16ba597c5SAnurag S. Maskey#!/sbin/sh 26ba597c5SAnurag S. Maskey# 36ba597c5SAnurag S. Maskey# CDDL HEADER START 46ba597c5SAnurag S. Maskey# 56ba597c5SAnurag S. Maskey# The contents of this file are subject to the terms of the 66ba597c5SAnurag S. Maskey# Common Development and Distribution License (the "License"). 76ba597c5SAnurag S. Maskey# You may not use this file except in compliance with the License. 86ba597c5SAnurag S. Maskey# 96ba597c5SAnurag S. Maskey# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 106ba597c5SAnurag S. Maskey# or http://www.opensolaris.org/os/licensing. 116ba597c5SAnurag S. Maskey# See the License for the specific language governing permissions 126ba597c5SAnurag S. Maskey# and limitations under the License. 136ba597c5SAnurag S. Maskey# 146ba597c5SAnurag S. Maskey# When distributing Covered Code, include this CDDL HEADER in each 156ba597c5SAnurag S. Maskey# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 166ba597c5SAnurag S. Maskey# If applicable, add the following below this CDDL HEADER, with the 176ba597c5SAnurag S. Maskey# fields enclosed by brackets "[]" replaced with your own identifying 186ba597c5SAnurag S. Maskey# information: Portions Copyright [yyyy] [name of copyright owner] 196ba597c5SAnurag S. Maskey# 206ba597c5SAnurag S. Maskey# CDDL HEADER END 216ba597c5SAnurag S. Maskey# 226ba597c5SAnurag S. Maskey# 234a44f0a1SAnurag S. Maskey# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. 246ba597c5SAnurag S. Maskey# 256ba597c5SAnurag S. Maskey 266ba597c5SAnurag S. Maskey. /lib/svc/share/smf_include.sh 276ba597c5SAnurag S. Maskey. /lib/svc/share/net_include.sh 286ba597c5SAnurag S. Maskey 296ba597c5SAnurag S. Maskey# FMRI consts 306ba597c5SAnurag S. MaskeyAUTOFS_FMRI="svc:/system/filesystem/autofs" 316ba597c5SAnurag S. MaskeyDNS_CLIENT_FMRI="svc:/network/dns/client" 326ba597c5SAnurag S. MaskeyIPSEC_IKE_FMRI="svc:/network/ipsec/ike" 336ba597c5SAnurag S. MaskeyIPSEC_POLICY_FMRI="svc:/network/ipsec/policy" 346ba597c5SAnurag S. MaskeyIPFILTER_FMRI="svc:/network/ipfilter:default" 356ba597c5SAnurag S. MaskeyLDAP_CLIENT_FMRI="svc:/network/ldap/client" 366ba597c5SAnurag S. MaskeyLOCATION_FMRI="svc:/network/location:default" 376ba597c5SAnurag S. MaskeyMAPID_FMRI="svc:/network/nfs/mapid:default" 386ba597c5SAnurag S. MaskeyNIS_CLIENT_FMRI="svc:/network/nis/client" 396ba597c5SAnurag S. MaskeyNWAM_FMRI="svc:/network/physical:nwam" 406ba597c5SAnurag S. Maskey 416ba597c5SAnurag S. Maskey# commands 426ba597c5SAnurag S. MaskeyCP=/usr/bin/cp 436ba597c5SAnurag S. MaskeyDHCPINFO=/sbin/dhcpinfo 446ba597c5SAnurag S. MaskeyDOMAINNAME=/usr/bin/domainname 456ba597c5SAnurag S. MaskeyGREP=/usr/bin/grep 466ba597c5SAnurag S. MaskeyLDAPCLIENT=/usr/sbin/ldapclient 476ba597c5SAnurag S. MaskeyMKDIR=/usr/bin/mkdir 486ba597c5SAnurag S. MaskeyMV=/usr/bin/mv 496ba597c5SAnurag S. MaskeyNAWK=/usr/bin/nawk 506ba597c5SAnurag S. MaskeyNWAMADM=/usr/sbin/nwamadm 516ba597c5SAnurag S. MaskeyNWAMCFG=/usr/sbin/nwamcfg 526ba597c5SAnurag S. MaskeyRM=/usr/bin/rm 536ba597c5SAnurag S. MaskeySED=/usr/bin/sed 546ba597c5SAnurag S. MaskeySVCADM=/usr/sbin/svcadm 556ba597c5SAnurag S. MaskeySVCCFG=/usr/sbin/svccfg 566ba597c5SAnurag S. MaskeySVCPROP=/usr/bin/svcprop 576ba597c5SAnurag S. MaskeyTOUCH=/usr/bin/touch 586ba597c5SAnurag S. Maskey 596ba597c5SAnurag S. Maskey# Path to directories 606ba597c5SAnurag S. MaskeyETC_DEFAULT_DOMAIN=/etc/defaultdomain 616ba597c5SAnurag S. MaskeyNIS_BIND_PATH=/var/yp/binding 626ba597c5SAnurag S. MaskeyLEGACY_LOC_PATH=/etc/nwam/loc/Legacy 636ba597c5SAnurag S. MaskeyUSER_LOC_PATH=/etc/nwam/loc/User 646ba597c5SAnurag S. MaskeySCRIPT_PATH=/etc/svc/volatile/nwam 656ba597c5SAnurag S. Maskey 666ba597c5SAnurag S. Maskey# 676ba597c5SAnurag S. Maskey# echoes DHCP controlled interfaces separated by commas 686ba597c5SAnurag S. Maskey# 696ba597c5SAnurag S. Maskey# Don't parse the output of ifconfig(1M) because interfaces that haven't 706ba597c5SAnurag S. Maskey# acquired a DHCP lease also have the DHCP flag set. 716ba597c5SAnurag S. Maskey# 726ba597c5SAnurag S. Maskeyget_dhcp_interfaces () { 736ba597c5SAnurag S. Maskey # 746ba597c5SAnurag S. Maskey # 1. parse netstat(1M) output for v4 interfaces in BOUND 756ba597c5SAnurag S. Maskey # or INFORMATION state 766ba597c5SAnurag S. Maskey # 2. make a space-separated list of interface names 776ba597c5SAnurag S. Maskey # 786ba597c5SAnurag S. Maskey netstat -D -f inet | $NAWK ' 796ba597c5SAnurag S. Maskey $2 ~ /BOUND/ { printf "%s ", $1 } 806ba597c5SAnurag S. Maskey $2 ~ /INFORMATION/ { printf "%s ", $1 }' 816ba597c5SAnurag S. Maskey} 826ba597c5SAnurag S. Maskey 836ba597c5SAnurag S. Maskey# 846ba597c5SAnurag S. Maskey# get_dhcpinfo <code/identifier> 856ba597c5SAnurag S. Maskey# 8603e9aa6dSRenee Danson Sommerfeld# echoes the value received through each interface controlled by DHCP; 8703e9aa6dSRenee Danson Sommerfeld# multiple values are echoed as a space-separated list 8803e9aa6dSRenee Danson Sommerfeld# 896ba597c5SAnurag S. Maskey# returns: 906ba597c5SAnurag S. Maskey# 0 => property is set 916ba597c5SAnurag S. Maskey# 1 => property is not