i.minorperm_i386 revision c7ee0b5c5eb7b17e7ef152313d57f97c2fee7416
0N/A#!/bin/sh
0N/A#
0N/A# CDDL HEADER START
0N/A#
0N/A# The contents of this file are subject to the terms of the
0N/A# Common Development and Distribution License (the "License").
0N/A# You may not use this file except in compliance with the License.
0N/A#
0N/A# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
0N/A# or http://www.opensolaris.org/os/licensing.
0N/A# See the License for the specific language governing permissions
0N/A# and limitations under the License.
0N/A#
0N/A# When distributing Covered Code, include this CDDL HEADER in each
0N/A# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
0N/A# If applicable, add the following below this CDDL HEADER, with the
0N/A# fields enclosed by brackets "[]" replaced with your own identifying
0N/A# information: Portions Copyright [yyyy] [name of copyright owner]
873N/A#
0N/A# CDDL HEADER END
0N/A#
0N/A#
0N/A# Copyright 2008 Sun Microsystems, Inc. All rights reserved.
0N/A# Use is subject to license terms.
3231N/A#
5864N/A
0N/A#
0N/A# NOTE: When a change is made to the source file for
2086N/A# /etc/minor_perm, a corresponding change must be made to
0N/A# this class-action script.
0N/A#
0N/A# - If an existing entry in minor_perm is having its
1617N/A# attributes e.g. permissions, ownership changed,
0N/A# add it to the list produced by make_chattr_list below.
0N/A#
0N/A# - If an existing entry must be deleted, add it to
0N/A# the list produced by make_delete_list below.
0N/A#
0N/A# - If a new entry must be added to the file, add it to the
0N/A# list produced by make_add_list.
0N/A#
2086N/A# - If a new entry is being added to minor_perm, but there
2086N/A# may already be devices of that name on the system (e.g.
4134N/A# we used the system default permissions in a previous release),
0N/A# and those old devices now need to have their attributes changed,
1280N/A# add it to the make_chattr_list AND the make_add_list lists
2086N/A#
2086N/A
0N/A#
0N/A# If an entry in /etc/minor_perm needs to have its attributes
0N/A# changed, identify the entry in the list copied to /etc/chattr.$$
0N/A# by this function. The fields are:
0N/A#
0N/A# <device>:<minor> <old_attrs> <new_attrs> <optional list of logical
0N/A# devices whose attributes
0N/A# will need to be changed>
0N/A#
1617N/A# where an <attribute list> := <perm> <user> <group>
0N/A#
0N/A# NOTE: this list should also contain entries for nodes that previously
0N/A# were not in /etc/minor_perm (which means the default mode of 600,
0N/A# owner/group == root/sys), but now have an entry
0N/A#
0N/A
0N/Amake_chattr_list()
0N/A{
0N/Acat > /tmp/chattr.$$ << EOF
0N/Avol:volctl 0600 root sys 0666 root sys /dev/volctl
0N/Aclone:llc1 0600 root sys 0666 root sys /dev/llc1
0N/Alog:conslog 0620 root sys 0666 root sys /dev/conslog
