111767SAnurag.Maskey@Sun.COM#!/sbin/sh 211767SAnurag.Maskey@Sun.COM# 311767SAnurag.Maskey@Sun.COM# CDDL HEADER START 411767SAnurag.Maskey@Sun.COM# 511767SAnurag.Maskey@Sun.COM# The contents of this file are subject to the terms of the 611767SAnurag.Maskey@Sun.COM# Common Development and Distribution License (the "License"). 711767SAnurag.Maskey@Sun.COM# You may not use this file except in compliance with the License. 811767SAnurag.Maskey@Sun.COM# 911767SAnurag.Maskey@Sun.COM# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 1011767SAnurag.Maskey@Sun.COM# or http://www.opensolaris.org/os/licensing. 1111767SAnurag.Maskey@Sun.COM# See the License for the specific language governing permissions 1211767SAnurag.Maskey@Sun.COM# and limitations under the License. 1311767SAnurag.Maskey@Sun.COM# 1411767SAnurag.Maskey@Sun.COM# When distributing Covered Code, include this CDDL HEADER in each 1511767SAnurag.Maskey@Sun.COM# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 1611767SAnurag.Maskey@Sun.COM# If applicable, add the following below this CDDL HEADER, with the 1711767SAnurag.Maskey@Sun.COM# fields enclosed by brackets "[]" replaced with your own identifying 1811767SAnurag.Maskey@Sun.COM# information: Portions Copyright [yyyy] [name of copyright owner] 1911767SAnurag.Maskey@Sun.COM# 2011767SAnurag.Maskey@Sun.COM# CDDL HEADER END 2111767SAnurag.Maskey@Sun.COM# 2211767SAnurag.Maskey@Sun.COM# 2312274SAnurag.Maskey@Oracle.COM# Copyright (c) 2010, Oracle and/or its affiliates. All rights reserved. 2411767SAnurag.Maskey@Sun.COM# 2511767SAnurag.Maskey@Sun.COM 2611767SAnurag.Maskey@Sun.COM. /lib/svc/share/smf_include.sh 2711767SAnurag.Maskey@Sun.COM. /lib/svc/share/net_include.sh 2811767SAnurag.Maskey@Sun.COM 2911767SAnurag.Maskey@Sun.COM# FMRI consts 3011767SAnurag.Maskey@Sun.COMAUTOFS_FMRI="svc:/system/filesystem/autofs" 3111767SAnurag.Maskey@Sun.COMDNS_CLIENT_FMRI="svc:/network/dns/client" 3211767SAnurag.Maskey@Sun.COMIPSEC_IKE_FMRI="svc:/network/ipsec/ike" 3311767SAnurag.Maskey@Sun.COMIPSEC_POLICY_FMRI="svc:/network/ipsec/policy" 3411767SAnurag.Maskey@Sun.COMIPFILTER_FMRI="svc:/network/ipfilter:default" 3511767SAnurag.Maskey@Sun.COMLDAP_CLIENT_FMRI="svc:/network/ldap/client" 3611767SAnurag.Maskey@Sun.COMLOCATION_FMRI="svc:/network/location:default" 3711767SAnurag.Maskey@Sun.COMMAPID_FMRI="svc:/network/nfs/mapid:default" 3811767SAnurag.Maskey@Sun.COMNIS_CLIENT_FMRI="svc:/network/nis/client" 3911767SAnurag.Maskey@Sun.COMNWAM_FMRI="svc:/network/physical:nwam" 4011767SAnurag.Maskey@Sun.COM 4111767SAnurag.Maskey@Sun.COM# commands 4211767SAnurag.Maskey@Sun.COMCP=/usr/bin/cp 4311767SAnurag.Maskey@Sun.COMDHCPINFO=/sbin/dhcpinfo 4411767SAnurag.Maskey@Sun.COMDOMAINNAME=/usr/bin/domainname 4511767SAnurag.Maskey@Sun.COMGREP=/usr/bin/grep 4611767SAnurag.Maskey@Sun.COMLDAPCLIENT=/usr/sbin/ldapclient 4711767SAnurag.Maskey@Sun.COMMKDIR=/usr/bin/mkdir 4811767SAnurag.Maskey@Sun.COMMV=/usr/bin/mv 4911767SAnurag.Maskey@Sun.COMNAWK=/usr/bin/nawk 5011767SAnurag.Maskey@Sun.COMNWAMADM=/usr/sbin/nwamadm 5111767SAnurag.Maskey@Sun.COMNWAMCFG=/usr/sbin/nwamcfg 5211767SAnurag.Maskey@Sun.COMRM=/usr/bin/rm 5311767SAnurag.Maskey@Sun.COMSED=/usr/bin/sed 5411767SAnurag.Maskey@Sun.COMSVCADM=/usr/sbin/svcadm 5511767SAnurag.Maskey@Sun.COMSVCCFG=/usr/sbin/svccfg 5611767SAnurag.Maskey@Sun.COMSVCPROP=/usr/bin/svcprop 5711767SAnurag.Maskey@Sun.COMTOUCH=/usr/bin/touch 5811767SAnurag.Maskey@Sun.COM 5911767SAnurag.Maskey@Sun.COM# Path to directories 6011767SAnurag.Maskey@Sun.COMETC_DEFAULT_DOMAIN=/etc/defaultdomain 6111767SAnurag.Maskey@Sun.COMNIS_BIND_PATH=/var/yp/binding 6211767SAnurag.Maskey@Sun.COMLEGACY_LOC_PATH=/etc/nwam/loc/Legacy 6311767SAnurag.Maskey@Sun.COMUSER_LOC_PATH=/etc/nwam/loc/User 6411767SAnurag.Maskey@Sun.COMSCRIPT_PATH=/etc/svc/volatile/nwam 6511767SAnurag.Maskey@Sun.COM 6611767SAnurag.Maskey@Sun.COM# 6711767SAnurag.Maskey@Sun.COM# echoes DHCP controlled interfaces separated by commas 6811767SAnurag.Maskey@Sun.COM# 6911767SAnurag.Maskey@Sun.COM# Don't parse the output of ifconfig(1M) because interfaces that haven't 7011767SAnurag.Maskey@Sun.COM# acquired a DHCP lease also have the DHCP flag set. 7111767SAnurag.Maskey@Sun.COM# 7211767SAnurag.Maskey@Sun.COMget_dhcp_interfaces () { 7311767SAnurag.Maskey@Sun.COM # 7411767SAnurag.Maskey@Sun.COM # 1. parse netstat(1M) output for v4 interfaces in BOUND 7511767SAnurag.Maskey@Sun.COM # or INFORMATION state 7611767SAnurag.Maskey@Sun.COM # 2. make a space-separated list of interface names 7711767SAnurag.Maskey@Sun.COM # 7811767SAnurag.Maskey@Sun.COM netstat -D -f inet | $NAWK ' 7911767SAnurag.Maskey@Sun.COM $2 ~ /BOUND/ { printf "%s ", $1 } 8011767SAnurag.Maskey@Sun.COM $2 ~ /INFORMATION/ { printf "%s ", $1 }' 8111767SAnurag.Maskey@Sun.COM} 8211767SAnurag.Maskey@Sun.COM 8311767SAnurag.Maskey@Sun.COM# 8411767SAnurag.Maskey@Sun.COM# get_dhcpinfo <code/identifier> 8511767SAnurag.Maskey@Sun.COM# 8612861SRenee.Sommerfeld@Oracle.COM# echoes the value received through each interface controlled by DHCP; 8712861SRenee.Sommerfeld@Oracle.COM# multiple values