set 926ba597c5SAnurag S. Maskey# 936ba597c5SAnurag S. Maskeyget_dhcpinfo () { 946ba597c5SAnurag S. Maskey code=$1 956ba597c5SAnurag S. Maskey 966ba597c5SAnurag S. Maskey # Get all interfaces with DHCP control, IFS is " " 976ba597c5SAnurag S. Maskey interfaces=`get_dhcp_interfaces` 986ba597c5SAnurag S. Maskey 996ba597c5SAnurag S. Maskey info="" 1006ba597c5SAnurag S. Maskey for intf in $interfaces; do 1016ba597c5SAnurag S. Maskey val=`$DHCPINFO -i $intf $code` 1026ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 1036ba597c5SAnurag S. Maskey if [ "$info" = "" ]; then 1046ba597c5SAnurag S. Maskey info="$val" 1056ba597c5SAnurag S. Maskey else 10603e9aa6dSRenee Danson Sommerfeld info="$info $val" 1076ba597c5SAnurag S. Maskey fi 1086ba597c5SAnurag S. Maskey fi 1096ba597c5SAnurag S. Maskey done 1106ba597c5SAnurag S. Maskey echo $info 1116ba597c5SAnurag S. Maskey} 1126ba597c5SAnurag S. Maskey 1136ba597c5SAnurag S. Maskey# 1146ba597c5SAnurag S. Maskey# set_smf_prop <fmri> <property name> <property value> 1156ba597c5SAnurag S. Maskey# 1166ba597c5SAnurag S. Maskeyset_smf_prop () { 1176ba597c5SAnurag S. Maskey $SVCCFG -s $1 setprop $2 = astring: "$3" && return 1186ba597c5SAnurag S. Maskey} 1196ba597c5SAnurag S. Maskey 1206ba597c5SAnurag S. Maskey# 1216ba597c5SAnurag S. Maskey# refresh_svc <fmri> 1226ba597c5SAnurag S. Maskey# 1236ba597c5SAnurag S. Maskey# Refreshes the service. 1246ba597c5SAnurag S. Maskey# 1256ba597c5SAnurag S. Maskeyrefresh_svc () { 1266ba597c5SAnurag S. Maskey $SVCADM refresh $1 1276ba597c5SAnurag S. Maskey} 1286ba597c5SAnurag S. Maskey 1296ba597c5SAnurag S. Maskey# 1306ba597c5SAnurag S. Maskey# restart_svc <fmri> 1316ba597c5SAnurag S. Maskey# 1326ba597c5SAnurag S. Maskey# Restarts the service. 1336ba597c5SAnurag S. Maskey# 1346ba597c5SAnurag S. Maskeyrestart_svc () { 1356ba597c5SAnurag S. Maskey $SVCADM restart $1 1366ba597c5SAnurag S. Maskey} 1376ba597c5SAnurag S. Maskey 1386ba597c5SAnurag S. Maskey# 1396ba597c5SAnurag S. Maskey# start_svc <fmri> 1406ba597c5SAnurag S. Maskey# 1416ba597c5SAnurag S. Maskey# Starts the service. If the service is already enabled, restarts it. If 1426ba597c5SAnurag S. Maskey# it is not enabled, temporarily enables it. 1436ba597c5SAnurag S. Maskey# 1446ba597c5SAnurag S. Maskeystart_svc () { 1456ba597c5SAnurag S. Maskey if service_is_enabled $1; then 1466ba597c5SAnurag S. Maskey $SVCADM restart $1 1476ba597c5SAnurag S. Maskey else 1486ba597c5SAnurag S. Maskey $SVCADM enable -t $1 1496ba597c5SAnurag S. Maskey fi 1506ba597c5SAnurag S. Maskey} 1516ba597c5SAnurag S. Maskey 1526ba597c5SAnurag S. Maskey# 1536ba597c5SAnurag S. Maskey# stop_svc <fmri> 1546ba597c5SAnurag S. Maskey# 1556ba597c5SAnurag S. Maskey# Temporarily disables the service. 1566ba597c5SAnurag S. Maskey# 1576ba597c5SAnurag S. Maskeystop_svc () { 1586ba597c5SAnurag S. Maskey $SVCADM disable -t $1 1596ba597c5SAnurag S. Maskey} 1606ba597c5SAnurag S. Maskey 1616ba597c5SAnurag S. Maskey# 1626ba597c5SAnurag S. Maskey# copy_default <dir> <file> 1636ba597c5SAnurag S. Maskey# 1646ba597c5SAnurag S. Maskey# Copies <dir>/<file>.dfl to <dir>/<file> 1656ba597c5SAnurag S. Maskey# 1666ba597c5SAnurag S. Maskeycopy_default () { 1676ba597c5SAnurag S. Maskey $CP -p $1/$2.dfl $1/$2 1686ba597c5SAnurag S. Maskey} 1696ba597c5SAnurag S. Maskey 1706ba597c5SAnurag S. Maskey# 1716ba597c5SAnurag S. Maskey# do_dns <location> 1726ba597c5SAnurag S. Maskey# 1736ba597c5SAnurag S. Maskey# Installs DNS information on /etc/resolv.conf for location 1746ba597c5SAnurag S. Maskey# 17503e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 17603e9aa6dSRenee Danson Sommerfeld# 1776ba597c5SAnurag S. Maskeydo_dns () { 1786ba597c5SAnurag S. Maskey loc=$1 1796ba597c5SAnurag S. Maskey file=/etc/resolv.conf 1806ba597c5SAnurag S. Maskey 1816ba597c5SAnurag S. Maskey # Write out to temporary file first 1826ba597c5SAnurag S. Maskey $TOUCH $file.$$ 1836ba597c5SAnurag S. Maskey 18403e9aa6dSRenee Danson Sommerfeld DNS_CONFIGSRC=`nwam_get_loc_list_prop $loc dns-nameservice-configsrc` 185ad559becSAnurag S. Maskey if [ -z "$DNS_CONFIGSRC" ]; then 186ad559becSAnurag S. Maskey echo "missing 'dns-nameservice-configsrc' property for '$loc'" 18703e9aa6dSRenee Danson Sommerfeld return 1 188ad559becSAnurag S. Maskey fi 189ad559becSAnurag S. Maskey 1906ba597c5SAnurag S. Maskey for configsrc in $DNS_CONFIGSRC; do 1916ba597c5SAnurag S. Maskey case "$configsrc" in 1926ba597c5SAnurag S. Maskey 'manual') 19303e9aa6dSRenee Danson Sommerfeld DNS_SERVERS=`nwam_get_loc_list_prop $loc \ 19403e9aa6dSRenee Danson Sommerfeld dns-nameservice-servers` 19503e9aa6dSRenee Danson Sommerfeld if [ -z "$DNS_SERVERS" ]; then 19603e9aa6dSRenee Danson Sommerfeld echo "DNS nameserver not set for '$loc'" 19703e9aa6dSRenee Danson Sommerfeld return 1 19803e9aa6dSRenee Danson Sommerfeld fi 1996ba597c5SAnurag S. Maskey DNS_DOMAIN=`nwam_get_loc_prop $loc \ 2006ba597c5SAnurag S. Maskey dns-nameservice-domain` 20103e9aa6dSRenee Danson Sommerfeld DNS_SEARCH=`nwam_get_loc_list_prop $loc \ 2026ba597c5SAnurag S. Maskey dns-nameservice-search` 2036ba597c5SAnurag S. Maskey ;; 