16ba597c5SAnurag S. Maskey#!/sbin/sh 26ba597c5SAnurag S. Maskey# 36ba597c5SAnurag S. Maskey# CDDL HEADER START 46ba597c5SAnurag S. Maskey# 56ba597c5SAnurag S. Maskey# The contents of this file are subject to the terms of the 66ba597c5SAnurag S. Maskey# Common Development and Distribution License (the "License"). 76ba597c5SAnurag S. Maskey# You may not use this file except in compliance with the License. 86ba597c5SAnurag S. Maskey# 96ba597c5SAnurag S. Maskey# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 106ba597c5SAnurag S. Maskey# or http://www.opensolaris.org/os/licensing. 116ba597c5SAnurag S. Maskey# See the License for the specific language governing permissions 126ba597c5SAnurag S. Maskey# and limitations under the License. 136ba597c5SAnurag S. Maskey# 146ba597c5SAnurag S. Maskey# When distributing Covered Code, include this CDDL HEADER in each 156ba597c5SAnurag S. Maskey# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 166ba597c5SAnurag S. Maskey# If applicable, add the following below this CDDL HEADER, with the 176ba597c5SAnurag S. Maskey# fields enclosed by brackets "[]" replaced with your own identifying 186ba597c5SAnurag S. Maskey# information: Portions Copyright [yyyy] [name of copyright owner] 196ba597c5SAnurag S. Maskey# 206ba597c5SAnurag S. Maskey# CDDL HEADER END 216ba597c5SAnurag S. Maskey# 226ba597c5SAnurag S. Maskey# 234a44f0a1SAnurag S. Maskey# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. 246ba597c5SAnurag S. Maskey# 256ba597c5SAnurag S. Maskey 266ba597c5SAnurag S. Maskey. /lib/svc/share/smf_include.sh 276ba597c5SAnurag S. Maskey. /lib/svc/share/net_include.sh 286ba597c5SAnurag S. Maskey 296ba597c5SAnurag S. Maskey# FMRI consts 306ba597c5SAnurag S. MaskeyAUTOFS_FMRI="svc:/system/filesystem/autofs" 316ba597c5SAnurag S. MaskeyDNS_CLIENT_FMRI="svc:/network/dns/client" 326ba597c5SAnurag S. MaskeyIPSEC_IKE_FMRI="svc:/network/ipsec/ike" 336ba597c5SAnurag S. MaskeyIPSEC_POLICY_FMRI="svc:/network/ipsec/policy" 346ba597c5SAnurag S. MaskeyIPFILTER_FMRI="svc:/network/ipfilter:default" 356ba597c5SAnurag S. MaskeyLDAP_CLIENT_FMRI="svc:/network/ldap/client" 366ba597c5SAnurag S. MaskeyLOCATION_FMRI="svc:/network/location:default" 376ba597c5SAnurag S. MaskeyMAPID_FMRI="svc:/network/nfs/mapid:default" 386ba597c5SAnurag S. MaskeyNIS_CLIENT_FMRI="svc:/network/nis/client" 396ba597c5SAnurag S. MaskeyNWAM_FMRI="svc:/network/physical:nwam" 406ba597c5SAnurag S. Maskey 416ba597c5SAnurag S. Maskey# commands 426ba597c5SAnurag S. MaskeyCP=/usr/bin/cp 436ba597c5SAnurag S. MaskeyDHCPINFO=/sbin/dhcpinfo 446ba597c5SAnurag S. MaskeyDOMAINNAME=/usr/bin/domainname 456ba597c5SAnurag S. MaskeyGREP=/usr/bin/grep 466ba597c5SAnurag S. MaskeyLDAPCLIENT=/usr/sbin/ldapclient 476ba597c5SAnurag S. MaskeyMKDIR=/usr/bin/mkdir 486ba597c5SAnurag S. MaskeyMV=/usr/bin/mv 496ba597c5SAnurag S. MaskeyNAWK=/usr/bin/nawk 506ba597c5SAnurag S. MaskeyNWAMADM=/usr/sbin/nwamadm 516ba597c5SAnurag S. MaskeyNWAMCFG=/usr/sbin/nwamcfg 526ba597c5SAnurag S. MaskeyRM=/usr/bin/rm 536ba597c5SAnurag S. MaskeySED=/usr/bin/sed 546ba597c5SAnurag S. MaskeySVCADM=/usr/sbin/svcadm 556ba597c5SAnurag S. MaskeySVCCFG=/usr/sbin/svccfg 566ba597c5SAnurag S. MaskeySVCPROP=/usr/bin/svcprop 576ba597c5SAnurag S. MaskeyTOUCH=/usr/bin/touch 586ba597c5SAnurag S. Maskey 596ba597c5SAnurag S. Maskey# Path to directories 606ba597c5SAnurag S. MaskeyETC_DEFAULT_DOMAIN=/etc/defaultdomain 616ba597c5SAnurag S. MaskeyNIS_BIND_PATH=/var/yp/binding 626ba597c5SAnurag S. MaskeyLEGACY_LOC_PATH=/etc/nwam/loc/Legacy 636ba597c5SAnurag S. MaskeyUSER_LOC_PATH=/etc/nwam/loc/User 646ba597c5SAnurag S. MaskeySCRIPT_PATH=/etc/svc/volatile/nwam 656ba597c5SAnurag S. Maskey 666ba597c5SAnurag S. Maskey# 676ba597c5SAnurag S. Maskey# echoes DHCP controlled interfaces separated by commas 686ba597c5SAnurag S. Maskey# 696ba597c5SAnurag S. Maskey# Don't parse the output of ifconfig(1M) because interfaces that haven't 706ba597c5SAnurag S. Maskey# acquired a DHCP lease also have the DHCP flag set. 716ba597c5SAnurag S. Maskey# 726ba597c5SAnurag S. Maskeyget_dhcp_interfaces () { 736ba597c5SAnurag S. Maskey # 746ba597c5SAnurag S. Maskey # 1. parse netstat(1M) output for v4 interfaces in BOUND 756ba597c5SAnurag S. Maskey # or INFORMATION state 766ba597c5SAnurag S. Maskey # 2. make a space-separated list of interface names 776ba597c5SAnurag S. Maskey # 786ba597c5SAnurag S. Maskey netstat -D -f inet | $NAWK ' 796ba597c5SAnurag S. Maskey $2 ~ /BOUND/ { printf "%s ", $1 } 806ba597c5SAnurag S. Maskey $2 ~ /INFORMATION/ { printf "%s ", $1 }' 816ba597c5SAnurag S. Maskey} 826ba597c5SAnurag S. Maskey 836ba597c5SAnurag S. Maskey# 846ba597c5SAnurag S. Maskey# get_dhcpinfo <code/identifier> 856ba597c5SAnurag S. Maskey# 866ba597c5SAnurag S. Maskey# echoes the value received through each interface controlled by DHCP 876ba597c5SAnurag S. Maskey# returns: 886ba597c5SAnurag S. Maskey# 0 => property is set 896ba597c5SAnurag S. Maskey# 1 => property is not set 906ba597c5SAnurag S. Maskey# 916ba597c5SAnurag S. Maskeyget_dhcpinfo () { 926ba597c5SAnurag S. Maskey code=$1 936ba597c5SAnurag S. Maskey 946ba597c5SAnurag S. Maskey # Get all interfaces with DHCP control, IFS is " " 956ba597c5SAnurag S. Maskey interfaces=`get_dhcp_interfaces` 966ba597c5SAnurag S. Maskey 976ba597c5SAnurag S. Maskey info="" 986ba597c5SAnurag S. Maskey for intf in $interfaces; do 996ba597c5SAnurag S. Maskey val=`$DHCPINFO -i $intf $code` 1006ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 1016ba597c5SAnurag S. Maskey if [ "$info" = "" ]; then 1026ba597c5SAnurag S. Maskey info="$val" 1036ba597c5SAnurag S. Maskey else 1046ba597c5SAnurag S. Maskey info="$info,$val" 1056ba597c5SAnurag S. Maskey fi 1066ba597c5SAnurag S. Maskey fi 1076ba597c5SAnurag S. Maskey done 1086ba597c5SAnurag S. Maskey echo $info 1096ba597c5SAnurag S. Maskey} 1106ba597c5SAnurag S. Maskey 1116ba597c5SAnurag S. Maskey# 1126ba597c5SAnurag S. Maskey# set_smf_prop <fmri> <property name> <property value> 1136ba597c5SAnurag S. Maskey# 1146ba597c5SAnurag S. Maskeyset_smf_prop () { 1156ba597c5SAnurag S. Maskey $SVCCFG -s $1 setprop $2 = astring: "$3" && return 1166ba597c5SAnurag S. Maskey} 1176ba597c5SAnurag S. Maskey 1186ba597c5SAnurag S. Maskey# 1196ba597c5SAnurag S. Maskey# refresh_svc <fmri> 1206ba597c5SAnurag S. Maskey# 1216ba597c5SAnurag S. Maskey# Refreshes the service. 1226ba597c5SAnurag S. Maskey# 1236ba597c5SAnurag S. Maskeyrefresh_svc () { 1246ba597c5SAnurag S. Maskey $SVCADM refresh $1 1256ba597c5SAnurag S. Maskey} 1266ba597c5SAnurag S. Maskey 1276ba597c5SAnurag S. Maskey# 1286ba597c5SAnurag S. Maskey# restart_svc <fmri> 1296ba597c5SAnurag S. Maskey# 1306ba597c5SAnurag S. Maskey# Restarts the service. 1316ba597c5SAnurag S. Maskey# 1326ba597c5SAnurag S. Maskeyrestart_svc () { 1336ba597c5SAnurag S. Maskey $SVCADM restart $1 1346ba597c5SAnurag S. Maskey} 1356ba597c5SAnurag S. Maskey 1366ba597c5SAnurag S. Maskey# 1376ba597c5SAnurag S. Maskey# start_svc <fmri> 1386ba597c5SAnurag S. Maskey# 1396ba597c5SAnurag S. Maskey# Starts the service. If the service is already enabled, restarts it. If 1406ba597c5SAnurag S. Maskey# it is not enabled, temporarily enables it. 1416ba597c5SAnurag S. Maskey# 1426ba597c5SAnurag S. Maskeystart_svc () { 1436ba597c5SAnurag S. Maskey if service_is_enabled $1; then 1446ba597c5SAnurag S. Maskey $SVCADM restart $1 1456ba597c5SAnurag S. Maskey else 1466ba597c5SAnurag S. Maskey $SVCADM enable -t $1 1476ba597c5SAnurag S. Maskey fi 1486ba597c5SAnurag S. Maskey} 1496ba597c5SAnurag S. Maskey 1506ba597c5SAnurag S. Maskey# 1516ba597c5SAnurag S. Maskey# stop_svc <fmri> 1526ba597c5SAnurag S. Maskey# 1536ba597c5SAnurag S. Maskey# Temporarily disables the service. 1546ba597c5SAnurag S. Maskey# 1556ba597c5SAnurag S. Maskeystop_svc () { 1566ba597c5SAnurag S. Maskey $SVCADM disable -t $1 1576ba597c5SAnurag S. Maskey} 1586ba597c5SAnurag S. Maskey 1596ba597c5SAnurag S. Maskey# 1606ba597c5SAnurag S. Maskey# copy_default <dir> <file> 1616ba597c5SAnurag S. Maskey# 1626ba597c5SAnurag S. Maskey# Copies <dir>/<file>.dfl to <dir>/<file> 1636ba597c5SAnurag S. Maskey# 1646ba597c5SAnurag S. Maskeycopy_default () { 1656ba597c5SAnurag S. Maskey $CP -p $1/$2.dfl $1/$2 1666ba597c5SAnurag S. Maskey} 1676ba597c5SAnurag S. Maskey 168*ad559becSAnurag S. Maskey# 169*ad559becSAnurag S. Maskey# enable_nonet 170*ad559becSAnurag S. Maskey# 171*ad559becSAnurag S. Maskey# Enables the NoNet location. This function is called whenever an error is 172*ad559becSAnurag S. Maskey# detected in the location currently being activated (missing property or the 173*ad559becSAnurag S. Maskey# location itself). 174*ad559becSAnurag S. Maskey# 175*ad559becSAnurag S. Maskeyenable_nonet () { 176*ad559becSAnurag S. Maskey echo "reverting to NoNet location" 177*ad559becSAnurag S. Maskey set_smf_prop $SMF_FMRI location/selected NoNet 178*ad559becSAnurag S. Maskey refresh_svc $SMF_FMRI 179*ad559becSAnurag S. Maskey # Refresh nwam so that it re-does the condition checking 180*ad559becSAnurag S. Maskey refresh_svc $NWAM_FMRI 181*ad559becSAnurag S. Maskey} 182*ad559becSAnurag S. Maskey 1836ba597c5SAnurag S. Maskey# 1846ba597c5SAnurag S. Maskey# do_dns <location> 1856ba597c5SAnurag S. Maskey# 1866ba597c5SAnurag S. Maskey# Installs DNS information on /etc/resolv.conf for location 1876ba597c5SAnurag S. Maskey# 1886ba597c5SAnurag S. Maskeydo_dns () { 1896ba597c5SAnurag S. Maskey loc=$1 1906ba597c5SAnurag S. Maskey file=/etc/resolv.conf 1916ba597c5SAnurag S. Maskey 1926ba597c5SAnurag S. Maskey # Write out to temporary file first 1936ba597c5SAnurag S. Maskey $TOUCH $file.