1*6ba597c5SAnurag S. Maskey#!/sbin/sh 2*6ba597c5SAnurag S. Maskey# 3*6ba597c5SAnurag S. Maskey# CDDL HEADER START 4*6ba597c5SAnurag S. Maskey# 5*6ba597c5SAnurag S. Maskey# The contents of this file are subject to the terms of the 6*6ba597c5SAnurag S. Maskey# Common Development and Distribution License (the "License"). 7*6ba597c5SAnurag S. Maskey# You may not use this file except in compliance with the License. 8*6ba597c5SAnurag S. Maskey# 9*6ba597c5SAnurag S. Maskey# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*6ba597c5SAnurag S. Maskey# or http://www.opensolaris.org/os/licensing. 11*6ba597c5SAnurag S. Maskey# See the License for the specific language governing permissions 12*6ba597c5SAnurag S. Maskey# and limitations under the License. 13*6ba597c5SAnurag S. Maskey# 14*6ba597c5SAnurag S. Maskey# When distributing Covered Code, include this CDDL HEADER in each 15*6ba597c5SAnurag S. Maskey# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*6ba597c5SAnurag S. Maskey# If applicable, add the following below this CDDL HEADER, with the 17*6ba597c5SAnurag S. Maskey# fields enclosed by brackets "[]" replaced with your own identifying 18*6ba597c5SAnurag S. Maskey# information: Portions Copyright [yyyy] [name of copyright owner] 19*6ba597c5SAnurag S. Maskey# 20*6ba597c5SAnurag S. Maskey# CDDL HEADER END 21*6ba597c5SAnurag S. Maskey# 22*6ba597c5SAnurag S. Maskey# 23*6ba597c5SAnurag S. Maskey# Copyright 2010 Sun Microsystems, Inc. All rights reserved. 24*6ba597c5SAnurag S. Maskey# Use is subject to license terms. 25*6ba597c5SAnurag S. Maskey# 26*6ba597c5SAnurag S. Maskey 27*6ba597c5SAnurag S. Maskey. /lib/svc/share/smf_include.sh 28*6ba597c5SAnurag S. Maskey. /lib/svc/share/net_include.sh 29*6ba597c5SAnurag S. Maskey 30*6ba597c5SAnurag S. Maskey# FMRI consts 31*6ba597c5SAnurag S. MaskeyAUTOFS_FMRI="svc:/system/filesystem/autofs" 32*6ba597c5SAnurag S. MaskeyDNS_CLIENT_FMRI="svc:/network/dns/client" 33*6ba597c5SAnurag S. MaskeyIPSEC_IKE_FMRI="svc:/network/ipsec/ike" 34*6ba597c5SAnurag S. MaskeyIPSEC_POLICY_FMRI="svc:/network/ipsec/policy" 35*6ba597c5SAnurag S. MaskeyIPFILTER_FMRI="svc:/network/ipfilter:default" 36*6ba597c5SAnurag S. MaskeyLDAP_CLIENT_FMRI="svc:/network/ldap/client" 37*6ba597c5SAnurag S. MaskeyLOCATION_FMRI="svc:/network/location:default" 38*6ba597c5SAnurag S. MaskeyMAPID_FMRI="svc:/network/nfs/mapid:default" 39*6ba597c5SAnurag S. MaskeyNIS_CLIENT_FMRI="svc:/network/nis/client" 40*6ba597c5SAnurag S. MaskeyNWAM_FMRI="svc:/network/physical:nwam" 41*6ba597c5SAnurag S. Maskey 42*6ba597c5SAnurag S. Maskey# commands 43*6ba597c5SAnurag S. MaskeyCP=/usr/bin/cp 44*6ba597c5SAnurag S. MaskeyDHCPINFO=/sbin/dhcpinfo 45*6ba597c5SAnurag S. MaskeyDOMAINNAME=/usr/bin/domainname 46*6ba597c5SAnurag S. MaskeyGREP=/usr/bin/grep 47*6ba597c5SAnurag S. MaskeyLDAPCLIENT=/usr/sbin/ldapclient 48*6ba597c5SAnurag S. MaskeyMKDIR=/usr/bin/mkdir 49*6ba597c5SAnurag S. MaskeyMV=/usr/bin/mv 50*6ba597c5SAnurag S. MaskeyNAWK=/usr/bin/nawk 51*6ba597c5SAnurag S. MaskeyNWAMADM=/usr/sbin/nwamadm 52*6ba597c5SAnurag S. MaskeyNWAMCFG=/usr/sbin/nwamcfg 53*6ba597c5SAnurag S. MaskeyRM=/usr/bin/rm 54*6ba597c5SAnurag S. MaskeySED=/usr/bin/sed 55*6ba597c5SAnurag S. MaskeySVCADM=/usr/sbin/svcadm 56*6ba597c5SAnurag S. MaskeySVCCFG=/usr/sbin/svccfg 57*6ba597c5SAnurag S. MaskeySVCPROP=/usr/bin/svcprop 58*6ba597c5SAnurag S. MaskeyTOUCH=/usr/bin/touch 59*6ba597c5SAnurag S. Maskey 60*6ba597c5SAnurag S. Maskey# Path to directories 61*6ba597c5SAnurag S. MaskeyETC_DEFAULT_DOMAIN=/etc/defaultdomain 62*6ba597c5SAnurag S. MaskeyNIS_BIND_PATH=/var/yp/binding 63*6ba597c5SAnurag S. MaskeyLEGACY_LOC_PATH=/etc/nwam/loc/Legacy 64*6ba597c5SAnurag S. MaskeyUSER_LOC_PATH=/etc/nwam/loc/User 65*6ba597c5SAnurag S. MaskeySCRIPT_PATH=/etc/svc/volatile/nwam 66*6ba597c5SAnurag S. Maskey 67*6ba597c5SAnurag S. Maskey# 68*6ba597c5SAnurag S. Maskey# echoes DHCP controlled interfaces separated by commas 69*6ba597c5SAnurag S. Maskey# 70*6ba597c5SAnurag S. Maskey# Don't parse the output of ifconfig(1M) because interfaces that haven't 71*6ba597c5SAnurag S. Maskey# acquired a DHCP lease also have the DHCP flag set. 72*6ba597c5SAnurag S. Maskey# 73*6ba597c5SAnurag S. Maskeyget_dhcp_interfaces () { 74*6ba597c5SAnurag S. Maskey # 75*6ba597c5SAnurag S. Maskey # 1. parse netstat(1M) output for v4 interfaces in BOUND 76*6ba597c5SAnurag S. Maskey # or INFORMATION state 77*6ba597c5SAnurag S. Maskey # 2. make a space-separated list of interface names 78*6ba597c5SAnurag S. Maskey # 79*6ba597c5SAnurag S. Maskey netstat -D -f inet | $NAWK ' 80*6ba597c5SAnurag S. Maskey $2 ~ /BOUND/ { printf "%s ", $1 } 81*6ba597c5SAnurag S. Maskey $2 ~ /INFORMATION/ { printf "%s ", $1 }' 82*6ba597c5SAnurag S. Maskey} 83*6ba597c5SAnurag S. Maskey 84*6ba597c5SAnurag S. Maskey# 85*6ba597c5SAnurag S. Maskey# get_dhcpinfo <code/identifier> 86*6ba597c5SAnurag S. Maskey# 87*6ba597c5SAnurag S. Maskey# echoes the value received through each interface controlled by DHCP 88*6ba597c5SAnurag S. Maskey# returns: 89*6ba597c5SAnurag S. Maskey# 0 => property is set 90*6ba597c5SAnurag S. Maskey# 1 => property is not set 91*6ba597c5SAnurag S. Maskey# 92*6ba597c5SAnurag S. Maskeyget_dhcpinfo () { 93*6ba597c5SAnurag S. Maskey code=$1 94*6ba597c5SAnurag S. Maskey 95*6ba597c5SAnurag S. Maskey # Get all interfaces with DHCP control, IFS is " " 96*6ba597c5SAnurag S. Maskey interfaces=`get_dhcp_interfaces` 97*6ba597c5SAnurag S. Maskey 98*6ba597c5SAnurag S. Maskey info="" 99*6ba597c5SAnurag S. Maskey for intf in $interfaces; do 100*6ba597c5SAnurag S. Maskey val=`$DHCPINFO -i $intf $code` 101*6ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 102*6ba597c5SAnurag S. Maskey if [ "$info" = "" ]; then 103*6ba597c5SAnurag S. Maskey info="$val" 104*6ba597c5SAnurag S. Maskey else 105*6ba597c5SAnurag S. Maskey info="$info,$val" 106*6ba597c5SAnurag S. Maskey fi 107*6ba597c5SAnurag S. Maskey fi 108*6ba597c5SAnurag S. Maskey done 109*6ba597c5SAnurag S. Maskey echo $info 110*6ba597c5SAnurag S. Maskey} 111*6ba597c5SAnurag S. Maskey 112*6ba597c5SAnurag S. Maskey# 113*6ba597c5SAnurag S. Maskey# set_smf_prop <fmri> <property name> <property value> 114*6ba597c5SAnurag S. Maskey# 115*6ba597c5SAnurag S. Maskeyset_smf_prop () { 116*6ba597c5SAnurag S. Maskey $SVCCFG -s $1 setprop $2 = astring: "$3" && return 117*6ba597c5SAnurag S. Maskey} 118*6ba597c5SAnurag S. Maskey 119*6ba597c5SAnurag S. Maskey# 120*6ba597c5SAnurag S. Maskey# refresh_svc <fmri> 121*6ba597c5SAnurag S. Maskey# 122*6ba597c5SAnurag S. Maskey# Refreshes the service. 123*6ba597c5SAnurag S. Maskey# 124*6ba597c5SAnurag S. Maskeyrefresh_svc () { 125*6ba597c5SAnurag S. Maskey $SVCADM refresh $1 126*6ba597c5SAnurag S. Maskey} 127*6ba597c5SAnurag S. Maskey 128*6ba597c5SAnurag S. Maskey# 129*6ba597c5SAnurag S. Maskey# restart_svc <fmri> 130*6ba597c5SAnurag S. Maskey# 131*6ba597c5SAnurag S. Maskey# Restarts the service. 132*6ba597c5SAnurag S. Maskey# 133*6ba597c5SAnurag S. Maskeyrestart_svc () { 134*6ba597c5SAnurag S. Maskey $SVCADM restart $1 135*6ba597c5SAnurag S. Maskey} 136*6ba597c5SAnurag S. Maskey 137*6ba597c5SAnurag S. Maskey# 138*6ba597c5SAnurag S. Maskey# start_svc <fmri> 139*6ba597c5SAnurag S. Maskey# 140*6ba597c5SAnurag S. Maskey# Starts the service. If the service is already enabled, restarts it. If 141*6ba597c5SAnurag S. Maskey# it is not enabled, temporarily enables it. 142*6ba597c5SAnurag S. Maskey# 143*6ba597c5SAnurag S. Maskeystart_svc () { 144*6ba597c5SAnurag S. Maskey if service_is_enabled $1; then 145*6ba597c5SAnurag S. Maskey $SVCADM restart $1 146*6ba597c5SAnurag S. Maskey else 147*6ba597c5SAnurag S. Maskey $SVCADM enable -t $1 148*6ba597c5SAnurag S. Maskey fi 149*6ba597c5SAnurag S. Maskey} 150*6ba597c5SAnurag S. Maskey 151*6ba597c5SAnurag S. Maskey# 152*6ba597c5SAnurag S. Maskey# stop_svc <fmri> 153*6ba597c5SAnurag S. Maskey# 154*6ba597c5SAnurag S. Maskey# Temporarily disables the service. 155*6ba597c5SAnurag S. Maskey# 156*6ba597c5SAnurag S. Maskeystop_svc () { 157*6ba597c5SAnurag S. Maskey $SVCADM disable -t $1 158*6ba597c5SAnurag S. Maskey} 159*6ba597c5SAnurag S. Maskey 160*6ba597c5SAnurag S. Maskey# 161*6ba597c5SAnurag S. Maskey# copy_default <dir> <file> 162*6ba597c5SAnurag S. Maskey# 163*6ba597c5SAnurag S. Maskey# Copies <dir>/<file>.dfl to <dir>/<file> 164*6ba597c5SAnurag S. Maskey# 165*6ba597c5SAnurag S. Maskeycopy_default () { 166*6ba597c5SAnurag S. Maskey $CP -p $1/$2.dfl $1/$2 167*6ba597c5SAnurag S. Maskey} 168*6ba597c5SAnurag S. Maskey 169*6ba597c5SAnurag S. Maskey# 170*6ba597c5SAnurag S. Maskey# do_dns <location> 171*6ba597c5SAnurag S. Maskey# 172*6ba597c5SAnurag S. Maskey# Installs DNS information on /etc/resolv.conf for location 173*6ba597c5SAnurag S. Maskey# 174*6ba597c5SAnurag S. Maskeydo_dns () { 175*6ba597c5SAnurag S. Maskey loc=$1 176*6ba597c5SAnurag S. Maskey file=/etc/resolv.conf 177*6ba597c5SAnurag S. Maskey 178*6ba597c5SAnurag S. Maskey # Write out to temporary file first 179*6ba597c5SAnurag S. Maskey $TOUCH $file.