1 #!/bin/sh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 # 23 # Copyright 2008 Sun Microsystems, Inc. All rights reserved. 24 # Use is subject to license terms. 25 # 26 # ident "%Z%%M% %I% %E% SMI" 27 # 28 29 PATH="/usr/bin:/usr/sbin:${PATH}" 30 export PATH 31 32 # inetd_fini : clean up temp files 33 inetd_fini() { 34 rm -f -- $inetsed $inettmp $inetsedhdr 35 return 0 36 } 37 38 # inetd_undo : restore original file in case of failure 39 inetd_undo() { 40 cat $inetold > $inetconf 41 inetd_fini 42 } 43 44 # inetd_remove : remove daemons specified as arguments by removing 45 # lines from inetd.conf that match the regular 46 # expressions provided on stdin (one per line) 47 # original file is restored and script exits on failure 48 inetd_remove() { 49 sed -e 's:/:\\/:g' -e 's:.*:/&/ d:' >> $inetsed 50 if [ $? -ne 0 ]; then 51 echo "Unable to append to $inetsed" 52 inetd_undo 53 exit 1 54 fi 55 return 0 56 } 57 58 # We start by building the giant sed script used to clean out the old 59 # bundled entries. Broken up into bite-size sections for easier maintenance 60 61 # Location for scripts 62 inetsed=/tmp/inetd.sed.$$ 63 inetsedhdr=/tmp/inetd.sedhdr.$$ 64 65 # The header editing is built separately so that we only apply it when needed 66 cat >$inetsedhdr <<EOF 67 /^# Copyright .* Sun Microsystems/d 68 /^# Use is subject to license terms/d 69 EOF 70 71 # Remove the traditional introductory comments 72 inetd_remove intro_comment <<EOF 73 ^# Configuration file for inetd(1M). See inetd.conf(4). 74 ^# To re-configure the running inetd process, edit this file, then 75 ^# send the inetd process a SIGHUP. 76 ^# Syntax for socket-based Internet services: 77 ^# <service_name> <socket_type> <proto> <flags> <user> <server_pathname> <args> 78 ^# Syntax for TLI-based Internet services: 79 ^# <service_name> tli <proto> <flags> <user> <server_pathname> <args> 80 EOF 81 82 # Remove the RPC syntax comments 83 inetd_remove rpc_comments <<EOF 84 ^# RPC services syntax: 85 ^# <rpc_prog>/<vers> <endpoint-type> rpc/<proto> <flags> <user> 86 ^# <pathname> <args> 87 ^# <endpoint-type> can be either "tli" or "stream" or "dgram". 88 ^# For "stream" and "dgram" assume that the endpoint is a socket descriptor. 89 ^# <proto> can be either 90 ^# first treated as a nettype. If it is not a valid nettype then it is 91 ^# treated as a netid 92 ^# transports supported by this system, ie. it equates to the "visible" 93 ^# nettype. The syntax for <proto> is: 94 ^#.*<nettype|netid> 95 ^# For example: 96 ^# dummy/1 tli rpc/circuit_v,udp 97 EOF 98 99 # Remove the IPv6 comment which appeared starting in Solaris 8 100 inetd_remove ipv6_comment <<EOF 101 ^# IPv6 and inetd.conf 102 ^# By specifying a <proto> value of tcp6 or udp6 for a service, inetd will 103 ^# pass the given daemon an AF_INET6 socket. The following daemons have 104 ^# been modified to be able to accept AF_INET6 sockets 105 ^# ftp telnet shell login exec tftp finger printer 106 ^# and service connection requests coming from either IPv4 or IPv6-based 107 ^# transports. Such modified services do not normally require separate 108 ^# configuration lines for tcp or udp. For documentation on how to do this 109 ^# for other services, see the Solaris System Administration Guide. 