are echoed as a space-separated list 8812861SRenee.Sommerfeld@Oracle.COM# 8911767SAnurag.Maskey@Sun.COM# returns: 9011767SAnurag.Maskey@Sun.COM# 0 => property is set 9111767SAnurag.Maskey@Sun.COM# 1 => property is not set 9211767SAnurag.Maskey@Sun.COM# 9311767SAnurag.Maskey@Sun.COMget_dhcpinfo () { 9411767SAnurag.Maskey@Sun.COM code=$1 9511767SAnurag.Maskey@Sun.COM 9611767SAnurag.Maskey@Sun.COM # Get all interfaces with DHCP control, IFS is " " 9711767SAnurag.Maskey@Sun.COM interfaces=`get_dhcp_interfaces` 9811767SAnurag.Maskey@Sun.COM 9911767SAnurag.Maskey@Sun.COM info="" 10011767SAnurag.Maskey@Sun.COM for intf in $interfaces; do 10111767SAnurag.Maskey@Sun.COM val=`$DHCPINFO -i $intf $code` 10211767SAnurag.Maskey@Sun.COM if [ $? -eq 0 ]; then 10311767SAnurag.Maskey@Sun.COM if [ "$info" = "" ]; then 10411767SAnurag.Maskey@Sun.COM info="$val" 10511767SAnurag.Maskey@Sun.COM else 10612861SRenee.Sommerfeld@Oracle.COM info="$info $val" 10711767SAnurag.Maskey@Sun.COM fi 10811767SAnurag.Maskey@Sun.COM fi 10911767SAnurag.Maskey@Sun.COM done 11011767SAnurag.Maskey@Sun.COM echo $info 11111767SAnurag.Maskey@Sun.COM} 11211767SAnurag.Maskey@Sun.COM 11311767SAnurag.Maskey@Sun.COM# 11411767SAnurag.Maskey@Sun.COM# set_smf_prop <fmri> <property name> <property value> 11511767SAnurag.Maskey@Sun.COM# 11611767SAnurag.Maskey@Sun.COMset_smf_prop () { 11711767SAnurag.Maskey@Sun.COM $SVCCFG -s $1 setprop $2 = astring: "$3" && return 11811767SAnurag.Maskey@Sun.COM} 11911767SAnurag.Maskey@Sun.COM 12011767SAnurag.Maskey@Sun.COM# 12111767SAnurag.Maskey@Sun.COM# refresh_svc <fmri> 12211767SAnurag.Maskey@Sun.COM# 12311767SAnurag.Maskey@Sun.COM# Refreshes the service. 12411767SAnurag.Maskey@Sun.COM# 12511767SAnurag.Maskey@Sun.COMrefresh_svc () { 12611767SAnurag.Maskey@Sun.COM $SVCADM refresh $1 12711767SAnurag.Maskey@Sun.COM} 12811767SAnurag.Maskey@Sun.COM 12911767SAnurag.Maskey@Sun.COM# 13011767SAnurag.Maskey@Sun.COM# restart_svc <fmri> 13111767SAnurag.Maskey@Sun.COM# 13211767SAnurag.Maskey@Sun.COM# Restarts the service. 13311767SAnurag.Maskey@Sun.COM# 13411767SAnurag.Maskey@Sun.COMrestart_svc () { 13511767SAnurag.Maskey@Sun.COM $SVCADM restart $1 13611767SAnurag.Maskey@Sun.COM} 13711767SAnurag.Maskey@Sun.COM 13811767SAnurag.Maskey@Sun.COM# 13911767SAnurag.Maskey@Sun.COM# start_svc <fmri> 14011767SAnurag.Maskey@Sun.COM# 14111767SAnurag.Maskey@Sun.COM# Starts the service. If the service is already enabled, restarts it. If 14211767SAnurag.Maskey@Sun.COM# it is not enabled, temporarily enables it. 14311767SAnurag.Maskey@Sun.COM# 14411767SAnurag.Maskey@Sun.COMstart_svc () { 14511767SAnurag.Maskey@Sun.COM if service_is_enabled $1; then 14611767SAnurag.Maskey@Sun.COM $SVCADM restart $1 14711767SAnurag.Maskey@Sun.COM else 14811767SAnurag.Maskey@Sun.COM $SVCADM enable -t $1 14911767SAnurag.Maskey@Sun.COM fi 15011767SAnurag.Maskey@Sun.COM} 15111767SAnurag.Maskey@Sun.COM 15211767SAnurag.Maskey@Sun.COM# 15311767SAnurag.Maskey@Sun.COM# stop_svc <fmri> 15411767SAnurag.Maskey@Sun.COM# 15511767SAnurag.Maskey@Sun.COM# Temporarily disables the service. 15611767SAnurag.Maskey@Sun.COM# 15711767SAnurag.Maskey@Sun.COMstop_svc () { 15811767SAnurag.Maskey@Sun.COM $SVCADM disable -t $1 15911767SAnurag.Maskey@Sun.COM} 16011767SAnurag.Maskey@Sun.COM 16111767SAnurag.Maskey@Sun.COM# 16211767SAnurag.Maskey@Sun.COM# copy_default <dir> <file> 16311767SAnurag.Maskey@Sun.COM# 16411767SAnurag.Maskey@Sun.COM# Copies <dir>/<file>.dfl to <dir>/<file> 16511767SAnurag.Maskey@Sun.COM# 16611767SAnurag.Maskey@Sun.COMcopy_default () { 16711767SAnurag.Maskey@Sun.COM $CP -p $1/$2.dfl $1/$2 16811767SAnurag.Maskey@Sun.COM} 16911767SAnurag.Maskey@Sun.COM 17011767SAnurag.Maskey@Sun.COM# 17111767SAnurag.Maskey@Sun.COM# do_dns <location> 17211767SAnurag.Maskey@Sun.COM# 17311767SAnurag.Maskey@Sun.COM# Installs DNS information on /etc/resolv.conf for location 17411767SAnurag.Maskey@Sun.COM# 17512861SRenee.Sommerfeld@Oracle.COM# Returns 0 on success, 1 on failure 17612861SRenee.Sommerfeld@Oracle.COM# 17711767SAnurag.Maskey@Sun.COMdo_dns () { 17811767SAnurag.Maskey@Sun.COM loc=$1 17911767SAnurag.Maskey@Sun.COM file=/etc/resolv.conf 18011767SAnurag.Maskey@Sun.COM 18111767SAnurag.Maskey@Sun.COM # Write out to temporary file first 18211767SAnurag.Maskey@Sun.COM $TOUCH $file.$$ 18311767SAnurag.Maskey@Sun.COM 18412861SRenee.Sommerfeld@Oracle.COM DNS_CONFIGSRC=`nwam_get_loc_list_prop $loc dns-nameservice-configsrc` 18512572SAnurag.Maskey@Oracle.COM if [ -z "$DNS_CONFIGSRC" ]; then 18612572SAnurag.Maskey@Oracle.COM echo "missing 'dns-nameservice-configsrc' property for '$loc'" 18712861SRenee.Sommerfeld@Oracle.COM return 1 18812572SAnurag.Maskey@Oracle.COM fi 18912572SAnurag.Maskey@Oracle.COM 19011767SAnurag.Maskey@Sun.COM for configsrc in $DNS_CONFIGSRC; do 19111767SAnurag.Maskey@Sun.COM case "$configsrc" in 19211767SAnurag.Maskey@Sun.COM 'manual') 19312861SRenee.Sommerfeld@Oracle.COM DNS_SERVERS=`nwam_get_loc_list_prop $loc \ 19412861SRenee.Sommerfeld@Oracle.COM dns-nameservice-servers` 19512861SRenee.Sommerfeld@Oracle.COM if [ -z "$DNS_SERVERS" ]; then 