$$ 180*6ba597c5SAnurag S. Maskey 181*6ba597c5SAnurag S. Maskey DNS_CONFIGSRC=`nwam_get_loc_prop $loc dns-nameservice-configsrc` 182*6ba597c5SAnurag S. Maskey (IFS=" "; 183*6ba597c5SAnurag S. Maskey for configsrc in $DNS_CONFIGSRC; do 184*6ba597c5SAnurag S. Maskey case "$configsrc" in 185*6ba597c5SAnurag S. Maskey 'manual') 186*6ba597c5SAnurag S. Maskey DNS_DOMAIN=`nwam_get_loc_prop $loc \ 187*6ba597c5SAnurag S. Maskey dns-nameservice-domain` 188*6ba597c5SAnurag S. Maskey DNS_SERVERS=`nwam_get_loc_prop $loc \ 189*6ba597c5SAnurag S. Maskey dns-nameservice-servers` 190*6ba597c5SAnurag S. Maskey DNS_SEARCH=`nwam_get_loc_prop $loc \ 191*6ba597c5SAnurag S. Maskey dns-nameservice-search` 192*6ba597c5SAnurag S. Maskey ;; 193*6ba597c5SAnurag S. Maskey 'dhcp') 194*6ba597c5SAnurag S. Maskey DNS_DOMAIN=`get_dhcpinfo DNSdmain` 195*6ba597c5SAnurag S. Maskey DNS_SERVERS=`get_dhcpinfo DNSserv` 196*6ba597c5SAnurag S. Maskey # No DNS search info for IPv4 197*6ba597c5SAnurag S. Maskey ;; 198*6ba597c5SAnurag S. Maskey '*') 199*6ba597c5SAnurag S. Maskey echo "Unrecognized DNS configsrc ${configsrc}; ignoring" 200*6ba597c5SAnurag S. Maskey ;; 201*6ba597c5SAnurag S. Maskey esac 202*6ba597c5SAnurag S. Maskey 203*6ba597c5SAnurag S. Maskey # Write DNS settings 204*6ba597c5SAnurag S. Maskey if [ -n "$DNS_DOMAIN" ]; then 205*6ba597c5SAnurag S. Maskey echo "$DNS_DOMAIN" | $NAWK \ 206*6ba597c5SAnurag S. Maskey 'FS="," { for (i = 1; i <= NF; i++) \ 207*6ba597c5SAnurag S. Maskey print "domain ", $i }' >> $file.$$ 208*6ba597c5SAnurag S. Maskey fi 209*6ba597c5SAnurag S. Maskey if [ -n "$DNS_SEARCH" ]; then 210*6ba597c5SAnurag S. Maskey echo "$DNS_SEARCH" | $NAWK \ 211*6ba597c5SAnurag S. Maskey 'FS="," { printf("search"); \ 212*6ba597c5SAnurag S. Maskey for (i = 1; i <= NF; i++) printf(" %s", $i); \ 213*6ba597c5SAnurag S. Maskey printf("\n") }' >> $file.$$ 214*6ba597c5SAnurag S. Maskey fi 215*6ba597c5SAnurag S. Maskey if [ -n "$DNS_SERVERS" ]; then 216*6ba597c5SAnurag S. Maskey echo "$DNS_SERVERS" | $NAWK \ 217*6ba597c5SAnurag S. Maskey 'FS="," { for (i = 1; i <= NF; i++) \ 218*6ba597c5SAnurag S. Maskey print "nameserver ", $i }' >> $file.$$ 219*6ba597c5SAnurag S. Maskey fi 220*6ba597c5SAnurag S. Maskey done 221*6ba597c5SAnurag S. Maskey ) 222*6ba597c5SAnurag S. Maskey # Finally, copy our working version to the real thing 223*6ba597c5SAnurag S. Maskey $MV -f $file.$$ $file 224*6ba597c5SAnurag S. Maskey start_svc $DNS_CLIENT_FMRI 225*6ba597c5SAnurag S. Maskey} 226*6ba597c5SAnurag S. Maskey 227*6ba597c5SAnurag S. Maskey# 228*6ba597c5SAnurag S. Maskey# do_nis <location> 229*6ba597c5SAnurag S. Maskey# 230*6ba597c5SAnurag S. Maskey# Installs NIS information on /var/yp/binding/ for location 231*6ba597c5SAnurag S. Maskey# 232*6ba597c5SAnurag S. Maskeydo_nis () { 233*6ba597c5SAnurag S. Maskey loc=$1 234*6ba597c5SAnurag S. Maskey 235*6ba597c5SAnurag S. Maskey NIS_CONFIGSRC=`nwam_get_loc_prop $loc nis-nameservice-configsrc` 236*6ba597c5SAnurag S. Maskey (IFS=" "; 237*6ba597c5SAnurag S. Maskey domainname_set=false 238*6ba597c5SAnurag S. Maskey for configsrc in $NIS_CONFIGSRC; do 239*6ba597c5SAnurag S. Maskey case "$configsrc" in 240*6ba597c5SAnurag S. Maskey 'manual') 241*6ba597c5SAnurag S. Maskey NIS_SERVERS=`nwam_get_loc_prop $loc \ 242*6ba597c5SAnurag S. Maskey nis-nameservice-servers` 243*6ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 244*6ba597c5SAnurag S. Maskey # user-specified default-domain always wins 245*6ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 246*6ba597c5SAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 247*6ba597c5SAnurag S. Maskey domainname_set=true 248*6ba597c5SAnurag S. Maskey ;; 249*6ba597c5SAnurag S. Maskey 'dhcp') 250*6ba597c5SAnurag S. Maskey # Use only the first name 251*6ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`get_dhcpinfo NISdmain | \ 252*6ba597c5SAnurag S. Maskey $NAWK 'FS="," { print $1 }'` 253*6ba597c5SAnurag S. Maskey NIS_SERVERS=`get_dhcpinfo NISservs` 254*6ba597c5SAnurag S. Maskey if [ "$domainname_set" = "false" ]; then 255*6ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 256*6ba597c5SAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 257*6ba597c5SAnurag S. Maskey domainname_set=true 258*6ba597c5SAnurag S. Maskey fi 259*6ba597c5SAnurag S. Maskey ;; 260*6ba597c5SAnurag S. Maskey '*') 261*6ba597c5SAnurag S. Maskey echo "Unrecognized NIS configsrc ${configsrc}; ignoring" 262*6ba597c5SAnurag S. Maskey ;; 263*6ba597c5SAnurag S. Maskey esac 264*6ba597c5SAnurag S. Maskey 265*6ba597c5SAnurag S. Maskey # Place NIS settings in appropriate directory/file. 266*6ba597c5SAnurag S. Maskey if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then 267*6ba597c5SAnurag S. Maskey $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN 268*6ba597c5SAnurag S. Maskey fi 269*6ba597c5SAnurag S. Maskey if [ -n "$NIS_SERVERS" ]; then 270*6ba597c5SAnurag S. Maskey echo "$NIS_SERVERS" | $NAWK \ 271*6ba597c5SAnurag S. Maskey 'FS="," { for (i = 1; i <= NF; i++) print $i }' \ 272*6ba597c5SAnurag S. Maskey > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers 273*6ba597c5SAnurag S. Maskey fi 274*6ba597c5SAnurag S. Maskey done 275*6ba597c5SAnurag S. Maskey ) 276*6ba597c5SAnurag S. Maskey start_svc $NIS_CLIENT_FMRI 277*6ba597c5SAnurag S. Maskey} 278*6ba597c5SAnurag S. Maskey 279*6ba597c5SAnurag S. Maskey# 280*6ba597c5SAnurag S. Maskey# do_ldap <location> 281*6ba597c5SAnurag S. Maskey# 282*6ba597c5SAnurag S. Maskey# Installs LDAP information using ldapclient(1M) for location 283*6ba597c5SAnurag S. Maskey# 284*6ba597c5SAnurag S. Maskeydo_ldap () { 285*6ba597c5SAnurag S. Maskey loc=$1 286*6ba597c5SAnurag S. Maskey 287*6ba597c5SAnurag S. Maskey LDAP_CONFIGSRC=`nwam_get_loc_prop $loc ldap-nameservice-configsrc` 288*6ba597c5SAnurag S. Maskey (IFS=" "; 289*6ba597c5SAnurag S. Maskey for configsrc in $LDAP_CONFIGSRC; do 290*6ba597c5SAnurag S. Maskey case "$configsrc" in 291*6ba597c5SAnurag S. Maskey 'manual') 292*6ba597c5SAnurag S. Maskey LDAP_SERVERS=`nwam_get_loc_prop $loc \ 293*6ba597c5SAnurag S. Maskey ldap-nameservice-servers` 294*6ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 295*6ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 296*6ba597c5SAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 297*6ba597c5SAnurag S. Maskey ;; 298*6ba597c5SAnurag S. Maskey '*') 299*6ba597c5SAnurag S. Maskey echo "Unrecognized LDAP configsrc ${configsrc}; ignoring" 300*6ba597c5SAnurag S. Maskey ;; 301*6ba597c5SAnurag S. Maskey esac 302*6ba597c5SAnurag S. Maskey 303*6ba597c5SAnurag S. Maskey # Use ldapclient(1M) to initialize LDAP client settings. 304*6ba597c5SAnurag S. Maskey if [ -n "$DEFAULT_DOMAIN" -o -n "$LDAP_SERVERS" ]; then 305*6ba597c5SAnurag S. Maskey # XXX need to check how to specify multiple LDAP servers. 306*6ba597c5SAnurag S. Maskey $LDAPCLIENT init -a domainName=$DEFAULT_DOMAIN \ 307*6ba597c5SAnurag S. Maskey $LDAP_SERVERS 308*6ba597c5SAnurag S. Maskey fi 309*6ba597c5SAnurag S. Maskey done 310*6ba597c5SAnurag S. Maskey ) 311*6ba597c5SAnurag S. Maskey start_svc $LDAP_CLIENT_FMRI 312*6ba597c5SAnurag S. Maskey} 313*6ba597c5SAnurag S. Maskey 314*6ba597c5SAnurag S. Maskey# 315*6ba597c5SAnurag S. Maskey# do_ns <location> 316*6ba597c5SAnurag S. Maskey# 317*6ba597c5SAnurag S. Maskey# Installs different nameservices for location 318*6ba597c5SAnurag S. Maskey# 319*6ba597c5SAnurag S. Maskeydo_ns () { 320*6ba597c5SAnurag S. Maskey loc=$1 321*6ba597c5SAnurag S. Maskey 322*6ba597c5SAnurag S. Maskey # 323*6ba597c5SAnurag S. Maskey # Disable nameservices temporarily while we reconfigure. Copy 324*6ba597c5SAnurag S. Maskey # /etc/nsswitch.files to /etc/nsswitch.conf first so that only "files" 325*6ba597c5SAnurag S. Maskey # are used. 326*6ba597c5SAnurag S. Maskey # 327*6ba597c5SAnurag S. Maskey $CP -p /etc/nsswitch.files /etc/nsswitch.conf 328*6ba597c5SAnurag S. Maskey stop_svc $DNS_CLIENT_FMRI 329*6ba597c5SAnurag S. Maskey stop_svc $NIS_CLIENT_FMRI 330*6ba597c5SAnurag S. Maskey stop_svc $LDAP_CLIENT_FMRI 331*6ba597c5SAnurag S. Maskey 332*6ba597c5SAnurag S. Maskey # 333*6ba597c5SAnurag S. Maskey # Remove /etc/defaultdomain and unset domainname(1M). If NIS 334*6ba597c5SAnurag S. Maskey # and/or LDAP is configured, they will create /etc/defaultdomain 335*6ba597c5SAnurag S. Maskey # and set the domainname(1M). 336*6ba597c5SAnurag S. Maskey # 337*6ba597c5SAnurag S. Maskey $RM -f $ETC_DEFAULT_DOMAIN 338*6ba597c5SAnurag S. Maskey $DOMAINNAME " " 339*6ba597c5SAnurag S. Maskey 340*6ba597c5SAnurag S. Maskey NAMESERVICES_CONFIG_FILE=`nwam_get_loc_prop \ 341*6ba597c5SAnurag S. Maskey $loc nameservices-config-file` 342*6ba597c5SAnurag S. Maskey NAMESERVICES=`nwam_get_loc_prop $loc nameservices` 343*6ba597c5SAnurag S. Maskey 344*6ba597c5SAnurag S. Maskey if [ -f "$NAMESERVICES_CONFIG_FILE" ]; then 345*6ba597c5SAnurag S. Maskey $CP -p $NAMESERVICES_CONFIG_FILE /etc/nsswitch.conf 346*6ba597c5SAnurag S. Maskey else 347*6ba597c5SAnurag S. Maskey echo "Failed to activate location ${loc}:\ 348*6ba597c5SAnurag S. Maskey missing nameservices-config-file property" 349*6ba597c5SAnurag S. Maskey exit $SMF_EXIT_ERR_CONFIG 350*6ba597c5SAnurag S. Maskey fi 351*6ba597c5SAnurag S. Maskey 352*6ba597c5SAnurag S. Maskey (IFS=,; 353*6ba597c5SAnurag S. Maskey for ns in $NAMESERVICES; do 354*6ba597c5SAnurag S. Maskey case "$ns" in 355*6ba597c5SAnurag S. Maskey 'files') 356*6ba597c5SAnurag S. Maskey # no additional setup needed for files nameservice 357*6ba597c5SAnurag S. Maskey ;; 358*6ba597c5SAnurag S. Maskey 'dns') 359*6ba597c5SAnurag S. Maskey do_dns $loc 360*6ba597c5SAnurag S. Maskey ;; 361*6ba597c5SAnurag S. Maskey 'nis') 362*6ba597c5SAnurag S. Maskey do_nis $loc 363*6ba597c5SAnurag S. Maskey ;; 364*6ba597c5SAnurag S. Maskey 'ldap') 365*6ba597c5SAnurag S. Maskey do_ldap $loc 