pkgdefs/common_files/i.minorperm_i386

	i.minorperm_i386 revision 9acbbeaf2a1ffe5c14b244867d427714fab43c5c
1117N/A#!/bin/sh
1117N/A#
1117N/A# CDDL HEADER START
1117N/A#
1117N/A# The contents of this file are subject to the terms of the
1117N/A# Common Development and Distribution License (the "License").
1117N/A# You may not use this file except in compliance with the License.
1117N/A#
1117N/A# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
1117N/A# or http://www.opensolaris.org/os/licensing.
1117N/A# See the License for the specific language governing permissions
1117N/A# and limitations under the License.
1117N/A#
1117N/A# When distributing Covered Code, include this CDDL HEADER in each
1117N/A# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
1117N/A# If applicable, add the following below this CDDL HEADER, with the
1117N/A# fields enclosed by brackets "[]" replaced with your own identifying
1117N/A# information: Portions Copyright [yyyy] [name of copyright owner]
1117N/A#
1117N/A# CDDL HEADER END
1117N/A#
1117N/A#
1117N/A# Copyright 2006 Sun Microsystems, Inc.  All rights reserved.
1117N/A# Use is subject to license terms.
1117N/A#
1117N/A#ident	"%Z%%M%	%I%	%E% SMI"
1117N/A#
1117N/A
1117N/A#
1117N/A#  NOTE:  When a change is made to the source file for
1117N/A#  /etc/minor_perm, a corresponding change must be made to
1117N/A#  this class-action script.
1117N/A#
1117N/A#  -	If an existing entry in minor_perm is having its
1117N/A#	attributes e.g. permissions, ownership changed,
1117N/A#	add it to the list produced by make_chattr_list below.
1117N/A#
1117N/A#  -	If an existing entry must be deleted, add it to
1117N/A#	the list produced by make_delete_list below.
1117N/A#
1117N/A#  -	If a new entry must be added to the file, add it to the
1117N/A#	list produced by make_add_list.
1117N/A#
1117N/A#  -	If a new entry is being added to minor_perm, but there
1117N/A#	may already be devices of that name on the system (e.g.
1117N/A#	we used the system default permissions in a previous release),
1117N/A#	and those old devices now need to have their attributes changed,
1117N/A#	add it to the make_chattr_list AND the make_add_list lists
1117N/A#
1117N/A
1117N/A#
1117N/A#  If an entry in /etc/minor_perm needs to have its attributes
1117N/A#  changed, identify the entry in the list copied to /etc/chattr.$$
1117N/A#  by this function.   The fields are:
1117N/A#
1117N/A#  <device>:<minor> <old_attrs> <new_attrs> <optional list of logical
1117N/A#					      devices whose attributes
1117N/A#					      will need to be changed>
1117N/A#
1117N/A#  where an <attribute list> := <perm> <user> <group>
1117N/A#
1117N/A#  NOTE: this list should also contain entries for nodes that previously
1117N/A#  were not in /etc/minor_perm (which means the default mode of 600,
1117N/A#  owner/group == root/sys), but now have an entry
1117N/A#
1117N/A
1117N/Amake_chattr_list()
1117N/A{
1117N/Acat > /tmp/chattr.$$ << EOF
1117N/Avol:volctl		0600 root sys 0666 root sys	/dev/volctl
1117N/Aclone:llc1		0600 root sys 0666 root sys	/dev/llc1
1117N/Aclone:sound,sbpro	0666 root sys 0600 root sys	/dev/sound/*
1117N/Asbpro:*			0666 root sys 0600 root sys	/dev/sound/*
1117N/Alog:conslog		0620 root sys 0666 root sys	/dev/conslog
1117N/Asy:tty			0666 root sys 0666 root tty	/dev/tty
1117N/Aicmp:icmp		0600 root sys 0666 root sys	/dev/rawip
1117N/Aicmp6:icmp6		0600 root sys 0666 root sys	/dev/rawip6
1117N/Aip:ip			0660 root sys 0666 root sys	/dev/ip
1117N/Aip6:ip6			0660 root sys 0666 root sys	/dev/ip6
1117N/Arts:rts			0660 root sys 0666 root sys	/dev/rts
1117N/Akeysock:keysock		0600 root sys 0666 root sys	/dev/keysock
1117N/Aipsecah:ipsecah		0600 root sys 0666 root sys	/dev/ipsecah
1117N/Aipsecesp:ipsecesp	0600 root sys 0666 root sys	/dev/ipsecesp