19612861SRenee.Sommerfeld@Oracle.COM echo "DNS nameserver not set for '$loc'" 19712861SRenee.Sommerfeld@Oracle.COM return 1 19812861SRenee.Sommerfeld@Oracle.COM fi 19911767SAnurag.Maskey@Sun.COM DNS_DOMAIN=`nwam_get_loc_prop $loc \ 20011767SAnurag.Maskey@Sun.COM dns-nameservice-domain` 20112861SRenee.Sommerfeld@Oracle.COM DNS_SEARCH=`nwam_get_loc_list_prop $loc \ 20211767SAnurag.Maskey@Sun.COM dns-nameservice-search` 20311767SAnurag.Maskey@Sun.COM ;; 20411767SAnurag.Maskey@Sun.COM 'dhcp') 20511767SAnurag.Maskey@Sun.COM DNS_DOMAIN=`get_dhcpinfo DNSdmain` 20611767SAnurag.Maskey@Sun.COM DNS_SERVERS=`get_dhcpinfo DNSserv` 20711767SAnurag.Maskey@Sun.COM # No DNS search info for IPv4 20811767SAnurag.Maskey@Sun.COM ;; 20911767SAnurag.Maskey@Sun.COM '*') 21011767SAnurag.Maskey@Sun.COM echo "Unrecognized DNS configsrc ${configsrc}; ignoring" 21111767SAnurag.Maskey@Sun.COM ;; 21211767SAnurag.Maskey@Sun.COM esac 21311767SAnurag.Maskey@Sun.COM 21411767SAnurag.Maskey@Sun.COM # Write DNS settings 21511767SAnurag.Maskey@Sun.COM if [ -n "$DNS_DOMAIN" ]; then 21611767SAnurag.Maskey@Sun.COM echo "$DNS_DOMAIN" | $NAWK \ 21712861SRenee.Sommerfeld@Oracle.COM '{ for (i = 1; i <= NF; i++) \ 21811767SAnurag.Maskey@Sun.COM print "domain ", $i }' >> $file.$$ 21911767SAnurag.Maskey@Sun.COM fi 22011767SAnurag.Maskey@Sun.COM if [ -n "$DNS_SEARCH" ]; then 22111767SAnurag.Maskey@Sun.COM echo "$DNS_SEARCH" | $NAWK \ 22212861SRenee.Sommerfeld@Oracle.COM '{ printf("search"); \ 22311767SAnurag.Maskey@Sun.COM for (i = 1; i <= NF; i++) printf(" %s", $i); \ 22411767SAnurag.Maskey@Sun.COM printf("\n") }' >> $file.$$ 22511767SAnurag.Maskey@Sun.COM fi 22611767SAnurag.Maskey@Sun.COM if [ -n "$DNS_SERVERS" ]; then 22711767SAnurag.Maskey@Sun.COM echo "$DNS_SERVERS" | $NAWK \ 22812861SRenee.Sommerfeld@Oracle.COM '{ for (i = 1; i <= NF; i++) \ 22911767SAnurag.Maskey@Sun.COM print "nameserver ", $i }' >> $file.$$ 23011767SAnurag.Maskey@Sun.COM fi 23112572SAnurag.Maskey@Oracle.COM done 23212572SAnurag.Maskey@Oracle.COM 23311767SAnurag.Maskey@Sun.COM # Finally, copy our working version to the real thing 23411767SAnurag.Maskey@Sun.COM $MV -f $file.$$ $file 23511767SAnurag.Maskey@Sun.COM start_svc $DNS_CLIENT_FMRI 23612861SRenee.Sommerfeld@Oracle.COM 23712861SRenee.Sommerfeld@Oracle.COM return 0 23811767SAnurag.Maskey@Sun.COM} 23911767SAnurag.Maskey@Sun.COM 24011767SAnurag.Maskey@Sun.COM# 24111767SAnurag.Maskey@Sun.COM# do_nis <location> 24211767SAnurag.Maskey@Sun.COM# 24311767SAnurag.Maskey@Sun.COM# Installs NIS information on /var/yp/binding/ for location 24411767SAnurag.Maskey@Sun.COM# 24512861SRenee.Sommerfeld@Oracle.COM# Returns 0 on success, 1 on failure 24612861SRenee.Sommerfeld@Oracle.COM# 24711767SAnurag.Maskey@Sun.COMdo_nis () { 24811767SAnurag.Maskey@Sun.COM loc=$1 24911767SAnurag.Maskey@Sun.COM 25012861SRenee.Sommerfeld@Oracle.COM NIS_CONFIGSRC=`nwam_get_loc_list_prop $loc nis-nameservice-configsrc` 25112572SAnurag.Maskey@Oracle.COM if [ -z "$NIS_CONFIGSRC" ]; then 25212572SAnurag.Maskey@Oracle.COM echo "missing 'nis-nameservice-configsrc' property for '$loc'" 25312861SRenee.Sommerfeld@Oracle.COM return 1 25412572SAnurag.Maskey@Oracle.COM fi 25512572SAnurag.Maskey@Oracle.COM 25611767SAnurag.Maskey@Sun.COM for configsrc in $NIS_CONFIGSRC; do 25711767SAnurag.Maskey@Sun.COM case "$configsrc" in 25811767SAnurag.Maskey@Sun.COM 'manual') 25912861SRenee.Sommerfeld@Oracle.COM NIS_SERVERS=`nwam_get_loc_list_prop $loc \ 26011767SAnurag.Maskey@Sun.COM nis-nameservice-servers` 26111767SAnurag.Maskey@Sun.COM DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 26211767SAnurag.Maskey@Sun.COM # user-specified default-domain always wins 26312572SAnurag.Maskey@Oracle.COM if [ -n "$DEFAULT_DOMAIN" ]; then 26412572SAnurag.Maskey@Oracle.COM $DOMAINNAME $DEFAULT_DOMAIN 26512572SAnurag.Maskey@Oracle.COM $DOMAINNAME > $ETC_DEFAULT_DOMAIN 26612861SRenee.Sommerfeld@Oracle.COM else 26712861SRenee.Sommerfeld@Oracle.COM echo "'domainname' not set for '$loc'" 26812861SRenee.Sommerfeld@Oracle.COM return 1 26912572SAnurag.Maskey@Oracle.COM fi 27011767SAnurag.Maskey@Sun.COM ;; 27111767SAnurag.Maskey@Sun.COM 'dhcp') 27211767SAnurag.Maskey@Sun.COM # Use only the first name 27311767SAnurag.Maskey@Sun.COM DEFAULT_DOMAIN=`get_dhcpinfo NISdmain | \ 27412861SRenee.Sommerfeld@Oracle.COM $NAWK '{ print $1 }'` 27511767SAnurag.Maskey@Sun.COM NIS_SERVERS=`get_dhcpinfo NISservs` 27612898SRenee.Sommerfeld@Oracle.COM $DOMAINNAME $DEFAULT_DOMAIN 27712898SRenee.Sommerfeld@Oracle.COM $DOMAINNAME > $ETC_DEFAULT_DOMAIN 27811767SAnurag.Maskey@Sun.COM ;; 27911767SAnurag.Maskey@Sun.COM '*') 28011767SAnurag.Maskey@Sun.COM echo "Unrecognized NIS configsrc ${configsrc}; ignoring" 28111767SAnurag.Maskey@Sun.COM ;; 28211767SAnurag.Maskey@Sun.COM esac 28311767SAnurag.Maskey@Sun.COM 28411767SAnurag.Maskey@Sun.COM # Place NIS settings in appropriate directory/file. 28511767SAnurag.Maskey@Sun.COM if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then 28611767SAnurag.Maskey@Sun.COM $MKDIR -p $NIS_BIND_PATH/$DEFAULT_DOMAIN 28711767SAnurag.Maskey@Sun.COM