11991Sheppo#!/sbin/sh 21991Sheppo# 38734SSriharsha.Basavapatna@Sun.COM# Copyright 2009 Sun Microsystems, Inc. All rights reserved. 41991Sheppo# Use is subject to license terms. 51991Sheppo# 61991Sheppo# CDDL HEADER START 71991Sheppo# 81991Sheppo# The contents of this file are subject to the terms of the 91991Sheppo# Common Development and Distribution License (the "License"). 101991Sheppo# You may not use this file except in compliance with the License. 111991Sheppo# 121991Sheppo# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 131991Sheppo# or http://www.opensolaris.org/os/licensing. 141991Sheppo# See the License for the specific language governing permissions 151991Sheppo# and limitations under the License. 161991Sheppo# 171991Sheppo# When distributing Covered Code, include this CDDL HEADER in each 181991Sheppo# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 191991Sheppo# If applicable, add the following below this CDDL HEADER, with the 201991Sheppo# fields enclosed by brackets "[]" replaced with your own identifying 211991Sheppo# information: Portions Copyright [yyyy] [name of copyright owner] 221991Sheppo# 231991Sheppo# CDDL HEADER END 241991Sheppo# 251991Sheppo# Start script for vntsd 261991Sheppo# 271991Sheppo# For modifying parameters passed to vntsd, do not edit 281991Sheppo# this script. Instead use svccfg(1m) to modify the SMF 291991Sheppo# repository. For example: 301991Sheppo# 311991Sheppo# svccfg 321991Sheppo# svc:> select ldoms/vntsd 331991Sheppo# svc:/ldoms/vntsd> setprop vntsd/vcc_device = "virtual-console-concentrator@1" 341991Sheppo# svc:/ldoms/vntsd> setprop vntsd/listen_addr = "192.168.1.1" 358734SSriharsha.Basavapatna@Sun.COM# svc:/ldoms/vntsd> setprop vntsd/authorization="true" 361991Sheppo# svc:/ldoms/vntsd> exit 371991Sheppo 381991Sheppo. /lib/svc/share/smf_include.sh 391991Sheppo 408734SSriharsha.Basavapatna@Sun.COMAUTH_ATTR=/etc/security/auth_attr 418734SSriharsha.Basavapatna@Sun.COMUSER_ATTR=/etc/user_attr 428734SSriharsha.Basavapatna@Sun.COMGREP=/usr/bin/grep 438734SSriharsha.Basavapatna@Sun.COMCAT=/usr/bin/cat 448734SSriharsha.Basavapatna@Sun.COMED=/usr/bin/ed 458734SSriharsha.Basavapatna@Sun.COMSVCCFG=/usr/sbin/svccfg 468734SSriharsha.Basavapatna@Sun.COMSVCPROP=/bin/svcprop 478734SSriharsha.Basavapatna@Sun.COM 488734SSriharsha.Basavapatna@Sun.COM# 498734SSriharsha.Basavapatna@Sun.COM# Add LDoms vntsd authorization entries to etc/security/auth_attr if not 508734SSriharsha.Basavapatna@Sun.COM# present. These define authorizations used by LDoms vntsd daemon. 518734SSriharsha.Basavapatna@Sun.COM# 528734SSriharsha.Basavapatna@Sun.COMadd_auth_entries() 538734SSriharsha.Basavapatna@Sun.COM{ 548734SSriharsha.Basavapatna@Sun.COM # Add entries to auth_attr file, if needed 558734SSriharsha.Basavapatna@Sun.COM $GREP '^solaris.vntsd.:' ${AUTH_ATTR} >/dev/null 2>&1 568734SSriharsha.Basavapatna@Sun.COM if [ $? -ne 0 ] ; then 578734SSriharsha.Basavapatna@Sun.COM $CAT >>${AUTH_ATTR} << EOF 588734SSriharsha.Basavapatna@Sun.COM# Added by svc-vntsd 598734SSriharsha.Basavapatna@Sun.COMsolaris.vntsd.:::LDoms