1#!/sbin/sh 2# 3# Copyright 2009 Sun Microsystems, Inc. All rights reserved. 4# Use is subject to license terms. 5# 6# CDDL HEADER START 7# 8# The contents of this file are subject to the terms of the 9# Common Development and Distribution License (the "License"). 10# You may not use this file except in compliance with the License. 11# 12# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 13# or http://www.opensolaris.org/os/licensing. 14# See the License for the specific language governing permissions 15# and limitations under the License. 16# 17# When distributing Covered Code, include this CDDL HEADER in each 18# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 19# If applicable, add the following below this CDDL HEADER, with the 20# fields enclosed by brackets "[]" replaced with your own identifying 21# information: Portions Copyright [yyyy] [name of copyright owner] 22# 23# CDDL HEADER END 24# 25# Start script for vntsd 26# 27# For modifying parameters passed to vntsd, do not edit 28# this script. Instead use svccfg(8) to modify the SMF 29# repository. For example: 30# 31# svccfg 32# svc:> select ldoms/vntsd 33# svc:/ldoms/vntsd> setprop vntsd/vcc_device = "virtual-console-concentrator@1" 34# svc:/ldoms/vntsd> setprop vntsd/listen_addr = "192.168.1.1" 35# svc:/ldoms/vntsd> setprop vntsd/authorization="true" 36# svc:/ldoms/vntsd> exit 37 38. /lib/svc/share/smf_include.sh 39 40AUTH_ATTR=/etc/security/auth_attr 41USER_ATTR=/etc/user_attr 42GREP=/usr/bin/grep 43CAT=/usr/bin/cat 44ED=/usr/bin/ed 45SVCCFG=/usr/sbin/svccfg 46SVCPROP=/bin/svcprop 47 48# 49# Add LDoms vntsd authorization entries to etc/security/auth_attr if not 50# present. These define authorizations used by LDoms vntsd daemon. 51# 52add_auth_entries() 53{ 54 # Add entries to auth_attr file, if needed 55 $GREP '^solaris.vntsd.:' ${AUTH_ATTR} >/dev/null 2>&1 56 if [ $? -ne 0 ] ; then 57 $CAT >>${AUTH_ATTR} << EOF 58# Added by svc-vntsd 59solaris.vntsd.:::LDoms vntsd Administration:: 60solaris.vntsd.grant:::Delegate LDoms vntsd Administration:: 61solaris.vntsd.consoles:::Access All LDoms Guest Consoles:: 62# End of svc-vntsd 63EOF 64 fi 65} 66 67# 68# Add a LDoms user/role entry to etc/user_attr if not present. 69# This defines user/role used by useradd or roleadd. 70# 71add_user_entries() 72{ 73 # 74 # Add entries to user_attr file, if needed. 75 # 76 $GREP 'solaris.vntsd.grant' ${USER_ATTR} >/dev/null 2>&1 77 78 if [ $? -ne 0 ] ; then 79 80 $GREP '^root' ${USER_ATTR} | $GREP 'auths=' >/dev/null 2>&1 81 if [ $? -eq 0 ] ; then 82 # 83 # Add vntsd attribute to an existing root entry. 84 # 85 $ED -s ${USER_ATTR} <<- EOF > /dev/null 2>&1 86 g/^root.*auths\=/s/^roo.*auths\=/&solaris.vntsd.grant,/ 87 w 88 q 89 EOF 90 else 91 # 92 # Add a root entry with vntsd attribute. 93 # 94 $CAT >>${USER_ATTR} << EOF 95# Added by svc-vntsd 96root::::type=normal;auths=solaris.vntsd.grant;lock_after_retries=0 97# End of svc-vntsd 98EOF 99 fi 100 fi 101} 102 103# 104# Update 'vntsd' authorizations in the relevant files. Note that adding these 105# entries from this smf script rather than from the pkg install scripts, 106# ensures that they are added only if the vntsd service is being enabled; and 107# hence avoids adding these entries unnecessarily into client guest domains. 108# The functions check before adding, that the entries are not already present. 109# 110add_auth_entries 111add_user_entries 112 113vcc_device=`$SVCPROP -p vntsd/vcc_device $SMF_FMRI 2>/dev/null` 114if [ -z "$vcc_device" ]; then 115 vcc_device="virtual-console-concentrator@0" 116fi 117args="-i $vcc_device" 118 119listen_addr=`$SVCPROP -p vntsd/listen_addr $SMF_FMRI 2>/dev/null` 120if [ -n "$listen_addr" ]; then 121 args="$args -p $listen_addr" 122fi 123 124timeout=`$SVCPROP -p vntsd/timeout_minutes $SMF_FMRI 2>/dev/null` 125if [ -n "$timeout" ]; then 126 args="$args -t $timeout" 127fi 128 129auth=`$SVCPROP -p vntsd/authorization $SMF_FMRI 2>/dev/null` 130if [ "$auth" = "true" ]; then 131 args="$args -A" 132fi 133 134# 135# If we don't have a vcc device we don't want to try to start vntsd. By default 136# newer versions of the factory settings will try to start vntsd by default. 137# Since we may be installed on a machine with an older firmware we need to make 138# sure that we don't try to start if the virtual console concentrator is not 139# present. 140# 141VNTSD_DEV='/devices/virtual-devices@100/channel-devices@200/virtual-console-concentrator@0:ctl' 142if [ ! -c "$VNTSD_DEV" ]; then 143 echo "The Virtual Network Terminal Server service has been disabled" \ 144 "because the system has no virtual console concentrator (vcc)" \ 145 "device." 146 /usr/sbin/svcadm disable -t "$SMF_FMRI" 147 sleep 5 & 148 exit $SMF_EXIT_OK 149fi 150 151if [ -x /usr/lib/ldoms/vntsd ]; then 152 /usr/lib/ldoms/vntsd $args 153 rc=$? 154 if [ $rc -ne 0 ]; then 155 # if vntsd exited in error with status 1, let SMF restart it 156 # otherwise we want it to go into maintenance. 157 if [ $rc -eq 1 ]; then 158 exit $rc 159 else 160 exit $SMF_EXIT_ERR_FATAL 161 fi 162 fi 163else 164 echo "WARNING: /usr/lib/ldoms/vntsd is missing or not executable" >& 2 165 exit $SMF_EXIT_ERR_CONFIG 166fi 167 168exit $SMF_EXIT_OK 169