1*11838SLiane.Praza@Sun.COM#!/bin/sh 2*11838SLiane.Praza@Sun.COM# 3*11838SLiane.Praza@Sun.COM# CDDL HEADER START 4*11838SLiane.Praza@Sun.COM# 5*11838SLiane.Praza@Sun.COM# The contents of this file are subject to the terms of the 6*11838SLiane.Praza@Sun.COM# Common Development and Distribution License (the "License"). 7*11838SLiane.Praza@Sun.COM# You may not use this file except in compliance with the License. 8*11838SLiane.Praza@Sun.COM# 9*11838SLiane.Praza@Sun.COM# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10*11838SLiane.Praza@Sun.COM# or http://www.opensolaris.org/os/licensing. 11*11838SLiane.Praza@Sun.COM# See the License for the specific language governing permissions 12*11838SLiane.Praza@Sun.COM# and limitations under the License. 13*11838SLiane.Praza@Sun.COM# 14*11838SLiane.Praza@Sun.COM# When distributing Covered Code, include this CDDL HEADER in each 15*11838SLiane.Praza@Sun.COM# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16*11838SLiane.Praza@Sun.COM# If applicable, add the following below this CDDL HEADER, with the 17*11838SLiane.Praza@Sun.COM# fields enclosed by brackets "[]" replaced with your own identifying 18*11838SLiane.Praza@Sun.COM# information: Portions Copyright [yyyy] [name of copyright owner] 19*11838SLiane.Praza@Sun.COM# 20*11838SLiane.Praza@Sun.COM# CDDL HEADER END 21*11838SLiane.Praza@Sun.COM# 22*11838SLiane.Praza@Sun.COM# i.rbac 23*11838SLiane.Praza@Sun.COM# 24*11838SLiane.Praza@Sun.COM# Copyright 2009 Sun Microsystems, Inc. All rights reserved. 25*11838SLiane.Praza@Sun.COM# Use is subject to license terms. 26*11838SLiane.Praza@Sun.COM# 27*11838SLiane.Praza@Sun.COM# class action script for "rbac" class files 28*11838SLiane.Praza@Sun.COM# installed by pkgadd 29*11838SLiane.Praza@Sun.COM# 30*11838SLiane.Praza@Sun.COM# Files in "rbac" class: 31*11838SLiane.Praza@Sun.COM# 32*11838SLiane.Praza@Sun.COM# /etc/security/{prof_attr,exec_attr,auth_attr} 33*11838SLiane.Praza@Sun.COM# /etc/user_attr 34*11838SLiane.Praza@Sun.COM# 35*11838SLiane.Praza@Sun.COM# Allowable exit codes 36*11838SLiane.Praza@Sun.COM# 37*11838SLiane.Praza@Sun.COM# 0 - success 38*11838SLiane.Praza@Sun.COM# 2 - warning or possible error condition. Installation continues. A warning 39*11838SLiane.Praza@Sun.COM# message is displayed at the time of completion. 40*11838SLiane.Praza@Sun.COM# 41*11838SLiane.Praza@Sun.COM 42*11838SLiane.Praza@Sun.COMumask 022 43*11838SLiane.Praza@Sun.COM 44*11838SLiane.Praza@Sun.COMtmp_dir=${TMPDIR:-/tmp} 45*11838SLiane.Praza@Sun.COM 46*11838SLiane.Praza@Sun.COMPATH="/usr/bin:/usr/sbin:${PATH}" 47*11838SLiane.Praza@Sun.COMexport PATH 48*11838SLiane.Praza@Sun.COM 49*11838SLiane.Praza@Sun.COMbasename_cmd=basename 50*11838SLiane.Praza@Sun.COMcp_cmd=cp 51*11838SLiane.Praza@Sun.COMegrep_cmd=egrep 