pkgdefs/common_files/i.minorperm_sparc

	i.minorperm_sparc revision d62bc4badc1c1f1549c961cfb8b420e650e1272b
148N/A#! /bin/sh
148N/A#
148N/A# CDDL HEADER START
148N/A#
148N/A# The contents of this file are subject to the terms of the
148N/A# Common Development and Distribution License (the "License").
148N/A# You may not use this file except in compliance with the License.
148N/A#
148N/A# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
148N/A# or http://www.opensolaris.org/os/licensing.
148N/A# See the License for the specific language governing permissions
148N/A# and limitations under the License.
148N/A#
148N/A# When distributing Covered Code, include this CDDL HEADER in each
148N/A# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
148N/A# If applicable, add the following below this CDDL HEADER, with the
148N/A# fields enclosed by brackets "[]" replaced with your own identifying
148N/A# information: Portions Copyright [yyyy] [name of copyright owner]
148N/A#
148N/A# CDDL HEADER END
148N/A#
148N/A
690N/A#
148N/A# Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
148N/A# Use is subject to license terms.
148N/A#
148N/A# ident	"%Z%%M%	%I%	%E% SMI"
148N/A#
1316N/A
618N/A#
148N/A#  NOTE:  When a change is made to the source file for
148N/A#  /etc/minor_perm, a corresponding change must be made to
844N/A#  this class-action script.
1316N/A#
148N/A#  -	If an existing entry in minor_perm is having its
1273N/A#	attributes e.g. permissions, ownership changed,
148N/A#	add it to the list produced by make_chattr_list below.
1002N/A#
1316N/A#  -	If an existing entry must be deleted, add it to
1002N/A#	the list produced by make_delete_list below.
1316N/A#
1002N/A#  -	If a new entry must be added to the file, add it to the
1002N/A#	list produced by make_add_list.
148N/A#
148N/A#  -	If a new entry is being added to minor_perm, but there
148N/A#	may already be devices of that name on the system (e.g.
181N/A#	we used the system default permissions in a previous release),
148N/A#	and those old devices now need to have their attributes changed,
148N/A#	add it to the make_chattr_list AND the make_add_list lists
148N/A#
148N/A
148N/A#
148N/A#  If an entry in /etc/minor_perm needs to have its attributes
148N/A#  changed, identify the entry in the list copied to /etc/chattr.$$
148N/A#  by this function.   The fields are:
1316N/A#
1316N/A#  <device>:<minor> <old_attrs> <new_attrs> <optional list of logical
148N/A#					      devices whose attributes
148N/A#					      will need to be changed>
148N/A#
148N/A#  where an <attribute list> := <perm> <user> <group>
690N/A#
148N/A
727N/Amake_chattr_list() {
727N/Acat > /tmp/chattr.$$ << EOF
822N/Aaudio:*				0666 root sys 0600 root sys	/dev/sound/*
822N/Avol:volctl			0600 root sys 0666 root sys	/dev/volctl
727N/Asad:user			0600 root sys 0666 root sys	/dev/sad/user
727N/Ase:*				0666 root sys 0600 uucp uucp	/dev/cua/*
727N/Azs:*				0666 root sys 0600 uucp uucp	/dev/cua/*
727N/Asu:*				0666 root sys 0600 uucp uucp	/dev/cua/*
822N/Assd:*			0666 root sys 0640 root sys	/dev/dsk/* /dev/rdsk/*
727N/Adad:*			0600 root sys 0640 root sys	/dev/dsk/* /dev/rdsk/*
1316N/Acpc:*			0600 root sys 0666 root sys	/devices/pseudo/cpc*
727N/Alog:conslog			0622 root sys 0666 root sys	/dev/conslog