1117N/Aspdsock:spdsock		0600 root sys 0666 root sys	/dev/spdsock
1117N/Asad:admin		0600 root sys 0666 root sys	/dev/sad/admin
1117N/Afssnap:ctl		0600 root sys 0666 root sys	/dev/fssnapctl
1117N/Afssnap:*		0600 root sys 0640 root sys	/dev/fssnap/*
1117N/Aclone:dnet		0600 root sys 0666 root sys	/dev/dnet
1117N/Adnet:*			0600 root sys 0666 root sys	/dev/dnet*
1117N/Aclone:elxl		0600 root sys 0666 root sys	/dev/elxl
1117N/Aelxl:*			0600 root sys 0666 root sys	/dev/elxl*
1117N/Aclone:iprb		0600 root sys 0666 root sys	/dev/iprb
1117N/Aiprb:*			0600 root sys 0666 root sys	/dev/iprb*
1117N/Aclone:pcelx		0600 root sys 0666 root sys	/dev/pcelx
1117N/Apcelx:*			0600 root sys 0666 root sys	/dev/pcelx*
1117N/Aclone:spwr		0600 root sys 0666 root sys	/dev/spwr
1117N/Aspwr:*			0600 root sys 0666 root sys	/dev/spwr*
1117N/Acpc:*			0600 root sys 0666 root sys	/devices/pseudo/cpc*
1117N/Aipf:*			0600 root sys 0666 root sys	/dev/ipf
1117N/Apfil:*			0600 root sys 0666 root sys	/dev/pfil
1117N/Ascsi_vhci:devctl	0600 root sys 0666 root sys /devices/scsi_vhci:devctl
1117N/Afbt:fbt			0600 root sys 0644 root sys /dev/dtrace/provider/fbt
1117N/Alockstat:*		0600 root sys 0644 root sys /dev/dtrace/provider/lockstat
1117N/Aprofile:profile		0600 root sys 0644 root sys /dev/dtrace/provider/profile
1117N/Asdt:sdt			0600 root sys 0644 root sys /dev/dtrace/provider/sdt
1117N/Asystrace:systrace	0600 root sys 0644 root sys /dev/dtrace/provider/systrace
1117N/AEOF
1117N/A}
1117N/A
1117N/A#
1117N/A#  If an entry in /etc/minor_perm needs to be deleted, identify
1117N/A#  the entry in the list copied to /etc/delete.$$ by this function.
1117N/A#  The fields are:
1117N/A#
1117N/A#  <device>:<minor>  <optional list of logical devices to be deleted>
1117N/A#
1117N/A
1117N/Amake_delete_list()
1117N/A{
1117N/Acat > /tmp/delete.$$ << EOF
1117N/Arip:rawip
1117N/Aconsfb:consfb
1117N/Aclone:el
1117N/Aclone:elx
1117N/Aclone:sle
1117N/Aclone:sie
1117N/Aclone:sp
1117N/Aclone:ip
1117N/Aclone:icmp
1117N/Aclone:udp
1117N/Aclone:tcp
1117N/Aclone:rts
1117N/Aclone:arp
1117N/Aclone:ipsecah
1117N/Aclone:ipsecesp
1117N/Aclone:keysock
1117N/Aclone:smc
1117N/Aclone:tr
1117N/Aelx:*
1117N/Awin:*
1117N/Acmtp:*
1117N/Aprofile:profile
1117N/AEOF
1117N/A}
1117N/A
1117N/A#
1117N/A#  If an entry needs to be added to /etc/minor_perm, add the first
1117N/A#  field of the entry to the list created by this function.  The
1117N/A#  remainder of the entry will be extracted from the /etc/minor_perm
1117N/A#  in the package being installed, so it is not necessary to supply
1117N/A#  it here.
1117N/A#
1117N/A
1117N/Amake_add_list()
1117N/A{
1117N/Acat > /tmp/add.$$ << EOF
1117N/Avol:volctl
1117N/Aclone:llc1
1117N/Atnf:tnfctl
1117N/Atnf:tnfmap
1117N/Ast:*
1117N/Apm:*
1117N/Adevinfo:devinfo
1117N/Ai2o_bs:*
1117N/Aopeneepr:openprom
1117N/Awc:*
1117N/Aip:ip
1117N/Aip6:ip6
1117N/Aicmp:icmp
1117N/Aicmp6:icmp6
1117N/Audp:udp
1117N/Audp6:udp6
1117N/Atcp:tcp
1117N/Atcp6:tcp6
1117N/Arts:rts
1117N/Aarp:arp
1117N/Apoll:*
1117N/Apool:pool
1117N/Apool:poolctl
1117N/Acpc:shared
1117N/Asysmsg:msglog
1117N/Asysmsg:sysmsg
1117N/Aipsecah:ipsecah
1117N/Aipsecesp:ipsecesp
1117N/Akeysock:keysock
1117N/Aspdsock:spdsock
1117N/Adevinfo:devinfo,ro
1117N/Alofi:*
1117N/Alofi:ctl
1117N/Asgen:*
1117N/Afssnap:*
1117N/Afssnap:ctl
1117N/Arsm:*
1117N/Arandom:*
1117N/Amm:allkmem
1117N/Aclone:dnet
dnet:*
clone:elxl
elxl:*
clone:ibd
ibd:*
clone:iprb
iprb:*
clone:pcelx
pcelx:*
clone:spwr
spwr:*
sysevent:*
ramdisk:*
ramdisk:ctl
cryptoadm:cryptoadm
crypto:crypto
dtrace:*
fasttrap:fasttrap
ipf:*
pfil:*
bl:*
sctp:*
sctp6:*
vni:*
cpuid:self
clone:bge
bge:*
bmc:bmc
dld:*
aggr:*
smbios:smbios
zfs:*
zfs:zfs
scsi_vhci:*
kssl:*
fbt:fbt
profile:profile
sdt:sdt
systrace:systrace
lx_ptm:lx_ptmajor
lx_systrace:*
EOF
}

