16ba597c5SAnurag S. Maskey#!/sbin/sh 26ba597c5SAnurag S. Maskey# 36ba597c5SAnurag S. Maskey# CDDL HEADER START 46ba597c5SAnurag S. Maskey# 56ba597c5SAnurag S. Maskey# The contents of this file are subject to the terms of the 66ba597c5SAnurag S. Maskey# Common Development and Distribution License (the "License"). 76ba597c5SAnurag S. Maskey# You may not use this file except in compliance with the License. 86ba597c5SAnurag S. Maskey# 96ba597c5SAnurag S. Maskey# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 106ba597c5SAnurag S. Maskey# or http://www.opensolaris.org/os/licensing. 116ba597c5SAnurag S. Maskey# See the License for the specific language governing permissions 126ba597c5SAnurag S. Maskey# and limitations under the License. 136ba597c5SAnurag S. Maskey# 146ba597c5SAnurag S. Maskey# When distributing Covered Code, include this CDDL HEADER in each 156ba597c5SAnurag S. Maskey# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 166ba597c5SAnurag S. Maskey# If applicable, add the following below this CDDL HEADER, with the 176ba597c5SAnurag S. Maskey# fields enclosed by brackets "[]" replaced with your own identifying 186ba597c5SAnurag S. Maskey# information: Portions Copyright [yyyy] [name of copyright owner] 196ba597c5SAnurag S. Maskey# 206ba597c5SAnurag S. Maskey# CDDL HEADER END 216ba597c5SAnurag S. Maskey# 226ba597c5SAnurag S. Maskey# 234a44f0a1SAnurag S. Maskey# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. 246ba597c5SAnurag S. Maskey# 256ba597c5SAnurag S. Maskey 266ba597c5SAnurag S. Maskey. /lib/svc/share/smf_include.sh 276ba597c5SAnurag S. Maskey. /lib/svc/share/net_include.sh 286ba597c5SAnurag S. Maskey 296ba597c5SAnurag S. Maskey# FMRI consts 306ba597c5SAnurag S. MaskeyAUTOFS_FMRI="svc:/system/filesystem/autofs" 316ba597c5SAnurag S. MaskeyDNS_CLIENT_FMRI="svc:/network/dns/client" 326ba597c5SAnurag S. MaskeyIPSEC_IKE_FMRI="svc:/network/ipsec/ike" 336ba597c5SAnurag S. MaskeyIPSEC_POLICY_FMRI="svc:/network/ipsec/policy" 346ba597c5SAnurag S. MaskeyIPFILTER_FMRI="svc:/network/ipfilter:default" 356ba597c5SAnurag S. MaskeyLDAP_CLIENT_FMRI="svc:/network/ldap/client" 366ba597c5SAnurag S. MaskeyLOCATION_FMRI="svc:/network/location:default" 376ba597c5SAnurag S. MaskeyMAPID_FMRI="svc:/network/nfs/mapid:default" 386ba597c5SAnurag S. MaskeyNIS_CLIENT_FMRI="svc:/network/nis/client" 396ba597c5SAnurag S. MaskeyNWAM_FMRI="svc:/network/physical:nwam" 406ba597c5SAnurag S. Maskey 416ba597c5SAnurag S. Maskey# commands 426ba597c5SAnurag S. MaskeyCP=/usr/bin/cp 436ba597c5SAnurag S. MaskeyDHCPINFO=/sbin/dhcpinfo 446ba597c5SAnurag S. MaskeyDOMAINNAME=/usr/bin/domainname 456ba597c5SAnurag S. MaskeyGREP=/usr/bin/grep 466ba597c5SAnurag S. MaskeyLDAPCLIENT=/usr/sbin/ldapclient 476ba597c5SAnurag S. MaskeyMKDIR=/usr/bin/mkdir 486ba597c5SAnurag S. MaskeyMV=/usr/bin/mv 496ba597c5SAnurag S. MaskeyNAWK=/usr/bin/nawk 506ba597c5SAnurag S. MaskeyNWAMADM=/usr/sbin/nwamadm 516ba597c5SAnurag S. MaskeyNWAMCFG=/usr/sbin/nwamcfg 526ba597c5SAnurag S. MaskeyRM=/usr/bin/rm 536ba597c5SAnurag S. MaskeySED=/usr/bin/sed 546ba597c5SAnurag S. MaskeySVCADM=/usr/sbin/svcadm 556ba597c5SAnurag S. MaskeySVCCFG=/usr/sbin/svccfg 566ba597c5SAnurag S. MaskeySVCPROP=/usr/bin/svcprop 576ba597c5SAnurag S. MaskeyTOUCH=/usr/bin/touch 586ba597c5SAnurag S. Maskey 596ba597c5SAnurag S. Maskey# Path to directories 606ba597c5SAnurag S. MaskeyETC_DEFAULT_DOMAIN=/etc/defaultdomain 616ba597c5SAnurag S. MaskeyNIS_BIND_PATH=/var/yp/binding 626ba597c5SAnurag S. MaskeyLEGACY_LOC_PATH=/etc/nwam/loc/Legacy 636ba597c5SAnurag S. MaskeyUSER_LOC_PATH=/etc/nwam/loc/User 646ba597c5SAnurag S. MaskeySCRIPT_PATH=/etc/svc/volatile/nwam 656ba597c5SAnurag S. Maskey 666ba597c5SAnurag S. Maskey# 676ba597c5SAnurag S. Maskey# echoes DHCP controlled interfaces separated by commas 686ba597c5SAnurag S. Maskey# 696ba597c5SAnurag S. Maskey# Don't parse the output of ifconfig(1M) because interfaces that haven't 706ba597c5SAnurag S. Maskey# acquired a DHCP lease also have the DHCP flag set. 716ba597c5SAnurag S. Maskey# 726ba597c5SAnurag S. Maskeyget_dhcp_interfaces () { 736ba597c5SAnurag S. Maskey # 746ba597c5SAnurag S. Maskey # 1. parse netstat(1M) output for v4 interfaces in BOUND 756ba597c5SAnurag S. Maskey # or INFORMATION state 766ba597c5SAnurag S. Maskey # 2. make a space-separated list of interface names 776ba597c5SAnurag S. Maskey # 786ba597c5SAnurag S. Maskey netstat -D -f inet | $NAWK ' 796ba597c5SAnurag S. Maskey $2 ~ /BOUND/ { printf "%s ", $1 } 806ba597c5SAnurag S. Maskey $2 ~ /INFORMATION/ { printf "%s ", $1 }' 816ba597c5SAnurag S. Maskey} 826ba597c5SAnurag S. Maskey 836ba597c5SAnurag S. Maskey# 846ba597c5SAnurag S. Maskey# get_dhcpinfo <code/identifier> 856ba597c5SAnurag S. Maskey# 86*03e9aa6dSRenee Danson Sommerfeld# echoes the value received through each interface controlled by DHCP; 87*03e9aa6dSRenee Danson Sommerfeld# multiple values are echoed as a space-separated list 88*03e9aa6dSRenee Danson Sommerfeld# 896ba597c5SAnurag S. Maskey# returns: 906ba597c5SAnurag S. Maskey# 0 => property is set 916ba597c5SAnurag S. Maskey# 1 => property is not set 