52*11838SLiane.Praza@Sun.COMmv_cmd=mv 53*11838SLiane.Praza@Sun.COMnawk_cmd=nawk 54*11838SLiane.Praza@Sun.COMrm_cmd=rm 55*11838SLiane.Praza@Sun.COMsed_cmd=sed 56*11838SLiane.Praza@Sun.COMsort_cmd=sort 57*11838SLiane.Praza@Sun.COM 58*11838SLiane.Praza@Sun.COM# $1 is the type 59*11838SLiane.Praza@Sun.COM# $2 is the "old/existing file" 60*11838SLiane.Praza@Sun.COM# $3 is the "new (to be merged)" file 61*11838SLiane.Praza@Sun.COM# $4 is the output file 62*11838SLiane.Praza@Sun.COM# returns 0 on success 63*11838SLiane.Praza@Sun.COM# returns 2 on failure if nawk fails with non-zero exit status 64*11838SLiane.Praza@Sun.COM# 65*11838SLiane.Praza@Sun.COMdbmerge() { 66*11838SLiane.Praza@Sun.COM# 67*11838SLiane.Praza@Sun.COM# Remove the ident lines. 68*11838SLiane.Praza@Sun.COM# 69*11838SLiane.Praza@Sun.COM ${egrep_cmd} -v '^#[pragma ]*ident' $2 > $4.old 2>/dev/null 70*11838SLiane.Praza@Sun.COM# 71*11838SLiane.Praza@Sun.COM# If the new file has a Sun copyright, remove the Sun copyright from the old 72*11838SLiane.Praza@Sun.COM# file. 73*11838SLiane.Praza@Sun.COM# 74*11838SLiane.Praza@Sun.COM newcr=`${egrep_cmd} '^# Copyright.*Sun Microsystems, Inc.' $3 \ 75*11838SLiane.Praza@Sun.COM 2>/dev/null` 76*11838SLiane.Praza@Sun.COM if [ -n "${newcr}" ]; then 77*11838SLiane.Praza@Sun.COM $sed_cmd -e '/^# Copyright.*Sun Microsystems, Inc./d' \ 78*11838SLiane.Praza@Sun.COM -e '/^# All rights reserved./d' \ 79*11838SLiane.Praza@Sun.COM -e '/^# Use is subject to license terms./d' \ 80*11838SLiane.Praza@Sun.COM $4.old > $4.$$ 2>/dev/null 81*11838SLiane.Praza@Sun.COM $mv_cmd $4.$$ $4.old 82*11838SLiane.Praza@Sun.COM fi 83*11838SLiane.Praza@Sun.COM# 84*11838SLiane.Praza@Sun.COM# If the new file has the CDDL, remove it from the old file. 85*11838SLiane.Praza@Sun.COM# 86*11838SLiane.Praza@Sun.COM newcr=`${egrep_cmd} '^# CDDL HEADER START' $3 2>/dev/null` 87*11838SLiane.Praza@Sun.COM if [ -n "${newcr}" ]; then 88*11838SLiane.Praza@Sun.COM $sed_cmd -e '/^# CDDL HEADER START/,/^# CDDL HEADER END/d' \ 89*11838SLiane.Praza@Sun.COM $4.old > $4.$$ 2>/dev/null 90*11838SLiane.Praza@Sun.COM $mv_cmd $4.$$ $4.old 91*11838SLiane.Praza@Sun.COM fi 92*11838SLiane.Praza@Sun.COM# 93*11838SLiane.Praza@Sun.COM# Remove empty lines and multiple instances of these comments: 94*11838SLiane.Praza@Sun.COM# 95*11838SLiane.Praza@Sun.COM $sed_cmd -e '/^# \/etc\/security\/exec_attr/d' -e '/^#$/d' \ 96*11838SLiane.Praza@Sun.COM -e '/^# execution attributes for profiles./d' \ 97*11838SLiane.Praza@Sun.COM -e '/^# See exec_attr(4)/d' \ 98*11838SLiane.Praza@Sun.COM -e '/^# \/etc\/user_attr/d' \ 99*11838SLiane.Praza@Sun.COM -e '/^# user attributes. see user_attr(4)/d' \ 100*11838SLiane.Praza@Sun.COM -e '/^# \/etc\/security\/prof_attr/d' \ 101*11838SLiane.Praza@Sun.COM -e '/^# profiles attributes. see prof_attr(4)/d' \ 102*11838SLiane.Praza@Sun.COM -e '/^# See prof_attr(4)/d' \ 103*11838SLiane.Praza@Sun.COM -e '/^# \/etc\/security\/auth_attr/d' \ 104*11838SLiane.Praza@Sun.COM -e '/^# authorizations. see auth_attr(4)/d' \ 105*11838SLiane.Praza@Sun.COM -e '/^# authorization attributes. see auth_attr(4)/d' \ 106*11838SLiane.Praza@Sun.COM $4.old > $4.