OpenSolaris_b135/pkgdefs/SUNWcnetr/postinstall
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
# Copyright 2010 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
#
# Convert datalink configuration into a series of dladm(1M) commands and
# keep them in an upgrade script. This script will then be run in the
# network-physical service.
#
# Note that we cannot use the /var/svc/profile/upgrade script because
# that script is run during manifest-import which is too late for
# datalink configuration.
#
UPGRADE_SCRIPT=/var/svc/profile/upgrade_datalink
AGGR_CONF=/etc/aggregation.conf
ORIG=$BASEDIR/$AGGR_CONF
if [ ! -f "${ORIG}" ]; then
# Try the alternate location.
AGGR_CONF=/etc/dladm/aggregation.conf
ORIG=$BASEDIR/$AGGR_CONF
fi
# Now upgrade aggregation.conf to the new format.
if [ -f "${ORIG}" ]; then
# Strip off comments, then each remaining line defines an
# aggregation the admnistrator configured on the old system.
# Each line corresponds to one dladm command that is appended
# to the upgrade script.
cat $ORIG | grep '^[^#]' | while read line; do
echo $line | while read aggr_index rest
do
policy=`echo $rest | /usr/bin/awk '{print $1}'`
nports=`echo $rest | /usr/bin/awk '{print $2}'`
ports=`echo $rest | /usr/bin/awk '{print $3}'`
mac=`echo $rest | /usr/bin/awk '{print $4}'`
lacp_mode=`echo $rest | /usr/bin/awk '{print $5}'`
lacp_timer=`echo $rest | /usr/bin/awk '{print $6}'`
dladm_string="dladm create-aggr -P $policy -l \
$lacp_mode -T $lacp_timer"
# A fixed MAC address
if [ "${mac}" != "auto" ]; then
dladm_string="$dladm_string -u $mac"
fi
i=1
while [ $i -le "${nports}" ]; do
device=`echo $ports | cut -d, -f$i`
# Older aggregation.conf files have the format
# of device_name/port_number. We don't need
# the port number, so get rid of it if it is
# there.
device=`echo $device | cut -d/ -f1`
i=`expr $i + 1`
dladm_string="$dladm_string -d $device"
done
dladm_string="$dladm_string $aggr_index"
echo $dladm_string >> \
${PKG_INSTALL_ROOT}/$UPGRADE_SCRIPT
done
done
# no longer needed, get rid of it.
rm -f $ORIG
removef $PKGINST $AGGR_CONF > /dev/null
removef -f $PKGINST > /dev/null 2>&1
fi
# Upgrade linkprop.conf
ORIG=$BASEDIR/etc/dladm/linkprop.conf
if [ -f "${ORIG}" ]; then
# Strip off comments, then each remaining line lists properties
# the administrator configured for a particular interface.
# Each line includes several properties, but we can only set
# one property per dladm invocation.
cat $ORIG | grep '^[^#]' | while read line; do
echo $line | while read link rest
do
while [ -n "${rest}" ]; do
linkprop=`echo $rest | cut -d";" -f1`
rest=`echo $rest | cut -d";" -f2-`
echo dladm set-linkprop -p $linkprop $link >> \
${PKG_INSTALL_ROOT}/$UPGRADE_SCRIPT
done
done
done
# no longer needed, get rid of it
rm -f $ORIG
removef $PKGINST /etc/dladm/linkprop.conf > /dev/null
removef -f $PKGINST > /dev/null 2>&1
fi
# Convert (hostname|hostname6|dhcp).xxx and zonecfg vlan entries
for iftype in hostname hostname6 dhcp
do
interface_names="`echo $rootprefix/etc/$iftype.*[0-9] 2>/dev/null`"
if [ "$interface_names" != "$rootprefix/etc/$iftype.*[0-9]" ]; then
ORIGIFS="$IFS"
IFS="$IFS."
set -- $interface_names
IFS="$ORIGIFS"
while [ $# -ge 2 ]; do
shift
if [ $# -gt 1 -a \
"$2" != "$rootprefix/etc/$iftype" ]; then
while [ $# -gt 1 -a \
"$1" != "$rootprefix/etc/$iftype" ]; do
shift
done
else
host_ifs="$host_ifs $1"
shift
fi
done
fi
done
zones=`zoneadm list -c | grep -v global`
for zone in $zones
do
zonecfg -z $zone info ip-type | grep exclusive >/dev/null
if [ $? -eq 0 ]; then
zif=`zonecfg -z $zone info net | grep physical | \
nawk '{print $2}'`
zone_ifs="$zone_ifs $zif"
fi
done
ORIG=$BASEDIR/etc/dladm/datalink.conf
for ifname in $host_ifs $zone_ifs
do
grep $ifname $ORIG >/dev/null
if [ $? != 0 ]; then
phys=`echo $ifname | sed "s/[0-9]*$//"`
devnum=`echo $ifname | sed "s/$phys//g"`
if [ "$phys$devnum" != $ifname -o \
-n "`echo $devnum | tr -d '[0-9]'`" ]; then
echo "skipping invalid interface $ifname"
continue
fi
vid=`expr $devnum / 1000`
inst=`expr $devnum % 1000`
if [ "$vid" != "0" ]; then
echo dladm create-vlan -l $phys$inst -v $vid \
$ifname >> ${PKG_INSTALL_ROOT}/$UPGRADE_SCRIPT
if [ "$vid" != "1" ]; then
continue
fi
# If default PVID VLAN 1 is in use then warn
# the user and force PVID to zero.
echo "Warning: default VLAN tag set to 0 on $ifname"
echo dladm set-linkprop -p default_tag=0 \
$ifname >> ${PKG_INSTALL_ROOT}/$UPGRADE_SCRIPT
fi
fi
done
#
# Change permissions of public IKE certificates and CRLs
# that may have been incorrectly created as private
# PKCS#11 hints files must be left root-only readable.
# Make sure this files starts with "30 82"
#
for file in `ls ${PKG_INSTALL_ROOT}/etc/inet/ike/crls/* \
${PKG_INSTALL_ROOT}/etc/inet/ike/publickeys/* 2>/dev/null`; do
if dd if=$file count=2 bs=1 2>/dev/null | cat -v | \
grep "0M-^B" >/dev/null 2>&1
then
chmod 644 $file
fi
done
#
# Change group and permissions of /etc/dladm/*.conf config files.
# secobj.conf changes permissions and group. The rest only change the group.
#
DLADM_PATH="${PKG_INSTALL_ROOT}/etc/dladm"
DLADM_FILES="${DLADM_PATH}/datalink.conf ${DLADM_PATH}/flowadm.conf \
${DLADM_PATH}/flowprop.conf ${DLADM_PATH}/secobj.conf"
chgrp netadm ${DLADM_FILES}
chmod 660 ${DLADM_PATH}/secobj.conf
exit 0