Cross Reference: /pkg/src/svc/svc-pkg-server

849N/A#!/usr/bin/ksh -p
661N/A#
661N/A# CDDL HEADER START
661N/A#
661N/A# The contents of this file are subject to the terms of the
661N/A# Common Development and Distribution License (the "License").
661N/A# You may not use this file except in compliance with the License.
661N/A#
661N/A# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
661N/A# or http://www.opensolaris.org/os/licensing.
661N/A# See the License for the specific language governing permissions
661N/A# and limitations under the License.
661N/A#
661N/A# When distributing Covered Code, include this CDDL HEADER in each
661N/A# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
661N/A# If applicable, add the following below this CDDL HEADER, with the
661N/A# fields enclosed by brackets "[]" replaced with your own identifying
661N/A# information: Portions Copyright [yyyy] [name of copyright owner]
661N/A#
661N/A# CDDL HEADER END
661N/A#
3356N/A# Copyright (c) 2009, 2016, Oracle and/or its affiliates. All rights reserved.
1902N/A#
661N/A
661N/A# Load SMF constants and functions
661N/A. /lib/svc/share/smf_include.sh
661N/A
661N/Aif [[ -z "$SMF_FMRI" ]]; then
3356N/A    echo "this script can only be invoked by smf(7)"
661N/A    exit $SMF_EXIT_ERR_NOSMF
661N/Afi
661N/A
661N/Acase "$1" in
661N/A'start')
2852N/A    # Handles server startup
661N/A
1518N/A    # retrieve the pkg_root property. If the variable is left empty
1518N/A    # pkg_root is /
1518N/A    pkg_root=$(svcprop -p pkg/pkg_root $SMF_FMRI)
1518N/A    if [[ $? -ne 0 ]]; then
1518N/A        echo "service property pkg/pkg_root not defined for" \
1518N/A            "service: $SMF_FMRI"
1518N/A        exit $SMF_EXIT_ERR_CONFIG
1518N/A    fi
1518N/A
1518N/A    # make sure pkg_root ends with a /
1518N/A    echo $pkg_root | grep /$ >/dev/null
1518N/A    if [[ $? -ne 0 ]]; then
1518N/A        pkg_root="${pkg_root}/"
1518N/A    fi
1518N/A
2852N/A        # if configured readonly & standalone, refresh the depot service,
2852N/A        # if is is present, and exit immediately as a transient service.
2852N/A        readonly=$(svcprop -p pkg/readonly $SMF_FMRI)
2852N/A        standalone=$(svcprop -p pkg/standalone $SMF_FMRI)
2852N/A        if [[ "$readonly" == "true" ]] && [[ "$standalone" == "false" ]] && \
2852N/A           [[ -f /usr/lib/pkg.depot-config ]]; then
2852N/A                svcadm refresh svc:/application/pkg/depot
2852N/A                svcadm enable svc:/application/pkg/depot
2852N/A                smf_method_exit $SMF_EXIT_TEMP_TRANSIENT \
2852N/A                    "managed_by_depot" \
2852N/A                    "svc:/application/pkg/depot configuration updated."
2852N/A        fi
2852N/A
1518N/A    # adjust the PYTHONPATH to point to the current environment
1527N/A    # we need to make sure to adjust the PYTHONPATH accordingly
3177N/A    # to a Python 2.7 or 3.4 environment
1527N/A    python_ver=$(head -1 ${pkg_root}usr/lib/pkg.depotd 2>/dev/null |
1527N/A        awk -F/ '{print $NF}')
1527N/A    if [[ $python_ver != *python* ]]; then
1527N/A        echo "invalid python version $python_ver found in"
1527N/A        echo "${pkg_root}usr/lib/pkg.depotd"
1527N/A        exit $SMF_EXIT_ERR_FATAL
1527N/A    fi
1527N/A
1527N/A    PYTHONPATH=${pkg_root}usr/lib/${python_ver}/vendor-packages/:$PYTHONPATH
1527N/A
1518N/A    export PYTHONPATH
1518N/A
719N/A    #
719N/A    # If this process has net_privaddr, then we pass it along.
719N/A    # If not, we ensure that we don't specify it, since that will
719N/A    # cause ppriv to throw an error.
719N/A    #
719N/A    privaddr=""
719N/A    ppriv -v $$ | grep 'E: ' | grep net_privaddr > /dev/null 2>&1
719N/A    if [[ $? == 0 ]]; then
849N/A        echo "Dropping net_privaddr privilege."