366*6ba597c5SAnurag S. Maskey ;; 367*6ba597c5SAnurag S. Maskey '*') 368*6ba597c5SAnurag S. Maskey echo "Unrecognized nameservices value ${ns}; ignoring" 369*6ba597c5SAnurag S. Maskey ;; 370*6ba597c5SAnurag S. Maskey esac 371*6ba597c5SAnurag S. Maskey done 372*6ba597c5SAnurag S. Maskey ) 373*6ba597c5SAnurag S. Maskey 374*6ba597c5SAnurag S. Maskey # 375*6ba597c5SAnurag S. Maskey # Restart other related services 376*6ba597c5SAnurag S. Maskey # 377*6ba597c5SAnurag S. Maskey # We explicitly restart here, as restart will only have an 378*6ba597c5SAnurag S. Maskey # effect if the service is already enabled. We don't want 379*6ba597c5SAnurag S. Maskey # to enable the service if it's currently disabled. 380*6ba597c5SAnurag S. Maskey # 381*6ba597c5SAnurag S. Maskey restart_svc $AUTOFS_FMRI 382*6ba597c5SAnurag S. Maskey} 383*6ba597c5SAnurag S. Maskey 384*6ba597c5SAnurag S. Maskey# 385*6ba597c5SAnurag S. Maskey# do_sec <location> 386*6ba597c5SAnurag S. Maskey# 387*6ba597c5SAnurag S. Maskey# If config properties are set, update the SMF property and refresh the 388*6ba597c5SAnurag S. Maskey# service. If config properties are not set, delete the SMF property and 389*6ba597c5SAnurag S. Maskey# stop the service. 390*6ba597c5SAnurag S. Maskey# 391*6ba597c5SAnurag S. Maskeydo_sec () { 392*6ba597c5SAnurag S. Maskey loc=$1 393*6ba597c5SAnurag S. Maskey 394*6ba597c5SAnurag S. Maskey ike_file=`nwam_get_loc_prop $loc ike-config-file` 395*6ba597c5SAnurag S. Maskey pol_file=`nwam_get_loc_prop $loc ipsecpolicy-config-file` 396*6ba597c5SAnurag S. Maskey ipf_file=`nwam_get_loc_prop $loc ipfilter-config-file` 397*6ba597c5SAnurag S. Maskey ipf6_file=`nwam_get_loc_prop $loc ipfilter-v6-config-file` 398*6ba597c5SAnurag S. Maskey ipnat_file=`nwam_get_loc_prop $loc ipnat-config-file` 399*6ba597c5SAnurag S. Maskey ippool_file=`nwam_get_loc_prop $loc ippool-config-file` 400*6ba597c5SAnurag S. Maskey 401*6ba597c5SAnurag S. Maskey # IKE 402*6ba597c5SAnurag S. Maskey if [ -n "$ike_file" ]; then 403*6ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file $ike_file 404*6ba597c5SAnurag S. Maskey refresh_svc $IPSEC_IKE_FMRI 405*6ba597c5SAnurag S. Maskey start_svc $IPSEC_IKE_FMRI 406*6ba597c5SAnurag S. Maskey else 407*6ba597c5SAnurag S. Maskey stop_svc $IPSEC_IKE_FMRI 408*6ba597c5SAnurag S. Maskey fi 409*6ba597c5SAnurag S. Maskey 410*6ba597c5SAnurag S. Maskey # IPsec 411*6ba597c5SAnurag S. Maskey if [ -n "$pol_file" ]; then 412*6ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file 413*6ba597c5SAnurag S. Maskey refresh_svc $IPSEC_POLICY_FMRI 414*6ba597c5SAnurag S. Maskey start_svc $IPSEC_POLICY_FMRI 415*6ba597c5SAnurag S. Maskey else 416*6ba597c5SAnurag S. Maskey stop_svc $IPSEC_POLICY_FMRI 417*6ba597c5SAnurag S. Maskey fi 418*6ba597c5SAnurag S. Maskey 419*6ba597c5SAnurag S. Maskey # IPFilter 420*6ba597c5SAnurag S. Maskey refresh_ipf=false 421*6ba597c5SAnurag S. Maskey if [ -n "$ipf_file" ]; then 422*6ba597c5SAnurag S. Maskey if [ "$ipf_file" = "/none" ]; then 423*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 424*6ba597c5SAnurag S. Maskey firewall_config_default/policy "none" 425*6ba597c5SAnurag S. Maskey elif [ "$ipf_file" = "/deny" ]; then 426*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 427*6ba597c5SAnurag S. Maskey firewall_config_default/policy "deny" 428*6ba597c5SAnurag S. Maskey elif [ "$ipf_file" = "/allow" ]; then 429*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 430*6ba597c5SAnurag S. Maskey firewall_config_default/policy "allow" 431*6ba597c5SAnurag S. Maskey else 432*6ba597c5SAnurag S. Maskey # custom policy with policy file 433*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 434*6ba597c5SAnurag S. Maskey firewall_config_default/policy "custom" 435*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 436*6ba597c5SAnurag S. Maskey firewall_config_default/custom_policy_file $ipf_file 437*6ba597c5SAnurag S. Maskey fi 438*6ba597c5SAnurag S. Maskey refresh_ipf=true 439*6ba597c5SAnurag S. Maskey else 440*6ba597c5SAnurag S. Maskey # change policy to "none", no need to clear custom_policy_file 441*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI firewall_config_default/policy \ 442*6ba597c5SAnurag S. Maskey "none" 443*6ba597c5SAnurag S. Maskey # IPFilter has to be refreshed to make the changes effective. 444*6ba597c5SAnurag S. Maskey # Don't set $refresh_ipf as it keeps IPFilter online rather 445*6ba597c5SAnurag S. Maskey # than disabled. Refresh after IPFilter is disabled below. 