1d71dbb73Sjbeck#!/sbin/sh 2d71dbb73Sjbeck# 3d71dbb73Sjbeck# CDDL HEADER START 4d71dbb73Sjbeck# 5d71dbb73Sjbeck# The contents of this file are subject to the terms of the 6d71dbb73Sjbeck# Common Development and Distribution License (the "License"). 7d71dbb73Sjbeck# You may not use this file except in compliance with the License. 8d71dbb73Sjbeck# 9d71dbb73Sjbeck# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10d71dbb73Sjbeck# or http://www.opensolaris.org/os/licensing. 11d71dbb73Sjbeck# See the License for the specific language governing permissions 12d71dbb73Sjbeck# and limitations under the License. 13d71dbb73Sjbeck# 14d71dbb73Sjbeck# When distributing Covered Code, include this CDDL HEADER in each 15d71dbb73Sjbeck# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16d71dbb73Sjbeck# If applicable, add the following below this CDDL HEADER, with the 17d71dbb73Sjbeck# fields enclosed by brackets "[]" replaced with your own identifying 18d71dbb73Sjbeck# information: Portions Copyright [yyyy] [name of copyright owner] 19d71dbb73Sjbeck# 20d71dbb73Sjbeck# CDDL HEADER END 21d71dbb73Sjbeck# 22d71dbb73Sjbeck# 23f0fb1b00SRenee Danson Sommerfeld# Copyright 2010 Sun Microsystems, Inc. All rights reserved. 24d71dbb73Sjbeck# Use is subject to license terms. 25d71dbb73Sjbeck# 26d71dbb73Sjbeck 27d71dbb73Sjbeck. /lib/svc/share/smf_include.sh 28d62bc4baSyz147064. /lib/svc/share/net_include.sh 29d71dbb73Sjbeck 30*6ba597c5SAnurag S. Maskey# FMRI constants 31*6ba597c5SAnurag S. MaskeyIPSEC_IKE_FMRI="svc:/network/ipsec/ike" 32*6ba597c5SAnurag S. MaskeyIPSEC_POLICY_FMRI="svc:/network/ipsec/policy" 33*6ba597c5SAnurag S. MaskeyIPFILTER_FMRI="svc:/network/ipfilter:default" 34*6ba597c5SAnurag S. MaskeyNIS_CLIENT_FMRI="svc:/network/nis/client:default" 35*6ba597c5SAnurag S. MaskeyNET_PHYS_FMRI="svc:/network/physical:default" 36*6ba597c5SAnurag S. MaskeyNET_NWAM_FMRI="svc:/network/physical:nwam" 37*6ba597c5SAnurag S. MaskeyNET_LOC_FMRI="svc:/network/location:default" 38*6ba597c5SAnurag S. Maskey 39d71dbb73Sjbeck# 40*6ba597c5SAnurag S. Maskey# Default *.conf files 41*6ba597c5SAnurag S. Maskey# Set appropriate config SMF property to these files when NWAM is stopped 42*6ba597c5SAnurag S. Maskey# and corresponding config properties in the Legacy location are emtpy 43d71dbb73Sjbeck# 44*6ba597c5SAnurag S. MaskeyIPF6_DEFAULT_CONFIG_FILE=/etc/ipf/ipf6.conf 45*6ba597c5SAnurag S. MaskeyIPNAT_DEFAULT_CONFIG_FILE=/etc/ipf/ipnat.conf 46*6ba597c5SAnurag S. MaskeyIPPOOL_DEFAULT_CONFIG_FILE=/etc/ipf/ippool.conf 47*6ba597c5SAnurag S. MaskeyIPSEC_IKE_DEFAULT_CONFIG_FILE=/etc/inet/ike/config 48*6ba597c5SAnurag S. MaskeyIPSEC_POLICY_DEFAULT_CONFIG_FILE=/etc/inet/ipsecinit.conf 49*6ba597c5SAnurag S. Maskey 50*6ba597c5SAnurag S. Maskey# commands 51*6ba597c5SAnurag S. MaskeyBASENAME=/usr/bin/basename 52*6ba597c5SAnurag S. MaskeyCAT=/usr/bin/cat 53*6ba597c5SAnurag S. MaskeyCP=/usr/bin/cp 54*6ba597c5SAnurag S. MaskeyDOMAINNAME=/usr/bin/domainname 55*6ba597c5SAnurag S. MaskeyGREP=/usr/bin/grep 56*6ba597c5SAnurag S. MaskeyLDAPCLIENT=/usr/sbin/ldapclient 57*6ba597c5SAnurag S. MaskeyMKDIR=/usr/bin/mkdir 58*6ba597c5SAnurag S. MaskeyMKFIFO=/usr/bin/mkfifo 59*6ba597c5SAnurag S. MaskeyNAWK=/usr/bin/nawk 60*6ba597c5SAnurag S. MaskeyNWAMCFG=/usr/sbin/nwamcfg 61*6ba597c5SAnurag S. MaskeyRM=/usr/bin/rm 62*6ba597c5SAnurag S. MaskeySVCADM=/usr/sbin/svcadm 63*6ba597c5SAnurag S. MaskeySVCCFG=/usr/sbin/svccfg 64*6ba597c5SAnurag S. MaskeySVCPROP=/usr/bin/svcprop 65*6ba597c5SAnurag S. Maskey 66*6ba597c5SAnurag S. Maskey# Path to directories 67*6ba597c5SAnurag S. Maskey# We don't have a writable file system so we write to /etc/svc/volatile and 68*6ba597c5SAnurag S. Maskey# then later copy anything interesting to /etc/nwam. 69*6ba597c5SAnurag S. MaskeyLEGACY_PATH=/etc/svc/volatile/nwam/Legacy 70*6ba597c5SAnurag S. MaskeyNIS_BIND_PATH=/var/yp/binding 71*6ba597c5SAnurag S. Maskey 72*6ba597c5SAnurag S. Maskey# 73*6ba597c5SAnurag S. Maskey# copy_to_legacy_loc <file> 74*6ba597c5SAnurag S. Maskey# 75*6ba597c5SAnurag S. Maskey# Copies the file to the Legacy location directory 76*6ba597c5SAnurag S. Maskey# 77*6ba597c5SAnurag S. Maskeycopy_to_legacy_loc() { 78*6ba597c5SAnurag S. Maskey $MKDIR -p $LEGACY_PATH 79*6ba597c5SAnurag S. Maskey if [ -f "$1" ]; then 80*6ba597c5SAnurag S. Maskey $CP -p $1 $LEGACY_PATH 81*6ba597c5SAnurag S. Maskey fi 82*6ba597c5SAnurag S. Maskey} 83*6ba597c5SAnurag S. Maskey 84*6ba597c5SAnurag