fi 28811767SAnurag.Maskey@Sun.COM if [ -n "$NIS_SERVERS" ]; then 28911767SAnurag.Maskey@Sun.COM echo "$NIS_SERVERS" | $NAWK \ 29012861SRenee.Sommerfeld@Oracle.COM '{ for (i = 1; i <= NF; i++) print $i }' \ 29111767SAnurag.Maskey@Sun.COM > $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers 29211767SAnurag.Maskey@Sun.COM fi 29311767SAnurag.Maskey@Sun.COM done 29412861SRenee.Sommerfeld@Oracle.COM 29511767SAnurag.Maskey@Sun.COM start_svc $NIS_CLIENT_FMRI 29612861SRenee.Sommerfeld@Oracle.COM 29712861SRenee.Sommerfeld@Oracle.COM return 0 29811767SAnurag.Maskey@Sun.COM} 29911767SAnurag.Maskey@Sun.COM 30011767SAnurag.Maskey@Sun.COM# 30111767SAnurag.Maskey@Sun.COM# do_ldap <location> 30211767SAnurag.Maskey@Sun.COM# 30311767SAnurag.Maskey@Sun.COM# Installs LDAP information using ldapclient(1M) for location 30411767SAnurag.Maskey@Sun.COM# 30512861SRenee.Sommerfeld@Oracle.COM# Returns 0 on success, 1 on failure 30612861SRenee.Sommerfeld@Oracle.COM# 30711767SAnurag.Maskey@Sun.COMdo_ldap () { 30811767SAnurag.Maskey@Sun.COM loc=$1 30911767SAnurag.Maskey@Sun.COM 31012861SRenee.Sommerfeld@Oracle.COM LDAP_CONFIGSRC=`nwam_get_loc_list_prop $loc ldap-nameservice-configsrc` 31112572SAnurag.Maskey@Oracle.COM if [ -z "$LDAP_CONFIGSRC" ]; then 31212572SAnurag.Maskey@Oracle.COM echo "missing 'ldap-nameservice-configsrc' property for '$loc'" 31312861SRenee.Sommerfeld@Oracle.COM return 1 31412572SAnurag.Maskey@Oracle.COM fi 31512572SAnurag.Maskey@Oracle.COM 31611767SAnurag.Maskey@Sun.COM for configsrc in $LDAP_CONFIGSRC; do 31711767SAnurag.Maskey@Sun.COM case "$configsrc" in 31811767SAnurag.Maskey@Sun.COM 'manual') 31912861SRenee.Sommerfeld@Oracle.COM LDAP_SERVERS=`nwam_get_loc_list_prop $loc \ 32011767SAnurag.Maskey@Sun.COM ldap-nameservice-servers` 32111767SAnurag.Maskey@Sun.COM DEFAULT_DOMAIN=`nwam_get_loc_prop $loc default-domain` 32212861SRenee.Sommerfeld@Oracle.COM if [ -z $LDAP_SERVERS -o -z $DEFAULT_DOMAIN ]; then 32312861SRenee.Sommerfeld@Oracle.COM echo "LDAP configuration could not be set "\ 32412861SRenee.Sommerfeld@Oracle.COM "for '$loc'" 32512861SRenee.Sommerfeld@Oracle.COM return 1 32612861SRenee.Sommerfeld@Oracle.COM fi 32711767SAnurag.Maskey@Sun.COM $DOMAINNAME $DEFAULT_DOMAIN 32811767SAnurag.Maskey@Sun.COM $DOMAINNAME > $ETC_DEFAULT_DOMAIN 32911767SAnurag.Maskey@Sun.COM ;; 33011767SAnurag.Maskey@Sun.COM '*') 33112861SRenee.Sommerfeld@Oracle.COM echo "Invalid LDAP configsrc ${configsrc}; ignoring" 33211767SAnurag.Maskey@Sun.COM ;; 33311767SAnurag.Maskey@Sun.COM esac 33411767SAnurag.Maskey@Sun.COM 33511767SAnurag.Maskey@Sun.COM # Use ldapclient(1M) to initialize LDAP client settings. 33611767SAnurag.Maskey@Sun.COM if [ -n "$DEFAULT_DOMAIN" -o -n "$LDAP_SERVERS" ]; then 33711767SAnurag.Maskey@Sun.COM $LDAPCLIENT init -a domainName=$DEFAULT_DOMAIN \ 33811767SAnurag.Maskey@Sun.COM $LDAP_SERVERS 33911767SAnurag.Maskey@Sun.COM fi 34011767SAnurag.Maskey@Sun.COM done 34112861SRenee.Sommerfeld@Oracle.COM 34211767SAnurag.Maskey@Sun.COM start_svc $LDAP_CLIENT_FMRI 34312861SRenee.Sommerfeld@Oracle.COM 34412861SRenee.Sommerfeld@Oracle.COM return 0 34511767SAnurag.Maskey@Sun.COM} 34611767SAnurag.Maskey@Sun.COM 34711767SAnurag.Maskey@Sun.COM# 34811767SAnurag.Maskey@Sun.COM# do_ns <location> 34911767SAnurag.Maskey@Sun.COM# 35011767SAnurag.Maskey@Sun.COM# Installs different nameservices for location 35111767SAnurag.Maskey@Sun.COM# 35212861SRenee.Sommerfeld@Oracle.COM# Returns 0 on success, 1 on failure 35312861SRenee.Sommerfeld@Oracle.COM# 35411767SAnurag.Maskey@Sun.COMdo_ns () { 35511767SAnurag.Maskey@Sun.COM loc=$1 35611767SAnurag.Maskey@Sun.COM 35711767SAnurag.Maskey@Sun.COM # 35811767SAnurag.Maskey@Sun.COM # Disable nameservices temporarily while we reconfigure. Copy 35911767SAnurag.Maskey@Sun.COM # /etc/nsswitch.files to /etc/nsswitch.conf first so that only "files" 36011767SAnurag.Maskey@Sun.COM # are used. 36111767SAnurag.Maskey@Sun.COM # 36211767SAnurag.Maskey@Sun.COM $CP -p /etc/nsswitch.files /etc/nsswitch.conf 36311767SAnurag.Maskey@Sun.COM stop_svc $DNS_CLIENT_FMRI 36411767SAnurag.Maskey@Sun.COM stop_svc $NIS_CLIENT_FMRI 36511767SAnurag.Maskey@Sun.COM stop_svc $LDAP_CLIENT_FMRI 36611767SAnurag.Maskey@Sun.COM 36711767SAnurag.Maskey@Sun.COM # 36811767SAnurag.Maskey@Sun.COM # Remove /etc/defaultdomain and unset domainname(1M). If NIS 36911767SAnurag.Maskey@Sun.COM # and/or LDAP is configured, they will create /etc/defaultdomain 37011767SAnurag.Maskey@Sun.COM # and set the domainname(1M). 