ipf/svc/ipfd.c

*8823STruong.Q.Nguyen@Sun.COM/*
*8823STruong.Q.Nguyen@Sun.COM * CDDL HEADER START
*8823STruong.Q.Nguyen@Sun.COM *
*8823STruong.Q.Nguyen@Sun.COM * The contents of this file are subject to the terms of the
*8823STruong.Q.Nguyen@Sun.COM * Common Development and Distribution License (the "License").
*8823STruong.Q.Nguyen@Sun.COM * You may not use this file except in compliance with the License.
*8823STruong.Q.Nguyen@Sun.COM *
*8823STruong.Q.Nguyen@Sun.COM * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
*8823STruong.Q.Nguyen@Sun.COM * or http://www.opensolaris.org/os/licensing.
*8823STruong.Q.Nguyen@Sun.COM * See the License for the specific language governing permissions
*8823STruong.Q.Nguyen@Sun.COM * and limitations under the License.
*8823STruong.Q.Nguyen@Sun.COM *
*8823STruong.Q.Nguyen@Sun.COM * When distributing Covered Code, include this CDDL HEADER in each
*8823STruong.Q.Nguyen@Sun.COM * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
*8823STruong.Q.Nguyen@Sun.COM * If applicable, add the following below this CDDL HEADER, with the
*8823STruong.Q.Nguyen@Sun.COM * fields enclosed by brackets "[]" replaced with your own identifying
*8823STruong.Q.Nguyen@Sun.COM * information: Portions Copyright [yyyy] [name of copyright owner]
*8823STruong.Q.Nguyen@Sun.COM *
*8823STruong.Q.Nguyen@Sun.COM * CDDL HEADER END
*8823STruong.Q.Nguyen@Sun.COM */
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM/*
*8823STruong.Q.Nguyen@Sun.COM * Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
*8823STruong.Q.Nguyen@Sun.COM * Use is subject to license terms.
*8823STruong.Q.Nguyen@Sun.COM */
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM/*
*8823STruong.Q.Nguyen@Sun.COM * This file delivers svc.ipfd, the daemon that monitors changes to
*8823STruong.Q.Nguyen@Sun.COM * firewall capable services and requests IPfilter configuration update
*8823STruong.Q.Nguyen@Sun.COM * on behalf of the service. Essentially, the daemon listens for
*8823STruong.Q.Nguyen@Sun.COM * service changes and forks the program that update a service's
*8823STruong.Q.Nguyen@Sun.COM * IPfilter configuration.
*8823STruong.Q.Nguyen@Sun.COM *
*8823STruong.Q.Nguyen@Sun.COM * - A firewall capable SMF service can restrict network access to its
*8823STruong.Q.Nguyen@Sun.COM *   service by providing a firewall policy that can be translated into
*8823STruong.Q.Nguyen@Sun.COM *   a set of IPfilter rules. The mentioned firewall policy is stored in
*8823STruong.Q.Nguyen@Sun.COM *   firewall_config and firewall_context property groups. If one of these
*8823STruong.Q.Nguyen@Sun.COM *   two property groups exist, the service is considered to be firewall
*8823STruong.Q.Nguyen@Sun.COM *   capable.
*8823STruong.Q.Nguyen@Sun.COM *
*8823STruong.Q.Nguyen@Sun.COM * - A request to update service's IPfilter configuration is made for
*8823STruong.Q.Nguyen@Sun.COM *   actions that affect service's configuration or running state. The
*8823STruong.Q.Nguyen@Sun.COM *   actions are:
*8823STruong.Q.Nguyen@Sun.COM *	- enable/disable
*8823STruong.Q.Nguyen@Sun.COM *	- refresh/restart
*8823STruong.Q.Nguyen@Sun.COM *	- maintenance/clear maintenance
*8823STruong.Q.Nguyen@Sun.COM *
*8823STruong.Q.Nguyen@Sun.COM * Lacking a generic SMF mechanism to observe service state changes, the
*8823STruong.Q.Nguyen@Sun.COM * daemon observe change events by listening to changes to 'general',
*8823STruong.Q.Nguyen@Sun.COM * 'general_ovr', and 'restarter_actions' property groups. This is not a
*8823STruong.Q.Nguyen@Sun.COM * stable interface and should be replaced when a SMF supported mechanism
*8823STruong.Q.Nguyen@Sun.COM * becomes available.
*8823STruong.Q.Nguyen@Sun.COM *
*8823STruong.Q.Nguyen@Sun.COM * - The program responsible for updating service's IPfilter configuration
*8823STruong.Q.Nguyen@Sun.COM *   is /lib/svc/method/ipfilter. This program is called as:
*8823STruong.Q.Nguyen@Sun.COM *
*8823STruong.Q.Nguyen@Sun.COM *   /lib/svc/method/ipfilter fw_update fmri
*8823STruong.Q.Nguyen@Sun.COM *
*8823STruong.Q.Nguyen@Sun.COM *   where fmri the instance fmri of the service to be updated.
