net-nwam revision dd51520e127b452179a2ce4ea3bd8dee949f9afe
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# CDDL HEADER START
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# The contents of this file are subject to the terms of the
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# Common Development and Distribution License (the "License").
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# You may not use this file except in compliance with the License.
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# See the License for the specific language governing permissions
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# and limitations under the License.
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# When distributing Covered Code, include this CDDL HEADER in each
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# If applicable, add the following below this CDDL HEADER, with the
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# fields enclosed by brackets "[]" replaced with your own identifying
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# information: Portions Copyright [yyyy] [name of copyright owner]
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck# CDDL HEADER END
1cfa752f4e24c34133009b0f6c139127a5c461deRamaswamy Tummala# Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# FMRI constants
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. MaskeyIPSEC_POLICY_FMRI="svc:/network/ipsec/policy"
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. MaskeyIPFILTER_FMRI="svc:/network/ipfilter:default"
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. MaskeyNIS_CLIENT_FMRI="svc:/network/nis/client:default"
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. MaskeyNET_PHYS_FMRI="svc:/network/physical:default"
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. MaskeyNET_LOC_FMRI="svc:/network/location:default"
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United StatesNFS_MAPID_FMRI="svc:/network/nfs/mapid:default"
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# Default *.conf files
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# Set appropriate config SMF property to these files when NWAM is stopped
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# and corresponding config properties in the Legacy location are emtpy
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. MaskeyIPNAT_DEFAULT_CONFIG_FILE=/etc/ipf/ipnat.conf
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. MaskeyIPPOOL_DEFAULT_CONFIG_FILE=/etc/ipf/ippool.conf
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. MaskeyIPSEC_IKE_DEFAULT_CONFIG_FILE=/etc/inet/ike/config
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. MaskeyIPSEC_POLICY_DEFAULT_CONFIG_FILE=/etc/inet/ipsecinit.conf
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# Path to directories
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# We don't have a writable file system so we write to /etc/svc/volatile and
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# then later copy anything interesting to /etc/nwam.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# copy_to_legacy_loc <file>
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# Copies the file to the Legacy location directory
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# copy_from_legacy_loc <destination file>
4491554a16671d144d7bd5b16c8c9b9a26c974e2Anurag S. Maskey# Copies file with the same name from Legacy location
4491554a16671d144d7bd5b16c8c9b9a26c974e2Anurag S. Maskey# (in /etc/nwam/loc/Legacy) to the given destination file
4491554a16671d144d7bd5b16c8c9b9a26c974e2Anurag S. Maskey SRC_FILE="$PERM_LEGACY_PATH/`$BASENAME $1`"
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# write_loc_prop <property> <value> <file>
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# Appends to <file> a nwamcfg command to set <property> to <value> if non-empty
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# set_smf_prop <fmri> <property name> <property value>
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey $SVCCFG -s $1 setprop $2 = astring: "$3" && return
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# get_smf_prop <fmri> <property name>
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# Creates Legacy location from the current configuration
4491554a16671d144d7bd5b16c8c9b9a26c974e2Anurag S. Maskey CREATE_LOC_LEGACY_FILE=$VOL_NWAM_PATH/create_loc_legacy
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # Write nwamcfg commands to create Legacy location to
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # $CREATE_LOC_LEGACY_FILE as values for properties are determined
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # Note that some of the *_CONFIG_FILE variables point at copies of
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # files we've made and others indicate where those copies should be
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey echo "create loc Legacy" > $CREATE_LOC_LEGACY_FILE
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "activation-mode" "system" $CREATE_LOC_LEGACY_FILE
4491554a16671d144d7bd5b16c8c9b9a26c974e2Anurag S. Maskey NAMESERVICES_CONFIG_FILE="$VOL_LEGACY_PATH/nsswitch.conf"
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # Gather DNS info from resolv.conf if present.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ -f /etc/resolv.conf ]; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey $GREP -i "added by dhcp" /etc/nsswitch.conf >/dev/null
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ $? -eq 0 ]; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey DNS_NAMESERVICE_DOMAIN=`$NAWK '$1 == "domain" {\