S. Maskey# 85*6ba597c5SAnurag S. Maskey# copy_from_legacy_loc <destination file> 86*6ba597c5SAnurag S. Maskey# 87*6ba597c5SAnurag S. Maskey# Copies file with the same name from Legacy location to the given 88*6ba597c5SAnurag S. Maskey# destination file 89*6ba597c5SAnurag S. Maskey# 90*6ba597c5SAnurag S. Maskeycopy_from_legacy_loc () { 91*6ba597c5SAnurag S. Maskey DEST_DIR=`/usr/bin/dirname $1` 92*6ba597c5SAnurag S. Maskey SRC_FILE="$LEGACY_PATH/`$BASENAME $1`" 93*6ba597c5SAnurag S. Maskey 94*6ba597c5SAnurag S. Maskey # Make destination directory if needed 95*6ba597c5SAnurag S. Maskey if [ ! -d "$DEST_DIR" ]; then 96*6ba597c5SAnurag S. Maskey $MKDIR -p $DEST_DIR 97*6ba597c5SAnurag S. Maskey fi 98*6ba597c5SAnurag S. Maskey 99*6ba597c5SAnurag S. Maskey if [ -f "$SRC_FILE" ]; then 100*6ba597c5SAnurag S. Maskey $CP -p $SRC_FILE $DEST_DIR 101*6ba597c5SAnurag S. Maskey fi 102*6ba597c5SAnurag S. Maskey} 103*6ba597c5SAnurag S. Maskey 104*6ba597c5SAnurag S. Maskey# 105*6ba597c5SAnurag S. Maskey# write_loc_prop <property> <value> <file> 106*6ba597c5SAnurag S. Maskey# 107*6ba597c5SAnurag S. Maskey# Appends to <file> a nwamcfg command to set <property> to <value> if non-empty 108*6ba597c5SAnurag S. Maskey# 109*6ba597c5SAnurag S. Maskeywrite_loc_prop () { 110*6ba597c5SAnurag S. Maskey prop=$1 111*6ba597c5SAnurag S. Maskey val=$2 112*6ba597c5SAnurag S. Maskey file=$3 113*6ba597c5SAnurag S. Maskey 114*6ba597c5SAnurag S. Maskey if [ -n "$val" -a -n "$file" ]; then 115*6ba597c5SAnurag S. Maskey echo "set $prop=$val" >> $file 116*6ba597c5SAnurag S. Maskey fi 117*6ba597c5SAnurag S. Maskey} 118*6ba597c5SAnurag S. Maskey 119*6ba597c5SAnurag S. Maskey# 120*6ba597c5SAnurag S. Maskey# set_smf_prop <fmri> <property name> <property value> 121*6ba597c5SAnurag S. Maskey# 122*6ba597c5SAnurag S. Maskeyset_smf_prop () { 123*6ba597c5SAnurag S. Maskey $SVCCFG -s $1 setprop $2 = astring: "$3" && return 124*6ba597c5SAnurag S. Maskey} 125*6ba597c5SAnurag S. Maskey 126*6ba597c5SAnurag S. Maskey# 127*6ba597c5SAnurag S. Maskey# get_smf_prop <fmri> <property name> 128*6ba597c5SAnurag S. Maskey# 129*6ba597c5SAnurag S. Maskeyget_smf_prop () { 130*6ba597c5SAnurag S. Maskey $SVCPROP -p $2 $1 131*6ba597c5SAnurag S. Maskey} 132*6ba597c5SAnurag S. Maskey 133*6ba597c5SAnurag S. Maskey# 134*6ba597c5SAnurag S. Maskey# Creates Legacy location from the current configuration 135*6ba597c5SAnurag S. Maskey# 136*6ba597c5SAnurag S. Maskeycreate_legacy_loc () { 137*6ba597c5SAnurag S. Maskey CREATE_LOC_LEGACY_FILE=/etc/svc/volatile/nwam/create_loc_legacy 138*6ba597c5SAnurag S. Maskey 139*6ba597c5SAnurag S. Maskey # 140*6ba597c5SAnurag S. Maskey # Write nwamcfg commands to create Legacy location to 141*6ba597c5SAnurag S. Maskey # $CREATE_LOC_LEGACY_FILE as values for properties are determined 142*6ba597c5SAnurag S. Maskey # Note that some of the *_CONFIG_FILE variables point at copies of 143*6ba597c5SAnurag S. Maskey # files we've made and others indicate where those copies should be 144*6ba597c5SAnurag S. Maskey # if we are enabling the location. 145*6ba597c5SAnurag S. Maskey # 146*6ba597c5SAnurag S. Maskey echo "create loc Legacy" > $CREATE_LOC_LEGACY_FILE 147*6ba597c5SAnurag S. Maskey write_loc_prop "activation-mode" "system" $CREATE_LOC_LEGACY_FILE 148*6ba597c5SAnurag S. Maskey 149*6ba597c5SAnurag S. Maskey NAMESERVICES="" 150*6ba597c5SAnurag S. Maskey NAMESERVICES_CONFIG_FILE="" 151*6ba597c5SAnurag S. Maskey DNS_NAMESERVICE_CONFIGSRC="" 152*6ba597c5SAnurag S. Maskey DNS_NAMESERVICE_DOMAIN="" 153*6ba597c5SAnurag S. Maskey DNS_NAMESERVICE_SERVERS="" 154*6ba597c5SAnurag S. Maskey DNS_NAMESERVICE_SEARCH="" 155*6ba597c5SAnurag S. Maskey NIS_NAMESERVICE_CONFIGSRC="" 156*6ba597c5SAnurag S. Maskey NIS_NAMESERVICE_SERVERS="" 157*6ba597c5SAnurag S. Maskey LDAP_NAMESERVICE_CONFIGSRC="" 158*6ba597c5SAnurag S. Maskey LDAP_NAMESERVICE_SERVERS="" 159*6ba597c5SAnurag S. Maskey DEFAULT_DOMAIN="" 160*6ba597c5SAnurag S. Maskey 161*6ba597c5SAnurag S. Maskey # Copy /etc/nsswitch.conf file 162*6ba597c5SAnurag S. Maskey copy_to_legacy_loc /etc/nsswitch.conf 163*6ba597c5SAnurag S. Maskey NAMESERVICES_CONFIG_FILE="$LEGACY_PATH/nsswitch.conf" 164*6ba597c5SAnurag S. Maskey 165*6ba597c5SAnurag S. Maskey # Gather DNS info from resolv.conf if present. 