svc-pkg-depot revision 1902
849N/A#!/usr/bin/ksh -p
661N/A#
661N/A# CDDL HEADER START
661N/A#
661N/A# The contents of this file are subject to the terms of the
661N/A# Common Development and Distribution License (the "License").
661N/A# You may not use this file except in compliance with the License.
661N/A#
661N/A# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
661N/A# or http://www.opensolaris.org/os/licensing.
661N/A# See the License for the specific language governing permissions
661N/A# and limitations under the License.
661N/A#
661N/A# When distributing Covered Code, include this CDDL HEADER in each
661N/A# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
661N/A# If applicable, add the following below this CDDL HEADER, with the
661N/A# fields enclosed by brackets "[]" replaced with your own identifying
661N/A# information: Portions Copyright [yyyy] [name of copyright owner]
661N/A#
661N/A# CDDL HEADER END
661N/A#
1902N/A# Copyright (c) 2009, 2010 Oracle and/or its affiliates. All rights reserved.
1902N/A#
661N/A
661N/A# Load SMF constants and functions
661N/A. /lib/svc/share/smf_include.sh
661N/A
661N/Aif [[ -z "$SMF_FMRI" ]]; then
812N/A echo "this script can only be invoked by smf(5)"
661N/A exit $SMF_EXIT_ERR_NOSMF
661N/Afi
661N/A
661N/Acase "$1" in
661N/A'start')
661N/A # Handles depot startup
661N/A
661N/A # boolean_props are properties which are communicated to the depot
661N/A # via a flag being present or absent on the command line.
661N/A boolean_props="mirror readonly"
661N/A set -A boolean_cmd_line "mirror" "readonly"
661N/A
661N/A # short_option_props are properties which are communicated to the depot
661N/A # via a single character flag which takes an argument.
661N/A short_option_props="inst_root port threads socket_timeout"
661N/A set -A short_option_cmd_line "d" "p" "s" "t"
661N/A
661N/A # short_option_props are properties which are communicated to the depot
661N/A # via a long option flag which takes an argument.
1902N/A long_option_props="cfg_file content_root debug file_root log_access \
1902N/A log_errors proxy_base sort_file_max_size ssl_cert_file \
1902N/A ssl_dialog ssl_key_file writable_root"
1475N/A
858N/A set -A long_option_cmd_line "cfg-file" "content-root" "debug" \
1902N/A "file-root" "log-access" "log-errors" "proxy-base" \
1902N/A "sort-file-max-size" "ssl-cert-file" "ssl-dialog" "ssl-key-file" \
1902N/A "writable-root"
661N/A
661N/A bool_ops=""
661N/A option_props=""
661N/A
1518N/A # retrieve the pkg_root property. If the variable is left empty
1518N/A # pkg_root is /
1518N/A pkg_root=$(svcprop -p pkg/pkg_root $SMF_FMRI)
1518N/A if [[ $? -ne 0 ]]; then
1518N/A echo "service property pkg/pkg_root not defined for" \
1518N/A "service: $SMF_FMRI"
1518N/A exit $SMF_EXIT_ERR_CONFIG
1518N/A fi
1518N/A
1518N/A # make sure pkg_root ends with a /
1518N/A echo $pkg_root | grep /$ >/dev/null
1518N/A if [[ $? -ne 0 ]]; then
1518N/A pkg_root="${pkg_root}/"
1518N/A fi
1518N/A
1518N/A # adjust the PYTHONPATH to point to the current environment
1527N/A # we need to make sure to adjust the PYTHONPATH accordingly
1527N/A # to a Python 2.4 or 2.6 environment
1527N/A python_ver=$(head -1 ${pkg_root}usr/lib/pkg.depotd 2>/dev/null |
1527N/A awk -F/ '{print $NF}')
1527N/A if [[ $python_ver != *python* ]]; then
1527N/A echo "invalid python version $python_ver found in"
1527N/A echo "${pkg_root}usr/lib/pkg.depotd"
1527N/A exit $SMF_EXIT_ERR_FATAL
1527N/A fi
1527N/A
1527N/A PYTHONPATH=${pkg_root}usr/lib/${python_ver}/vendor-packages/:$PYTHONPATH
1527N/A
1518N/A export PYTHONPATH
1518N/A
661N/A # Go through each property in boolean_props and, if its value is set
661N/A # to true in SMF, add the appropriate command line flag to the string.