0N/Asy:tty 0666 root sys 0666 root tty /dev/tty
0N/Aicmp:icmp 0600 root sys 0666 root sys /dev/rawip
0N/Aicmp6:icmp6 0600 root sys 0666 root sys /dev/rawip6
0N/Aip:ip 0660 root sys 0666 root sys /dev/ip
0N/Aip6:ip6 0660 root sys 0666 root sys /dev/ip6
0N/Arts:rts 0660 root sys 0666 root sys /dev/rts
0N/Akeysock:keysock 0600 root sys 0666 root sys /dev/keysock
0N/Aipsecah:ipsecah 0600 root sys 0666 root sys /dev/ipsecah
0N/Aipsecesp:ipsecesp 0600 root sys 0666 root sys /dev/ipsecesp
5864N/Aspdsock:spdsock 0600 root sys 0666 root sys /dev/spdsock
0N/Asad:admin 0600 root sys 0666 root sys /dev/sad/admin
0N/Afssnap:ctl 0600 root sys 0666 root sys /dev/fssnapctl
0N/Afssnap:* 0600 root sys 0640 root sys /dev/fssnap/*
0N/Aclone:dnet 0600 root sys 0666 root sys /dev/dnet
0N/Adnet:* 0600 root sys 0666 root sys /dev/dnet*
4134N/Aclone:elxl 0600 root sys 0666 root sys /dev/elxl
0N/Aelxl:* 0600 root sys 0666 root sys /dev/elxl*
0N/Aclone:iprb 0600 root sys 0666 root sys /dev/iprb
0N/Aiprb:* 0600 root sys 0666 root sys /dev/iprb*
2086N/Aclone:pcelx 0600 root sys 0666 root sys /dev/pcelx
4134N/Apcelx:* 0600 root sys 0666 root sys /dev/pcelx*
0N/Aclone:spwr 0600 root sys 0666 root sys /dev/spwr
2086N/Aspwr:* 0600 root sys 0666 root sys /dev/spwr*
0N/Acpc:* 0600 root sys 0666 root sys /devices/pseudo/cpc*
0N/Aipf:* 0600 root sys 0666 root sys /dev/ipf
0N/Apfil:* 0600 root sys 0666 root sys /dev/pfil
0N/Ascsi_vhci:devctl 0600 root sys 0666 root sys /devices/scsi_vhci:devctl
0N/Afbt:fbt 0600 root sys 0644 root sys /dev/dtrace/provider/fbt
0N/Alockstat:* 0600 root sys 0644 root sys /dev/dtrace/provider/lockstat
0N/Aprofile:profile 0600 root sys 0644 root sys /dev/dtrace/provider/profile
0N/Asdt:sdt 0600 root sys 0644 root sys /dev/dtrace/provider/sdt
0N/Asystrace:systrace 0600 root sys 0644 root sys /dev/dtrace/provider/systrace
0N/Aclone:bge 0600 root sys 0666 root sys /dev/bge
0N/Aclone:igb 0600 root sys 0666 root sys /dev/igb
0N/Aclone:ixgbe 0600 root sys 0666 root sys /dev/ixgbe
0N/Aclone:rge 0600 root sys 0666 root sys /dev/rge
0N/Aclone:xge 0600 root sys 0666 root sys /dev/xge
0N/Aclone:nge 0600 root sys 0666 root sys /dev/nge
0N/Aclone:chxge 0600 root sys 0666 root sys /dev/chxge
0N/Aclone:pcn 0600 root sys 0666 root sys /dev/pcn
0N/Aclone:rtls 0600 root sys 0666 root sys /dev/rtls
0N/Aclone:ath 0600 root sys 0666 root sys /dev/ath
0N/Aclone:ipw 0600 root sys 0666 root sys /dev/ipw
1617N/Aclone:iwh 0600 root sys 0666 root sys /dev/iwh
0N/Aclone:iwi 0600 root sys 0666 root sys /dev/iwi
5864N/Aclone:iwk 0600 root sys 0666 root sys /dev/iwk
1617N/Aclone:pcwl 0600 root sys 0666 root sys /dev/pcwl
0N/Aclone:pcan 0600 root sys 0666 root sys /dev/pcan
0N/Aclone:ral 0600 root sys 0666 root sys /dev/ral
0N/Aclone:rtw 0600 root sys 0666 root sys /dev/rtw