37111767SAnurag.Maskey@Sun.COM # 37211767SAnurag.Maskey@Sun.COM $RM -f $ETC_DEFAULT_DOMAIN 37311767SAnurag.Maskey@Sun.COM $DOMAINNAME " " 37411767SAnurag.Maskey@Sun.COM 37512861SRenee.Sommerfeld@Oracle.COM NAMESERVICES=`nwam_get_loc_list_prop $loc nameservices` 37612572SAnurag.Maskey@Oracle.COM if [ -z "$NAMESERVICES" ]; then 37712572SAnurag.Maskey@Oracle.COM echo "missing 'nameservices' property for location '$loc'" 37812861SRenee.Sommerfeld@Oracle.COM return 1 37912572SAnurag.Maskey@Oracle.COM fi 38012572SAnurag.Maskey@Oracle.COM 38111767SAnurag.Maskey@Sun.COM NAMESERVICES_CONFIG_FILE=`nwam_get_loc_prop \ 38211767SAnurag.Maskey@Sun.COM $loc nameservices-config-file` 38312572SAnurag.Maskey@Oracle.COM if [ -z "$NAMESERVICES_CONFIG_FILE" ]; then 38412572SAnurag.Maskey@Oracle.COM echo "missing 'nameservices-config-file' property for '$loc'" 38512861SRenee.Sommerfeld@Oracle.COM return 1 38611767SAnurag.Maskey@Sun.COM fi 38712572SAnurag.Maskey@Oracle.COM $CP -p $NAMESERVICES_CONFIG_FILE /etc/nsswitch.conf 38811767SAnurag.Maskey@Sun.COM 38911767SAnurag.Maskey@Sun.COM for ns in $NAMESERVICES; do 39011767SAnurag.Maskey@Sun.COM case "$ns" in 39111767SAnurag.Maskey@Sun.COM 'files') 39211767SAnurag.Maskey@Sun.COM # no additional setup needed for files nameservice 39311767SAnurag.Maskey@Sun.COM ;; 39411767SAnurag.Maskey@Sun.COM 'dns') 39512861SRenee.Sommerfeld@Oracle.COM do_dns $loc || return 1 39611767SAnurag.Maskey@Sun.COM ;; 39711767SAnurag.Maskey@Sun.COM 'nis') 39812861SRenee.Sommerfeld@Oracle.COM do_nis $loc || return 1 39911767SAnurag.Maskey@Sun.COM ;; 40011767SAnurag.Maskey@Sun.COM 'ldap') 40112861SRenee.Sommerfeld@Oracle.COM do_ldap $loc || return 1 40211767SAnurag.Maskey@Sun.COM ;; 40311767SAnurag.Maskey@Sun.COM '*') 40411767SAnurag.Maskey@Sun.COM echo "Unrecognized nameservices value ${ns}; ignoring" 40511767SAnurag.Maskey@Sun.COM ;; 40611767SAnurag.Maskey@Sun.COM esac 40711767SAnurag.Maskey@Sun.COM done 40811767SAnurag.Maskey@Sun.COM 40911767SAnurag.Maskey@Sun.COM # 41011767SAnurag.Maskey@Sun.COM # Restart other related services 41111767SAnurag.Maskey@Sun.COM # 41211767SAnurag.Maskey@Sun.COM # We explicitly restart here, as restart will only have an 41311767SAnurag.Maskey@Sun.COM # effect if the service is already enabled. We don't want 41411767SAnurag.Maskey@Sun.COM # to enable the service if it's currently disabled. 41511767SAnurag.Maskey@Sun.COM # 41611767SAnurag.Maskey@Sun.COM restart_svc $AUTOFS_FMRI 41712861SRenee.Sommerfeld@Oracle.COM 41812861SRenee.Sommerfeld@Oracle.COM return 0 41911767SAnurag.Maskey@Sun.COM} 42011767SAnurag.Maskey@Sun.COM 42111767SAnurag.Maskey@Sun.COM# 42211767SAnurag.Maskey@Sun.COM# do_sec <location> 42311767SAnurag.Maskey@Sun.COM# 42411767SAnurag.Maskey@Sun.COM# If config properties are set, update the SMF property and refresh the 42511767SAnurag.Maskey@Sun.COM# service. If config properties are not set, delete the SMF property and 42611767SAnurag.Maskey@Sun.COM# stop the service. 42711767SAnurag.Maskey@Sun.COM# 42812861SRenee.Sommerfeld@Oracle.COM# Returns 0 on success, 1 on failure 42912861SRenee.Sommerfeld@Oracle.COM# 43011767SAnurag.Maskey@Sun.COMdo_sec () { 43111767SAnurag.Maskey@Sun.COM loc=$1 43211767SAnurag.Maskey@Sun.COM 43311767SAnurag.Maskey@Sun.COM ike_file=`nwam_get_loc_prop $loc ike-config-file` 43411767SAnurag.Maskey@Sun.COM pol_file=`nwam_get_loc_prop $loc ipsecpolicy-config-file` 43511767SAnurag.Maskey@Sun.COM ipf_file=`nwam_get_loc_prop $loc ipfilter-config-file` 43611767SAnurag.Maskey@Sun.COM ipf6_file=`nwam_get_loc_prop $loc ipfilter-v6-config-file` 43711767SAnurag.Maskey@Sun.COM ipnat_file=`nwam_get_loc_prop $loc ipnat-config-file` 43811767SAnurag.Maskey@Sun.COM ippool_file=`nwam_get_loc_prop $loc ippool-config-file` 43911767SAnurag.Maskey@Sun.COM 44011767SAnurag.Maskey@Sun.COM # IKE 44111767SAnurag.Maskey@Sun.COM if [ -n "$ike_file" ]; then 44211767SAnurag.Maskey@Sun.COM set_smf_prop $IPSEC_IKE_FMRI config/config_file $ike_file 44311767SAnurag.Maskey@Sun.COM refresh_svc $IPSEC_IKE_FMRI 44411767SAnurag.Maskey@Sun.COM start_svc $IPSEC_IKE_FMRI 44511767SAnurag.Maskey@Sun.COM else 44611767SAnurag.Maskey@Sun.COM stop_svc $IPSEC_IKE_FMRI 44711767SAnurag.Maskey@Sun.COM fi 44811767SAnurag.Maskey@Sun.COM 44911767SAnurag.Maskey@Sun.COM # IPsec 45011767SAnurag.Maskey@Sun.COM if [ -n "$pol_file" ]; then 45111767SAnurag.Maskey@Sun.COM set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file 45211767SAnurag.Maskey@Sun.COM refresh_svc $IPSEC_POLICY_FMRI 45311767SAnurag.Maskey@Sun.COM start_svc $IPSEC_POLICY_FMRI 45411767SAnurag.Maskey@Sun.COM else 45511767SAnurag.Maskey@Sun.COM stop_svc $IPSEC_POLICY_FMRI 45611767SAnurag.Maskey@Sun.COM fi 45711767SAnurag.Maskey@Sun.COM 45811767SAnurag.Maskey@Sun.COM # IPFilter 45911767SAnurag.Maskey@Sun.COM refresh_ipf=false 46011767SAnurag.Maskey@Sun.COM if [ -n "$ipf_file" ]; then 46111767SAnurag.Maskey@Sun.COM if [ "$ipf_file" = "/none" ]; then 46211767SAnurag.Maskey@Sun.COM set_smf_prop $IPFILTER_FMRI \ 46311767SAnurag.Maskey@Sun.COM firewall_config_default/policy "none" 46411767SAnurag.Maskey@Sun.COM elif [ "$ipf_file" = "/deny" ]; then 46511767SAnurag.Maskey@Sun.COM set_smf_prop $IPFILTER_FMRI \ 46611767SAnurag.Maskey@Sun.COM firewall_config_default/policy "deny" 46711767SAnurag.Maskey@Sun.COM elif [ "$ipf_file" = "/allow" ]; then 46811767SAnurag.Maskey@Sun.COM set_smf_prop $IPFILTER_FMRI \ 46911767SAnurag.Maskey@Sun.COM firewall_config_default/policy "allow" 47011767SAnurag.Maskey@Sun.COM else 47111767SAnurag.Maskey@Sun.COM # custom policy with policy file 47211767SAnurag.Maskey@Sun.COM set_smf_prop $IPFILTER_FMRI \ 47311767SAnurag.Maskey@Sun.COM firewall_config_default/policy "custom" 47411767SAnurag.Maskey@Sun.COM set_smf_prop $IPFILTER_FMRI \ 47511767SAnurag.Maskey@Sun.COM firewall_config_default/custom_policy_file $ipf_file 47611767SAnurag.Maskey@Sun.COM fi 47711767SAnurag.Maskey@Sun.COM refresh_ipf=true 47811767SAnurag.Maskey@Sun.COM else 47911767SAnurag.Maskey@Sun.COM # change policy to "none", no need to clear custom_policy_file 48011767SAnurag.Maskey@Sun.COM set_smf_prop $IPFILTER_FMRI firewall_config_default/policy \ 48111767SAnurag.Maskey@Sun.COM "none" 48211767SAnurag.Maskey@Sun.COM # IPFilter has to be refreshed to make the changes effective. 