1d71dbb73Sjbeck#!/sbin/sh 2d71dbb73Sjbeck# 3d71dbb73Sjbeck# CDDL HEADER START 4d71dbb73Sjbeck# 5d71dbb73Sjbeck# The contents of this file are subject to the terms of the 6d71dbb73Sjbeck# Common Development and Distribution License (the "License"). 7d71dbb73Sjbeck# You may not use this file except in compliance with the License. 8d71dbb73Sjbeck# 9d71dbb73Sjbeck# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10d71dbb73Sjbeck# or http://www.opensolaris.org/os/licensing. 11d71dbb73Sjbeck# See the License for the specific language governing permissions 12d71dbb73Sjbeck# and limitations under the License. 13d71dbb73Sjbeck# 14d71dbb73Sjbeck# When distributing Covered Code, include this CDDL HEADER in each 15d71dbb73Sjbeck# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16d71dbb73Sjbeck# If applicable, add the following below this CDDL HEADER, with the 17d71dbb73Sjbeck# fields enclosed by brackets "[]" replaced with your own identifying 18d71dbb73Sjbeck# information: Portions Copyright [yyyy] [name of copyright owner] 19d71dbb73Sjbeck# 20d71dbb73Sjbeck# CDDL HEADER END 21d71dbb73Sjbeck# 22d71dbb73Sjbeck# 231cfa752fSRamaswamy Tummala# Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 2412c67a59SMilan Jurik# Copyright 2012 Milan Jurik. All rights reserved. 25*faa2068dSAndy Fiddaman# Copyright 2020 OmniOS Community Edition (OmniOSce) Association. 26d71dbb73Sjbeck# 27d71dbb73Sjbeck 28d71dbb73Sjbeck. /lib/svc/share/smf_include.sh 29d62bc4baSyz147064. /lib/svc/share/net_include.sh 30d71dbb73Sjbeck 316ba597c5SAnurag S. Maskey# FMRI constants 326ba597c5SAnurag S. MaskeyIPSEC_IKE_FMRI="svc:/network/ipsec/ike" 336ba597c5SAnurag S. MaskeyIPSEC_POLICY_FMRI="svc:/network/ipsec/policy" 346ba597c5SAnurag S. MaskeyIPFILTER_FMRI="svc:/network/ipfilter:default" 356ba597c5SAnurag S. MaskeyNIS_CLIENT_FMRI="svc:/network/nis/client:default" 366ba597c5SAnurag S. MaskeyNET_PHYS_FMRI="svc:/network/physical:default" 376ba597c5SAnurag S. MaskeyNET_NWAM_FMRI="svc:/network/physical:nwam" 386ba597c5SAnurag S. MaskeyNET_LOC_FMRI="svc:/network/location:default" 39dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United StatesNFS_MAPID_FMRI="svc:/network/nfs/mapid:default" 406ba597c5SAnurag S. Maskey 41d71dbb73Sjbeck# 426ba597c5SAnurag S. Maskey# Default *.conf files 436ba597c5SAnurag S. Maskey# Set appropriate config SMF property to these files when NWAM is stopped 446ba597c5SAnurag S. Maskey# and corresponding config properties in the Legacy location are emtpy 45d71dbb73Sjbeck# 466ba597c5SAnurag S. MaskeyIPF6_DEFAULT_CONFIG_FILE=/etc/ipf/ipf6.conf 476ba597c5SAnurag S. MaskeyIPNAT_DEFAULT_CONFIG_FILE=/etc/ipf/ipnat.conf 486ba597c5SAnurag S. MaskeyIPPOOL_DEFAULT_CONFIG_FILE=/etc/ipf/ippool.conf 496ba597c5SAnurag S. MaskeyIPSEC_IKE_DEFAULT_CONFIG_FILE=/etc/inet/ike/config 506ba597c5SAnurag S. MaskeyIPSEC_POLICY_DEFAULT_CONFIG_FILE=/etc/inet/ipsecinit.conf 516ba597c5SAnurag S. Maskey 526ba597c5SAnurag S. Maskey# commands 536ba597c5SAnurag S. MaskeyBASENAME=/usr/bin/basename 546ba597c5SAnurag S. MaskeyCAT=/usr/bin/cat 556ba597c5SAnurag S. MaskeyCP=/usr/bin/cp 566ba597c5SAnurag S. MaskeyDOMAINNAME=/usr/bin/domainname 576ba597c5SAnurag S. MaskeyGREP=/usr/bin/grep 586ba597c5SAnurag S. MaskeyLDAPCLIENT=/usr/sbin/ldapclient 596ba597c5SAnurag S. MaskeyMKDIR=/usr/bin/mkdir 606ba597c5SAnurag S. MaskeyMKFIFO=/usr/bin/mkfifo 616ba597c5SAnurag S. MaskeyNAWK=/usr/bin/nawk 626ba597c5SAnurag S. MaskeyNWAMCFG=/usr/sbin/nwamcfg 636ba597c5SAnurag S. MaskeyRM=/usr/bin/rm 646ba597c5SAnurag S. MaskeySVCADM=/usr/sbin/svcadm 656ba597c5SAnurag S. MaskeySVCCFG=/usr/sbin/svccfg 666ba597c5SAnurag S. MaskeySVCPROP=/usr/bin/svcprop 676ba597c5SAnurag S. Maskey 686ba597c5SAnurag S. Maskey# Path to directories 696ba597c5SAnurag S. Maskey# We don't have a writable file system so we write to /etc/svc/volatile and 706ba597c5SAnurag S. Maskey# then later copy anything interesting to /etc/nwam. 714491554aSAnurag S. MaskeyVOL_NWAM_PATH=/etc/svc/volatile/nwam 724491554aSAnurag S. MaskeyVOL_LEGACY_PATH=$VOL_NWAM_PATH/Legacy 734491554aSAnurag S. MaskeyPERM_LEGACY_PATH=/etc/nwam/loc/Legacy 746ba597c5SAnurag S. MaskeyNIS_BIND_PATH=/var/yp/binding 756ba597c5SAnurag S. Maskey 766ba597c5SAnurag S. Maskey# 776ba597c5SAnurag S. Maskey# copy_to_legacy_loc <file> 786ba597c5SAnurag S. Maskey# 796ba597c5SAnurag S. Maskey# Copies the file to the Legacy location directory 804491554aSAnurag S. Maskey# (in /etc/svc/volatile/nwam/Legacy) 816ba597c5SAnurag S. Maskey# 826ba597c5SAnurag S. Maskeycopy_to_legacy_loc() { 834491554aSAnurag