0N/Aclone:ural 0600 root sys 0666 root sys /dev/ural
0N/Aclone:wpi 0600 root sys 0666 root sys /dev/wpi
0N/Aclone:afe 0600 root sys 0666 root sys /dev/afe
2086N/Aclone:dmfe 0600 root sys 0666 root sys /dev/dmfe
2086N/Aclone:mxfe 0600 root sys 0666 root sys /dev/mxfe
0N/Abge:* 0600 root sys 0666 root sys /dev/bge*
0N/Aigb:* 0600 root sys 0666 root sys /dev/igb*
0N/Aixgbe:* 0600 root sys 0666 root sys /dev/ixgbe*
0N/Arge:* 0600 root sys 0666 root sys /dev/rge*
0N/Axge:* 0600 root sys 0666 root sys /dev/xge*
0N/Ange:* 0600 root sys 0666 root sys /dev/nge*
2086N/Ae1000g:* 0666 root root 0666 root sys /dev/e1000g*
2086N/Achxge:* 0600 root sys 0666 root sys /dev/chxge*
0N/Apcn:* 0600 root sys 0666 root sys /dev/pcn*
0N/Artls:* 0600 root sys 0666 root sys /dev/rtls*
0N/Aath:* 0600 root sys 0666 root sys /dev/ath*
0N/Aipw:* 0600 root sys 0666 root sys /dev/ipw*
0N/Aiwh:* 0600 root sys 0666 root sys /dev/iwh*
0N/Aiwi:* 0600 root sys 0666 root sys /dev/iwi*
2086N/Aiwk:* 0600 root sys 0666 root sys /dev/iwk*
2086N/Apcwl:* 0600 root sys 0666 root sys /dev/pcwl*
0N/Apcan:* 0600 root sys 0666 root sys /dev/pcan*
0N/Aral:* 0600 root sys 0666 root sys /dev/ral*
0N/Artw:* 0600 root sys 0666 root sys /dev/rtw*
0N/Aural:* 0600 root sys 0666 root sys /dev/ural*
0N/Awpi:* 0600 root sys 0666 root sys /dev/wpi*
0N/Aafe:* 0600 root sys 0666 root sys /dev/afe*
0N/Admfe:* 0600 root sys 0666 root sys /dev/dmfe*
0N/Amxfe:* 0600 root sys 0666 root sys /dev/mxfe*
0N/Aballoon:* 0600 root sys 0444 root sys /dev/xen/balloon
0N/Adomcaps:* 0600 root sys 0444 root sys /dev/xen/domcaps
5864N/Aevtchn:* 0600 root sys 0666 root sys /dev/xen/evtchn
0N/Aprivcmd:* 0600 root sys 0666 root sys /dev/xen/privcmd
0N/Axenbus:* 0600 root sys 0666 root sys /dev/xen/xenbus
0N/AEOF
0N/A}
0N/A
0N/A#
0N/A# If an entry in /etc/minor_perm needs to be deleted, identify
0N/A# the entry in the list copied to /etc/delete.$$ by this function.
0N/A# The fields are:
0N/A#
0N/A# <device>:<minor> <optional list of logical devices to be deleted>
0N/A#
5864N/A
0N/Amake_delete_list()
0N/A{
0N/Acat > /tmp/delete.$$ << EOF
0N/Arip:rawip
0N/Aconsfb:consfb
0N/Aclone:el
0N/Aclone:elx
0N/Aclone:sle
0N/Aclone:sie
0N/Aclone:sp
0N/Aclone:ip
0N/Aclone:icmp
5864N/Aclone:udp
0N/Aclone:tcp
0N/Aclone:rts
0N/Aclone:arp
0N/Aclone:ipsecah
0N/Aclone:ipsecesp
0N/Aclone:keysock
0N/Aclone:smc
0N/Aclone:tr
0N/Aclone:sbpro
0N/Aelx:*
0N/Asbpro:*
0N/Awin:*
0N/Acmtp:*
0N/Aprofile:profile
0N/Aasy:[a-z]
5864N/Aasy:[a-z],cu
0N/Ai2o_bs:*
0N/AEOF
0N/A}
0N/A
0N/A#
0N/A# If an entry needs to be added to /etc/minor_perm, add the first
0N/A# field of the entry to the list created by this function. The
0N/A# remainder of the entry will be extracted from the /etc/minor_perm
0N/A# in the package being installed, so it is not necessary to supply
0N/A# it here.