*8823STruong.Q.Nguyen@Sun.COM */
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM#include <stdio.h>
*8823STruong.Q.Nguyen@Sun.COM#include <unistd.h>
*8823STruong.Q.Nguyen@Sun.COM#include <stdlib.h>
*8823STruong.Q.Nguyen@Sun.COM#include <assert.h>
*8823STruong.Q.Nguyen@Sun.COM#include <errno.h>
*8823STruong.Q.Nguyen@Sun.COM#include <sys/types.h>
*8823STruong.Q.Nguyen@Sun.COM#include <sys/stat.h>
*8823STruong.Q.Nguyen@Sun.COM#include <sys/wait.h>
*8823STruong.Q.Nguyen@Sun.COM#include <fcntl.h>
*8823STruong.Q.Nguyen@Sun.COM#include <umem.h>
*8823STruong.Q.Nguyen@Sun.COM#include <libscf.h>
*8823STruong.Q.Nguyen@Sun.COM#include <libscf_priv.h>
*8823STruong.Q.Nguyen@Sun.COM#include <signal.h>
*8823STruong.Q.Nguyen@Sun.COM#include <string.h>
*8823STruong.Q.Nguyen@Sun.COM#include <syslog.h>
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM#define	IPFILTER_FMRI		"svc:/network/ipfilter:default"
*8823STruong.Q.Nguyen@Sun.COM#define	RPCBIND_FMRI		"svc:/network/rpc/bind:default"
*8823STruong.Q.Nguyen@Sun.COM#define	IPF_UPDATE_CMD		"/lib/svc/method/ipfilter"
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM#define	SCF_SNAPSHOT_RUNNING	"running"
*8823STruong.Q.Nguyen@Sun.COM#define	SCF_PG_FW_CONTEXT	"firewall_context"
*8823STruong.Q.Nguyen@Sun.COM#define	SCF_PG_FW_CONFIG	"firewall_config"
*8823STruong.Q.Nguyen@Sun.COM#define	SCF_PG_REFRESH		"refresh"
*8823STruong.Q.Nguyen@Sun.COM#define	SCF_PG_INETD		"inetd"
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM#define	SCF_PROPERTY_ISRPC	"isrpc"
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM#define	MAX_RETRY		7
*8823STruong.Q.Nguyen@Sun.COM#define	DEV_NULL		"/dev/null"
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic scf_handle_t *h;
*8823STruong.Q.Nguyen@Sun.COMstatic ssize_t max_scf_fmri_size;
*8823STruong.Q.Nguyen@Sun.COMstatic ssize_t max_scf_name_size;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic scf_instance_t *inst;
*8823STruong.Q.Nguyen@Sun.COMstatic scf_snapshot_t *snap;
*8823STruong.Q.Nguyen@Sun.COMstatic scf_propertygroup_t *scratch_pg;
*8823STruong.Q.Nguyen@Sun.COMstatic scf_property_t *scratch_prop;
*8823STruong.Q.Nguyen@Sun.COMstatic scf_value_t *scratch_v;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic char *scratch_fmri;
*8823STruong.Q.Nguyen@Sun.COMstatic char *scratch_name;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic const char *all_props[] = {
*8823STruong.Q.Nguyen@Sun.COM	SCF_PROPERTY_REFRESH, SCF_PROPERTY_RESTART, SCF_PROPERTY_MAINT_ON,
*8823STruong.Q.Nguyen@Sun.COM	SCF_PROPERTY_MAINT_ON_IMMEDIATE, SCF_PROPERTY_MAINT_ON_IMMTEMP,
*8823STruong.Q.Nguyen@Sun.COM	SCF_PROPERTY_MAINT_ON_TEMPORARY, SCF_PROPERTY_MAINT_OFF
*8823STruong.Q.Nguyen@Sun.COM};
*8823STruong.Q.Nguyen@Sun.COM#define	ALL_PROPS_CNT		7
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic const char *maint_props[] = {
*8823STruong.Q.Nguyen@Sun.COM	SCF_PROPERTY_REFRESH, SCF_PROPERTY_RESTART, SCF_PROPERTY_MAINT_OFF };
*8823STruong.Q.Nguyen@Sun.COM#define	MAINT_PROPS_CNT		3
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic int ipfilter_update(const char *);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic int
*8823STruong.Q.Nguyen@Sun.COMdaemonize_self(void)
*8823STruong.Q.Nguyen@Sun.COM{
*8823STruong.Q.Nguyen@Sun.COM	pid_t pid;
*8823STruong.Q.Nguyen@Sun.COM	int fd;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	(void) close(STDIN_FILENO);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if ((fd = open(DEV_NULL, O_RDONLY)) == -1) {
*8823STruong.Q.Nguyen@Sun.COM		(void) printf("Could not open /dev/null: %s\n",
*8823STruong.Q.Nguyen@Sun.COM		    strerror(errno));
