xref: /titanic_52/usr/src/cmd/tsol/misc/relabel.sh (revision 67e3a03ed4a2813074d36330f062ed6e593a4937)
1#!/bin/sh
2#
3# CDDL HEADER START
4#
5# The contents of this file are subject to the terms of the
6# Common Development and Distribution License (the "License").
7# You may not use this file except in compliance with the License.
8#
9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10# or http://www.opensolaris.org/os/licensing.
11# See the License for the specific language governing permissions
12# and limitations under the License.
13#
14# When distributing Covered Code, include this CDDL HEADER in each
15# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16# If applicable, add the following below this CDDL HEADER, with the
17# fields enclosed by brackets "[]" replaced with your own identifying
18# information: Portions Copyright [yyyy] [name of copyright owner]
19#
20# CDDL HEADER END
21#
22# Copyright 2007 Sun Microsystems, Inc.  All rights reserved.
23# Use is subject to license terms.
24#
25#pragma ident	"%Z%%M%	%I%	%E% SMI"
26#
27# This program is invoked to do the actual file transfer
28# associated with an invocation of the setflabel(3TSOL) function.
29#
30# It executes in the global zone with the user's identity and
31# basic privileges plus the file_dac_search privilege.  This
32# script should not not assume that stdio is available or that
33# any particular environment variables are set.  In particular,
34# the DISPLAY variable will not normally be pre-set.
35#
36# Authorization checks and zone limit privilege checks
37# are done before calling this script. Auditing is done
38# upon return.
39#
40##############################################################
41#
42# Calling sequence:
43#
44# $1 is the global zone real pathname of the source file
45#
46# $2 is the global zone real destination pathname
47#
48# Exit status:
49#
50# 0 on success
51# 1 on error
52#
53##############################################################
54#
55# This script can be customized or replaced to perform
56# additional processing such as tranquility checks, dirty
57# word filtering, copying instead of moving, etc.
58#
59# By default it does a check to determine if the source file
60# is in use by calling fuser(1). However, this check
61# does not work for filesystems that were automounted in
62# non-global zones.
63#
64# Perform a simple tranquility check
65#
66inuse=`/usr/sbin/fuser $1 2>&1 | /usr/bin/cut -d ":" -f2`
67if [ $inuse ]; then
68#
69#	file is in use
70#
71	exit 1
72else
73#
74# Perform an inter-zone move of the data
75	/usr/bin/mv $1 $2
76	exit $?
77fi
78