661N/A cnt=0
661N/A for b in $boolean_props; do
849N/A val=$(svcprop -p pkg/$b $SMF_FMRI)
849N/A if [[ $? -ne 0 ]]; then
849N/A echo "service property pkg/$b not defined for" \
849N/A "service: $SMF_FMRI"
849N/A exit $SMF_EXIT_ERR_CONFIG
849N/A fi
849N/A # If the property is set to true, add the flag.
849N/A if [[ $val == 'true' ]]; then
849N/A bool_ops="$bool_ops --${boolean_cmd_line[$cnt]}"
849N/A fi
849N/A cnt=$(($cnt + 1))
661N/A done
661N/A
661N/A # Go through each property in short_option_props and, if its value is
858N/A # set to something other than "", add the appropriate command line
812N/A # flag and argument to the string.
661N/A cnt=0
661N/A for o in $short_option_props; do
849N/A val=$(svcprop -p pkg/$o $SMF_FMRI)
849N/A if [[ $? -ne 0 ]]; then
849N/A echo "service property pkg/$o not defined for" \
849N/A "service: $SMF_FMRI"
849N/A exit $SMF_EXIT_ERR_CONFIG
849N/A fi
849N/A # If the SMF property is set to something other than 'none', add
849N/A # the flag and its argument to the command.
849N/A if [[ $val != '""' ]]; then
849N/A option_ops="$option_ops -${short_option_cmd_line[$cnt]} $val"
849N/A fi
849N/A cnt=$(($cnt + 1))
661N/A done
661N/A
661N/A # Go through each property in long_option_props and, if its value is
858N/A # set to something other than "", add the appropriate command line
812N/A # flag and argument to the string.
661N/A cnt=0
661N/A for o in $long_option_props; do
849N/A val=$(svcprop -p pkg/$o $SMF_FMRI)
849N/A if [[ $? -ne 0 ]]; then
849N/A echo "service property pkg/$o not defined for" \
849N/A "service: $SMF_FMRI"
849N/A exit $SMF_EXIT_ERR_CONFIG
849N/A fi
1518N/A # check if content_root is a relative or absolute path, if
1518N/A # relative append to pkg_root
1518N/A if [[ $o == 'content_root' ]]; then
1518N/A echo $val | grep ^/ >/dev/null
1518N/A if [[ $? -ne 0 ]]; then
1518N/A # pkg_root has been checked to end with a slash
1518N/A val="${pkg_root}$val"
1518N/A fi
1518N/A fi
849N/A # If the SMF property is set to something other than 'none', add
849N/A # the flag and its argument to the command.
849N/A if [[ $o == 'ssl_dialog' && $val == 'smf' ]]; then
849N/A option_ops="$option_ops --${long_option_cmd_line[$cnt]}=smf:$SMF_FMRI"
849N/A elif [[ $val != '""' ]]; then
849N/A option_ops="$option_ops --${long_option_cmd_line[$cnt]}=$val"
849N/A fi
849N/A cnt=$(($cnt + 1))
661N/A done
661N/A
719N/A #
812N/A # Determine if fork and exec are needed.
812N/A #
812N/A need_forkexec="true"
849N/A if [[ $bool_ops == *'--readonly'* ]]; then
849N/A need_forkexec="false"
849N/A echo "option_ops: [$option_ops]"
849N/A if [[ "$option_ops" == *--ssl-dialog=@(smf|exec):* && \
849N/A "$option_ops" == *'--ssl-key-file='* && \
849N/A "$option_ops" != *'--ssl-key-file=none'* ]]; then
849N/A need_forkexec="true"
849N/A fi
981N/A if [[ "$option_ops" == *'--writable-root='* ]]; then
975N/A need_forkexec="true"
975N/A fi
975N/A
812N/A fi
812N/A
812N/A #
812N/A # If we don't need them, drop fork and exec.
