xref: /illumos-gate/usr/src/cmd/vntsd/svc-vntsd (revision 28b1e50e) 
1#!/sbin/sh
2#
3# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
4# Use is subject to license terms.
5#
6# CDDL HEADER START
7#
8# The contents of this file are subject to the terms of the
9# Common Development and Distribution License (the "License").
10# You may not use this file except in compliance with the License.
11#
12# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
13# or http://www.opensolaris.org/os/licensing.
14# See the License for the specific language governing permissions
15# and limitations under the License.
16#
17# When distributing Covered Code, include this CDDL HEADER in each
18# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
19# If applicable, add the following below this CDDL HEADER, with the
20# fields enclosed by brackets "[]" replaced with your own identifying
21# information: Portions Copyright [yyyy] [name of copyright owner]
22#
23# CDDL HEADER END
24#
25# Start script for vntsd
26#
27# For modifying parameters passed to vntsd, do not edit
28# this script. Instead use svccfg(1m) to modify the SMF
29# repository. For example:
30#
31# svccfg
32# svc:> select ldoms/vntsd
33# svc:/ldoms/vntsd> setprop vntsd/vcc_device = "virtual-console-concentrator@1"
34# svc:/ldoms/vntsd> setprop vntsd/listen_addr = "192.168.1.1"
35# svc:/ldoms/vntsd> setprop vntsd/authorization="true"
36# svc:/ldoms/vntsd> exit
37
38. /lib/svc/share/smf_include.sh
39
40AUTH_ATTR=/etc/security/auth_attr
41USER_ATTR=/etc/user_attr
42GREP=/usr/bin/grep
43CAT=/usr/bin/cat
44ED=/usr/bin/ed
45SVCCFG=/usr/sbin/svccfg
46SVCPROP=/bin/svcprop
47
48#
49# Add LDoms vntsd authorization entries to etc/security/auth_attr if not
50# present. These define authorizations used by LDoms vntsd daemon.
51#
52add_auth_entries()
53{
54	# Add entries to auth_attr file, if needed
55	$GREP '^solaris.vntsd.:' ${AUTH_ATTR} >/dev/null 2>&1
56	if  [ $? -ne 0 ] ; then
57		$CAT >>${AUTH_ATTR} << EOF
58# Added by svc-vntsd
59solaris.vntsd.:::LDoms vntsd Administration::
60solaris.vntsd.grant:::Delegate LDoms vntsd Administration::
61solaris.vntsd.consoles:::Access All LDoms Guest Consoles::
62# End of svc-vntsd
63EOF
64	fi
65}
66
67#
68# Add a LDoms user/role entry to etc/user_attr if not present.
69# This defines user/role used by useradd or roleadd.
70#
71add_user_entries()
72{
73	#
74	# Add entries to user_attr file, if needed.
75	#
76	$GREP 'solaris.vntsd.grant' ${USER_ATTR} >/dev/null 2>&1
77
78	if  [ $? -ne 0 ] ; then
79
80		$GREP '^root' ${USER_ATTR} | $GREP 'auths=' >/dev/null 2>&1
81		if  [ $? -eq 0 ] ; then
82		    #
83		    # Add vntsd attribute to an existing root entry.
84		    #
85		    $ED -s ${USER_ATTR} <<- EOF > /dev/null 2>&1
86			g/^root.*auths\=/s/^roo.*auths\=/&solaris.vntsd.grant,/
87			w
88			q
89			EOF
90		else
91		    #
92		    # Add a root entry with vntsd attribute.
93		    #
94		    $CAT >>${USER_ATTR} << EOF
95# Added by svc-vntsd
96root::::type=normal;auths=solaris.vntsd.grant;lock_after_retries=0
97# End of svc-vntsd
98EOF
99		fi
100	fi
101}
102
103#
104# Update 'vntsd' authorizations in the relevant files. Note that adding these
105# entries from this smf script rather than from the pkg install scripts,
106# ensures that they are added only if the vntsd service is being enabled; and
107# hence avoids adding these entries unnecessarily into client guest domains.
108# The functions check before adding, that the entries are not already present.
109#
110add_auth_entries
111add_user_entries
112
113vcc_device=`$SVCPROP -p vntsd/vcc_device $SMF_FMRI 2>/dev/null`
114if [ -z "$vcc_device" ]; then
115	vcc_device="virtual-console-concentrator@0"
116fi
117args="-i $vcc_device"
118
119listen_addr=`$SVCPROP -p vntsd/listen_addr $SMF_FMRI 2>/dev/null`
120if [ -n "$listen_addr" ]; then
121	args="$args -p $listen_addr"
122fi
123
124timeout=`$SVCPROP -p vntsd/timeout_minutes $SMF_FMRI 2>/dev/null`
125if [ -n "$timeout" ]; then
126	args="$args -t $timeout"
127fi
128
129auth=`$SVCPROP -p vntsd/authorization $SMF_FMRI 2>/dev/null`
130if [ "$auth" = "true" ]; then
131	args="$args -A"
132fi
133
134if [ -x /usr/lib/ldoms/vntsd ]; then
135    /usr/lib/ldoms/vntsd $args
136    rc=$?
137    if [ $rc -ne 0 ]; then
138	# if vntsd exited in error with status 1, let SMF restart it
139	# otherwise we want it to go into maintenance.
140	if [ $rc -eq 1 ]; then
141	    exit $SMF_ERR_OTHER
142	else
143	    exit $SMF_ERR_FATAL
144	fi
145    fi
146else
147    echo "WARNING: /usr/lib/ldoms/vntsd is missing or not executable" >& 2
148    exit $SMF_EXIT_ERR_CONFIG
149fi
150
151exit $SMF_EXIT_OK
152