$$ 107*11838SLiane.Praza@Sun.COM $mv_cmd $4.$$ $4.old 108*11838SLiane.Praza@Sun.COM# 109*11838SLiane.Praza@Sun.COM# Retain old and new header comments. 110*11838SLiane.Praza@Sun.COM# 111*11838SLiane.Praza@Sun.COM $sed_cmd -n -e '/^[^#]/,$d' -e '/^##/,$d' -e p $4.old > $4 112*11838SLiane.Praza@Sun.COM $rm_cmd $4.old 113*11838SLiane.Praza@Sun.COM $sed_cmd -n -e '/^[^#]/,$d' -e '/^##/,$d' -e p $3 >> $4 114*11838SLiane.Praza@Sun.COM# 115*11838SLiane.Praza@Sun.COM# Handle line continuations (trailing \) 116*11838SLiane.Praza@Sun.COM# 117*11838SLiane.Praza@Sun.COM $sed_cmd \ 118*11838SLiane.Praza@Sun.COM -e '/\\$/{N;s/\\\n//;}' -e '/\\$/{N;s/\\\n//;}' \ 119*11838SLiane.Praza@Sun.COM -e '/\\$/{N;s/\\\n//;}' -e '/\\$/{N;s/\\\n//;}' \ 120*11838SLiane.Praza@Sun.COM -e '/\\$/{N;s/\\\n//;}' -e '/\\$/{N;s/\\\n//;}' \ 121*11838SLiane.Praza@Sun.COM $2 > $4.old 122*11838SLiane.Praza@Sun.COM $sed_cmd \ 123*11838SLiane.Praza@Sun.COM -e '/\\$/{N;s/\\\n//;}' -e '/\\$/{N;s/\\\n//;}' \ 124*11838SLiane.Praza@Sun.COM -e '/\\$/{N;s/\\\n//;}' -e '/\\$/{N;s/\\\n//;}' \ 125*11838SLiane.Praza@Sun.COM -e '/\\$/{N;s/\\\n//;}' -e '/\\$/{N;s/\\\n//;}' \ 126*11838SLiane.Praza@Sun.COM $3 > $4.new 127*11838SLiane.Praza@Sun.COM# 128*11838SLiane.Praza@Sun.COM#!/usr/bin/nawk -f 129*11838SLiane.Praza@Sun.COM# 130*11838SLiane.Praza@Sun.COM# dbmerge type=[auth|prof|user|exec] old-file new-file 131*11838SLiane.Praza@Sun.COM# 132*11838SLiane.Praza@Sun.COM# Merge two versions of an RBAC database file. The output 133*11838SLiane.Praza@Sun.COM# consists of the lines from the new-file, while preserving 134*11838SLiane.Praza@Sun.COM# user customizations in the old-file. Specifically, the 135*11838SLiane.Praza@Sun.COM# keyword/value section of each record contains the union 136*11838SLiane.Praza@Sun.COM# of the entries found in both files. The value for each 137*11838SLiane.Praza@Sun.COM# keyword is the value from the new-file, except for three 138*11838SLiane.Praza@Sun.COM# keywords ("auths", "profiles", "roles") where the values 139*11838SLiane.Praza@Sun.COM# from the old and new files are merged. 140*11838SLiane.Praza@Sun.COM# 141*11838SLiane.Praza@Sun.COM# The output is run through sort except for the comments 142*11838SLiane.Praza@Sun.COM# which will appear first in the output. 