48311767SAnurag.Maskey@Sun.COM # Don't set $refresh_ipf as it keeps IPFilter online rather 48411767SAnurag.Maskey@Sun.COM # than disabled. Refresh after IPFilter is disabled below. 48511767SAnurag.Maskey@Sun.COM fi 48611767SAnurag.Maskey@Sun.COM if [ -n "$ipf6_file" ]; then 48711767SAnurag.Maskey@Sun.COM set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file 48811767SAnurag.Maskey@Sun.COM refresh_ipf=true 48911767SAnurag.Maskey@Sun.COM fi 49011767SAnurag.Maskey@Sun.COM if [ -n "$ipnat_file" ]; then 49111767SAnurag.Maskey@Sun.COM set_smf_prop $IPFILTER_FMRI config/ipnat_config_file $ipnat_file 49211767SAnurag.Maskey@Sun.COM refresh_ipf=true 49311767SAnurag.Maskey@Sun.COM fi 49411767SAnurag.Maskey@Sun.COM if [ -n "$ippool_file" ]; then 49511767SAnurag.Maskey@Sun.COM set_smf_prop $IPFILTER_FMRI config/ippool_config_file \ 49611767SAnurag.Maskey@Sun.COM $ippool_file 49711767SAnurag.Maskey@Sun.COM refresh_ipf=true 49811767SAnurag.Maskey@Sun.COM fi 49911767SAnurag.Maskey@Sun.COM 50011767SAnurag.Maskey@Sun.COM if [ "$refresh_ipf" = "true" ]; then 50111767SAnurag.Maskey@Sun.COM refresh_svc $IPFILTER_FMRI 50211767SAnurag.Maskey@Sun.COM start_svc $IPFILTER_FMRI 50311767SAnurag.Maskey@Sun.COM else 50411767SAnurag.Maskey@Sun.COM stop_svc $IPFILTER_FMRI 50511767SAnurag.Maskey@Sun.COM refresh_svc $IPFILTER_FMRI 50611767SAnurag.Maskey@Sun.COM fi 50712861SRenee.Sommerfeld@Oracle.COM 50812861SRenee.Sommerfeld@Oracle.COM return 0 50911767SAnurag.Maskey@Sun.COM} 51011767SAnurag.Maskey@Sun.COM 51111767SAnurag.Maskey@Sun.COM# 51211767SAnurag.Maskey@Sun.COM# do_nfsv4 <location> 51311767SAnurag.Maskey@Sun.COM# 514*13080SPavan.Mettu@Oracle.COM# Updates NFSv4 domain for location in SMF 51511767SAnurag.Maskey@Sun.COM# 51612861SRenee.Sommerfeld@Oracle.COM# Returns 0 on success, 1 on failure 51712861SRenee.Sommerfeld@Oracle.COM# 51811767SAnurag.Maskey@Sun.COMdo_nfsv4 () { 51911767SAnurag.Maskey@Sun.COM loc=$1 52011767SAnurag.Maskey@Sun.COM 52111767SAnurag.Maskey@Sun.COM nfsv4domain=`nwam_get_loc_prop $loc nfsv4-domain` 52211767SAnurag.Maskey@Sun.COM if [ $? -eq 0 ]; then 523*13080SPavan.Mettu@Oracle.COM set_smf_prop $MAPID_FMRI \ 524*13080SPavan.Mettu@Oracle.COM nfs-props/nfsmapid_domain $nfsv4domain 52511767SAnurag.Maskey@Sun.COM start_svc $MAPID_FMRI 52611767SAnurag.Maskey@Sun.COM else 52711767SAnurag.Maskey@Sun.COM stop_svc $MAPID_FMRI 52811767SAnurag.Maskey@Sun.COM fi 52912861SRenee.Sommerfeld@Oracle.COM 53012861SRenee.Sommerfeld@Oracle.COM return 0 53111767SAnurag.Maskey@Sun.COM} 53211767SAnurag.Maskey@Sun.COM 53311767SAnurag.Maskey@Sun.COM# 53411767SAnurag.Maskey@Sun.COM# activate_loc <location> 53511767SAnurag.Maskey@Sun.COM# 53611767SAnurag.Maskey@Sun.COM# Activates the given location 53711767SAnurag.Maskey@Sun.COM# 53812861SRenee.Sommerfeld@Oracle.COM# Returns 0 on success, 1 on failure 53912861SRenee.Sommerfeld@Oracle.COM# 54011767SAnurag.Maskey@Sun.COMactivate_loc () { 54111767SAnurag.Maskey@Sun.COM loc=$1 54211767SAnurag.Maskey@Sun.COM 54311767SAnurag.Maskey@Sun.COM echo activating $loc location 54411767SAnurag.Maskey@Sun.COM 54512861SRenee.Sommerfeld@Oracle.COM # 54612861SRenee.Sommerfeld@Oracle.COM # if we fail to complete any part of the config, 54712861SRenee.Sommerfeld@Oracle.COM # stop activation work and report failure. 54812861SRenee.Sommerfeld@Oracle.COM # 54912861SRenee.Sommerfeld@Oracle.COM do_sec $loc && do_ns $loc && do_nfsv4 $loc && return 0 55012861SRenee.Sommerfeld@Oracle.COM return 1 55111767SAnurag.Maskey@Sun.COM} 55211767SAnurag.Maskey@Sun.COM 55311767SAnurag.Maskey@Sun.COM# 55411767SAnurag.Maskey@Sun.COM# Script entry point 55511767SAnurag.Maskey@Sun.COM# 55611767SAnurag.Maskey@Sun.COM# Arguments to net-loc are 55711767SAnurag.Maskey@Sun.COM# method ('start' or 'refresh') 55811767SAnurag.Maskey@Sun.COM 55911767SAnurag.Maskey@Sun.COM# 56011767SAnurag.Maskey@Sun.COM# If nwam is not enabled, do nothing and return OK. 56111767SAnurag.Maskey@Sun.COM# 56211767SAnurag.Maskey@Sun.COMservice_is_enabled $NWAM_FMRI || exit $SMF_EXIT_OK 56311767SAnurag.Maskey@Sun.COM 56411767SAnurag.Maskey@Sun.COM# 56511767SAnurag.Maskey@Sun.COM# In a shared-IP zone we need this service to be up, but all of the work 56611767SAnurag.Maskey@Sun.COM# it tries to do is irrelevant (and will actually lead to the service 56711767SAnurag.Maskey@Sun.COM# failing if we try to do it), so just bail out. 56811767SAnurag.Maskey@Sun.COM# In the global zone and exclusive-IP zones we proceed. 