16ba597c5SAnurag S. Maskey#!/sbin/sh 26ba597c5SAnurag S. Maskey# 36ba597c5SAnurag S. Maskey# CDDL HEADER START 46ba597c5SAnurag S. Maskey# 56ba597c5SAnurag S. Maskey# The contents of this file are subject to the terms of the 66ba597c5SAnurag S. Maskey# Common Development and Distribution License (the "License"). 76ba597c5SAnurag S. Maskey# You may not use this file except in compliance with the License. 86ba597c5SAnurag S. Maskey# 96ba597c5SAnurag S. Maskey# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 106ba597c5SAnurag S. Maskey# or http://www.opensolaris.org/os/licensing. 116ba597c5SAnurag S. Maskey# See the License for the specific language governing permissions 126ba597c5SAnurag S. Maskey# and limitations under the License. 136ba597c5SAnurag S. Maskey# 146ba597c5SAnurag S. Maskey# When distributing Covered Code, include this CDDL HEADER in each 156ba597c5SAnurag S. Maskey# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 166ba597c5SAnurag S. Maskey# If applicable, add the following below this CDDL HEADER, with the 176ba597c5SAnurag S. Maskey# fields enclosed by brackets "[]" replaced with your own identifying 186ba597c5SAnurag S. Maskey# information: Portions Copyright [yyyy] [name of copyright owner] 196ba597c5SAnurag S. Maskey# 206ba597c5SAnurag S. Maskey# CDDL HEADER END 216ba597c5SAnurag S. Maskey# 226ba597c5SAnurag S. Maskey# 234a44f0a1SAnurag S. Maskey# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. 246ba597c5SAnurag S. Maskey# 256ba597c5SAnurag S. Maskey 266ba597c5SAnurag S. Maskey. /lib/svc/share/smf_include.sh 276ba597c5SAnurag S. Maskey. /lib/svc/share/net_include.sh 286ba597c5SAnurag S. Maskey 296ba597c5SAnurag S. Maskey# FMRI consts 306ba597c5SAnurag S. MaskeyAUTOFS_FMRI="svc:/system/filesystem/autofs" 316ba597c5SAnurag S. MaskeyDNS_CLIENT_FMRI="svc:/network/dns/client" 326ba597c5SAnurag S. MaskeyIPSEC_IKE_FMRI="svc:/network/ipsec/ike" 336ba597c5SAnurag S. MaskeyIPSEC_POLICY_FMRI="svc:/network/ipsec/policy" 346ba597c5SAnurag S. MaskeyIPFILTER_FMRI="svc:/network/ipfilter:default" 356ba597c5SAnurag S. MaskeyLDAP_CLIENT_FMRI="svc:/network/ldap/client" 366ba597c5SAnurag S. MaskeyLOCATION_FMRI="svc:/network/location:default" 376ba597c5SAnurag S. MaskeyMAPID_FMRI="svc:/network/nfs/mapid:default" 386ba597c5SAnurag S. MaskeyNIS_CLIENT_FMRI="svc:/network/nis/client" 396ba597c5SAnurag S. MaskeyNWAM_FMRI="svc:/network/physical:nwam" 406ba597c5SAnurag S. Maskey 416ba597c5SAnurag S. Maskey# commands 426ba597c5SAnurag S. MaskeyCP=/usr/bin/cp 436ba597c5SAnurag S. MaskeyDHCPINFO=/sbin/dhcpinfo 446ba597c5SAnurag S. MaskeyDOMAINNAME=/usr/bin/domainname 456ba597c5SAnurag S. MaskeyGREP=/usr/bin/grep 466ba597c5SAnurag S. MaskeyLDAPCLIENT=/usr/sbin/ldapclient 476ba597c5SAnurag S. MaskeyMKDIR=/usr/bin/mkdir 486ba597c5SAnurag S. MaskeyMV=/usr/bin/mv 496ba597c5SAnurag S. MaskeyNAWK=/usr/bin/nawk 506ba597c5SAnurag S. MaskeyNWAMADM=/usr/sbin/nwamadm 516ba597c5SAnurag S. MaskeyNWAMCFG=/usr/sbin/nwamcfg 526ba597c5SAnurag S. MaskeyRM=/usr/bin/rm 536ba597c5SAnurag S. MaskeySED=/usr/bin/sed 546ba597c5SAnurag S. MaskeySVCADM=/usr/sbin/svcadm 556ba597c5SAnurag S. MaskeySVCCFG=/usr/sbin/svccfg 566ba597c5SAnurag S. MaskeySVCPROP=/usr/bin/svcprop 576ba597c5SAnurag S. MaskeyTOUCH=/usr/bin/touch 586ba597c5SAnurag S. Maskey 596ba597c5SAnurag S. Maskey# Path to directories 606ba597c5SAnurag S. MaskeyETC_DEFAULT_DOMAIN=/etc/defaultdomain 616ba597c5SAnurag S. MaskeyNIS_BIND_PATH=/var/yp/binding 626ba597c5SAnurag S. MaskeyLEGACY_LOC_PATH=/etc/nwam/loc/Legacy 636ba597c5SAnurag S. MaskeyUSER_LOC_PATH=/etc/nwam/loc/User 646ba597c5SAnurag S. MaskeySCRIPT_PATH=/etc/svc/volatile/nwam 656ba597c5SAnurag S. Maskey 666ba597c5SAnurag S. Maskey# 676ba597c5SAnurag S. Maskey# echoes DHCP controlled interfaces separated by commas 686ba597c5SAnurag S. Maskey# 69*bbf21555SRichard Lowe# Don't parse the output of ifconfig(8) because interfaces that haven't 706ba597c5SAnurag S. Maskey# acquired a DHCP lease also have the DHCP flag set. 716ba597c5SAnurag S. Maskey# 726ba597c5SAnurag S. Maskeyget_dhcp_interfaces () { 736ba597c5SAnurag S. Maskey # 74*bbf21555SRichard Lowe # 1. parse netstat(8) output for v4 interfaces in BOUND 756ba597c5SAnurag S. Maskey # or INFORMATION state 766ba597c5SAnurag S. Maskey # 2. make a space-separated list of interface names 776ba597c5SAnurag S. Maskey # 786ba597c5SAnurag S. Maskey netstat -D -f inet | $NAWK ' 796ba597c5SAnurag S. Maskey $2 ~ /BOUND/ { printf "%s ", $1 } 806ba597c5SAnurag S. Maskey $2 ~ /INFORMATION/ { printf "%s ", $1 }' 816ba597c5SAnurag S. Maskey} 826ba597c5SAnurag S. Maskey 836ba597c5SAnurag S. Maskey# 846ba597c5SAnurag S. Maskey# get_dhcpinfo <code/identifier> 856ba597c5SAnurag S. Maskey# 8603e9aa6dSRenee Danson Sommerfeld# echoes the value received through each interface controlled by DHCP; 8703e9aa6dSRenee Danson Sommerfeld# multiple values are echoed as a