143*11838SLiane.Praza@Sun.COM# 144*11838SLiane.Praza@Sun.COM# 145*11838SLiane.Praza@Sun.COM $nawk_cmd ' 146*11838SLiane.Praza@Sun.COM 147*11838SLiane.Praza@Sun.COMBEGIN { 148*11838SLiane.Praza@Sun.COM FS=":" 149*11838SLiane.Praza@Sun.COM} 150*11838SLiane.Praza@Sun.COM 151*11838SLiane.Praza@Sun.COM/^#/ || /^$/ { 152*11838SLiane.Praza@Sun.COM continue; 153*11838SLiane.Praza@Sun.COM} 154*11838SLiane.Praza@Sun.COM 155*11838SLiane.Praza@Sun.COMtype == "auth" { 156*11838SLiane.Praza@Sun.COM key = $1 ":" $2 ":" $3 ; 157*11838SLiane.Praza@Sun.COM if (NR == FNR) { 158*11838SLiane.Praza@Sun.COM short_comment[key] = $4 ; 159*11838SLiane.Praza@Sun.COM long_comment[key] = $5; 160*11838SLiane.Praza@Sun.COM record[key] = $6; 161*11838SLiane.Praza@Sun.COM } 162*11838SLiane.Praza@Sun.COM else { 163*11838SLiane.Praza@Sun.COM if ( $4 != "" ) { 164*11838SLiane.Praza@Sun.COM short_comment[key] = $4 ; 165*11838SLiane.Praza@Sun.COM } 166*11838SLiane.Praza@Sun.COM if ( $5 != "" ) { 167*11838SLiane.Praza@Sun.COM long_comment[key] = $5 ; 168*11838SLiane.Praza@Sun.COM } 169*11838SLiane.Praza@Sun.COM print key ":" short_comment[key] ":" long_comment[key] ":" \ 170*11838SLiane.Praza@Sun.COM merge_attrs(record[key], $6); 171*11838SLiane.Praza@Sun.COM delete record[key]; 172*11838SLiane.Praza@Sun.COM } 173*11838SLiane.Praza@Sun.COM} 174*11838SLiane.Praza@Sun.COM 175*11838SLiane.Praza@Sun.COMtype == "prof" { 176*11838SLiane.Praza@Sun.COM key = $1 ":" $2 ":" $3 ; 177*11838SLiane.Praza@Sun.COM if (NR == FNR) { 178*11838SLiane.Praza@Sun.COM comment[key] = $4; 179*11838SLiane.Praza@Sun.COM record[key] = $5; 180*11838SLiane.Praza@Sun.COM } 181*11838SLiane.Praza@Sun.COM else { 182*11838SLiane.Praza@Sun.COM if ( $4 != "" ) { 183*11838SLiane.Praza@Sun.COM comment[key] = $4 ; 184*11838SLiane.Praza@Sun.COM } 185*11838SLiane.Praza@Sun.COM if (key != "::") { 186*11838SLiane.Praza@Sun.COM print key ":" comment[key] ":" \ 187*11838SLiane.Praza@Sun.COM merge_attrs(record[key], $5); 188*11838SLiane.Praza@Sun.COM } 189*11838SLiane.Praza@Sun.COM delete record[key]; 190*11838SLiane.Praza@Sun.COM } 191*11838SLiane.Praza@Sun.COM} 192*11838SLiane.Praza@Sun.COM 193*11838SLiane.Praza@Sun.COMtype == "exec" { 194*11838SLiane.Praza@Sun.COM key = $1 ":" $2 ":" $3 ":" $4 ":" $5 ":" $6 ; 195*11838SLiane.Praza@Sun.COM # Substitute new entries, do not merge. 196*11838SLiane.Praza@Sun.COM record[key] = $7; 197*11838SLiane.Praza@Sun.COM} 198*11838SLiane.Praza@Sun.COM 199*11838SLiane.Praza@Sun.COMtype == "user" { 200*11838SLiane.Praza@Sun.COM key = $1 ":" $2 ":" $3 ":" $4 ; 201*11838SLiane.Praza@Sun.COM if (NR == FNR) 202*11838SLiane.Praza@Sun.COM record[key] = $5; 203*11838SLiane.Praza@Sun.COM else { 204*11838SLiane.Praza@Sun.COM print key ":" merge_attrs(record[key], $5); 205*11838SLiane.Praza@Sun.COM delete record[key]; 206*11838SLiane.Praza@Sun.COM } 207*11838SLiane.Praza@Sun.COM} 208*11838SLiane.Praza@Sun.COM 209*11838SLiane.Praza@Sun.COMEND { 210*11838SLiane.Praza@Sun.COM for (key in record) { 211*11838SLiane.Praza@Sun.COM if (type == "prof") { 212*11838SLiane.Praza@Sun.COM if (key != "::") { 213*11838SLiane.Praza@Sun.COM print key ":" comment[key] ":" record[key]; 214*11838SLiane.Praza@Sun.COM } 215*11838SLiane.Praza@Sun.COM } else 216*11838SLiane.Praza@Sun.COM if (type == "auth") { 217*11838SLiane.Praza@Sun.COM print key ":" short_comment[key] ":" \ 218*11838SLiane.Praza@Sun.COM long_comment[key] ":" record[key]; 219*11838SLiane.Praza@Sun.COM } else 220*11838SLiane.Praza@Sun.COM print key ":" record[key]; 221*11838SLiane.Praza@Sun.COM } 222*11838SLiane.Praza@Sun.COM} 223*11838SLiane.Praza@Sun.COM 224*11838SLiane.Praza@Sun.COMfunction merge_attrs(old, new, cnt, new_cnt, i, j, list, new_list, keyword) 225*11838SLiane.Praza@Sun.COM{ 226*11838SLiane.Praza@Sun.COM cnt = split(old, list, ";"); 227*11838SLiane.Praza@Sun.COM new_cnt = split(new, new_list, ";"); 228*11838SLiane.Praza@Sun.COM for (i = 1; i <= new_cnt; i++) { 229*11838SLiane.Praza@Sun.COM keyword = substr(new_list[i], 1, index(new_list[i], "=")-1); 230*11838SLiane.Praza@Sun.COM for (j = 1; j <= cnt; j++) { 231*11838SLiane.Praza@Sun.COM if (match(list[j], "^" keyword "=")) { 232*11838SLiane.Praza@Sun.COM list[j] = merge_values(keyword, list[j], 233*11838SLiane.Praza@Sun.COM new_list[i]); 234*11838SLiane.Praza@Sun.COM break; 235*11838SLiane.Praza@Sun.COM } 236*11838SLiane.Praza@Sun.COM } 237*11838SLiane.Praza@Sun.COM if (j > cnt) 238*11838SLiane.Praza@Sun.COM list[++cnt] = new_list[i]; 239*11838SLiane.Praza@Sun.COM } 240*11838SLiane.Praza@Sun.COM 241*11838SLiane.Praza@Sun.COM return unsplit(list, cnt, ";"); \ 242*11838SLiane.Praza@Sun.COM} 243*11838SLiane.Praza@Sun.COM 244*11838SLiane.Praza@Sun.COMfunction merge_values(keyword, old, new, cnt, new_cnt, i, j, list, new_list, d) 245*11838SLiane.Praza@Sun.COM{ 246*11838SLiane.Praza@Sun.COM if (keyword != "auths" && keyword != "profiles") 247*11838SLiane.Praza@Sun.COM return new; 248*11838SLiane.Praza@Sun.COM 249*11838SLiane.Praza@Sun.COM cnt = split(substr(old, length(keyword)+2), list, ","); 250*11838SLiane.Praza@Sun.COM new_cnt = split(substr(new, length(keyword)+2), new_list, ","); 251*11838SLiane.Praza@Sun.COM 252*11838SLiane.Praza@Sun.COM # If the existing list contains "All", remove it and add it 253*11838SLiane.Praza@Sun.COM # to the new list; that way "All" will appear at the only valid 254*11838SLiane.Praza@Sun.COM # location, the end of the list. 255*11838SLiane.Praza@Sun.COM if (keyword == "profiles") { 256*11838SLiane.Praza@Sun.COM d = 0; 257*11838SLiane.Praza@Sun.COM for (i = 1; i <= cnt; i++) { 258*11838SLiane.Praza@Sun.COM if (list[i] != "All") 259*11838SLiane.Praza@Sun.COM list[++d] = list[i]; 260*11838SLiane.Praza@Sun.COM } 261*11838SLiane.Praza@Sun.COM if (cnt != d) { 262*11838SLiane.Praza@Sun.COM