$$ 1946ba597c5SAnurag S. Maskey 1956ba597c5SAnurag S. Maskey DNS_CONFIGSRC=`nwam_get_loc_prop $loc dns-nameservice-configsrc` 196*ad559becSAnurag S. Maskey if [ -z "$DNS_CONFIGSRC" ]; then 197*ad559becSAnurag S. Maskey echo "missing 'dns-nameservice-configsrc' property for '$loc'" 198*ad559becSAnurag S. Maskey enable_nonet 199*ad559becSAnurag S. Maskey return 200*ad559becSAnurag S. Maskey fi 201*ad559becSAnurag S. Maskey 2026ba597c5SAnurag S. Maskey (IFS=" "; 203*ad559becSAnurag S. Maskey dns_server_set=false 2046ba597c5SAnurag S. Maskey for configsrc in $DNS_CONFIGSRC; do 2056ba597c5SAnurag S. Maskey case "$configsrc" in 2066ba597c5SAnurag S. Maskey 'manual') 2076ba597c5SAnurag S. Maskey DNS_DOMAIN=`nwam_get_loc_prop $loc \ 2086ba597c5SAnurag S. Maskey dns-nameservice-domain` 2096ba597c5SAnurag S. Maskey DNS_SERVERS=`nwam_get_loc_prop $loc \ 2106ba597c5SAnurag S. Maskey dns-nameservice-servers` 2116ba597c5SAnurag S. Maskey DNS_SEARCH=`nwam_get_loc_prop $loc \ 2126ba597c5SAnurag S. Maskey dns-nameservice-search` 2136ba597c5SAnurag S. Maskey ;; 2146ba597c5SAnurag S. Maskey 'dhcp') 2156ba597c5SAnurag S. Maskey DNS_DOMAIN=`get_dhcpinfo DNSdmain` 2166ba597c5SAnurag S. Maskey DNS_SERVERS=`get_dhcpinfo DNSserv` 2176ba597c5SAnurag S. Maskey # No DNS search info for IPv4 2186ba597c5SAnurag S. Maskey ;; 2196ba597c5SAnurag S. Maskey '*') 2206ba597c5SAnurag S. Maskey echo "Unrecognized DNS configsrc ${configsrc}; ignoring" 2216ba597c5SAnurag S. Maskey ;; 2226ba597c5SAnurag S. Maskey esac 2236ba597c5SAnurag S. Maskey 2246ba597c5SAnurag S. Maskey # Write DNS settings 2256ba597c5SAnurag S. Maskey if [ -n "$DNS_DOMAIN" ]; then 2266ba597c5SAnurag S. Maskey echo "$DNS_DOMAIN" | $NAWK \ 2276ba597c5SAnurag S. Maskey 'FS="," { for (i = 1; i <= NF; i++) \ 2286ba597c5SAnurag S. Maskey print "domain ", $i }' >> $file.$$ 2296ba597c5SAnurag S. Maskey fi 2306ba597c5SAnurag S. Maskey if [ -n "$DNS_SEARCH" ]; then 2316ba597c5SAnurag S. Maskey echo "$DNS_SEARCH" | $NAWK \ 2326ba597c5SAnurag S. Maskey 'FS="," { printf("search"); \ 2336ba597c5SAnurag S. Maskey for (i = 1; i <= NF; i++) printf(" %s", $i); \ 2346ba597c5SAnurag S. Maskey printf("\n") }' >> $file.$$ 2356ba597c5SAnurag S. Maskey fi 2366ba597c5SAnurag S. Maskey if [ -n "$DNS_SERVERS" ]; then 237*ad559becSAnurag S. Maskey dns_server_set=true 2386ba597c5SAnurag S. Maskey echo "$DNS_SERVERS" | $NAWK \ 2396ba597c5SAnurag S. Maskey 'FS="," { for (i = 1; i <= NF; i++) \ 2406ba597c5SAnurag S. Maskey print "nameserver ", $i }' >> $file.$$ 2416ba597c5SAnurag S. Maskey fi 242*ad559becSAnurag S. Maskey done 243*ad559becSAnurag S. Maskey if [ "$dns_server_set" = "false" ]; then 244*ad559becSAnurag S. Maskey echo "DNS nameserver not set for '$loc'" 245*ad559becSAnurag S. Maskey enable_nonet 246*ad559becSAnurag S. Maskey return 247*ad559becSAnurag S. Maskey fi 2486ba597c5SAnurag S. Maskey ) 249*ad559becSAnurag S. Maskey 2506ba597c5SAnurag S. Maskey # Finally, copy our working version to the real thing 2516ba597c5SAnurag S. Maskey $MV -f $file.$$ $file 2526ba597c5SAnurag S. Maskey start_svc $DNS_CLIENT_FMRI 2536ba597c5SAnurag S. Maskey} 2546ba597c5SAnurag S. Maskey 2556ba597c5SAnurag S. Maskey# 2566ba597c5SAnurag S. Maskey# do_nis <location> 2576ba597c5SAnurag S. Maskey# 2586ba597c5SAnurag S. Maskey# Installs NIS information on /var/yp/binding/ for location 2596ba597c5SAnurag S. Maskey# 2606ba597c5SAnurag S. Maskeydo_nis () { 2616ba597c5SAnurag S. Maskey loc=$1 2626ba597c5SAnurag S. Maskey 2636ba597c5SAnurag S. Maskey NIS_CONFIGSRC=`nwam_get_loc_prop $loc nis-nameservice-configsrc` 264*ad559becSAnurag S. Maskey if [ -z "$NIS_CONFIGSRC" ]; then 265*ad559becSAnurag S. Maskey echo "missing 'nis-nameservice-configsrc' property for '$loc'" 266*ad559becSAnurag S. Maskey enable_nonet 267*ad559becSAnurag S. Maskey return 268*ad559becSAnurag S. Maskey fi 269*ad559becSAnurag S. Maskey 2706ba597c5SAnurag S. Maskey (IFS=" "; 2716ba597c5SAnurag S. Maskey domainname_set=false 2726ba597c5SAnurag S. Maskey for configsrc in $NIS_CONFIGSRC; do 2736ba597c5SAnurag S. Maskey case "$configsrc" in 2746ba597c5SAnurag S. Maskey 'manual') 2756ba597c5SAnurag S. Maskey NIS_SERVERS=`nwam_get_loc_prop $loc \ 2766ba597c5SAnurag S. Maskey nis-nameservice-servers` 2776ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 2786ba597c5SAnurag S. Maskey # user-specified default-domain always wins 279*ad559becSAnurag S. Maskey if [ -n "$DEFAULT_DOMAIN" ]; then 280*ad559becSAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 281*ad559becSAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 282*ad559becSAnurag S. Maskey domainname_set=true 283*ad559becSAnurag S. Maskey fi 2846ba597c5SAnurag S. Maskey ;; 2856ba597c5SAnurag S. Maskey 'dhcp') 2866ba597c5SAnurag S. Maskey # Use only the first name 2876ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`get_dhcpinfo NISdmain | \ 2886ba597c5SAnurag S. Maskey $NAWK 'FS="," { print $1 }'` 2896ba597c5SAnurag S. Maskey NIS_SERVERS=`get_dhcpinfo NISservs` 2906ba597c5SAnurag S. Maskey if [ "$domainname_set" = "false" ]; then 2916ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 2926ba597c5SAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 2936ba597c5SAnurag S. Maskey domainname_set=true 2946ba597c5SAnurag S. Maskey fi 2956ba597c5SAnurag S. Maskey ;; 2966ba597c5SAnurag S. Maskey '*') 2976ba597c5SAnurag S. Maskey echo "Unrecognized NIS configsrc ${configsrc}; ignoring" 2986ba597c5SAnurag S. Maskey ;; 2996ba597c5SAnurag S. Maskey esac 3006ba597c5SAnurag