0N/A#
0N/A
0N/Amake_add_list()
0N/A{
0N/Acat > /tmp/add.$$ << EOF
5864N/Avol:volctl
0N/Aclone:llc1
0N/Atnf:tnfctl
0N/Atnf:tnfmap
0N/Ast:*
0N/Apm:*
0N/Adevinfo:devinfo
0N/Aopeneepr:openprom
0N/Awc:*
0N/Aip:ip
0N/Aip6:ip6
0N/Aicmp:icmp
0N/Aicmp6:icmp6
0N/Audp:udp
0N/Audp6:udp6
0N/Atcp:tcp
5864N/Atcp6:tcp6
0N/Arts:rts
0N/Aarp:arp
0N/Apoll:*
0N/Apool:pool
0N/Apool:poolctl
0N/Acpc:shared
0N/Asysmsg:msglog
0N/Asysmsg:sysmsg
0N/Aipsecah:ipsecah
0N/Aipsecesp:ipsecesp
0N/Akeysock:keysock
0N/Aspdsock:spdsock
0N/Adevinfo:devinfo,ro
0N/Alofi:*
0N/Alofi:ctl
5864N/Asgen:*
0N/Afssnap:*
0N/Afssnap:ctl
0N/Arsm:*
0N/Arandom:*
0N/Amm:allkmem
0N/Aclone:dnet
0N/Adnet:*
0N/Aclone:elxl
0N/Aelxl:*
0N/Aclone:ibd
0N/Aibd:*
0N/Aclone:iprb
0N/Aiprb:*
0N/Aclone:pcelx
0N/Apcelx:*
0N/Aclone:spwr
0N/Aspwr:*
0N/Asysevent:*
0N/Aramdisk:*
0N/Aramdisk:ctl
5864N/Acryptoadm:cryptoadm
4134N/Acrypto:crypto
2086N/Adtrace:*
0N/Afasttrap:fasttrap
4134N/Aipf:*
0N/Apfil:*
0N/Abl:*
0N/Asctp:*
0N/Asctp6:*
2086N/Avni:*
2086N/Acpuid:self
0N/Aclone:bge
0N/Aclone:igb
0N/Aclone:ixgbe
0N/Aclone:rge
0N/Aclone:xge
0N/Aclone:nge
0N/Aclone:e1000g
0N/Aclone:chxge
0N/Aclone:pcn
0N/Aclone:rtls
0N/Aclone:ath
0N/Aclone:ipw
0N/Aclone:iwh
0N/Aclone:iwi
0N/Aclone:iwk
0N/Aclone:pcwl
0N/Aclone:pcan
0N/Aclone:ral
5864N/Aclone:rtw
5864N/Aclone:ural
0N/Aclone:wpi
0N/Aclone:afe
5864N/Aclone:dmfe
5864N/Aclone:mxfe
0N/Abge:*
0N/Aigb:*
0N/Aixgbe:*
0N/Arge:*
0N/Axge:*
0N/Ange:*
0N/Ae1000g:*
0N/Achxge:*
0N/Apcn:*
0N/Artls:*
5864N/Aath:*
5864N/Aipw:*
0N/Aiwh:*
0N/Aiwi:*
0N/Aiwk:*
0N/Apcwl:*
0N/Apcan:*
0N/Aral:*
0N/Artw:*
0N/Aural:*
0N/Awpi:*
0N/Aafe:*
0N/Admfe:*
0N/Amxfe:*
0N/Abmc:bmc
0N/Adld:*
0N/Aaggr:*
0N/Asmbios:smbios
0N/Azfs:*
5864N/Azfs:zfs
5864N/Ascsi_vhci:*
0N/Akssl:*
0N/Afbt:fbt
0N/Aprofile:profile
0N/Asdt:sdt
0N/Asoftmac:*
0N/Asystrace:systrace
0N/Alx_ptm:lx_ptmajor
0N/Alx_systrace:*
0N/Aphysmem:*
5864N/Aasy:*
5864N/Aasy:*,cu
0N/Aucode:*
0N/Aacpi_drv:*
0N/Asmbsrv:*
0N/Avscan:*
0N/Ansmb:*
0N/Aballoon:*
0N/Adomcaps:*
0N/Aevtchn:*
0N/Aprivcmd:*
0N/Axenbus:*
0N/Afm:*
0N/AEOF
0N/A}
0N/A
0N/APATH="/sbin:/usr/sbin:/usr/bin:/usr/sadm/install/bin"
5864N/Aexport PATH
5864N/A
0N/A# Internal routine to create a sed script which can be used to
0N/A# escape all shell globbing metacharacters in a path.