new_list[++new_cnt] = "All"; 263*11838SLiane.Praza@Sun.COM cnt = d; 264*11838SLiane.Praza@Sun.COM } 265*11838SLiane.Praza@Sun.COM } 266*11838SLiane.Praza@Sun.COM for (i = 1; i <= new_cnt; i++) { 267*11838SLiane.Praza@Sun.COM for (j = 1; j <= cnt; j++) { 268*11838SLiane.Praza@Sun.COM if (list[j] == new_list[i]) 269*11838SLiane.Praza@Sun.COM break; 270*11838SLiane.Praza@Sun.COM } 271*11838SLiane.Praza@Sun.COM if (j > cnt) 272*11838SLiane.Praza@Sun.COM list[++cnt] = new_list[i]; 273*11838SLiane.Praza@Sun.COM } 274*11838SLiane.Praza@Sun.COM 275*11838SLiane.Praza@Sun.COM return keyword "=" unsplit(list, cnt, ","); 276*11838SLiane.Praza@Sun.COM} 277*11838SLiane.Praza@Sun.COM 278*11838SLiane.Praza@Sun.COMfunction unsplit(list, cnt, delim, str) 279*11838SLiane.Praza@Sun.COM{ 280*11838SLiane.Praza@Sun.COM str = list[1]; 281*11838SLiane.Praza@Sun.COM for (i = 2; i <= cnt; i++) 282*11838SLiane.Praza@Sun.COM str = str delim list[i]; 283*11838SLiane.Praza@Sun.COM return str; 284*11838SLiane.Praza@Sun.COM}' \ 285*11838SLiane.Praza@Sun.COM type=$1 $4.old $4.new > $4.unsorted 286*11838SLiane.Praza@Sun.COM rc=$? 287*11838SLiane.Praza@Sun.COM $sort_cmd < $4.unsorted >> $4 288*11838SLiane.Praza@Sun.COM return $rc 289*11838SLiane.Praza@Sun.COM} 290*11838SLiane.Praza@Sun.COM 291*11838SLiane.Praza@Sun.COM# $1 is the merged file 292*11838SLiane.Praza@Sun.COM# $2 is the target file 293*11838SLiane.Praza@Sun.COM# 294*11838SLiane.Praza@Sun.COMcommit() { 295*11838SLiane.Praza@Sun.COM # Make sure that the last mv uses rename(2) by first moving to 296*11838SLiane.Praza@Sun.COM # the same filesystem. 297*11838SLiane.Praza@Sun.COM $mv_cmd $1 $2.$$ 298*11838SLiane.Praza@Sun.COM $mv_cmd $2.$$ $2 299*11838SLiane.Praza@Sun.COM return $? 300*11838SLiane.Praza@Sun.COM} 301*11838SLiane.Praza@Sun.COM 302*11838SLiane.Praza@Sun.COMoutfile="" 303*11838SLiane.Praza@Sun.COMtype="" 304*11838SLiane.Praza@Sun.COMset_type_and_outfile() { 305*11838SLiane.Praza@Sun.COM # 306*11838SLiane.Praza@Sun.COM # Assumes basename $1 returns one of 307*11838SLiane.Praza@Sun.COM # prof_attr, exec_attr, auth_attr, or user_attr 308*11838SLiane.Praza@Sun.COM # 309*11838SLiane.Praza@Sun.COM fname=`$basename_cmd $1` 310*11838SLiane.Praza@Sun.COM type=`echo $fname | $sed_cmd -e s'/^\([a-z][a-z]*\)_attr$/\1/' ` 311*11838SLiane.Praza@Sun.COM case "$type" in 312*11838SLiane.Praza@Sun.COM "prof"|"exec"|"user"|"auth") ;; 313*11838SLiane.Praza@Sun.COM *) return 2 ;; 314*11838SLiane.Praza@Sun.COM esac 315*11838SLiane.Praza@Sun.COM 316*11838SLiane.Praza@Sun.COM outfile=$tmp_dir/rbac_${PKGINST}_${fname}_merge.