166*6ba597c5SAnurag S. Maskey if [ -f /etc/resolv.conf ]; then 167*6ba597c5SAnurag S. Maskey NAMESERVICES="dns," 168*6ba597c5SAnurag S. Maskey $GREP -i "added by dhcp" /etc/nsswitch.conf >/dev/null 169*6ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 170*6ba597c5SAnurag S. Maskey DNS_NAMESERVICE_CONFIGSRC="dhcp" 171*6ba597c5SAnurag S. Maskey else 172*6ba597c5SAnurag S. Maskey DNS_NAMESERVICE_CONFIGSRC="manual" 173*6ba597c5SAnurag S. Maskey DNS_NAMESERVICE_DOMAIN=`$NAWK '$1 == "domain" {\ 174*6ba597c5SAnurag S. Maskey print $2 }' < /etc/resolv.conf` 175*6ba597c5SAnurag S. Maskey DNS_NAMESERVICE_SERVERS=`$NAWK '$1 == "nameserver" \ 176*6ba597c5SAnurag S. Maskey { printf "%s,", $2 }' < /etc/resolv.conf` 177*6ba597c5SAnurag S. Maskey DNS_NAMESERVICE_SEARCH=`$NAWK '$1 == "search" \ 178*6ba597c5SAnurag S. Maskey { printf "%s,", $2 }' < /etc/resolv.conf` 179*6ba597c5SAnurag S. Maskey copy_to_legacy_loc /etc/resolv.conf 180*6ba597c5SAnurag S. Maskey fi 181*6ba597c5SAnurag S. Maskey fi 182*6ba597c5SAnurag S. Maskey 183*6ba597c5SAnurag S. Maskey # Gather NIS info from appropriate file if present. 184*6ba597c5SAnurag S. Maskey if service_is_enabled $NIS_CLIENT_FMRI; then 185*6ba597c5SAnurag S. Maskey NAMESERVICES="${NAMESERVICES}nis," 186*6ba597c5SAnurag S. Maskey NIS_NAMESERVICE_CONFIGSRC="manual" 187*6ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`$CAT /etc/defaultdomain` 188*6ba597c5SAnurag S. Maskey 189*6ba597c5SAnurag S. Maskey yp_servers=`$NAWK '{ printf "%s ", $1 }' \ 190*6ba597c5SAnurag S. Maskey < $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers` 191*6ba597c5SAnurag S. Maskey for serv in $yp_servers; do 192*6ba597c5SAnurag S. Maskey if is_valid_addr $serv; then 193*6ba597c5SAnurag S. Maskey addr="$serv," 194*6ba597c5SAnurag S. Maskey else 195*6ba597c5SAnurag S. Maskey addr=`$GREP -iw $serv /etc/inet/hosts | \ 196*6ba597c5SAnurag S. Maskey $NAWK '{ printf "%s,", $1 }'` 197*6ba597c5SAnurag S. Maskey fi 198*6ba597c5SAnurag S. Maskey NIS_NAMESERVICE_SERVERS="${NIS_NAMESERVICE_SERVERS}$addr" 199*6ba597c5SAnurag S. Maskey done 200*6ba597c5SAnurag S. Maskey fi 201*6ba597c5SAnurag S. Maskey 202*6ba597c5SAnurag S. Maskey # Gather LDAP info via ldapclient(1M). 203*6ba597c5SAnurag S. Maskey if [ -f /var/ldap/ldap_client_file ]; then 204*6ba597c5SAnurag S. Maskey copy_to_legacy /var/ldap/ldap_client_file 205*6ba597c5SAnurag S. Maskey NAMESERVICES="${NAMESERVICES}ldap," 206*6ba597c5SAnurag S. Maskey LDAP_NAMESERVICE_CONFIGSRC="manual" 207*6ba597c5SAnurag S. Maskey LDAP_NAMESERVICE_SERVERS=`$LDAPCLIENT list 2>/dev/null | \ 208*6ba597c5SAnurag S. Maskey $NAWK '$1 == "preferredServerList:" { print $2 }'` 209*6ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`$CAT /etc/defaultdomain` 210*6ba597c5SAnurag S. Maskey fi 211*6ba597c5SAnurag S. Maskey 212*6ba597c5SAnurag S. Maskey # Now, write nwamcfg commands for nameservices 213*6ba597c5SAnurag S. Maskey write_loc_prop "nameservices" $NAMESERVICES $CREATE_LOC_LEGACY_FILE 214*6ba597c5SAnurag S. Maskey write_loc_prop "nameservices-config-file" $NAMESERVICES_CONFIG_FILE \ 215*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 216*6ba597c5SAnurag S. Maskey write_loc_prop "dns-nameservice-configsrc" $DNS_NAMESERVICE_CONFIGSRC \ 217*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 218*6ba597c5SAnurag S. Maskey write_loc_prop "dns-nameservice-domain" $DNS_NAMESERVICE_DOMAIN \ 219*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 220*6ba597c5SAnurag S. Maskey write_loc_prop "dns-nameservice-servers" $DNS_NAMESERVICE_SERVERS \ 221*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 222*6ba597c5SAnurag S. Maskey write_loc_prop "dns-nameservice-search" $DNS_NAMESERVICE_SEARCH \ 223*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 224*6ba597c5SAnurag S. Maskey write_loc_prop "nis-nameservice-configsrc" $NIS_NAMESERVICE_CONFIGSRC \ 225*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 226*6ba597c5SAnurag S. Maskey write_loc_prop "nis-nameservice-servers" $NIS_NAMESERVICE_SERVERS \ 227*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 228*6ba597c5SAnurag S. Maskey write_loc_prop "ldap-nameservice-configsrc" $LDAP_NAMESERVICE_CONFIGSRC\ 229*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 230*6ba597c5SAnurag S. Maskey write_loc_prop "ldap-nameservice-servers" $LDAP_NAMESERVICE_SERVERS \ 231*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 232*6ba597c5SAnurag S. Maskey write_loc_prop "default-domain" $DEFAULT_DOMAIN $CREATE_LOC_LEGACY_FILE 233*6ba597c5SAnurag S. Maskey 234*6ba597c5SAnurag S. Maskey # Retrieve NFSv4 domain. 