S. Maskey $MKDIR -p $VOL_LEGACY_PATH 846ba597c5SAnurag S. Maskey if [ -f "$1" ]; then 854491554aSAnurag S. Maskey $CP -p $1 $VOL_LEGACY_PATH 866ba597c5SAnurag S. Maskey fi 876ba597c5SAnurag S. Maskey} 886ba597c5SAnurag S. Maskey 896ba597c5SAnurag S. Maskey# 906ba597c5SAnurag S. Maskey# copy_from_legacy_loc <destination file> 916ba597c5SAnurag S. Maskey# 924491554aSAnurag S. Maskey# Copies file with the same name from Legacy location 934491554aSAnurag S. Maskey# (in /etc/nwam/loc/Legacy) to the given destination file 946ba597c5SAnurag S. Maskey# 956ba597c5SAnurag S. Maskeycopy_from_legacy_loc () { 966ba597c5SAnurag S. Maskey DEST_DIR=`/usr/bin/dirname $1` 974491554aSAnurag S. Maskey SRC_FILE="$PERM_LEGACY_PATH/`$BASENAME $1`" 986ba597c5SAnurag S. Maskey 996ba597c5SAnurag S. Maskey # Make destination directory if needed 1006ba597c5SAnurag S. Maskey if [ ! -d "$DEST_DIR" ]; then 1016ba597c5SAnurag S. Maskey $MKDIR -p $DEST_DIR 1026ba597c5SAnurag S. Maskey fi 1036ba597c5SAnurag S. Maskey 1046ba597c5SAnurag S. Maskey if [ -f "$SRC_FILE" ]; then 1056ba597c5SAnurag S. Maskey $CP -p $SRC_FILE $DEST_DIR 1066ba597c5SAnurag S. Maskey fi 1076ba597c5SAnurag S. Maskey} 1086ba597c5SAnurag S. Maskey 1096ba597c5SAnurag S. Maskey# 1106ba597c5SAnurag S. Maskey# write_loc_prop <property> <value> <file> 1116ba597c5SAnurag S. Maskey# 1126ba597c5SAnurag S. Maskey# Appends to <file> a nwamcfg command to set <property> to <value> if non-empty 1136ba597c5SAnurag S. Maskey# 1146ba597c5SAnurag S. Maskeywrite_loc_prop () { 1156ba597c5SAnurag S. Maskey prop=$1 1166ba597c5SAnurag S. Maskey val=$2 1176ba597c5SAnurag S. Maskey file=$3 1186ba597c5SAnurag S. Maskey 1196ba597c5SAnurag S. Maskey if [ -n "$val" -a -n "$file" ]; then 1206ba597c5SAnurag S. Maskey echo "set $prop=$val" >> $file 1216ba597c5SAnurag S. Maskey fi 1226ba597c5SAnurag S. Maskey} 1236ba597c5SAnurag S. Maskey 1246ba597c5SAnurag S. Maskey# 1256ba597c5SAnurag S. Maskey# set_smf_prop <fmri> <property name> <property value> 1266ba597c5SAnurag S. Maskey# 1276ba597c5SAnurag S. Maskeyset_smf_prop () { 1286ba597c5SAnurag S. Maskey $SVCCFG -s $1 setprop $2 = astring: "$3" && return 1296ba597c5SAnurag S. Maskey} 1306ba597c5SAnurag S. Maskey 1316ba597c5SAnurag S. Maskey# 1326ba597c5SAnurag S. Maskey# get_smf_prop <fmri> <property name> 1336ba597c5SAnurag S. Maskey# 1346ba597c5SAnurag S. Maskeyget_smf_prop () { 1356ba597c5SAnurag S. Maskey $SVCPROP -p $2 $1 1366ba597c5SAnurag S. Maskey} 1376ba597c5SAnurag S. Maskey 1386ba597c5SAnurag S. Maskey# 1396ba597c5SAnurag S. Maskey# Creates Legacy location from the current configuration 1406ba597c5SAnurag S. Maskey# 1416ba597c5SAnurag S. Maskeycreate_legacy_loc () { 1424491554aSAnurag S. Maskey CREATE_LOC_LEGACY_FILE=$VOL_NWAM_PATH/create_loc_legacy 1436ba597c5SAnurag S. Maskey 1446ba597c5SAnurag S. Maskey # 1456ba597c5SAnurag S. Maskey # Write nwamcfg commands to create Legacy location to 1466ba597c5SAnurag S. Maskey # $CREATE_LOC_LEGACY_FILE as values for properties are determined 1476ba597c5SAnurag S. Maskey # Note that some of the *_CONFIG_FILE variables point at copies of 1486ba597c5SAnurag S. Maskey # files we've made and others indicate where those copies should be 1496ba597c5SAnurag S. Maskey # if we are enabling the location. 1506ba597c5SAnurag S. Maskey # 1516ba597c5SAnurag S. Maskey echo "create loc Legacy" > $CREATE_LOC_LEGACY_FILE 1526ba597c5SAnurag S. Maskey write_loc_prop "activation-mode" "system" $CREATE_LOC_LEGACY_FILE 1536ba597c5SAnurag S. Maskey 1546ba597c5SAnurag S. Maskey NAMESERVICES="" 1556ba597c5SAnurag S. Maskey NAMESERVICES_CONFIG_FILE="" 1566ba597c5SAnurag S. Maskey DNS_NAMESERVICE_CONFIGSRC="" 1576ba597c5SAnurag S. Maskey DNS_NAMESERVICE_DOMAIN="" 1586ba597c5SAnurag S. Maskey DNS_NAMESERVICE_SERVERS="" 1596ba597c5SAnurag S. Maskey DNS_NAMESERVICE_SEARCH="" 1606ba597c5SAnurag S. Maskey NIS_NAMESERVICE_CONFIGSRC="" 1616ba597c5SAnurag S. Maskey NIS_NAMESERVICE_SERVERS="" 1626ba597c5SAnurag S. Maskey LDAP_NAMESERVICE_CONFIGSRC="" 1636ba597c5SAnurag S. Maskey LDAP_NAMESERVICE_SERVERS="" 1646ba597c5SAnurag S. Maskey DEFAULT_DOMAIN="" 1656ba597c5SAnurag S. Maskey 1666ba597c5SAnurag S. Maskey # Copy /etc/nsswitch.conf file 1676ba597c5SAnurag S. Maskey copy_to_legacy_loc /etc/nsswitch.conf 1684491554aSAnurag S. Maskey NAMESERVICES_CONFIG_FILE="$VOL_LEGACY_PATH/nsswitch.conf" 1696ba597c5SAnurag S. Maskey 1706ba597c5SAnurag S. Maskey # Gather DNS info from resolv.conf if present. 