2046ba597c5SAnurag S. Maskey 'dhcp') 2056ba597c5SAnurag S. Maskey DNS_DOMAIN=`get_dhcpinfo DNSdmain` 2066ba597c5SAnurag S. Maskey DNS_SERVERS=`get_dhcpinfo DNSserv` 2076ba597c5SAnurag S. Maskey # No DNS search info for IPv4 2086ba597c5SAnurag S. Maskey ;; 2096ba597c5SAnurag S. Maskey '*') 2106ba597c5SAnurag S. Maskey echo "Unrecognized DNS configsrc ${configsrc}; ignoring" 2116ba597c5SAnurag S. Maskey ;; 2126ba597c5SAnurag S. Maskey esac 2136ba597c5SAnurag S. Maskey 2146ba597c5SAnurag S. Maskey # Write DNS settings 2156ba597c5SAnurag S. Maskey if [ -n "$DNS_DOMAIN" ]; then 2166ba597c5SAnurag S. Maskey echo "$DNS_DOMAIN" | $NAWK \ 21703e9aa6dSRenee Danson Sommerfeld '{ for (i = 1; i <= NF; i++) \ 2186ba597c5SAnurag S. Maskey print "domain ", $i }' >> $file.$$ 2196ba597c5SAnurag S. Maskey fi 2206ba597c5SAnurag S. Maskey if [ -n "$DNS_SEARCH" ]; then 2216ba597c5SAnurag S. Maskey echo "$DNS_SEARCH" | $NAWK \ 22203e9aa6dSRenee Danson Sommerfeld '{ printf("search"); \ 2236ba597c5SAnurag S. Maskey for (i = 1; i <= NF; i++) printf(" %s", $i); \ 2246ba597c5SAnurag S. Maskey printf("\n") }' >> $file.$$ 2256ba597c5SAnurag S. Maskey fi 2266ba597c5SAnurag S. Maskey if [ -n "$DNS_SERVERS" ]; then 2276ba597c5SAnurag S. Maskey echo "$DNS_SERVERS" | $NAWK \ 22803e9aa6dSRenee Danson Sommerfeld '{ for (i = 1; i <= NF; i++) \ 2296ba597c5SAnurag S. Maskey print "nameserver ", $i }' >> $file.$$ 2306ba597c5SAnurag S. Maskey fi 2316ba597c5SAnurag S. Maskey done 232ad559becSAnurag S. Maskey 2336ba597c5SAnurag S. Maskey # Finally, copy our working version to the real thing 2346ba597c5SAnurag S. Maskey $MV -f $file.$$ $file 2356ba597c5SAnurag S. Maskey start_svc $DNS_CLIENT_FMRI 23603e9aa6dSRenee Danson Sommerfeld 23703e9aa6dSRenee Danson Sommerfeld return 0 2386ba597c5SAnurag S. Maskey} 2396ba597c5SAnurag S. Maskey 2406ba597c5SAnurag S. Maskey# 2416ba597c5SAnurag S. Maskey# do_nis <location> 2426ba597c5SAnurag S. Maskey# 2436ba597c5SAnurag S. Maskey# Installs NIS information on /var/yp/binding/ for location 2446ba597c5SAnurag S. Maskey# 24503e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 24603e9aa6dSRenee Danson Sommerfeld# 2476ba597c5SAnurag S. Maskeydo_nis () { 2486ba597c5SAnurag S. Maskey loc=$1 2496ba597c5SAnurag S. Maskey 25003e9aa6dSRenee Danson Sommerfeld NIS_CONFIGSRC=`nwam_get_loc_list_prop $loc nis-nameservice-configsrc` 251ad559becSAnurag S. Maskey if [ -z "$NIS_CONFIGSRC" ]; then 252ad559becSAnurag S. Maskey echo "missing 'nis-nameservice-configsrc' property for '$loc'" 25303e9aa6dSRenee Danson Sommerfeld return 1 254ad559becSAnurag S. Maskey fi 255ad559becSAnurag S. Maskey 2566ba597c5SAnurag S. Maskey for configsrc in $NIS_CONFIGSRC; do 2576ba597c5SAnurag S. Maskey case "$configsrc" in 2586ba597c5SAnurag S. Maskey 'manual') 25903e9aa6dSRenee Danson Sommerfeld NIS_SERVERS=`nwam_get_loc_list_prop $loc \ 2606ba597c5SAnurag S. Maskey nis-nameservice-servers` 2616ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 2626ba597c5SAnurag S. Maskey # user-specified default-domain always wins 263ad559becSAnurag S. Maskey if [ -n "$DEFAULT_DOMAIN" ]; then 2646ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 2656ba597c5SAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 26603e9aa6dSRenee Danson Sommerfeld else 26703e9aa6dSRenee Danson Sommerfeld echo "'domainname' not set for '$loc'" 26803e9aa6dSRenee Danson Sommerfeld return 1 269ad559becSAnurag S. Maskey fi 2706ba597c5SAnurag S. Maskey ;; 2716ba597c5SAnurag S. Maskey 'dhcp') 2726ba597c5SAnurag S. Maskey # Use only the first name 2736ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`get_dhcpinfo NISdmain | \ 27403e9aa6dSRenee Danson Sommerfeld $NAWK '{ print $1 }'` 2756ba597c5SAnurag S. Maskey NIS_SERVERS=`get_dhcpinfo NISservs` 2766ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 2776ba597c5SAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 2786ba597c5SAnurag S. Maskey ;; 2796ba597c5SAnurag S. Maskey '*') 2806ba597c5SAnurag S. Maskey echo "Unrecognized NIS configsrc ${configsrc}; ignoring" 2816ba597c5SAnurag S. Maskey ;; 2826ba597c5SAnurag S. Maskey esac 2836ba597c5SAnurag S. Maskey 2846ba597c5SAnurag S. Maskey # Place NIS settings in appropriate directory/file. 2856ba597c5SAnurag S. Maskey if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then 2866ba597c5SAnurag S. Maskey $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN 2876ba597c5SAnurag S. Maskey fi 2886ba597c5SAnurag S. Maskey if [ -n "$NIS_SERVERS" ]; then 2896ba597c5SAnurag S. Maskey echo "$NIS_SERVERS" | $NAWK \ 29003e9aa6dSRenee Danson Sommerfeld '{ for (i = 1; i <= NF; i++) print $i }' \ 2916ba597c5SAnurag S. Maskey > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers 2926ba597c5SAnurag S. Maskey fi 2936ba597c5SAnurag S. Maskey done 29403e9aa6dSRenee Danson Sommerfeld 2956ba597c5SAnurag S. Maskey start_svc $NIS_CLIENT_FMRI 29603e9aa6dSRenee Danson Sommerfeld 29703e9aa6dSRenee Danson Sommerfeld return 0 2986ba597c5SAnurag S. Maskey} 2996ba597c5SAnurag S. Maskey 3006ba597c5SAnurag S. Maskey# 3016ba597c5SAnurag S. Maskey# do_ldap <location> 3026ba597c5SAnurag