56911767SAnurag.Maskey@Sun.COM# 57011767SAnurag.Maskey@Sun.COMsmf_configure_ip || exit $SMF_EXIT_OK 57111767SAnurag.Maskey@Sun.COM 57211767SAnurag.Maskey@Sun.COMcase "$1" in 57311767SAnurag.Maskey@Sun.COM 57411767SAnurag.Maskey@Sun.COM'start') 57511767SAnurag.Maskey@Sun.COM # 57611767SAnurag.Maskey@Sun.COM # We need to create the default (NoNet and Automatic) 57711767SAnurag.Maskey@Sun.COM # locations, if they don't already exist. So: first check 57811767SAnurag.Maskey@Sun.COM # for the existence of each, and then run the appropriate 57911767SAnurag.Maskey@Sun.COM # nwamcfg script(s) as needed. Restart nwamd if a location is 58011767SAnurag.Maskey@Sun.COM # created, as it needs to read it in. 58111767SAnurag.Maskey@Sun.COM # 58211767SAnurag.Maskey@Sun.COM LOC_CREATED="false" 58311767SAnurag.Maskey@Sun.COM $NWAMCFG list loc Automatic >/dev/null 2>&1 58411767SAnurag.Maskey@Sun.COM if [ $? -eq 1 ]; then 58511767SAnurag.Maskey@Sun.COM $NWAMCFG -f /etc/nwam/loc/create_loc_auto 58611767SAnurag.Maskey@Sun.COM LOC_CREATED="true" 58711767SAnurag.Maskey@Sun.COM fi 58811767SAnurag.Maskey@Sun.COM 58911767SAnurag.Maskey@Sun.COM $NWAMCFG list loc NoNet >/dev/null 2>&1 59011767SAnurag.Maskey@Sun.COM if [ $? -eq 1 ]; then 59111767SAnurag.Maskey@Sun.COM NONETPATH=/etc/nwam/loc/NoNet 59211767SAnurag.Maskey@Sun.COM NONETFILES="ipf.conf ipf6.conf" 59311767SAnurag.Maskey@Sun.COM for file in $NONETFILES; do 59411767SAnurag.Maskey@Sun.COM copy_default $NONETPATH $file 59511767SAnurag.Maskey@Sun.COM done 59611767SAnurag.Maskey@Sun.COM $NWAMCFG -f /etc/nwam/loc/create_loc_nonet 59711767SAnurag.Maskey@Sun.COM LOC_CREATED="true" 59811767SAnurag.Maskey@Sun.COM fi 59911767SAnurag.Maskey@Sun.COM 60011767SAnurag.Maskey@Sun.COM if [ "$LOC_CREATED" = "true" ]; then 60111767SAnurag.Maskey@Sun.COM refresh_svc $NWAM_FMRI 60211767SAnurag.Maskey@Sun.COM fi 60311767SAnurag.Maskey@Sun.COM 60411767SAnurag.Maskey@Sun.COM # location selection/activation happens below 60511767SAnurag.Maskey@Sun.COM ;; 60611767SAnurag.Maskey@Sun.COM 60711767SAnurag.Maskey@Sun.COM'refresh') 60811767SAnurag.Maskey@Sun.COM 60911767SAnurag.Maskey@Sun.COM # location selection/activation happens below 61011767SAnurag.Maskey@Sun.COM ;; 61111767SAnurag.Maskey@Sun.COM 61211767SAnurag.Maskey@Sun.COM*) 61311767SAnurag.Maskey@Sun.COM echo "Usage: $0 start|refresh" 61411767SAnurag.Maskey@Sun.COM exit 1 61511767SAnurag.Maskey@Sun.COM ;; 61611767SAnurag.Maskey@Sun.COM 61711767SAnurag.Maskey@Sun.COMesac 61811767SAnurag.Maskey@Sun.COM 61911767SAnurag.Maskey@Sun.COM# 62011767SAnurag.Maskey@Sun.COM# If the Legacy location doesn't exist and the file to create the Legacy 62111767SAnurag.Maskey@Sun.COM# location exists, create the Legacy location. Make a copy of it as the user's 62211767SAnurag.Maskey@Sun.COM# intentions before upgrade. Then activate the User location if nis is 62311767SAnurag.Maskey@Sun.COM# involved. Because NIS affects more parts of the system (e.g. automounts) we 62411767SAnurag.Maskey@Sun.COM# are not willing to make NIS part of the Automatic location (i.e. enable it 62511767SAnurag.Maskey@Sun.COM# automatically based on external input) as we do with DHCP-driven DNS. 62611767SAnurag.Maskey@Sun.COM# 62711767SAnurag.Maskey@Sun.COMactivate_user_loc=0 62811767SAnurag.Maskey@Sun.COM$NWAMCFG list loc Legacy >/dev/null 2>&1 62911767SAnurag.Maskey@Sun.COMif [ $? -eq 1 -a -f "$SCRIPT_PATH/create_loc_legacy" ]; then 63011767SAnurag.Maskey@Sun.COM # 63111767SAnurag.Maskey@Sun.COM # We built the script in and pointing to /etc/svc/volatile because we 63211767SAnurag.Maskey@Sun.COM # may not have a writable filesystem in net-nwam. So here we move the 63311767SAnurag.Maskey@Sun.COM # components and rewrite the script to point at the writable filesystem. 63411767SAnurag.Maskey@Sun.COM # 63513031SAnurag.Maskey@Oracle.COM $CP -r $SCRIPT_PATH/Legacy /etc/nwam/loc 63611767SAnurag.Maskey@Sun.COM $MV $SCRIPT_PATH/create_loc_legacy $SCRIPT_PATH/vcreate_loc_legacy 63713031SAnurag.Maskey@Oracle.COM $SED -e's,$SCRIPT_PATH/Legacy,$LEGACY_LOC_PATH,' \ 63811767SAnurag.Maskey@Sun.COM $SCRIPT_PATH/vcreate_loc_legacy >$SCRIPT_PATH/create_loc_legacy 63913031SAnurag.Maskey@Oracle.COM $RM -f $SCRIPT_PATH/vcreate_loc_legacy 64011767SAnurag.Maskey@Sun.COM $NWAMCFG -f $SCRIPT_PATH/create_loc_legacy 64111767SAnurag.Maskey@Sun.COM loc_ver=`$SVCPROP -c -p location_upgrade/version $LOCATION_FMRI \ 64211767SAnurag.Maskey@Sun.COM 2>/dev/null` 64311767SAnurag.Maskey@Sun.COM if [ $? -eq 1 ]; then 64411767SAnurag.Maskey@Sun.COM # 64511767SAnurag.Maskey@Sun.COM # We are rewriting configuration variables from the Legacy 64611767SAnurag.Maskey@Sun.COM # location to the User location. Use variable ULP to keep REs 64711767SAnurag.Maskey@Sun.COM # within a line. 64811767SAnurag.Maskey@Sun.COM # 64911767SAnurag.Maskey@Sun.COM ULP=$USER_LOC_PATH 65011767SAnurag.Maskey@Sun.COM $SED -e's,Legacy,User,' \ 65111767SAnurag.Maskey@Sun.COM -e's,activation-mode=system,activation-mode=manual,' \ 65211767SAnurag.Maskey@Sun.COM -e"s,\(ipfilter-config-file=\).*/\(.