1716ba597c5SAnurag S. Maskey if [ -f /etc/resolv.conf ]; then 1726ba597c5SAnurag S. Maskey NAMESERVICES="dns," 1736ba597c5SAnurag S. Maskey $GREP -i "added by dhcp" /etc/nsswitch.conf >/dev/null 1746ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 1756ba597c5SAnurag S. Maskey DNS_NAMESERVICE_CONFIGSRC="dhcp" 1766ba597c5SAnurag S. Maskey else 1776ba597c5SAnurag S. Maskey DNS_NAMESERVICE_CONFIGSRC="manual" 1786ba597c5SAnurag S. Maskey DNS_NAMESERVICE_DOMAIN=`$NAWK '$1 == "domain" {\ 1796ba597c5SAnurag S. Maskey print $2 }' < /etc/resolv.conf` 1806ba597c5SAnurag S. Maskey DNS_NAMESERVICE_SERVERS=`$NAWK '$1 == "nameserver" \ 1816ba597c5SAnurag S. Maskey { printf "%s,", $2 }' < /etc/resolv.conf` 1826ba597c5SAnurag S. Maskey DNS_NAMESERVICE_SEARCH=`$NAWK '$1 == "search" \ 1836ba597c5SAnurag S. Maskey { printf "%s,", $2 }' < /etc/resolv.conf` 1846ba597c5SAnurag S. Maskey copy_to_legacy_loc /etc/resolv.conf 1856ba597c5SAnurag S. Maskey fi 1866ba597c5SAnurag S. Maskey fi 1876ba597c5SAnurag S. Maskey 1886ba597c5SAnurag S. Maskey # Gather NIS info from appropriate file if present. 1896ba597c5SAnurag S. Maskey if service_is_enabled $NIS_CLIENT_FMRI; then 1906ba597c5SAnurag S. Maskey NAMESERVICES="${NAMESERVICES}nis," 1916ba597c5SAnurag S. Maskey NIS_NAMESERVICE_CONFIGSRC="manual" 1926ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`$CAT /etc/defaultdomain` 1936ba597c5SAnurag S. Maskey 1946ba597c5SAnurag S. Maskey yp_servers=`$NAWK '{ printf "%s ", $1 }' \ 1956ba597c5SAnurag S. Maskey < $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers` 1966ba597c5SAnurag S. Maskey for serv in $yp_servers; do 1976ba597c5SAnurag S. Maskey if is_valid_addr $serv; then 1986ba597c5SAnurag S. Maskey addr="$serv," 1996ba597c5SAnurag S. Maskey else 2006ba597c5SAnurag S. Maskey addr=`$GREP -iw $serv /etc/inet/hosts | \ 2016ba597c5SAnurag S. Maskey $NAWK '{ printf "%s,", $1 }'` 2026ba597c5SAnurag S. Maskey fi 2036ba597c5SAnurag S. Maskey NIS_NAMESERVICE_SERVERS="${NIS_NAMESERVICE_SERVERS}$addr" 2046ba597c5SAnurag S. Maskey done 2056ba597c5SAnurag S. Maskey fi 2066ba597c5SAnurag S. Maskey 207bbf21555SRichard Lowe # Gather LDAP info via ldapclient(8). 2086ba597c5SAnurag S. Maskey if [ -f /var/ldap/ldap_client_file ]; then 2096ba597c5SAnurag S. Maskey copy_to_legacy /var/ldap/ldap_client_file 2106ba597c5SAnurag S. Maskey NAMESERVICES="${NAMESERVICES}ldap," 2116ba597c5SAnurag S. Maskey LDAP_NAMESERVICE_CONFIGSRC="manual" 2126ba597c5SAnurag S. Maskey LDAP_NAMESERVICE_SERVERS=`$LDAPCLIENT list 2>/dev/null | \ 2136ba597c5SAnurag S. Maskey $NAWK '$1 == "preferredServerList:" { print $2 }'` 2146ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`$CAT /etc/defaultdomain` 2156ba597c5SAnurag S. Maskey fi 2166ba597c5SAnurag S. Maskey 2176ba597c5SAnurag S. Maskey # Now, write nwamcfg commands for nameservices 2186ba597c5SAnurag S. Maskey write_loc_prop "nameservices" $NAMESERVICES $CREATE_LOC_LEGACY_FILE 2196ba597c5SAnurag S. Maskey write_loc_prop "nameservices-config-file" $NAMESERVICES_CONFIG_FILE \ 2206ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2216ba597c5SAnurag S. Maskey write_loc_prop "dns-nameservice-configsrc" $DNS_NAMESERVICE_CONFIGSRC \ 2226ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2236ba597c5SAnurag S. Maskey write_loc_prop "dns-nameservice-domain" $DNS_NAMESERVICE_DOMAIN \ 2246ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2256ba597c5SAnurag S. Maskey write_loc_prop "dns-nameservice-servers" $DNS_NAMESERVICE_SERVERS \ 2266ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2276ba597c5SAnurag S. Maskey write_loc_prop "dns-nameservice-search" $DNS_NAMESERVICE_SEARCH \ 2286ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2296ba597c5SAnurag S. Maskey write_loc_prop "nis-nameservice-configsrc" $NIS_NAMESERVICE_CONFIGSRC \ 2306ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2316ba597c5SAnurag S. Maskey write_loc_prop "nis-nameservice-servers" $NIS_NAMESERVICE_SERVERS \ 2326ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2336ba597c5SAnurag S. Maskey write_loc_prop "ldap-nameservice-configsrc" $LDAP_NAMESERVICE_CONFIGSRC\ 2346ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2356ba597c5SAnurag S. Maskey write_loc_prop "ldap-nameservice-servers" $LDAP_NAMESERVICE_SERVERS \ 2366ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2376ba597c5SAnurag S. Maskey write_loc_prop "default-domain" $DEFAULT_DOMAIN $CREATE_LOC_LEGACY_FILE 2386ba597c5SAnurag S. Maskey 239dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States # Retrieve NFSv4 domain from SMF. 240dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States if service_is_enabled $NFS_MAPID_FMRI; then 241dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States NFS_DOMAIN=`get_smf_prop NFS_MAPID_FMRI \ 242dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States nfs-props/nfsmapid_domain` 2436ba597c5SAnurag S. Maskey write_loc_prop "nfsv4-domain" \ 2446ba597c5SAnurag S. Maskey $NFS_DOMAIN $CREATE_LOC_LEGACY_FILE 2456ba597c5SAnurag S. Maskey fi 2466ba597c5SAnurag S. Maskey 2476ba597c5SAnurag S. Maskey IPF_CONFIG_FILE="" 2486ba597c5SAnurag S. Maskey IPF6_CONFIG_FILE="" 2496ba597c5SAnurag S. Maskey IPNAT_CONFIG_FILE="" 2506ba597c5SAnurag S. Maskey IPPOOL_CONFIG_FILE="" 2516ba597c5SAnurag S. Maskey IKE_CONFIG_FILE="" 2526ba597c5SAnurag S. Maskey IPSEC_POLICY_CONFIG_FILE="" 2536ba597c5SAnurag S. Maskey 2546ba597c5SAnurag S. Maskey # 2556ba597c5SAnurag S. Maskey # IPFilter 2566ba597c5SAnurag S. Maskey # 2576ba597c5SAnurag S. Maskey # If the firewall policy is "custom", simply copy the 2586ba597c5SAnurag S. Maskey # custom_policy_file. If the firewall policy is "none", "allow" or 2596ba597c5SAnurag S. Maskey # "deny", save the value as "/<value>". When reverting back to the 2606ba597c5SAnurag S. Maskey # Legacy location, these values will have to be treated as special. 2616ba597c5SAnurag S. Maskey # 2626ba597c5SAnurag S. Maskey # For all configuration files, copy them to the Legacy directory. 2636ba597c5SAnurag S. Maskey # Use the respective properties to remember the original locations 2646ba597c5SAnurag S. Maskey # of the files so that they can be copied back there when NWAM is 2656ba597c5SAnurag S. Maskey # stopped. 2666ba597c5SAnurag S. Maskey # 2676ba597c5SAnurag S. Maskey if service_is_enabled $IPFILTER_FMRI; then 2686ba597c5SAnurag S. Maskey FIREWALL_POLICY=`get_smf_prop $IPFILTER_FMRI \ 2696ba597c5SAnurag S. Maskey firewall_config_default/policy` 2706ba597c5SAnurag S. Maskey if [ "$FIREWALL_POLICY" = "custom" ]; then 2716ba597c5SAnurag S. Maskey IPF_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \ 2726ba597c5SAnurag S. Maskey firewall_config_default/custom_policy_file` 2736ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPF_CONFIG_FILE 2746ba597c5SAnurag S. Maskey else 2756ba597c5SAnurag S. Maskey # save value as /none, /allow, or /deny 2766ba597c5SAnurag S. Maskey IPF_CONFIG_FILE="/$FIREWALL_POLICY" 2776ba597c5SAnurag S. Maskey fi 2786ba597c5SAnurag S. Maskey IPF6_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \ 2796ba597c5SAnurag S. Maskey config/ipf6_config_file` 2806ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPF6_CONFIG_FILE 2816ba597c5SAnurag S. Maskey 2826ba597c5SAnurag S. Maskey IPNAT_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \ 2836ba597c5SAnurag S. Maskey config/ipnat_config_file` 2846ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPNAT_CONFIG_FILE 2856ba597c5SAnurag S. Maskey 2866ba597c5SAnurag S. Maskey IPPOOL_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \ 2876ba597c5SAnurag S. Maskey config/ippool_config_file` 2886ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPPOOL_CONFIG_FILE 2896ba597c5SAnurag S. Maskey fi 2906ba597c5SAnurag S. Maskey 2916ba597c5SAnurag S. Maskey # IKE 2926ba597c5SAnurag S. Maskey if service_is_enabled $IPSEC_IKE_FMRI:default; then 2936ba597c5SAnurag S. Maskey IKE_CONFIG_FILE=`get_smf_prop $IPSEC_IKE_FMRI config/config_file` 2946ba597c5SAnurag S. Maskey copy_to_legacy_loc $IKE_CONFIG_FILE 2956ba597c5SAnurag S. Maskey fi 2966ba597c5SAnurag S. Maskey 2976ba597c5SAnurag S. Maskey # IPsec 2986ba597c5SAnurag S. Maskey if service_is_enabled $IPSEC_POLICY_FMRI:default; then 2996ba597c5SAnurag S. Maskey IPSEC_POLICY_CONFIG_FILE=`get_smf_prop $IPSEC_POLICY_FMRI \ 3006ba597c5SAnurag S. Maskey config/config_file` 3016ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPSEC_POLICY_CONFIG_FILE 3026ba597c5SAnurag S. Maskey fi 3036ba597c5SAnurag S. Maskey 3046ba597c5SAnurag S. Maskey if [ -n "$IPF_CONFIG_FILE" -a \( "$IPF_CONFIG_FILE" = "/allow" \ 3056ba597c5SAnurag S. Maskey -o "$IPF_CONFIG_FILE" = "/deny" -o "$IPF_CONFIG_FILE" = "/none" \ 3066ba597c5SAnurag S. Maskey -o -f "$IPF_CONFIG_FILE" \) ]; then 3076ba597c5SAnurag S. Maskey write_loc_prop "ipfilter-config-file" $IPF_CONFIG_FILE \ 3086ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 3096ba597c5SAnurag S. Maskey fi 3106ba597c5SAnurag S. Maskey if [ -n "$IPF6_CONFIG_FILE" -a -f "$IPF6_CONFIG_FILE" ]; then 3116ba597c5SAnurag S. Maskey write_loc_prop "ipfilter-v6-config-file" $IPF6_CONFIG_FILE \ 3126ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 3136ba597c5SAnurag S. Maskey fi 3146ba597c5SAnurag