space-separated list 8803e9aa6dSRenee Danson Sommerfeld# 896ba597c5SAnurag S. Maskey# returns: 906ba597c5SAnurag S. Maskey# 0 => property is set 916ba597c5SAnurag S. Maskey# 1 => property is not set 926ba597c5SAnurag S. Maskey# 936ba597c5SAnurag S. Maskeyget_dhcpinfo () { 946ba597c5SAnurag S. Maskey code=$1 956ba597c5SAnurag S. Maskey 966ba597c5SAnurag S. Maskey # Get all interfaces with DHCP control, IFS is " " 976ba597c5SAnurag S. Maskey interfaces=`get_dhcp_interfaces` 986ba597c5SAnurag S. Maskey 996ba597c5SAnurag S. Maskey info="" 1006ba597c5SAnurag S. Maskey for intf in $interfaces; do 1016ba597c5SAnurag S. Maskey val=`$DHCPINFO -i $intf $code` 1026ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 1036ba597c5SAnurag S. Maskey if [ "$info" = "" ]; then 1046ba597c5SAnurag S. Maskey info="$val" 1056ba597c5SAnurag S. Maskey else 10603e9aa6dSRenee Danson Sommerfeld info="$info $val" 1076ba597c5SAnurag S. Maskey fi 1086ba597c5SAnurag S. Maskey fi 1096ba597c5SAnurag S. Maskey done 1106ba597c5SAnurag S. Maskey echo $info 1116ba597c5SAnurag S. Maskey} 1126ba597c5SAnurag S. Maskey 1136ba597c5SAnurag S. Maskey# 1146ba597c5SAnurag S. Maskey# set_smf_prop <fmri> <property name> <property value> 1156ba597c5SAnurag S. Maskey# 1166ba597c5SAnurag S. Maskeyset_smf_prop () { 1176ba597c5SAnurag S. Maskey $SVCCFG -s $1 setprop $2 = astring: "$3" && return 1186ba597c5SAnurag S. Maskey} 1196ba597c5SAnurag S. Maskey 1206ba597c5SAnurag S. Maskey# 1216ba597c5SAnurag S. Maskey# refresh_svc <fmri> 1226ba597c5SAnurag S. Maskey# 1236ba597c5SAnurag S. Maskey# Refreshes the service. 1246ba597c5SAnurag S. Maskey# 1256ba597c5SAnurag S. Maskeyrefresh_svc () { 1266ba597c5SAnurag S. Maskey $SVCADM refresh $1 1276ba597c5SAnurag S. Maskey} 1286ba597c5SAnurag S. Maskey 1296ba597c5SAnurag S. Maskey# 1306ba597c5SAnurag S. Maskey# restart_svc <fmri> 1316ba597c5SAnurag S. Maskey# 1326ba597c5SAnurag S. Maskey# Restarts the service. 1336ba597c5SAnurag S. Maskey# 1346ba597c5SAnurag S. Maskeyrestart_svc () { 1356ba597c5SAnurag S. Maskey $SVCADM restart $1 1366ba597c5SAnurag S. Maskey} 1376ba597c5SAnurag S. Maskey 1386ba597c5SAnurag S. Maskey# 1396ba597c5SAnurag S. Maskey# start_svc <fmri> 1406ba597c5SAnurag S. Maskey# 1416ba597c5SAnurag S. Maskey# Starts the service. If the service is already enabled, restarts it. If 1426ba597c5SAnurag S. Maskey# it is not enabled, temporarily enables it. 1436ba597c5SAnurag S. Maskey# 1446ba597c5SAnurag S. Maskeystart_svc () { 1456ba597c5SAnurag S. Maskey if service_is_enabled $1; then 1466ba597c5SAnurag S. Maskey $SVCADM restart $1 1476ba597c5SAnurag S. Maskey else 1486ba597c5SAnurag S. Maskey $SVCADM enable -t $1 1496ba597c5SAnurag S. Maskey fi 1506ba597c5SAnurag S. Maskey} 1516ba597c5SAnurag S. Maskey 1526ba597c5SAnurag S. Maskey# 1536ba597c5SAnurag S. Maskey# stop_svc <fmri> 1546ba597c5SAnurag S. Maskey# 1556ba597c5SAnurag S. Maskey# Temporarily disables the service. 1566ba597c5SAnurag S. Maskey# 1576ba597c5SAnurag S. Maskeystop_svc () { 1586ba597c5SAnurag S. Maskey $SVCADM disable -t $1 1596ba597c5SAnurag S. Maskey} 1606ba597c5SAnurag S. Maskey 1616ba597c5SAnurag S. Maskey# 1626ba597c5SAnurag S. Maskey# copy_default <dir> <file> 1636ba597c5SAnurag S. Maskey# 1646ba597c5SAnurag S. Maskey# Copies <dir>/<file>.dfl to <dir>/<file> 1656ba597c5SAnurag S. Maskey# 1666ba597c5SAnurag S. Maskeycopy_default () { 1676ba597c5SAnurag S. Maskey $CP -p $1/$2.dfl $1/$2 1686ba597c5SAnurag S. Maskey} 1696ba597c5SAnurag S. Maskey 1706ba597c5SAnurag S. Maskey# 1716ba597c5SAnurag S. Maskey# do_dns <location> 1726ba597c5SAnurag S. Maskey# 1736ba597c5SAnurag S. Maskey# Installs DNS information on /etc/resolv.conf for location 1746ba597c5SAnurag S. Maskey# 17503e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 17603e9aa6dSRenee Danson Sommerfeld# 1776ba597c5SAnurag S. Maskeydo_dns () { 1786ba597c5SAnurag S. Maskey loc=$1 1796ba597c5SAnurag S. Maskey file=/etc/resolv.conf 1806ba597c5SAnurag S. Maskey 1816ba597c5SAnurag S. Maskey # Write out to temporary file first 1826ba597c5SAnurag S. Maskey $TOUCH $file.$$ 1836ba597c5SAnurag S. Maskey 18403e9aa6dSRenee Danson Sommerfeld DNS_CONFIGSRC=`nwam_get_loc_list_prop $loc dns-nameservice-configsrc` 185ad559becSAnurag S. Maskey if [ -z "$DNS_CONFIGSRC" ]; then 186ad559becSAnurag S. Maskey echo "missing 'dns-nameservice-configsrc' property for '$loc'" 18703e9aa6dSRenee Danson Sommerfeld return 1 188ad559becSAnurag S. Maskey fi 189ad559becSAnurag S. Maskey 1906ba597c5SAnurag S. Maskey for configsrc in $DNS_CONFIGSRC; do 1916ba597c5SAnurag S. Maskey case "$configsrc" in 1926ba597c5SAnurag S. Maskey 'manual') 19303e9aa6dSRenee Danson Sommerfeld DNS_SERVERS=`nwam_get_loc_list_prop $loc \ 19403e9aa6dSRenee Danson Sommerfeld dns-nameservice-servers` 19503e9aa6dSRenee Danson Sommerfeld if [ -z "$DNS_SERVERS" ]; then 19603e9aa6dSRenee Danson Sommerfeld echo "DNS nameserver