S. Maskey# 3036ba597c5SAnurag S. Maskey# Installs LDAP information using ldapclient(1M) for location 3046ba597c5SAnurag S. Maskey# 30503e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 30603e9aa6dSRenee Danson Sommerfeld# 3076ba597c5SAnurag S. Maskeydo_ldap () { 3086ba597c5SAnurag S. Maskey loc=$1 3096ba597c5SAnurag S. Maskey 31003e9aa6dSRenee Danson Sommerfeld LDAP_CONFIGSRC=`nwam_get_loc_list_prop $loc ldap-nameservice-configsrc` 311ad559becSAnurag S. Maskey if [ -z "$LDAP_CONFIGSRC" ]; then 312ad559becSAnurag S. Maskey echo "missing 'ldap-nameservice-configsrc' property for '$loc'" 31303e9aa6dSRenee Danson Sommerfeld return 1 314ad559becSAnurag S. Maskey fi 315ad559becSAnurag S. Maskey 3166ba597c5SAnurag S. Maskey for configsrc in $LDAP_CONFIGSRC; do 3176ba597c5SAnurag S. Maskey case "$configsrc" in 3186ba597c5SAnurag S. Maskey 'manual') 31903e9aa6dSRenee Danson Sommerfeld LDAP_SERVERS=`nwam_get_loc_list_prop $loc \ 3206ba597c5SAnurag S. Maskey ldap-nameservice-servers` 3216ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 32203e9aa6dSRenee Danson Sommerfeld if [ -z $LDAP_SERVERS -o -z $DEFAULT_DOMAIN ]; then 32303e9aa6dSRenee Danson Sommerfeld echo "LDAP configuration could not be set "\ 32403e9aa6dSRenee Danson Sommerfeld "for '$loc'" 32503e9aa6dSRenee Danson Sommerfeld return 1 32603e9aa6dSRenee Danson Sommerfeld fi 3276ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 3286ba597c5SAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 3296ba597c5SAnurag S. Maskey ;; 3306ba597c5SAnurag S. Maskey '*') 33103e9aa6dSRenee Danson Sommerfeld echo "Invalid LDAP configsrc ${configsrc}; ignoring" 3326ba597c5SAnurag S. Maskey ;; 3336ba597c5SAnurag S. Maskey esac 3346ba597c5SAnurag S. Maskey 3356ba597c5SAnurag S. Maskey # Use ldapclient(1M) to initialize LDAP client settings. 3366ba597c5SAnurag S. Maskey if [ -n "$DEFAULT_DOMAIN" -o -n "$LDAP_SERVERS" ]; then 3376ba597c5SAnurag S. Maskey $LDAPCLIENT init -a domainName=$DEFAULT_DOMAIN \ 3386ba597c5SAnurag S. Maskey $LDAP_SERVERS 3396ba597c5SAnurag S. Maskey fi 3406ba597c5SAnurag S. Maskey done 34103e9aa6dSRenee Danson Sommerfeld 3426ba597c5SAnurag S. Maskey start_svc $LDAP_CLIENT_FMRI 34303e9aa6dSRenee Danson Sommerfeld 34403e9aa6dSRenee Danson Sommerfeld return 0 3456ba597c5SAnurag S. Maskey} 3466ba597c5SAnurag S. Maskey 3476ba597c5SAnurag S. Maskey# 3486ba597c5SAnurag S. Maskey# do_ns <location> 3496ba597c5SAnurag S. Maskey# 3506ba597c5SAnurag S. Maskey# Installs different nameservices for location 3516ba597c5SAnurag S. Maskey# 35203e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 35303e9aa6dSRenee Danson Sommerfeld# 3546ba597c5SAnurag S. Maskeydo_ns () { 3556ba597c5SAnurag S. Maskey loc=$1 3566ba597c5SAnurag S. Maskey 3576ba597c5SAnurag S. Maskey # 3586ba597c5SAnurag S. Maskey # Disable nameservices temporarily while we reconfigure. Copy 3596ba597c5SAnurag S. Maskey # /etc/nsswitch.files to /etc/nsswitch.conf first so that only "files" 3606ba597c5SAnurag S. Maskey # are used. 3616ba597c5SAnurag S. Maskey # 3626ba597c5SAnurag S. Maskey $CP -p /etc/nsswitch.files /etc/nsswitch.conf 3636ba597c5SAnurag S. Maskey stop_svc $DNS_CLIENT_FMRI 3646ba597c5SAnurag S. Maskey stop_svc $NIS_CLIENT_FMRI 3656ba597c5SAnurag S. Maskey stop_svc $LDAP_CLIENT_FMRI 3666ba597c5SAnurag S. Maskey 3676ba597c5SAnurag S. Maskey # 3686ba597c5SAnurag S. Maskey # Remove /etc/defaultdomain and unset domainname(1M). If NIS 3696ba597c5SAnurag S. Maskey # and/or LDAP is configured, they will create /etc/defaultdomain 3706ba597c5SAnurag S. Maskey # and set the domainname(1M). 3716ba597c5SAnurag S. Maskey # 3726ba597c5SAnurag S. Maskey $RM -f $ETC_DEFAULT_DOMAIN 3736ba597c5SAnurag S. Maskey $DOMAINNAME " " 3746ba597c5SAnurag S. Maskey 37503e9aa6dSRenee Danson Sommerfeld NAMESERVICES=`nwam_get_loc_list_prop $loc nameservices` 376ad559becSAnurag S. Maskey if [ -z "$NAMESERVICES" ]; then 377ad559becSAnurag S. Maskey echo "missing 'nameservices' property for location '$loc'" 37803e9aa6dSRenee Danson Sommerfeld return 1 379ad559becSAnurag S. Maskey fi 380ad559becSAnurag S. Maskey 3816ba597c5SAnurag S. Maskey NAMESERVICES_CONFIG_FILE=`nwam_get_loc_prop \ 3826ba597c5SAnurag S. Maskey $loc nameservices-config-file` 383ad559becSAnurag S. Maskey if [ -z "$NAMESERVICES_CONFIG_FILE" ]; then 384ad559becSAnurag S. Maskey echo "missing 'nameservices-config-file' property for '$loc'" 38503e9aa6dSRenee Danson Sommerfeld return 1 3866ba597c5SAnurag S. Maskey fi 387ad559becSAnurag S. Maskey $CP -p $NAMESERVICES_CONFIG_FILE /etc/nsswitch.conf 3886ba597c5SAnurag S. Maskey 3896ba597c5SAnurag S. Maskey for ns in $NAMESERVICES; do 3906ba597c5SAnurag S. Maskey case "$ns" in 3916ba597c5SAnurag S. Maskey 'files') 3926ba597c5SAnurag S. Maskey # no additional setup needed for files nameservice 3936ba597c5SAnurag S. Maskey ;; 3946ba597c5SAnurag S. Maskey 'dns') 39503e9aa6dSRenee Danson Sommerfeld do_dns $loc || return 1 3966ba597c5SAnurag S. Maskey ;; 3976ba597c5SAnurag S. Maskey 'nis') 39803e9aa6dSRenee Danson Sommerfeld do_nis $loc || return 1 3996ba597c5SAnurag S. Maskey ;; 4006ba597c5SAnurag S. Maskey 'ldap') 40103e9aa6dSRenee Danson Sommerfeld do_ldap $loc || return 1 4026ba597c5SAnurag S. Maskey ;; 4036ba597c5SAnurag S. Maskey '*') 4046ba597c5SAnurag S. Maskey echo "Unrecognized nameservices value ${ns}; ignoring" 4056ba597c5SAnurag S. Maskey ;; 4066ba597c5SAnurag S. Maskey esac 4076ba597c5SAnurag S. Maskey done 4086ba597c5SAnurag S. Maskey 4096ba597c5SAnurag S. Maskey # 4106ba597c5SAnurag S. Maskey # Restart other related services 4116ba597c5SAnurag S. Maskey # 4126ba597c5SAnurag S. Maskey # We explicitly restart here, as restart will only have an 4136ba597c5SAnurag S. Maskey # effect if the service is already enabled. We don't want 4146ba597c5SAnurag S. Maskey # to enable the service if it's currently disabled. 4156ba597c5SAnurag S. Maskey # 4166ba597c5SAnurag S. Maskey restart_svc $AUTOFS_FMRI 41703e9aa6dSRenee Danson Sommerfeld 41803e9aa6dSRenee Danson Sommerfeld return 0 4196ba597c5SAnurag S. Maskey} 4206ba597c5SAnurag S. Maskey 4216ba597c5SAnurag S. Maskey# 4226ba597c5SAnurag S. Maskey# do_sec <location> 4236ba597c5SAnurag S. Maskey# 4246ba597c5SAnurag S. Maskey# If config properties are set, update the SMF property and refresh the 4256ba597c5SAnurag S. Maskey# service. If config properties are not set, delete the SMF property and 4266ba597c5SAnurag S. Maskey# stop the service. 4276ba597c5SAnurag S. Maskey# 42803e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 42903e9aa6dSRenee Danson Sommerfeld# 4306ba597c5SAnurag S. Maskeydo_sec () { 4316ba597c5SAnurag S. Maskey loc=$1 4326ba597c5SAnurag S. Maskey 4336ba597c5SAnurag S. Maskey ike_file=`nwam_get_loc_prop $loc ike-config-file` 4346ba597c5SAnurag S. Maskey pol_file=`nwam_get_loc_prop $loc ipsecpolicy-config-file` 4356ba597c5SAnurag S. Maskey ipf_file=`nwam_get_loc_prop $loc ipfilter-config-file` 4366ba597c5SAnurag S. Maskey ipf6_file=`nwam_get_loc_prop $loc ipfilter-v6-config-file` 4376ba597c5SAnurag S. Maskey ipnat_file=`nwam_get_loc_prop $loc ipnat-config-file` 4386ba597c5SAnurag S. Maskey ippool_file=`nwam_get_loc_prop $loc ippool-config-file` 4396ba597c5SAnurag S. Maskey 4406ba597c5SAnurag S. Maskey # IKE 4416ba597c5SAnurag S. Maskey if [ -n "$ike_file" ]; then 4426ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file $ike_file 4436ba597c5SAnurag S. Maskey refresh_svc $IPSEC_IKE_FMRI 4446ba597c5SAnurag S. Maskey start_svc $IPSEC_IKE_FMRI 4456ba597c5SAnurag S. Maskey else 4466ba597c5SAnurag S. Maskey stop_svc $IPSEC_IKE_FMRI 4476ba597c5SAnurag S. Maskey fi 4486ba597c5SAnurag S. Maskey 4496ba597c5SAnurag S. Maskey # IPsec 4506ba597c5SAnurag S. Maskey if [ -n "$pol_file" ]; then 4516ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file 4526ba597c5SAnurag S. Maskey refresh_svc $IPSEC_POLICY_FMRI 4536ba597c5SAnurag S. Maskey start_svc $IPSEC_POLICY_FMRI 4546ba597c5SAnurag S. Maskey else 4556ba597c5SAnurag S. Maskey stop_svc $IPSEC_POLICY_FMRI 4566ba597c5SAnurag S. Maskey fi 4576ba597c5SAnurag S. Maskey 4586ba597c5SAnurag S. Maskey # IPFilter 4596ba597c5SAnurag S. Maskey refresh_ipf=false 4606ba597c5SAnurag S. Maskey if [ -n "$ipf_file" ]; then 4616ba597c5SAnurag S. Maskey if [ "$ipf_file" = "/none" ]; then 4626ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4636ba597c5SAnurag S. Maskey firewall_config_default/policy "none" 4646ba597c5SAnurag S. Maskey elif [ "$ipf_file" = "/deny" ]; then 4656ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4666ba597c5SAnurag S. Maskey firewall_config_default/policy "deny" 4676ba597c5SAnurag S. Maskey elif [ "$ipf_file" = "/allow" ]; then 4686ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4696ba597c5SAnurag S. Maskey firewall_config_default/policy "allow" 4706ba597c5SAnurag S. Maskey else 4716ba597c5SAnurag S. Maskey # custom policy with policy file 4726ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4736ba597c5SAnurag S. Maskey firewall_config_default/policy "custom" 4746ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4756ba597c5SAnurag S. Maskey firewall_config_default/custom_policy_file $ipf_file 4766ba597c5SAnurag S. Maskey fi 4776ba597c5SAnurag S. Maskey refresh_ipf=true 4786ba597c5SAnurag S. Maskey else 4796ba597c5SAnurag S. Maskey # change policy to "none", no need to clear custom_policy_file 4806ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI firewall_config_default/policy \ 4816ba597c5SAnurag S. Maskey "none" 4826ba597c5SAnurag S. Maskey # IPFilter has to be refreshed to make the changes effective. 4836ba597c5SAnurag S. Maskey # Don't set $refresh_ipf as it keeps IPFilter online rather 4846ba597c5SAnurag S. Maskey # than disabled. Refresh after IPFilter is disabled below. 