S. Maskey 3016ba597c5SAnurag S. Maskey # Place NIS settings in appropriate directory/file. 3026ba597c5SAnurag S. Maskey if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then 3036ba597c5SAnurag S. Maskey $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN 3046ba597c5SAnurag S. Maskey fi 3056ba597c5SAnurag S. Maskey if [ -n "$NIS_SERVERS" ]; then 3066ba597c5SAnurag S. Maskey echo "$NIS_SERVERS" | $NAWK \ 3076ba597c5SAnurag S. Maskey 'FS="," { for (i = 1; i <= NF; i++) print $i }' \ 3086ba597c5SAnurag S. Maskey > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers 3096ba597c5SAnurag S. Maskey fi 3106ba597c5SAnurag S. Maskey done 311*ad559becSAnurag S. Maskey if [ "$domainname_set" = "false" ]; then 312*ad559becSAnurag S. Maskey echo "'domainname' not set for '$loc'" 313*ad559becSAnurag S. Maskey enable_nonet 314*ad559becSAnurag S. Maskey return 315*ad559becSAnurag S. Maskey fi 3166ba597c5SAnurag S. Maskey ) 3176ba597c5SAnurag S. Maskey start_svc $NIS_CLIENT_FMRI 3186ba597c5SAnurag S. Maskey} 3196ba597c5SAnurag S. Maskey 3206ba597c5SAnurag S. Maskey# 3216ba597c5SAnurag S. Maskey# do_ldap <location> 3226ba597c5SAnurag S. Maskey# 3236ba597c5SAnurag S. Maskey# Installs LDAP information using ldapclient(1M) for location 3246ba597c5SAnurag S. Maskey# 3256ba597c5SAnurag S. Maskeydo_ldap () { 3266ba597c5SAnurag S. Maskey loc=$1 3276ba597c5SAnurag S. Maskey 3286ba597c5SAnurag S. Maskey LDAP_CONFIGSRC=`nwam_get_loc_prop $loc ldap-nameservice-configsrc` 329*ad559becSAnurag S. Maskey if [ -z "$LDAP_CONFIGSRC" ]; then 330*ad559becSAnurag S. Maskey echo "missing 'ldap-nameservice-configsrc' property for '$loc'" 331*ad559becSAnurag S. Maskey enable_nonet 332*ad559becSAnurag S. Maskey return 333*ad559becSAnurag S. Maskey fi 334*ad559becSAnurag S. Maskey 3356ba597c5SAnurag S. Maskey (IFS=" "; 336*ad559becSAnurag S. Maskey ldap_config_set=false 3376ba597c5SAnurag S. Maskey for configsrc in $LDAP_CONFIGSRC; do 3386ba597c5SAnurag S. Maskey case "$configsrc" in 3396ba597c5SAnurag S. Maskey 'manual') 3406ba597c5SAnurag S. Maskey LDAP_SERVERS=`nwam_get_loc_prop $loc \ 3416ba597c5SAnurag S. Maskey ldap-nameservice-servers` 3426ba597c5SAnurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 3436ba597c5SAnurag S. Maskey $DOMAINNAME $DEFAULT_DOMAIN 3446ba597c5SAnurag S. Maskey $DOMAINNAME > $ETC_DEFAULT_DOMAIN 3456ba597c5SAnurag S. Maskey ;; 3466ba597c5SAnurag S. Maskey '*') 3476ba597c5SAnurag S. Maskey echo "Unrecognized LDAP configsrc ${configsrc}; ignoring" 3486ba597c5SAnurag S. Maskey ;; 3496ba597c5SAnurag S. Maskey esac 3506ba597c5SAnurag S. Maskey 3516ba597c5SAnurag S. Maskey # Use ldapclient(1M) to initialize LDAP client settings. 3526ba597c5SAnurag S. Maskey if [ -n "$DEFAULT_DOMAIN" -o -n "$LDAP_SERVERS" ]; then 353*ad559becSAnurag S. Maskey ldap_config_set=true 3546ba597c5SAnurag S. Maskey # XXX need to check how to specify multiple LDAP servers. 3556ba597c5SAnurag S. Maskey $LDAPCLIENT init -a domainName=$DEFAULT_DOMAIN \ 3566ba597c5SAnurag S. Maskey $LDAP_SERVERS 3576ba597c5SAnurag S. Maskey fi 3586ba597c5SAnurag S. Maskey done 359*ad559becSAnurag S. Maskey if [ "$ldap_config_set" = "false" ]; then 360*ad559becSAnurag S. Maskey echo "LDAP configuration could not be set for '$loc'" 361*ad559becSAnurag S. Maskey enable_nonet 362*ad559becSAnurag S. Maskey return 363*ad559becSAnurag S. Maskey fi 3646ba597c5SAnurag S. Maskey ) 3656ba597c5SAnurag S. Maskey start_svc $LDAP_CLIENT_FMRI 3666ba597c5SAnurag S. Maskey} 3676ba597c5SAnurag S. Maskey 3686ba597c5SAnurag S. Maskey# 3696ba597c5SAnurag S. Maskey# do_ns <location> 3706ba597c5SAnurag S. Maskey# 3716ba597c5SAnurag S. Maskey# Installs different nameservices for location 3726ba597c5SAnurag S. Maskey# 3736ba597c5SAnurag S. Maskeydo_ns () { 3746ba597c5SAnurag S. Maskey loc=$1 3756ba597c5SAnurag S. Maskey 3766ba597c5SAnurag S. Maskey # 3776ba597c5SAnurag S. Maskey # Disable nameservices temporarily while we reconfigure. Copy 3786ba597c5SAnurag S. Maskey # /etc/nsswitch.files to /etc/nsswitch.conf first so that only "files" 3796ba597c5SAnurag S. Maskey # are used. 3806ba597c5SAnurag S. Maskey # 3816ba597c5SAnurag S. Maskey $CP -p /etc/nsswitch.files /etc/nsswitch.conf 3826ba597c5SAnurag S. Maskey stop_svc $DNS_CLIENT_FMRI 3836ba597c5SAnurag S. Maskey stop_svc $NIS_CLIENT_FMRI 3846ba597c5SAnurag S. Maskey stop_svc $LDAP_CLIENT_FMRI 3856ba597c5SAnurag S. Maskey 3866ba597c5SAnurag S. Maskey # 3876ba597c5SAnurag S. Maskey # Remove /etc/defaultdomain and unset domainname(1M). If NIS 3886ba597c5SAnurag S. Maskey # and/or LDAP is configured, they will create /etc/defaultdomain 3896ba597c5SAnurag S. Maskey # and set the domainname(1M). 