pkgdefs/common_files/i.minorperm_i386

	i.minorperm_i386 revision d2ec54f7875f7e05edd56195adbeb593c947763f
#!/bin/sh
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
#
# Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#
#ident	"%Z%%M%	%I%	%E% SMI"
#

#
#  NOTE:  When a change is made to the source file for
#  /etc/minor_perm, a corresponding change must be made to
#  this class-action script.
#
#  -	If an existing entry in minor_perm is having its
#	attributes e.g. permissions, ownership changed,
#	add it to the list produced by make_chattr_list below.
#
#  -	If an existing entry must be deleted, add it to
#	the list produced by make_delete_list below.
#
#  -	If a new entry must be added to the file, add it to the
#	list produced by make_add_list.
#
#  -	If a new entry is being added to minor_perm, but there
#	may already be devices of that name on the system (e.g.
#	we used the system default permissions in a previous release),
#	and those old devices now need to have their attributes changed,
#	add it to the make_chattr_list AND the make_add_list lists
#

#
#  If an entry in /etc/minor_perm needs to have its attributes
#  changed, identify the entry in the list copied to /etc/chattr.$$
#  by this function.   The fields are:
#
#  <device>:<minor> <old_attrs> <new_attrs> <optional list of logical
#					      devices whose attributes
#					      will need to be changed>
#
#  where an <attribute list> := <perm> <user> <group>
#
#  NOTE: this list should also contain entries for nodes that previously
#  were not in /etc/minor_perm (which means the default mode of 600,
#  owner/group == root/sys), but now have an entry
#