235*6ba597c5SAnurag S. Maskey if [ -f /etc/default/nfs ]; then 236*6ba597c5SAnurag S. Maskey copy_to_legacy_loc /etc/default/nfs 237*6ba597c5SAnurag S. Maskey NFS_DOMAIN=`$NAWK '/^NFSMAPID_DOMAIN.*/ { FS="=" ; print $2 }' \ 238*6ba597c5SAnurag S. Maskey < /etc/default/nfs` 239*6ba597c5SAnurag S. Maskey write_loc_prop "nfsv4-domain" \ 240*6ba597c5SAnurag S. Maskey $NFS_DOMAIN $CREATE_LOC_LEGACY_FILE 241*6ba597c5SAnurag S. Maskey fi 242*6ba597c5SAnurag S. Maskey 243*6ba597c5SAnurag S. Maskey IPF_CONFIG_FILE="" 244*6ba597c5SAnurag S. Maskey IPF6_CONFIG_FILE="" 245*6ba597c5SAnurag S. Maskey IPNAT_CONFIG_FILE="" 246*6ba597c5SAnurag S. Maskey IPPOOL_CONFIG_FILE="" 247*6ba597c5SAnurag S. Maskey IKE_CONFIG_FILE="" 248*6ba597c5SAnurag S. Maskey IPSEC_POLICY_CONFIG_FILE="" 249*6ba597c5SAnurag S. Maskey 250*6ba597c5SAnurag S. Maskey # 251*6ba597c5SAnurag S. Maskey # IPFilter 252*6ba597c5SAnurag S. Maskey # 253*6ba597c5SAnurag S. Maskey # If the firewall policy is "custom", simply copy the 254*6ba597c5SAnurag S. Maskey # custom_policy_file. If the firewall policy is "none", "allow" or 255*6ba597c5SAnurag S. Maskey # "deny", save the value as "/<value>". When reverting back to the 256*6ba597c5SAnurag S. Maskey # Legacy location, these values will have to be treated as special. 257*6ba597c5SAnurag S. Maskey # 258*6ba597c5SAnurag S. Maskey # For all configuration files, copy them to the Legacy directory. 259*6ba597c5SAnurag S. Maskey # Use the respective properties to remember the original locations 260*6ba597c5SAnurag S. Maskey # of the files so that they can be copied back there when NWAM is 261*6ba597c5SAnurag S. Maskey # stopped. 262*6ba597c5SAnurag S. Maskey # 263*6ba597c5SAnurag S. Maskey if service_is_enabled $IPFILTER_FMRI; then 264*6ba597c5SAnurag S. Maskey FIREWALL_POLICY=`get_smf_prop $IPFILTER_FMRI \ 265*6ba597c5SAnurag S. Maskey firewall_config_default/policy` 266*6ba597c5SAnurag S. Maskey if [ "$FIREWALL_POLICY" = "custom" ]; then 267*6ba597c5SAnurag S. Maskey IPF_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \ 268*6ba597c5SAnurag S. Maskey firewall_config_default/custom_policy_file` 269*6ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPF_CONFIG_FILE 270*6ba597c5SAnurag S. Maskey else 271*6ba597c5SAnurag S. Maskey # save value as /none, /allow, or /deny 272*6ba597c5SAnurag S. Maskey IPF_CONFIG_FILE="/$FIREWALL_POLICY" 273*6ba597c5SAnurag S. Maskey fi 274*6ba597c5SAnurag S. Maskey IPF6_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \ 275*6ba597c5SAnurag S. Maskey config/ipf6_config_file` 276*6ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPF6_CONFIG_FILE 277*6ba597c5SAnurag S. Maskey 278*6ba597c5SAnurag S. Maskey IPNAT_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \ 279*6ba597c5SAnurag S. Maskey config/ipnat_config_file` 280*6ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPNAT_CONFIG_FILE 281*6ba597c5SAnurag S. Maskey 282*6ba597c5SAnurag S. Maskey IPPOOL_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \ 283*6ba597c5SAnurag S. Maskey config/ippool_config_file` 284*6ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPPOOL_CONFIG_FILE 285*6ba597c5SAnurag S. Maskey fi 286*6ba597c5SAnurag S. Maskey 287*6ba597c5SAnurag S. Maskey # IKE 288*6ba597c5SAnurag S. Maskey if service_is_enabled $IPSEC_IKE_FMRI:default; then 289*6ba597c5SAnurag S. Maskey IKE_CONFIG_FILE=`get_smf_prop $IPSEC_IKE_FMRI config/config_file` 290*6ba597c5SAnurag S. Maskey copy_to_legacy_loc $IKE_CONFIG_FILE 291*6ba597c5SAnurag S. Maskey fi 292*6ba597c5SAnurag S. Maskey 293*6ba597c5SAnurag S. Maskey # IPsec 294*6ba597c5SAnurag S. Maskey if service_is_enabled $IPSEC_POLICY_FMRI:default; then 295*6ba597c5SAnurag S. Maskey IPSEC_POLICY_CONFIG_FILE=`get_smf_prop $IPSEC_POLICY_FMRI \ 296*6ba597c5SAnurag S. Maskey config/config_file` 297*6ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPSEC_POLICY_CONFIG_FILE 298*6ba597c5SAnurag S. Maskey fi 299*6ba597c5SAnurag S. Maskey 300*6ba597c5SAnurag S. Maskey if [ -n "$IPF_CONFIG_FILE" -a \( "$IPF_CONFIG_FILE" = "/allow" \ 301*6ba597c5SAnurag S. Maskey -o "$IPF_CONFIG_FILE" = "/deny" -o "$IPF_CONFIG_FILE" = "/none" \ 302*6ba597c5SAnurag S. Maskey -o -f "$IPF_CONFIG_FILE" \) ]; then 303*6ba597c5SAnurag S. Maskey write_loc_prop "ipfilter-config-file" $IPF_CONFIG_FILE \ 304*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 305*6ba597c5SAnurag S. Maskey fi 306*6ba597c5SAnurag S. Maskey if [ -n "$IPF6_CONFIG_FILE" -a -f "$IPF6_CONFIG_FILE" ]; then 307*6ba597c5SAnurag S. Maskey write_loc_prop "ipfilter-v6-config-file" $IPF6_CONFIG_FILE \ 308*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 309*6ba597c5SAnurag S. Maskey fi 310*6ba597c5SAnurag S. Maskey if [ -n "$IPNAT_CONFIG_FILE" -a -f "$IPNAT_CONFIG_FILE" ]; then 311*6ba597c5SAnurag S. Maskey write_loc_prop "ipnat-config-file" $IPNAT_CONFIG_FILE \ 312*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 313*6ba597c5SAnurag S. Maskey fi 314*6ba597c5SAnurag S. Maskey if [ -n "$IPPOOL_CONFIG_FILE" -a -f "$IPPOOL_CONFIG_FILE" ]; then 315*6ba597c5SAnurag S. Maskey write_loc_prop "ippool-config-file" $IPPOOL_CONFIG_FILE \ 316*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 317*6ba597c5SAnurag S. Maskey fi 318*6ba597c5SAnurag S. Maskey if [ -n "$IKE_CONFIG_FILE" -a -f "$IKE_CONFIG_FILE" ]; then 319*6ba597c5SAnurag S. Maskey write_loc_prop "ike-config-file" $IKE_CONFIG_FILE \ 320*6ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 321*6ba597c5SAnurag S. Maskey fi 322*6ba597c5SAnurag S. Maskey if [ -n "$IPSEC_POLICY_CONFIG_FILE" -a -f "$IPSEC_POLICY_CONFIG_FILE" ] 323*6ba597c5SAnurag S. Maskey then 324*6ba597c5SAnurag S. Maskey write_loc_prop "ipsecpolicy-config-file" \ 325*6ba597c5SAnurag S. Maskey $IPSEC_POLICY_CONFIG_FILE $CREATE_LOC_LEGACY_FILE 326*6ba597c5SAnurag S. Maskey fi 327*6ba597c5SAnurag S. Maskey 328*6ba597c5SAnurag S. Maskey # End 329*6ba597c5SAnurag S. Maskey echo "end" >> $CREATE_LOC_LEGACY_FILE 330*6ba597c5SAnurag S. Maskey # network/location will create the Legacy location with these commands. 331*6ba597c5SAnurag S. Maskey} 332*6ba597c5SAnurag S. Maskey 333*6ba597c5SAnurag S. Maskey# 334*6ba597c5SAnurag S. Maskey# Undoes the effects of the Legacy location creation 335*6ba597c5SAnurag S. Maskey# 336*6ba597c5SAnurag S. Maskeyrevert_to_legacy_loc () { 337*6ba597c5SAnurag S. Maskey $SVCADM disable dns/client 338*6ba597c5SAnurag S. Maskey $SVCADM disable nis/client 339*6ba597c5SAnurag S. Maskey $SVCADM disable ldap/client 340*6ba597c5SAnurag S. Maskey 341*6ba597c5SAnurag S. Maskey # copy nsswitch.conf to /etc/nsswitch.conf 342*6ba597c5SAnurag S. Maskey copy_from_legacy_loc /etc/nsswitch.conf 343*6ba597c5SAnurag S. Maskey 344*6ba597c5SAnurag S. Maskey # DNS - copy resolv.conf to /etc/resolv.conf 345*6ba597c5SAnurag S. Maskey if [ -f "$LEGACY_PATH/resolv.conf" ]; then 346*6ba597c5SAnurag S. Maskey copy_from_legacy_loc /etc/resolv.conf 347*6ba597c5SAnurag S. Maskey $SVCADM enable dns/client 348*6ba597c5SAnurag S. Maskey fi 349*6ba597c5SAnurag S. Maskey 350*6ba597c5SAnurag S. Maskey # set /etc/defaultdomain and domainname(1M) 351*6ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop Legacy default-domain` 352*6ba597c5SAnurag S. Maskey if [ -n "$DEFAULT_DOMAIN" ]; then 353*6ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 354*6ba597c5SAnurag S. Maskey $DOMAINNAME > /etc/defaultdomain 355*6ba597c5SAnurag S. Maskey fi 356*6ba597c5SAnurag S. Maskey 357*6ba597c5SAnurag S. Maskey # NIS - directory and ypserver in /var/yp/binding/ 358*6ba597c5SAnurag S. Maskey NIS_CONFIGSRC=`nwam_get_loc_prop Legacy nis-nameservice-configsrc` 359*6ba597c5SAnurag S. Maskey NIS_SERVERS=`nwam_get_loc_prop Legacy nis-nameservice-servers` 360*6ba597c5SAnurag S. Maskey if [ -n "$NIS_CONFIGSRC" ]; then 361*6ba597c5SAnurag S. Maskey if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then 362*6ba597c5SAnurag S. Maskey $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN 363*6ba597c5SAnurag S. Maskey fi 364*6ba597c5SAnurag S. Maskey if [ -n "$NIS_SERVERS" ]; then 365*6ba597c5SAnurag S. Maskey echo "$NIS_SERVERS" | $NAWK \ 366*6ba597c5SAnurag S. Maskey 'FS="," { for (i = 1; i <= NF; i++) print $i }' \ 367*6ba597c5SAnurag S. Maskey > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers 368*6ba597c5SAnurag S. Maskey fi 369*6ba597c5SAnurag S. Maskey $SVCADM enable nis/client 370*6ba597c5SAnurag S. Maskey fi 371*6ba597c5SAnurag S. Maskey 372*6ba597c5SAnurag S. Maskey # LDAP - copy ldap_client_file to /var/ldap/ldap_client_file 373*6ba597c5SAnurag S. Maskey if [ -f "$LEGACY_PATH/ldap_client_file" ]; then 374*6ba597c5SAnurag S. Maskey copy_from_legacy_loc /var/ldap/ldap_client_file 375*6ba597c5SAnurag S. Maskey $SVCADM enable ldap/client 376*6ba597c5SAnurag S. Maskey fi 377*6ba597c5SAnurag S. Maskey 378*6ba597c5SAnurag S. Maskey # Copy back nfs file 379*6ba597c5SAnurag S. Maskey copy_from_legacy_loc /etc/default/nfs 