1d71dbb73Sjbeck#!/sbin/sh 2d71dbb73Sjbeck# 3d71dbb73Sjbeck# CDDL HEADER START 4d71dbb73Sjbeck# 5d71dbb73Sjbeck# The contents of this file are subject to the terms of the 6d71dbb73Sjbeck# Common Development and Distribution License (the "License"). 7d71dbb73Sjbeck# You may not use this file except in compliance with the License. 8d71dbb73Sjbeck# 9d71dbb73Sjbeck# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10d71dbb73Sjbeck# or http://www.opensolaris.org/os/licensing. 11d71dbb73Sjbeck# See the License for the specific language governing permissions 12d71dbb73Sjbeck# and limitations under the License. 13d71dbb73Sjbeck# 14d71dbb73Sjbeck# When distributing Covered Code, include this CDDL HEADER in each 15d71dbb73Sjbeck# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16d71dbb73Sjbeck# If applicable, add the following below this CDDL HEADER, with the 17d71dbb73Sjbeck# fields enclosed by brackets "[]" replaced with your own identifying 18d71dbb73Sjbeck# information: Portions Copyright [yyyy] [name of copyright owner] 19d71dbb73Sjbeck# 20d71dbb73Sjbeck# CDDL HEADER END 21d71dbb73Sjbeck# 22d71dbb73Sjbeck# 231cfa752fSRamaswamy Tummala# Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved. 24*12c67a59SMilan Jurik# Copyright 2012 Milan Jurik. All rights reserved. 25d71dbb73Sjbeck# 26d71dbb73Sjbeck 27d71dbb73Sjbeck. /lib/svc/share/smf_include.sh 28d62bc4baSyz147064. /lib/svc/share/net_include.sh 29d71dbb73Sjbeck 306ba597c5SAnurag S. Maskey# FMRI constants 316ba597c5SAnurag S. MaskeyIPSEC_IKE_FMRI="svc:/network/ipsec/ike" 326ba597c5SAnurag S. MaskeyIPSEC_POLICY_FMRI="svc:/network/ipsec/policy" 336ba597c5SAnurag S. MaskeyIPFILTER_FMRI="svc:/network/ipfilter:default" 346ba597c5SAnurag S. MaskeyNIS_CLIENT_FMRI="svc:/network/nis/client:default" 356ba597c5SAnurag S. MaskeyNET_PHYS_FMRI="svc:/network/physical:default" 366ba597c5SAnurag S. MaskeyNET_NWAM_FMRI="svc:/network/physical:nwam" 376ba597c5SAnurag S. MaskeyNET_LOC_FMRI="svc:/network/location:default" 38dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United StatesNFS_MAPID_FMRI="svc:/network/nfs/mapid:default" 396ba597c5SAnurag S. Maskey 40d71dbb73Sjbeck# 416ba597c5SAnurag S. Maskey# Default *.conf files 426ba597c5SAnurag S. Maskey# Set appropriate config SMF property to these files when NWAM is stopped 436ba597c5SAnurag S. Maskey# and corresponding config properties in the Legacy location are emtpy 44d71dbb73Sjbeck# 456ba597c5SAnurag S. MaskeyIPF6_DEFAULT_CONFIG_FILE=/etc/ipf/ipf6.conf 466ba597c5SAnurag S. MaskeyIPNAT_DEFAULT_CONFIG_FILE=/etc/ipf/ipnat.conf 476ba597c5SAnurag S. MaskeyIPPOOL_DEFAULT_CONFIG_FILE=/etc/ipf/ippool.conf 486ba597c5SAnurag S. MaskeyIPSEC_IKE_DEFAULT_CONFIG_FILE=/etc/inet/ike/config 496ba597c5SAnurag S. MaskeyIPSEC_POLICY_DEFAULT_CONFIG_FILE=/etc/inet/ipsecinit.conf 506ba597c5SAnurag S. Maskey 516ba597c5SAnurag S. Maskey# commands 526ba597c5SAnurag S. MaskeyBASENAME=/usr/bin/basename 536ba597c5SAnurag S. MaskeyCAT=/usr/bin/cat 546ba597c5SAnurag S. MaskeyCP=/usr/bin/cp 556ba597c5SAnurag S. MaskeyDOMAINNAME=/usr/bin/domainname 566ba597c5SAnurag S. MaskeyGREP=/usr/bin/grep 576ba597c5SAnurag S. MaskeyLDAPCLIENT=/usr/sbin/ldapclient 586ba597c5SAnurag S. MaskeyMKDIR=/usr/bin/mkdir 596ba597c5SAnurag S. MaskeyMKFIFO=/usr/bin/mkfifo 606ba597c5SAnurag S. MaskeyNAWK=/usr/bin/nawk 616ba597c5SAnurag S. MaskeyNWAMCFG=/usr/sbin/nwamcfg 626ba597c5SAnurag S. MaskeyRM=/usr/bin/rm 636ba597c5SAnurag S. MaskeySVCADM=/usr/sbin/svcadm 646ba597c5SAnurag S. MaskeySVCCFG=/usr/sbin/svccfg 656ba597c5SAnurag S. MaskeySVCPROP=/usr/bin/svcprop 666ba597c5SAnurag S. Maskey 676ba597c5SAnurag S. Maskey# Path to directories 686ba597c5SAnurag S. Maskey# We don't have a writable file system so we write to /etc/svc/volatile and 696ba597c5SAnurag S. Maskey# then later copy anything interesting to /etc/nwam. 704491554aSAnurag S. MaskeyVOL_NWAM_PATH=/etc/svc/volatile/nwam 714491554aSAnurag S. MaskeyVOL_LEGACY_PATH=$VOL_NWAM_PATH/Legacy 724491554aSAnurag S. MaskeyPERM_LEGACY_PATH=/etc/nwam/loc/Legacy 736ba597c5SAnurag S. MaskeyNIS_BIND_PATH=/var/yp/binding 746ba597c5SAnurag S. Maskey 756ba597c5SAnurag S. Maskey# 766ba597c5SAnurag S. Maskey# copy_to_legacy_loc <file> 776ba597c5SAnurag S. Maskey# 786ba597c5SAnurag S. Maskey# Copies the file to the Legacy location directory 794491554aSAnurag S. Maskey# (in /etc/svc/volatile/nwam/Legacy) 806ba597c5SAnurag S. Maskey# 816ba597c5SAnurag S. Maskeycopy_to_legacy_loc() { 824491554aSAnurag S. Maskey $MKDIR -p $VOL_LEGACY_PATH 836ba597c5SAnurag S. Maskey if [ -f "$1" ]; then 844491554aSAnurag S. Maskey $CP -p $1 $VOL_LEGACY_PATH 856ba597c5SAnurag S. Maskey fi 866ba597c5SAnurag S. Maskey} 876ba597c5SAnurag S. Maskey 886ba597c5SAnurag S. Maskey# 896ba597c5SAnurag S. Maskey# copy_from_legacy_loc <destination file> 906ba597c5SAnurag S. Maskey# 914491554aSAnurag S. Maskey# Copies file with the same name from Legacy location 924491554aSAnurag S. Maskey# (in /etc/nwam/loc/Legacy) to the given destination file 936ba597c5SAnurag S. Maskey# 946ba597c5SAnurag S. Maskeycopy_from_legacy_loc () { 956ba597c5SAnurag S. Maskey DEST_DIR=`/usr/bin/dirname $1` 964491554aSAnurag S. Maskey SRC_FILE="$PERM_LEGACY_PATH/`$BASENAME $1`" 976ba597c5SAnurag S. Maskey 986ba597c5SAnurag S. Maskey # Make destination directory if needed 996ba597c5SAnurag S. Maskey if [ ! -d "$DEST_DIR" ]; then 1006ba597c5SAnurag S. Maskey $MKDIR -p $DEST_DIR 1016ba597c5SAnurag S. Maskey fi 1026ba597c5SAnurag S. Maskey 1036ba597c5SAnurag S. Maskey if [ -f "$SRC_FILE" ]; then 1046ba597c5SAnurag S. Maskey $CP -p $SRC_FILE $DEST_DIR 1056ba597c5SAnurag S. Maskey fi 1066ba597c5SAnurag S. Maskey} 1076ba597c5SAnurag S. Maskey 1086ba597c5SAnurag S. Maskey# 1096ba597c5SAnurag S. Maskey# write_loc_prop <property> <value> <file> 1106ba597c5SAnurag S. Maskey# 1116ba597c5SAnurag S. Maskey# Appends to <file> a nwamcfg command to set <property> to <value> if non-empty 1126ba597c5SAnurag S. Maskey# 1136ba597c5SAnurag S. Maskeywrite_loc_prop () { 1146ba597c5SAnurag S. Maskey prop=$1 1156ba597c5SAnurag S. Maskey val=$2 1166ba597c5SAnurag S. Maskey file=$3 1176ba597c5SAnurag S. Maskey 1186ba597c5SAnurag S. Maskey if [ -n "$val" -a -n "$file" ]; then 1196ba597c5SAnurag S. Maskey echo "set $prop=$val" >> $file 1206ba597c5SAnurag S. Maskey fi 1216ba597c5SAnurag S. Maskey} 1226ba597c5SAnurag S. Maskey 1236ba597c5SAnurag S. Maskey# 1246ba597c5SAnurag S. Maskey# set_smf_prop <fmri> <property name> <property value> 1256ba597c5SAnurag S. Maskey# 1266ba597c5SAnurag S. Maskeyset_smf_prop () { 1276ba597c5SAnurag S. Maskey $SVCCFG -s $1 setprop $2 = astring: "$3" && return 1286ba597c5SAnurag S. Maskey} 1296ba597c5SAnurag S. Maskey 1306ba597c5SAnurag S. Maskey# 1316ba597c5SAnurag S. Maskey# get_smf_prop <fmri> <property name> 1326ba597c5SAnurag S. Maskey# 1336ba597c5SAnurag S. Maskeyget_smf_prop () { 1346ba597c5SAnurag S. Maskey $SVCPROP -p $2 $1 1356ba597c5SAnurag S. Maskey} 1366ba597c5SAnurag S. Maskey 1376ba597c5SAnurag S. Maskey# 1386ba597c5SAnurag S. Maskey# Creates Legacy location from the current configuration 1396ba597c5SAnurag S. Maskey# 1406ba597c5SAnurag S. Maskeycreate_legacy_loc () { 1414491554aSAnurag S. Maskey CREATE_LOC_LEGACY_FILE=$VOL_NWAM_PATH/create_loc_legacy 1426ba597c5SAnurag S. Maskey 1436ba597c5SAnurag S. Maskey # 1446ba597c5SAnurag S. Maskey # Write nwamcfg commands to create Legacy location to 1456ba597c5SAnurag S. Maskey # $CREATE_LOC_LEGACY_FILE as values for properties are determined 1466ba597c5SAnurag S. Maskey # Note that some of the *_CONFIG_FILE variables point at copies of 1476ba597c5SAnurag S. Maskey # files we've made and others indicate where those copies should be 1486ba597c5SAnurag S. Maskey # if we are enabling the location. 1496ba597c5SAnurag S. Maskey # 1506ba597c5SAnurag S. Maskey echo "create loc Legacy" > $CREATE_LOC_LEGACY_FILE 1516ba597c5SAnurag S. Maskey write_loc_prop "activation-mode" "system" $CREATE_LOC_LEGACY_FILE 1526ba597c5SAnurag S. Maskey 1536ba597c5SAnurag S. Maskey NAMESERVICES="" 1546ba597c5SAnurag S. Maskey NAMESERVICES_CONFIG_FILE="" 1556ba597c5SAnurag S. Maskey DNS_NAMESERVICE_CONFIGSRC="" 1566ba597c5SAnurag S. Maskey DNS_NAMESERVICE_DOMAIN="" 1576ba597c5SAnurag S. Maskey DNS_NAMESERVICE_SERVERS="" 1586ba597c5SAnurag S. Maskey DNS_NAMESERVICE_SEARCH="" 1596ba597c5SAnurag S. Maskey NIS_NAMESERVICE_CONFIGSRC="" 1606ba597c5SAnurag S. Maskey NIS_NAMESERVICE_SERVERS="" 1616ba597c5SAnurag S. Maskey LDAP_NAMESERVICE_CONFIGSRC="" 1626ba597c5SAnurag S. Maskey LDAP_NAMESERVICE_SERVERS="" 1636ba597c5SAnurag S. Maskey DEFAULT_DOMAIN="" 1646ba597c5SAnurag S. Maskey 1656ba597c5SAnurag S. Maskey # Copy /etc/nsswitch.conf file 1666ba597c5SAnurag S. Maskey copy_to_legacy_loc /etc/nsswitch.conf 1674491554aSAnurag S. Maskey NAMESERVICES_CONFIG_FILE="$VOL_LEGACY_PATH/nsswitch.conf" 1686ba597c5SAnurag S. Maskey 1696ba597c5SAnurag S. Maskey # Gather DNS info from resolv.conf if present. 