926ba597c5SAnurag S. Maskey# 936ba597c5SAnurag S. Maskeyget_dhcpinfo () { 946ba597c5SAnurag S. Maskey code=$1 956ba597c5SAnurag S. Maskey 966ba597c5SAnurag S. Maskey # Get all interfaces with DHCP control, IFS is " " 976ba597c5SAnurag S. Maskey interfaces=`get_dhcp_interfaces` 986ba597c5SAnurag S. Maskey 996ba597c5SAnurag S. Maskey info="" 1006ba597c5SAnurag S. Maskey for intf in $interfaces; do 1016ba597c5SAnurag S. Maskey val=`$DHCPINFO -i $intf $code` 1026ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 1036ba597c5SAnurag S. Maskey if [ "$info" = "" ]; then 1046ba597c5SAnurag S. Maskey info="$val" 1056ba597c5SAnurag S. Maskey else 106*03e9aa6dSRenee Danson Sommerfeld info="$info $val" 1076ba597c5SAnurag S. Maskey fi 1086ba597c5SAnurag S. Maskey fi 1096ba597c5SAnurag S. Maskey done 1106ba597c5SAnurag S. Maskey echo $info 1116ba597c5SAnurag S. Maskey} 1126ba597c5SAnurag S. Maskey 1136ba597c5SAnurag S. Maskey# 1146ba597c5SAnurag S. Maskey# set_smf_prop <fmri> <property name> <property value> 1156ba597c5SAnurag S. Maskey# 1166ba597c5SAnurag S. Maskeyset_smf_prop () { 1176ba597c5SAnurag S. Maskey $SVCCFG -s $1 setprop $2 = astring: "$3" && return 1186ba597c5SAnurag S. Maskey} 1196ba597c5SAnurag S. Maskey 1206ba597c5SAnurag S. Maskey# 1216ba597c5SAnurag S. Maskey# refresh_svc <fmri> 1226ba597c5SAnurag S. Maskey# 1236ba597c5SAnurag S. Maskey# Refreshes the service. 1246ba597c5SAnurag S. Maskey# 1256ba597c5SAnurag S. Maskeyrefresh_svc () { 1266ba597c5SAnurag S. Maskey $SVCADM refresh $1 1276ba597c5SAnurag S. Maskey} 1286ba597c5SAnurag S. Maskey 1296ba597c5SAnurag S. Maskey# 1306ba597c5SAnurag S. Maskey# restart_svc <fmri> 1316ba597c5SAnurag S. Maskey# 1326ba597c5SAnurag S. Maskey# Restarts the service. 1336ba597c5SAnurag S. Maskey# 1346ba597c5SAnurag S. Maskeyrestart_svc () { 1356ba597c5SAnurag S. Maskey $SVCADM restart $1 1366ba597c5SAnurag S. Maskey} 1376ba597c5SAnurag S. Maskey 1386ba597c5SAnurag S. Maskey# 1396ba597c5SAnurag S. Maskey# start_svc <fmri> 1406ba597c5SAnurag S. Maskey# 1416ba597c5SAnurag S. Maskey# Starts the service. If the service is already enabled, restarts it. If 1426ba597c5SAnurag S. Maskey# it is not enabled, temporarily enables it. 1436ba597c5SAnurag S. Maskey# 1446ba597c5SAnurag S. Maskeystart_svc () { 1456ba597c5SAnurag S. Maskey if service_is_enabled $1; then 1466ba597c5SAnurag S. Maskey $SVCADM restart $1 1476ba597c5SAnurag S. Maskey else 1486ba597c5SAnurag S. Maskey $SVCADM enable -t $1 1496ba597c5SAnurag S. Maskey fi 1506ba597c5SAnurag S. Maskey} 1516ba597c5SAnurag S. Maskey 1526ba597c5SAnurag S. Maskey# 1536ba597c5SAnurag S. Maskey# stop_svc <fmri> 1546ba597c5SAnurag S. Maskey# 1556ba597c5SAnurag S. Maskey# Temporarily disables the service. 1566ba597c5SAnurag S. Maskey# 1576ba597c5SAnurag S. Maskeystop_svc () { 1586ba597c5SAnurag S. Maskey $SVCADM disable -t $1 1596ba597c5SAnurag S. Maskey} 1606ba597c5SAnurag S. Maskey 1616ba597c5SAnurag S. Maskey# 1626ba597c5SAnurag S. Maskey# copy_default <dir> <file> 1636ba597c5SAnurag S. Maskey# 1646ba597c5SAnurag S. Maskey# Copies <dir>/<file>.dfl to <dir>/<file> 1656ba597c5SAnurag S. Maskey# 1666ba597c5SAnurag S. Maskeycopy_default () { 1676ba597c5SAnurag S. Maskey $CP -p $1/$2.dfl $1/$2 1686ba597c5SAnurag S. Maskey} 1696ba597c5SAnurag S. Maskey 1706ba597c5SAnurag S. Maskey# 1716ba597c5SAnurag S. Maskey# do_dns <location> 1726ba597c5SAnurag S. Maskey# 1736ba597c5SAnurag S. Maskey# Installs DNS information on /etc/resolv.conf for location 1746ba597c5SAnurag S. Maskey# 175*03e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 176*03e9aa6dSRenee Danson Sommerfeld# 1776ba597c5SAnurag S. Maskeydo_dns () { 1786ba597c5SAnurag S. Maskey loc=$1 1796ba597c5SAnurag S. Maskey file=/etc/resolv.conf 1806ba597c5SAnurag S. Maskey 1816ba597c5SAnurag S. Maskey # Write out to temporary file first 1826ba597c5SAnurag S. Maskey $TOUCH $file.$$ 1836ba597c5SAnurag S. Maskey 184*03e9aa6dSRenee Danson Sommerfeld DNS_CONFIGSRC=`nwam_get_loc_list_prop $loc dns-nameservice-configsrc` 185ad559becSAnurag S. Maskey if [ -z "$DNS_CONFIGSRC" ]; then 186ad559becSAnurag S. Maskey echo "missing 'dns-nameservice-configsrc' property for '$loc'" 187*03e9aa6dSRenee Danson Sommerfeld return 1 188ad559becSAnurag S. Maskey fi 189ad559becSAnurag S. Maskey 1906ba597c5SAnurag S. Maskey for configsrc in $DNS_CONFIGSRC; do 1916ba597c5SAnurag S. Maskey case "$configsrc" in 1926ba597c5SAnurag S. Maskey 'manual') 193*03e9aa6dSRenee Danson Sommerfeld DNS_SERVERS=`nwam_get_loc_list_prop $loc \ 194*03e9aa6dSRenee Danson Sommerfeld dns-nameservice-servers` 195*03e9aa6dSRenee Danson Sommerfeld if [ -z "$DNS_SERVERS" ]; then 196*03e9aa6dSRenee Danson Sommerfeld echo "DNS nameserver not set for '$loc'" 197*03e9aa6dSRenee Danson Sommerfeld return 1 198*03e9aa6dSRenee Danson Sommerfeld fi 1996ba597c5SAnurag S. Maskey DNS_DOMAIN=`nwam_get_loc_prop $loc \ 2006ba597c5SAnurag S. Maskey dns-nameservice-domain` 201*03e9aa6dSRenee Danson Sommerfeld DNS_SEARCH=`nwam_get_loc_list_prop $loc \ 2026ba597c5SAnurag S. Maskey dns-nameservice-search` 2036ba597c5SAnurag S. Maskey ;; 2046ba597c5SAnurag S. Maskey 'dhcp') 2056ba597c5SAnurag S. Maskey DNS_DOMAIN=`get_dhcpinfo DNSdmain` 2066ba597c5SAnurag S. Maskey DNS_SERVERS=`get_dhcpinfo DNSserv` 2076ba597c5SAnurag S. Maskey # No DNS search info for IPv4 2086ba597c5SAnurag S. Maskey ;; 2096ba597c5SAnurag S. Maskey '*') 2106ba597c5SAnurag S. Maskey echo "Unrecognized DNS configsrc ${configsrc}; ignoring" 2116ba597c5SAnurag S. Maskey ;; 2126ba597c5SAnurag S. Maskey esac 2136ba597c5SAnurag S. Maskey 2146ba597c5SAnurag S. Maskey # Write DNS settings 2156ba597c5SAnurag S. Maskey if [ -n "$DNS_DOMAIN" ]; then 2166ba597c5SAnurag S. Maskey echo "$DNS_DOMAIN" | $NAWK \ 217*03e9aa6dSRenee Danson Sommerfeld '{ for (i = 1; i <= NF; i++) \ 2186ba597c5SAnurag S. Maskey print "domain ", $i }' >> $file.