148N/Asy:tty				0666 root sys 0666 root tty	/dev/tty
148N/Acvc:*				0666 root sys 0600 root sys
148N/Acvcredir:*			0666 root sys 0600 root sys
148N/Assm:*				0600 root sys 0640 root sys	/devices/ssm*:*
560N/Aicmp:icmp			0600 root sys 0666 root sys	/dev/rawip
727N/Aicmp6:icmp6			0600 root sys 0666 root sys	/dev/rawip6
148N/Aip:ip				0660 root sys 0666 root sys	/dev/ip
181N/Aip6:ip6				0660 root sys 0666 root sys	/dev/ip6
148N/Arts:rts				0660 root sys 0666 root sys	/dev/rts
148N/Akeysock:keysock			0600 root sys 0666 root sys	/dev/keysock
148N/Aipsecah:ipsecah			0600 root sys 0666 root sys	/dev/ipsecah
148N/Aipsecesp:ipsecesp		0600 root sys 0666 root sys	/dev/ipsecesp
spdsock:spdsock			0600 root sys 0666 root sys	/dev/spdsock
sad:admin			0600 root sys 0666 root sys	/dev/sad/admin
fssnap:ctl			0600 root sys 0666 root sys	/dev/fssnapctl
fssnap:*			0600 root sys 0640 root sys	/dev/fssnap/*
clone:ce			0600 root sys 0666 root sys	/dev/ce
clone:eri			0600 root sys 0666 root sys	/dev/eri
clone:ge			0600 root sys 0666 root sys	/dev/ge
clone:hme			0600 root sys 0666 root sys	/dev/hme
clone:qfe			0600 root sys 0666 root sys	/dev/qfe
clone:bge			0600 root sys 0666 root sys	/dev/bge
clone:rge			0600 root sys 0666 root sys	/dev/rge
clone:xge			0600 root sys 0666 root sys	/dev/xge
clone:nge			0600 root sys 0666 root sys	/dev/nge
clone:e1000g			0666 root root 0666 root sys	/dev/e1000g
clone:chxge			0600 root sys 0666 root sys	/dev/chxge
clone:vsw			0600 root sys 0666 root sys	/dev/vsw
clone:vnet			0600 root sys 0666 root sys	/dev/vnet
clone:pcwl                      0600 root sys 0666 root sys     /dev/pcwl
clone:pcan			0600 root sys 0666 root sys     /dev/pcan
clone:afe			0600 root sys 0666 root sys     /dev/afe
clone:mxfe			0600 root sys 0666 root sys     /dev/mxfe
clone:rtls			0600 root sys 0666 root sys     /dev/rtls
bge:*				0600 root sys 0666 root sys	/dev/bge*
rge:*				0600 root sys 0666 root sys	/dev/rge*
xge:*				0600 root sys 0666 root sys	/dev/xge*
nge:*				0600 root sys 0666 root sys	/dev/nge*
e1000g:*			0666 root root 0666 root sys	/dev/e1000g*
chxge:*				0600 root sys 0666 root sys	/dev/chxge*
vsw:*				0600 root sys 0666 root sys	/dev/vsw*
vnet:*				0600 root sys 0666 root sys	/dev/vnet*
pcwl:*                          0600 root sys 0666 root sys     /dev/pcwl*
pcan:*                          0600 root sys 0666 root sys     /dev/pcan*
clone:dmfe			0600 root sys 0666 root sys	/dev/dmfe
dmfe:*				0600 root sys 0666 root sys	/dev/dmfe*
clone:pcelx			0600 root sys 0666 root sys	/dev/pcelx
pcelx:*				0600 root sys 0666 root sys	/dev/pcelx*
afe:*				0600 root sys 0666 root sys	/dev/afe*
mxfe:*				0600 root sys 0666 root sys	/dev/mxfe*
rtls:*				0600 root sys 0666 root sys	/dev/rtls*
ipf:*				0600 root sys 0666 root sys	/dev/ipf
pfil:*				0600 root sys 0666 root sys	/dev/pfil
scsi_vhci:devctl	0600 root sys 0666 root sys /devices/scsi_vhci:devctl
fbt:fbt			0600 root sys 0644 root sys /dev/dtrace/provider/fbt
lockstat:*		0600 root sys 0644 root sys /dev/dtrace/provider/lockstat
profile:profile		0600 root sys 0644 root sys /dev/dtrace/provider/profile
sdt:sdt			0600 root sys 0644 root sys /dev/dtrace/provider/sdt
systrace:systrace	0600 root sys 0644 root sys /dev/dtrace/provider/systrace
EOF
}