0N/A
0N/Acreate_esc_sedscript()
0N/A{
0N/Acat > /tmp/esc.sed.$$ << EOF
0N/As/\*/\\\\*/g
0N/As/\?/\\\\?/g
0N/As/\[/\\\\[/g
0N/As/\]/\\\\]/g
0N/AEOF
0N/A}
0N/A
0N/A# Internal routine to convert an entry in a /tmp/chwhatever.$$ file to
0N/A# an appropriately escaped pattern which can be used to grep into minor_perm.
0N/A
0N/Aentry2pattern()
0N/A{
0N/A # the first argument is the 'key' field from the change file.
0N/A # entries can contain shell globbing characters to match
5864N/A # several devices - hence all the palaver below.
5864N/A
0N/A printf '%s' `echo "$1" | sed \
0N/A -e 's/\*/\\\\*/g' -e 's/\?/\\\\?/g' \
0N/A -e 's/\./\\\\./g' -e 's/\[/\\\\[/g' \
0N/A -e 's/\]/\\\\]/g'`
0N/A shift
0N/A
0N/A # the remaining optional arguments are tokens separated by white-space
3853N/A
3853N/A if [ $# = 0 ] ; then
3853N/A printf '[ \t]'
3853N/A else
3853N/A while [ -n "$1" ]
3853N/A do
5864N/A printf '[ \t][ \t]*%s' $1
3853N/A shift
3853N/A done
3853N/A printf '[ \t]*$'
