106d0f3f3SCasper H.S. Dik#! /usr/bin/sh 206d0f3f3SCasper H.S. Dik# 306d0f3f3SCasper H.S. Dik# CDDL HEADER START 406d0f3f3SCasper H.S. Dik# 506d0f3f3SCasper H.S. Dik# The contents of this file are subject to the terms of the 606d0f3f3SCasper H.S. Dik# Common Development and Distribution License (the "License"). 706d0f3f3SCasper H.S. Dik# You may not use this file except in compliance with the License. 806d0f3f3SCasper H.S. Dik# 906d0f3f3SCasper H.S. Dik# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 1006d0f3f3SCasper H.S. Dik# or http://www.opensolaris.org/os/licensing. 1106d0f3f3SCasper H.S. Dik# See the License for the specific language governing permissions 1206d0f3f3SCasper H.S. Dik# and limitations under the License. 1306d0f3f3SCasper H.S. Dik# 1406d0f3f3SCasper H.S. Dik# When distributing Covered Code, include this CDDL HEADER in each 1506d0f3f3SCasper H.S. Dik# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 1606d0f3f3SCasper H.S. Dik# If applicable, add the following below this CDDL HEADER, with the 1706d0f3f3SCasper H.S. Dik# fields enclosed by brackets "[]" replaced with your own identifying 1806d0f3f3SCasper H.S. Dik# information: Portions Copyright [yyyy] [name of copyright owner] 1906d0f3f3SCasper H.S. Dik# 2006d0f3f3SCasper H.S. Dik# CDDL HEADER END 2106d0f3f3SCasper H.S. Dik# 2206d0f3f3SCasper H.S. Dik 2306d0f3f3SCasper H.S. Dik# 24*8d0bff0bSNathan Bush# Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved. 2506d0f3f3SCasper H.S. Dik# 2606d0f3f3SCasper H.S. Dik 2706d0f3f3SCasper H.S. Dik. /lib/svc/share/smf_include.sh 2806d0f3f3SCasper H.S. Dik 2906d0f3f3SCasper H.S. Dikfiles='/etc/user_attr /etc/security/auth_attr /etc/security/exec_attr 3006d0f3f3SCasper H.S. Dik /etc/security/prof_attr' 3106d0f3f3SCasper H.S. Dik 3206d0f3f3SCasper H.S. DikPKGINST= 3306d0f3f3SCasper H.S. Dikexport PKGINST 3406d0f3f3SCasper H.S. Dik 3506d0f3f3SCasper H.S. Dikirbac=/usr/sadm/install/scripts/i.rbac 3606d0f3f3SCasper H.S. Dik 3706d0f3f3SCasper H.S. Dikif [ ! -x $irbac ] 3806d0f3f3SCasper H.S. Dikthen 3906d0f3f3SCasper H.S. Dik echo "${irbac}: not found." 4006d0f3f3SCasper H.S. Dik exit $SMF_EXIT_ERR_FATAL 4106d0f3f3SCasper H.S. Dikfi 4206d0f3f3SCasper H.S. Dik 4306d0f3f3SCasper H.S. Dikcase "$1" in 4406d0f3f3SCasper H.S. Dikstart|refresh) 4506d0f3f3SCasper H.S. Dik ;; 4606d0f3f3SCasper H.S. Dikstop) 4706d0f3f3SCasper H.S. Dik exit $SMF_EXIT_OK;; 4806d0f3f3SCasper H.S. Dik*) 4906d0f3f3SCasper H.S. Dik echo "Usage: $0 { start | refresh | stop }" 5006d0f3f3SCasper H.S. Dik exit $SMF_EXIT_ERR_FATAL;; 5106d0f3f3SCasper H.S. Dikesac 5206d0f3f3SCasper H.S. Dik 53*8d0bff0bSNathan Bushtmp_rbac=`/usr/bin/mktemp -d /tmp/rbac.XXXXXX` 54*8d0bff0bSNathan Bushif [ -z "$tmp_rbac" ] 55*8d0bff0bSNathan Bushthen 56*8d0bff0bSNathan Bush echo "Could not create temporary directory." 