849N/A        privaddr=",net_privaddr"
719N/A    fi
1976N/A
719N/A    #
1976N/A    # Build up the privileges available starting with "basic".  This
2852N/A    # provides some protection even when pkg.depotd runs as root.
719N/A    #
1976N/A    wrapper="ppriv -s \
1976N/A            A=basic,-file_link_any,-proc_info,-proc_session$privaddr -e"
719N/A
1976N/A    # Build the command to start pkg.depotd.
1976N/A    cmd="$wrapper ${pkg_root}usr/lib/pkg.depotd --cfg $SMF_FMRI"
1976N/A
661N/A    # Echo the command so that the log contains the command used to start
2852N/A    # pkg.depotd.
661N/A    echo $cmd
661N/A
661N/A    exec $cmd
661N/A
661N/A    ;;
775N/A
775N/A'stop')
2852N/A
2852N/A        # if configured readonly & standalone, exit immediately as transient
2852N/A        # unless we've got a running pkg.depotd process, which happens if the
2852N/A        # user has modified the pkg/server configuration, but hasn't restarted
2852N/A        # the server in order to apply those changes.
2852N/A        readonly=$(svcprop -p pkg/readonly $SMF_FMRI)
2852N/A        standalone=$(svcprop -p pkg/standalone $SMF_FMRI)
2852N/A
2852N/A        if [[ "$readonly" == "true" ]] && [[ "$standalone" == "false" ]]  && \
2852N/A            [[ -f /usr/lib/pkg.depot-config ]] ; then
2852N/A                svcadm refresh svc:/application/pkg/depot
2852N/A                if [ -z "$2" ] ; then
2852N/A                        # there's no existing pkg.depotd - we can exit now.
2852N/A                        echo "depot in use, stop method script complete."
2852N/A                        exit $SMF_EXIT_OK
2852N/A                fi
2852N/A        fi
2852N/A
775N/A    #
2852N/A    # Strategy: First, try shutting down pkg.depotd using polite kill.  Use up
775N/A    # as much as possible of the allotted timeout period waiting for polite
775N/A    # kill to take effect.  As time runs out, try a more aggressive kill.
775N/A    #
775N/A    SVC_TIMEOUT=`svcprop -p stop/timeout_seconds $SMF_FMRI`
775N/A    if [[ $? -ne 0 ]]; then
849N/A        echo "service property stop/timeout_seconds not defined" \
849N/A            "for service: $SMF_FMRI"
849N/A        exit $SMF_EXIT_ERR_CONFIG
775N/A    fi
775N/A
775N/A    #
775N/A    # Note that we're working around an oddity in smf_kill_contract: it
775N/A    # waits in 5 second chunks and can overshoot the specified timeout
775N/A    # by as many as 4 seconds.  Example: a specified wait of 6 will result
775N/A    # in a wait of 10 seconds in reality.  Since we may potentially do a
775N/A    # first kill and then a second, we must ensure that at least 8 seconds
775N/A    # of slop is left in reserve.  To be paranoid, we go for 10.
775N/A    #
775N/A    ((POLITE=$SVC_TIMEOUT - 10))
775N/A    if [[ $POLITE -gt 0 ]]; then
849N/A        smf_kill_contract $2 TERM 1 $POLITE
849N/A        ret=$?
849N/A        # '2' indicates timeout with non-empty contract.
849N/A        if [[ $ret -eq 2 ]]; then
1976N/A            echo "Gentle contract kill timed out after" \
1976N/A                "$POLITE seconds, trying SIGKILL." >&2
849N/A            #
849N/A            # Again, despite the specified timeout, this will
849N/A            # take a minimum of 5 seconds to complete.
849N/A            #
849N/A            smf_kill_contract $2 KILL 1 1
849N/A            if [[ $ret -ne 0 ]]; then
849N/A                exit $SMF_EXIT_ERR_FATAL
849N/A            fi
775N/A        fi
775N/A    else
849N/A        # If the timeout is too short, we just try once, politely.
849N/A        smf_kill_contract $2 TERM
775N/A    fi
775N/A    ;;
775N/A
661N/A*)
775N/A    echo "Usage: $0 { start | stop }"
661N/A    exit $SMF_EXIT_ERR_CONFIG
661N/A    ;;
661N/A
661N/Aesac
661N/Aexit $SMF_EXIT_OK