$$ 2196ba597c5SAnurag S. Maskey fi 2206ba597c5SAnurag S. Maskey if [ -n "$DNS_SEARCH" ]; then 2216ba597c5SAnurag S. Maskey echo "$DNS_SEARCH" | $NAWK \ 222*03e9aa6dSRenee Danson Sommerfeld '{ printf("search"); \ 2236ba597c5SAnurag S. Maskey for (i = 1; i <= NF; i++) printf(" %s", $i); \ 2246ba597c5SAnurag S. Maskey printf("\n") }' >> $file.$$ 2256ba597c5SAnurag S. Maskey fi 2266ba597c5SAnurag S. Maskey if [ -n "$DNS_SERVERS" ]; then 2276ba597c5SAnurag S. Maskey echo "$DNS_SERVERS" | $NAWK \ 228*03e9aa6dSRenee Danson Sommerfeld '{ for (i = 1; i <= NF; i++) \ 2296ba597c5SAnurag S. Maskey print "nameserver ", $i }' >> $file.$$ 2306ba597c5SAnurag S. Maskey fi 2316ba597c5SAnurag S. Maskey done 232ad559becSAnurag S. Maskey 2336ba597c5SAnurag S. Maskey # Finally, copy our working version to the real thing 2346ba597c5SAnurag S. Maskey $MV -f $file.$$ $file 2356ba597c5SAnurag S. Maskey start_svc $DNS_CLIENT_FMRI 236*03e9aa6dSRenee Danson Sommerfeld 237*03e9aa6dSRenee Danson Sommerfeld return 0 2386ba597c5SAnurag S. Maskey} 2396ba597c5SAnurag S. Maskey 2406ba597c5SAnurag S. Maskey# 2416ba597c5SAnurag S. Maskey# do_nis <location> 2426ba597c5SAnurag S. Maskey# 2436ba597c5SAnurag S. Maskey# Installs NIS information on /var/yp/binding/ for location 2446ba597c5SAnurag S. Maskey# 245*03e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 246*03e9aa6dSRenee Danson Sommerfeld# 2476ba597c5SAnurag S. Maskeydo_nis () { 2486ba597c5SAnurag S. Maskey loc=$1 2496ba597c5SAnurag S. Maskey 250*03e9aa6dSRenee Danson Sommerfeld NIS_CONFIGSRC=`nwam_get_loc_list_prop $loc nis-nameservice-configsrc` 251ad559becSAnurag S. Maskey if [ -z "$NIS_CONFIGSRC" ]; then 252ad559becSAnurag S. Maskey echo "missing 'nis-nameservice-configsrc' property for '$loc'" 253*03e9aa6dSRenee Danson Sommerfeld return 1 254ad559becSAnurag S. Maskey fi 255ad559becSAnurag S. Maskey 2566ba597c5SAnurag S. Maskey for configsrc in $NIS_CONFIGSRC; do 2576ba597c5SAnurag S. Maskey case "$configsrc" in 2586ba597c5SAnurag S. Maskey 'manual') 259*03e9aa6dSRenee Danson Sommerfeld NIS_SERVERS=`nwam_get_loc_list_prop $loc \ 2606ba597c5SAnurag S. Maskey nis-nameservice-servers` 2616ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 2626ba597c5SAnurag S. Maskey # user-specified default-domain always wins 263ad559becSAnurag S. Maskey if [ -n "$DEFAULT_DOMAIN" ]; then 2646ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 2656ba597c5SAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 266*03e9aa6dSRenee Danson Sommerfeld else 267*03e9aa6dSRenee Danson Sommerfeld echo "'domainname' not set for '$loc'" 268*03e9aa6dSRenee Danson Sommerfeld return 1 269ad559becSAnurag S. Maskey fi 2706ba597c5SAnurag S. Maskey ;; 2716ba597c5SAnurag S. Maskey 'dhcp') 2726ba597c5SAnurag S. Maskey # Use only the first name 2736ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`get_dhcpinfo NISdmain | \ 274*03e9aa6dSRenee Danson Sommerfeld $NAWK '{ print $1 }'` 2756ba597c5SAnurag S. Maskey NIS_SERVERS=`get_dhcpinfo NISservs` 2766ba597c5SAnurag S. Maskey if [ "$domainname_set" = "false" ]; then 2776ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 2786ba597c5SAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 2796ba597c5SAnurag S. Maskey fi 2806ba597c5SAnurag S. Maskey ;; 2816ba597c5SAnurag S. Maskey '*') 2826ba597c5SAnurag S. Maskey echo "Unrecognized NIS configsrc ${configsrc}; ignoring" 2836ba597c5SAnurag S. Maskey ;; 2846ba597c5SAnurag S. Maskey esac 2856ba597c5SAnurag S. Maskey 2866ba597c5SAnurag S. Maskey # Place NIS settings in appropriate directory/file. 2876ba597c5SAnurag S. Maskey if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then 2886ba597c5SAnurag S. Maskey $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN 2896ba597c5SAnurag S. Maskey fi 2906ba597c5SAnurag S. Maskey if [ -n "$NIS_SERVERS" ]; then 2916ba597c5SAnurag S. Maskey echo "$NIS_SERVERS" | $NAWK \ 292*03e9aa6dSRenee Danson Sommerfeld '{ for (i = 1; i <= NF; i++) print $i }' \ 2936ba597c5SAnurag S. Maskey > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers 2946ba597c5SAnurag S. Maskey fi 2956ba597c5SAnurag S. Maskey done 296*03e9aa6dSRenee Danson Sommerfeld 2976ba597c5SAnurag S. Maskey start_svc $NIS_CLIENT_FMRI 298*03e9aa6dSRenee Danson Sommerfeld 299*03e9aa6dSRenee Danson Sommerfeld return 0 3006ba597c5SAnurag S. Maskey} 3016ba597c5SAnurag S. Maskey 