1 #!/bin/sh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 # 23 # Copyright 2010 Sun Microsystems, Inc. All rights reserved. 24 # Use is subject to license terms. 25 # 26 # NOTE: When a change is made to the source file for 27 # /etc/security/device_policy a corresponding change must be made to 28 # this class-action script. 29 # 30 while read src dest 31 do 32 if [ ! -f $dest ] ; then 33 cp $src $dest 34 continue 35 fi 36 37 # changes 38 cp $dest $dest.$$ 39 sed < $dest.$$ > $dest \ 40 -e '/^sctp6\{0,1\}[ ]/'d \ 41 -e '/^sdp6\{0,1\}[ ]/'d \ 42 -e '/^tcp6\{0,1\}[ ]/'d \ 43 -e '/^udp6\{0,1\}[ ]/'d \ 44 -e '/md:admin/s/read_priv_set=sys_config/ /' \ 45 -e '/^icmp[ ]*read_priv_set=net_rawaccess[ ]*write_priv_set=net_rawaccess$/d' \ 46 -e '/^icmp6[ ]*read_priv_set=net_rawaccess[ ]*write_priv_set=net_rawaccess$/d' \ 47 -e '/^keysock[ ]*read_priv_set=sys_net_config[ ]*write_priv_set=sys_net_config$/d' \ 48 -e '/^ipsecah[ ]*read_priv_set=sys_net_config[ ]*write_priv_set=sys_net_config$/d' \ 49 -e '/^ipsecesp[ ]*read_priv_set=sys_net_config[ ]*write_priv_set=sys_net_config$/d' \ 50 -e '/^spdsock[ ]*read_priv_set=sys_net_config[ ]*write_priv_set=sys_net_config$/d' \ 51 -e '/^ipf[ ]*read_priv_set=sys_net_config[ ]*write_priv_set=sys_net_config$/d' \ 52 -e '/^sad:admin[ ]*read_priv_set=sys_config[ ]*write_priv_set=sys_config$/d' 53 54 rm -f $dest.$$ 55 56 # potential additions 57 additions="bridge keysock icmp icmp6 ipnet ipsecah ipsecesp openeepr random spdsock ipf pfil scsi_vhci" 58 59 for dev in $additions 60 do 61 # if an entry for this driver exists in the source 62 # file... 63 grep "^$dev[ ]" $src > /dev/null 2>&1 64 if [ $? = 0 ] ; then 65 # ...and no entry exists in the destination 66 # file... 67 grep "^$dev[ ]" $dest > /dev/null 2>&1 68 if [ $? != 0 ] ; then 69 # ...then add the entry from 70 # the source file to the 71 # destination file. 72 grep "^$dev[ ]" $src >> $dest 73 fi 74 fi 75 done 76 77 # potential deletions 78 deletions="aggr aggr:ctl bge ce dld dld:ctl dnet elx elxl eri ge hme ibd iprb le pcelx qfe softmac spwr vni vnic vnic:ctl" 79 80 for dev in $deletions 81 do 82 # if an entry for this driver exists in the destination 83 # file... 84 grep "^$dev[ ]" $dest > /dev/null 2>&1 85 if [ $? = 0 ] ; then 86 # ...and no entry exists in the source 87 # file... 88 grep "$dev[ ]" $src > /dev/null 2>&1 89 if [ $? != 0 ] ; then 90 # ...then remove the entry from 91 # the destination file. 92 cp $dest $dest.$$ 93 grep -v "^$dev[ ]" $dest.$$ > $dest 94 rm -f $dest.$$ 95 fi 96 fi 97 done 98 done 99 100 exit 0 101
Indexes created Wed Feb 10 02:29:26 UTC 2010
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Site Map |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
© 2010, Oracle Corporation and/or its affiliates