PATH="/sbin:/usr/sbin:/usr/bin:/usr/sadm/install/bin"
export PATH

# Internal routine to create a sed script which can be used to
# escape all shell globbing metacharacters in a path.

create_esc_sedscript()
{
cat > /tmp/esc.sed.$$ << EOF
s/\*/\\\\*/g
s/\?/\\\\?/g
s/\[/\\\\[/g
s/\]/\\\\]/g
EOF
}

# Internal routine to convert an entry in a /tmp/chwhatever.$$ file to
# an appropriately escaped pattern which can be used to grep into minor_perm.

entry2pattern()
{
	# the first argument is the 'key' field from the change file.
	# entries can contain shell globbing characters to match
	# several devices - hence all the palaver below.

	printf '%s' `echo "$1" | sed \
		-e 's/\*/\\\\*/g'	-e 's/\?/\\\\?/g'	\
		-e 's/\./\\\\./g'	-e 's/\[/\\\\[/g'	\
		-e 's/\]/\\\\]/g'`
	shift

	# the remaining optional arguments are tokens separated by white-space

	if [ $# = 0 ] ; then
		printf '[ \t]'
	else
		while [ -n "$1" ]
		do
			printf '[ \t][ \t]*%s' $1
			shift
		done
		printf '[ \t]*$'
	fi
}

while read src dest
do
	if [ ! -f $dest ] ; then
		cp $src $dest
	else
		rm -f /tmp/*.$$
		create_esc_sedscript
		make_chattr_list
		make_delete_list
		make_add_list

		#
		#  Process the list of devices whose attributes are to be
		#  changed.  Find those that actually need to be
		#  applied to the file.  For each change that needs
		#  to be applied, add an entry for it to the sed
		#  script that will eventually be applied to the
		#  currently-installed /etc/minor_perm file.  Also,
		#  add an entry to the /tmp/chdevs.$$ file, which
		#  contains the list of logical names of devices
		#  whose permissions need to be changed.
		#

		cat /tmp/chattr.$$ | \
		while read key oldp oldu oldg newp newu newg chdevs
		do
			do_chdevs=no

			#
			#  First determine whether the device entry
			#  is already in the file, but with the old
			#  permissions.  If so, the entry needs to be
			#  modified and the devices in the chdevs list
			#  need to have their permissions and ownerships
			#  changed.
			#
			grepstr=`entry2pattern "${key}" $oldp $oldu $oldg`
			if grep "$grepstr" $dest > /dev/null 2>&1; then
				echo "s/${grepstr}/$key $newp $newu $newg/" \
				    >> /tmp/sedscript.$$
				do_chdevs=yes
			fi