3026ba597c5SAnurag S. Maskey# 3036ba597c5SAnurag S. Maskey# do_ldap <location> 3046ba597c5SAnurag S. Maskey# 3056ba597c5SAnurag S. Maskey# Installs LDAP information using ldapclient(1M) for location 3066ba597c5SAnurag S. Maskey# 307*03e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 308*03e9aa6dSRenee Danson Sommerfeld# 3096ba597c5SAnurag S. Maskeydo_ldap () { 3106ba597c5SAnurag S. Maskey loc=$1 3116ba597c5SAnurag S. Maskey 312*03e9aa6dSRenee Danson Sommerfeld LDAP_CONFIGSRC=`nwam_get_loc_list_prop $loc ldap-nameservice-configsrc` 313ad559becSAnurag S. Maskey if [ -z "$LDAP_CONFIGSRC" ]; then 314ad559becSAnurag S. Maskey echo "missing 'ldap-nameservice-configsrc' property for '$loc'" 315*03e9aa6dSRenee Danson Sommerfeld return 1 316ad559becSAnurag S. Maskey fi 317ad559becSAnurag S. Maskey 3186ba597c5SAnurag S. Maskey for configsrc in $LDAP_CONFIGSRC; do 3196ba597c5SAnurag S. Maskey case "$configsrc" in 3206ba597c5SAnurag S. Maskey 'manual') 321*03e9aa6dSRenee Danson Sommerfeld LDAP_SERVERS=`nwam_get_loc_list_prop $loc \ 3226ba597c5SAnurag S. Maskey ldap-nameservice-servers` 3236ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 324*03e9aa6dSRenee Danson Sommerfeld if [ -z $LDAP_SERVERS -o -z $DEFAULT_DOMAIN ]; then 325*03e9aa6dSRenee Danson Sommerfeld echo "LDAP configuration could not be set "\ 326*03e9aa6dSRenee Danson Sommerfeld "for '$loc'" 327*03e9aa6dSRenee Danson Sommerfeld return 1 328*03e9aa6dSRenee Danson Sommerfeld fi 3296ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 3306ba597c5SAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 3316ba597c5SAnurag S. Maskey ;; 3326ba597c5SAnurag S. Maskey '*') 333*03e9aa6dSRenee Danson Sommerfeld echo "Invalid LDAP configsrc ${configsrc}; ignoring" 3346ba597c5SAnurag S. Maskey ;; 3356ba597c5SAnurag S. Maskey esac 3366ba597c5SAnurag S. Maskey 3376ba597c5SAnurag S. Maskey # Use ldapclient(1M) to initialize LDAP client settings. 3386ba597c5SAnurag S. Maskey if [ -n "$DEFAULT_DOMAIN" -o -n "$LDAP_SERVERS" ]; then 3396ba597c5SAnurag S. Maskey $LDAPCLIENT init -a domainName=$DEFAULT_DOMAIN \ 3406ba597c5SAnurag S. Maskey $LDAP_SERVERS 3416ba597c5SAnurag S. Maskey fi 3426ba597c5SAnurag S. Maskey done 343*03e9aa6dSRenee Danson Sommerfeld 3446ba597c5SAnurag S. Maskey start_svc $LDAP_CLIENT_FMRI 345*03e9aa6dSRenee Danson Sommerfeld 346*03e9aa6dSRenee Danson Sommerfeld return 0 3476ba597c5SAnurag S. Maskey} 3486ba597c5SAnurag S. Maskey 3496ba597c5SAnurag S. Maskey# 3506ba597c5SAnurag S. Maskey# do_ns <location> 3516ba597c5SAnurag S. Maskey# 3526ba597c5SAnurag S. Maskey# Installs different nameservices for location 3536ba597c5SAnurag S. Maskey# 354*03e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 355*03e9aa6dSRenee Danson Sommerfeld# 3566ba597c5SAnurag S. Maskeydo_ns () { 3576ba597c5SAnurag S. Maskey loc=$1 3586ba597c5SAnurag S. Maskey 3596ba597c5SAnurag S. Maskey # 3606ba597c5SAnurag S. Maskey # Disable nameservices temporarily while we reconfigure. Copy 3616ba597c5SAnurag S. Maskey # /etc/nsswitch.files to /etc/nsswitch.conf first so that only "files" 3626ba597c5SAnurag S. Maskey # are used. 3636ba597c5SAnurag S. Maskey # 3646ba597c5SAnurag S. Maskey $CP -p /etc/nsswitch.files /etc/nsswitch.conf 3656ba597c5SAnurag S. Maskey stop_svc $DNS_CLIENT_FMRI 3666ba597c5SAnurag S. Maskey stop_svc $NIS_CLIENT_FMRI 3676ba597c5SAnurag S. Maskey stop_svc $LDAP_CLIENT_FMRI 3686ba597c5SAnurag S. Maskey 3696ba597c5SAnurag S. Maskey # 3706ba597c5SAnurag S. Maskey # Remove /etc/defaultdomain and unset domainname(1M). If NIS 3716ba597c5SAnurag S. Maskey # and/or LDAP is configured, they will create /etc/defaultdomain 3726ba597c5SAnurag S. Maskey # and set the domainname(1M). 3736ba597c5SAnurag S. Maskey # 3746ba597c5SAnurag S. Maskey $RM -f $ETC_DEFAULT_DOMAIN 3756ba597c5SAnurag S. Maskey $DOMAINNAME " " 3766ba597c5SAnurag S. Maskey 377*03e9aa6dSRenee Danson Sommerfeld NAMESERVICES=`nwam_get_loc_list_prop $loc nameservices` 378ad559becSAnurag S. Maskey if [ -z "$NAMESERVICES" ]; then 379ad559becSAnurag S. Maskey echo "missing 'nameservices' property for location '$loc'" 380*03e9aa6dSRenee Danson Sommerfeld return 1 381ad559becSAnurag S. Maskey fi 382ad559becSAnurag S. Maskey 3836ba597c5SAnurag S. Maskey NAMESERVICES_CONFIG_FILE=`nwam_get_loc_prop \ 3846ba597c5SAnurag S. Maskey $loc nameservices-config-file` 385ad559becSAnurag S. Maskey if [ -z "$NAMESERVICES_CONFIG_FILE" ]; then 386ad559becSAnurag S. Maskey echo "missing 'nameservices-config-file' property for '$loc'" 387*03e9aa6dSRenee Danson Sommerfeld return 1 3886ba597c5SAnurag S. Maskey fi 389ad559becSAnurag S. Maskey $CP -p $NAMESERVICES_CONFIG_FILE /etc/nsswitch.conf 3906ba597c5SAnurag S. Maskey 3916ba597c5SAnurag S. Maskey for ns in $NAMESERVICES; do 3926ba597c5SAnurag S. Maskey case "$ns" in 3936ba597c5SAnurag S. Maskey 'files') 3946ba597c5SAnurag S. Maskey # no additional setup needed for files nameservice 3956ba597c5SAnurag S. Maskey ;; 3966ba597c5SAnurag S. Maskey 'dns') 397*03e9aa6dSRenee Danson Sommerfeld do_dns $loc || return 1 3986ba597c5SAnurag S. Maskey ;; 3996ba597c5SAnurag S. Maskey 'nis') 