vntsd Administration:: 608734SSriharsha.Basavapatna@Sun.COMsolaris.vntsd.grant:::Delegate LDoms vntsd Administration:: 618734SSriharsha.Basavapatna@Sun.COMsolaris.vntsd.consoles:::Access All LDoms Guest Consoles:: 628734SSriharsha.Basavapatna@Sun.COM# End of svc-vntsd 638734SSriharsha.Basavapatna@Sun.COMEOF 648734SSriharsha.Basavapatna@Sun.COM fi 658734SSriharsha.Basavapatna@Sun.COM} 668734SSriharsha.Basavapatna@Sun.COM 678734SSriharsha.Basavapatna@Sun.COM# 688734SSriharsha.Basavapatna@Sun.COM# Add a LDoms user/role entry to etc/user_attr if not present. 698734SSriharsha.Basavapatna@Sun.COM# This defines user/role used by useradd or roleadd. 708734SSriharsha.Basavapatna@Sun.COM# 718734SSriharsha.Basavapatna@Sun.COMadd_user_entries() 728734SSriharsha.Basavapatna@Sun.COM{ 738734SSriharsha.Basavapatna@Sun.COM # 748734SSriharsha.Basavapatna@Sun.COM # Add entries to user_attr file, if needed. 758734SSriharsha.Basavapatna@Sun.COM # 768734SSriharsha.Basavapatna@Sun.COM $GREP 'solaris.vntsd.grant' ${USER_ATTR} >/dev/null 2>&1 778734SSriharsha.Basavapatna@Sun.COM 788734SSriharsha.Basavapatna@Sun.COM if [ $? -ne 0 ] ; then 798734SSriharsha.Basavapatna@Sun.COM 808734SSriharsha.Basavapatna@Sun.COM $GREP '^root' ${USER_ATTR} | $GREP 'auths=' >/dev/null 2>&1 818734SSriharsha.Basavapatna@Sun.COM if [ $? -eq 0 ] ; then 828734SSriharsha.Basavapatna@Sun.COM # 838734SSriharsha.Basavapatna@Sun.COM # Add vntsd attribute to an existing root entry. 848734SSriharsha.Basavapatna@Sun.COM # 858734SSriharsha.Basavapatna@Sun.COM $ED -s ${USER_ATTR} <<- EOF > /dev/null 2>&1 868734SSriharsha.Basavapatna@Sun.COM g/^root.*auths\=/s/^roo.*auths\=/&solaris.vntsd.grant,/ 878734SSriharsha.Basavapatna@Sun.COM w 888734SSriharsha.Basavapatna@Sun.COM q 898734SSriharsha.Basavapatna@Sun.COM EOF 908734SSriharsha.Basavapatna@Sun.COM else 918734SSriharsha.Basavapatna@Sun.COM # 928734SSriharsha.Basavapatna@Sun.COM # Add a root entry with vntsd attribute. 938734SSriharsha.Basavapatna@Sun.COM # 948734SSriharsha.Basavapatna@Sun.COM $CAT >>${USER_ATTR} << EOF 958734SSriharsha.Basavapatna@Sun.COM# Added by svc-vntsd 968734SSriharsha.Basavapatna@Sun.COMroot::::type=normal;auths=solaris.vntsd.grant;lock_after_retries=0 978734SSriharsha.Basavapatna@Sun.COM# End of svc-vntsd 988734SSriharsha.Basavapatna@Sun.COMEOF 998734SSriharsha.Basavapatna@Sun.COM fi 1008734SSriharsha.Basavapatna@Sun.COM fi 1018734SSriharsha.Basavapatna@Sun.COM} 1028734SSriharsha.Basavapatna@Sun.COM 1038734SSriharsha.Basavapatna@Sun.COM# 1048734SSriharsha.Basavapatna@Sun.COM# Update 'vntsd' authorizations in the relevant files. Note that adding these 1058734SSriharsha.Basavapatna@Sun.COM# entries from this smf script rather than from the pkg install scripts, 1068734SSriharsha.Basavapatna@Sun.COM# ensures that they are added only if the vntsd service is being enabled; and 1078734SSriharsha.Basavapatna@Sun.COM# hence avoids adding these entries unnecessarily into client guest domains. 1088734SSriharsha.Basavapatna@Sun.COM# The functions check before adding, that the entries are not already present. 