$$ 317*11838SLiane.Praza@Sun.COM 318*11838SLiane.Praza@Sun.COM return 0 319*11838SLiane.Praza@Sun.COM} 320*11838SLiane.Praza@Sun.COM 321*11838SLiane.Praza@Sun.COMcleanup() { 322*11838SLiane.Praza@Sun.COM $rm_cmd -f $outfile $outfile.old $outfile.new $outfile.unsorted 323*11838SLiane.Praza@Sun.COM 324*11838SLiane.Praza@Sun.COM return 0 325*11838SLiane.Praza@Sun.COM} 326*11838SLiane.Praza@Sun.COM 327*11838SLiane.Praza@Sun.COMexit_status=0 328*11838SLiane.Praza@Sun.COM 329*11838SLiane.Praza@Sun.COM# main 330*11838SLiane.Praza@Sun.COM 331*11838SLiane.Praza@Sun.COMwhile read newfile oldfile ; do 332*11838SLiane.Praza@Sun.COM if [ -n "$PKGINST" ] 333*11838SLiane.Praza@Sun.COM then 334*11838SLiane.Praza@Sun.COM # Install the file in the "fragment" directory. 335*11838SLiane.Praza@Sun.COM mkdir -m 755 -p ${oldfile}.d 336*11838SLiane.Praza@Sun.COM rm -f ${oldfile}.d/"$PKGINST" 337*11838SLiane.Praza@Sun.COM cp $newfile ${oldfile}.d/"$PKGINST" 338*11838SLiane.Praza@Sun.COM 339*11838SLiane.Praza@Sun.COM # Make sure that it is marked read-only. 340*11838SLiane.Praza@Sun.COM chmod a-w,a+r ${oldfile}.d/"$PKGINST" 341*11838SLiane.Praza@Sun.COM 342*11838SLiane.Praza@Sun.COM # We also execute the rest of the i.rbac script. 343*11838SLiane.Praza@Sun.COM fi 344*11838SLiane.Praza@Sun.COM 345*11838SLiane.Praza@Sun.COM if [ ! -f $oldfile ]; then 346*11838SLiane.Praza@Sun.COM cp $newfile $oldfile 347*11838SLiane.Praza@Sun.COM else 348*11838SLiane.Praza@Sun.COM set_type_and_outfile $newfile || 349*11838SLiane.Praza@Sun.COM set_type_and_outfile $oldfile 350*11838SLiane.Praza@Sun.COM if [ $? -ne 0 ]; then 351*11838SLiane.Praza@Sun.COM echo "$0 : $newfile not one of" \ 352*11838SLiane.Praza@Sun.COM " prof_attr, exec_attr, auth_attr, user_attr" 353*11838SLiane.Praza@Sun.COM exit_status=2 354*11838SLiane.Praza@Sun.COM continue 355*11838SLiane.Praza@Sun.COM fi 356*11838SLiane.Praza@Sun.COM 357*11838SLiane.Praza@Sun.COM dbmerge $type $oldfile $newfile $outfile 358*11838SLiane.Praza@Sun.COM if [ $? -ne 0 ]; then 359*11838SLiane.Praza@Sun.COM echo "$0 : failed to merge $newfile with $oldfile" 360*11838SLiane.Praza@Sun.COM cleanup 361*11838SLiane.Praza@Sun.COM exit_status=2 362*11838SLiane.Praza@Sun.COM continue 363*11838SLiane.Praza@Sun.COM fi 364*11838SLiane.Praza@Sun.COM 365*11838SLiane.Praza@Sun.COM commit $outfile $oldfile 366*11838SLiane.Praza@Sun.COM if [ $? -ne 0 ]; then 367*11838SLiane.Praza@Sun.COM echo "$0 : failed to mv $outfile to $2" 368*11838SLiane.Praza@Sun.COM cleanup 369*11838SLiane.Praza@Sun.COM exit_status=2 370*11838SLiane.Praza@Sun.COM continue 371*11838SLiane.Praza@Sun.COM fi 372*11838SLiane.Praza@Sun.COM 373*11838SLiane.Praza@Sun.COM cleanup 374*11838SLiane.Praza@Sun.COM fi 375*11838SLiane.Praza@Sun.COMdone 376*11838SLiane.Praza@Sun.COM 377*11838SLiane.Praza@Sun.COMif [ "$1" = "ENDOFCLASS" ]; then 378*11838SLiane.Praza@Sun.COM exit 0 379*11838SLiane.Praza@Sun.COMfi 380*11838SLiane.Praza@Sun.COM 381*11838SLiane.Praza@Sun.COMexit $exit_status 382