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey DNS_NAMESERVICE_SERVERS=`$NAWK '$1 == "nameserver" \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey DNS_NAMESERVICE_SEARCH=`$NAWK '$1 == "search" \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # Gather NIS info from appropriate file if present.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if service_is_enabled $NIS_CLIENT_FMRI; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey < $NIS_BIND_PATH/$DEFAULT_DOMAIN/ypservers`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey NIS_NAMESERVICE_SERVERS="${NIS_NAMESERVICE_SERVERS}$addr"
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ -f /var/ldap/ldap_client_file ]; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey LDAP_NAMESERVICE_SERVERS=`$LDAPCLIENT list 2>/dev/null | \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey $NAWK '$1 == "preferredServerList:" { print $2 }'`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # Now, write nwamcfg commands for nameservices
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "nameservices" $NAMESERVICES $CREATE_LOC_LEGACY_FILE
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "nameservices-config-file" $NAMESERVICES_CONFIG_FILE \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "dns-nameservice-configsrc" $DNS_NAMESERVICE_CONFIGSRC \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "dns-nameservice-domain" $DNS_NAMESERVICE_DOMAIN \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "dns-nameservice-servers" $DNS_NAMESERVICE_SERVERS \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "dns-nameservice-search" $DNS_NAMESERVICE_SEARCH \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "nis-nameservice-configsrc" $NIS_NAMESERVICE_CONFIGSRC \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "nis-nameservice-servers" $NIS_NAMESERVICE_SERVERS \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "ldap-nameservice-configsrc" $LDAP_NAMESERVICE_CONFIGSRC\
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "ldap-nameservice-servers" $LDAP_NAMESERVICE_SERVERS \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "default-domain" $DEFAULT_DOMAIN $CREATE_LOC_LEGACY_FILE
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United States # Retrieve NFSv4 domain from SMF.
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United States if service_is_enabled $NFS_MAPID_FMRI; then
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United States NFS_DOMAIN=`get_smf_prop NFS_MAPID_FMRI \
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United States nfs-props/nfsmapid_domain`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # If the firewall policy is "custom", simply copy the
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # custom_policy_file. If the firewall policy is "none", "allow" or
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # "deny", save the value as "/<value>". When reverting back to the
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # Legacy location, these values will have to be treated as special.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # For all configuration files, copy them to the Legacy directory.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # Use the respective properties to remember the original locations
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # of the files so that they can be copied back there when NWAM is
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey FIREWALL_POLICY=`get_smf_prop $IPFILTER_FMRI \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey IPF_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey firewall_config_default/custom_policy_file`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey IPF6_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey IPNAT_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey IPPOOL_CONFIG_FILE=`get_smf_prop $IPFILTER_FMRI \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if service_is_enabled $IPSEC_IKE_FMRI:default; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey IKE_CONFIG_FILE=`get_smf_prop $IPSEC_IKE_FMRI config/config_file`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if service_is_enabled $IPSEC_POLICY_FMRI:default; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey IPSEC_POLICY_CONFIG_FILE=`get_smf_prop $IPSEC_POLICY_FMRI \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey copy_to_legacy_loc $IPSEC_POLICY_CONFIG_FILE
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ -n "$IPF_CONFIG_FILE" -a \( "$IPF_CONFIG_FILE" = "/allow" \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey -o "$IPF_CONFIG_FILE" = "/deny" -o "$IPF_CONFIG_FILE" = "/none" \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "ipfilter-config-file" $IPF_CONFIG_FILE \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ -n "$IPF6_CONFIG_FILE" -a -f "$IPF6_CONFIG_FILE" ]; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "ipfilter-v6-config-file" $IPF6_CONFIG_FILE \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ -n "$IPNAT_CONFIG_FILE" -a -f "$IPNAT_CONFIG_FILE" ]; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "ipnat-config-file" $IPNAT_CONFIG_FILE \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ -n "$IPPOOL_CONFIG_FILE" -a -f "$IPPOOL_CONFIG_FILE" ]; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "ippool-config-file" $IPPOOL_CONFIG_FILE \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ -n "$IKE_CONFIG_FILE" -a -f "$IKE_CONFIG_FILE" ]; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey write_loc_prop "ike-config-file" $IKE_CONFIG_FILE \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ -n "$IPSEC_POLICY_CONFIG_FILE" -a -f "$IPSEC_POLICY_CONFIG_FILE" ]
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey $IPSEC_POLICY_CONFIG_FILE $CREATE_LOC_LEGACY_FILE
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # network/location will create the Legacy location with these commands.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# Undoes the effects of the Legacy location creation