make_chattr_list()
{
cat > /tmp/chattr.$$ << EOF
vol:volctl		0600 root sys 0666 root sys	/dev/volctl
clone:llc1		0600 root sys 0666 root sys	/dev/llc1
clone:sound,sbpro	0666 root sys 0600 root sys	/dev/sound/*
sbpro:*			0666 root sys 0600 root sys	/dev/sound/*
log:conslog		0620 root sys 0666 root sys	/dev/conslog
sy:tty			0666 root sys 0666 root tty	/dev/tty
icmp:icmp		0600 root sys 0666 root sys	/dev/rawip
icmp6:icmp6		0600 root sys 0666 root sys	/dev/rawip6
ip:ip			0660 root sys 0666 root sys	/dev/ip
ip6:ip6			0660 root sys 0666 root sys	/dev/ip6
rts:rts			0660 root sys 0666 root sys	/dev/rts
keysock:keysock		0600 root sys 0666 root sys	/dev/keysock
ipsecah:ipsecah		0600 root sys 0666 root sys	/dev/ipsecah
ipsecesp:ipsecesp	0600 root sys 0666 root sys	/dev/ipsecesp
spdsock:spdsock		0600 root sys 0666 root sys	/dev/spdsock
sad:admin		0600 root sys 0666 root sys	/dev/sad/admin
fssnap:ctl		0600 root sys 0666 root sys	/dev/fssnapctl
fssnap:*		0600 root sys 0640 root sys	/dev/fssnap/*
clone:dnet		0600 root sys 0666 root sys	/dev/dnet
dnet:*			0600 root sys 0666 root sys	/dev/dnet*
clone:elxl		0600 root sys 0666 root sys	/dev/elxl
elxl:*			0600 root sys 0666 root sys	/dev/elxl*
clone:iprb		0600 root sys 0666 root sys	/dev/iprb
iprb:*			0600 root sys 0666 root sys	/dev/iprb*
clone:pcelx		0600 root sys 0666 root sys	/dev/pcelx
pcelx:*			0600 root sys 0666 root sys	/dev/pcelx*
clone:spwr		0600 root sys 0666 root sys	/dev/spwr
spwr:*			0600 root sys 0666 root sys	/dev/spwr*
cpc:*			0600 root sys 0666 root sys	/devices/pseudo/cpc*
ipf:*			0600 root sys 0666 root sys	/dev/ipf
pfil:*			0600 root sys 0666 root sys	/dev/pfil
scsi_vhci:devctl	0600 root sys 0666 root sys /devices/scsi_vhci:devctl
fbt:fbt			0600 root sys 0644 root sys /dev/dtrace/provider/fbt
lockstat:*		0600 root sys 0644 root sys /dev/dtrace/provider/lockstat
profile:profile		0600 root sys 0644 root sys /dev/dtrace/provider/profile
sdt:sdt			0600 root sys 0644 root sys /dev/dtrace/provider/sdt
systrace:systrace	0600 root sys 0644 root sys /dev/dtrace/provider/systrace
clone:bge		0600 root sys 0666 root sys	/dev/bge
clone:rge		0600 root sys 0666 root sys	/dev/rge
clone:xge		0600 root sys 0666 root sys	/dev/xge
clone:nge		0600 root sys 0666 root sys	/dev/nge
clone:chxge		0600 root sys 0666 root sys	/dev/chxge
clone:pcn		0600 root sys 0666 root sys	/dev/pcn
clone:rtls		0600 root sys 0666 root sys	/dev/rtls
clone:ath		0600 root sys 0666 root sys	/dev/ath
clone:ipw               0600 root sys 0666 root sys     /dev/ipw
clone:iwi               0600 root sys 0666 root sys     /dev/iwi
clone:iwk               0600 root sys 0666 root sys     /dev/iwk
clone:pcwl              0600 root sys 0666 root sys     /dev/pcwl
clone:pcan              0600 root sys 0666 root sys     /dev/pcan
clone:ral		0600 root sys 0666 root sys	/dev/ral
clone:rtw		0600 root sys 0666 root sys	/dev/rtw
clone:wpi		0600 root sys 0666 root sys	/dev/wpi
clone:afe		0600 root sys 0666 root sys	/dev/afe
clone:dmfe		0600 root sys 0666 root sys	/dev/dmfe
clone:mxfe		0600 root sys 0666 root sys	/dev/mxfe
bge:*			0600 root sys 0666 root sys	/dev/bge*
rge:*			0600 root sys 0666 root sys	/dev/rge*
xge:*			0600 root sys 0666 root sys	/dev/xge*
nge:*			0600 root sys 0666 root sys	/dev/nge*
e1000g:*		0666 root root 0666 root sys	/dev/e1000g*
chxge:*			0600 root sys 0666 root sys	/dev/chxge*
pcn:*			0600 root sys 0666 root sys	/dev/pcn*
rtls:*			0600 root sys 0666 root sys	/dev/rtls*
ath:*			0600 root sys 0666 root sys	/dev/ath*
ipw:*                   0600 root sys 0666 root sys     /dev/ipw*
iwi:*                   0600 root sys 0666 root sys     /dev/iwi*
iwk:*                   0600 root sys 0666 root sys     /dev/iwk*
pcwl:*                  0600 root sys 0666 root sys     /dev/pcwl*
pcan:*                  0600 root sys 0666 root sys     /dev/pcan*
ral:*			0600 root sys 0666 root sys	/dev/ral*
rtw:*			0600 root sys 0666 root sys	/dev/rtw*
wpi:*			0600 root sys 0666 root sys	/dev/wpi*
afe:*			0600 root sys 0666 root sys	/dev/afe*
dmfe:*			0600 root sys 0666 root sys	/dev/dmfe*
mxfe:*			0600 root sys 0666 root sys	/dev/mxfe*
EOF
}

#
#  If an entry in /etc/minor_perm needs to be deleted, identify
#  the entry in the list copied to /etc/delete.$$ by this function.
#  The fields are:
#
#  <device>:<minor>  <optional list of logical devices to be deleted>
#

make_delete_list()
{
cat > /tmp/delete.$$ << EOF
rip:rawip
consfb:consfb
clone:el
clone:elx
clone:sle
clone:sie
clone:sp
clone:ip
clone:icmp
clone:udp
clone:tcp
clone:rts
clone:arp
clone:ipsecah
clone:ipsecesp
clone:keysock
clone:smc
clone:tr
elx:*
win:*
cmtp:*
profile:profile
asy:[a-z]
asy:[a-z],cu
i2o_bs:*
EOF
}

#
#  If an entry needs to be added to /etc/minor_perm, add the first
#  field of the entry to the list created by this function.  The
#  remainder of the entry will be extracted from the /etc/minor_perm
#  in the package being installed, so it is not necessary to supply
#  it here.
#