719N/A #
719N/A forkexec=""
812N/A if [[ $need_forkexec == 'false' ]]; then
849N/A echo "Dropping fork(2) and exec(2) privileges."
849N/A forkexec=",-proc_fork,-proc_exec"
719N/A fi
719N/A
719N/A #
719N/A # If this process has net_privaddr, then we pass it along.
719N/A # If not, we ensure that we don't specify it, since that will
719N/A # cause ppriv to throw an error.
719N/A #
719N/A privaddr=""
719N/A ppriv -v $$ | grep 'E: ' | grep net_privaddr > /dev/null 2>&1
719N/A if [[ $? == 0 ]]; then
849N/A echo "Dropping net_privaddr privilege."
849N/A privaddr=",net_privaddr"
719N/A fi
719N/A #
719N/A # We build up the privileges available starting with "basic".
719N/A # This provides some protection even when the depot runs as root.
719N/A #
719N/A wrapper="ppriv -s A=basic,-file_link_any,-proc_info,-proc_session$privaddr$forkexec -e"
719N/A
661N/A # Build the command to start pkg.depotd with the specified options.
1518N/A cmd="$wrapper ${pkg_root}usr/lib/pkg.depotd $bool_ops $option_ops"
661N/A # Echo the command so that the log contains the command used to start
661N/A # the depot.
661N/A echo $cmd
661N/A
661N/A exec $cmd
661N/A
661N/A ;;
775N/A
775N/A'stop')
775N/A #
775N/A # Strategy: First, try shutting down depot using polite kill. Use up
775N/A # as much as possible of the allotted timeout period waiting for polite
775N/A # kill to take effect. As time runs out, try a more aggressive kill.
775N/A #
775N/A SVC_TIMEOUT=`svcprop -p stop/timeout_seconds $SMF_FMRI`
775N/A if [[ $? -ne 0 ]]; then
849N/A echo "service property stop/timeout_seconds not defined" \
849N/A "for service: $SMF_FMRI"
849N/A exit $SMF_EXIT_ERR_CONFIG
775N/A fi
775N/A
775N/A #
775N/A # Note that we're working around an oddity in smf_kill_contract: it
775N/A # waits in 5 second chunks and can overshoot the specified timeout
775N/A # by as many as 4 seconds. Example: a specified wait of 6 will result
775N/A # in a wait of 10 seconds in reality. Since we may potentially do a
775N/A # first kill and then a second, we must ensure that at least 8 seconds
775N/A # of slop is left in reserve. To be paranoid, we go for 10.
775N/A #
775N/A ((POLITE=$SVC_TIMEOUT - 10))
775N/A if [[ $POLITE -gt 0 ]]; then
849N/A smf_kill_contract $2 TERM 1 $POLITE
849N/A ret=$?
849N/A # '2' indicates timeout with non-empty contract.
849N/A if [[ $ret -eq 2 ]]; then
849N/A echo "Gentle contract kill timed out after"
849N/A "$POLITE seconds, trying SIGKILL." >&2
849N/A #
849N/A # Again, despite the specified timeout, this will
849N/A # take a minimum of 5 seconds to complete.
849N/A #
849N/A smf_kill_contract $2 KILL 1 1
849N/A if [[ $ret -ne 0 ]]; then
849N/A exit $SMF_EXIT_ERR_FATAL
849N/A fi
775N/A fi
775N/A else
849N/A # If the timeout is too short, we just try once, politely.
849N/A smf_kill_contract $2 TERM
775N/A fi
775N/A ;;
775N/A
661N/A*)
775N/A echo "Usage: $0 { start | stop }"
661N/A exit $SMF_EXIT_ERR_CONFIG
661N/A ;;
661N/A
661N/Aesac
661N/Aexit $SMF_EXIT_OK