not set for '$loc'" 19703e9aa6dSRenee Danson Sommerfeld return 1 19803e9aa6dSRenee Danson Sommerfeld fi 1996ba597c5SAnurag S. Maskey DNS_DOMAIN=`nwam_get_loc_prop $loc \ 2006ba597c5SAnurag S. Maskey dns-nameservice-domain` 20103e9aa6dSRenee Danson Sommerfeld DNS_SEARCH=`nwam_get_loc_list_prop $loc \ 2026ba597c5SAnurag S. Maskey dns-nameservice-search` 2036ba597c5SAnurag S. Maskey ;; 2046ba597c5SAnurag S. Maskey 'dhcp') 205276043a4SHans Rosenfeld DNS_SEARCH=`get_dhcpinfo DNSdmain` 2066ba597c5SAnurag S. Maskey DNS_SERVERS=`get_dhcpinfo DNSserv` 207276043a4SHans Rosenfeld # Use first search list entry as default domain 208276043a4SHans Rosenfeld set -- $DNS_SEARCH 209276043a4SHans Rosenfeld DNS_DOMAIN=$1 2106ba597c5SAnurag S. Maskey ;; 2116ba597c5SAnurag S. Maskey '*') 2126ba597c5SAnurag S. Maskey echo "Unrecognized DNS configsrc ${configsrc}; ignoring" 2136ba597c5SAnurag S. Maskey ;; 2146ba597c5SAnurag S. Maskey esac 2156ba597c5SAnurag S. Maskey 2166ba597c5SAnurag S. Maskey # Write DNS settings 2176ba597c5SAnurag S. Maskey if [ -n "$DNS_DOMAIN" ]; then 2186ba597c5SAnurag S. Maskey echo "$DNS_DOMAIN" | $NAWK \ 21903e9aa6dSRenee Danson Sommerfeld '{ for (i = 1; i <= NF; i++) \ 2206ba597c5SAnurag S. Maskey print "domain ", $i }' >> $file.$$ 2216ba597c5SAnurag S. Maskey fi 2226ba597c5SAnurag S. Maskey if [ -n "$DNS_SEARCH" ]; then 2236ba597c5SAnurag S. Maskey echo "$DNS_SEARCH" | $NAWK \ 22403e9aa6dSRenee Danson Sommerfeld '{ printf("search"); \ 2256ba597c5SAnurag S. Maskey for (i = 1; i <= NF; i++) printf(" %s", $i); \ 2266ba597c5SAnurag S. Maskey printf("\n") }' >> $file.$$ 2276ba597c5SAnurag S. Maskey fi 2286ba597c5SAnurag S. Maskey if [ -n "$DNS_SERVERS" ]; then 2296ba597c5SAnurag S. Maskey echo "$DNS_SERVERS" | $NAWK \ 23003e9aa6dSRenee Danson Sommerfeld '{ for (i = 1; i <= NF; i++) \ 2316ba597c5SAnurag S. Maskey print "nameserver ", $i }' >> $file.$$ 2326ba597c5SAnurag S. Maskey fi 233ad559becSAnurag S. Maskey done 234ad559becSAnurag S. Maskey 2356ba597c5SAnurag S. Maskey # Finally, copy our working version to the real thing 2366ba597c5SAnurag S. Maskey $MV -f $file.$$ $file 2376ba597c5SAnurag S. Maskey start_svc $DNS_CLIENT_FMRI 23803e9aa6dSRenee Danson Sommerfeld 23903e9aa6dSRenee Danson Sommerfeld return 0 2406ba597c5SAnurag S. Maskey} 2416ba597c5SAnurag S. Maskey 2426ba597c5SAnurag S. Maskey# 2436ba597c5SAnurag S. Maskey# do_nis <location> 2446ba597c5SAnurag S. Maskey# 2456ba597c5SAnurag S. Maskey# Installs NIS information on /var/yp/binding/ for location 2466ba597c5SAnurag S. Maskey# 24703e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 24803e9aa6dSRenee Danson Sommerfeld# 2496ba597c5SAnurag S. Maskeydo_nis () { 2506ba597c5SAnurag S. Maskey loc=$1 2516ba597c5SAnurag S. Maskey 25203e9aa6dSRenee Danson Sommerfeld NIS_CONFIGSRC=`nwam_get_loc_list_prop $loc nis-nameservice-configsrc` 253ad559becSAnurag S. Maskey if [ -z "$NIS_CONFIGSRC" ]; then 254ad559becSAnurag S. Maskey echo "missing 'nis-nameservice-configsrc' property for '$loc'" 25503e9aa6dSRenee Danson Sommerfeld return 1 256ad559becSAnurag S. Maskey fi 257ad559becSAnurag S. Maskey 2586ba597c5SAnurag S. Maskey for configsrc in $NIS_CONFIGSRC; do 2596ba597c5SAnurag S. Maskey case "$configsrc" in 2606ba597c5SAnurag S. Maskey 'manual') 26103e9aa6dSRenee Danson Sommerfeld NIS_SERVERS=`nwam_get_loc_list_prop $loc \ 2626ba597c5SAnurag S. Maskey nis-nameservice-servers` 2636ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 2646ba597c5SAnurag S. Maskey # user-specified default-domain always wins 265ad559becSAnurag S. Maskey if [ -n "$DEFAULT_DOMAIN" ]; then 266ad559becSAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 267ad559becSAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 26803e9aa6dSRenee Danson Sommerfeld else 26903e9aa6dSRenee Danson Sommerfeld echo "'domainname' not set for '$loc'" 27003e9aa6dSRenee Danson Sommerfeld return 1 271ad559becSAnurag S. Maskey fi 2726ba597c5SAnurag S. Maskey ;; 2736ba597c5SAnurag S. Maskey 'dhcp') 2746ba597c5SAnurag S. Maskey # Use only the first name 2756ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`get_dhcpinfo NISdmain | \ 27603e9aa6dSRenee Danson Sommerfeld $NAWK '{ print $1 }'` 2776ba597c5SAnurag S. Maskey NIS_SERVERS=`get_dhcpinfo NISservs` 2788f605d57SRenee Danson Sommerfeld $DOMAINNAME $DEFAULT_DOMAIN 2798f605d57SRenee Danson Sommerfeld $DOMAINNAME > $ETC_DEFAULT_DOMAIN 2806ba597c5SAnurag S. Maskey ;; 2816ba597c5SAnurag S. Maskey '*') 2826ba597c5SAnurag S. Maskey echo "Unrecognized NIS configsrc ${configsrc}; ignoring" 2836ba597c5SAnurag S. Maskey ;; 2846ba597c5SAnurag S. Maskey esac 2856ba597c5SAnurag S. Maskey 2866ba597c5SAnurag S. Maskey # Place NIS settings in appropriate directory/file. 2876ba597c5SAnurag S. Maskey if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then 2886ba597c5SAnurag S. Maskey $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN 2896ba597c5SAnurag S. Maskey fi 2906ba597c5SAnurag S. Maskey if [ -n "$NIS_SERVERS" ]; then 2916ba597c5SAnurag S. Maskey echo "$NIS_SERVERS" | $NAWK \ 29203e9aa6dSRenee Danson Sommerfeld '{ for (i = 1; i <= NF; i++) print $i }' \ 2936ba597c5SAnurag S. Maskey > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers 2946ba597c5SAnurag S. Maskey fi 2956ba597c5SAnurag S. Maskey done 29603e9aa6dSRenee Danson Sommerfeld 2976ba597c5SAnurag S. Maskey start_svc $NIS_CLIENT_FMRI 29803e9aa6dSRenee Danson Sommerfeld 29903e9aa6dSRenee Danson Sommerfeld return 0 3006ba597c5SAnurag S. Maskey} 3016ba597c5SAnurag S. Maskey 3026ba597c5SAnurag S. Maskey# 3036ba597c5SAnurag S. Maskey# do_ldap <location> 3046ba597c5SAnurag S. Maskey# 305*bbf21555SRichard Lowe# Installs LDAP information using ldapclient(8) for location 3066ba597c5SAnurag S. Maskey# 30703e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 30803e9aa6dSRenee Danson Sommerfeld# 3096ba597c5SAnurag S. Maskeydo_ldap () { 3106ba597c5SAnurag S. Maskey loc=$1 3116ba597c5SAnurag S. Maskey 31203e9aa6dSRenee Danson Sommerfeld LDAP_CONFIGSRC=`nwam_get_loc_list_prop $loc ldap-nameservice-configsrc` 313ad559becSAnurag S. Maskey if [ -z "$LDAP_CONFIGSRC" ]; then 314ad559becSAnurag S. Maskey echo "missing 'ldap-nameservice-configsrc' property for '$loc'" 31503e9aa6dSRenee Danson Sommerfeld return 1 316ad559becSAnurag S. Maskey fi 317ad559becSAnurag S. Maskey 3186ba597c5SAnurag S. Maskey for configsrc in $LDAP_CONFIGSRC; do 3196ba597c5SAnurag S. Maskey case "$configsrc" in 3206ba597c5SAnurag S. Maskey 'manual') 32103e9aa6dSRenee Danson Sommerfeld LDAP_SERVERS=`nwam_get_loc_list_prop $loc \ 3226ba597c5SAnurag S. Maskey ldap-nameservice-servers` 3236ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 32403e9aa6dSRenee Danson Sommerfeld if [ -z $LDAP_SERVERS -o -z $DEFAULT_DOMAIN ]; then 32503e9aa6dSRenee Danson Sommerfeld echo "LDAP configuration could not be set "\ 32603e9aa6dSRenee Danson Sommerfeld "for '$loc'" 32703e9aa6dSRenee Danson Sommerfeld return 1 32803e9aa6dSRenee Danson Sommerfeld fi 3296ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 3306ba597c5SAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 3316ba597c5SAnurag S. Maskey ;; 3326ba597c5SAnurag S. Maskey '*') 33303e9aa6dSRenee Danson Sommerfeld echo "Invalid LDAP configsrc ${configsrc}; ignoring" 3346ba597c5SAnurag S. Maskey ;; 3356ba597c5SAnurag S. Maskey esac 3366ba597c5SAnurag S. Maskey 337*bbf21555SRichard Lowe # Use ldapclient(8) to initialize LDAP client settings. 3386ba597c5SAnurag S. Maskey if [ -n "$DEFAULT_DOMAIN" -o -n "$LDAP_SERVERS" ]; then 3396ba597c5SAnurag S. Maskey $LDAPCLIENT init -a domainName=$DEFAULT_DOMAIN \ 3406ba597c5SAnurag S. Maskey $LDAP_SERVERS 3416ba597c5SAnurag S. Maskey fi 3426ba597c5SAnurag S. Maskey done 34303e9aa6dSRenee Danson Sommerfeld 3446ba597c5SAnurag S. Maskey start_svc $LDAP_CLIENT_FMRI 34503e9aa6dSRenee Danson Sommerfeld 34603e9aa6dSRenee Danson Sommerfeld return 0 3476ba597c5SAnurag S. Maskey} 3486ba597c5SAnurag S. Maskey 3496ba597c5SAnurag S. Maskey# 3506ba597c5SAnurag S. Maskey# do_ns <location> 3516ba597c5SAnurag S. Maskey# 3526ba597c5SAnurag S. Maskey# Installs different nameservices for location 3536ba597c5SAnurag S. Maskey# 35403e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 35503e9aa6dSRenee Danson Sommerfeld# 3566ba597c5SAnurag S. Maskeydo_ns () { 3576ba597c5SAnurag S. Maskey loc=$1 3586ba597c5SAnurag S. Maskey 3596ba597c5SAnurag S. Maskey # 3606ba597c5SAnurag S. Maskey # Disable nameservices temporarily while we reconfigure. Copy 3616ba597c5SAnurag S. Maskey # /etc/nsswitch.files to /etc/nsswitch.conf first so that only "files" 3626ba597c5SAnurag S. Maskey # are used. 3636ba597c5SAnurag S. Maskey # 3646ba597c5SAnurag S. Maskey $CP -p /etc/nsswitch.files /etc/nsswitch.conf 3656ba597c5SAnurag S. Maskey stop_svc $DNS_CLIENT_FMRI 3666ba597c5SAnurag S. Maskey stop_svc $NIS_CLIENT_FMRI 3676ba597c5SAnurag S. Maskey stop_svc $LDAP_CLIENT_FMRI 3686ba597c5SAnurag S. Maskey 3696ba597c5SAnurag S. Maskey # 370*bbf21555SRichard Lowe # Remove /etc/defaultdomain and unset domainname(8). If NIS 3716ba597c5SAnurag S. Maskey # and/or LDAP is configured, they will create /etc/defaultdomain 372*bbf21555SRichard Lowe # and set the domainname(8). 