1706ba597c5SAnurag S. Maskey if [ -f /etc/resolv.conf ]; then 1716ba597c5SAnurag S. Maskey NAMESERVICES="dns," 1726ba597c5SAnurag S. Maskey $GREP -i "added by dhcp" /etc/nsswitch.conf >/dev/null 1736ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 1746ba597c5SAnurag S. Maskey DNS_NAMESERVICE_CONFIGSRC="dhcp" 1756ba597c5SAnurag S. Maskey else 1766ba597c5SAnurag S. Maskey DNS_NAMESERVICE_CONFIGSRC="manual" 1776ba597c5SAnurag S. Maskey DNS_NAMESERVICE_DOMAIN=`$NAWK '$1 == "domain" {\ 1786ba597c5SAnurag S. Maskey print $2 }' < /etc/resolv.conf` 1796ba597c5SAnurag S. Maskey DNS_NAMESERVICE_SERVERS=`$NAWK '$1 == "nameserver" \ 1806ba597c5SAnurag S. Maskey { printf "%s,", $2 }' < /etc/resolv.conf` 1816ba597c5SAnurag S. Maskey DNS_NAMESERVICE_SEARCH=`$NAWK '$1 == "search" \ 1826ba597c5SAnurag S. Maskey { printf "%s,", $2 }' < /etc/resolv.conf` 1836ba597c5SAnurag S. Maskey copy_to_legacy_loc /etc/resolv.conf 1846ba597c5SAnurag S. Maskey fi 1856ba597c5SAnurag S. Maskey fi 1866ba597c5SAnurag S. Maskey 1876ba597c5SAnurag S. Maskey # Gather NIS info from appropriate file if present. 1886ba597c5SAnurag S. Maskey if service_is_enabled $NIS_CLIENT_FMRI; then 1896ba597c5SAnurag S. Maskey NAMESERVICES="${NAMESERVICES}nis," 1906ba597c5SAnurag S. Maskey NIS_NAMESERVICE_CONFIGSRC="manual" 1916ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`$CAT /etc/defaultdomain` 1926ba597c5SAnurag S. Maskey 1936ba597c5SAnurag S. Maskey yp_servers=`$NAWK '{ printf "%s ", $1 }' \ 1946ba597c5SAnurag S. Maskey < $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers` 1956ba597c5SAnurag S. Maskey for serv in $yp_servers; do 1966ba597c5SAnurag S. Maskey if is_valid_addr $serv; then 1976ba597c5SAnurag S. Maskey addr="$serv," 1986ba597c5SAnurag S. Maskey else 1996ba597c5SAnurag S. Maskey addr=`$GREP -iw $serv /etc/inet/hosts | \ 2006ba597c5SAnurag S. Maskey $NAWK '{ printf "%s,", $1 }'` 2016ba597c5SAnurag S. Maskey fi 2026ba597c5SAnurag S. Maskey NIS_NAMESERVICE_SERVERS="${NIS_NAMESERVICE_SERVERS}$addr" 2036ba597c5SAnurag S. Maskey done 2046ba597c5SAnurag S. Maskey fi 2056ba597c5SAnurag S. Maskey 2066ba597c5SAnurag S. Maskey # Gather LDAP info via ldapclient(1M). 2076ba597c5SAnurag S. Maskey if [ -f /var/ldap/ldap_client_file ]; then 2086ba597c5SAnurag S. Maskey copy_to_legacy /var/ldap/ldap_client_file 2096ba597c5SAnurag S. Maskey NAMESERVICES="${NAMESERVICES}ldap," 2106ba597c5SAnurag S. Maskey LDAP_NAMESERVICE_CONFIGSRC="manual" 2116ba597c5SAnurag S. Maskey LDAP_NAMESERVICE_SERVERS=`$LDAPCLIENT list 2>/dev/null | \ 2126ba597c5SAnurag S. Maskey $NAWK '$1 == "preferredServerList:" { print $2 }'` 2136ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`$CAT /etc/defaultdomain` 2146ba597c5SAnurag S. Maskey fi 2156ba597c5SAnurag S. Maskey 2166ba597c5SAnurag S. Maskey # Now, write nwamcfg commands for nameservices 2176ba597c5SAnurag S. Maskey write_loc_prop "nameservices" $NAMESERVICES $CREATE_LOC_LEGACY_FILE 2186ba597c5SAnurag S. Maskey write_loc_prop "nameservices-config-file" $NAMESERVICES_CONFIG_FILE \ 2196ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2206ba597c5SAnurag S. Maskey write_loc_prop "dns-nameservice-configsrc" $DNS_NAMESERVICE_CONFIGSRC \ 2216ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2226ba597c5SAnurag S. Maskey write_loc_prop "dns-nameservice-domain" $DNS_NAMESERVICE_DOMAIN \ 2236ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2246ba597c5SAnurag S. Maskey write_loc_prop "dns-nameservice-servers" $DNS_NAMESERVICE_SERVERS \ 2256ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2266ba597c5SAnurag S. Maskey write_loc_prop "dns-nameservice-search" $DNS_NAMESERVICE_SEARCH \ 2276ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2286ba597c5SAnurag S. Maskey write_loc_prop "nis-nameservice-configsrc" $NIS_NAMESERVICE_CONFIGSRC \ 2296ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2306ba597c5SAnurag S. Maskey write_loc_prop "nis-nameservice-servers" $NIS_NAMESERVICE_SERVERS \ 2316ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2326ba597c5SAnurag S. Maskey write_loc_prop "ldap-nameservice-configsrc" $LDAP_NAMESERVICE_CONFIGSRC\ 2336ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2346ba597c5SAnurag S. Maskey write_loc_prop "ldap-nameservice-servers" $LDAP_NAMESERVICE_SERVERS \ 2356ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 2366ba597c5SAnurag S. Maskey write_loc_prop "default-domain" $DEFAULT_DOMAIN $CREATE_LOC_LEGACY_FILE 2376ba597c5SAnurag S. Maskey 238dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States # Retrieve NFSv4 domain from SMF. 239dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States if service_is_enabled $NFS_MAPID_FMRI; then 240dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States NFS_DOMAIN=`get_smf_prop NFS_MAPID_FMRI \ 241dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States nfs-props/nfsmapid_domain` 2426ba597c5SAnurag S. Maskey write_loc_prop "nfsv4-domain" \ 2436ba597c5SAnurag S. Maskey $NFS_DOMAIN $CREATE_LOC_LEGACY_FILE 2446ba597c5SAnurag S. Maskey fi 2456ba597c5SAnurag S. Maskey 2466ba597c5SAnurag S. Maskey IPF_CONFIG_FILE="" 2476ba597c5SAnurag S. Maskey IPF6_CONFIG_FILE="" 2486ba597c5SAnurag S. Maskey IPNAT_CONFIG_FILE="" 2496ba597c5SAnurag S. Maskey IPPOOL_CONFIG_FILE="" 2506ba597c5SAnurag S. Maskey IKE_CONFIG_FILE="" 2516ba597c5SAnurag S. Maskey IPSEC_POLICY_CONFIG_FILE="" 2526ba597c5SAnurag S. Maskey 2536ba597c5SAnurag S. Maskey # 2546ba597c5SAnurag S. Maskey # IPFilter 2556ba597c5SAnurag S. Maskey # 2566ba597c5SAnurag S. Maskey # If the firewall policy is "custom", simply copy the 2576ba597c5SAnurag S. Maskey # custom_policy_file. If the firewall policy is "none", "allow" or 2586ba597c5SAnurag S. Maskey # "deny", save the value as "/<value>". When reverting back to the 2596ba597c5SAnurag S. Maskey # Legacy location, these values will have to be treated as special. 2606ba597c5SAnurag S. Maskey # 2616ba597c5SAnurag S. Maskey # For all configuration files, copy them to the Legacy directory. 2626ba597c5SAnurag S. Maskey # Use the respective properties to remember the original locations 2636ba597c5SAnurag S. Maskey # of the files so that they can be copied back there when NWAM is 2646ba597c5SAnurag S. Maskey # stopped. 2656ba597c5SAnurag S. Maskey # 2666ba597c5SAnurag S. Maskey if service_is_enabled $IPFILTER_FMRI; then 2676ba597c5SAnurag S. Maskey FIREWALL_POLICY=`get_smf_prop $IPFILTER_FMRI \ 2686ba597c5SAnurag S. Maskey firewall_config_default/policy` 2696ba597c5SAnurag S. Maskey if [ "$FIREWALL_POLICY" = "custom" ]; then 2706ba597c5SAnurag S. Maskey IPF_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \ 2716ba597c5SAnurag S. Maskey firewall_config_default/custom_policy_file` 2726ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPF_CONFIG_FILE 2736ba597c5SAnurag S. Maskey else 2746ba597c5SAnurag S. Maskey # save value as /none, /allow, or /deny 2756ba597c5SAnurag S. Maskey IPF_CONFIG_FILE="/$FIREWALL_POLICY" 2766ba597c5SAnurag S. Maskey fi 2776ba597c5SAnurag S. Maskey IPF6_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \ 2786ba597c5SAnurag S. Maskey config/ipf6_config_file` 2796ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPF6_CONFIG_FILE 2806ba597c5SAnurag S. Maskey 2816ba597c5SAnurag S. Maskey IPNAT_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \ 2826ba597c5SAnurag S. Maskey config/ipnat_config_file` 2836ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPNAT_CONFIG_FILE 2846ba597c5SAnurag S. Maskey 2856ba597c5SAnurag S. Maskey IPPOOL_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \ 2866ba597c5SAnurag S. Maskey config/ippool_config_file` 2876ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPPOOL_CONFIG_FILE 2886ba597c5SAnurag S. Maskey fi 2896ba597c5SAnurag S. Maskey 2906ba597c5SAnurag S. Maskey # IKE 2916ba597c5SAnurag S. Maskey if service_is_enabled $IPSEC_IKE_FMRI:default; then 2926ba597c5SAnurag S. Maskey IKE_CONFIG_FILE=`get_smf_prop $IPSEC_IKE_FMRI config/config_file` 2936ba597c5SAnurag S. Maskey copy_to_legacy_loc $IKE_CONFIG_FILE 2946ba597c5SAnurag S. Maskey fi 2956ba597c5SAnurag S. Maskey 2966ba597c5SAnurag S. Maskey # IPsec 2976ba597c5SAnurag S. Maskey if service_is_enabled $IPSEC_POLICY_FMRI:default; then 2986ba597c5SAnurag S. Maskey IPSEC_POLICY_CONFIG_FILE=`get_smf_prop $IPSEC_POLICY_FMRI \ 2996ba597c5SAnurag S. Maskey config/config_file` 3006ba597c5SAnurag S. Maskey copy_to_legacy_loc $IPSEC_POLICY_CONFIG_FILE 3016ba597c5SAnurag S. Maskey fi 3026ba597c5SAnurag S. Maskey 3036ba597c5SAnurag S. Maskey if [ -n "$IPF_CONFIG_FILE" -a \( "$IPF_CONFIG_FILE" = "/allow" \ 3046ba597c5SAnurag S. Maskey -o "$IPF_CONFIG_FILE" = "/deny" -o "$IPF_CONFIG_FILE" = "/none" \ 3056ba597c5SAnurag S. Maskey -o -f "$IPF_CONFIG_FILE" \) ]; then 3066ba597c5SAnurag S. Maskey write_loc_prop "ipfilter-config-file" $IPF_CONFIG_FILE \ 3076ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 3086ba597c5SAnurag S. Maskey fi 3096ba597c5SAnurag S. Maskey if [ -n "$IPF6_CONFIG_FILE" -a -f "$IPF6_CONFIG_FILE" ]; then 3106ba597c5SAnurag S. Maskey write_loc_prop "ipfilter-v6-config-file" $IPF6_CONFIG_FILE \ 3116ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 3126ba597c5SAnurag S. Maskey fi 3136ba597c5SAnurag S. Maskey if [ -n "$IPNAT_CONFIG_FILE" -a -f "$IPNAT_CONFIG_FILE" ]; then 3146ba597c5SAnurag S. Maskey write_loc_prop "ipnat-config-file" $IPNAT_CONFIG_FILE \ 3156ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 3166ba597c5SAnurag S. Maskey fi 3176ba597c5SAnurag S. Maskey if [ -n "$IPPOOL_CONFIG_FILE" -a -f "$IPPOOL_CONFIG_FILE" ]; then 3186ba597c5SAnurag S. Maskey write_loc_prop "ippool-config-file" $IPPOOL_CONFIG_FILE \ 3196ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 3206ba597c5SAnurag S. Maskey fi 3216ba597c5SAnurag S. Maskey if [ -n "$IKE_CONFIG_FILE" -a -f "$IKE_CONFIG_FILE" ]; then 3226ba597c5SAnurag S. Maskey write_loc_prop "ike-config-file" $IKE_CONFIG_FILE \ 3236ba597c5SAnurag S. Maskey $CREATE_LOC_LEGACY_FILE 3246ba597c5SAnurag S. Maskey fi 3256ba597c5SAnurag S. Maskey if [ -n "$IPSEC_POLICY_CONFIG_FILE" -a -f "$IPSEC_POLICY_CONFIG_FILE" ] 3266ba597c5SAnurag S. Maskey then 3276ba597c5SAnurag S. Maskey write_loc_prop "ipsecpolicy-config-file" \ 3286ba597c5SAnurag S. Maskey $IPSEC_POLICY_CONFIG_FILE $CREATE_LOC_LEGACY_FILE 3296ba597c5SAnurag S. Maskey fi 3306ba597c5SAnurag S. Maskey 3316ba597c5SAnurag S. Maskey # End 3326ba597c5SAnurag S. Maskey echo "end" >> $CREATE_LOC_LEGACY_FILE 3336ba597c5SAnurag S. Maskey # network/location will create the Legacy location with these commands. 3346ba597c5SAnurag S. Maskey} 3356ba597c5SAnurag S. Maskey 3366ba597c5SAnurag S. Maskey# 3376ba597c5SAnurag S. Maskey# Undoes the effects of the Legacy location creation 3386ba597c5SAnurag S. Maskey# 3396ba597c5SAnurag S. Maskeyrevert_to_legacy_loc () { 3406ba597c5SAnurag S. Maskey $SVCADM disable dns/client 3416ba597c5SAnurag S. Maskey $SVCADM disable nis/client 3426ba597c5SAnurag S. Maskey $SVCADM disable ldap/client 3436ba597c5SAnurag S. Maskey 3446ba597c5SAnurag S. Maskey # copy nsswitch.conf to /etc/nsswitch.conf 3456ba597c5SAnurag S. Maskey copy_from_legacy_loc /etc/nsswitch.conf 3466ba597c5SAnurag S. Maskey 3476ba597c5SAnurag S. Maskey # DNS - copy resolv.conf to /etc/resolv.conf 3484491554aSAnurag S. Maskey if [ -f "$PERM_LEGACY_PATH/resolv.conf" ]; then 3496ba597c5SAnurag S. Maskey copy_from_legacy_loc /etc/resolv.conf 3506ba597c5SAnurag S. Maskey $SVCADM enable dns/client 3516ba597c5SAnurag S. Maskey fi 3526ba597c5SAnurag S. Maskey 3536ba597c5SAnurag S. Maskey # set /etc/defaultdomain and domainname(1M) 3546ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop Legacy default-domain` 3556ba597c5SAnurag S. Maskey if [ -n "$DEFAULT_DOMAIN" ]; then 3566ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 3576ba597c5SAnurag S. Maskey $DOMAINNAME > /etc/defaultdomain 3586ba597c5SAnurag S. Maskey fi 3596ba597c5SAnurag S. Maskey 3606ba597c5SAnurag S. Maskey # NIS - directory and ypserver in /var/yp/binding/ 3616ba597c5SAnurag S. Maskey NIS_CONFIGSRC=`nwam_get_loc_prop Legacy nis-nameservice-configsrc` 3626ba597c5SAnurag S. Maskey NIS_SERVERS=`nwam_get_loc_prop Legacy nis-nameservice-servers` 3636ba597c5SAnurag S. Maskey if [ -n "$NIS_CONFIGSRC" ]; then 3646ba597c5SAnurag S. Maskey if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then 3656ba597c5SAnurag S. Maskey $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN 3666ba597c5SAnurag S. Maskey fi 3676ba597c5SAnurag S. Maskey if [ -n "$NIS_SERVERS" ]; then 3686ba597c5SAnurag S. Maskey echo "$NIS_SERVERS" | $NAWK \ 3696ba597c5SAnurag S. Maskey 'FS="," { for (i = 1; i <= NF; i++) print $i }' \ 3706ba597c5SAnurag S. Maskey > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers 3716ba597c5SAnurag S. Maskey fi 3726ba597c5SAnurag S. Maskey $SVCADM enable nis/client 3736ba597c5SAnurag S. Maskey fi 3746ba597c5SAnurag S. Maskey 3756ba597c5SAnurag S. Maskey # LDAP - copy ldap_client_file to /var/ldap/ldap_client_file 3764491554aSAnurag S. Maskey if [ -f "$PERM_LEGACY_PATH/ldap_client_file" ]; then 3776ba597c5SAnurag S. Maskey copy_from_legacy_loc /var/ldap/ldap_client_file 3786ba597c5SAnurag S. Maskey $SVCADM enable ldap/client 3796ba597c5SAnurag S. Maskey fi 3806ba597c5SAnurag S. Maskey 381dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States # Copy back nfs NFSMAPID_DOMAIN 382dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States NFSMAPID_DOMAIN=`nwam_get_loc_prop Legacy nfsv4-domain` 383dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States if [ -n "$NFSMAPID_DOMAIN" ]; then 384dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States set_smf_prop $NFS_MAPID_FMRI \ 385dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States nfs-props/nfsmapid_domain $NFSMAPID_DOMAIN 386dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States $SVCADM refresh $NFS_MAPID_FMRI 387dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States $SVCADM enable $NFS_MAPID_FMRI 388dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States fi 3896ba597c5SAnurag S. Maskey 3906ba597c5SAnurag S. Maskey # IPFilter, IPsec, and IKE 3916ba597c5SAnurag S. Maskey ipf_file=`nwam_get_loc_prop Legacy ipfilter-config-file` 3926ba597c5SAnurag S. Maskey ipf6_file=`nwam_get_loc_prop Legacy ipfilter-v6-config-file` 3936ba597c5SAnurag S. Maskey ipnat_file=`nwam_get_loc_prop Legacy ipnat-config-file` 3946ba597c5SAnurag S. Maskey ippool_file=`nwam_get_loc_prop Legacy ippool-config-file` 3956ba597c5SAnurag S. Maskey ike_file=`nwam_get_loc_prop Legacy ike-config-file` 3966ba597c5SAnurag S. Maskey pol_file=`nwam_get_loc_prop Legacy ipsecpolicy-config-file` 3976ba597c5SAnurag S. Maskey 3986ba597c5SAnurag S. Maskey if [ -n "$ike_file" ]; then 3996ba597c5SAnurag S. Maskey copy_from_legacy_loc $ike_file 4006ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file $ike_file 4016ba597c5SAnurag S. Maskey $SVCADM refresh $IPSEC_IKE_FMRI 4026ba597c5SAnurag S. Maskey $SVCADM enable $IPSEC_IKE_FMRI 4036ba597c5SAnurag S. Maskey else 4046ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file \ 4056ba597c5SAnurag S. Maskey $IPSEC_IKE_DEFAULT_CONFIG_FILE 4066ba597c5SAnurag S. Maskey $SVCADM disable $IPSEC_IKE_FMRI 4076ba597c5SAnurag S. Maskey fi 4086ba597c5SAnurag S. Maskey if [ -n "$pol_file" ]; then 4096ba597c5SAnurag S. Maskey copy_from_legacy_loc $pol_file 4106ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file 4116ba597c5SAnurag S. Maskey $SVCADM refresh $IPSEC_POLICY_FMRI 4126ba597c5SAnurag S. Maskey $SVCADM enable $IPSEC_POLICY_FMRI 4136ba597c5SAnurag S. Maskey else 4146ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file \ 4156ba597c5SAnurag S. Maskey $IPSEC_POLICY_DEFAULT_CONFIG_FILE 4166ba597c5SAnurag S. Maskey $SVCADM disable $IPSEC_POLICY_FMRI 4176ba597c5SAnurag S. Maskey fi 4186ba597c5SAnurag S. Maskey 4196ba597c5SAnurag S. Maskey refresh_ipf=false 4206ba597c5SAnurag S. Maskey if [ -n "$ipf_file" ]; then 4216ba597c5SAnurag S. Maskey # change /none, /allow, and /deny to firewall policy 4226ba597c5SAnurag S. Maskey if [ "$ipf_file" = "/none" -o "$ipf_file" = "/allow" \ 4236ba597c5SAnurag S. Maskey -o "$ipf_file" = "/deny" ]; then 4246ba597c5SAnurag S. Maskey policy=`echo "$ipf_file" | $NAWK 'FS="/" { print $2 }'` 4256ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4266ba597c5SAnurag S. Maskey firewall_config_default/policy $policy 4276ba597c5SAnurag S. Maskey # no need to clear custom_policy_file as it isn't "custom" 4286ba597c5SAnurag S. Maskey else 4296ba597c5SAnurag S. Maskey copy_from_legacy_loc $ipf_file 4306ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4316ba597c5SAnurag S. Maskey firewall_config_default/policy "custom" 4326ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4336ba597c5SAnurag S. Maskey firewall_config_default/custom_policy_file $ipf_file 4346ba597c5SAnurag S. Maskey fi 4356ba597c5SAnurag S. Maskey refresh_ipf=true 4366ba597c5SAnurag S. Maskey fi 4376ba597c5SAnurag S. Maskey if [ -n "$ipf6_file" ]; then 4386ba597c5SAnurag S. Maskey copy_from_legacy_loc $ipf6_file 4396ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file 4406ba597c5SAnurag S. Maskey refresh_ipf=true 4416ba597c5SAnurag S. Maskey else 4426ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file \ 4436ba597c5SAnurag S. Maskey $IPF6_DEFAULT_CONFIG_FILE 4446ba597c5SAnurag S. Maskey fi 4456ba597c5SAnurag S. Maskey if [ -n "$ipnat_file" ]; then 4466ba597c5SAnurag S. Maskey copy_from_legacy_loc $ipnat_file 4476ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file $ipnat_file 4486ba597c5SAnurag S. Maskey refresh_ipf=true 4496ba597c5SAnurag S. Maskey else 4506ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file \ 4516ba597c5SAnurag S. Maskey $IPNAT_DEFAULT_CONFIG_FILE 4526ba597c5SAnurag S. Maskey fi 4536ba597c5SAnurag S. Maskey if [ -n "$ippool_file" ]; then 4546ba597c5SAnurag S. Maskey copy_from_legacy_loc $ippool_file 4556ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 4566ba597c5SAnurag S. Maskey $ippool_file 4576ba597c5SAnurag S. Maskey refresh_ipf=true 4586ba597c5SAnurag S. Maskey else 4596ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 4606ba597c5SAnurag S. Maskey $IPPOOL_DEFAULT_CONFIG_FILE 4616ba597c5SAnurag S. Maskey fi 4626ba597c5SAnurag S. Maskey 4636ba597c5SAnurag S. Maskey $SVCADM refresh $IPFILTER_FMRI 4646ba597c5SAnurag