400*03e9aa6dSRenee Danson Sommerfeld do_nis $loc || return 1 4016ba597c5SAnurag S. Maskey ;; 4026ba597c5SAnurag S. Maskey 'ldap') 403*03e9aa6dSRenee Danson Sommerfeld do_ldap $loc || return 1 4046ba597c5SAnurag S. Maskey ;; 4056ba597c5SAnurag S. Maskey '*') 4066ba597c5SAnurag S. Maskey echo "Unrecognized nameservices value ${ns}; ignoring" 4076ba597c5SAnurag S. Maskey ;; 4086ba597c5SAnurag S. Maskey esac 4096ba597c5SAnurag S. Maskey done 4106ba597c5SAnurag S. Maskey 4116ba597c5SAnurag S. Maskey # 4126ba597c5SAnurag S. Maskey # Restart other related services 4136ba597c5SAnurag S. Maskey # 4146ba597c5SAnurag S. Maskey # We explicitly restart here, as restart will only have an 4156ba597c5SAnurag S. Maskey # effect if the service is already enabled. We don't want 4166ba597c5SAnurag S. Maskey # to enable the service if it's currently disabled. 4176ba597c5SAnurag S. Maskey # 4186ba597c5SAnurag S. Maskey restart_svc $AUTOFS_FMRI 419*03e9aa6dSRenee Danson Sommerfeld 420*03e9aa6dSRenee Danson Sommerfeld return 0 4216ba597c5SAnurag S. Maskey} 4226ba597c5SAnurag S. Maskey 4236ba597c5SAnurag S. Maskey# 4246ba597c5SAnurag S. Maskey# do_sec <location> 4256ba597c5SAnurag S. Maskey# 4266ba597c5SAnurag S. Maskey# If config properties are set, update the SMF property and refresh the 4276ba597c5SAnurag S. Maskey# service. If config properties are not set, delete the SMF property and 4286ba597c5SAnurag S. Maskey# stop the service. 4296ba597c5SAnurag S. Maskey# 430*03e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 431*03e9aa6dSRenee Danson Sommerfeld# 4326ba597c5SAnurag S. Maskeydo_sec () { 4336ba597c5SAnurag S. Maskey loc=$1 4346ba597c5SAnurag S. Maskey 4356ba597c5SAnurag S. Maskey ike_file=`nwam_get_loc_prop $loc ike-config-file` 4366ba597c5SAnurag S. Maskey pol_file=`nwam_get_loc_prop $loc ipsecpolicy-config-file` 4376ba597c5SAnurag S. Maskey ipf_file=`nwam_get_loc_prop $loc ipfilter-config-file` 4386ba597c5SAnurag S. Maskey ipf6_file=`nwam_get_loc_prop $loc ipfilter-v6-config-file` 4396ba597c5SAnurag S. Maskey ipnat_file=`nwam_get_loc_prop $loc ipnat-config-file` 4406ba597c5SAnurag S. Maskey ippool_file=`nwam_get_loc_prop $loc ippool-config-file` 4416ba597c5SAnurag S. Maskey 4426ba597c5SAnurag S. Maskey # IKE 4436ba597c5SAnurag S. Maskey if [ -n "$ike_file" ]; then 4446ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file $ike_file 4456ba597c5SAnurag S. Maskey refresh_svc $IPSEC_IKE_FMRI 4466ba597c5SAnurag S. Maskey start_svc $IPSEC_IKE_FMRI 4476ba597c5SAnurag S. Maskey else 4486ba597c5SAnurag S. Maskey stop_svc $IPSEC_IKE_FMRI 4496ba597c5SAnurag S. Maskey fi 4506ba597c5SAnurag S. Maskey 4516ba597c5SAnurag S. Maskey # IPsec 4526ba597c5SAnurag S. Maskey if [ -n "$pol_file" ]; then 4536ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file 4546ba597c5SAnurag S. Maskey refresh_svc $IPSEC_POLICY_FMRI 4556ba597c5SAnurag S. Maskey start_svc $IPSEC_POLICY_FMRI 4566ba597c5SAnurag S. Maskey else 4576ba597c5SAnurag S. Maskey stop_svc $IPSEC_POLICY_FMRI 4586ba597c5SAnurag S. Maskey fi 4596ba597c5SAnurag S. Maskey 4606ba597c5SAnurag S. Maskey # IPFilter 4616ba597c5SAnurag S. Maskey refresh_ipf=false 4626ba597c5SAnurag S. Maskey if [ -n "$ipf_file" ]; then 4636ba597c5SAnurag S. Maskey if [ "$ipf_file" = "/none" ]; then 4646ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4656ba597c5SAnurag S. Maskey firewall_config_default/policy "none" 4666ba597c5SAnurag S. Maskey elif [ "$ipf_file" = "/deny" ]; then 4676ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4686ba597c5SAnurag S. Maskey firewall_config_default/policy "deny" 4696ba597c5SAnurag S. Maskey elif [ "$ipf_file" = "/allow" ]; then 4706ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4716ba597c5SAnurag S. Maskey firewall_config_default/policy "allow" 4726ba597c5SAnurag S. Maskey else 4736ba597c5SAnurag S. Maskey # custom policy with policy file 4746ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4756ba597c5SAnurag S. Maskey firewall_config_default/policy "custom" 4766ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4776ba597c5SAnurag S. Maskey firewall_config_default/custom_policy_file $ipf_file 4786ba597c5SAnurag S. Maskey fi 4796ba597c5SAnurag S. Maskey refresh_ipf=true 4806ba597c5SAnurag S. Maskey else 4816ba597c5SAnurag S. Maskey # change policy to "none", no need to clear custom_policy_file 4826ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI firewall_config_default/policy \ 4836ba597c5SAnurag S. Maskey "none" 4846ba597c5SAnurag S. Maskey # IPFilter has to be refreshed to make the changes effective. 4856ba597c5SAnurag S. Maskey # Don't set $refresh_ipf as it keeps IPFilter online rather 4866ba597c5SAnurag S. Maskey # than disabled. Refresh after IPFilter is disabled below. 