3736ba597c5SAnurag S. Maskey # 3746ba597c5SAnurag S. Maskey $RM -f $ETC_DEFAULT_DOMAIN 3756ba597c5SAnurag S. Maskey $DOMAINNAME " " 3766ba597c5SAnurag S. Maskey 37703e9aa6dSRenee Danson Sommerfeld NAMESERVICES=`nwam_get_loc_list_prop $loc nameservices` 378ad559becSAnurag S. Maskey if [ -z "$NAMESERVICES" ]; then 379ad559becSAnurag S. Maskey echo "missing 'nameservices' property for location '$loc'" 38003e9aa6dSRenee Danson Sommerfeld return 1 381ad559becSAnurag S. Maskey fi 3826ba597c5SAnurag S. Maskey 383ad559becSAnurag S. Maskey NAMESERVICES_CONFIG_FILE=`nwam_get_loc_prop \ 384ad559becSAnurag S. Maskey $loc nameservices-config-file` 385ad559becSAnurag S. Maskey if [ -z "$NAMESERVICES_CONFIG_FILE" ]; then 386ad559becSAnurag S. Maskey echo "missing 'nameservices-config-file' property for '$loc'" 38703e9aa6dSRenee Danson Sommerfeld return 1 3886ba597c5SAnurag S. Maskey fi 389ad559becSAnurag S. Maskey $CP -p $NAMESERVICES_CONFIG_FILE /etc/nsswitch.conf 3906ba597c5SAnurag S. Maskey 3916ba597c5SAnurag S. Maskey for ns in $NAMESERVICES; do 3926ba597c5SAnurag S. Maskey case "$ns" in 3936ba597c5SAnurag S. Maskey 'files') 3946ba597c5SAnurag S. Maskey # no additional setup needed for files nameservice 3956ba597c5SAnurag S. Maskey ;; 3966ba597c5SAnurag S. Maskey 'dns') 39703e9aa6dSRenee Danson Sommerfeld do_dns $loc || return 1 3986ba597c5SAnurag S. Maskey ;; 3996ba597c5SAnurag S. Maskey 'nis') 40003e9aa6dSRenee Danson Sommerfeld do_nis $loc || return 1 4016ba597c5SAnurag S. Maskey ;; 4026ba597c5SAnurag S. Maskey 'ldap') 40303e9aa6dSRenee Danson Sommerfeld do_ldap $loc || return 1 4046ba597c5SAnurag S. Maskey ;; 4056ba597c5SAnurag S. Maskey '*') 4066ba597c5SAnurag S. Maskey echo "Unrecognized nameservices value ${ns}; ignoring" 4076ba597c5SAnurag S. Maskey ;; 4086ba597c5SAnurag S. Maskey esac 4096ba597c5SAnurag S. Maskey done 4106ba597c5SAnurag S. Maskey 4116ba597c5SAnurag S. Maskey # 4126ba597c5SAnurag S. Maskey # Restart other related services 4136ba597c5SAnurag S. Maskey # 4146ba597c5SAnurag S. Maskey # We explicitly restart here, as restart will only have an 4156ba597c5SAnurag S. Maskey # effect if the service is already enabled. We don't want 4166ba597c5SAnurag S. Maskey # to enable the service if it's currently disabled. 4176ba597c5SAnurag S. Maskey # 4186ba597c5SAnurag S. Maskey restart_svc $AUTOFS_FMRI 41903e9aa6dSRenee Danson Sommerfeld 42003e9aa6dSRenee Danson Sommerfeld return 0 4216ba597c5SAnurag S. Maskey} 4226ba597c5SAnurag S. Maskey 4236ba597c5SAnurag S. Maskey# 4246ba597c5SAnurag S. Maskey# do_sec <location> 4256ba597c5SAnurag S. Maskey# 4266ba597c5SAnurag S. Maskey# If config properties are set, update the SMF property and refresh the 4276ba597c5SAnurag S. Maskey# service. If config properties are not set, delete the SMF property and 4286ba597c5SAnurag S. Maskey# stop the service. 4296ba597c5SAnurag S. Maskey# 43003e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 43103e9aa6dSRenee Danson Sommerfeld# 4326ba597c5SAnurag S. Maskeydo_sec () { 4336ba597c5SAnurag S. Maskey loc=$1 4346ba597c5SAnurag S. Maskey 4356ba597c5SAnurag S. Maskey ike_file=`nwam_get_loc_prop $loc ike-config-file` 4366ba597c5SAnurag S. Maskey pol_file=`nwam_get_loc_prop $loc ipsecpolicy-config-file` 4376ba597c5SAnurag S. Maskey ipf_file=`nwam_get_loc_prop $loc ipfilter-config-file` 4386ba597c5SAnurag S. Maskey ipf6_file=`nwam_get_loc_prop $loc ipfilter-v6-config-file` 4396ba597c5SAnurag S. Maskey ipnat_file=`nwam_get_loc_prop $loc ipnat-config-file` 4406ba597c5SAnurag S. Maskey ippool_file=`nwam_get_loc_prop $loc ippool-config-file` 4416ba597c5SAnurag S. Maskey 4426ba597c5SAnurag S. Maskey # IKE 4436ba597c5SAnurag S. Maskey if [ -n "$ike_file" ]; then 4446ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file $ike_file 4456ba597c5SAnurag S. Maskey refresh_svc $IPSEC_IKE_FMRI 4466ba597c5SAnurag S. Maskey start_svc $IPSEC_IKE_FMRI 4476ba597c5SAnurag S. Maskey else 4486ba597c5SAnurag S. Maskey stop_svc $IPSEC_IKE_FMRI 4496ba597c5SAnurag S. Maskey fi 4506ba597c5SAnurag S. Maskey 4516ba597c5SAnurag S. Maskey # IPsec 4526ba597c5SAnurag S. Maskey if [ -n "$pol_file" ]; then 4536ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file 4546ba597c5SAnurag S. Maskey refresh_svc $IPSEC_POLICY_FMRI 4556ba597c5SAnurag S. Maskey start_svc $IPSEC_POLICY_FMRI 4566ba597c5SAnurag S. Maskey else 4576ba597c5SAnurag S. Maskey stop_svc $IPSEC_POLICY_FMRI 4586ba597c5SAnurag S. Maskey fi 4596ba597c5SAnurag S. Maskey 4606ba597c5SAnurag S. Maskey # IPFilter 4616ba597c5SAnurag S. Maskey refresh_ipf=false 4626ba597c5SAnurag S. Maskey if [ -n "$ipf_file" ]; then 4636ba597c5SAnurag S. Maskey if [ "$ipf_file" = "/none" ]; then 4646ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4656ba597c5SAnurag S. Maskey firewall_config_default/policy "none" 4666ba597c5SAnurag S. Maskey elif [ "$ipf_file" = "/deny" ]; then 4676ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4686ba597c5SAnurag S. Maskey firewall_config_default/policy "deny" 4696ba597c5SAnurag S. Maskey elif [ "$ipf_file" = "/allow" ]; then 4706ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4716ba597c5SAnurag S. Maskey firewall_config_default/policy "allow" 4726ba597c5SAnurag S. Maskey else 4736ba597c5SAnurag S. Maskey # custom policy with policy file 4746ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4756ba597c5SAnurag S. Maskey firewall_config_default/policy "custom" 4766ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4776ba597c5SAnurag S. Maskey firewall_config_default/custom_policy_file $ipf_file 4786ba597c5SAnurag S. Maskey fi 4796ba597c5SAnurag S. Maskey refresh_ipf=true 4806ba597c5SAnurag S. Maskey else 4816ba597c5SAnurag S. Maskey # change policy to "none", no need to clear custom_policy_file 4826ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI firewall_config_default/policy \ 4836ba597c5SAnurag S. Maskey "none" 4846ba597c5SAnurag S. Maskey # IPFilter has to be refreshed to make the changes effective. 