</deviceinfo>
64FDI
65fi
66
67# Initialize device allocation
68
69
70# Need to determine if Trusted Extensions is enabled.
71# Check the setting in etc/system (other methods won't work
72# because TX is likely not yet fully active.)
73#
74grep "^[ 	]*set[ 	][ 	]*sys_labeling[ 	]*=[ 	]*1" \
75    /etc/system > /dev/null 2>&1
76
77if [ $? = 0 ]; then
78	# Trusted Extensions is enabled (but possibly not yet booted).
79	${DEVFSADM} -e
80else
81	if [ ! -f ${DEVALLOC} ]; then
82		echo "DEVICE_ALLOCATION=ON" > $DEVALLOC
83		${MKDEVALLOC} >> $DEVALLOC
84	fi
85	if [ ! -f ${DEVMAPS} ]; then
86		${MKDEVMAPS} > $DEVMAPS
87	fi
88fi
89}
90
91dev_allocation_unconvert()
92{
93	# Turn off device allocation.
94	${DEVFSADM} -d
95	/usr/bin/rm -f $DEVALLOC $DEVMAPS
96	# Restore default policy for removable and hotpluggable volumes
97	/usr/bin/rm -f $HALFDI
98}
99
100case "$1" in
101'start')
102	dev_allocation_convert
103	deallocate -Is
104	;;
105'stop')
106	state=`/usr/bin/svcprop -c -p general/enabled $SMF_FMRI 2>/dev/null`
107	if [ "$state" = "true" ] ; then
108		exit $SMF_EXIT_OK
109	fi
110	dev_allocation_unconvert
111	;;
112esac
113
114exit $SMF_EXIT_OK
115