*8823STruong.Q.Nguyen@Sun.COM	} else if (fd != STDIN_FILENO) {
*8823STruong.Q.Nguyen@Sun.COM		(void) dup2(fd, STDIN_FILENO);
*8823STruong.Q.Nguyen@Sun.COM		(void) close(fd);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM	(void) dup2(STDERR_FILENO, STDOUT_FILENO);
*8823STruong.Q.Nguyen@Sun.COM	closefrom(3);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if ((pid = fork1()) < 0) {
*8823STruong.Q.Nguyen@Sun.COM		(void) printf("fork() failed: %s\n", strerror(errno));
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (pid != 0)
*8823STruong.Q.Nguyen@Sun.COM		exit(0);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	(void) setsid();
*8823STruong.Q.Nguyen@Sun.COM	(void) chdir("/");
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	return (0);
*8823STruong.Q.Nguyen@Sun.COM}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic void
*8823STruong.Q.Nguyen@Sun.COMrepository_rebind(scf_handle_t *hndl)
*8823STruong.Q.Nguyen@Sun.COM{
*8823STruong.Q.Nguyen@Sun.COM	int c = 0;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	(void) scf_handle_unbind(hndl);
*8823STruong.Q.Nguyen@Sun.COM	while ((scf_handle_bind(hndl)) != 0) {
*8823STruong.Q.Nguyen@Sun.COM		if (c > MAX_RETRY) {
*8823STruong.Q.Nguyen@Sun.COM			syslog(LOG_ERR | LOG_DAEMON, "Repository access "
*8823STruong.Q.Nguyen@Sun.COM			    "unavailable. Couldn't bind handle: %s\n",
*8823STruong.Q.Nguyen@Sun.COM			    scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM			syslog(LOG_ERR | LOG_DAEMON, "Service specific"
*8823STruong.Q.Nguyen@Sun.COM			    "IPfilter configuration may not be updated "
*8823STruong.Q.Nguyen@Sun.COM			    "properly\n");
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM			exit(1);
*8823STruong.Q.Nguyen@Sun.COM		} else {
*8823STruong.Q.Nguyen@Sun.COM			c++;
*8823STruong.Q.Nguyen@Sun.COM		}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		(void) sleep(1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic void
*8823STruong.Q.Nguyen@Sun.COMrepository_notify_setup(scf_handle_t *h)
*8823STruong.Q.Nguyen@Sun.COM{
*8823STruong.Q.Nguyen@Sun.COM	for (;;) {
*8823STruong.Q.Nguyen@Sun.COM		if (_scf_notify_add_pgtype(h, SCF_GROUP_FRAMEWORK) ==
*8823STruong.Q.Nguyen@Sun.COM		    SCF_SUCCESS)
*8823STruong.Q.Nguyen@Sun.COM			break;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		switch (scf_error()) {
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_CONNECTION_BROKEN:
*8823STruong.Q.Nguyen@Sun.COM			repository_rebind(h);
*8823STruong.Q.Nguyen@Sun.COM			break;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_NO_RESOURCES:
*8823STruong.Q.Nguyen@Sun.COM			(void) sleep(1);
*8823STruong.Q.Nguyen@Sun.COM			break;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		default:
*8823STruong.Q.Nguyen@Sun.COM			syslog(LOG_ERR | LOG_DAEMON,
*8823STruong.Q.Nguyen@Sun.COM			    "Abort: Couldn't set up repository notification "
*8823STruong.Q.Nguyen@Sun.COM			    "for pg type %s: %s\n", SCF_GROUP_FRAMEWORK,
*8823STruong.Q.Nguyen@Sun.COM			    scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM			abort();
*8823STruong.Q.Nguyen@Sun.COM		}
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM/*
*8823STruong.Q.Nguyen@Sun.COM * If the repository connection is lost, rebind and re-setup repository
*8823STruong.Q.Nguyen@Sun.COM * notification. During the repository connection outage, services that
*8823STruong.Q.Nguyen@Sun.COM * changed states wouldn't get the corresponding firewall update. To make
*8823STruong.Q.Nguyen@Sun.COM * we're not out of sync, update the entire system firewall configuration,
*8823STruong.Q.Nguyen@Sun.COM * invoke ipfilter_update(IPFILTER_FMRI).