380*6ba597c5SAnurag S. Maskey 381*6ba597c5SAnurag S. Maskey # IPFilter, IPsec, and IKE 382*6ba597c5SAnurag S. Maskey ipf_file=`nwam_get_loc_prop Legacy ipfilter-config-file` 383*6ba597c5SAnurag S. Maskey ipf6_file=`nwam_get_loc_prop Legacy ipfilter-v6-config-file` 384*6ba597c5SAnurag S. Maskey ipnat_file=`nwam_get_loc_prop Legacy ipnat-config-file` 385*6ba597c5SAnurag S. Maskey ippool_file=`nwam_get_loc_prop Legacy ippool-config-file` 386*6ba597c5SAnurag S. Maskey ike_file=`nwam_get_loc_prop Legacy ike-config-file` 387*6ba597c5SAnurag S. Maskey pol_file=`nwam_get_loc_prop Legacy ipsecpolicy-config-file` 388*6ba597c5SAnurag S. Maskey 389*6ba597c5SAnurag S. Maskey if [ -n "$ike_file" ]; then 390*6ba597c5SAnurag S. Maskey copy_from_legacy_loc $ike_file 391*6ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file $ike_file 392*6ba597c5SAnurag S. Maskey $SVCADM refresh $IPSEC_IKE_FMRI 393*6ba597c5SAnurag S. Maskey $SVCADM enable $IPSEC_IKE_FMRI 394*6ba597c5SAnurag S. Maskey else 395*6ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file \ 396*6ba597c5SAnurag S. Maskey $IPSEC_IKE_DEFAULT_CONFIG_FILE 397*6ba597c5SAnurag S. Maskey $SVCADM disable $IPSEC_IKE_FMRI 398*6ba597c5SAnurag S. Maskey fi 399*6ba597c5SAnurag S. Maskey if [ -n "$pol_file" ]; then 400*6ba597c5SAnurag S. Maskey copy_from_legacy_loc $pol_file 401*6ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file 402*6ba597c5SAnurag S. Maskey $SVCADM refresh $IPSEC_POLICY_FMRI 403*6ba597c5SAnurag S. Maskey $SVCADM enable $IPSEC_POLICY_FMRI 404*6ba597c5SAnurag S. Maskey else 405*6ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file \ 406*6ba597c5SAnurag S. Maskey $IPSEC_POLICY_DEFAULT_CONFIG_FILE 407*6ba597c5SAnurag S. Maskey $SVCADM disable $IPSEC_POLICY_FMRI 408*6ba597c5SAnurag S. Maskey fi 409*6ba597c5SAnurag S. Maskey 410*6ba597c5SAnurag S. Maskey refresh_ipf=false 411*6ba597c5SAnurag S. Maskey if [ -n "$ipf_file" ]; then 412*6ba597c5SAnurag S. Maskey # change /none, /allow, and /deny to firewall policy 413*6ba597c5SAnurag S. Maskey if [ "$ipf_file" = "/none" -o "$ipf_file" = "/allow" \ 414*6ba597c5SAnurag S. Maskey -o "$ipf_file" = "/deny" ]; then 415*6ba597c5SAnurag S. Maskey policy=`echo "$ipf_file" | $NAWK 'FS="/" { print $2 }'` 416*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 417*6ba597c5SAnurag S. Maskey firewall_config_default/policy $policy 418*6ba597c5SAnurag S. Maskey # no need to clear custom_policy_file as it isn't "custom" 419*6ba597c5SAnurag S. Maskey else 420*6ba597c5SAnurag S. Maskey copy_from_legacy_loc $ipf_file 421*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 422*6ba597c5SAnurag S. Maskey firewall_config_default/policy "custom" 423*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 424*6ba597c5SAnurag S. Maskey firewall_config_default/custom_policy_file $ipf_file 425*6ba597c5SAnurag S. Maskey fi 426*6ba597c5SAnurag S. Maskey refresh_ipf=true 427*6ba597c5SAnurag S. Maskey fi 428*6ba597c5SAnurag S. Maskey if [ -n "$ipf6_file" ]; then 429*6ba597c5SAnurag S. Maskey copy_from_legacy_loc $ipf6_file 430*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file 431*6ba597c5SAnurag S. Maskey refresh_ipf=true 432*6ba597c5SAnurag S. Maskey else 433*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file \ 434*6ba597c5SAnurag S. Maskey $IPF6_DEFAULT_CONFIG_FILE 435*6ba597c5SAnurag S. Maskey fi 436*6ba597c5SAnurag S. Maskey if [ -n "$ipnat_file" ]; then 437*6ba597c5SAnurag S. Maskey copy_from_legacy_loc $ipnat_file 438*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file $ipnat_file 439*6ba597c5SAnurag S. Maskey refresh_ipf=true 440*6ba597c5SAnurag S. Maskey else 441*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file \ 442*6ba597c5SAnurag S. Maskey $IPNAT_DEFAULT_CONFIG_FILE 443*6ba597c5SAnurag S. Maskey fi 444*6ba597c5SAnurag S. Maskey if [ -n "$ippool_file" ]; then 445*6ba597c5SAnurag S. Maskey copy_from_legacy_loc $ippool_file 446*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 447*6ba597c5SAnurag S. Maskey $ippool_file 448*6ba597c5SAnurag S. Maskey refresh_ipf=true 449*6ba597c5SAnurag S. Maskey else 450*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 451*6ba597c5SAnurag S. Maskey $IPPOOL_DEFAULT_CONFIG_FILE 452*6ba597c5SAnurag S. Maskey fi 453*6ba597c5SAnurag S. Maskey 454*6ba597c5SAnurag S. Maskey $SVCADM refresh $IPFILTER_FMRI 455*6ba597c5SAnurag S. Maskey if [ "$refresh_ipf" = "true" ]; then 456*6ba597c5SAnurag