4856ba597c5SAnurag S. Maskey # Don't set $refresh_ipf as it keeps IPFilter online rather 4866ba597c5SAnurag S. Maskey # than disabled. Refresh after IPFilter is disabled below. 4876ba597c5SAnurag S. Maskey fi 4886ba597c5SAnurag S. Maskey if [ -n "$ipf6_file" ]; then 4896ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file 4906ba597c5SAnurag S. Maskey refresh_ipf=true 4916ba597c5SAnurag S. Maskey fi 4926ba597c5SAnurag S. Maskey if [ -n "$ipnat_file" ]; then 4936ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file $ipnat_file 4946ba597c5SAnurag S. Maskey refresh_ipf=true 4956ba597c5SAnurag S. Maskey fi 4966ba597c5SAnurag S. Maskey if [ -n "$ippool_file" ]; then 4976ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 4986ba597c5SAnurag S. Maskey $ippool_file 4996ba597c5SAnurag S. Maskey refresh_ipf=true 5006ba597c5SAnurag S. Maskey fi 5016ba597c5SAnurag S. Maskey 5026ba597c5SAnurag S. Maskey if [ "$refresh_ipf" = "true" ]; then 5036ba597c5SAnurag S. Maskey refresh_svc $IPFILTER_FMRI 5046ba597c5SAnurag S. Maskey start_svc $IPFILTER_FMRI 5056ba597c5SAnurag S. Maskey else 5066ba597c5SAnurag S. Maskey stop_svc $IPFILTER_FMRI 5076ba597c5SAnurag S. Maskey refresh_svc $IPFILTER_FMRI 5086ba597c5SAnurag S. Maskey fi 50903e9aa6dSRenee Danson Sommerfeld 51003e9aa6dSRenee Danson Sommerfeld return 0 5116ba597c5SAnurag S. Maskey} 5126ba597c5SAnurag S. Maskey 5136ba597c5SAnurag S. Maskey# 5146ba597c5SAnurag S. Maskey# do_nfsv4 <location> 5156ba597c5SAnurag S. Maskey# 516dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States# Updates NFSv4 domain for location in SMF 5176ba597c5SAnurag S. Maskey# 51803e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 51903e9aa6dSRenee Danson Sommerfeld# 5206ba597c5SAnurag S. Maskeydo_nfsv4 () { 5216ba597c5SAnurag S. Maskey loc=$1 5226ba597c5SAnurag S. Maskey 5236ba597c5SAnurag S. Maskey nfsv4domain=`nwam_get_loc_prop $loc nfsv4-domain` 5246ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 525dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States set_smf_prop $MAPID_FMRI \ 526dd51520eSPavan Mettu - Oracle Corporation - Menlo Park United States nfs-props/nfsmapid_domain $nfsv4domain 5276ba597c5SAnurag S. Maskey start_svc $MAPID_FMRI 5286ba597c5SAnurag S. Maskey else 5296ba597c5SAnurag S. Maskey stop_svc $MAPID_FMRI 5306ba597c5SAnurag S. Maskey fi 53103e9aa6dSRenee Danson Sommerfeld 53203e9aa6dSRenee Danson Sommerfeld return 0 5336ba597c5SAnurag S. Maskey} 5346ba597c5SAnurag S. Maskey 5356ba597c5SAnurag S. Maskey# 5366ba597c5SAnurag S. Maskey# activate_loc <location> 5376ba597c5SAnurag S. Maskey# 5386ba597c5SAnurag S. Maskey# Activates the given location 5396ba597c5SAnurag S. Maskey# 54003e9aa6dSRenee Danson Sommerfeld# Returns 0 on success, 1 on failure 54103e9aa6dSRenee Danson Sommerfeld# 5426ba597c5SAnurag S. Maskeyactivate_loc () { 5436ba597c5SAnurag S. Maskey loc=$1 5446ba597c5SAnurag S. Maskey 5456ba597c5SAnurag S. Maskey echo activating $loc location 5466ba597c5SAnurag S. Maskey 54703e9aa6dSRenee Danson Sommerfeld # 54803e9aa6dSRenee Danson Sommerfeld # if we fail to complete any part of the config, 54903e9aa6dSRenee Danson Sommerfeld # stop activation work and report failure. 55003e9aa6dSRenee Danson Sommerfeld # 55103e9aa6dSRenee Danson Sommerfeld do_sec $loc && do_ns $loc && do_nfsv4 $loc && return 0 55203e9aa6dSRenee Danson Sommerfeld return 1 5536ba597c5SAnurag S. Maskey} 5546ba597c5SAnurag S. Maskey 5556ba597c5SAnurag S. Maskey# 5566ba597c5SAnurag S. Maskey# Script entry point 5576ba597c5SAnurag S. Maskey# 5586ba597c5SAnurag S. Maskey# Arguments to net-loc are 5596ba597c5SAnurag S. Maskey# method ('start' or 'refresh') 5606ba597c5SAnurag S. Maskey 5616ba597c5SAnurag S. Maskey# 5626ba597c5SAnurag S. Maskey# If nwam is not enabled, do nothing and return OK. 5636ba597c5SAnurag S. Maskey# 5646ba597c5SAnurag S. Maskeyservice_is_enabled $NWAM_FMRI || exit $SMF_EXIT_OK 5656ba597c5SAnurag S. Maskey 5666ba597c5SAnurag S. Maskey# 5676ba597c5SAnurag S. Maskey# In a shared-IP zone we need this service to be up, but all of the work 5686ba597c5SAnurag S. Maskey# it tries to do is irrelevant (and will actually lead to the service 5696ba597c5SAnurag S. Maskey# failing if we try to do it), so just bail out. 5706ba597c5SAnurag S. Maskey# In the global zone and exclusive-IP zones we proceed. 