446*6ba597c5SAnurag S. Maskey fi 447*6ba597c5SAnurag S. Maskey if [ -n "$ipf6_file" ]; then 448*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file 449*6ba597c5SAnurag S. Maskey refresh_ipf=true 450*6ba597c5SAnurag S. Maskey fi 451*6ba597c5SAnurag S. Maskey if [ -n "$ipnat_file" ]; then 452*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file $ipnat_file 453*6ba597c5SAnurag S. Maskey refresh_ipf=true 454*6ba597c5SAnurag S. Maskey fi 455*6ba597c5SAnurag S. Maskey if [ -n "$ippool_file" ]; then 456*6ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 457*6ba597c5SAnurag S. Maskey $ippool_file 458*6ba597c5SAnurag S. Maskey refresh_ipf=true 459*6ba597c5SAnurag S. Maskey fi 460*6ba597c5SAnurag S. Maskey 461*6ba597c5SAnurag S. Maskey if [ "$refresh_ipf" = "true" ]; then 462*6ba597c5SAnurag S. Maskey refresh_svc $IPFILTER_FMRI 463*6ba597c5SAnurag S. Maskey start_svc $IPFILTER_FMRI 464*6ba597c5SAnurag S. Maskey else 465*6ba597c5SAnurag S. Maskey stop_svc $IPFILTER_FMRI 466*6ba597c5SAnurag S. Maskey refresh_svc $IPFILTER_FMRI 467*6ba597c5SAnurag S. Maskey fi 468*6ba597c5SAnurag S. Maskey} 469*6ba597c5SAnurag S. Maskey 470*6ba597c5SAnurag S. Maskey# 471*6ba597c5SAnurag S. Maskey# update_nfs_file <new nfsv4 domain> 472*6ba597c5SAnurag S. Maskey# 473*6ba597c5SAnurag S. Maskeyupdate_nfs_file () { 474*6ba597c5SAnurag S. Maskey domain=$1 475*6ba597c5SAnurag S. Maskey file=/etc/default/nfs 476*6ba597c5SAnurag S. Maskey 477*6ba597c5SAnurag S. Maskey # 478*6ba597c5SAnurag S. Maskey # For non-commented-out lines that set NFSMAPID_DOMAIN: 479*6ba597c5SAnurag S. Maskey # if not previously added by nwam, comment out with a note 480*6ba597c5SAnurag S. Maskey # if previously added by nwam, remove 481*6ba597c5SAnurag S. Maskey # For commented-out lines that set NFSMAPID_DOMAIN: 482*6ba597c5SAnurag S. Maskey # if not commented out by NWAM, leave as-is 483*6ba597c5SAnurag S. Maskey # if commented out by NWAM, remove 484*6ba597c5SAnurag S. Maskey # All other lines: leave as-is 485*6ba597c5SAnurag S. Maskey # 486*6ba597c5SAnurag S. Maskey $NAWK ' \ 487*6ba597c5SAnurag S. Maskey $0 ~ /^NFSMAPID_DOMAIN=/ { 488*6ba597c5SAnurag S. Maskey if (index($0, "# Added by NWAM") == 0) 489*6ba597c5SAnurag S. Maskey printf("#%s # Commented out by NWAM\n", $0); 490*6ba597c5SAnurag S. Maskey } 491*6ba597c5SAnurag S. Maskey $0 ~ /^#NFSMAPID_DOMAIN=/ { 492*6ba597c5SAnurag S. Maskey if ($0 !~ /"# Commented out by NWAM"/) 493*6ba597c5SAnurag S. Maskey printf("%s\n", $0); 494*6ba597c5SAnurag S. Maskey } 495*6ba597c5SAnurag S. Maskey $1 !~ /NFSMAPID_DOMAIN=/ { 496*6ba597c5SAnurag S. Maskey printf("%s\n", $0); 497*6ba597c5SAnurag S. Maskey }' $file >$file.$$ 498*6ba597c5SAnurag S. Maskey 499*6ba597c5SAnurag S. Maskey # Now add the desired value 500*6ba597c5SAnurag S. Maskey echo "NFSMAPID_DOMAIN=$domain # Added by NWAM" >> $file.$$ 501*6ba597c5SAnurag S. Maskey 502*6ba597c5SAnurag S. Maskey # Finally, copy our working version to the real thing 503*6ba597c5SAnurag S. Maskey $MV -f $file.$$ $file 504*6ba597c5SAnurag S. Maskey} 505*6ba597c5SAnurag S. Maskey 506*6ba597c5SAnurag S. Maskey# 507*6ba597c5SAnurag S. Maskey# do_nfsv4 <location> 508*6ba597c5SAnurag S. Maskey# 509*6ba597c5SAnurag S. Maskey# Updates NFSv4 domain for location 510*6ba597c5SAnurag S. Maskey# 511*6ba597c5SAnurag S. Maskeydo_nfsv4 () { 512*6ba597c5SAnurag S. Maskey loc=$1 513*6ba597c5SAnurag S. Maskey 514*6ba597c5SAnurag S. Maskey nfsv4domain=`nwam_get_loc_prop $loc nfsv4-domain` 515*6ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 516*6ba597c5SAnurag S. Maskey update_nfs_file $nfsv4domain 517*6ba597c5SAnurag S. Maskey start_svc $MAPID_FMRI 518*6ba597c5SAnurag S. Maskey else 519*6ba597c5SAnurag S. Maskey stop_svc $MAPID_FMRI 520*6ba597c5SAnurag S. Maskey fi 521*6ba597c5SAnurag S. Maskey} 522*6ba597c5SAnurag S. Maskey 523*6ba597c5SAnurag S. Maskey# 524*6ba597c5SAnurag S. Maskey# activate_loc <location> 525*6ba597c5SAnurag S. Maskey# 526*6ba597c5SAnurag S. Maskey# Activates the given location 527*6ba597c5SAnurag S. Maskey# 528*6ba597c5SAnurag S. Maskeyactivate_loc () { 529*6ba597c5SAnurag S. Maskey loc=$1 530*6ba597c5SAnurag S. Maskey 531*6ba597c5SAnurag S. Maskey echo activating $loc location 532*6ba597c5SAnurag S. Maskey 533*6ba597c5SAnurag S. Maskey do_sec $loc 534*6ba597c5SAnurag S. Maskey do_ns $loc 535*6ba597c5SAnurag S. Maskey do_nfsv4 $loc 536*6ba597c5SAnurag S. Maskey} 537*6ba597c5SAnurag S. Maskey 538*6ba597c5SAnurag S. Maskey# 539*6ba597c5SAnurag S. Maskey# Script entry point 540*6ba597c5SAnurag S. Maskey# 541*6ba597c5SAnurag S. Maskey# Arguments to net-loc are 542*6ba597c5SAnurag S. Maskey# method ('start' or 'refresh') 543*6ba597c5SAnurag S. Maskey 544*6ba597c5SAnurag S. Maskey# 545*6ba597c5SAnurag S. Maskey# If nwam is not enabled, do nothing and return OK. 546*6ba597c5SAnurag S. Maskey# 547*6ba597c5SAnurag S. Maskeyservice_is_enabled $NWAM_FMRI || exit $SMF_EXIT_OK 548*6ba597c5SAnurag S. Maskey 549*6ba597c5SAnurag S. Maskey# 550*6ba597c5SAnurag S. Maskey# In a shared-IP zone we need this service to be up, but all of the work 551*6ba597c5SAnurag S. Maskey# it tries to do is irrelevant (and will actually lead to the service 552*6ba597c5SAnurag S. Maskey# failing if we try to do it), so just bail out. 553*6ba597c5SAnurag S. Maskey# In the global zone and exclusive-IP zones we proceed. 