#!/sbin/sh
#
# Copyright 2009 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
# Start script for vntsd
#
# For modifying parameters passed to vntsd, do not edit
# this script. Instead use svccfg(1m) to modify the SMF
# repository. For example:
#
# svccfg
# svc:> select ldoms/vntsd
# svc:/ldoms/vntsd> setprop vntsd/vcc_device = "virtual-console-concentrator@1"
# svc:/ldoms/vntsd> setprop vntsd/listen_addr = "192.168.1.1"
# svc:/ldoms/vntsd> setprop vntsd/authorization="true"
# svc:/ldoms/vntsd> exit
. /lib/svc/share/smf_include.sh
AUTH_ATTR=/etc/security/auth_attr
USER_ATTR=/etc/user_attr
GREP=/usr/bin/grep
CAT=/usr/bin/cat
ED=/usr/bin/ed
SVCCFG=/usr/sbin/svccfg
SVCPROP=/bin/svcprop
#
# Add LDoms vntsd authorization entries to etc/security/auth_attr if not
# present. These define authorizations used by LDoms vntsd daemon.
#
add_auth_entries()
{
# Add entries to auth_attr file, if needed
$GREP '^solaris.vntsd.:' ${AUTH_ATTR} >/dev/null 2>&1
if [ $? -ne 0 ] ; then
$CAT >>${AUTH_ATTR} << EOF
# Added by svc-vntsd
solaris.vntsd.:::LDoms vntsd Administration::
solaris.vntsd.grant:::Delegate LDoms vntsd Administration::
solaris.vntsd.consoles:::Access All LDoms Guest Consoles::
# End of svc-vntsd
EOF
fi
}
#
# Add a LDoms user/role entry to etc/user_attr if not present.
# This defines user/role used by useradd or roleadd.
#
add_user_entries()
{
#
# Add entries to user_attr file, if needed.
#
$GREP 'solaris.vntsd.grant' ${USER_ATTR} >/dev/null 2>&1
if [ $? -ne 0 ] ; then
$GREP '^root' ${USER_ATTR} | $GREP 'auths=' >/dev/null 2>&1
if [ $? -eq 0 ] ; then
#
# Add vntsd attribute to an existing root entry.
#
$ED -s ${USER_ATTR} <<- EOF > /dev/null 2>&1
g/^root.*auths\=/s/^roo.*auths\=/&solaris.vntsd.grant,/
w
q
EOF
else
#
# Add a root entry with vntsd attribute.
#
$CAT >>${USER_ATTR} << EOF
# Added by svc-vntsd
root::::type=normal;auths=solaris.vntsd.grant;lock_after_retries=0
# End of svc-vntsd
EOF
fi
fi
}
#
# Update 'vntsd' authorizations in the relevant files. Note that adding these
# entries from this smf script rather than from the pkg install scripts,
# ensures that they are added only if the vntsd service is being enabled; and
# hence avoids adding these entries unnecessarily into client guest domains.
# The functions check before adding, that the entries are not already present.
#
add_auth_entries
add_user_entries
vcc_device=`$SVCPROP -p vntsd/vcc_device $SMF_FMRI 2>/dev/null`
if [ -z "$vcc_device" ]; then
vcc_device="virtual-console-concentrator@0"
fi
args="-i $vcc_device"
listen_addr=`$SVCPROP -p vntsd/listen_addr $SMF_FMRI 2>/dev/null`
if [ -n "$listen_addr" ]; then
args="$args -p $listen_addr"
fi
timeout=`$SVCPROP -p vntsd/timeout_minutes $SMF_FMRI 2>/dev/null`
if [ -n "$timeout" ]; then
args="$args -t $timeout"
fi
auth=`$SVCPROP -p vntsd/authorization $SMF_FMRI 2>/dev/null`
if [ "$auth" = "true" ]; then
args="$args -A"
fi
#
# If we don't have a vcc device we don't want to try to start vntsd. By default
# newer versions of the factory settings will try to start vntsd by default.
# Since we may be installed on a machine with an older firmware we need to make
# sure that we don't try to start if the virtual console concentrator is not
# present.
#
VNTSD_DEV='/devices/virtual-devices@100/channel-devices@200/virtual-console-concentrator@0:ctl'
if [ ! -c "$VNTSD_DEV" ]; then
echo "The Virtual Network Terminal Server service has been disabled" \
"because the system has no virtual console concentrator (vcc)" \
"device."
/usr/sbin/svcadm disable -t "$SMF_FMRI"
sleep 5 &
exit $SMF_EXIT_OK
fi
if [ -x /usr/lib/ldoms/vntsd ]; then
/usr/lib/ldoms/vntsd $args
rc=$?
if [ $rc -ne 0 ]; then
# if vntsd exited in error with status 1, let SMF restart it
# otherwise we want it to go into maintenance.
if [ $rc -eq 1 ]; then
exit $SMF_ERR_OTHER
else
exit $SMF_ERR_FATAL
fi
fi
else
echo "WARNING: /usr/lib/ldoms/vntsd is missing or not executable" >& 2
exit $SMF_EXIT_ERR_CONFIG
fi
exit $SMF_EXIT_OK