1098734SSriharsha.Basavapatna@Sun.COM# 1108734SSriharsha.Basavapatna@Sun.COMadd_auth_entries 1118734SSriharsha.Basavapatna@Sun.COMadd_user_entries 1128734SSriharsha.Basavapatna@Sun.COM 1138734SSriharsha.Basavapatna@Sun.COMvcc_device=`$SVCPROP -p vntsd/vcc_device $SMF_FMRI 2>/dev/null` 1141991Sheppoif [ -z "$vcc_device" ]; then 1151991Sheppo vcc_device="virtual-console-concentrator@0" 1161991Sheppofi 1171991Sheppoargs="-i $vcc_device" 1181991Sheppo 1198734SSriharsha.Basavapatna@Sun.COMlisten_addr=`$SVCPROP -p vntsd/listen_addr $SMF_FMRI 2>/dev/null` 1201991Sheppoif [ -n "$listen_addr" ]; then 1211991Sheppo args="$args -p $listen_addr" 1221991Sheppofi 1231991Sheppo 1248734SSriharsha.Basavapatna@Sun.COMtimeout=`$SVCPROP -p vntsd/timeout_minutes $SMF_FMRI 2>/dev/null` 1251991Sheppoif [ -n "$timeout" ]; then 1261991Sheppo args="$args -t $timeout" 1271991Sheppofi 1281991Sheppo 1298734SSriharsha.Basavapatna@Sun.COMauth=`$SVCPROP -p vntsd/authorization $SMF_FMRI 2>/dev/null` 1308734SSriharsha.Basavapatna@Sun.COMif [ "$auth" = "true" ]; then 1318734SSriharsha.Basavapatna@Sun.COM args="$args -A" 1328734SSriharsha.Basavapatna@Sun.COMfi 1338734SSriharsha.Basavapatna@Sun.COM 134*10723SZachary.Kissel@Sun.COM# 135*10723SZachary.Kissel@Sun.COM# If we don't have a vcc device we don't want to try to start vntsd. By default 136*10723SZachary.Kissel@Sun.COM# newer versions of the factory settings will try to start vntsd by default. 137*10723SZachary.Kissel@Sun.COM# Since we may be installed on a machine with an older firmware we need to make 138*10723SZachary.Kissel@Sun.COM# sure that we don't try to start if the virtual console concentrator is not 139*10723SZachary.Kissel@Sun.COM# present. 140*10723SZachary.Kissel@Sun.COM# 141*10723SZachary.Kissel@Sun.COMVNTSD_DEV='/devices/virtual-devices@100/channel-devices@200/virtual-console-concentrator@0:ctl' 142*10723SZachary.Kissel@Sun.COMif [ ! -c "$VNTSD_DEV" ]; then 143*10723SZachary.Kissel@Sun.COM echo "The Virtual Network Terminal Server service has been disabled" \ 144*10723SZachary.Kissel@Sun.COM "because the system has no virtual console concentrator (vcc)" \ 145*10723SZachary.Kissel@Sun.COM "device." 146*10723SZachary.Kissel@Sun.COM /usr/sbin/svcadm disable -t "$SMF_FMRI" 147*10723SZachary.Kissel@Sun.COM sleep 5 & 148*10723SZachary.Kissel@Sun.COM exit $SMF_EXIT_OK 149*10723SZachary.Kissel@Sun.COMfi 150*10723SZachary.Kissel@Sun.COM 1511991Sheppoif [ -x /usr/lib/ldoms/vntsd ]; then 1523151Ssg70180 /usr/lib/ldoms/vntsd $args 1533151Ssg70180 rc=$? 1543151Ssg70180 if [ $rc -ne 0 ]; then 1553151Ssg70180 # if vntsd exited in error with status 1, let SMF restart it 1563151Ssg70180 # otherwise we want it to go into maintenance. 1573151Ssg70180 if [ $rc -eq 1 ]; then 1583151Ssg70180 exit $SMF_ERR_OTHER 1593151Ssg70180 else 1603151Ssg70180 exit $SMF_ERR_FATAL 1613151Ssg70180 fi 1623151Ssg70180 fi 1631991Sheppoelse 1641991Sheppo echo "WARNING: /usr/lib/ldoms/vntsd is missing or not executable" >& 2 1651991Sheppo exit $SMF_EXIT_ERR_CONFIG 1661991Sheppofi 1671991Sheppo 1681991Sheppoexit $SMF_EXIT_OK 169