S. Maskey if [ -n "$IPNAT_CONFIG_FILE" -a -f "$IPNAT_CONFIG_FILE" ]; then 3156ba597c5SAnurag S. Maskey write_loc_prop "ipnat-config-file" $IPNAT_CONFIG_FILE \ 3166ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 3176ba597c5SAnurag S. Maskey fi 3186ba597c5SAnurag S. Maskey if [ -n "$IPPOOL_CONFIG_FILE" -a -f "$IPPOOL_CONFIG_FILE" ]; then 3196ba597c5SAnurag S. Maskey write_loc_prop "ippool-config-file" $IPPOOL_CONFIG_FILE \ 3206ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 3216ba597c5SAnurag S. Maskey fi 3226ba597c5SAnurag S. Maskey if [ -n "$IKE_CONFIG_FILE" -a -f "$IKE_CONFIG_FILE" ]; then 3236ba597c5SAnurag S. Maskey write_loc_prop "ike-config-file" $IKE_CONFIG_FILE \ 3246ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 3256ba597c5SAnurag S. Maskey fi 3266ba597c5SAnurag S. Maskey if [ -n "$IPSEC_POLICY_CONFIG_FILE" -a -f "$IPSEC_POLICY_CONFIG_FILE" ] 3276ba597c5SAnurag S. Maskey then 3286ba597c5SAnurag S. Maskey write_loc_prop "ipsecpolicy-config-file" \ 3296ba597c5SAnurag S. Maskey $IPSEC_POLICY_CONFIG_FILE $CREATE_LOC_LEGACY_FILE 3306ba597c5SAnurag S. Maskey fi 3316ba597c5SAnurag S. Maskey 3326ba597c5SAnurag S. Maskey # End 3336ba597c5SAnurag S. Maskey echo "end" >> $CREATE_LOC_LEGACY_FILE 3346ba597c5SAnurag S. Maskey # network/location will create the Legacy location with these commands. 3356ba597c5SAnurag S. Maskey} 3366ba597c5SAnurag S. Maskey 3376ba597c5SAnurag S. Maskey# 3386ba597c5SAnurag S. Maskey# Undoes the effects of the Legacy location creation 3396ba597c5SAnurag S. Maskey# 3406ba597c5SAnurag S. Maskeyrevert_to_legacy_loc () { 3416ba597c5SAnurag S. Maskey $SVCADM disable dns/client 3426ba597c5SAnurag S. Maskey $SVCADM disable nis/client 3436ba597c5SAnurag S. Maskey $SVCADM disable ldap/client 3446ba597c5SAnurag S. Maskey 3456ba597c5SAnurag S. Maskey # copy nsswitch.conf to /etc/nsswitch.conf 3466ba597c5SAnurag S. Maskey copy_from_legacy_loc /etc/nsswitch.conf 3476ba597c5SAnurag S. Maskey 3486ba597c5SAnurag S. Maskey # DNS - copy resolv.conf to /etc/resolv.conf 3494491554aSAnurag S. Maskey if [ -f "$PERM_LEGACY_PATH/resolv.conf" ]; then 3506ba597c5SAnurag S. Maskey copy_from_legacy_loc /etc/resolv.conf 3516ba597c5SAnurag S. Maskey $SVCADM enable dns/client 3526ba597c5SAnurag S. Maskey fi 3536ba597c5SAnurag S. Maskey 354bbf21555SRichard Lowe # set /etc/defaultdomain and domainname(8) 3556ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop Legacy default-domain` 3566ba597c5SAnurag S. Maskey if [ -n "$DEFAULT_DOMAIN" ]; then 3576ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 3586ba597c5SAnurag S. Maskey $DOMAINNAME > /etc/defaultdomain 3596ba597c5SAnurag S. Maskey fi 3606ba597c5SAnurag S. Maskey 3616ba597c5SAnurag S. Maskey # NIS - directory and ypserver in /var/yp/binding/ 3626ba597c5SAnurag S. Maskey NIS_CONFIGSRC=`nwam_get_loc_prop Legacy nis-nameservice-configsrc` 3636ba597c5SAnurag S. Maskey NIS_SERVERS=`nwam_get_loc_prop Legacy nis-nameservice-servers` 3646ba597c5SAnurag S. Maskey if [ -n "$NIS_CONFIGSRC" ]; then 3656ba597c5SAnurag S. Maskey if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then 3666ba597c5SAnurag S. Maskey $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN 3676ba597c5SAnurag S. Maskey fi 3686ba597c5SAnurag S. Maskey if [ -n "$NIS_SERVERS" ]; then 3696ba597c5SAnurag S. Maskey echo "$NIS_SERVERS" | $NAWK \ 3706ba597c5SAnurag S. Maskey 'FS="," { for (i = 1; i <= NF; i++) print $i }' \ 3716ba597c5SAnurag S. Maskey > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers 3726ba597c5SAnurag S. Maskey fi 3736ba597c5SAnurag S. Maskey $SVCADM enable nis/client 3746ba597c5SAnurag S. Maskey fi 3756ba597c5SAnurag S. Maskey 3766ba597c5SAnurag S. Maskey # LDAP - copy ldap_client_file to /var/ldap/ldap_client_file 3774491554aSAnurag S. Maskey if [ -f "$PERM_LEGACY_PATH/ldap_client_file" ]; then 3786ba597c5SAnurag S. Maskey copy_from_legacy_loc /var/ldap/ldap_client_file 3796ba597c5SAnurag S. Maskey $SVCADM enable ldap/client 3806ba597c5SAnurag S. Maskey fi 3816ba597c5SAnurag S. Maskey 382dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States # Copy back nfs NFSMAPID_DOMAIN 383dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States NFSMAPID_DOMAIN=`nwam_get_loc_prop Legacy nfsv4-domain` 384dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States if [ -n "$NFSMAPID_DOMAIN" ]; then 385dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States set_smf_prop $NFS_MAPID_FMRI \ 386dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States nfs-props/nfsmapid_domain $NFSMAPID_DOMAIN 387dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States $SVCADM refresh $NFS_MAPID_FMRI 388dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States $SVCADM enable $NFS_MAPID_FMRI 389dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States fi 3906ba597c5SAnurag S. Maskey 3916ba597c5SAnurag S. Maskey # IPFilter, IPsec, and IKE 3926ba597c5SAnurag S. Maskey ipf_file=`nwam_get_loc_prop Legacy ipfilter-config-file` 3936ba597c5SAnurag S. Maskey ipf6_file=`nwam_get_loc_prop Legacy ipfilter-v6-config-file` 3946ba597c5SAnurag S. Maskey ipnat_file=`nwam_get_loc_prop Legacy ipnat-config-file` 3956ba597c5SAnurag S. Maskey ippool_file=`nwam_get_loc_prop Legacy ippool-config-file` 3966ba597c5SAnurag S. Maskey ike_file=`nwam_get_loc_prop Legacy ike-config-file` 3976ba597c5SAnurag S. Maskey pol_file=`nwam_get_loc_prop Legacy ipsecpolicy-config-file` 3986ba597c5SAnurag S. Maskey 3996ba597c5SAnurag S. Maskey if [ -n "$ike_file" ]; then 4006ba597c5SAnurag S. Maskey copy_from_legacy_loc $ike_file 4016ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file $ike_file 4026ba597c5SAnurag S. Maskey $SVCADM refresh $IPSEC_IKE_FMRI 4036ba597c5SAnurag S. Maskey $SVCADM enable $IPSEC_IKE_FMRI 4046ba597c5SAnurag S. Maskey else 4056ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file \ 4066ba597c5SAnurag S. Maskey $IPSEC_IKE_DEFAULT_CONFIG_FILE 4076ba597c5SAnurag S. Maskey $SVCADM disable $IPSEC_IKE_FMRI 4086ba597c5SAnurag S. Maskey fi 4096ba597c5SAnurag S. Maskey if [ -n "$pol_file" ]; then 4106ba597c5SAnurag S. Maskey copy_from_legacy_loc $pol_file 4116ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file 4126ba597c5SAnurag S. Maskey $SVCADM refresh $IPSEC_POLICY_FMRI 4136ba597c5SAnurag S. Maskey $SVCADM enable $IPSEC_POLICY_FMRI 4146ba597c5SAnurag S. Maskey else 4156ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file \ 4166ba597c5SAnurag S. Maskey $IPSEC_POLICY_DEFAULT_CONFIG_FILE 4176ba597c5SAnurag S. Maskey $SVCADM disable $IPSEC_POLICY_FMRI 4186ba597c5SAnurag S. Maskey fi 4196ba597c5SAnurag S. Maskey 4206ba597c5SAnurag S. Maskey refresh_ipf=false 4216ba597c5SAnurag S. Maskey if [ -n "$ipf_file" ]; then 4226ba597c5SAnurag S. Maskey # change /none, /allow, and /deny to firewall policy 4236ba597c5SAnurag S. Maskey if [ "$ipf_file" = "/none" -o "$ipf_file" = "/allow" \ 4246ba597c5SAnurag S. Maskey -o "$ipf_file" = "/deny" ]; then 4256ba597c5SAnurag S. Maskey policy=`echo "$ipf_file" | $NAWK 'FS="/" { print $2 }'` 4266ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4276ba597c5SAnurag S. Maskey firewall_config_default/policy $policy 4286ba597c5SAnurag S. Maskey # no need to clear custom_policy_file as it isn't "custom" 4296ba597c5SAnurag S. Maskey else 4306ba597c5SAnurag S. Maskey copy_from_legacy_loc $ipf_file 4316ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4326ba597c5SAnurag S. Maskey firewall_config_default/policy "custom" 4336ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4346ba597c5SAnurag S. Maskey firewall_config_default/custom_policy_file $ipf_file 4356ba597c5SAnurag S. Maskey fi 4366ba597c5SAnurag S. Maskey refresh_ipf=true 4376ba597c5SAnurag S. Maskey fi 4386ba597c5SAnurag S. Maskey if [ -n "$ipf6_file" ]; then 4396ba597c5SAnurag S. Maskey copy_from_legacy_loc $ipf6_file 4406ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file 4416ba597c5SAnurag S. Maskey refresh_ipf=true 4426ba597c5SAnurag S. Maskey else 4436ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file \ 4446ba597c5SAnurag S. Maskey $IPF6_DEFAULT_CONFIG_FILE 4456ba597c5SAnurag S. Maskey fi 4466ba597c5SAnurag S. Maskey if [ -n "$ipnat_file" ]; then 4476ba597c5SAnurag S. Maskey copy_from_legacy_loc $ipnat_file 4486ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file $ipnat_file 4496ba597c5SAnurag S. Maskey refresh_ipf=true 4506ba597c5SAnurag S. Maskey else 4516ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file \ 4526ba597c5SAnurag S. Maskey $IPNAT_DEFAULT_CONFIG_FILE 4536ba597c5SAnurag S. Maskey fi 4546ba597c5SAnurag S. Maskey if [ -n "$ippool_file" ]; then 4556ba597c5SAnurag S. Maskey copy_from_legacy_loc $ippool_file 4566ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 4576ba597c5SAnurag S. Maskey $ippool_file 4586ba597c5SAnurag S. Maskey refresh_ipf=true 4596ba597c5SAnurag S. Maskey else 4606ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 4616ba597c5SAnurag S. Maskey $IPPOOL_DEFAULT_CONFIG_FILE 4626ba597c5SAnurag S. Maskey fi 4636ba597c5SAnurag S. Maskey 4646ba597c5SAnurag S. Maskey $SVCADM refresh $IPFILTER_FMRI 4656ba597c5SAnurag S. Maskey