S. Maskey if [ "$refresh_ipf" = "true" ]; then 4656ba597c5SAnurag S. Maskey $SVCADM enable $IPFILTER_FMRI 4666ba597c5SAnurag S. Maskey else 4676ba597c5SAnurag S. Maskey $SVCADM disable $IPFILTER_FMRI 4686ba597c5SAnurag S. Maskey fi 4696ba597c5SAnurag S. Maskey 4704491554aSAnurag S. Maskey # Remove the Legacy directories, script and location 4714491554aSAnurag S. Maskey $RM -rf $VOL_LEGACY_PATH 4724491554aSAnurag S. Maskey $RM -rf $PERM_LEGACY_PATH 4734491554aSAnurag S. Maskey $RM -f $VOL_NWAM_PATH/create_loc_legacy 4746ba597c5SAnurag S. Maskey $NWAMCFG destroy loc Legacy 4756ba597c5SAnurag S. Maskey} 4766ba597c5SAnurag S. Maskey 4776ba597c5SAnurag S. Maskey# 4786ba597c5SAnurag S. Maskey# Script entry point 4796ba597c5SAnurag S. Maskey# 4806ba597c5SAnurag S. Maskey# Arguments to net-nwam are 4816ba597c5SAnurag S. Maskey# method ( start | refresh | stop | -u | -c ) 4826ba597c5SAnurag S. Maskey# 4836ba597c5SAnurag S. Maskey 4846ba597c5SAnurag S. Maskey# 4856ba597c5SAnurag S. Maskey# Create nwam directory in /etc/svc/volatile 4866ba597c5SAnurag S. Maskey# 4874491554aSAnurag S. Maskeyif [ ! -d $VOL_NWAM_PATH ]; then 4884491554aSAnurag S. Maskey $MKDIR -m 0755 $VOL_NWAM_PATH 4896ba597c5SAnurag S. Maskeyfi 490d71dbb73Sjbeck 491d71dbb73Sjbeckcase "$1" in 492d71dbb73Sjbeck'refresh') 493d71dbb73Sjbeck /usr/bin/pkill -HUP -z `smf_zonename` nwamd 4946ba597c5SAnurag S. Maskey # 4956ba597c5SAnurag S. Maskey # Enable network/location. Needed on first boot post-install as 4966ba597c5SAnurag S. Maskey # network/location will not exist until after manifest-import runs. 4976ba597c5SAnurag S. Maskey # 4986ba597c5SAnurag S. Maskey if service_exists $NET_LOC_FMRI ; then 4996ba597c5SAnurag S. Maskey $SVCADM enable -t $NET_LOC_FMRI 5006ba597c5SAnurag S. Maskey fi 501d71dbb73Sjbeck ;; 502d71dbb73Sjbeck 503d71dbb73Sjbeck'start') 5046ba597c5SAnurag S. Maskey # The real daemon is not started in a shared stack zone. But we need to 5056ba597c5SAnurag S. Maskey # create a dummy background process to preserve contract lifetime. 5066ba597c5SAnurag S. Maskey smf_configure_ip 5076ba597c5SAnurag S. Maskey if [ $? = "1" ] ; then 5084491554aSAnurag S. Maskey $RM -f $VOL_NWAM_PATH/nwam_blocked 5094491554aSAnurag S. Maskey $MKFIFO $VOL_NWAM_PATH/nwam_blocked 5104491554aSAnurag S. Maskey ($CAT <$VOL_NWAM_PATH/nwam_blocked >/dev/null) & 5116ba597c5SAnurag S. Maskey exit $SMF_EXIT_OK 5126ba597c5SAnurag S. Maskey fi 5136ba597c5SAnurag S. Maskey 5146ba597c5SAnurag S. Maskey # 5156ba597c5SAnurag S. Maskey # Enable network/location. 5166ba597c5SAnurag S. Maskey # 5176ba597c5SAnurag S. Maskey if service_exists $NET_LOC_FMRI ; then 5186ba597c5SAnurag S. Maskey $SVCADM enable -t $NET_LOC_FMRI 5196ba597c5SAnurag S. Maskey fi 5206ba597c5SAnurag S. Maskey 521d71dbb73Sjbeck if smf_is_globalzone; then 522d62bc4baSyz147064 net_reconfigure || exit $SMF_EXIT_ERR_CONFIG 523d62bc4baSyz147064 5244eaa4710SRishi Srivatsavai # Update PVID on interfaces configured with VLAN 1 5254eaa4710SRishi Srivatsavai update_pvid 5264eaa4710SRishi Srivatsavai 527d62bc4baSyz147064 # 528d62bc4baSyz147064 # Upgrade handling. The upgrade file consists of a series 529d62bc4baSyz147064 # of dladm(1M) commands. Note that after we are done, we 530d62bc4baSyz147064 # cannot rename the upgrade script file as the file system 531d62bc4baSyz147064 # is still read-only at this point. Defer this to the 532d62bc4baSyz147064 # manifest-import service. 533d62bc4baSyz147064 # 534d62bc4baSyz147064 upgrade_script=/var/svc/profile/upgrade_datalink 535d62bc4baSyz147064 if [ -f "${upgrade_script}" ]; then 536d62bc4baSyz147064 . "${upgrade_script}" 537d62bc4baSyz147064 fi 538d62bc4baSyz147064 5391cfa752fSRamaswamy Tummala # 5401cfa752fSRamaswamy Tummala # Upgrade handling for ibd: 541*12c67a59SMilan Jurik # After we are done with the upgrade handling, we can not set 542*12c67a59SMilan Jurik # the ibd/ibd_upgraded property to "true" as the file system is 543*12c67a59SMilan Jurik # read-only at this point. It will be done later by 544*12c67a59SMilan Jurik # ibd-post-upgrade service. 5451cfa752fSRamaswamy Tummala # 546*12c67a59SMilan Jurik if [ -x /sbin/ibd_upgrade ]; then 5471cfa752fSRamaswamy Tummala ibd_upgraded=`/bin/svcprop -c -p ibd/ibd_upgraded \ 5481cfa752fSRamaswamy Tummala svc:/network/physical:default 2> /dev/null` 5491cfa752fSRamaswamy Tummala if [ "$ibd_upgraded" != "true" ]; then 5501cfa752fSRamaswamy Tummala /sbin/ibd_upgrade -v 5511cfa752fSRamaswamy Tummala fi 552*12c67a59SMilan Jurik fi 5531cfa752fSRamaswamy Tummala 554b509e89bSRishi Srivatsavai # Bring up simnet instances 555b509e89bSRishi Srivatsavai /sbin/dladm up-simnet 556d71dbb73Sjbeck # Initialize security objects. 