554*6ba597c5SAnurag S. Maskey# 555*6ba597c5SAnurag S. Maskeysmf_configure_ip || exit $SMF_EXIT_OK 556*6ba597c5SAnurag S. Maskey 557*6ba597c5SAnurag S. Maskeycase "$1" in 558*6ba597c5SAnurag S. Maskey 559*6ba597c5SAnurag S. Maskey'start') 560*6ba597c5SAnurag S. Maskey # 561*6ba597c5SAnurag S. Maskey # We need to create the default (NoNet and Automatic) 562*6ba597c5SAnurag S. Maskey # locations, if they don't already exist. So: first check 563*6ba597c5SAnurag S. Maskey # for the existence of each, and then run the appropriate 564*6ba597c5SAnurag S. Maskey # nwamcfg script(s) as needed. Restart nwamd if a location is 565*6ba597c5SAnurag S. Maskey # created, as it needs to read it in. 566*6ba597c5SAnurag S. Maskey # 567*6ba597c5SAnurag S. Maskey LOC_CREATED="false" 568*6ba597c5SAnurag S. Maskey $NWAMCFG list loc Automatic >/dev/null 2>&1 569*6ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 570*6ba597c5SAnurag S. Maskey $NWAMCFG -f /etc/nwam/loc/create_loc_auto 571*6ba597c5SAnurag S. Maskey LOC_CREATED="true" 572*6ba597c5SAnurag S. Maskey fi 573*6ba597c5SAnurag S. Maskey 574*6ba597c5SAnurag S. Maskey $NWAMCFG list loc NoNet >/dev/null 2>&1 575*6ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 576*6ba597c5SAnurag S. Maskey NONETPATH=/etc/nwam/loc/NoNet 577*6ba597c5SAnurag S. Maskey NONETFILES="ipf.conf ipf6.conf" 578*6ba597c5SAnurag S. Maskey for file in $NONETFILES; do 579*6ba597c5SAnurag S. Maskey copy_default $NONETPATH $file 580*6ba597c5SAnurag S. Maskey done 581*6ba597c5SAnurag S. Maskey $NWAMCFG -f /etc/nwam/loc/create_loc_nonet 582*6ba597c5SAnurag S. Maskey LOC_CREATED="true" 583*6ba597c5SAnurag S. Maskey fi 584*6ba597c5SAnurag S. Maskey 585*6ba597c5SAnurag S. Maskey if [ "$LOC_CREATED" = "true" ]; then 586*6ba597c5SAnurag S. Maskey refresh_svc $NWAM_FMRI 587*6ba597c5SAnurag S. Maskey fi 588*6ba597c5SAnurag S. Maskey 589*6ba597c5SAnurag S. Maskey # location selection/activation happens below 590*6ba597c5SAnurag S. Maskey ;; 591*6ba597c5SAnurag S. Maskey 592*6ba597c5SAnurag S. Maskey'refresh') 593*6ba597c5SAnurag S. Maskey 594*6ba597c5SAnurag S. Maskey # location selection/activation happens below 595*6ba597c5SAnurag S. Maskey ;; 596*6ba597c5SAnurag S. Maskey 597*6ba597c5SAnurag S. Maskey*) 598*6ba597c5SAnurag S. Maskey echo "Usage: $0 start|refresh" 599*6ba597c5SAnurag S. Maskey exit 1 600*6ba597c5SAnurag S. Maskey ;; 601*6ba597c5SAnurag S. Maskey 602*6ba597c5SAnurag S. Maskeyesac 603*6ba597c5SAnurag S. Maskey 604*6ba597c5SAnurag S. Maskey# 605*6ba597c5SAnurag S. Maskey# If the Legacy location doesn't exist and the file to create the Legacy 606*6ba597c5SAnurag S. Maskey# location exists, create the Legacy location. Make a copy of it as the user's 607*6ba597c5SAnurag S. Maskey# intentions before upgrade. Then activate the User location if nis is 608*6ba597c5SAnurag S. Maskey# involved. Because NIS affects more parts of the system (e.g. automounts) we 609*6ba597c5SAnurag S. Maskey# are not willing to make NIS part of the Automatic location (i.e. enable it 610*6ba597c5SAnurag S. Maskey# automatically based on external input) as we do with DHCP-driven DNS. 611*6ba597c5SAnurag S. Maskey# 612*6ba597c5SAnurag S. Maskeyactivate_user_loc=0 613*6ba597c5SAnurag S. Maskey$NWAMCFG list loc Legacy >/dev/null 2>&1 614*6ba597c5SAnurag S. Maskeyif [ $? -eq 1 -a -f "$SCRIPT_PATH/create_loc_legacy" ]; then 615*6ba597c5SAnurag S. Maskey # 616*6ba597c5SAnurag S. Maskey # We built the script in and pointing to /etc/svc/volatile because we 617*6ba597c5SAnurag S. Maskey # may not have a writable filesystem in net-nwam. So here we move the 618*6ba597c5SAnurag S. Maskey # components and rewrite the script to point at the writable filesystem. 