4876ba597c5SAnurag S. Maskey fi 4886ba597c5SAnurag S. Maskey if [ -n "$ipf6_file" ]; then 4896ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file 4906ba597c5SAnurag S. Maskey refresh_ipf=true 4916ba597c5SAnurag S. Maskey fi 4926ba597c5SAnurag S. Maskey if [ -n "$ipnat_file" ]; then 4936ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file $ipnat_file 4946ba597c5SAnurag S. Maskey refresh_ipf=true 4956ba597c5SAnurag S. Maskey fi 4966ba597c5SAnurag S. Maskey if [ -n "$ippool_file" ]; then 4976ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 4986ba597c5SAnurag S. Maskey $ippool_file 4996ba597c5SAnurag S. Maskey refresh_ipf=true 5006ba597c5SAnurag S. Maskey fi 5016ba597c5SAnurag S. Maskey 5026ba597c5SAnurag S. Maskey if [ "$refresh_ipf" = "true" ]; then 5036ba597c5SAnurag S. Maskey refresh_svc $IPFILTER_FMRI 5046ba597c5SAnurag S. Maskey start_svc $IPFILTER_FMRI 5056ba597c5SAnurag S. Maskey else 5066ba597c5SAnurag S. Maskey stop_svc $IPFILTER_FMRI 5076ba597c5SAnurag S. Maskey refresh_svc $IPFILTER_FMRI 5086ba597c5SAnurag S. Maskey fi 509*03e9aa6dSRenee Danson Sommerfeld 510*03e9aa6dSRenee Danson Sommerfeld return 0 5116ba597c5SAnurag S. Maskey} 5126ba597c5SAnurag S. Maskey 5136ba597c5SAnurag S. Maskey# 5146ba597c5SAnurag S. Maskey# update_nfs_file <new nfsv4 domain> 5156ba597c5SAnurag S. Maskey# 5166ba597c5SAnurag S. Maskeyupdate_nfs_file () { 5176ba597c5SAnurag S. Maskey domain=$1 5186ba597c5SAnurag S. Maskey file=/etc/default/nfs 5196ba597c5SAnurag S. Maskey 5206ba597c5SAnurag S. Maskey # 5216ba597c5SAnurag S. Maskey # For non-commented-out lines that set NFSMAPID_DOMAIN: 5226ba597c5SAnurag S. Maskey # if not previously added by nwam, comment out with a note 5236ba597c5SAnurag S. Maskey # if previously added by nwam, remove 5246ba597c5SAnurag S. Maskey # For commented-out lines that set NFSMAPID_DOMAIN: 5256ba597c5SAnurag S. Maskey # if not commented out by NWAM, leave as-is 5266ba597c5SAnurag S. Maskey # if commented out by NWAM, remove 5276ba597c5SAnurag S. Maskey # All other lines: leave as-is 5286ba597c5SAnurag S. Maskey # 5296ba597c5SAnurag S. Maskey $NAWK ' \ 5306ba597c5SAnurag S. Maskey $0 ~ /^NFSMAPID_DOMAIN=/ { 5316ba597c5SAnurag S. Maskey if (index($0, "# Added by NWAM") == 0) 5326ba597c5SAnurag S. Maskey printf("#%s # Commented out by NWAM\n", $0); 5336ba597c5SAnurag S. Maskey } 5346ba597c5SAnurag S. Maskey $0 ~ /^#NFSMAPID_DOMAIN=/ { 5356ba597c5SAnurag S. Maskey if ($0 !~ /"# Commented out by NWAM"/) 5366ba597c5SAnurag S. Maskey printf("%s\n", $0); 5376ba597c5SAnurag S. Maskey } 5386ba597c5SAnurag S. Maskey $1 !~ /NFSMAPID_DOMAIN=/ { 5396ba597c5SAnurag S. Maskey printf("%s\n", $0); 5406ba597c5SAnurag S. Maskey }' $file >$file.$$ 5416ba597c5SAnurag S. Maskey 5426ba597c5SAnurag S. Maskey # Now add the desired value 5436ba597c5SAnurag S. Maskey echo "NFSMAPID_DOMAIN=$domain # Added by NWAM" >> $file.$$ 5446ba597c5SAnurag S. Maskey 5456ba597c5SAnurag S. Maskey # Finally, copy our working version to the real thing 5466ba597c5SAnurag S. Maskey $MV -f $file.$$ $file 5476ba597c5SAnurag S. Maskey} 5486ba597c5SAnurag S. Maskey 5496ba597c5SAnurag S. Maskey# 5506ba597c5SAnurag S. Maskey# do_nfsv4 <location> 5516ba597c5SAnurag S. Maskey# 5526ba597c5SAnurag S. Maskey# Updates NFSv4 domain for location 5536ba597c5SAnurag S. Maskey# 554*03e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 555*03e9aa6dSRenee Danson Sommerfeld# 5566ba597c5SAnurag S. Maskeydo_nfsv4 () { 5576ba597c5SAnurag S. Maskey loc=$1 5586ba597c5SAnurag S. Maskey 5596ba597c5SAnurag S. Maskey nfsv4domain=`nwam_get_loc_prop $loc nfsv4-domain` 5606ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 5616ba597c5SAnurag S. Maskey update_nfs_file $nfsv4domain 5626ba597c5SAnurag S. Maskey start_svc $MAPID_FMRI 5636ba597c5SAnurag S. Maskey else 5646ba597c5SAnurag S. Maskey stop_svc $MAPID_FMRI 5656ba597c5SAnurag S. Maskey fi 566*03e9aa6dSRenee Danson Sommerfeld 567*03e9aa6dSRenee Danson Sommerfeld return 0 5686ba597c5SAnurag S. Maskey} 5696ba597c5SAnurag S. Maskey 5706ba597c5SAnurag S. Maskey# 5716ba597c5SAnurag S. Maskey# activate_loc <location> 5726ba597c5SAnurag S. Maskey# 5736ba597c5SAnurag S. Maskey# Activates the given location 5746ba597c5SAnurag S. Maskey# 575*03e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 576*03e9aa6dSRenee Danson Sommerfeld# 5776ba597c5SAnurag S. Maskeyactivate_loc () { 5786ba597c5SAnurag S. Maskey loc=$1 5796ba597c5SAnurag S. Maskey 5806ba597c5SAnurag S. Maskey echo activating $loc location 5816ba597c5SAnurag S. Maskey 582*03e9aa6dSRenee Danson Sommerfeld # 583*03e9aa6dSRenee Danson Sommerfeld # if we fail to complete any part of the config, 584*03e9aa6dSRenee Danson Sommerfeld # stop activation work and report failure. 585*03e9aa6dSRenee Danson Sommerfeld # 586*03e9aa6dSRenee Danson Sommerfeld do_sec $loc && do_ns $loc && do_nfsv4 $loc && return 0 587*03e9aa6dSRenee Danson Sommerfeld return 1 5886ba597c5SAnurag S. Maskey} 5896ba597c5SAnurag S. Maskey 5906ba597c5SAnurag S. Maskey# 5916ba597c5SAnurag S. Maskey# Script entry point 5926ba597c5SAnurag S. Maskey# 5936ba597c5SAnurag S. Maskey# Arguments to net-loc are 5946ba597c5SAnurag S. Maskey# method ('start' or 'refresh') 5956ba597c5SAnurag S. Maskey 5966ba597c5SAnurag S. Maskey# 5976ba597c5SAnurag S. Maskey# If nwam is not enabled, do nothing and return OK. 5986ba597c5SAnurag S. Maskey# 5996ba597c5SAnurag S. Maskeyservice_is_enabled $NWAM_FMRI || exit $SMF_EXIT_OK 6006ba597c5SAnurag S. Maskey 6016ba597c5SAnurag S. Maskey# 6026ba597c5SAnurag S. Maskey# In a shared-IP zone we need this service to be up, but all of the work 6036ba597c5SAnurag S. Maskey# it tries to do is irrelevant (and will actually lead to the service 6046ba597c5SAnurag S. Maskey# failing if we try to do it), so just bail out. 6056ba597c5SAnurag S. Maskey# In the global zone and exclusive-IP zones we proceed. 