#
#  If an entry in /etc/minor_perm needs to be deleted, identify
#  the entry in the list copied to /etc/delete.$$ by this function.
#  The fields are:
#
#  <device>:<minor>  <optional list of logical devices to be deleted>
#

make_delete_list() {
cat > /tmp/delete.$$ << EOF
mm:mbio /dev/mbio /devices/pseudo/mm:mbio
mm:mbmem /dev/mbmem /devices/pseudo/mm:mbmem
clone:amd,0,aux,audio
sw:drum
rip:rawip
zs:*
consfb:consfb
win:*
rtvc:*
gt:*
mic:*
cgeight-p4:*
cgfour:*
cgtwo:*
id:*
xd:*
xt:*
xy:*
ie:*
be:*
se:ucm
se:ucmctl
clone:arp
clone:icmp
clone:ip
clone:tcp
clone:udp
clone:rts
clone:ipsecah
clone:ipsecesp
clone:keysock
clone:le
su:*
profile:profile
clone:qe
cgfourteen:*
cgeight:*
SUNW,sx:*
sx_cmem:*
stc:*
dbri:*
SUNW,DBRId:*
SUNW,DBRIe:*
SUNW,DBRIf:*
EOF
}

#
#  If an entry needs to be added to /etc/minor_perm, add the first
#  field of the entry to the list created by this function.  The
#  remainder of the entry will be extracted from the /etc/minor_perm
#  in the package being installed, so it is not necessary to supply
#  it here.
#

make_add_list() {
cat > /tmp/add.$$ << EOF
clone:llc1
stc:*
mcpzsa:*
mcpp:*
vol:volctl
tl:*
tnf:tnfctl
tnf:tnfmap
zs:[a-z]
zs:[a-z],cu
sad:user
se:*
su:[a-z]
su:[a-z],cu
su:ssp
su:sspctl
fdthree:*
ssd:*
dad:*
pm:*
tod:*
SUNW,pmc:*
SUNW,mic:*
SUNW,fas:devctl
cvc:*
cvcredir:*
devinfo:devinfo
envctrltwo:*
se:[a-h]
se:[a-h],cu
se:[0-7],hdlc
se:ssp
se:sspctl
clone:hme
clone:eri
wc:*
arp:arp
icmp:icmp
icmp6:icmp6
ip:ip
ip6:ip6
tcp:tcp
tcp6:tcp6
udp:udp
udp6:udp6
rts:rts
poll:*
pool:pool
pool:poolctl
cpc:shared
sysmsg:msglog
sysmsg:sysmsg
ipsecah:ipsecah
ipsecesp:ipsecesp
keysock:keysock
spdsock:spdsock
devinfo:devinfo,ro
lofi:*
lofi:ctl
sgen:*
fssnap:*
fssnap:ctl
pcf8574:*
pcf8591:*
gpio_87317:*
rsm:*
random:*
mm:allkmem
ssm:*
bscv:*
clone:bge
clone:rge
clone:xge
clone:nge
clone:e1000g
clone:chxge
clone:vsw
clone:vnet
clone:pcwl
clone:pcan
clone:afe
clone:mxfe
clone:rtls
bge:*
rge:*
xge:*
nge:*
e1000g:*
chxge:*
vsw:*
vnet:*
pcwl:*
pcan:*
afe:*
mxfe:*
rtls:*
clone:dmfe
dmfe:*
clone:pcelx
pcelx:*
clone:ibd
ibd:*
sysevent:*
ramdisk:*
ramdisk:ctl
cryptoadm:cryptoadm
crypto:crypto
dtrace:*
fasttrap:fasttrap
ipf:*
pfil:*
bl:*
sctp:*
sctp6:*
vni:*
cpuid:self
ntwdt:*
dld:*
aggr:*
mdesc:*
zfs:*
zfs:zfs
scsi_vhci:*
kssl:*
fbt:fbt
profile:profile
sdt:sdt
softmac:*
systrace:systrace
physmem:*
smbsrv:*
vscan:*
EOF
}

PATH="/sbin:/usr/sbin:/usr/bin:/usr/sadm/install/bin"
export PATH

# Internal routine to create a sed script which can be used to
# escape all shell globbing metacharacters in a path.

create_esc_sedscript()
{
cat > /tmp/esc.sed.$$ << EOF
s/\*/\\\\*/g
s/\?/\\\\?/g
s/\[/\\\\[/g
s/\]/\\\\]/g
EOF
}

# Internal routine to convert an entry in a /tmp/chwhatever.$$ file to
# an appropriately escaped pattern which can be used to grep into minor_perm.