*8823STruong.Q.Nguyen@Sun.COM */
*8823STruong.Q.Nguyen@Sun.COMstatic void
*8823STruong.Q.Nguyen@Sun.COMrepository_setup()
*8823STruong.Q.Nguyen@Sun.COM{
*8823STruong.Q.Nguyen@Sun.COM	repository_rebind(h);
*8823STruong.Q.Nguyen@Sun.COM	repository_notify_setup(h);
*8823STruong.Q.Nguyen@Sun.COM	if (ipfilter_update(IPFILTER_FMRI) == -1) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON,
*8823STruong.Q.Nguyen@Sun.COM		    "Failed to reconfigure system firewall.\n");
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic int
*8823STruong.Q.Nguyen@Sun.COMpg_get_prop_value(const scf_propertygroup_t *pg, const char *pname,
*8823STruong.Q.Nguyen@Sun.COM    scf_value_t *v)
*8823STruong.Q.Nguyen@Sun.COM{
*8823STruong.Q.Nguyen@Sun.COM	if (pg == NULL || pname == NULL || v == NULL)
*8823STruong.Q.Nguyen@Sun.COM		return (-1);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (scf_pg_get_property(pg, pname, scratch_prop) == -1 ||
*8823STruong.Q.Nguyen@Sun.COM	    scf_property_get_value(scratch_prop, v) == -1) {
*8823STruong.Q.Nguyen@Sun.COM		switch (scf_error()) {
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_NOT_FOUND:
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_DELETED:
*8823STruong.Q.Nguyen@Sun.COM			break;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		default:
*8823STruong.Q.Nguyen@Sun.COM			syslog(LOG_ERR | LOG_DAEMON,
*8823STruong.Q.Nguyen@Sun.COM			    "scf_pg_get_property failed for %s: %s\n",
*8823STruong.Q.Nguyen@Sun.COM			    pname, scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM		}
*8823STruong.Q.Nguyen@Sun.COM		return (-1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM	return (0);
*8823STruong.Q.Nguyen@Sun.COM}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic int
*8823STruong.Q.Nguyen@Sun.COMis_correct_event(const char *fmri, const scf_propertygroup_t *pg,
*8823STruong.Q.Nguyen@Sun.COM    const boolean_t isrpc)
*8823STruong.Q.Nguyen@Sun.COM{
*8823STruong.Q.Nguyen@Sun.COM	char *state = NULL;
*8823STruong.Q.Nguyen@Sun.COM	const char **proplist = all_props;
*8823STruong.Q.Nguyen@Sun.COM	int prop_cnt = ALL_PROPS_CNT;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	int i, ret = 0;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (scf_pg_get_name(pg, scratch_name, max_scf_name_size) < 0) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "scf_pg_get_name failed: %s\n",
*8823STruong.Q.Nguyen@Sun.COM		    scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM		return (-1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	/*
*8823STruong.Q.Nguyen@Sun.COM	 * We care about enable, disable, and refresh since that's
*8823STruong.Q.Nguyen@Sun.COM	 * when we activate, deactivate, or change firewall policy.
*8823STruong.Q.Nguyen@Sun.COM	 *
*8823STruong.Q.Nguyen@Sun.COM	 *  - enable/disable -> change in "general" or "general_ovr"
*8823STruong.Q.Nguyen@Sun.COM	 *  - refresh/restart -> change in "restarter_actions"
*8823STruong.Q.Nguyen@Sun.COM	 */
*8823STruong.Q.Nguyen@Sun.COM	if (strcmp(scratch_name, SCF_PG_GENERAL) == 0 ||
*8823STruong.Q.Nguyen@Sun.COM	    strcmp(scratch_name, SCF_PG_GENERAL_OVR) == 0) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_DEBUG | LOG_DAEMON, "Action: %s", scratch_name);
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if ((state = smf_get_state(fmri)) == NULL) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "smf_get_state failed for %s: "
*8823STruong.Q.Nguyen@Sun.COM		    "%s\n", fmri, scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM		return (-1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	syslog(LOG_DEBUG | LOG_DAEMON, "%s STATE: %s \n", fmri, state);
*8823STruong.Q.Nguyen@Sun.COM	if (strcmp(state, SCF_STATE_STRING_MAINT) == 0) {
*8823STruong.Q.Nguyen@Sun.COM		proplist = maint_props;
*8823STruong.Q.Nguyen@Sun.COM		prop_cnt = MAINT_PROPS_CNT;
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	/*
*8823STruong.Q.Nguyen@Sun.COM	 * Only concerned with refresh, restart, and maint on|off actions.
*8823STruong.Q.Nguyen@Sun.COM	 * RPC services are restarted whenever rpc/bind restarts so it's
*8823STruong.Q.Nguyen@Sun.COM	 * an automatic valid event for RPC services.