57*8d0bff0bSNathan Bush exit $SMF_EXIT_ERR_FATAL 58*8d0bff0bSNathan Bushfi 59*8d0bff0bSNathan Bushtmp_frag=$tmp_rbac/frag 60*8d0bff0bSNathan Bushtmp_file=$tmp_rbac/file 61*8d0bff0bSNathan Bush 6206d0f3f3SCasper H.S. Dikfor f in $files 6306d0f3f3SCasper H.S. Dikdo 6406d0f3f3SCasper H.S. Dik d=${f}.d 6506d0f3f3SCasper H.S. Dik if [ ! -d ${d} ] 6606d0f3f3SCasper H.S. Dik then 6706d0f3f3SCasper H.S. Dik # No directory, nothing to do 6806d0f3f3SCasper H.S. Dik continue 6906d0f3f3SCasper H.S. Dik fi 70c11c3631SJoep Vesseur # cache user/owner of file to update 71c11c3631SJoep Vesseur ownergroup=`ls -ln $f | awk '{printf("%s:%s\n", $3, $4);'}` 7206d0f3f3SCasper H.S. Dik # 7306d0f3f3SCasper H.S. Dik # List all the files in the directory and the destination file 74*8d0bff0bSNathan Bush # in the order of their timestamp. Older files are displayed 75*8d0bff0bSNathan Bush # first. If a fragment file is listed before the destination 76*8d0bff0bSNathan Bush # file, it is an older fragment that has already been processed. 77*8d0bff0bSNathan Bush # If a fragment file is listed after the destination file, it is 78*8d0bff0bSNathan Bush # new, and the destination file must be updated. 7906d0f3f3SCasper H.S. Dik # 80*8d0bff0bSNathan Bush # Comments are processed separately from the other file contents. 81*8d0bff0bSNathan Bush # For new fragments only, the comments are processed as they are 82*8d0bff0bSNathan Bush # encountered. For all fragments, the non-comment contents are 83*8d0bff0bSNathan Bush # saved in a temporary file. After all fragments have been 84*8d0bff0bSNathan Bush # processed, and only if new fragments were found, the contents 85*8d0bff0bSNathan Bush # of the temporary file are processed. This ensures that older 86*8d0bff0bSNathan Bush # but still valid entries are retained in the destination file. 87*8d0bff0bSNathan Bush # 88*8d0bff0bSNathan Bush /usr/bin/rm -f $tmp_file 89*8d0bff0bSNathan Bush new_frag=0 90c11c3631SJoep Vesseur update=0 91*8d0bff0bSNathan Bush for frag in `ls -tr $f $d/* 2> /dev/null` 9206d0f3f3SCasper H.S. Dik do 9306d0f3f3SCasper H.S. Dik if [ "$frag" = "$f" ] 9406d0f3f3SCasper H.S. Dik then 95*8d0bff0bSNathan Bush new_frag=1 96*8d0bff0bSNathan Bush continue 9706d0f3f3SCasper H.S. Dik fi 9806d0f3f3SCasper H.S. Dik if [ -f "$frag" ] 9906d0f3f3SCasper H.S. Dik then 100*8d0bff0bSNathan Bush if [ $new_frag -eq 1 ] 101*8d0bff0bSNathan Bush then 102*8d0bff0bSNathan Bush /usr/bin/rm -f $tmp_frag 103*8d0bff0bSNathan Bush /usr/bin/grep '^#' $frag > $tmp_frag 104c11c3631SJoep Vesseur update=1 105*8d0bff0bSNathan Bush echo $tmp_frag $f | $irbac 106*8d0bff0bSNathan Bush fi 107*8d0bff0bSNathan Bush /usr/bin/grep -v '^#' $frag >> $tmp_file 10806d0f3f3SCasper H.S. Dik fi 10906d0f3f3SCasper H.S. Dik done 110c11c3631SJoep Vesseur if [ $update -eq 1 ] 111c11c3631SJoep Vesseur then 112*8d0bff0bSNathan Bush echo $tmp_file $f | $irbac 113c11c3631SJoep Vesseur chown $ownergroup $f 114c11c3631SJoep Vesseur fi 11506d0f3f3SCasper H.S. Dikdone 11606d0f3f3SCasper H.S. Dik 117*8d0bff0bSNathan Bush/usr/bin/rm -rf $tmp_rbac 118*8d0bff0bSNathan Bush 11906d0f3f3SCasper H.S. Dikexit $SMF_EXIT_OK 120