OpenSolaris_b135/cmd/vntsd/svc-vntsd

#!/sbin/sh
#
# Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
# Use is subject to license terms.
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
# Start script for vntsd
#
# For modifying parameters passed to vntsd, do not edit
# this script. Instead use svccfg(1m) to modify the SMF
# repository. For example:
#
# svccfg
# svc:> select ldoms/vntsd
# svc:/ldoms/vntsd> setprop vntsd/vcc_device = "virtual-console-concentrator@1"
# svc:/ldoms/vntsd> setprop vntsd/listen_addr = "192.168.1.1"
# svc:/ldoms/vntsd> setprop vntsd/authorization="true"
# svc:/ldoms/vntsd> exit

. /lib/svc/share/smf_include.sh

AUTH_ATTR=/etc/security/auth_attr
USER_ATTR=/etc/user_attr
GREP=/usr/bin/grep
CAT=/usr/bin/cat
ED=/usr/bin/ed
SVCCFG=/usr/sbin/svccfg
SVCPROP=/bin/svcprop

#
# Add LDoms vntsd authorization entries to etc/security/auth_attr if not
# present. These define authorizations used by LDoms vntsd daemon.
#
add_auth_entries()
{
	# Add entries to auth_attr file, if needed
	$GREP '^solaris.vntsd.:' ${AUTH_ATTR} >/dev/null 2>&1
	if  [ $? -ne 0 ] ; then
		$CAT >>${AUTH_ATTR} << EOF
# Added by svc-vntsd
solaris.vntsd.:::LDoms vntsd Administration::
solaris.vntsd.grant:::Delegate LDoms vntsd Administration::
solaris.vntsd.consoles:::Access All LDoms Guest Consoles::
# End of svc-vntsd
EOF
	fi
}

#
# Add a LDoms user/role entry to etc/user_attr if not present.
# This defines user/role used by useradd or roleadd.
#
add_user_entries()
{
	#
	# Add entries to user_attr file, if needed.
	#
	$GREP 'solaris.vntsd.grant' ${USER_ATTR} >/dev/null 2>&1

	if  [ $? -ne 0 ] ; then

		$GREP '^root' ${USER_ATTR} | $GREP 'auths=' >/dev/null 2>&1
		if  [ $? -eq 0 ] ; then
		    #
		    # Add vntsd attribute to an existing root entry.
		    #
		    $ED -s ${USER_ATTR} <<- EOF > /dev/null 2>&1
			g/^root.*auths\=/s/^roo.*auths\=/&solaris.vntsd.grant,/
			w
			q
			EOF
		else 
		    #
		    # Add a root entry with vntsd attribute. 
		    #
		    $CAT >>${USER_ATTR} << EOF
# Added by svc-vntsd
root::::type=normal;auths=solaris.vntsd.grant;lock_after_retries=0
# End of svc-vntsd
EOF
		fi
	fi
}

#
# Update 'vntsd' authorizations in the relevant files. Note that adding these
# entries from this smf script rather than from the pkg install scripts,
# ensures that they are added only if the vntsd service is being enabled; and
# hence avoids adding these entries unnecessarily into client guest domains.
# The functions check before adding, that the entries are not already present.
#
add_auth_entries
add_user_entries

vcc_device=`$SVCPROP -p vntsd/vcc_device $SMF_FMRI 2>/dev/null`
if [ -z "$vcc_device" ]; then
	vcc_device="virtual-console-concentrator@0"
fi
args="-i $vcc_device"

listen_addr=`$SVCPROP -p vntsd/listen_addr $SMF_FMRI 2>/dev/null`
if [ -n "$listen_addr" ]; then
	args="$args -p $listen_addr"
fi

timeout=`$SVCPROP -p vntsd/timeout_minutes $SMF_FMRI 2>/dev/null`
if [ -n "$timeout" ]; then
	args="$args -t $timeout"
fi

auth=`$SVCPROP -p vntsd/authorization $SMF_FMRI 2>/dev/null`
if [ "$auth" = "true" ]; then
	args="$args -A"
fi

#
# If we don't have a vcc device we don't want to try to start vntsd. By default
# newer versions of the factory settings will try to start vntsd by default.
# Since we may be installed on a machine with an older firmware we need to make
# sure that we don't try to start if the virtual console concentrator is not
# present.
#
VNTSD_DEV='/devices/virtual-devices@100/channel-devices@200/virtual-console-concentrator@0:ctl'
if [ ! -c "$VNTSD_DEV" ]; then
	echo "The Virtual Network Terminal Server service has been disabled" \
	    "because the system has no virtual console concentrator (vcc)" \
	    "device."
	/usr/sbin/svcadm disable -t "$SMF_FMRI"
	sleep 5 &
	exit $SMF_EXIT_OK
fi

if [ -x /usr/lib/ldoms/vntsd ]; then
    /usr/lib/ldoms/vntsd $args
    rc=$?
    if [ $rc -ne 0 ]; then
	# if vntsd exited in error with status 1, let SMF restart it
	# otherwise we want it to go into maintenance.
	if [ $rc -eq 1 ]; then
	    exit $SMF_ERR_OTHER
	else
	    exit $SMF_ERR_FATAL
	fi
    fi
else
    echo "WARNING: /usr/lib/ldoms/vntsd is missing or not executable" >& 2
    exit $SMF_EXIT_ERR_CONFIG
fi

exit $SMF_EXIT_OK