if [ "$refresh_ipf" = "true" ]; then 4666ba597c5SAnurag S. Maskey $SVCADM enable $IPFILTER_FMRI 4676ba597c5SAnurag S. Maskey else 4686ba597c5SAnurag S. Maskey $SVCADM disable $IPFILTER_FMRI 4696ba597c5SAnurag S. Maskey fi 4706ba597c5SAnurag S. Maskey 4714491554aSAnurag S. Maskey # Remove the Legacy directories, script and location 4724491554aSAnurag S. Maskey $RM -rf $VOL_LEGACY_PATH 4734491554aSAnurag S. Maskey $RM -rf $PERM_LEGACY_PATH 4744491554aSAnurag S. Maskey $RM -f $VOL_NWAM_PATH/create_loc_legacy 4756ba597c5SAnurag S. Maskey $NWAMCFG destroy loc Legacy 4766ba597c5SAnurag S. Maskey} 4776ba597c5SAnurag S. Maskey 4786ba597c5SAnurag S. Maskey# 4796ba597c5SAnurag S. Maskey# Script entry point 4806ba597c5SAnurag S. Maskey# 4816ba597c5SAnurag S. Maskey# Arguments to net-nwam are 4826ba597c5SAnurag S. Maskey# method ( start | refresh | stop | -u | -c ) 4836ba597c5SAnurag S. Maskey# 4846ba597c5SAnurag S. Maskey 4856ba597c5SAnurag S. Maskey# 4866ba597c5SAnurag S. Maskey# Create nwam directory in /etc/svc/volatile 4876ba597c5SAnurag S. Maskey# 4884491554aSAnurag S. Maskeyif [ ! -d $VOL_NWAM_PATH ]; then 4894491554aSAnurag S. Maskey $MKDIR -m 0755 $VOL_NWAM_PATH 4906ba597c5SAnurag S. Maskeyfi 491d71dbb73Sjbeck 492d71dbb73Sjbeckcase "$1" in 493d71dbb73Sjbeck'refresh') 494d71dbb73Sjbeck /usr/bin/pkill -HUP -z `smf_zonename` nwamd 4956ba597c5SAnurag S. Maskey # 4966ba597c5SAnurag S. Maskey # Enable network/location. Needed on first boot post-install as 4976ba597c5SAnurag S. Maskey # network/location will not exist until after manifest-import runs. 4986ba597c5SAnurag S. Maskey # 4996ba597c5SAnurag S. Maskey if service_exists $NET_LOC_FMRI ; then 5006ba597c5SAnurag S. Maskey $SVCADM enable -t $NET_LOC_FMRI 5016ba597c5SAnurag S. Maskey fi 502d71dbb73Sjbeck ;; 503d71dbb73Sjbeck 504d71dbb73Sjbeck'start') 5056ba597c5SAnurag S. Maskey # The real daemon is not started in a shared stack zone. But we need to 5066ba597c5SAnurag S. Maskey # create a dummy background process to preserve contract lifetime. 5076ba597c5SAnurag S. Maskey smf_configure_ip 5086ba597c5SAnurag S. Maskey if [ $? = "1" ] ; then 5094491554aSAnurag S. Maskey $RM -f $VOL_NWAM_PATH/nwam_blocked 5104491554aSAnurag S. Maskey $MKFIFO $VOL_NWAM_PATH/nwam_blocked 5114491554aSAnurag S. Maskey ($CAT <$VOL_NWAM_PATH/nwam_blocked >/dev/null) & 5126ba597c5SAnurag S. Maskey exit $SMF_EXIT_OK 5136ba597c5SAnurag S. Maskey fi 5146ba597c5SAnurag S. Maskey 5156ba597c5SAnurag S. Maskey # 5166ba597c5SAnurag S. Maskey # Enable network/location. 5176ba597c5SAnurag S. Maskey # 5186ba597c5SAnurag S. Maskey if service_exists $NET_LOC_FMRI ; then 5196ba597c5SAnurag S. Maskey $SVCADM enable -t $NET_LOC_FMRI 5206ba597c5SAnurag S. Maskey fi 5216ba597c5SAnurag S. Maskey 522d71dbb73Sjbeck if smf_is_globalzone; then 523d62bc4baSyz147064 net_reconfigure || exit $SMF_EXIT_ERR_CONFIG 524d62bc4baSyz147064 5254eaa4710SRishi Srivatsavai # Update PVID on interfaces configured with VLAN 1 5264eaa4710SRishi Srivatsavai update_pvid 5274eaa4710SRishi Srivatsavai 528d62bc4baSyz147064 # 529d62bc4baSyz147064 # Upgrade handling. The upgrade file consists of a series 530bbf21555SRichard Lowe # of dladm(8) commands. Note that after we are done, we 531d62bc4baSyz147064 # cannot rename the upgrade script file as the file system 532d62bc4baSyz147064 # is still read-only at this point. Defer this to the 533d62bc4baSyz147064 # manifest-import service. 534d62bc4baSyz147064 # 535d62bc4baSyz147064 upgrade_script=/var/svc/profile/upgrade_datalink 536d62bc4baSyz147064 if [ -f "${upgrade_script}" ]; then 537d62bc4baSyz147064 . "${upgrade_script}" 538d62bc4baSyz147064 fi 539d62bc4baSyz147064 5401cfa752fSRamaswamy Tummala # 5411cfa752fSRamaswamy Tummala # Upgrade handling for ibd: 54212c67a59SMilan Jurik # After we are done with the upgrade handling, we can not set 54312c67a59SMilan Jurik # the ibd/ibd_upgraded property to "true" as the file system is 54412c67a59SMilan Jurik # read-only at this point. It will be done later by 54512c67a59SMilan Jurik # ibd-post-upgrade service. 5461cfa752fSRamaswamy Tummala # 54712c67a59SMilan Jurik if [ -x /sbin/ibd_upgrade ]; then 5481cfa752fSRamaswamy Tummala ibd_upgraded=`/bin/svcprop -c -p ibd/ibd_upgraded \ 5491cfa752fSRamaswamy Tummala svc:/network/physical:default 2> /dev/null` 5501cfa752fSRamaswamy Tummala if [ "$ibd_upgraded" != "true" ]; then 5511cfa752fSRamaswamy Tummala /sbin/ibd_upgrade -v 5521cfa752fSRamaswamy Tummala fi 55312c67a59SMilan Jurik fi 5541cfa752fSRamaswamy Tummala 555b509e89bSRishi Srivatsavai # Bring up simnet instances 556b509e89bSRishi Srivatsavai /sbin/dladm up-simnet 557d71dbb73Sjbeck # Initialize security objects. 