4856ba597c5SAnurag S. Maskey fi 4866ba597c5SAnurag S. Maskey if [ -n "$ipf6_file" ]; then 4876ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file 4886ba597c5SAnurag S. Maskey refresh_ipf=true 4896ba597c5SAnurag S. Maskey fi 4906ba597c5SAnurag S. Maskey if [ -n "$ipnat_file" ]; then 4916ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file $ipnat_file 4926ba597c5SAnurag S. Maskey refresh_ipf=true 4936ba597c5SAnurag S. Maskey fi 4946ba597c5SAnurag S. Maskey if [ -n "$ippool_file" ]; then 4956ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 4966ba597c5SAnurag S. Maskey $ippool_file 4976ba597c5SAnurag S. Maskey refresh_ipf=true 4986ba597c5SAnurag S. Maskey fi 4996ba597c5SAnurag S. Maskey 5006ba597c5SAnurag S. Maskey if [ "$refresh_ipf" = "true" ]; then 5016ba597c5SAnurag S. Maskey refresh_svc $IPFILTER_FMRI 5026ba597c5SAnurag S. Maskey start_svc $IPFILTER_FMRI 5036ba597c5SAnurag S. Maskey else 5046ba597c5SAnurag S. Maskey stop_svc $IPFILTER_FMRI 5056ba597c5SAnurag S. Maskey refresh_svc $IPFILTER_FMRI 5066ba597c5SAnurag S. Maskey fi 50703e9aa6dSRenee Danson Sommerfeld 50803e9aa6dSRenee Danson Sommerfeld return 0 5096ba597c5SAnurag S. Maskey} 5106ba597c5SAnurag S. Maskey 5116ba597c5SAnurag S. Maskey# 5126ba597c5SAnurag S. Maskey# update_nfs_file <new nfsv4 domain> 5136ba597c5SAnurag S. Maskey# 5146ba597c5SAnurag S. Maskeyupdate_nfs_file () { 5156ba597c5SAnurag S. Maskey domain=$1 5166ba597c5SAnurag S. Maskey file=/etc/default/nfs 5176ba597c5SAnurag S. Maskey 5186ba597c5SAnurag S. Maskey # 5196ba597c5SAnurag S. Maskey # For non-commented-out lines that set NFSMAPID_DOMAIN: 5206ba597c5SAnurag S. Maskey # if not previously added by nwam, comment out with a note 5216ba597c5SAnurag S. Maskey # if previously added by nwam, remove 5226ba597c5SAnurag S. Maskey # For commented-out lines that set NFSMAPID_DOMAIN: 5236ba597c5SAnurag S. Maskey # if not commented out by NWAM, leave as-is 5246ba597c5SAnurag S. Maskey # if commented out by NWAM, remove 5256ba597c5SAnurag S. Maskey # All other lines: leave as-is 5266ba597c5SAnurag S. Maskey # 5276ba597c5SAnurag S. Maskey $NAWK ' \ 5286ba597c5SAnurag S. Maskey $0 ~ /^NFSMAPID_DOMAIN=/ { 5296ba597c5SAnurag S. Maskey if (index($0, "# Added by NWAM") == 0) 5306ba597c5SAnurag S. Maskey printf("#%s # Commented out by NWAM\n", $0); 5316ba597c5SAnurag S. Maskey } 5326ba597c5SAnurag S. Maskey $0 ~ /^#NFSMAPID_DOMAIN=/ { 5336ba597c5SAnurag S. Maskey if ($0 !~ /"# Commented out by NWAM"/) 5346ba597c5SAnurag S. Maskey printf("%s\n", $0); 5356ba597c5SAnurag S. Maskey } 5366ba597c5SAnurag S. Maskey $1 !~ /NFSMAPID_DOMAIN=/ { 5376ba597c5SAnurag S. Maskey printf("%s\n", $0); 5386ba597c5SAnurag S. Maskey }' $file >$file.$$ 5396ba597c5SAnurag S. Maskey 5406ba597c5SAnurag S. Maskey # Now add the desired value 5416ba597c5SAnurag S. Maskey echo "NFSMAPID_DOMAIN=$domain # Added by NWAM" >> $file.$$ 5426ba597c5SAnurag S. Maskey 5436ba597c5SAnurag S. Maskey # Finally, copy our working version to the real thing 5446ba597c5SAnurag S. Maskey $MV -f $file.$$ $file 5456ba597c5SAnurag S. Maskey} 5466ba597c5SAnurag S. Maskey 5476ba597c5SAnurag S. Maskey# 5486ba597c5SAnurag S. Maskey# do_nfsv4 <location> 5496ba597c5SAnurag S. Maskey# 5506ba597c5SAnurag S. Maskey# Updates NFSv4 domain for location 5516ba597c5SAnurag S. Maskey# 55203e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 55303e9aa6dSRenee Danson Sommerfeld# 5546ba597c5SAnurag S. Maskeydo_nfsv4 () { 5556ba597c5SAnurag S. Maskey loc=$1 5566ba597c5SAnurag S. Maskey 5576ba597c5SAnurag S. Maskey nfsv4domain=`nwam_get_loc_prop $loc nfsv4-domain` 5586ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 5596ba597c5SAnurag S. Maskey update_nfs_file $nfsv4domain 5606ba597c5SAnurag S. Maskey start_svc $MAPID_FMRI 5616ba597c5SAnurag S. Maskey else 5626ba597c5SAnurag S. Maskey stop_svc $MAPID_FMRI 5636ba597c5SAnurag S. Maskey fi 56403e9aa6dSRenee Danson Sommerfeld 56503e9aa6dSRenee Danson Sommerfeld return 0 5666ba597c5SAnurag S. Maskey} 5676ba597c5SAnurag S. Maskey 5686ba597c5SAnurag S. Maskey# 5696ba597c5SAnurag S. Maskey# activate_loc <location> 5706ba597c5SAnurag S. Maskey# 5716ba597c5SAnurag S. Maskey# Activates the given location 5726ba597c5SAnurag S. Maskey# 57303e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 57403e9aa6dSRenee Danson Sommerfeld# 5756ba597c5SAnurag S. Maskeyactivate_loc () { 5766ba597c5SAnurag S. Maskey loc=$1 5776ba597c5SAnurag S. Maskey 5786ba597c5SAnurag S. Maskey echo activating $loc location 5796ba597c5SAnurag S. Maskey 58003e9aa6dSRenee Danson Sommerfeld # 58103e9aa6dSRenee Danson Sommerfeld # if we fail to complete any part of the config, 58203e9aa6dSRenee Danson Sommerfeld # stop activation work and report failure. 58303e9aa6dSRenee Danson Sommerfeld # 58403e9aa6dSRenee Danson Sommerfeld do_sec $loc && do_ns $loc && do_nfsv4 $loc && return 0 58503e9aa6dSRenee Danson Sommerfeld return 1 5866ba597c5SAnurag S. Maskey} 5876ba597c5SAnurag S. Maskey 5886ba597c5SAnurag S. Maskey# 5896ba597c5SAnurag S. Maskey# Script entry point 5906ba597c5SAnurag S. Maskey# 5916ba597c5SAnurag S. Maskey# Arguments to net-loc are 5926ba597c5SAnurag S. Maskey# method ('start' or 'refresh') 5936ba597c5SAnurag S. Maskey 5946ba597c5SAnurag S. Maskey# 5956ba597c5SAnurag S. Maskey# If nwam is not enabled, do nothing and return OK. 5966ba597c5SAnurag S. Maskey# 5976ba597c5SAnurag S. Maskeyservice_is_enabled $NWAM_FMRI || exit $SMF_EXIT_OK 5986ba597c5SAnurag S. Maskey 5996ba597c5SAnurag S. Maskey# 6006ba597c5SAnurag S. Maskey# In a shared-IP zone we need this service to be up, but all of the work 6016ba597c5SAnurag S. Maskey# it tries to do is irrelevant (and will actually lead to the service 6026ba597c5SAnurag S. Maskey# failing if we try to do it), so just bail out. 6036ba597c5SAnurag S. Maskey# In the global zone and exclusive-IP zones we proceed. 