*8823STruong.Q.Nguyen@Sun.COM	 */
*8823STruong.Q.Nguyen@Sun.COM	if (isrpc) {
*8823STruong.Q.Nguyen@Sun.COM		ret = 1;
*8823STruong.Q.Nguyen@Sun.COM		goto out;
*8823STruong.Q.Nguyen@Sun.COM	} else if (strcmp(scratch_name, SCF_PG_RESTARTER_ACTIONS) == 0) {
*8823STruong.Q.Nguyen@Sun.COM		for (i = 0; i < prop_cnt; i++) {
*8823STruong.Q.Nguyen@Sun.COM			if (pg_get_prop_value(pg, proplist[i],
*8823STruong.Q.Nguyen@Sun.COM			    scratch_v) == 0) {
*8823STruong.Q.Nguyen@Sun.COM				syslog(LOG_DEBUG | LOG_DAEMON, "Action: %s/%s",
*8823STruong.Q.Nguyen@Sun.COM				    scratch_name, proplist[i]);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM				ret = 1;
*8823STruong.Q.Nguyen@Sun.COM				goto out;
*8823STruong.Q.Nguyen@Sun.COM			}
*8823STruong.Q.Nguyen@Sun.COM		}
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMout:
*8823STruong.Q.Nguyen@Sun.COM	if (state)
*8823STruong.Q.Nguyen@Sun.COM		free(state);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	return (ret);
*8823STruong.Q.Nguyen@Sun.COM}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic int
*8823STruong.Q.Nguyen@Sun.COMipfilter_update(const char *fmri)
*8823STruong.Q.Nguyen@Sun.COM{
*8823STruong.Q.Nguyen@Sun.COM	pid_t pid;
*8823STruong.Q.Nguyen@Sun.COM	int status, ret = 0;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	syslog(LOG_DEBUG | LOG_DAEMON, "ipfilter_update: %s\n", fmri);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	/*
*8823STruong.Q.Nguyen@Sun.COM	 * Start refresh in another process
*8823STruong.Q.Nguyen@Sun.COM	 */
*8823STruong.Q.Nguyen@Sun.COM	if ((pid = fork1()) < 0) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "Couldn't fork to refresh "
*8823STruong.Q.Nguyen@Sun.COM		    "ipfilter for %s: %s", fmri, strerror(errno));
*8823STruong.Q.Nguyen@Sun.COM		ret = 1;
*8823STruong.Q.Nguyen@Sun.COM		goto out;
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (pid == 0) {
*8823STruong.Q.Nguyen@Sun.COM		if (execl(IPF_UPDATE_CMD, IPF_UPDATE_CMD, "fw_update", fmri,
*8823STruong.Q.Nguyen@Sun.COM		    NULL) == -1)
*8823STruong.Q.Nguyen@Sun.COM			syslog(LOG_ERR | LOG_DAEMON, "execl() failed for "
*8823STruong.Q.Nguyen@Sun.COM			    "%s: %s", fmri, strerror(errno));
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		exit(1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	/*
*8823STruong.Q.Nguyen@Sun.COM	 * Parent - only one update at a time.
*8823STruong.Q.Nguyen@Sun.COM	 */
*8823STruong.Q.Nguyen@Sun.COM	(void) wait(&status);
*8823STruong.Q.Nguyen@Sun.COM	if (!WIFEXITED(status) || WEXITSTATUS(status) != 0)
*8823STruong.Q.Nguyen@Sun.COM		ret = 1;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMout:
*8823STruong.Q.Nguyen@Sun.COM	if (ret == 1)
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "Firewall update failed "
*8823STruong.Q.Nguyen@Sun.COM		    "for: %s\n", fmri);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	return (ret);
*8823STruong.Q.Nguyen@Sun.COM}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM/*
*8823STruong.Q.Nguyen@Sun.COM * Determine whether a given instance is a RPC service. Repository and
*8823STruong.Q.Nguyen@Sun.COM * libscf errors are treated as if the service isn't an RPC service,
*8823STruong.Q.Nguyen@Sun.COM * returning B_FALSE to indicate validation failure.
*8823STruong.Q.Nguyen@Sun.COM */
*8823STruong.Q.Nguyen@Sun.COMstatic boolean_t
*8823STruong.Q.Nguyen@Sun.COMservice_is_rpc(const scf_instance_t *inst)
*8823STruong.Q.Nguyen@Sun.COM{
*8823STruong.Q.Nguyen@Sun.COM	scf_snapshot_t *lsnap = NULL;
*8823STruong.Q.Nguyen@Sun.COM	uint8_t	isrpc;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (scf_instance_get_snapshot(inst, SCF_SNAPSHOT_RUNNING, snap) != 0) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_DEBUG | LOG_DAEMON,
*8823STruong.Q.Nguyen@Sun.COM		    "Could not get running snapshot, using editing value\n");
*8823STruong.Q.Nguyen@Sun.COM	} else {
*8823STruong.Q.Nguyen@Sun.COM		lsnap = snap;
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (scf_instance_get_pg_composed(inst, lsnap, SCF_PG_INETD,
*8823STruong.Q.Nguyen@Sun.COM	    scratch_pg) == -1) {
*8823STruong.Q.Nguyen@Sun.COM		switch (scf_error()) {
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_NOT_FOUND:
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_DELETED:
*8823STruong.Q.Nguyen@Sun.COM			break;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		default:
*8823STruong.Q.Nguyen@Sun.COM			syslog(LOG_ERR | LOG_DAEMON,
*8823STruong.Q.Nguyen@Sun.COM			    "scf_instance_get_pg_composed failed: %s\n",