3853N/A fi
5866N/A}
5866N/A
5866N/Awhile read src dest
5866N/Ado
5866N/A if [ ! -f $dest ] ; then
5866N/A cp $src $dest
5866N/A else
5866N/A rm -f /tmp/*.$$
5866N/A create_esc_sedscript
5866N/A make_chattr_list
0N/A make_delete_list
0N/A make_add_list
#
# Process the list of devices whose attributes are to be
# changed. Find those that actually need to be
# applied to the file. For each change that needs
# to be applied, add an entry for it to the sed
# script that will eventually be applied to the
# currently-installed /etc/minor_perm file. Also,
# add an entry to the /tmp/chdevs.$$ file, which
# contains the list of logical names of devices
# whose permissions need to be changed.
#
cat /tmp/chattr.$$ | \
while read key oldp oldu oldg newp newu newg chdevs
do
do_chdevs=no
#
# First determine whether the device entry
# is already in the file, but with the old
# permissions. If so, the entry needs to be
# modified and the devices in the chdevs list
# need to have their permissions and ownerships
# changed.
#
grepstr=`entry2pattern "${key}" $oldp $oldu $oldg`
if grep "$grepstr" $dest > /dev/null 2>&1; then
echo "s/${grepstr}/$key $newp $newu $newg/" \
>> /tmp/sedscript.$$
do_chdevs=yes
fi
#
# Now determine whether the device entry is
# in the file at all. If not, it is a new
# entry, but there may already be devices
# on the system whose permissions need to
# be changed.
#
grepstr=`entry2pattern "${key}"`
grep "${grepstr}" $dest > /dev/null 2>&1
if [ $? != 0 ] ; then
do_chdevs=yes
fi
if [ $do_chdevs = yes -a "$chdevs" != "" ] ; then
xchdevs=`echo "$chdevs" | \
sed -f /tmp/esc.sed.$$`
for m in $xchdevs ; do
echo "$m" $oldp $oldu $oldg \
$newp $newu $newg >> /tmp/chdevs.$$
done
fi
done
# sort the "change attributes" list
if [ -s /tmp/chdevs.$$ ] ; then
sort -u /tmp/chdevs.$$ > /tmp/tmp.$$
mv /tmp/tmp.$$ /tmp/chdevs.$$
fi
#
# Process the list of devices to be deleted.
# Find those that actually need to be deleted
# from the file. For each entry to be deleted,
# add an entry for it to the sed script that will
# eventually be applied to the currently-installed
# /etc/minor_perm file. Also, add an entry to the
# /tmp/deldevs.$$ file, which contains the list of
# logical names of devices to be deleted.
#
cat /tmp/delete.$$ | while read key deldevs
do
grepstr=`entry2pattern "${key}"`
if grep "$grepstr" $dest > /dev/null 2>&1; then
echo "/${grepstr}/d" >> /tmp/sedscript.$$
if [ "$deldevs" != "" ] ; then
xdeldevs=`echo "$deldevs" | \
sed -f /tmp/esc.sed.$$`
for m in $xdeldevs ; do
echo "$m" >> /tmp/deldevs.$$
done
fi
fi
done
if [ -s /tmp/deldevs.$$ ] ; then
sort -u /tmp/deldevs.$$ > /tmp/tmp.$$
mv /tmp/tmp.$$ /tmp/deldevs.$$
fi
#
# Apply the sed script possibly built above to the
# currently-installed /etc/minor_perm file.
#
if [ -s /tmp/sedscript.$$ ] ; then
sed -f /tmp/sedscript.$$ $dest > /tmp/tmp.$$
cp /tmp/tmp.$$ $dest
fi
# For all entries in minor_perm whose attributes had
# to be corrected, correct the relevant attributes of the
# already-existing devices that correspond to those
# entries.
#
if [ -s /tmp/chdevs.$$ -a "$PKG_INSTALL_ROOT" != "" -a \
"$PKG_INSTALL_ROOT" != "/" ] ; then
cat /tmp/chdevs.$$ |\
while read device oldp oldu oldg newp newu newg
do
#
# Note that we take pains -only- to change
# the permission/ownership of devices that
# have kept their original permissions.
#
for dev in $PKG_INSTALL_ROOT/$device; do
find $dev -follow -perm $oldp -exec \
chmod $newp $dev \; >/dev/null 2>&1
find $dev -follow -user $oldu -exec \
chown $newu $dev \; >/dev/null 2>&1
find $dev -follow -group $oldg -exec \
chgrp $newg $dev \; >/dev/null 2>&1
done
done
fi
#
# For all entries in minor_perm that were deleted,
# remove the /dev entries that point to device nodes
# that correspond to those entries.
#
if [ -s /tmp/deldevs.$$ -a "$PKG_INSTALL_ROOT" != "" -a \
"$PKG_INSTALL_ROOT" != "/" ] ; then
cat /tmp/deldevs.$$ | while read device
do
rm -f $PKG_INSTALL_ROOT/$device
done
fi
cat /tmp/add.$$ | while read key
do
grepstr=`entry2pattern "${key}"`
grep "$grepstr" $dest > /dev/null 2>&1
if [ $? != 0 ] ; then
grep "$grepstr" $src >> $dest
fi
done
rm -f /tmp/*.$$
fi
done
exit 0