3906ba597c5SAnurag S. Maskey # 3916ba597c5SAnurag S. Maskey $RM -f $ETC_DEFAULT_DOMAIN 3926ba597c5SAnurag S. Maskey $DOMAINNAME " " 3936ba597c5SAnurag S. Maskey 3946ba597c5SAnurag S. Maskey NAMESERVICES=`nwam_get_loc_prop $loc nameservices` 395*ad559becSAnurag S. Maskey if [ -z "$NAMESERVICES" ]; then 396*ad559becSAnurag S. Maskey echo "missing 'nameservices' property for location '$loc'" 397*ad559becSAnurag S. Maskey enable_nonet 398*ad559becSAnurag S. Maskey return 399*ad559becSAnurag S. Maskey fi 4006ba597c5SAnurag S. Maskey 401*ad559becSAnurag S. Maskey NAMESERVICES_CONFIG_FILE=`nwam_get_loc_prop \ 402*ad559becSAnurag S. Maskey $loc nameservices-config-file` 403*ad559becSAnurag S. Maskey if [ -z "$NAMESERVICES_CONFIG_FILE" ]; then 404*ad559becSAnurag S. Maskey echo "missing 'nameservices-config-file' property for '$loc'" 405*ad559becSAnurag S. Maskey enable_nonet 406*ad559becSAnurag S. Maskey return 4076ba597c5SAnurag S. Maskey fi 408*ad559becSAnurag S. Maskey $CP -p $NAMESERVICES_CONFIG_FILE /etc/nsswitch.conf 4096ba597c5SAnurag S. Maskey 4106ba597c5SAnurag S. Maskey (IFS=,; 4116ba597c5SAnurag S. Maskey for ns in $NAMESERVICES; do 4126ba597c5SAnurag S. Maskey case "$ns" in 4136ba597c5SAnurag S. Maskey 'files') 4146ba597c5SAnurag S. Maskey # no additional setup needed for files nameservice 4156ba597c5SAnurag S. Maskey ;; 4166ba597c5SAnurag S. Maskey 'dns') 4176ba597c5SAnurag S. Maskey do_dns $loc 4186ba597c5SAnurag S. Maskey ;; 4196ba597c5SAnurag S. Maskey 'nis') 4206ba597c5SAnurag S. Maskey do_nis $loc 4216ba597c5SAnurag S. Maskey ;; 4226ba597c5SAnurag S. Maskey 'ldap') 4236ba597c5SAnurag S. Maskey do_ldap $loc 4246ba597c5SAnurag S. Maskey ;; 4256ba597c5SAnurag S. Maskey '*') 4266ba597c5SAnurag S. Maskey echo "Unrecognized nameservices value ${ns}; ignoring" 4276ba597c5SAnurag S. Maskey ;; 4286ba597c5SAnurag S. Maskey esac 4296ba597c5SAnurag S. Maskey done 4306ba597c5SAnurag S. Maskey ) 4316ba597c5SAnurag S. Maskey 4326ba597c5SAnurag S. Maskey # 4336ba597c5SAnurag S. Maskey # Restart other related services 4346ba597c5SAnurag S. Maskey # 4356ba597c5SAnurag S. Maskey # We explicitly restart here, as restart will only have an 4366ba597c5SAnurag S. Maskey # effect if the service is already enabled. We don't want 4376ba597c5SAnurag S. Maskey # to enable the service if it's currently disabled. 4386ba597c5SAnurag S. Maskey # 4396ba597c5SAnurag S. Maskey restart_svc $AUTOFS_FMRI 4406ba597c5SAnurag S. Maskey} 4416ba597c5SAnurag S. Maskey 4426ba597c5SAnurag S. Maskey# 4436ba597c5SAnurag S. Maskey# do_sec <location> 4446ba597c5SAnurag S. Maskey# 4456ba597c5SAnurag S. Maskey# If config properties are set, update the SMF property and refresh the 4466ba597c5SAnurag S. Maskey# service. If config properties are not set, delete the SMF property and 4476ba597c5SAnurag S. Maskey# stop the service. 4486ba597c5SAnurag S. Maskey# 4496ba597c5SAnurag S. Maskeydo_sec () { 4506ba597c5SAnurag S. Maskey loc=$1 4516ba597c5SAnurag S. Maskey 4526ba597c5SAnurag S. Maskey ike_file=`nwam_get_loc_prop $loc ike-config-file` 4536ba597c5SAnurag S. Maskey pol_file=`nwam_get_loc_prop $loc ipsecpolicy-config-file` 4546ba597c5SAnurag S. Maskey ipf_file=`nwam_get_loc_prop $loc ipfilter-config-file` 4556ba597c5SAnurag S. Maskey ipf6_file=`nwam_get_loc_prop $loc ipfilter-v6-config-file` 4566ba597c5SAnurag S. Maskey ipnat_file=`nwam_get_loc_prop $loc ipnat-config-file` 4576ba597c5SAnurag S. Maskey ippool_file=`nwam_get_loc_prop $loc ippool-config-file` 4586ba597c5SAnurag S. Maskey 4596ba597c5SAnurag S. Maskey # IKE 4606ba597c5SAnurag S. Maskey if [ -n "$ike_file" ]; then 4616ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file $ike_file 4626ba597c5SAnurag S. Maskey refresh_svc $IPSEC_IKE_FMRI 4636ba597c5SAnurag S. Maskey start_svc $IPSEC_IKE_FMRI 4646ba597c5SAnurag S. Maskey else 4656ba597c5SAnurag S. Maskey stop_svc $IPSEC_IKE_FMRI 4666ba597c5SAnurag S. Maskey fi 4676ba597c5SAnurag S. Maskey 4686ba597c5SAnurag S. Maskey # IPsec 4696ba597c5SAnurag S. Maskey if [ -n "$pol_file" ]; then 4706ba597c5SAnurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file 4716ba597c5SAnurag S. Maskey refresh_svc $IPSEC_POLICY_FMRI 4726ba597c5SAnurag S. Maskey start_svc $IPSEC_POLICY_FMRI 4736ba597c5SAnurag S. Maskey else 4746ba597c5SAnurag S. Maskey stop_svc $IPSEC_POLICY_FMRI 4756ba597c5SAnurag S. Maskey fi 4766ba597c5SAnurag S. Maskey 4776ba597c5SAnurag S. Maskey # IPFilter 4786ba597c5SAnurag S. Maskey refresh_ipf=false 4796ba597c5SAnurag S. Maskey if [ -n "$ipf_file" ]; then 4806ba597c5SAnurag S. Maskey if [ "$ipf_file" = "/none" ]; then 4816ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4826ba597c5SAnurag S. Maskey firewall_config_default/policy "none" 4836ba597c5SAnurag S. Maskey elif [ "$ipf_file" = "/deny" ]; then 4846ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4856ba597c5SAnurag S. Maskey firewall_config_default/policy "deny" 4866ba597c5SAnurag S. Maskey elif [ "$ipf_file" = "/allow" ]; then 4876ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4886ba597c5SAnurag S. Maskey firewall_config_default/policy "allow" 4896ba597c5SAnurag S. Maskey else 4906ba597c5SAnurag S. Maskey # custom policy with policy file 4916ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4926ba597c5SAnurag S. Maskey firewall_config_default/policy "custom" 4936ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI \ 4946ba597c5SAnurag S. Maskey firewall_config_default/custom_policy_file $ipf_file 4956ba597c5SAnurag S. Maskey fi 4966ba597c5SAnurag S. Maskey refresh_ipf=true 4976ba597c5SAnurag S. Maskey else 4986ba597c5SAnurag S. Maskey # change policy to "none", no need to clear custom_policy_file 4996ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI firewall_config_default/policy \ 5006ba597c5SAnurag S. Maskey "none" 5016ba597c5SAnurag S. Maskey # IPFilter has to be refreshed to make the changes effective. 