*8823STruong.Q.Nguyen@Sun.COM			    scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM			return (B_FALSE);
*8823STruong.Q.Nguyen@Sun.COM		}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		if (scf_instance_get_pg_composed(inst, lsnap,
*8823STruong.Q.Nguyen@Sun.COM		    SCF_PG_FW_CONTEXT, scratch_pg) == -1) {
*8823STruong.Q.Nguyen@Sun.COM			switch (scf_error()) {
*8823STruong.Q.Nguyen@Sun.COM			case SCF_ERROR_NOT_FOUND:
*8823STruong.Q.Nguyen@Sun.COM			case SCF_ERROR_DELETED:
*8823STruong.Q.Nguyen@Sun.COM				break;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM			default:
*8823STruong.Q.Nguyen@Sun.COM				syslog(LOG_ERR | LOG_DAEMON,
*8823STruong.Q.Nguyen@Sun.COM				    "scf_instance_get_pg_composed failed: %s\n",
*8823STruong.Q.Nguyen@Sun.COM				    scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM			}
*8823STruong.Q.Nguyen@Sun.COM			return (B_FALSE);
*8823STruong.Q.Nguyen@Sun.COM		}
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (pg_get_prop_value(scratch_pg, SCF_PROPERTY_ISRPC, scratch_v) == -1)
*8823STruong.Q.Nguyen@Sun.COM		return (B_FALSE);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (scf_value_get_boolean(scratch_v, &isrpc) == -1) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "scf_value_get_boolean failed: "
*8823STruong.Q.Nguyen@Sun.COM		    "%s\n", scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM		return (B_FALSE);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (isrpc)
*8823STruong.Q.Nguyen@Sun.COM		return (B_TRUE);
*8823STruong.Q.Nguyen@Sun.COM	else
*8823STruong.Q.Nguyen@Sun.COM		return (B_FALSE);
*8823STruong.Q.Nguyen@Sun.COM}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic int
*8823STruong.Q.Nguyen@Sun.COMinstance_has_firewall(scf_instance_t *inst)
*8823STruong.Q.Nguyen@Sun.COM{
*8823STruong.Q.Nguyen@Sun.COM	scf_snapshot_t *lsnap = NULL;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (scf_instance_get_snapshot(inst, SCF_SNAPSHOT_RUNNING, snap) == -1) {
*8823STruong.Q.Nguyen@Sun.COM		switch (scf_error()) {
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_CONNECTION_BROKEN:
*8823STruong.Q.Nguyen@Sun.COM			syslog(LOG_ERR | LOG_DAEMON,
*8823STruong.Q.Nguyen@Sun.COM			    "scf_instance_get_snapshot failed: %s\n",
*8823STruong.Q.Nguyen@Sun.COM			    scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM			repository_setup();
*8823STruong.Q.Nguyen@Sun.COM			return (-1);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_DELETED:
*8823STruong.Q.Nguyen@Sun.COM		default:
*8823STruong.Q.Nguyen@Sun.COM			/*
*8823STruong.Q.Nguyen@Sun.COM			 * If running snapshot is not available for
*8823STruong.Q.Nguyen@Sun.COM			 * other reasons, fall back to current values.
*8823STruong.Q.Nguyen@Sun.COM			 */
*8823STruong.Q.Nguyen@Sun.COM			syslog(LOG_DEBUG | LOG_DAEMON, "Could not get "
*8823STruong.Q.Nguyen@Sun.COM			    "running snapshot, using current value\n");
*8823STruong.Q.Nguyen@Sun.COM		}
*8823STruong.Q.Nguyen@Sun.COM	} else {
*8823STruong.Q.Nguyen@Sun.COM		lsnap = snap;
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	/*
*8823STruong.Q.Nguyen@Sun.COM	 * Update service's IPfilter configuration if either
*8823STruong.Q.Nguyen@Sun.COM	 * SCF_PG_FW_CONTEXT or SCF_PG_FW_CONFIG exists.
*8823STruong.Q.Nguyen@Sun.COM	 */
*8823STruong.Q.Nguyen@Sun.COM	if (scf_instance_get_pg_composed(inst, lsnap, SCF_PG_FW_CONTEXT,
*8823STruong.Q.Nguyen@Sun.COM	    scratch_pg) == 0) {
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	} else {
*8823STruong.Q.Nguyen@Sun.COM		switch (scf_error()) {
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_NOT_FOUND:
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_DELETED:
*8823STruong.Q.Nguyen@Sun.COM			break;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_CONNECTION_BROKEN:
*8823STruong.Q.Nguyen@Sun.COM			repository_setup();
*8823STruong.Q.Nguyen@Sun.COM			/* FALLTHROUGH */
*8823STruong.Q.Nguyen@Sun.COM		default:
*8823STruong.Q.Nguyen@Sun.COM			syslog(LOG_ERR | LOG_DAEMON,
*8823STruong.Q.Nguyen@Sun.COM			    "scf_instance_get_pg_composed failed: %s\n",
*8823STruong.Q.Nguyen@Sun.COM			    scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM			return (-1);
*8823STruong.Q.Nguyen@Sun.COM		}
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (scf_instance_get_pg_composed(inst, lsnap, SCF_PG_FW_CONFIG,
*8823STruong.Q.Nguyen@Sun.COM	    scratch_pg) == -1) {
*8823STruong.Q.Nguyen@Sun.COM		/*
*8823STruong.Q.Nguyen@Sun.COM		 * It's either a non-firewall service or a failure to
*8823STruong.Q.Nguyen@Sun.COM		 * read firewall pg, just continue and listen for
*8823STruong.Q.Nguyen@Sun.COM		 * future events.