5716ba597c5SAnurag S. Maskey# 5726ba597c5SAnurag S. Maskeysmf_configure_ip || exit $SMF_EXIT_OK 5736ba597c5SAnurag S. Maskey 5746ba597c5SAnurag S. Maskeycase "$1" in 5756ba597c5SAnurag S. Maskey 5766ba597c5SAnurag S. Maskey'start') 5776ba597c5SAnurag S. Maskey # 5786ba597c5SAnurag S. Maskey # We need to create the default (NoNet and Automatic) 5796ba597c5SAnurag S. Maskey # locations, if they don't already exist. So: first check 5806ba597c5SAnurag S. Maskey # for the existence of each, and then run the appropriate 5816ba597c5SAnurag S. Maskey # nwamcfg script(s) as needed. Restart nwamd if a location is 5826ba597c5SAnurag S. Maskey # created, as it needs to read it in. 5836ba597c5SAnurag S. Maskey # 5846ba597c5SAnurag S. Maskey LOC_CREATED="false" 5856ba597c5SAnurag S. Maskey $NWAMCFG list loc Automatic >/dev/null 2>&1 5866ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 5876ba597c5SAnurag S. Maskey $NWAMCFG -f /etc/nwam/loc/create_loc_auto 5886ba597c5SAnurag S. Maskey LOC_CREATED="true" 5896ba597c5SAnurag S. Maskey fi 5906ba597c5SAnurag S. Maskey 5916ba597c5SAnurag S. Maskey $NWAMCFG list loc NoNet >/dev/null 2>&1 5926ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 5936ba597c5SAnurag S. Maskey NONETPATH=/etc/nwam/loc/NoNet 5946ba597c5SAnurag S. Maskey NONETFILES="ipf.conf ipf6.conf" 5956ba597c5SAnurag S. Maskey for file in $NONETFILES; do 5966ba597c5SAnurag S. Maskey copy_default $NONETPATH $file 5976ba597c5SAnurag S. Maskey done 5986ba597c5SAnurag S. Maskey $NWAMCFG -f /etc/nwam/loc/create_loc_nonet 5996ba597c5SAnurag S. Maskey LOC_CREATED="true" 6006ba597c5SAnurag S. Maskey fi 6016ba597c5SAnurag S. Maskey 6026ba597c5SAnurag S. Maskey if [ "$LOC_CREATED" = "true" ]; then 6036ba597c5SAnurag S. Maskey refresh_svc $NWAM_FMRI 6046ba597c5SAnurag S. Maskey fi 6056ba597c5SAnurag S. Maskey 6066ba597c5SAnurag S. Maskey # location selection/activation happens below 6076ba597c5SAnurag S. Maskey ;; 6086ba597c5SAnurag S. Maskey 6096ba597c5SAnurag S. Maskey'refresh') 6106ba597c5SAnurag S. Maskey 6116ba597c5SAnurag S. Maskey # location selection/activation happens below 6126ba597c5SAnurag S. Maskey ;; 6136ba597c5SAnurag S. Maskey 6146ba597c5SAnurag S. Maskey*) 6156ba597c5SAnurag S. Maskey echo "Usage: $0 start|refresh" 6166ba597c5SAnurag S. Maskey exit 1 6176ba597c5SAnurag S. Maskey ;; 6186ba597c5SAnurag S. Maskey 6196ba597c5SAnurag S. Maskeyesac 6206ba597c5SAnurag S. Maskey 6216ba597c5SAnurag S. Maskey# 6226ba597c5SAnurag S. Maskey# If the Legacy location doesn't exist and the file to create the Legacy 6236ba597c5SAnurag S. Maskey# location exists, create the Legacy location. Make a copy of it as the user's 6246ba597c5SAnurag S. Maskey# intentions before upgrade. Then activate the User location if nis is 6256ba597c5SAnurag S. Maskey# involved. Because NIS affects more parts of the system (e.g. automounts) we 6266ba597c5SAnurag S. Maskey# are not willing to make NIS part of the Automatic location (i.e. enable it 6276ba597c5SAnurag S. Maskey# automatically based on external input) as we do with DHCP-driven DNS. 6286ba597c5SAnurag S. Maskey# 6296ba597c5SAnurag S. Maskeyactivate_user_loc=0 6306ba597c5SAnurag S. Maskey$NWAMCFG list loc Legacy >/dev/null 2>&1 6316ba597c5SAnurag S. Maskeyif [ $? -eq 1 -a -f "$SCRIPT_PATH/create_loc_legacy" ]; then 6326ba597c5SAnurag S. Maskey # 6336ba597c5SAnurag S. Maskey # We built the script in and pointing to /etc/svc/volatile because we 6346ba597c5SAnurag S. Maskey # may not have a writable filesystem in net-nwam. So here we move the 6356ba597c5SAnurag S. Maskey # components and rewrite the script to point at the writable filesystem. 6366ba597c5SAnurag S. Maskey # 6374491554aSAnurag S. Maskey $CP -r $SCRIPT_PATH/Legacy /etc/nwam/loc 6386ba597c5SAnurag S. Maskey $MV $SCRIPT_PATH/create_loc_legacy $SCRIPT_PATH/vcreate_loc_legacy 6394491554aSAnurag S. Maskey $SED -e's,$SCRIPT_PATH/Legacy,$LEGACY_LOC_PATH,' \ 6406ba597c5SAnurag S. Maskey $SCRIPT_PATH/vcreate_loc_legacy >$SCRIPT_PATH/create_loc_legacy 6414491554aSAnurag S. Maskey $RM -f $SCRIPT_PATH/vcreate_loc_legacy 6426ba597c5SAnurag S. Maskey $NWAMCFG -f $SCRIPT_PATH/create_loc_legacy 6436ba597c5SAnurag S. Maskey loc_ver=`$SVCPROP -c -p location_upgrade/version $LOCATION_FMRI \ 6446ba597c5SAnurag S. Maskey 2>/dev/null` 6456ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 6466ba597c5SAnurag S. Maskey # 6476ba597c5SAnurag S. Maskey # We are rewriting configuration variables from the Legacy 6486ba597c5SAnurag S. Maskey # location to the User location. Use variable ULP to keep REs 6496ba597c5SAnurag S. Maskey # within a line. 6506ba597c5SAnurag S. Maskey # 6516ba597c5SAnurag S. Maskey ULP=$USER_LOC_PATH 6526ba597c5SAnurag S. Maskey $SED -e's,Legacy,User,' \ 6536ba597c5SAnurag S. Maskey -e's,activation-mode=system,activation-mode=manual,' \ 6546ba597c5SAnurag S. Maskey -e"s,\(ipfilter-config-file=\).*/\(.*\),\1$ULP/\2," \ 6556ba597c5SAnurag S. Maskey -e"s,\(ipfilter-v6-config-file=\).