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # DNS - copy resolv.conf to /etc/resolv.conf
4491554a16671d144d7bd5b16c8c9b9a26c974e2Anurag S. Maskey if [ -f "$PERM_LEGACY_PATH/resolv.conf" ]; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # set /etc/defaultdomain and domainname(1M)
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey DEFAULT_DOMAIN=`nwam_get_loc_prop Legacy default-domain`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # NIS - directory and ypserver in /var/yp/binding/
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey NIS_CONFIGSRC=`nwam_get_loc_prop Legacy nis-nameservice-configsrc`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey NIS_SERVERS=`nwam_get_loc_prop Legacy nis-nameservice-servers`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ ! -d "$NIS_BIND_PATH/$DEFAULT_DOMAIN" ]; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey 'FS="," { for (i = 1; i <= NF; i++) print $i }' \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # LDAP - copy ldap_client_file to /var/ldap/ldap_client_file
4491554a16671d144d7bd5b16c8c9b9a26c974e2Anurag S. Maskey if [ -f "$PERM_LEGACY_PATH/ldap_client_file" ]; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey copy_from_legacy_loc /var/ldap/ldap_client_file
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United States # Copy back nfs NFSMAPID_DOMAIN
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United States NFSMAPID_DOMAIN=`nwam_get_loc_prop Legacy nfsv4-domain`
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United States if [ -n "$NFSMAPID_DOMAIN" ]; then
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United States set_smf_prop $NFS_MAPID_FMRI \
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United States nfs-props/nfsmapid_domain $NFSMAPID_DOMAIN
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United States $SVCADM refresh $NFS_MAPID_FMRI
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United States $SVCADM enable $NFS_MAPID_FMRI
dd51520e127b452179a2ce4ea3bd8dee949f9afePavan Mettu - Oracle Corporation - Menlo Park United States fi
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey ipf_file=`nwam_get_loc_prop Legacy ipfilter-config-file`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey ipf6_file=`nwam_get_loc_prop Legacy ipfilter-v6-config-file`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey ipnat_file=`nwam_get_loc_prop Legacy ipnat-config-file`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey ippool_file=`nwam_get_loc_prop Legacy ippool-config-file`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey ike_file=`nwam_get_loc_prop Legacy ike-config-file`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey pol_file=`nwam_get_loc_prop Legacy ipsecpolicy-config-file`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file $ike_file
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey set_smf_prop $IPSEC_IKE_FMRI config/config_file \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file $pol_file
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey set_smf_prop $IPSEC_POLICY_FMRI config/config_file \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # change /none, /allow, and /deny to firewall policy
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ "$ipf_file" = "/none" -o "$ipf_file" = "/allow" \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey policy=`echo "$ipf_file" | $NAWK 'FS="/" { print $2 }'`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # no need to clear custom_policy_file as it isn't "custom"
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey firewall_config_default/custom_policy_file $ipf_file
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file $ipf6_file
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipf6_config_file \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file $ipnat_file
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ipnat_config_file \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey set_smf_prop $IPFILTER_FMRI config/ippool_config_file \
4491554a16671d144d7bd5b16c8c9b9a26c974e2Anurag S. Maskey # Remove the Legacy directories, script and location
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# Script entry point
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# Arguments to net-nwam are
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# method ( start | refresh | stop | -u | -c )
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey# Create nwam directory in /etc/svc/volatile
4491554a16671d144d7bd5b16c8c9b9a26c974e2Anurag S. Maskeyif [ ! -d $VOL_NWAM_PATH ]; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # Enable network/location. Needed on first boot post-install as
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # network/location will not exist until after manifest-import runs.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # The real daemon is not started in a shared stack zone. But we need to
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # create a dummy background process to preserve contract lifetime.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ $? = "1" ] ; then
4491554a16671d144d7bd5b16c8c9b9a26c974e2Anurag S. Maskey ($CAT <$VOL_NWAM_PATH/nwam_blocked >/dev/null) &
4eaa471005973e11a6110b69fe990530b3b95a38Rishi Srivatsavai # Update PVID on interfaces configured with VLAN 1
d62bc4badc1c1f1549c961cfb8b420e650e1272byz # Upgrade handling. The upgrade file consists of a series
d62bc4badc1c1f1549c961cfb8b420e650e1272byz # of dladm(1M) commands. Note that after we are done, we
d62bc4badc1c1f1549c961cfb8b420e650e1272byz # cannot rename the upgrade script file as the file system
d62bc4badc1c1f1549c961cfb8b420e650e1272byz # is still read-only at this point. Defer this to the
d62bc4badc1c1f1549c961cfb8b420e650e1272byz # manifest-import service.