6046ba597c5SAnurag S. Maskey# 6056ba597c5SAnurag S. Maskeysmf_configure_ip || exit $SMF_EXIT_OK 6066ba597c5SAnurag S. Maskey 6076ba597c5SAnurag S. Maskeycase "$1" in 6086ba597c5SAnurag S. Maskey 6096ba597c5SAnurag S. Maskey'start') 6106ba597c5SAnurag S. Maskey # 6116ba597c5SAnurag S. Maskey # We need to create the default (NoNet and Automatic) 6126ba597c5SAnurag S. Maskey # locations, if they don't already exist. So: first check 6136ba597c5SAnurag S. Maskey # for the existence of each, and then run the appropriate 6146ba597c5SAnurag S. Maskey # nwamcfg script(s) as needed. Restart nwamd if a location is 6156ba597c5SAnurag S. Maskey # created, as it needs to read it in. 6166ba597c5SAnurag S. Maskey # 6176ba597c5SAnurag S. Maskey LOC_CREATED="false" 6186ba597c5SAnurag S. Maskey $NWAMCFG list loc Automatic >/dev/null 2>&1 6196ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 6206ba597c5SAnurag S. Maskey $NWAMCFG -f /etc/nwam/loc/create_loc_auto 6216ba597c5SAnurag S. Maskey LOC_CREATED="true" 6226ba597c5SAnurag S. Maskey fi 6236ba597c5SAnurag S. Maskey 6246ba597c5SAnurag S. Maskey $NWAMCFG list loc NoNet >/dev/null 2>&1 6256ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 6266ba597c5SAnurag S. Maskey NONETPATH=/etc/nwam/loc/NoNet 6276ba597c5SAnurag S. Maskey NONETFILES="ipf.conf ipf6.conf" 6286ba597c5SAnurag S. Maskey for file in $NONETFILES; do 6296ba597c5SAnurag S. Maskey copy_default $NONETPATH $file 6306ba597c5SAnurag S. Maskey done 6316ba597c5SAnurag S. Maskey $NWAMCFG -f /etc/nwam/loc/create_loc_nonet 6326ba597c5SAnurag S. Maskey LOC_CREATED="true" 6336ba597c5SAnurag S. Maskey fi 6346ba597c5SAnurag S. Maskey 6356ba597c5SAnurag S. Maskey if [ "$LOC_CREATED" = "true" ]; then 6366ba597c5SAnurag S. Maskey refresh_svc $NWAM_FMRI 6376ba597c5SAnurag S. Maskey fi 6386ba597c5SAnurag S. Maskey 6396ba597c5SAnurag S. Maskey # location selection/activation happens below 6406ba597c5SAnurag S. Maskey ;; 6416ba597c5SAnurag S. Maskey 6426ba597c5SAnurag S. Maskey'refresh') 6436ba597c5SAnurag S. Maskey 6446ba597c5SAnurag S. Maskey # location selection/activation happens below 6456ba597c5SAnurag S. Maskey ;; 6466ba597c5SAnurag S. Maskey 6476ba597c5SAnurag S. Maskey*) 6486ba597c5SAnurag S. Maskey echo "Usage: $0 start|refresh" 6496ba597c5SAnurag S. Maskey exit 1 6506ba597c5SAnurag S. Maskey ;; 6516ba597c5SAnurag S. Maskey 6526ba597c5SAnurag S. Maskeyesac 6536ba597c5SAnurag S. Maskey 6546ba597c5SAnurag S. Maskey# 6556ba597c5SAnurag S. Maskey# If the Legacy location doesn't exist and the file to create the Legacy 6566ba597c5SAnurag S. Maskey# location exists, create the Legacy location. Make a copy of it as the user's 6576ba597c5SAnurag S. Maskey# intentions before upgrade. Then activate the User location if nis is 6586ba597c5SAnurag S. Maskey# involved. Because NIS affects more parts of the system (e.g. automounts) we 6596ba597c5SAnurag S. Maskey# are not willing to make NIS part of the Automatic location (i.e. enable it 6606ba597c5SAnurag S. Maskey# automatically based on external input) as we do with DHCP-driven DNS. 6616ba597c5SAnurag S. Maskey# 6626ba597c5SAnurag S. Maskeyactivate_user_loc=0 6636ba597c5SAnurag S. Maskey$NWAMCFG list loc Legacy >/dev/null 2>&1 6646ba597c5SAnurag S. Maskeyif [ $? -eq 1 -a -f "$SCRIPT_PATH/create_loc_legacy" ]; then 6656ba597c5SAnurag S. Maskey # 6666ba597c5SAnurag S. Maskey # We built the script in and pointing to /etc/svc/volatile because we 6676ba597c5SAnurag S. Maskey # may not have a writable filesystem in net-nwam. So here we move the 6686ba597c5SAnurag S. Maskey # components and rewrite the script to point at the writable filesystem. 6696ba597c5SAnurag S. Maskey # 670*4491554aSAnurag S. Maskey $CP -r $SCRIPT_PATH/Legacy /etc/nwam/loc 6716ba597c5SAnurag S. Maskey $MV $SCRIPT_PATH/create_loc_legacy $SCRIPT_PATH/vcreate_loc_legacy 672*4491554aSAnurag S. Maskey $SED -e's,$SCRIPT_PATH/Legacy,$LEGACY_LOC_PATH,' \ 6736ba597c5SAnurag S. Maskey $SCRIPT_PATH/vcreate_loc_legacy >$SCRIPT_PATH/create_loc_legacy 674*4491554aSAnurag S. Maskey $RM -f $SCRIPT_PATH/vcreate_loc_legacy 6756ba597c5SAnurag S. Maskey $NWAMCFG -f $SCRIPT_PATH/create_loc_legacy 6766ba597c5SAnurag S. Maskey loc_ver=`$SVCPROP -c -p location_upgrade/version $LOCATION_FMRI \ 6776ba597c5SAnurag S. Maskey 2>/dev/null` 6786ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 6796ba597c5SAnurag S. Maskey # 6806ba597c5SAnurag S. Maskey # We are rewriting configuration variables from the Legacy 6816ba597c5SAnurag S. Maskey # location to the User location. Use variable ULP to keep REs 6826ba597c5SAnurag S. Maskey # within a line. 6836ba597c5SAnurag S. Maskey # 6846ba597c5SAnurag S. Maskey ULP=$USER_LOC_PATH 6856ba597c5SAnurag S. Maskey $SED -e's,Legacy,User,' \ 6866ba597c5SAnurag S. Maskey -e's,activation-mode=system,activation-mode=manual,' \ 6876ba597c5SAnurag S. Maskey -e"s,\(ipfilter-config-file=\).