entry2pattern()
{
	# the first argument is the 'key' field from the change file.
	# entries can contain shell globbing characters to match
	# several devices - hence all the palaver below.

	printf '%s' `echo "$1" | sed \
		-e 's/\*/\\\\*/g'	-e 's/\?/\\\\?/g'	\
		-e 's/\./\\\\./g'	-e 's/\[/\\\\[/g'	\
		-e 's/\]/\\\\]/g'`
	shift

	# the remaining optional arguments are tokens separated by white-space

	if [ $# = 0 ] ; then
		printf '[ \t]'
	else
		while [ -n "$1" ]
		do
			printf '[ \t][ \t]*%s' $1
			shift
		done
		printf '[ \t]*$'
	fi
}

while read src dest
do
	if [ ! -f $dest ] ; then
		cp $src $dest
	else
		rm -f /tmp/*.$$
		create_esc_sedscript
		make_chattr_list
		make_delete_list
		make_add_list

		#
		#  Process the list of devices whose attributes are to be
		#  changed.  Find those that actually need to be
		#  applied to the file.  For each change that needs
		#  to be applied, add an entry for it to the sed
		#  script that will eventually be applied to the
		#  currently-installed /etc/minor_perm file.  Also,
		#  add an entry to the /tmp/chdevs.$$ file, which
		#  contains the list of logical names of devices
		#  whose permissions need to be changed.
		#

		cat /tmp/chattr.$$ | \
		while read key oldp oldu oldg newp newu newg chdevs
		do
			do_chdevs=no

			#
			#  First determine whether the device entry
			#  is already in the file, but with the old
			#  permissions.  If so, the entry needs to be
			#  modified and the devices in the chdevs list
			#  need to have their permissions and ownerships
			#  changed.
			#
			grepstr=`entry2pattern "${key}" $oldp $oldu $oldg`
			if grep "$grepstr" $dest > /dev/null 2>&1; then
				echo "s/${grepstr}/$key $newp $newu $newg/" \
				    >> /tmp/sedscript.$$
				do_chdevs=yes
			fi

			#
			#  Now determine whether the device entry is
			#  in the file at all.  If not, it is a new
			#  entry, but there may already be devices
			#  on the system whose permissions need to
			#  be changed.
			#
			grepstr=`entry2pattern "${key}"`
			grep "${grepstr}" $dest > /dev/null 2>&1
			if [ $? != 0 ] ; then
				do_chdevs=yes
			fi

			if [ $do_chdevs = yes -a "$chdevs" != "" ] ; then
				xchdevs=`echo "$chdevs" | \
				    sed -f /tmp/esc.sed.$$`
				for m in $xchdevs ; do
					echo "$m" $oldp $oldu $oldg \
					    $newp $newu $newg >> /tmp/chdevs.$$
				done
			fi
		done

		#
		#  Make sure /dev/volctl gets its permissions corrected.
		#  (systems upgraded from 2.2 to 2.3 may have a correct
		#  entry for /dev/volctl in the /etc/minor_perm file
		#  but the actual /dev/volctl node may have the wrong
		#  permissions.)
		#

		echo /dev/volctl 0600 root sys 0666 root sys >> /tmp/chdevs.$$

		if [ -s /tmp/chdevs.$$ ] ; then
			sort -u /tmp/chdevs.$$ > /tmp/tmp.$$
			mv /tmp/tmp.$$ /tmp/chdevs.$$
		fi

		#
		#  Process the list of devices to be deleted.
		#  Find those that actually need to be deleted
		#  from the file.  For each entry to be deleted,
		#  add an entry for it to the sed script that will
		#  eventually be applied to the  currently-installed
		#  /etc/minor_perm file.  Also, add an entry to the
		#  /tmp/deldevs.$$ file, which contains the list of
		#  logical names of devices to be deleted.
		#

		cat /tmp/delete.$$ | while read key deldevs
		do
			grepstr=`entry2pattern "${key}"`
			if grep "$grepstr" $dest > /dev/null 2>&1; then
				echo "/${grepstr}/d" >> /tmp/sedscript.$$
				if [ "$deldevs" != "" ] ; then
					xdeldevs=`echo "$deldevs" | \
					    sed -f /tmp/esc.sed.$$`
					for m in $xdeldevs ; do
						echo "$m" >> /tmp/deldevs.$$
					done
				fi
			fi
		done
		if [ -s /tmp/deldevs.$$ ] ; then
			sort -u /tmp/deldevs.$$ > /tmp/tmp.$$
			mv /tmp/tmp.$$ /tmp/deldevs.$$
		fi