S. Maskey $SVCADM enable $IPFILTER_FMRI 457*6ba597c5SAnurag S. Maskey else 458*6ba597c5SAnurag S. Maskey $SVCADM disable $IPFILTER_FMRI 459*6ba597c5SAnurag S. Maskey fi 460*6ba597c5SAnurag S. Maskey 461*6ba597c5SAnurag S. Maskey # Remove the Legacy directory and location 462*6ba597c5SAnurag S. Maskey $RM -rf $LEGACY_PATH 463*6ba597c5SAnurag S. Maskey $NWAMCFG destroy loc Legacy 464*6ba597c5SAnurag S. Maskey} 465*6ba597c5SAnurag S. Maskey 466*6ba597c5SAnurag S. Maskey# 467*6ba597c5SAnurag S. Maskey# Script entry point 468*6ba597c5SAnurag S. Maskey# 469*6ba597c5SAnurag S. Maskey# Arguments to net-nwam are 470*6ba597c5SAnurag S. Maskey# method ( start | refresh | stop | -u | -c ) 471*6ba597c5SAnurag S. Maskey# 472*6ba597c5SAnurag S. Maskey 473*6ba597c5SAnurag S. Maskey# 474*6ba597c5SAnurag S. Maskey# Create nwam directory in /etc/svc/volatile 475*6ba597c5SAnurag S. Maskey# 476*6ba597c5SAnurag S. Maskeyif [ ! -d /etc/svc/volatile/nwam ]; then 477*6ba597c5SAnurag S. Maskey $MKDIR -m 0755 /etc/svc/volatile/nwam 478*6ba597c5SAnurag S. Maskeyfi 479d71dbb73Sjbeck 480d71dbb73Sjbeckcase "$1" in 481d71dbb73Sjbeck'refresh') 482d71dbb73Sjbeck /usr/bin/pkill -HUP -z `smf_zonename` nwamd 483*6ba597c5SAnurag S. Maskey # 484*6ba597c5SAnurag S. Maskey # Enable network/location. Needed on first boot post-install as 485*6ba597c5SAnurag S. Maskey # network/location will not exist until after manifest-import runs. 486*6ba597c5SAnurag S. Maskey # 487*6ba597c5SAnurag S. Maskey if service_exists $NET_LOC_FMRI ; then 488*6ba597c5SAnurag S. Maskey $SVCADM enable -t $NET_LOC_FMRI 489*6ba597c5SAnurag S. Maskey fi 490d71dbb73Sjbeck ;; 491d71dbb73Sjbeck 492d71dbb73Sjbeck'start') 493*6ba597c5SAnurag S. Maskey # The real daemon is not started in a shared stack zone. But we need to 494*6ba597c5SAnurag S. Maskey # create a dummy background process to preserve contract lifetime. 495*6ba597c5SAnurag S. Maskey smf_configure_ip 496*6ba597c5SAnurag S. Maskey if [ $? = "1" ] ; then 497*6ba597c5SAnurag S. Maskey $RM -f /etc/svc/volatile/nwam/nwam_blocked 498*6ba597c5SAnurag S. Maskey $MKFIFO /etc/svc/volatile/nwam/nwam_blocked 499*6ba597c5SAnurag S. Maskey ($CAT </etc/svc/volatile/nwam/nwam_blocked >/dev/null) & 500*6ba597c5SAnurag S. Maskey exit $SMF_EXIT_OK 501*6ba597c5SAnurag S. Maskey fi 502*6ba597c5SAnurag S. Maskey 503*6ba597c5SAnurag S. Maskey # 504*6ba597c5SAnurag S. Maskey # Enable network/location. 505*6ba597c5SAnurag S. Maskey # 506*6ba597c5SAnurag S. Maskey if service_exists $NET_LOC_FMRI ; then 507*6ba597c5SAnurag S. Maskey $SVCADM enable -t $NET_LOC_FMRI 508*6ba597c5SAnurag S. Maskey fi 509*6ba597c5SAnurag S. Maskey 510d71dbb73Sjbeck if smf_is_globalzone; then 511d62bc4baSyz147064 net_reconfigure || exit $SMF_EXIT_ERR_CONFIG 512d62bc4baSyz147064 5134eaa4710SRishi Srivatsavai # Update PVID on interfaces configured with VLAN 1 5144eaa4710SRishi Srivatsavai update_pvid 5154eaa4710SRishi Srivatsavai 516d62bc4baSyz147064 # 517d62bc4baSyz147064 # Upgrade handling. The upgrade file consists of a series 518d62bc4baSyz147064 # of dladm(1M) commands. Note that after we are done, we 519d62bc4baSyz147064 # cannot rename the upgrade script file as the file system 520d62bc4baSyz147064 # is still read-only at this point. Defer this to the 521d62bc4baSyz147064 # manifest-import service. 522d62bc4baSyz147064 # 523d62bc4baSyz147064 upgrade_script=/var/svc/profile/upgrade_datalink 524d62bc4baSyz147064 if [ -f "${upgrade_script}" ]; then 525d62bc4baSyz147064 . "${upgrade_script}" 526d62bc4baSyz147064 fi 527d62bc4baSyz147064 528b509e89bSRishi Srivatsavai # Bring up simnet instances 529b509e89bSRishi Srivatsavai /sbin/dladm up-simnet 530d71dbb73Sjbeck # Initialize security objects. 531d71dbb73Sjbeck /sbin/dladm init-secobj 532f0fb1b00SRenee Danson Sommerfeld 533*6ba597c5SAnurag S. Maskey # 534*6ba597c5SAnurag S. Maskey # Initialize VNICs, VLANs and flows. Though they are brought 535*6ba597c5SAnurag S. Maskey # up here, NWAM will not automatically manage VNICs and VLANs. 536*6ba597c5SAnurag S. Maskey # 537f0fb1b00SRenee Danson Sommerfeld /sbin/dladm up-vnic 538f0fb1b00SRenee Danson Sommerfeld /sbin/dladm up-vlan 539*6ba597c5SAnurag S. Maskey /sbin/dladm up-aggr 540f0fb1b00SRenee Danson Sommerfeld /sbin/flowadm init-flow 541d71dbb73Sjbeck fi 542*6ba597c5SAnurag S. Maskey 543*6ba597c5SAnurag S. Maskey # 544*6ba597c5SAnurag S. Maskey # Ensure that the network/netcfg service is running since 545*6ba597c5SAnurag S. Maskey # manifest-import has not yet run for the first boot after upgrade. 