6066ba597c5SAnurag S. Maskey# 6076ba597c5SAnurag S. Maskeysmf_configure_ip || exit $SMF_EXIT_OK 6086ba597c5SAnurag S. Maskey 6096ba597c5SAnurag S. Maskeycase "$1" in 6106ba597c5SAnurag S. Maskey 6116ba597c5SAnurag S. Maskey'start') 6126ba597c5SAnurag S. Maskey # 6136ba597c5SAnurag S. Maskey # We need to create the default (NoNet and Automatic) 6146ba597c5SAnurag S. Maskey # locations, if they don't already exist. So: first check 6156ba597c5SAnurag S. Maskey # for the existence of each, and then run the appropriate 6166ba597c5SAnurag S. Maskey # nwamcfg script(s) as needed. Restart nwamd if a location is 6176ba597c5SAnurag S. Maskey # created, as it needs to read it in. 6186ba597c5SAnurag S. Maskey # 6196ba597c5SAnurag S. Maskey LOC_CREATED="false" 6206ba597c5SAnurag S. Maskey $NWAMCFG list loc Automatic >/dev/null 2>&1 6216ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 6226ba597c5SAnurag S. Maskey $NWAMCFG -f /etc/nwam/loc/create_loc_auto 6236ba597c5SAnurag S. Maskey LOC_CREATED="true" 6246ba597c5SAnurag S. Maskey fi 6256ba597c5SAnurag S. Maskey 6266ba597c5SAnurag S. Maskey $NWAMCFG list loc NoNet >/dev/null 2>&1 6276ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 6286ba597c5SAnurag S. Maskey NONETPATH=/etc/nwam/loc/NoNet 6296ba597c5SAnurag S. Maskey NONETFILES="ipf.conf ipf6.conf" 6306ba597c5SAnurag S. Maskey for file in $NONETFILES; do 6316ba597c5SAnurag S. Maskey copy_default $NONETPATH $file 6326ba597c5SAnurag S. Maskey done 6336ba597c5SAnurag S. Maskey $NWAMCFG -f /etc/nwam/loc/create_loc_nonet 6346ba597c5SAnurag S. Maskey LOC_CREATED="true" 6356ba597c5SAnurag S. Maskey fi 6366ba597c5SAnurag S. Maskey 6376ba597c5SAnurag S. Maskey if [ "$LOC_CREATED" = "true" ]; then 6386ba597c5SAnurag S. Maskey refresh_svc $NWAM_FMRI 6396ba597c5SAnurag S. Maskey fi 6406ba597c5SAnurag S. Maskey 6416ba597c5SAnurag S. Maskey # location selection/activation happens below 6426ba597c5SAnurag S. Maskey ;; 6436ba597c5SAnurag S. Maskey 6446ba597c5SAnurag S. Maskey'refresh') 6456ba597c5SAnurag S. Maskey 6466ba597c5SAnurag S. Maskey # location selection/activation happens below 6476ba597c5SAnurag S. Maskey ;; 6486ba597c5SAnurag S. Maskey 6496ba597c5SAnurag S. Maskey*) 6506ba597c5SAnurag S. Maskey echo "Usage: $0 start|refresh" 6516ba597c5SAnurag S. Maskey exit 1 6526ba597c5SAnurag S. Maskey ;; 6536ba597c5SAnurag S. Maskey 6546ba597c5SAnurag S. Maskeyesac 6556ba597c5SAnurag S. Maskey 6566ba597c5SAnurag S. Maskey# 6576ba597c5SAnurag S. Maskey# If the Legacy location doesn't exist and the file to create the Legacy 6586ba597c5SAnurag S. Maskey# location exists, create the Legacy location. Make a copy of it as the user's 6596ba597c5SAnurag S. Maskey# intentions before upgrade. Then activate the User location if nis is 6606ba597c5SAnurag S. Maskey# involved. Because NIS affects more parts of the system (e.g. automounts) we 6616ba597c5SAnurag S. Maskey# are not willing to make NIS part of the Automatic location (i.e. enable it 6626ba597c5SAnurag S. Maskey# automatically based on external input) as we do with DHCP-driven DNS. 6636ba597c5SAnurag S. Maskey# 6646ba597c5SAnurag S. Maskeyactivate_user_loc=0 6656ba597c5SAnurag S. Maskey$NWAMCFG list loc Legacy >/dev/null 2>&1 6666ba597c5SAnurag S. Maskeyif [ $? -eq 1 -a -f "$SCRIPT_PATH/create_loc_legacy" ]; then 6676ba597c5SAnurag S. Maskey # 6686ba597c5SAnurag S. Maskey # We built the script in and pointing to /etc/svc/volatile because we 6696ba597c5SAnurag S. Maskey # may not have a writable filesystem in net-nwam. So here we move the 6706ba597c5SAnurag S. Maskey # components and rewrite the script to point at the writable filesystem. 6716ba597c5SAnurag S. Maskey # 6726ba597c5SAnurag S. Maskey $CP -r $SCRIPT_PATH/Legacy $LEGACY_LOC_PATH 6736ba597c5SAnurag S. Maskey $MV $SCRIPT_PATH/create_loc_legacy $SCRIPT_PATH/vcreate_loc_legacy 6746ba597c5SAnurag S. Maskey $SED -e's,/etc/svc/volatile/nwam/Legacy,/etc/nwam/loc/Legacy,' \ 6756ba597c5SAnurag S. Maskey $SCRIPT_PATH/vcreate_loc_legacy >$SCRIPT_PATH/create_loc_legacy 6766ba597c5SAnurag S. Maskey $NWAMCFG -f $SCRIPT_PATH/create_loc_legacy 6776ba597c5SAnurag S. Maskey loc_ver=`$SVCPROP -c -p location_upgrade/version $LOCATION_FMRI \ 6786ba597c5SAnurag S. Maskey 2>/dev/null` 6796ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 6806ba597c5SAnurag S. Maskey # 6816ba597c5SAnurag S. Maskey # We are rewriting configuration variables from the Legacy 6826ba597c5SAnurag S. Maskey # location to the User location. Use variable ULP to keep REs 6836ba597c5SAnurag S. Maskey # within a line. 6846ba597c5SAnurag S. Maskey # 6856ba597c5SAnurag S. Maskey ULP=$USER_LOC_PATH 6866ba597c5SAnurag S. Maskey $SED -e's,Legacy,User,' \ 6876ba597c5SAnurag S. Maskey -e's,activation-mode=system,activation-mode=manual,' \ 6886ba597c5SAnurag S. Maskey -e"s,\(ipfilter-config-file=\).