		#
		#  Apply the sed script built above to the
		#  currently-installed /etc/minor_perm file.
		#

		if [ -s /tmp/sedscript.$$ ] ; then
			sed -f /tmp/sedscript.$$ $dest > /tmp/tmp.$$
			cp /tmp/tmp.$$ $dest
		fi

		#
		#  Special case code to handle bug in 2.1, 2.2, and
		#  early 2.3 releases:  the link from /dev/sound/*
		#  has one extra set of "../"'s in the link.  This
		#  doesn't cause problems in normal operation
		#  because ".."'s that would take the search path
		#  higher than the real root are ignored.  However,
		#  during upgrade, when the system being upgraded is
		#  mounted at /a, the extra ".." in the link causes
		#  the link to be unresolvable.  The link must be
		#  corrected so that the chmod of /dev/sound/*
		#  works.
		#

		if [ "$PKG_INSTALL_ROOT" != "" -a "$PKG_INSTALL_ROOT" != "/" ]
		then
			for i in $PKG_INSTALL_ROOT/dev/sound/* ; do
				if [ "$i" = "$PKG_INSTALL_ROOT/dev/sound/*" ]
				then
					break;
				fi

				# if it's not a symlink, continue
				if [ ! -h $i ] ; then
					continue
				fi

				ls -L $i >/dev/null 2>&1
				if [ $? = 0 ] ; then
					#  link is already OK
					continue
				fi

				# otherwise, link can't be followed

				# build the correct link
				link=`ls -l $i | sed 's,.* ,,'`
				link=`expr $link : '\.\.\/\(.*\)'`
				if [ "$link" = "" ] ; then
					continue;
				fi

				# build a test link
				rm -f $PKG_INSTALL_ROOT/dev/sound/test.$$
				ln -s $link $PKG_INSTALL_ROOT/dev/sound/test.$$

				# test the link
				ls -L $PKG_INSTALL_ROOT/dev/sound/test.$$ \
					>/dev/null 2>&1

				# it worked, so replace old link with new
				if [ $? = 0 ] ; then
					rm -f $i
					ln -s $link $i
				fi
				rm -f $PKG_INSTALL_ROOT/dev/sound/test.$$
			done
		fi

		#  For all entries in minor_perm whose attributes had
		#  to be corrected, correct the relevant attributes of the
		#  already-existing devices that correspond to those
		#  entries.
		#
		if [ -s /tmp/chdevs.$$ -a "$PKG_INSTALL_ROOT" != ""  -a \
		     "$PKG_INSTALL_ROOT" != "/" ] ; then
			cat /tmp/chdevs.$$ |\
			while read device oldp oldu oldg newp newu newg
			do
				#
				# Note that we take pains -only- to change
				# the permission/ownership of devices that
				# have kept their original permissions.
				#
				for dev in $PKG_INSTALL_ROOT/$device; do
					find $dev -follow -perm $oldp -exec \
					    chmod $newp $dev \; >/dev/null 2>&1
					find $dev -follow -user $oldu -exec \
					    chown $newu $dev \; >/dev/null 2>&1
					find $dev -follow -group $oldg -exec \
					    chgrp $newg $dev \; >/dev/null 2>&1
				done
			done
		fi

		#
		#  For all entries in minor_perm that were deleted,
		#  remove the /dev entries that point to device nodes
		#  that correspond to those entries.
		#
		if [ -s /tmp/deldevs.$$ -a "$PKG_INSTALL_ROOT" != ""  -a \
		     "$PKG_INSTALL_ROOT" != "/" ] ; then
			cat /tmp/deldevs.$$ | while read device
			do
				rm -f $PKG_INSTALL_ROOT/$device
			done
		fi


		cat /tmp/add.$$ | while read key
		do
			grepstr=`entry2pattern "${key}"`
			grep "$grepstr" $dest > /dev/null 2>&1
			if [ $? != 0 ] ; then
				grep "$grepstr" $src >> $dest
			fi
		done

		rm -f /tmp/*.$$
	fi
done

exit 0