5026ba597c5SAnurag S. Maskey # Don't set $refresh_ipf as it keeps IPFilter online rather 5036ba597c5SAnurag S. Maskey # than disabled. Refresh after IPFilter is disabled below. 5046ba597c5SAnurag S. Maskey fi 5056ba597c5SAnurag S. Maskey if [ -n "$ipf6_file" ]; then 5066ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file 5076ba597c5SAnurag S. Maskey refresh_ipf=true 5086ba597c5SAnurag S. Maskey fi 5096ba597c5SAnurag S. Maskey if [ -n "$ipnat_file" ]; then 5106ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file $ipnat_file 5116ba597c5SAnurag S. Maskey refresh_ipf=true 5126ba597c5SAnurag S. Maskey fi 5136ba597c5SAnurag S. Maskey if [ -n "$ippool_file" ]; then 5146ba597c5SAnurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 5156ba597c5SAnurag S. Maskey $ippool_file 5166ba597c5SAnurag S. Maskey refresh_ipf=true 5176ba597c5SAnurag S. Maskey fi 5186ba597c5SAnurag S. Maskey 5196ba597c5SAnurag S. Maskey if [ "$refresh_ipf" = "true" ]; then 5206ba597c5SAnurag S. Maskey refresh_svc $IPFILTER_FMRI 5216ba597c5SAnurag S. Maskey start_svc $IPFILTER_FMRI 5226ba597c5SAnurag S. Maskey else 5236ba597c5SAnurag S. Maskey stop_svc $IPFILTER_FMRI 5246ba597c5SAnurag S. Maskey refresh_svc $IPFILTER_FMRI 5256ba597c5SAnurag S. Maskey fi 5266ba597c5SAnurag S. Maskey} 5276ba597c5SAnurag S. Maskey 5286ba597c5SAnurag S. Maskey# 5296ba597c5SAnurag S. Maskey# update_nfs_file <new nfsv4 domain> 5306ba597c5SAnurag S. Maskey# 5316ba597c5SAnurag S. Maskeyupdate_nfs_file () { 5326ba597c5SAnurag S. Maskey domain=$1 5336ba597c5SAnurag S. Maskey file=/etc/default/nfs 5346ba597c5SAnurag S. Maskey 5356ba597c5SAnurag S. Maskey # 5366ba597c5SAnurag S. Maskey # For non-commented-out lines that set NFSMAPID_DOMAIN: 5376ba597c5SAnurag S. Maskey # if not previously added by nwam, comment out with a note 5386ba597c5SAnurag S. Maskey # if previously added by nwam, remove 5396ba597c5SAnurag S. Maskey # For commented-out lines that set NFSMAPID_DOMAIN: 5406ba597c5SAnurag S. Maskey # if not commented out by NWAM, leave as-is 5416ba597c5SAnurag S. Maskey # if commented out by NWAM, remove 5426ba597c5SAnurag S. Maskey # All other lines: leave as-is 5436ba597c5SAnurag S. Maskey # 5446ba597c5SAnurag S. Maskey $NAWK ' \ 5456ba597c5SAnurag S. Maskey $0 ~ /^NFSMAPID_DOMAIN=/ { 5466ba597c5SAnurag S. Maskey if (index($0, "# Added by NWAM") == 0) 5476ba597c5SAnurag S. Maskey printf("#%s # Commented out by NWAM\n", $0); 5486ba597c5SAnurag S. Maskey } 5496ba597c5SAnurag S. Maskey $0 ~ /^#NFSMAPID_DOMAIN=/ { 5506ba597c5SAnurag S. Maskey if ($0 !~ /"# Commented out by NWAM"/) 5516ba597c5SAnurag S. Maskey printf("%s\n", $0); 5526ba597c5SAnurag S. Maskey } 5536ba597c5SAnurag S. Maskey $1 !~ /NFSMAPID_DOMAIN=/ { 5546ba597c5SAnurag S. Maskey printf("%s\n", $0); 5556ba597c5SAnurag S. Maskey }' $file >$file.$$ 5566ba597c5SAnurag S. Maskey 5576ba597c5SAnurag S. Maskey # Now add the desired value 5586ba597c5SAnurag S. Maskey echo "NFSMAPID_DOMAIN=$domain # Added by NWAM" >> $file.$$ 5596ba597c5SAnurag S. Maskey 5606ba597c5SAnurag S. Maskey # Finally, copy our working version to the real thing 5616ba597c5SAnurag S. Maskey $MV -f $file.$$ $file 5626ba597c5SAnurag S. Maskey} 5636ba597c5SAnurag S. Maskey 5646ba597c5SAnurag S. Maskey# 5656ba597c5SAnurag S. Maskey# do_nfsv4 <location> 5666ba597c5SAnurag S. Maskey# 5676ba597c5SAnurag S. Maskey# Updates NFSv4 domain for location 5686ba597c5SAnurag S. Maskey# 5696ba597c5SAnurag S. Maskeydo_nfsv4 () { 5706ba597c5SAnurag S. Maskey loc=$1 5716ba597c5SAnurag S. Maskey 5726ba597c5SAnurag S. Maskey nfsv4domain=`nwam_get_loc_prop $loc nfsv4-domain` 5736ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 5746ba597c5SAnurag S. Maskey update_nfs_file $nfsv4domain 5756ba597c5SAnurag S. Maskey start_svc $MAPID_FMRI 5766ba597c5SAnurag S. Maskey else 5776ba597c5SAnurag S. Maskey stop_svc $MAPID_FMRI 5786ba597c5SAnurag S. Maskey fi 5796ba597c5SAnurag S. Maskey} 5806ba597c5SAnurag S. Maskey 5816ba597c5SAnurag S. Maskey# 5826ba597c5SAnurag S. Maskey# activate_loc <location> 5836ba597c5SAnurag S. Maskey# 5846ba597c5SAnurag S. Maskey# Activates the given location 5856ba597c5SAnurag S. Maskey# 5866ba597c5SAnurag S. Maskeyactivate_loc () { 5876ba597c5SAnurag S. Maskey loc=$1 5886ba597c5SAnurag S. Maskey 5896ba597c5SAnurag S. Maskey echo activating $loc location 5906ba597c5SAnurag S. Maskey 5916ba597c5SAnurag S. Maskey do_sec $loc 5926ba597c5SAnurag S. Maskey do_ns $loc 5936ba597c5SAnurag S. Maskey do_nfsv4 $loc 5946ba597c5SAnurag S. Maskey} 