d62bc4badc1c1f1549c961cfb8b420e650e1272byz if [ -f "${upgrade_script}" ]; then
d62bc4badc1c1f1549c961cfb8b420e650e1272byz . "${upgrade_script}"
1cfa752f4e24c34133009b0f6c139127a5c461deRamaswamy Tummala # Upgrade handling for ibd:
1cfa752f4e24c34133009b0f6c139127a5c461deRamaswamy Tummala # After we are done with the upgrade handling, we can not set the
1cfa752f4e24c34133009b0f6c139127a5c461deRamaswamy Tummala # ibd/ibd_upgraded property to "true" as the file system is
1cfa752f4e24c34133009b0f6c139127a5c461deRamaswamy Tummala # read-only at this point. It will be done later by ibd-post-upgrade
1cfa752f4e24c34133009b0f6c139127a5c461deRamaswamy Tummala ibd_upgraded=`/bin/svcprop -c -p ibd/ibd_upgraded \
1cfa752f4e24c34133009b0f6c139127a5c461deRamaswamy Tummala svc:/network/physical:default 2> /dev/null`
b509e89b2befbaa42939abad9da1d7f5a8c6aaaeRishi Srivatsavai # Bring up simnet instances
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck # Initialize security objects.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # Initialize VNICs, VLANs and flows. Though they are brought
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # up here, NWAM will not automatically manage VNICs and VLANs.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # We also need to create the Legacy location, which is used
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # to restore non-NWAM settings that are overwritten when
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # NWAM is enabled (e.g. resolv.conf, nsswitch.conf, etc.).
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck # start nwamd in foreground; it will daemonize itself
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # We need to make the dummy process we created above stop.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey if [ $? = "1" ] ; then
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # Restore the non-NWAM settings.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey echo "No Legacy location to revert to!"
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # remove the location property group
afc7d54587eb70585fcc35b5f933cc1ed713d87amh # After we run this part of the script upon the next reboot
afc7d54587eb70585fcc35b5f933cc1ed713d87amh # network/physical:default will be enabled and
afc7d54587eb70585fcc35b5f933cc1ed713d87amh # network/physical:nwam will be disabled.
afc7d54587eb70585fcc35b5f933cc1ed713d87amh # There are various other parts of the system (nscd, nfs) that
afc7d54587eb70585fcc35b5f933cc1ed713d87amh # depend on continuing to have a working network. For this
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey # reason we don't change the network configuration immediately.
afc7d54587eb70585fcc35b5f933cc1ed713d87amh # Disable network/physical temporarily and make sure that will
afc7d54587eb70585fcc35b5f933cc1ed713d87amh # be enabled on reboot.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey $SVCCFG -s $NET_PHYS_FMRI setprop general/enabled=true
afc7d54587eb70585fcc35b5f933cc1ed713d87amh # If nwam is online then make sure that it's temporarily enabled.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey nwam_online=`$SVCPROP -t -p restarter/state $NET_NWAM_FMRI`
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey [ $3 = "online" ] && $SVCADM enable -st $NET_NWAM_FMRI
afc7d54587eb70585fcc35b5f933cc1ed713d87amh # Set nwam so that it won't be enabled upon reboot.
6ba597c56d749c61b4f783157f63196d7b2445f0Anurag S. Maskey $SVCCFG -s $NET_NWAM_FMRI setprop general/enabled=false
afc7d54587eb70585fcc35b5f933cc1ed713d87amh # Nothing to do for sysidtool
d71dbb732372504daff1f1783bc0d8864ce9bd50jbeck echo "Usage: $0 { start | stop | refresh }"