xref: /titanic_52/usr/src/lib/libsecdb/svc-rbac (revision de22af4e795d4c10cbff9a60ec725aab46c03afe)
1#! /usr/bin/sh
2#
3# CDDL HEADER START
4#
5# The contents of this file are subject to the terms of the
6# Common Development and Distribution License (the "License").
7# You may not use this file except in compliance with the License.
8#
9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10# or http://www.opensolaris.org/os/licensing.
11# See the License for the specific language governing permissions
12# and limitations under the License.
13#
14# When distributing Covered Code, include this CDDL HEADER in each
15# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16# If applicable, add the following below this CDDL HEADER, with the
17# fields enclosed by brackets "[]" replaced with your own identifying
18# information: Portions Copyright [yyyy] [name of copyright owner]
19#
20# CDDL HEADER END
21#
22
23#
24# Copyright 2010 Sun Microsystems, Inc.  All rights reserved.
25# Use is subject to license terms.
26#
27
28. /lib/svc/share/smf_include.sh
29
30files='/etc/user_attr /etc/security/auth_attr /etc/security/exec_attr
31    /etc/security/prof_attr'
32
33PKGINST=
34export PKGINST
35
36irbac=/usr/sadm/install/scripts/i.rbac
37
38if [ ! -x $irbac ]
39then
40	echo "${irbac}: not found."
41	exit $SMF_EXIT_ERR_FATAL
42fi
43
44case "$1" in
45start|refresh)
46	;;
47stop)
48	exit $SMF_EXIT_OK;;
49*)
50	echo "Usage: $0 { start | refresh | stop }"
51	exit $SMF_EXIT_ERR_FATAL;;
52esac
53
54for f in $files
55do
56	d=${f}.d
57	if [ ! -d ${d} ]
58	then
59		# No directory, nothing to do
60		continue
61	fi
62	# cache user/owner of file to update
63	ownergroup=`ls -ln $f | awk '{printf("%s:%s\n", $3, $4);'}`
64	#
65	# List all the files in the directory and the destination file
66	# in the order of their timestamp.  Most recent files are
67	# displayed first.  When we find the destination file, we're
68	# done as the rest of the files are older and they are already
69	# incorporated.
70	#
71	update=0
72	for frag in `ls -t $f $d/* 2> /dev/null`
73	do
74		if [ "$frag" = "$f" ]
75		then
76			break
77		fi
78		if [ -f "$frag" ]
79		then
80			update=1
81			echo $frag $f | $irbac
82		fi
83	done
84	if [ $update -eq 1 ]
85	then
86		chown $ownergroup $f
87	fi
88done
89
90exit $SMF_EXIT_OK
91