make_add_list()
{
cat > /tmp/add.$$ << EOF
vol:volctl
clone:llc1
tnf:tnfctl
tnf:tnfmap
st:*
pm:*
devinfo:devinfo
openeepr:openprom
wc:*
ip:ip
ip6:ip6
icmp:icmp
icmp6:icmp6
udp:udp
udp6:udp6
tcp:tcp
tcp6:tcp6
rts:rts
arp:arp
poll:*
pool:pool
pool:poolctl
cpc:shared
sysmsg:msglog
sysmsg:sysmsg
ipsecah:ipsecah
ipsecesp:ipsecesp
keysock:keysock
spdsock:spdsock
devinfo:devinfo,ro
lofi:*
lofi:ctl
sgen:*
fssnap:*
fssnap:ctl
rsm:*
random:*
mm:allkmem
clone:dnet
dnet:*
clone:elxl
elxl:*
clone:ibd
ibd:*
clone:iprb
iprb:*
clone:pcelx
pcelx:*
clone:spwr
spwr:*
sysevent:*
ramdisk:*
ramdisk:ctl
cryptoadm:cryptoadm
crypto:crypto
dtrace:*
fasttrap:fasttrap
ipf:*
pfil:*
bl:*
sctp:*
sctp6:*
vni:*
cpuid:self
clone:bge
clone:rge
clone:xge
clone:nge
clone:e1000g
clone:chxge
clone:pcn
clone:rtls
clone:ath
clone:ipw
clone:iwi
clone:iwk
clone:pcwl
clone:pcan
clone:ral
clone:rtw
clone:wpi
clone:afe
clone:dmfe
clone:mxfe
bge:*
rge:*
xge:*
nge:*
e1000g:*
chxge:*
pcn:*
rtls:*
ath:*
ipw:*
iwi:*
iwk:*
pcwl:*
pcan:*
ral:*
rtw:*
wpi:*
afe:*
dmfe:*
mxfe:*
bmc:bmc
dld:*
aggr:*
smbios:smbios
zfs:*
zfs:zfs
scsi_vhci:*
kssl:*
fbt:fbt
profile:profile
sdt:sdt
softmac:*
systrace:systrace
lx_ptm:lx_ptmajor
lx_systrace:*
physmem:*
asy:*
asy:*,cu
ucode:*
acpi_drv:*
smbsrv:*
vscan:*
nsmb:*
EOF
}

PATH="/sbin:/usr/sbin:/usr/bin:/usr/sadm/install/bin"
export PATH

# Internal routine to create a sed script which can be used to
# escape all shell globbing metacharacters in a path.

create_esc_sedscript()
{
cat > /tmp/esc.sed.$$ << EOF
s/\*/\\\\*/g
s/\?/\\\\?/g
s/\[/\\\\[/g
s/\]/\\\\]/g
EOF
}

# Internal routine to convert an entry in a /tmp/chwhatever.$$ file to
# an appropriately escaped pattern which can be used to grep into minor_perm.

entry2pattern()
{
	# the first argument is the 'key' field from the change file.
	# entries can contain shell globbing characters to match
	# several devices - hence all the palaver below.

	printf '%s' `echo "$1" | sed \
		-e 's/\*/\\\\*/g'	-e 's/\?/\\\\?/g'	\
		-e 's/\./\\\\./g'	-e 's/\[/\\\\[/g'	\
		-e 's/\]/\\\\]/g'`
	shift

	# the remaining optional arguments are tokens separated by white-space

	if [ $# = 0 ] ; then
		printf '[ \t]'
	else
		while [ -n "$1" ]
		do
			printf '[ \t][ \t]*%s' $1
			shift
		done
		printf '[ \t]*$'
	fi
}

while read src dest
do
	if [ ! -f $dest ] ; then
		cp $src $dest
	else
		rm -f /tmp/*.$$
		create_esc_sedscript
		make_chattr_list
		make_delete_list
		make_add_list

		#
		#  Process the list of devices whose attributes are to be
		#  changed.  Find those that actually need to be
		#  applied to the file.  For each change that needs
		#  to be applied, add an entry for it to the sed
		#  script that will eventually be applied to the
		#  currently-installed /etc/minor_perm file.  Also,
		#  add an entry to the /tmp/chdevs.$$ file, which
		#  contains the list of logical names of devices
		#  whose permissions need to be changed.
		#

		cat /tmp/chattr.$$ | \
		while read key oldp oldu oldg newp newu newg chdevs
		do
			do_chdevs=no

			#
			#  First determine whether the device entry
			#  is already in the file, but with the old
			#  permissions.  If so, the entry needs to be
			#  modified and the devices in the chdevs list
			#  need to have their permissions and ownerships
			#  changed.
			#
			grepstr=`entry2pattern "${key}" $oldp $oldu $oldg`
			if grep "$grepstr" $dest > /dev/null 2>&1; then
				echo "s/${grepstr}/$key $newp $newu $newg/" \
				    >> /tmp/sedscript.$$
				do_chdevs=yes
			fi