*8823STruong.Q.Nguyen@Sun.COM		 */
*8823STruong.Q.Nguyen@Sun.COM		switch (scf_error()) {
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_NOT_FOUND:
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_DELETED:
*8823STruong.Q.Nguyen@Sun.COM			return (0);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		case SCF_ERROR_CONNECTION_BROKEN:
*8823STruong.Q.Nguyen@Sun.COM			repository_setup();
*8823STruong.Q.Nguyen@Sun.COM			/* FALLTHROUGH */
*8823STruong.Q.Nguyen@Sun.COM		default:
*8823STruong.Q.Nguyen@Sun.COM			syslog(LOG_ERR | LOG_DAEMON,
*8823STruong.Q.Nguyen@Sun.COM			    "scf_instance_get_pg_composed failed: %s\n",
*8823STruong.Q.Nguyen@Sun.COM			    scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM			return (-1);
*8823STruong.Q.Nguyen@Sun.COM		}
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM	return (1);
*8823STruong.Q.Nguyen@Sun.COM}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic int
*8823STruong.Q.Nguyen@Sun.COMrepository_event_process(scf_propertygroup_t *pg)
*8823STruong.Q.Nguyen@Sun.COM{
*8823STruong.Q.Nguyen@Sun.COM	boolean_t isrpc = B_FALSE;
*8823STruong.Q.Nguyen@Sun.COM	int res;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	/*
*8823STruong.Q.Nguyen@Sun.COM	 * Figure out it's a firewall capable instance and call ipfilter_update
*8823STruong.Q.Nguyen@Sun.COM	 * if it is.
*8823STruong.Q.Nguyen@Sun.COM	 */
*8823STruong.Q.Nguyen@Sun.COM	if (scf_pg_get_parent_instance(pg, inst) == -1) {
*8823STruong.Q.Nguyen@Sun.COM		/* Not an error if pg doesn't belong to a valid instance */
*8823STruong.Q.Nguyen@Sun.COM		if (scf_error() == SCF_ERROR_CONSTRAINT_VIOLATED) {
*8823STruong.Q.Nguyen@Sun.COM			return (0);
*8823STruong.Q.Nguyen@Sun.COM		}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "scf_pg_get_parent_instance "
*8823STruong.Q.Nguyen@Sun.COM		    "failed: %s\n", scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		if (scf_error() == SCF_ERROR_CONNECTION_BROKEN)
*8823STruong.Q.Nguyen@Sun.COM			repository_setup();
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (scf_instance_to_fmri(inst, scratch_fmri, max_scf_fmri_size) == -1) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "scf_instance_to_fmri "
*8823STruong.Q.Nguyen@Sun.COM		    "failed: %s\n", scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		if (scf_error() == SCF_ERROR_CONNECTION_BROKEN)
*8823STruong.Q.Nguyen@Sun.COM			repository_setup();
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (strcmp(scratch_fmri, IPFILTER_FMRI) == 0) {
*8823STruong.Q.Nguyen@Sun.COM		return (0);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	isrpc = service_is_rpc(inst);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	/*
*8823STruong.Q.Nguyen@Sun.COM	 * If it's not an event we're interested in, returns success.
*8823STruong.Q.Nguyen@Sun.COM	 */
*8823STruong.Q.Nguyen@Sun.COM	res = is_correct_event(scratch_fmri, pg, isrpc);
*8823STruong.Q.Nguyen@Sun.COM	if (res == -1) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON,
*8823STruong.Q.Nguyen@Sun.COM		    "is_correct_event failed for %s.\n", scratch_fmri);
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	} else if (res == 0) {
*8823STruong.Q.Nguyen@Sun.COM		return (0);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	/*
*8823STruong.Q.Nguyen@Sun.COM	 * Proceed only if instance has firewall policy.
*8823STruong.Q.Nguyen@Sun.COM	 */
*8823STruong.Q.Nguyen@Sun.COM	res = instance_has_firewall(inst);
*8823STruong.Q.Nguyen@Sun.COM	if (res == -1) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON,
*8823STruong.Q.Nguyen@Sun.COM		    "instance_has_firewall failed for %s.\n", scratch_fmri);
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	} else if (res == 0) {
*8823STruong.Q.Nguyen@Sun.COM		return (0);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (ipfilter_update(scratch_fmri) == -1) {
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	return (0);
*8823STruong.Q.Nguyen@Sun.COM}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMstatic int
*8823STruong.Q.Nguyen@Sun.COMrepository_event_wait()
*8823STruong.Q.Nguyen@Sun.COM{
*8823STruong.Q.Nguyen@Sun.COM	scf_propertygroup_t *pg;
*8823STruong.Q.Nguyen@Sun.COM	char *fmri, *scratch;
*8823STruong.Q.Nguyen@Sun.COM	const char *inst_name, *pg_name;
*8823STruong.Q.Nguyen@Sun.COM	ssize_t res;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if ((fmri = umem_alloc(max_scf_fmri_size, UMEM_DEFAULT)) == NULL) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "Out of memory");
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if ((scratch = umem_alloc(max_scf_fmri_size, UMEM_DEFAULT)) == NULL) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "Out of memory");
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if ((pg = scf_pg_create(h)) == NULL) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "scf_pg_create failed: %s\n",
*8823STruong.Q.Nguyen@Sun.COM		    scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	repository_notify_setup(h);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	for (;;) {
*8823STruong.Q.Nguyen@Sun.COM		/*
*8823STruong.Q.Nguyen@Sun.COM		 * Calling _scf_notify_wait which will block this thread
*8823STruong.Q.Nguyen@Sun.COM		 * until it's notified of a framework event.