5956ba597c5SAnurag S. Maskey 5966ba597c5SAnurag S. Maskey# 5976ba597c5SAnurag S. Maskey# Script entry point 5986ba597c5SAnurag S. Maskey# 5996ba597c5SAnurag S. Maskey# Arguments to net-loc are 6006ba597c5SAnurag S. Maskey# method ('start' or 'refresh') 6016ba597c5SAnurag S. Maskey 6026ba597c5SAnurag S. Maskey# 6036ba597c5SAnurag S. Maskey# If nwam is not enabled, do nothing and return OK. 6046ba597c5SAnurag S. Maskey# 6056ba597c5SAnurag S. Maskeyservice_is_enabled $NWAM_FMRI || exit $SMF_EXIT_OK 6066ba597c5SAnurag S. Maskey 6076ba597c5SAnurag S. Maskey# 6086ba597c5SAnurag S. Maskey# In a shared-IP zone we need this service to be up, but all of the work 6096ba597c5SAnurag S. Maskey# it tries to do is irrelevant (and will actually lead to the service 6106ba597c5SAnurag S. Maskey# failing if we try to do it), so just bail out. 6116ba597c5SAnurag S. Maskey# In the global zone and exclusive-IP zones we proceed. 6126ba597c5SAnurag S. Maskey# 6136ba597c5SAnurag S. Maskeysmf_configure_ip || exit $SMF_EXIT_OK 6146ba597c5SAnurag S. Maskey 6156ba597c5SAnurag S. Maskeycase "$1" in 6166ba597c5SAnurag S. Maskey 6176ba597c5SAnurag S. Maskey'start') 6186ba597c5SAnurag S. Maskey # 6196ba597c5SAnurag S. Maskey # We need to create the default (NoNet and Automatic) 6206ba597c5SAnurag S. Maskey # locations, if they don't already exist. So: first check 6216ba597c5SAnurag S. Maskey # for the existence of each, and then run the appropriate 6226ba597c5SAnurag S. Maskey # nwamcfg script(s) as needed. Restart nwamd if a location is 6236ba597c5SAnurag S. Maskey # created, as it needs to read it in. 6246ba597c5SAnurag S. Maskey # 6256ba597c5SAnurag S. Maskey LOC_CREATED="false" 6266ba597c5SAnurag S. Maskey $NWAMCFG list loc Automatic >/dev/null 2>&1 6276ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 6286ba597c5SAnurag S. Maskey $NWAMCFG -f /etc/nwam/loc/create_loc_auto 6296ba597c5SAnurag S. Maskey LOC_CREATED="true" 6306ba597c5SAnurag S. Maskey fi 6316ba597c5SAnurag S. Maskey 6326ba597c5SAnurag S. Maskey $NWAMCFG list loc NoNet >/dev/null 2>&1 6336ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 6346ba597c5SAnurag S. Maskey NONETPATH=/etc/nwam/loc/NoNet 6356ba597c5SAnurag S. Maskey NONETFILES="ipf.conf ipf6.conf" 6366ba597c5SAnurag S. Maskey for file in $NONETFILES; do 6376ba597c5SAnurag S. Maskey copy_default $NONETPATH $file 6386ba597c5SAnurag S. Maskey done 6396ba597c5SAnurag S. Maskey $NWAMCFG -f /etc/nwam/loc/create_loc_nonet 6406ba597c5SAnurag S. Maskey LOC_CREATED="true" 6416ba597c5SAnurag S. Maskey fi 6426ba597c5SAnurag S. Maskey 6436ba597c5SAnurag S. Maskey if [ "$LOC_CREATED" = "true" ]; then 6446ba597c5SAnurag S. Maskey refresh_svc $NWAM_FMRI 6456ba597c5SAnurag S. Maskey fi 6466ba597c5SAnurag S. Maskey 6476ba597c5SAnurag S. Maskey # location selection/activation happens below 6486ba597c5SAnurag S. Maskey ;; 6496ba597c5SAnurag S. Maskey 6506ba597c5SAnurag S. Maskey'refresh') 6516ba597c5SAnurag S. Maskey 6526ba597c5SAnurag S. Maskey # location selection/activation happens below 6536ba597c5SAnurag S. Maskey ;; 6546ba597c5SAnurag S. Maskey 6556ba597c5SAnurag S. Maskey*) 6566ba597c5SAnurag S. Maskey echo "Usage: $0 start|refresh" 6576ba597c5SAnurag S. Maskey exit 1 6586ba597c5SAnurag S. Maskey ;; 6596ba597c5SAnurag S. Maskey 6606ba597c5SAnurag S. Maskeyesac 6616ba597c5SAnurag S. Maskey 6626ba597c5SAnurag S. Maskey# 6636ba597c5SAnurag S. Maskey# If the Legacy location doesn't exist and the file to create the Legacy 6646ba597c5SAnurag S. Maskey# location exists, create the Legacy location. Make a copy of it as the user's 6656ba597c5SAnurag S. Maskey# intentions before upgrade. Then activate the User location if nis is 6666ba597c5SAnurag S. Maskey# involved. Because NIS affects more parts of the system (e.g. automounts) we 6676ba597c5SAnurag S. Maskey# are not willing to make NIS part of the Automatic location (i.e. enable it 6686ba597c5SAnurag S. Maskey# automatically based on external input) as we do with DHCP-driven DNS. 6696ba597c5SAnurag S. Maskey# 6706ba597c5SAnurag S. Maskeyactivate_user_loc=0 6716ba597c5SAnurag S. Maskey$NWAMCFG list loc Legacy >/dev/null 2>&1 6726ba597c5SAnurag S. Maskeyif [ $? -eq 1 -a -f "$SCRIPT_PATH/create_loc_legacy" ]; then 6736ba597c5SAnurag S. Maskey # 6746ba597c5SAnurag S. Maskey # We built the script in and pointing to /etc/svc/volatile because we 6756ba597c5SAnurag S. Maskey # may not have a writable filesystem in net-nwam. So here we move the 6766ba597c5SAnurag S. Maskey # components and rewrite the script to point at the writable filesystem. 