*/\(.*\),\1$ULP/\2," \ 6566ba597c5SAnurag S. Maskey -e"s,\(ipnat-config-file=\).*/\(.*\),\1$ULP/\2," \ 6576ba597c5SAnurag S. Maskey -e"s,\(ippool-config-file=\).*/\(.*\),\1$ULP/\2," \ 6586ba597c5SAnurag S. Maskey -e"s,\(ike-config-file=\).*/\(.*\),\1$ULP/\2," \ 6596ba597c5SAnurag S. Maskey -e"s,\(ipsecpolicy-config-file=\).*/\(.*\),\1$ULP/\2," \ 6606ba597c5SAnurag S. Maskey $SCRIPT_PATH/create_loc_legacy | \ 6616ba597c5SAnurag S. Maskey $SED -e's,/etc/nwam/loc/User/none,/none,' \ 6626ba597c5SAnurag S. Maskey -e's,/etc/nwam/loc/User/allow,/allow,' \ 6636ba597c5SAnurag S. Maskey -e's,/etc/nwam/loc/User/deny,/deny,' \ 6646ba597c5SAnurag S. Maskey >$SCRIPT_PATH/create_loc_user 6656ba597c5SAnurag S. Maskey # 6666ba597c5SAnurag S. Maskey # We are creating the User location here. The User location 6676ba597c5SAnurag S. Maskey # is an appromixation of the machine configuration when the 6686ba597c5SAnurag S. Maskey # user change or upgraded to this version of NWAM. First 6696ba597c5SAnurag S. Maskey # we make sure there isn't an existing User location or any 6706ba597c5SAnurag S. Maskey # existing User location data. We then copy all the data 6716ba597c5SAnurag S. Maskey # from the Legacy location and create a location pointing at 6726ba597c5SAnurag S. Maskey # that data. Lastly we create a version property to note 6736ba597c5SAnurag S. Maskey # that we have done this. 6746ba597c5SAnurag S. Maskey # 6756ba597c5SAnurag S. Maskey $NWAMCFG destroy loc User 2>/dev/null 6766ba597c5SAnurag S. Maskey $RM -rf $USER_LOC_PATH 6776ba597c5SAnurag S. Maskey $CP -r $LEGACY_LOC_PATH $USER_LOC_PATH 6786ba597c5SAnurag S. Maskey $RM -f $USER_LOC_PATH/resolv.conf 6796ba597c5SAnurag S. Maskey $NWAMCFG -f $SCRIPT_PATH/create_loc_user 6806ba597c5SAnurag S. Maskey # The User location is activated if 'nis' is in a non comment 6816ba597c5SAnurag S. Maskey # line of nsswitch.conf. 6826ba597c5SAnurag S. Maskey $GREP -v "^#" $USER_LOC_PATH/nsswitch.conf |\ 6836ba597c5SAnurag S. Maskey $SED -e 's/[^:]*://' | $GREP nis >/dev/null 2>&1 6846ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 6856ba597c5SAnurag S. Maskey activate_user_loc=1 6866ba597c5SAnurag S. Maskey fi 6876ba597c5SAnurag S. Maskey $SVCCFG -s $SMF_FMRI addpg location_upgrade application \ 6886ba597c5SAnurag S. Maskey 2>/dev/null 6896ba597c5SAnurag S. Maskey $SVCCFG -s $SMF_FMRI setprop location_upgrade/version = \ 6906ba597c5SAnurag S. Maskey astring: "1" 6916ba597c5SAnurag S. Maskey fi 6926ba597c5SAnurag S. Maskeyfi 6936ba597c5SAnurag S. Maskey 6946ba597c5SAnurag S. Maskey# 6956ba597c5SAnurag S. Maskey# Activate a location. If we've just finished upgrading, and 6966ba597c5SAnurag S. Maskey# the User location should be activated, do that (and use nwamadm 6976ba597c5SAnurag S. Maskey# to do so, so the enabled property gets set and nwamd knows this 6986ba597c5SAnurag S. Maskey# selection has been made). Otherwise, if our location/selected 6996ba597c5SAnurag S. Maskey# property has a value, we activate that location; else we activate 7006ba597c5SAnurag S. Maskey# the NoNet location as a default value. 7016ba597c5SAnurag S. Maskey# 7026ba597c5SAnurag S. Maskeyif [ $activate_user_loc -eq 1 ]; then 7036ba597c5SAnurag S. Maskey $NWAMADM enable -p loc User 7046ba597c5SAnurag S. Maskeyelse 7056ba597c5SAnurag S. Maskey sel_loc=`$SVCPROP -c -p location/selected $SMF_FMRI 2>/dev/null` 7066ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 7076ba597c5SAnurag S. Maskey # location hasn't been selected; default to NoNet 7086ba597c5SAnurag S. Maskey activate_loc NoNet 7096ba597c5SAnurag S. Maskey else 71003e9aa6dSRenee Danson Sommerfeld # 71103e9aa6dSRenee Danson Sommerfeld # If the selected location does not exist, or if we fail 71203e9aa6dSRenee Danson Sommerfeld # to activate it completely, we fall back to the NoNet 71303e9aa6dSRenee Danson Sommerfeld # location. Also poke nwamd, so it will check conditions 71403e9aa6dSRenee Danson Sommerfeld # for a better choice. 71503e9aa6dSRenee Danson Sommerfeld # 7164a44f0a1SAnurag S. Maskey $NWAMCFG list loc $sel_loc >/dev/null 2>&1 7174a44f0a1SAnurag S. Maskey if [ $? -eq 1 ]; then 718ad559becSAnurag S. Maskey echo "location '$sel_loc' doesn't exist" 71903e9aa6dSRenee Danson Sommerfeld activate_loc NoNet 72003e9aa6dSRenee Danson Sommerfeld refresh_svc $NWAM_FMRI 7214a44f0a1SAnurag S. Maskey else 7224a44f0a1SAnurag S. Maskey # activate selected location 72303e9aa6dSRenee Danson Sommerfeld if ! activate_loc $sel_loc; then 72403e9aa6dSRenee Danson Sommerfeld echo "failed to activate '$sel_loc'" 72503e9aa6dSRenee Danson Sommerfeld activate_loc NoNet 72603e9aa6dSRenee Danson Sommerfeld refresh_svc $NWAM_FMRI 72703e9aa6dSRenee Danson Sommerfeld fi 7284a44f0a1SAnurag S. Maskey fi 7296ba597c5SAnurag S. Maskey fi 7306ba597c5SAnurag S. Maskeyfi 7316ba597c5SAnurag S. Maskey 7326ba597c5SAnurag S. Maskeyexit $SMF_EXIT_OK 733