546*6ba597c5SAnurag S. Maskey # We wouldn't need to do that if manifest-import ran earlier in 547*6ba597c5SAnurag S. Maskey # boot, since there is an explicit dependency between 548*6ba597c5SAnurag S. Maskey # network/netcfg and network/physical:nwam. This is similar to 549*6ba597c5SAnurag S. Maskey # what network/physical does with network/datalink-management in 550*6ba597c5SAnurag S. Maskey # net_reconfigure(). 551*6ba597c5SAnurag S. Maskey # 552*6ba597c5SAnurag S. Maskey $SVCADM enable -ts svc:/network/netcfg:default 553*6ba597c5SAnurag S. Maskey 554*6ba597c5SAnurag S. Maskey # 555*6ba597c5SAnurag S. Maskey # We also need to create the Legacy location, which is used 556*6ba597c5SAnurag S. Maskey # to restore non-NWAM settings that are overwritten when 557*6ba597c5SAnurag S. Maskey # NWAM is enabled (e.g. resolv.conf, nsswitch.conf, etc.). 558*6ba597c5SAnurag S. Maskey # 559*6ba597c5SAnurag S. Maskey $NWAMCFG list loc Legacy >/dev/null 2>&1 560*6ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 561*6ba597c5SAnurag S. Maskey create_legacy_loc 562*6ba597c5SAnurag S. Maskey fi 563*6ba597c5SAnurag S. Maskey 564d71dbb73Sjbeck # start nwamd in foreground; it will daemonize itself 565d71dbb73Sjbeck if /lib/inet/nwamd ; then 566d71dbb73Sjbeck exit $SMF_EXIT_OK 567d71dbb73Sjbeck else 568d71dbb73Sjbeck exit $SMF_EXIT_ERR_FATAL 569d71dbb73Sjbeck fi 570d71dbb73Sjbeck ;; 571d71dbb73Sjbeck 572d71dbb73Sjbeck'stop') 573*6ba597c5SAnurag S. Maskey # We need to make the dummy process we created above stop. 574*6ba597c5SAnurag S. Maskey smf_configure_ip 575*6ba597c5SAnurag S. Maskey if [ $? = "1" ] ; then 576*6ba597c5SAnurag S. Maskey echo "stop" > /etc/svc/volatile/nwam/nwam_blocked 577*6ba597c5SAnurag S. Maskey exit $SMF_EXIT_OK 578*6ba597c5SAnurag S. Maskey fi 579*6ba597c5SAnurag S. Maskey 580d71dbb73Sjbeck /usr/bin/pkill -z `smf_zonename` nwamd 581*6ba597c5SAnurag S. Maskey 582*6ba597c5SAnurag S. Maskey # 583*6ba597c5SAnurag S. Maskey # Restore the non-NWAM settings. 584*6ba597c5SAnurag S. Maskey # 585*6ba597c5SAnurag S. Maskey $NWAMCFG list loc Legacy >/dev/null 2>&1 586*6ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 587*6ba597c5SAnurag S. Maskey echo "No Legacy location to revert to!" 588*6ba597c5SAnurag S. Maskey exit $SMF_EXIT_OK 589*6ba597c5SAnurag S. Maskey fi 590*6ba597c5SAnurag S. Maskey revert_to_legacy_loc 591*6ba597c5SAnurag S. Maskey # remove the location property group 592*6ba597c5SAnurag S. Maskey $SVCCFG -s $NET_LOC_FMRI delpg location 593d71dbb73Sjbeck ;; 594d71dbb73Sjbeck 595afc7d545Smh138676'-u') 596afc7d545Smh138676 # After we run this part of the script upon the next reboot 597afc7d545Smh138676 # network/physical:default will be enabled and 598afc7d545Smh138676 # network/physical:nwam will be disabled. 599afc7d545Smh138676 # There are various other parts of the system (nscd, nfs) that 600afc7d545Smh138676 # depend on continuing to have a working network. For this 601afc7d545Smh138676 # reason we don't change the network configuration immediately. 602*6ba597c5SAnurag S. Maskey # 603afc7d545Smh138676 # Disable network/physical temporarily and make sure that will 604afc7d545Smh138676 # be enabled on reboot. 605*6ba597c5SAnurag S. Maskey $SVCADM disable -st $NET_PHYS_FMRI 606*6ba597c5SAnurag S. Maskey $SVCCFG -s $NET_PHYS_FMRI setprop general/enabled=true 607afc7d545Smh138676 608afc7d545Smh138676 # If nwam is online then make sure that it's temporarily enabled. 609*6ba597c5SAnurag S. Maskey nwam_online=`$SVCPROP -t -p restarter/state $NET_NWAM_FMRI` 610afc7d545Smh138676 if [ $? -eq 0 ]; then 611afc7d545Smh138676 set -- $nwam_online 612*6ba597c5SAnurag S. Maskey [ $3 = "online" ] && $SVCADM enable -st $NET_NWAM_FMRI 613afc7d545Smh138676 fi 614afc7d545Smh138676 615afc7d545Smh138676 # Set nwam so that it won't be enabled upon reboot. 616*6ba597c5SAnurag S. Maskey $SVCCFG -s $NET_NWAM_FMRI setprop general/enabled=false 617afc7d545Smh138676 exit 0 618afc7d545Smh138676 ;; 619afc7d545Smh138676 620afc7d545Smh138676'-c') 621afc7d545Smh138676 # Nothing to do for sysidtool 622afc7d545Smh138676 exit 0 623afc7d545Smh138676 ;; 624afc7d545Smh138676 625d71dbb73Sjbeck*) 626d71dbb73Sjbeck echo "Usage: $0 { start | stop | refresh }" 627d71dbb73Sjbeck exit $SMF_EXIT_ERR_FATAL 628d71dbb73Sjbeck ;; 629d71dbb73Sjbeckesac 630d71dbb73Sjbeckexit $SMF_EXIT_OK 631