558d71dbb73Sjbeck /sbin/dladm init-secobj 559f0fb1b00SRenee Danson Sommerfeld 5606ba597c5SAnurag S. Maskey # 5616ba597c5SAnurag S. Maskey # Initialize VNICs, VLANs and flows. Though they are brought 5626ba597c5SAnurag S. Maskey # up here, NWAM will not automatically manage VNICs and VLANs. 5636ba597c5SAnurag S. Maskey # 564f0fb1b00SRenee Danson Sommerfeld /sbin/dladm up-vnic 565f0fb1b00SRenee Danson Sommerfeld /sbin/dladm up-vlan 5661cfa752fSRamaswamy Tummala /sbin/dladm up-part 5676ba597c5SAnurag S. Maskey /sbin/dladm up-aggr 568f0fb1b00SRenee Danson Sommerfeld /sbin/flowadm init-flow 569*faa2068dSAndy Fiddaman /sbin/dladm up-overlay 570d71dbb73Sjbeck fi 5716ba597c5SAnurag S. Maskey 5726ba597c5SAnurag S. Maskey # 5736ba597c5SAnurag S. Maskey # We also need to create the Legacy location, which is used 5746ba597c5SAnurag S. Maskey # to restore non-NWAM settings that are overwritten when 5756ba597c5SAnurag S. Maskey # NWAM is enabled (e.g. resolv.conf, nsswitch.conf, etc.). 5766ba597c5SAnurag S. Maskey # 5776ba597c5SAnurag S. Maskey $NWAMCFG list loc Legacy >/dev/null 2>&1 5786ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 5796ba597c5SAnurag S. Maskey create_legacy_loc 5806ba597c5SAnurag S. Maskey fi 5816ba597c5SAnurag S. Maskey 582d71dbb73Sjbeck # start nwamd in foreground; it will daemonize itself 583d71dbb73Sjbeck if /lib/inet/nwamd ; then 584d71dbb73Sjbeck exit $SMF_EXIT_OK 585d71dbb73Sjbeck else 586d71dbb73Sjbeck exit $SMF_EXIT_ERR_FATAL 587d71dbb73Sjbeck fi 588d71dbb73Sjbeck ;; 589d71dbb73Sjbeck 590d71dbb73Sjbeck'stop') 5916ba597c5SAnurag S. Maskey # We need to make the dummy process we created above stop. 5926ba597c5SAnurag S. Maskey smf_configure_ip 5936ba597c5SAnurag S. Maskey if [ $? = "1" ] ; then 5944491554aSAnurag S. Maskey echo "stop" > $VOL_NWAM_PATH/nwam_blocked 5956ba597c5SAnurag S. Maskey exit $SMF_EXIT_OK 5966ba597c5SAnurag S. Maskey fi 5976ba597c5SAnurag S. Maskey 598d71dbb73Sjbeck /usr/bin/pkill -z `smf_zonename` nwamd 5996ba597c5SAnurag S. Maskey 6006ba597c5SAnurag S. Maskey # 6016ba597c5SAnurag S. Maskey # Restore the non-NWAM settings. 6026ba597c5SAnurag S. Maskey # 6036ba597c5SAnurag S. Maskey $NWAMCFG list loc Legacy >/dev/null 2>&1 6046ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 6056ba597c5SAnurag S. Maskey echo "No Legacy location to revert to!" 6066ba597c5SAnurag S. Maskey exit $SMF_EXIT_OK 6076ba597c5SAnurag S. Maskey fi 6086ba597c5SAnurag S. Maskey revert_to_legacy_loc 6096ba597c5SAnurag S. Maskey # remove the location property group 6106ba597c5SAnurag S. Maskey $SVCCFG -s $NET_LOC_FMRI delpg location 611d71dbb73Sjbeck ;; 612d71dbb73Sjbeck 613afc7d545Smh138676'-u') 614afc7d545Smh138676 # After we run this part of the script upon the next reboot 615afc7d545Smh138676 # network/physical:default will be enabled and 616afc7d545Smh138676 # network/physical:nwam will be disabled. 617afc7d545Smh138676 # There are various other parts of the system (nscd, nfs) that 618afc7d545Smh138676 # depend on continuing to have a working network. For this 619afc7d545Smh138676 # reason we don't change the network configuration immediately. 6206ba597c5SAnurag S. Maskey # 621afc7d545Smh138676 # Disable network/physical temporarily and make sure that will 622afc7d545Smh138676 # be enabled on reboot. 6236ba597c5SAnurag S. Maskey $SVCADM disable -st $NET_PHYS_FMRI 6246ba597c5SAnurag S. Maskey $SVCCFG -s $NET_PHYS_FMRI setprop general/enabled=true 625afc7d545Smh138676 626afc7d545Smh138676 # If nwam is online then make sure that it's temporarily enabled. 6276ba597c5SAnurag S. Maskey nwam_online=`$SVCPROP -t -p restarter/state $NET_NWAM_FMRI` 628afc7d545Smh138676 if [ $? -eq 0 ]; then 629afc7d545Smh138676 set -- $nwam_online 6306ba597c5SAnurag S. Maskey [ $3 = "online" ] && $SVCADM enable -st $NET_NWAM_FMRI 631afc7d545Smh138676 fi 632afc7d545Smh138676 633afc7d545Smh138676 # Set nwam so that it won't be enabled upon reboot. 6346ba597c5SAnurag S. Maskey $SVCCFG -s $NET_NWAM_FMRI setprop general/enabled=false 635afc7d545Smh138676 exit 0 636afc7d545Smh138676 ;; 637afc7d545Smh138676 638afc7d545Smh138676'-c') 639afc7d545Smh138676 # Nothing to do for sysidtool 640afc7d545Smh138676 exit 0 641afc7d545Smh138676 ;; 642afc7d545Smh138676 643d71dbb73Sjbeck*) 644d71dbb73Sjbeck echo "Usage: $0 { start | stop | refresh }" 645d71dbb73Sjbeck exit $SMF_EXIT_ERR_FATAL 646d71dbb73Sjbeck ;; 647d71dbb73Sjbeckesac 648d71dbb73Sjbeckexit $SMF_EXIT_OK 649