			#
			#  Now determine whether the device entry is
			#  in the file at all.  If not, it is a new
			#  entry, but there may already be devices
			#  on the system whose permissions need to
			#  be changed.
			#
			grepstr=`entry2pattern "${key}"`
			grep "${grepstr}" $dest > /dev/null 2>&1
			if [ $? != 0 ] ; then
				do_chdevs=yes
			fi

			if [ $do_chdevs = yes -a "$chdevs" != "" ] ; then
				xchdevs=`echo "$chdevs" | \
				    sed -f /tmp/esc.sed.$$`
				for m in $xchdevs ; do
					echo "$m" $oldp $oldu $oldg \
					    $newp $newu $newg >> /tmp/chdevs.$$
				done
			fi
		done

		# sort the "change attributes" list
		if [ -s /tmp/chdevs.$$ ] ; then
			sort -u /tmp/chdevs.$$ > /tmp/tmp.$$
			mv /tmp/tmp.$$ /tmp/chdevs.$$
		fi

		#
		#  Process the list of devices to be deleted.
		#  Find those that actually need to be deleted
		#  from the file.  For each entry to be deleted,
		#  add an entry for it to the sed script that will
		#  eventually be applied to the  currently-installed
		#  /etc/minor_perm file.  Also, add an entry to the
		#  /tmp/deldevs.$$ file, which contains the list of
		#  logical names of devices to be deleted.
		#

		cat /tmp/delete.$$ | while read key deldevs
		do
			grepstr=`entry2pattern "${key}"`
			if grep "$grepstr" $dest > /dev/null 2>&1; then
				echo "/${grepstr}/d" >> /tmp/sedscript.$$
				if [ "$deldevs" != "" ] ; then
					xdeldevs=`echo "$deldevs" | \
					    sed -f /tmp/esc.sed.$$`
					for m in $xdeldevs ; do
						echo "$m" >> /tmp/deldevs.$$
					done
				fi
			fi
		done
		if [ -s /tmp/deldevs.$$ ] ; then
			sort -u /tmp/deldevs.$$ > /tmp/tmp.$$
			mv /tmp/tmp.$$ /tmp/deldevs.$$
		fi

		#
		#  Apply the sed script possibly built above to the
		#  currently-installed /etc/minor_perm file.
		#

		if [ -s /tmp/sedscript.$$ ] ; then
			sed -f /tmp/sedscript.$$ $dest > /tmp/tmp.$$
			cp /tmp/tmp.$$ $dest
		fi

		#  For all entries in minor_perm whose attributes had
		#  to be corrected, correct the relevant attributes of the
		#  already-existing devices that correspond to those
		#  entries.
		#
		if [ -s /tmp/chdevs.$$ -a "$PKG_INSTALL_ROOT" != ""  -a \
		     "$PKG_INSTALL_ROOT" != "/" ] ; then
			cat /tmp/chdevs.$$ |\
			while read device oldp oldu oldg newp newu newg
			do
				#
				# Note that we take pains -only- to change
				# the permission/ownership of devices that
				# have kept their original permissions.
				#
				for dev in $PKG_INSTALL_ROOT/$device; do
					find $dev -follow -perm $oldp -exec \
					    chmod $newp $dev \; >/dev/null 2>&1
					find $dev -follow -user $oldu -exec \
					    chown $newu $dev \; >/dev/null 2>&1
					find $dev -follow -group $oldg -exec \
					    chgrp $newg $dev \; >/dev/null 2>&1
				done
			done
		fi

		#
		#  For all entries in minor_perm that were deleted,
		#  remove the /dev entries that point to device nodes
		#  that correspond to those entries.
		#
		if [ -s /tmp/deldevs.$$ -a "$PKG_INSTALL_ROOT" != ""  -a \
		     "$PKG_INSTALL_ROOT" != "/" ] ; then
			cat /tmp/deldevs.$$ | while read device
			do
				rm -f $PKG_INSTALL_ROOT/$device
			done
		fi

		cat /tmp/add.$$ | while read key
		do
			grepstr=`entry2pattern "${key}"`
			grep "$grepstr" $dest > /dev/null 2>&1
			if [ $? != 0 ] ; then
				grep "$grepstr" $src >> $dest
			fi
		done

		rm -f /tmp/*.$$
	fi
done

exit 0