619*6ba597c5SAnurag S. Maskey # 620*6ba597c5SAnurag S. Maskey $CP -r $SCRIPT_PATH/Legacy $LEGACY_LOC_PATH 621*6ba597c5SAnurag S. Maskey $MV $SCRIPT_PATH/create_loc_legacy $SCRIPT_PATH/vcreate_loc_legacy 622*6ba597c5SAnurag S. Maskey $SED -e's,/etc/svc/volatile/nwam/Legacy,/etc/nwam/loc/Legacy,' \ 623*6ba597c5SAnurag S. Maskey $SCRIPT_PATH/vcreate_loc_legacy >$SCRIPT_PATH/create_loc_legacy 624*6ba597c5SAnurag S. Maskey $NWAMCFG -f $SCRIPT_PATH/create_loc_legacy 625*6ba597c5SAnurag S. Maskey loc_ver=`$SVCPROP -c -p location_upgrade/version $LOCATION_FMRI \ 626*6ba597c5SAnurag S. Maskey 2>/dev/null` 627*6ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 628*6ba597c5SAnurag S. Maskey # 629*6ba597c5SAnurag S. Maskey # We are rewriting configuration variables from the Legacy 630*6ba597c5SAnurag S. Maskey # location to the User location. Use variable ULP to keep REs 631*6ba597c5SAnurag S. Maskey # within a line. 632*6ba597c5SAnurag S. Maskey # 633*6ba597c5SAnurag S. Maskey ULP=$USER_LOC_PATH 634*6ba597c5SAnurag S. Maskey $SED -e's,Legacy,User,' \ 635*6ba597c5SAnurag S. Maskey -e's,activation-mode=system,activation-mode=manual,' \ 636*6ba597c5SAnurag S. Maskey -e"s,\(ipfilter-config-file=\).*/\(.*\),\1$ULP/\2," \ 637*6ba597c5SAnurag S. Maskey -e"s,\(ipfilter-v6-config-file=\).*/\(.*\),\1$ULP/\2," \ 638*6ba597c5SAnurag S. Maskey -e"s,\(ipnat-config-file=\).*/\(.*\),\1$ULP/\2," \ 639*6ba597c5SAnurag S. Maskey -e"s,\(ippool-config-file=\).*/\(.*\),\1$ULP/\2," \ 640*6ba597c5SAnurag S. Maskey -e"s,\(ike-config-file=\).*/\(.*\),\1$ULP/\2," \ 641*6ba597c5SAnurag S. Maskey -e"s,\(ipsecpolicy-config-file=\).*/\(.*\),\1$ULP/\2," \ 642*6ba597c5SAnurag S. Maskey $SCRIPT_PATH/create_loc_legacy | \ 643*6ba597c5SAnurag S. Maskey $SED -e's,/etc/nwam/loc/User/none,/none,' \ 644*6ba597c5SAnurag S. Maskey -e's,/etc/nwam/loc/User/allow,/allow,' \ 645*6ba597c5SAnurag S. Maskey -e's,/etc/nwam/loc/User/deny,/deny,' \ 646*6ba597c5SAnurag S. Maskey >$SCRIPT_PATH/create_loc_user 647*6ba597c5SAnurag S. Maskey # 648*6ba597c5SAnurag S. Maskey # We are creating the User location here. The User location 649*6ba597c5SAnurag S. Maskey # is an appromixation of the machine configuration when the 650*6ba597c5SAnurag S. Maskey # user change or upgraded to this version of NWAM. First 651*6ba597c5SAnurag S. Maskey # we make sure there isn't an existing User location or any 652*6ba597c5SAnurag S. Maskey # existing User location data. We then copy all the data 653*6ba597c5SAnurag S. Maskey # from the Legacy location and create a location pointing at 654*6ba597c5SAnurag S. Maskey # that data. Lastly we create a version property to note 655*6ba597c5SAnurag S. Maskey # that we have done this. 656*6ba597c5SAnurag S. Maskey # 657*6ba597c5SAnurag S. Maskey $NWAMCFG destroy loc User 2>/dev/null 658*6ba597c5SAnurag S. Maskey $RM -rf $USER_LOC_PATH 659*6ba597c5SAnurag S. Maskey $CP -r $LEGACY_LOC_PATH $USER_LOC_PATH 660*6ba597c5SAnurag S. Maskey $RM -f $USER_LOC_PATH/resolv.conf 661*6ba597c5SAnurag S. Maskey $NWAMCFG -f $SCRIPT_PATH/create_loc_user 662*6ba597c5SAnurag S. Maskey # The User location is activated if 'nis' is in a non comment 663*6ba597c5SAnurag S. Maskey # line of nsswitch.conf. 664*6ba597c5SAnurag S. Maskey $GREP -v "^#" $USER_LOC_PATH/nsswitch.conf |\ 665*6ba597c5SAnurag S. Maskey $SED -e 's/[^:]*://' | $GREP nis >/dev/null 2>&1 666*6ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 667*6ba597c5SAnurag S. Maskey activate_user_loc=1 668*6ba597c5SAnurag S. Maskey fi 669*6ba597c5SAnurag S. Maskey $SVCCFG -s $SMF_FMRI addpg location_upgrade application \ 670*6ba597c5SAnurag S. Maskey 2>/dev/null 671*6ba597c5SAnurag S. Maskey $SVCCFG -s $SMF_FMRI setprop location_upgrade/version = \ 672*6ba597c5SAnurag S. Maskey astring: "1" 673*6ba597c5SAnurag S. Maskey fi 674*6ba597c5SAnurag S. Maskeyfi 675*6ba597c5SAnurag S. Maskey 676*6ba597c5SAnurag S. Maskey# 677*6ba597c5SAnurag S. Maskey# Activate a location. If we've just finished upgrading, and 678*6ba597c5SAnurag S. Maskey# the User location should be activated, do that (and use nwamadm 679*6ba597c5SAnurag S. Maskey# to do so, so the enabled property gets set and nwamd knows this 680*6ba597c5SAnurag S. Maskey# selection has been made). Otherwise, if our location/selected 681*6ba597c5SAnurag S. Maskey# property has a value, we activate that location; else we activate 682*6ba597c5SAnurag S. Maskey# the NoNet location as a default value. 683*6ba597c5SAnurag S. Maskey# 684*6ba597c5SAnurag S. Maskeyif [ $activate_user_loc -eq 1 ]; then 685*6ba597c5SAnurag S. Maskey $NWAMADM enable -p loc User 686*6ba597c5SAnurag S. Maskeyelse 687*6ba597c5SAnurag S. Maskey sel_loc=`$SVCPROP -c -p location/selected $SMF_FMRI 2>/dev/null` 688*6ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 689*6ba597c5SAnurag S. Maskey # location hasn't been selected; default to NoNet 690*6ba597c5SAnurag S. Maskey activate_loc NoNet 691*6ba597c5SAnurag S. Maskey else 692*6ba597c5SAnurag S. Maskey # activate selected location 693*6ba597c5SAnurag S. Maskey activate_loc $sel_loc 694*6ba597c5SAnurag S. Maskey fi 695*6ba597c5SAnurag S. Maskeyfi 696*6ba597c5SAnurag S. Maskey 697*6ba597c5SAnurag S. Maskeyexit $SMF_EXIT_OK 698