*\),\1$ULP/\2," \ 65311767SAnurag.Maskey@Sun.COM -e"s,\(ipfilter-v6-config-file=\).*/\(.*\),\1$ULP/\2," \ 65411767SAnurag.Maskey@Sun.COM -e"s,\(ipnat-config-file=\).*/\(.*\),\1$ULP/\2," \ 65511767SAnurag.Maskey@Sun.COM -e"s,\(ippool-config-file=\).*/\(.*\),\1$ULP/\2," \ 65611767SAnurag.Maskey@Sun.COM -e"s,\(ike-config-file=\).*/\(.*\),\1$ULP/\2," \ 65711767SAnurag.Maskey@Sun.COM -e"s,\(ipsecpolicy-config-file=\).*/\(.*\),\1$ULP/\2," \ 65811767SAnurag.Maskey@Sun.COM $SCRIPT_PATH/create_loc_legacy | \ 65911767SAnurag.Maskey@Sun.COM $SED -e's,/etc/nwam/loc/User/none,/none,' \ 66011767SAnurag.Maskey@Sun.COM -e's,/etc/nwam/loc/User/allow,/allow,' \ 66111767SAnurag.Maskey@Sun.COM -e's,/etc/nwam/loc/User/deny,/deny,' \ 66211767SAnurag.Maskey@Sun.COM >$SCRIPT_PATH/create_loc_user 66311767SAnurag.Maskey@Sun.COM # 66411767SAnurag.Maskey@Sun.COM # We are creating the User location here. The User location 66511767SAnurag.Maskey@Sun.COM # is an appromixation of the machine configuration when the 66611767SAnurag.Maskey@Sun.COM # user change or upgraded to this version of NWAM. First 66711767SAnurag.Maskey@Sun.COM # we make sure there isn't an existing User location or any 66811767SAnurag.Maskey@Sun.COM # existing User location data. We then copy all the data 66911767SAnurag.Maskey@Sun.COM # from the Legacy location and create a location pointing at 67011767SAnurag.Maskey@Sun.COM # that data. Lastly we create a version property to note 67111767SAnurag.Maskey@Sun.COM # that we have done this. 67211767SAnurag.Maskey@Sun.COM # 67311767SAnurag.Maskey@Sun.COM $NWAMCFG destroy loc User 2>/dev/null 67411767SAnurag.Maskey@Sun.COM $RM -rf $USER_LOC_PATH 67511767SAnurag.Maskey@Sun.COM $CP -r $LEGACY_LOC_PATH $USER_LOC_PATH 67611767SAnurag.Maskey@Sun.COM $RM -f $USER_LOC_PATH/resolv.conf 67711767SAnurag.Maskey@Sun.COM $NWAMCFG -f $SCRIPT_PATH/create_loc_user 67811767SAnurag.Maskey@Sun.COM # The User location is activated if 'nis' is in a non comment 67911767SAnurag.Maskey@Sun.COM # line of nsswitch.conf. 68011767SAnurag.Maskey@Sun.COM $GREP -v "^#" $USER_LOC_PATH/nsswitch.conf |\ 68111767SAnurag.Maskey@Sun.COM $SED -e 's/[^:]*://' | $GREP nis >/dev/null 2>&1 68211767SAnurag.Maskey@Sun.COM if [ $? -eq 0 ]; then 68311767SAnurag.Maskey@Sun.COM activate_user_loc=1 68411767SAnurag.Maskey@Sun.COM fi 68511767SAnurag.Maskey@Sun.COM $SVCCFG -s $SMF_FMRI addpg location_upgrade application \ 68611767SAnurag.Maskey@Sun.COM 2>/dev/null 68711767SAnurag.Maskey@Sun.COM $SVCCFG -s $SMF_FMRI setprop location_upgrade/version = \ 68811767SAnurag.Maskey@Sun.COM astring: "1" 68911767SAnurag.Maskey@Sun.COM fi 69011767SAnurag.Maskey@Sun.COMfi 69111767SAnurag.Maskey@Sun.COM 69211767SAnurag.Maskey@Sun.COM# 69311767SAnurag.Maskey@Sun.COM# Activate a location. If we've just finished upgrading, and 69411767SAnurag.Maskey@Sun.COM# the User location should be activated, do that (and use nwamadm 69511767SAnurag.Maskey@Sun.COM# to do so, so the enabled property gets set and nwamd knows this 69611767SAnurag.Maskey@Sun.COM# selection has been made). Otherwise, if our location/selected 69711767SAnurag.Maskey@Sun.COM# property has a value, we activate that location; else we activate 69811767SAnurag.Maskey@Sun.COM# the NoNet location as a default value. 69911767SAnurag.Maskey@Sun.COM# 70011767SAnurag.Maskey@Sun.COMif [ $activate_user_loc -eq 1 ]; then 70111767SAnurag.Maskey@Sun.COM $NWAMADM enable -p loc User 70211767SAnurag.Maskey@Sun.COMelse 70311767SAnurag.Maskey@Sun.COM sel_loc=`$SVCPROP -c -p location/selected $SMF_FMRI 2>/dev/null` 70411767SAnurag.Maskey@Sun.COM if [ $? -eq 1 ]; then 70511767SAnurag.Maskey@Sun.COM # location hasn't been selected; default to NoNet 70611767SAnurag.Maskey@Sun.COM activate_loc NoNet 70711767SAnurag.Maskey@Sun.COM else 70812861SRenee.Sommerfeld@Oracle.COM # 70912861SRenee.Sommerfeld@Oracle.COM # If the selected location does not exist, or if we fail 71012861SRenee.Sommerfeld@Oracle.COM # to activate it completely, we fall back to the NoNet 71112861SRenee.Sommerfeld@Oracle.COM # location. Also poke nwamd, so it will check conditions 71212861SRenee.Sommerfeld@Oracle.COM # for a better choice. 71312861SRenee.Sommerfeld@Oracle.COM # 71412274SAnurag.Maskey@Oracle.COM $NWAMCFG list loc $sel_loc >/dev/null 2>&1 71512274SAnurag.Maskey@Oracle.COM if [ $? -eq 1 ]; then 71612572SAnurag.Maskey@Oracle.COM echo "location '$sel_loc' doesn't exist" 71712861SRenee.Sommerfeld@Oracle.COM activate_loc NoNet 71812861SRenee.Sommerfeld@Oracle.COM refresh_svc $NWAM_FMRI 71912274SAnurag.Maskey@Oracle.COM else 72012274SAnurag.Maskey@Oracle.COM # activate selected location 72112861SRenee.Sommerfeld@Oracle.COM if ! activate_loc $sel_loc; then 72212861SRenee.Sommerfeld@Oracle.COM echo "failed to activate '$sel_loc'" 72312861SRenee.Sommerfeld@Oracle.COM activate_loc NoNet 72412861SRenee.Sommerfeld@Oracle.COM refresh_svc $NWAM_FMRI 72512861SRenee.Sommerfeld@Oracle.COM fi 72612274SAnurag.Maskey@Oracle.COM fi 72711767SAnurag.Maskey@Sun.COM fi 72811767SAnurag.Maskey@Sun.COMfi 72911767SAnurag.Maskey@Sun.COM 73011767SAnurag.Maskey@Sun.COMexit $SMF_EXIT_OK 731