			#
			#  Now determine whether the device entry is
			#  in the file at all.  If not, it is a new
			#  entry, but there may already be devices
			#  on the system whose permissions need to
			#  be changed.
			#
			grepstr=`entry2pattern "${key}"`
			grep "${grepstr}" $dest > /dev/null 2>&1
			if [ $? != 0 ] ; then
				do_chdevs=yes
			fi

			if [ $do_chdevs = yes -a "$chdevs" != "" ] ; then
				xchdevs=`echo "$chdevs" | \
				    sed -f /tmp/esc.sed.$$`
				for m in $xchdevs ; do
					echo "$m" $oldp $oldu $oldg \
					    $newp $newu $newg >> /tmp/chdevs.$$
				done
			fi
		done

		# sort the "change attributes" list
		if [ -s /tmp/chdevs.$$ ] ; then
			sort -u /tmp/chdevs.$$ > /tmp/tmp.$$
			mv /tmp/tmp.$$ /tmp/chdevs.$$
		fi

		#
		#  Process the list of devices to be deleted.
		#  Find those that actually need to be deleted
		#  from the file.  For each entry to be deleted,
		#  add an entry for it to the sed script that will
		#  eventually be applied to the  currently-installed
		#  /etc/minor_perm file.  Also, add an entry to the
		#  /tmp/deldevs.$$ file, which contains the list of
		#  logical names of devices to be deleted.
		#

		cat /tmp/delete.$$ | while read key deldevs
		do
			grepstr=`entry2pattern "${key}"`
			if grep "$grepstr" $dest > /dev/null 2>&1; then
				echo "/${grepstr}/d" >> /tmp/sedscript.$$
				if [ "$deldevs" != "" ] ; then
					xdeldevs=`echo "$deldevs" | \
					    sed -f /tmp/esc.sed.$$`
					for m in $xdeldevs ; do
						echo "$m" >> /tmp/deldevs.$$
					done
				fi
			fi
		done
		if [ -s /tmp/deldevs.$$ ] ; then
			sort -u /tmp/deldevs.$$ > /tmp/tmp.$$
			mv /tmp/tmp.$$ /tmp/deldevs.$$
		fi

		#
		#  Apply the sed script possibly built above to the
		#  currently-installed /etc/minor_perm file.
		#

		if [ -s /tmp/sedscript.$$ ] ; then
			sed -f /tmp/sedscript.$$ $dest > /tmp/tmp.$$
			cp /tmp/tmp.$$ $dest
		fi

		#  For all entries in minor_perm whose attributes had
		#  to be corrected, correct the relevant attributes of the
		#  already-existing devices that correspond to those
		#  entries.
		#
		if [ -s /tmp/chdevs.$$ -a "$PKG_INSTALL_ROOT" != ""  -a \
		     "$PKG_INSTALL_ROOT" != "/" ] ; then
			cat /tmp/chdevs.$$ |\
			while read device oldp oldu oldg newp newu newg
			do
				#
				# Note that we take pains -only- to change
				# the permission/ownership of devices that
				# have kept their original permissions.
				#
				for dev in $PKG_INSTALL_ROOT/$device; do
					find $dev -follow -perm $oldp -exec \
					    chmod $newp $dev \; >/dev/null 2>&1
					find $dev -follow -user $oldu -exec \
					    chown $newu $dev \; >/dev/null 2>&1
					find $dev -follow -group $oldg -exec \
					    chgrp $newg $dev \; >/dev/null 2>&1
				done
			done
		fi

		#
		#  For all entries in minor_perm that were deleted,
		#  remove the /dev entries that point to device nodes
		#  that correspond to those entries.
		#
		if [ -s /tmp/deldevs.$$ -a "$PKG_INSTALL_ROOT" != ""  -a \
		     "$PKG_INSTALL_ROOT" != "/" ] ; then
			cat /tmp/deldevs.$$ | while read device
			do
				rm -f $PKG_INSTALL_ROOT/$device
			done
		fi

		cat /tmp/add.$$ | while read key
		do
			grepstr=`entry2pattern "${key}"`
			grep "$grepstr" $dest > /dev/null 2>&1
			if [ $? != 0 ] ; then
				grep "$grepstr" $src >> $dest
			fi
		done

		rm -f /tmp/*.$$
	fi
done

exit 0