557d71dbb73Sjbeck /sbin/dladm init-secobj 558f0fb1b00SRenee Danson Sommerfeld 5596ba597c5SAnurag S. Maskey # 5606ba597c5SAnurag S. Maskey # Initialize VNICs, VLANs and flows. Though they are brought 5616ba597c5SAnurag S. Maskey # up here, NWAM will not automatically manage VNICs and VLANs. 5626ba597c5SAnurag S. Maskey # 563f0fb1b00SRenee Danson Sommerfeld /sbin/dladm up-vnic 564f0fb1b00SRenee Danson Sommerfeld /sbin/dladm up-vlan 5651cfa752fSRamaswamy Tummala /sbin/dladm up-part 5666ba597c5SAnurag S. Maskey /sbin/dladm up-aggr 567f0fb1b00SRenee Danson Sommerfeld /sbin/flowadm init-flow 568d71dbb73Sjbeck fi 5696ba597c5SAnurag S. Maskey 5706ba597c5SAnurag S. Maskey # 5716ba597c5SAnurag S. Maskey # We also need to create the Legacy location, which is used 5726ba597c5SAnurag S. Maskey # to restore non-NWAM settings that are overwritten when 5736ba597c5SAnurag S. Maskey # NWAM is enabled (e.g. resolv.conf, nsswitch.conf, etc.). 5746ba597c5SAnurag S. Maskey # 5756ba597c5SAnurag S. Maskey $NWAMCFG list loc Legacy >/dev/null 2>&1 5766ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 5776ba597c5SAnurag S. Maskey create_legacy_loc 5786ba597c5SAnurag S. Maskey fi 5796ba597c5SAnurag S. Maskey 580d71dbb73Sjbeck # start nwamd in foreground; it will daemonize itself 581d71dbb73Sjbeck if /lib/inet/nwamd ; then 582d71dbb73Sjbeck exit $SMF_EXIT_OK 583d71dbb73Sjbeck else 584d71dbb73Sjbeck exit $SMF_EXIT_ERR_FATAL 585d71dbb73Sjbeck fi 586d71dbb73Sjbeck ;; 587d71dbb73Sjbeck 588d71dbb73Sjbeck'stop') 5896ba597c5SAnurag S. Maskey # We need to make the dummy process we created above stop. 5906ba597c5SAnurag S. Maskey smf_configure_ip 5916ba597c5SAnurag S. Maskey if [ $? = "1" ] ; then 5924491554aSAnurag S. Maskey echo "stop" > $VOL_NWAM_PATH/nwam_blocked 5936ba597c5SAnurag S. Maskey exit $SMF_EXIT_OK 5946ba597c5SAnurag S. Maskey fi 5956ba597c5SAnurag S. Maskey 596d71dbb73Sjbeck /usr/bin/pkill -z `smf_zonename` nwamd 5976ba597c5SAnurag S. Maskey 5986ba597c5SAnurag S. Maskey # 5996ba597c5SAnurag S. Maskey # Restore the non-NWAM settings. 6006ba597c5SAnurag S. Maskey # 6016ba597c5SAnurag S. Maskey $NWAMCFG list loc Legacy >/dev/null 2>&1 6026ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 6036ba597c5SAnurag S. Maskey echo "No Legacy location to revert to!" 6046ba597c5SAnurag S. Maskey exit $SMF_EXIT_OK 6056ba597c5SAnurag S. Maskey fi 6066ba597c5SAnurag S. Maskey revert_to_legacy_loc 6076ba597c5SAnurag S. Maskey # remove the location property group 6086ba597c5SAnurag S. Maskey $SVCCFG -s $NET_LOC_FMRI delpg location 609d71dbb73Sjbeck ;; 610d71dbb73Sjbeck 611afc7d545Smh138676'-u') 612afc7d545Smh138676 # After we run this part of the script upon the next reboot 613afc7d545Smh138676 # network/physical:default will be enabled and 614afc7d545Smh138676 # network/physical:nwam will be disabled. 615afc7d545Smh138676 # There are various other parts of the system (nscd, nfs) that 616afc7d545Smh138676 # depend on continuing to have a working network. For this 617afc7d545Smh138676 # reason we don't change the network configuration immediately. 6186ba597c5SAnurag S. Maskey # 619afc7d545Smh138676 # Disable network/physical temporarily and make sure that will 620afc7d545Smh138676 # be enabled on reboot. 6216ba597c5SAnurag S. Maskey $SVCADM disable -st $NET_PHYS_FMRI 6226ba597c5SAnurag S. Maskey $SVCCFG -s $NET_PHYS_FMRI setprop general/enabled=true 623afc7d545Smh138676 624afc7d545Smh138676 # If nwam is online then make sure that it's temporarily enabled. 6256ba597c5SAnurag S. Maskey nwam_online=`$SVCPROP -t -p restarter/state $NET_NWAM_FMRI` 626afc7d545Smh138676 if [ $? -eq 0 ]; then 627afc7d545Smh138676 set -- $nwam_online 6286ba597c5SAnurag S. Maskey [ $3 = "online" ] && $SVCADM enable -st $NET_NWAM_FMRI 629afc7d545Smh138676 fi 630afc7d545Smh138676 631afc7d545Smh138676 # Set nwam so that it won't be enabled upon reboot. 6326ba597c5SAnurag S. Maskey $SVCCFG -s $NET_NWAM_FMRI setprop general/enabled=false 633afc7d545Smh138676 exit 0 634afc7d545Smh138676 ;; 635afc7d545Smh138676 636afc7d545Smh138676'-c') 637afc7d545Smh138676 # Nothing to do for sysidtool 638afc7d545Smh138676 exit 0 639afc7d545Smh138676 ;; 640afc7d545Smh138676 641d71dbb73Sjbeck*) 642d71dbb73Sjbeck echo "Usage: $0 { start | stop | refresh }" 643d71dbb73Sjbeck exit $SMF_EXIT_ERR_FATAL 644d71dbb73Sjbeck ;; 645d71dbb73Sjbeckesac 646d71dbb73Sjbeckexit $SMF_EXIT_OK 647