*/\(.*\),\1$ULP/\2," \ 6886ba597c5SAnurag S. Maskey -e"s,\(ipfilter-v6-config-file=\).*/\(.*\),\1$ULP/\2," \ 6896ba597c5SAnurag S. Maskey -e"s,\(ipnat-config-file=\).*/\(.*\),\1$ULP/\2," \ 6906ba597c5SAnurag S. Maskey -e"s,\(ippool-config-file=\).*/\(.*\),\1$ULP/\2," \ 6916ba597c5SAnurag S. Maskey -e"s,\(ike-config-file=\).*/\(.*\),\1$ULP/\2," \ 6926ba597c5SAnurag S. Maskey -e"s,\(ipsecpolicy-config-file=\).*/\(.*\),\1$ULP/\2," \ 6936ba597c5SAnurag S. Maskey $SCRIPT_PATH/create_loc_legacy | \ 6946ba597c5SAnurag S. Maskey $SED -e's,/etc/nwam/loc/User/none,/none,' \ 6956ba597c5SAnurag S. Maskey -e's,/etc/nwam/loc/User/allow,/allow,' \ 6966ba597c5SAnurag S. Maskey -e's,/etc/nwam/loc/User/deny,/deny,' \ 6976ba597c5SAnurag S. Maskey >$SCRIPT_PATH/create_loc_user 6986ba597c5SAnurag S. Maskey # 6996ba597c5SAnurag S. Maskey # We are creating the User location here. The User location 7006ba597c5SAnurag S. Maskey # is an appromixation of the machine configuration when the 7016ba597c5SAnurag S. Maskey # user change or upgraded to this version of NWAM. First 7026ba597c5SAnurag S. Maskey # we make sure there isn't an existing User location or any 7036ba597c5SAnurag S. Maskey # existing User location data. We then copy all the data 7046ba597c5SAnurag S. Maskey # from the Legacy location and create a location pointing at 7056ba597c5SAnurag S. Maskey # that data. Lastly we create a version property to note 7066ba597c5SAnurag S. Maskey # that we have done this. 7076ba597c5SAnurag S. Maskey # 7086ba597c5SAnurag S. Maskey $NWAMCFG destroy loc User 2>/dev/null 7096ba597c5SAnurag S. Maskey $RM -rf $USER_LOC_PATH 7106ba597c5SAnurag S. Maskey $CP -r $LEGACY_LOC_PATH $USER_LOC_PATH 7116ba597c5SAnurag S. Maskey $RM -f $USER_LOC_PATH/resolv.conf 7126ba597c5SAnurag S. Maskey $NWAMCFG -f $SCRIPT_PATH/create_loc_user 7136ba597c5SAnurag S. Maskey # The User location is activated if 'nis' is in a non comment 7146ba597c5SAnurag S. Maskey # line of nsswitch.conf. 7156ba597c5SAnurag S. Maskey $GREP -v "^#" $USER_LOC_PATH/nsswitch.conf |\ 7166ba597c5SAnurag S. Maskey $SED -e 's/[^:]*://' | $GREP nis >/dev/null 2>&1 7176ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 7186ba597c5SAnurag S. Maskey activate_user_loc=1 7196ba597c5SAnurag S. Maskey fi 7206ba597c5SAnurag S. Maskey $SVCCFG -s $SMF_FMRI addpg location_upgrade application \ 7216ba597c5SAnurag S. Maskey 2>/dev/null 7226ba597c5SAnurag S. Maskey $SVCCFG -s $SMF_FMRI setprop location_upgrade/version = \ 7236ba597c5SAnurag S. Maskey astring: "1" 7246ba597c5SAnurag S. Maskey fi 7256ba597c5SAnurag S. Maskeyfi 7266ba597c5SAnurag S. Maskey 7276ba597c5SAnurag S. Maskey# 7286ba597c5SAnurag S. Maskey# Activate a location. If we've just finished upgrading, and 7296ba597c5SAnurag S. Maskey# the User location should be activated, do that (and use nwamadm 7306ba597c5SAnurag S. Maskey# to do so, so the enabled property gets set and nwamd knows this 7316ba597c5SAnurag S. Maskey# selection has been made). Otherwise, if our location/selected 7326ba597c5SAnurag S. Maskey# property has a value, we activate that location; else we activate 7336ba597c5SAnurag S. Maskey# the NoNet location as a default value. 7346ba597c5SAnurag S. Maskey# 7356ba597c5SAnurag S. Maskeyif [ $activate_user_loc -eq 1 ]; then 7366ba597c5SAnurag S. Maskey $NWAMADM enable -p loc User 7376ba597c5SAnurag S. Maskeyelse 7386ba597c5SAnurag S. Maskey sel_loc=`$SVCPROP -c -p location/selected $SMF_FMRI 2>/dev/null` 7396ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 7406ba597c5SAnurag S. Maskey # location hasn't been selected; default to NoNet 7416ba597c5SAnurag S. Maskey activate_loc NoNet 7426ba597c5SAnurag S. Maskey else 74303e9aa6dSRenee Danson Sommerfeld # 74403e9aa6dSRenee Danson Sommerfeld # If the selected location does not exist, or if we fail 74503e9aa6dSRenee Danson Sommerfeld # to activate it completely, we fall back to the NoNet 74603e9aa6dSRenee Danson Sommerfeld # location. Also poke nwamd, so it will check conditions 74703e9aa6dSRenee Danson Sommerfeld # for a better choice. 74803e9aa6dSRenee Danson Sommerfeld # 7494a44f0a1SAnurag S. Maskey $NWAMCFG list loc $sel_loc >/dev/null 2>&1 7504a44f0a1SAnurag S. Maskey if [ $? -eq 1 ]; then 751ad559becSAnurag S. Maskey echo "location '$sel_loc' doesn't exist" 75203e9aa6dSRenee Danson Sommerfeld activate_loc NoNet 75303e9aa6dSRenee Danson Sommerfeld refresh_svc $NWAM_FMRI 7544a44f0a1SAnurag S. Maskey else 7556ba597c5SAnurag S. Maskey # activate selected location 75603e9aa6dSRenee Danson Sommerfeld if ! activate_loc $sel_loc; then 75703e9aa6dSRenee Danson Sommerfeld echo "failed to activate '$sel_loc'" 75803e9aa6dSRenee Danson Sommerfeld activate_loc NoNet 75903e9aa6dSRenee Danson Sommerfeld refresh_svc $NWAM_FMRI 76003e9aa6dSRenee Danson Sommerfeld fi 7616ba597c5SAnurag S. Maskey fi 7626ba597c5SAnurag S. Maskey fi 7634a44f0a1SAnurag S. Maskeyfi 7646ba597c5SAnurag S. Maskey 7656ba597c5SAnurag S. Maskeyexit $SMF_EXIT_OK 766