6776ba597c5SAnurag S. Maskey # 6786ba597c5SAnurag S. Maskey $CP -r $SCRIPT_PATH/Legacy $LEGACY_LOC_PATH 6796ba597c5SAnurag S. Maskey $MV $SCRIPT_PATH/create_loc_legacy $SCRIPT_PATH/vcreate_loc_legacy 6806ba597c5SAnurag S. Maskey $SED -e's,/etc/svc/volatile/nwam/Legacy,/etc/nwam/loc/Legacy,' \ 6816ba597c5SAnurag S. Maskey $SCRIPT_PATH/vcreate_loc_legacy >$SCRIPT_PATH/create_loc_legacy 6826ba597c5SAnurag S. Maskey $NWAMCFG -f $SCRIPT_PATH/create_loc_legacy 6836ba597c5SAnurag S. Maskey loc_ver=`$SVCPROP -c -p location_upgrade/version $LOCATION_FMRI \ 6846ba597c5SAnurag S. Maskey 2>/dev/null` 6856ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 6866ba597c5SAnurag S. Maskey # 6876ba597c5SAnurag S. Maskey # We are rewriting configuration variables from the Legacy 6886ba597c5SAnurag S. Maskey # location to the User location. Use variable ULP to keep REs 6896ba597c5SAnurag S. Maskey # within a line. 6906ba597c5SAnurag S. Maskey # 6916ba597c5SAnurag S. Maskey ULP=$USER_LOC_PATH 6926ba597c5SAnurag S. Maskey $SED -e's,Legacy,User,' \ 6936ba597c5SAnurag S. Maskey -e's,activation-mode=system,activation-mode=manual,' \ 6946ba597c5SAnurag S. Maskey -e"s,\(ipfilter-config-file=\).*/\(.*\),\1$ULP/\2," \ 6956ba597c5SAnurag S. Maskey -e"s,\(ipfilter-v6-config-file=\).*/\(.*\),\1$ULP/\2," \ 6966ba597c5SAnurag S. Maskey -e"s,\(ipnat-config-file=\).*/\(.*\),\1$ULP/\2," \ 6976ba597c5SAnurag S. Maskey -e"s,\(ippool-config-file=\).*/\(.*\),\1$ULP/\2," \ 6986ba597c5SAnurag S. Maskey -e"s,\(ike-config-file=\).*/\(.*\),\1$ULP/\2," \ 6996ba597c5SAnurag S. Maskey -e"s,\(ipsecpolicy-config-file=\).*/\(.*\),\1$ULP/\2," \ 7006ba597c5SAnurag S. Maskey $SCRIPT_PATH/create_loc_legacy | \ 7016ba597c5SAnurag S. Maskey $SED -e's,/etc/nwam/loc/User/none,/none,' \ 7026ba597c5SAnurag S. Maskey -e's,/etc/nwam/loc/User/allow,/allow,' \ 7036ba597c5SAnurag S. Maskey -e's,/etc/nwam/loc/User/deny,/deny,' \ 7046ba597c5SAnurag S. Maskey >$SCRIPT_PATH/create_loc_user 7056ba597c5SAnurag S. Maskey # 7066ba597c5SAnurag S. Maskey # We are creating the User location here. The User location 7076ba597c5SAnurag S. Maskey # is an appromixation of the machine configuration when the 7086ba597c5SAnurag S. Maskey # user change or upgraded to this version of NWAM. First 7096ba597c5SAnurag S. Maskey # we make sure there isn't an existing User location or any 7106ba597c5SAnurag S. Maskey # existing User location data. We then copy all the data 7116ba597c5SAnurag S. Maskey # from the Legacy location and create a location pointing at 7126ba597c5SAnurag S. Maskey # that data. Lastly we create a version property to note 7136ba597c5SAnurag S. Maskey # that we have done this. 7146ba597c5SAnurag S. Maskey # 7156ba597c5SAnurag S. Maskey $NWAMCFG destroy loc User 2>/dev/null 7166ba597c5SAnurag S. Maskey $RM -rf $USER_LOC_PATH 7176ba597c5SAnurag S. Maskey $CP -r $LEGACY_LOC_PATH $USER_LOC_PATH 7186ba597c5SAnurag S. Maskey $RM -f $USER_LOC_PATH/resolv.conf 7196ba597c5SAnurag S. Maskey $NWAMCFG -f $SCRIPT_PATH/create_loc_user 7206ba597c5SAnurag S. Maskey # The User location is activated if 'nis' is in a non comment 7216ba597c5SAnurag S. Maskey # line of nsswitch.conf. 7226ba597c5SAnurag S. Maskey $GREP -v "^#" $USER_LOC_PATH/nsswitch.conf |\ 7236ba597c5SAnurag S. Maskey $SED -e 's/[^:]*://' | $GREP nis >/dev/null 2>&1 7246ba597c5SAnurag S. Maskey if [ $? -eq 0 ]; then 7256ba597c5SAnurag S. Maskey activate_user_loc=1 7266ba597c5SAnurag S. Maskey fi 7276ba597c5SAnurag S. Maskey $SVCCFG -s $SMF_FMRI addpg location_upgrade application \ 7286ba597c5SAnurag S. Maskey 2>/dev/null 7296ba597c5SAnurag S. Maskey $SVCCFG -s $SMF_FMRI setprop location_upgrade/version = \ 7306ba597c5SAnurag S. Maskey astring: "1" 7316ba597c5SAnurag S. Maskey fi 7326ba597c5SAnurag S. Maskeyfi 7336ba597c5SAnurag S. Maskey 7346ba597c5SAnurag S. Maskey# 7356ba597c5SAnurag S. Maskey# Activate a location. If we've just finished upgrading, and 7366ba597c5SAnurag S. Maskey# the User location should be activated, do that (and use nwamadm 7376ba597c5SAnurag S. Maskey# to do so, so the enabled property gets set and nwamd knows this 7386ba597c5SAnurag S. Maskey# selection has been made). Otherwise, if our location/selected 7396ba597c5SAnurag S. Maskey# property has a value, we activate that location; else we activate 7406ba597c5SAnurag S. Maskey# the NoNet location as a default value. 7416ba597c5SAnurag S. Maskey# 7426ba597c5SAnurag S. Maskeyif [ $activate_user_loc -eq 1 ]; then 7436ba597c5SAnurag S. Maskey $NWAMADM enable -p loc User 7446ba597c5SAnurag S. Maskeyelse 7456ba597c5SAnurag S. Maskey sel_loc=`$SVCPROP -c -p location/selected $SMF_FMRI 2>/dev/null` 7466ba597c5SAnurag S. Maskey if [ $? -eq 1 ]; then 7476ba597c5SAnurag S. Maskey # location hasn't been selected; default to NoNet 7486ba597c5SAnurag S. Maskey activate_loc NoNet 7496ba597c5SAnurag S. Maskey else 7504a44f0a1SAnurag S. Maskey # check if the selected location exists 7514a44f0a1SAnurag S. Maskey $NWAMCFG list loc $sel_loc >/dev/null 2>&1 7524a44f0a1SAnurag S. Maskey if [ $? -eq 1 ]; then 753*ad559becSAnurag S. Maskey echo "location '$sel_loc' doesn't exist" 754*ad559becSAnurag S. Maskey enable_nonet 7554a44f0a1SAnurag S. Maskey else 7564a44f0a1SAnurag S. Maskey # activate selected location 7574a44f0a1SAnurag S. Maskey activate_loc $sel_loc 7584a44f0a1SAnurag S. Maskey fi 7596ba597c5SAnurag S. Maskey fi 7606ba597c5SAnurag S. Maskeyfi 7616ba597c5SAnurag S. Maskey 7626ba597c5SAnurag S. Maskeyexit $SMF_EXIT_OK 763