*/\(.*\),\1$ULP/\2," \ 6896ba597c5SAnurag S. Maskey -e"s,\(ipfilter-v6-config-file=\).*/\(.*\),\1$ULP/\2," \ 6906ba597c5SAnurag S. Maskey -e"s,\(ipnat-config-file=\).*/\(.*\),\1$ULP/\2," \ 6916ba597c5SAnurag S. Maskey -e"s,\(ippool-config-file=\).*/\(.*\),\1$ULP/\2," \ 6926ba597c5SAnurag S. Maskey -e"s,\(ike-config-file=\).*/\(.*\),\1$ULP/\2," \ 6936ba597c5SAnurag S. Maskey -e"s,\(ipsecpolicy-config-file=\).*/\(.*\),\1$ULP/\2," \ 6946ba597c5SAnurag S. Maskey $SCRIPT_PATH/create_loc_legacy | \ 6956ba597c5SAnurag S. Maskey $SED -e's,/etc/nwam/loc/User/none,/none,' \ 6966ba597c5SAnurag S. Maskey -e's,/etc/nwam/loc/User/allow,/allow,' \ 6976ba597c5SAnurag S. Maskey -e's,/etc/nwam/loc/User/deny,/deny,' \ 6986ba597c5SAnurag S. Maskey >$SCRIPT_PATH/create_loc_user 6996ba597c5SAnurag S. Maskey # 7006ba597c5SAnurag S. Maskey # We are creating the User location here. The User location 7016ba597c5SAnurag S. Maskey # is an appromixation of the machine configuration when the 7026ba597c5SAnurag S. Maskey # user change or upgraded to this version of NWAM. First 7036ba597c5SAnurag S. Maskey # we make sure there isn't an existing User location or any 7046ba597c5SAnurag S. Maskey # existing User location data. We then copy all the data 7056ba597c5SAnurag S. Maskey # from the Legacy location and create a location pointing at 7066ba597c5SAnurag S. Maskey # that data. Lastly we create a version property to note 7076ba597c5SAnurag S. Maskey # that we have done this. 7086ba597c5SAnurag S. Maskey # 7096ba597c5SAnurag S. Maskey $NWAMCFG destroy loc User 2>/dev/null 7106ba597c5SAnurag S. Maskey $RM -rf $USER_LOC_PATH 7116ba597c5SAnurag S. Maskey $CP -r $LEGACY_LOC_PATH $USER_LOC_PATH 7126ba597c5SAnurag S. Maskey $RM -f $USER_LOC_PATH/resolv.conf 7136ba597c5SAnurag S. Maskey $NWAMCFG -f $SCRIPT_PATH/create_loc_user 7146ba597c5SAnurag S. Maskey # The User location is activated if 'nis' is in a non comment 7156ba597c5SAnurag S. Maskey # line of nsswitch.conf. 7166ba597c5SAnurag S. Maskey $GREP -v "^#" $USER_LOC_PATH/nsswitch.conf |\ 7176ba597c5SAnurag S. Maskey $SED -e 's/[^:]*://' | $GREP nis >/dev/null 2>&1 7186ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 7196ba597c5SAnurag S. Maskey activate_user_loc=1 7206ba597c5SAnurag S. Maskey fi 7216ba597c5SAnurag S. Maskey $SVCCFG -s $SMF_FMRI addpg location_upgrade application \ 7226ba597c5SAnurag S. Maskey 2>/dev/null 7236ba597c5SAnurag S. Maskey $SVCCFG -s $SMF_FMRI setprop location_upgrade/version = \ 7246ba597c5SAnurag S. Maskey astring: "1" 7256ba597c5SAnurag S. Maskey fi 7266ba597c5SAnurag S. Maskeyfi 7276ba597c5SAnurag S. Maskey 7286ba597c5SAnurag S. Maskey# 7296ba597c5SAnurag S. Maskey# Activate a location. If we've just finished upgrading, and 7306ba597c5SAnurag S. Maskey# the User location should be activated, do that (and use nwamadm 7316ba597c5SAnurag S. Maskey# to do so, so the enabled property gets set and nwamd knows this 7326ba597c5SAnurag S. Maskey# selection has been made). Otherwise, if our location/selected 7336ba597c5SAnurag S. Maskey# property has a value, we activate that location; else we activate 7346ba597c5SAnurag S. Maskey# the NoNet location as a default value. 7356ba597c5SAnurag S. Maskey# 7366ba597c5SAnurag S. Maskeyif [ $activate_user_loc -eq 1 ]; then 7376ba597c5SAnurag S. Maskey $NWAMADM enable -p loc User 7386ba597c5SAnurag S. Maskeyelse 7396ba597c5SAnurag S. Maskey sel_loc=`$SVCPROP -c -p location/selected $SMF_FMRI 2>/dev/null` 7406ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 7416ba597c5SAnurag S. Maskey # location hasn't been selected; default to NoNet 7426ba597c5SAnurag S. Maskey activate_loc NoNet 7436ba597c5SAnurag S. Maskey else 744*03e9aa6dSRenee Danson Sommerfeld # 745*03e9aa6dSRenee Danson Sommerfeld # If the selected location does not exist, or if we fail 746*03e9aa6dSRenee Danson Sommerfeld # to activate it completely, we fall back to the NoNet 747*03e9aa6dSRenee Danson Sommerfeld # location. Also poke nwamd, so it will check conditions 748*03e9aa6dSRenee Danson Sommerfeld # for a better choice. 749*03e9aa6dSRenee Danson Sommerfeld # 7504a44f0a1SAnurag S. Maskey $NWAMCFG list loc $sel_loc >/dev/null 2>&1 7514a44f0a1SAnurag S. Maskey if [ $? -eq 1 ]; then 752ad559becSAnurag S. Maskey echo "location '$sel_loc' doesn't exist" 753*03e9aa6dSRenee Danson Sommerfeld activate_loc NoNet 754*03e9aa6dSRenee Danson Sommerfeld refresh_svc $NWAM_FMRI 7554a44f0a1SAnurag S. Maskey else 7566ba597c5SAnurag S. Maskey # activate selected location 757*03e9aa6dSRenee Danson Sommerfeld if ! activate_loc $sel_loc; then 758*03e9aa6dSRenee Danson Sommerfeld echo "failed to activate '$sel_loc'" 759*03e9aa6dSRenee Danson Sommerfeld activate_loc NoNet 760*03e9aa6dSRenee Danson Sommerfeld refresh_svc $NWAM_FMRI 761*03e9aa6dSRenee Danson Sommerfeld fi 7626ba597c5SAnurag S. Maskey fi 7636ba597c5SAnurag S. Maskey fi 7644a44f0a1SAnurag S. Maskeyfi 7656ba597c5SAnurag S. Maskey 7666ba597c5SAnurag S. Maskeyexit $SMF_EXIT_OK 767