*8823STruong.Q.Nguyen@Sun.COM		 *
*8823STruong.Q.Nguyen@Sun.COM		 * Note: fmri is only set on delete events.
*8823STruong.Q.Nguyen@Sun.COM		 */
*8823STruong.Q.Nguyen@Sun.COM		res = _scf_notify_wait(pg, fmri, max_scf_fmri_size);
*8823STruong.Q.Nguyen@Sun.COM		if (res < 0) {
*8823STruong.Q.Nguyen@Sun.COM			syslog(LOG_ERR | LOG_DAEMON, "_scf_notify_wait "
*8823STruong.Q.Nguyen@Sun.COM			    "failed: %s\n", scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM			repository_setup();
*8823STruong.Q.Nguyen@Sun.COM		} else if (res == 0) {
*8823STruong.Q.Nguyen@Sun.COM			if (repository_event_process(pg))
*8823STruong.Q.Nguyen@Sun.COM				syslog(LOG_ERR | LOG_DAEMON, "Service may have "
*8823STruong.Q.Nguyen@Sun.COM				    "incorrect IPfilter configuration\n");
*8823STruong.Q.Nguyen@Sun.COM		} else {
*8823STruong.Q.Nguyen@Sun.COM			/*
*8823STruong.Q.Nguyen@Sun.COM			 * The received event is a deletion of a service,
*8823STruong.Q.Nguyen@Sun.COM			 * instance or pg. If it's a deletion of an instance,
*8823STruong.Q.Nguyen@Sun.COM			 * update the instance's IPfilter configuration.
*8823STruong.Q.Nguyen@Sun.COM			 */
*8823STruong.Q.Nguyen@Sun.COM			syslog(LOG_DEBUG | LOG_DAEMON, "Deleted: %s", fmri);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM			(void) strlcpy(scratch, fmri, max_scf_fmri_size);
*8823STruong.Q.Nguyen@Sun.COM			if (scf_parse_svc_fmri(scratch, NULL, NULL, &inst_name,
*8823STruong.Q.Nguyen@Sun.COM			    &pg_name, NULL) != SCF_SUCCESS)
*8823STruong.Q.Nguyen@Sun.COM				continue;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM			if (inst_name != NULL && pg_name == NULL) {
*8823STruong.Q.Nguyen@Sun.COM				(void) ipfilter_update(fmri);
*8823STruong.Q.Nguyen@Sun.COM			}
*8823STruong.Q.Nguyen@Sun.COM		}
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	/*NOTREACHED*/
*8823STruong.Q.Nguyen@Sun.COM}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COMint
*8823STruong.Q.Nguyen@Sun.COMmain()
*8823STruong.Q.Nguyen@Sun.COM{
*8823STruong.Q.Nguyen@Sun.COM	if (daemonize_self() == 1)
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	max_scf_fmri_size = scf_limit(SCF_LIMIT_MAX_FMRI_LENGTH) + 1;
*8823STruong.Q.Nguyen@Sun.COM	max_scf_name_size = scf_limit(SCF_LIMIT_MAX_NAME_LENGTH) + 1;
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	assert(max_scf_fmri_size > 0);
*8823STruong.Q.Nguyen@Sun.COM	assert(max_scf_name_size > 0);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if ((h = scf_handle_create(SCF_VERSION)) == NULL) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "scf_handle_create failed: %s\n",
*8823STruong.Q.Nguyen@Sun.COM		    scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	repository_rebind(h);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	scratch_fmri = umem_alloc(max_scf_fmri_size, UMEM_DEFAULT);
*8823STruong.Q.Nguyen@Sun.COM	scratch_name = umem_alloc(max_scf_name_size, UMEM_DEFAULT);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (scratch_fmri == NULL || scratch_name == NULL) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "Out of memory");
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	inst = scf_instance_create(h);
*8823STruong.Q.Nguyen@Sun.COM	snap = scf_snapshot_create(h);
*8823STruong.Q.Nguyen@Sun.COM	scratch_pg = scf_pg_create(h);
*8823STruong.Q.Nguyen@Sun.COM	scratch_prop = scf_property_create(h);
*8823STruong.Q.Nguyen@Sun.COM	scratch_v = scf_value_create(h);
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	if (inst == NULL || snap == NULL || scratch_pg == NULL ||
*8823STruong.Q.Nguyen@Sun.COM	    scratch_prop == NULL || scratch_v == NULL) {
*8823STruong.Q.Nguyen@Sun.COM		syslog(LOG_ERR | LOG_DAEMON, "Initialization failed: %s\n",
*8823STruong.Q.Nguyen@Sun.COM		    scf_strerror(scf_error()));
*8823STruong.Q.Nguyen@Sun.COM		return (1);
*8823STruong.Q.Nguyen@Sun.COM	}
*8823STruong.Q.Nguyen@Sun.COM
*8823STruong.Q.Nguyen@Sun.COM	return (repository_event_wait());
*8823STruong.Q.Nguyen@Sun.COM}