110 ^# You must verify that a service supports IPv6 before specifying <proto> as 111 ^# tcp6 or udp6. Also, all inetd built-in commands (time, echo, discard, 112 ^# daytime, chargen) require the specification of <proto> as tcp6 or udp6 113 ^# The remote shell server (shell) and the remote execution server 114 ^# (exec) must have an entry for both the "tcp" and "tcp6" <proto> values. 115 EOF 116 117 # Remove entries in inetd.conf for r* deamons 118 # This also removes the old SEAM unbundled versions of these services 119 inetd_remove in.rshd in.rlogind in.rexecd in.comsat in.talkd in.fingerd rpc.statd rpc.rusersd rpc.rwalld rpc.sprayd systat netstat <<EOF 120 ^[# ]*shell[ ]*stream 121 ^[# ]*kshell[ ]*stream 122 ^[# ]*login[ ]*stream 123 ^[# ]*klogin[ ]*stream 124 ^[# ]*eklogin[ ]*stream 125 ^[# ]*exec[ ]*stream 126 ^[# ]*comsat[ ]*dgram 127 ^[# ]*talk[ ]*dgram 128 ^[# ]*finger[ ]*stream 129 ^[# ]*rstatd/2-4 130 ^[# ]*rusersd/2-3 131 ^[# ]*walld/1 132 ^[# ]*sprayd/1 133 ^[# ]*systat[ ]*stream 134 ^[# ]*netstat[ ]*stream 135 ^# RSHD 136 ^# RLOGIND 137 ^# REXECD 138 ^# COMSATD 139 ^# TALKD 140 ^# FINGERD 141 ^# RSTATD 142 ^# RUSERSD 143 ^# RWALLD 144 ^# SPRAYD 145 ^# Shell, login, exec, comsat and talk are BSD protocols 146 ^# The spray server is used primarily for testing. 147 ^# The rwall server allows others to post messages to users 148 ^# Rstatd is used by programs such as perfmeter 149 ^#[ ]*.note: Kerberos does not yet support ipv6 150 ^# Finger, systat and netstat give out user information which may be 151 ^# valuable to potential "system crackers." Many sites choose to disable 152 ^# some or all of these services to improve security. 153 ^# The rusers service gives out user information. Sites concerned 154 ^# with security may choose to disable it. 155 EOF 156 157 # Remove entries in inetd.conf for common network service deamons 158 inetd_remove time daytime echo discard chargen <<EOF 159 ^[# ]*time[ ]*stream 160 ^[# ]*time[ ]*dgram 161 ^[# ]*daytime[ ]*stream 162 ^[# ]*daytime[ ]*dgram 163 ^[# ]*echo[ ]*stream 164 ^[# ]*echo[ ]*dgram 165 ^[# ]*discard[ ]*stream 166 ^[# ]*discard[ ]*dgram 167 ^[# ]*chargen[ ]*stream 168 ^[# ]*chargen[ ]*dgram 169 ^# Time service is used for clock synchronization. 170 ^# Echo, discard, daytime, and chargen are used primarily for testing. 171 ^# Daytime provides a legible form of date and time. 172 ^# Echo is used primarily for testing. 173 ^# Discard is used primarily for testing. 174 ^# Chargen is used primarily for testing. 175 EOF 176 177 # Remove entry in inetd.conf for smserverd daemon 178 inetd_remove rpc.smserverd <<EOF 179 ^[# ]*100155/1 180 ^# smserverd 181 EOF 182 183 # Remove entry in inetd.conf for telnetd 184 # Also removes the old SEAM version 185 inetd_remove in.telnetd <<EOF 186 ^[# ]*telnet[ ]*stream 187 ^[# ]*telnet.*/usr/krb5/lib/telnetd 188 ^# TELNETD 189 ^# Ftp and telnet are standard Internet services. 190 EOF 191 192 # Remove entry in inetd.conf for in.tnamed 193 inetd_remove in.tnamed <<EOF 194 ^[# ]*name[ ]*dgram 195 ^# TNAMED 196 ^# Tnamed serves the obsolete IEN-116 name server protocol. 197 EOF 198 199 # Remove entry in inetd.conf for printer daemon 200 inetd_remove in.lpd <<EOF 201 ^[# ]*printer[ ]*stream 202 ^# LPD 203 ^# Print Protocol Adaptor - BSD listener 204 EOF 205 206 # Remove entry in inetd.conf for ocfserv daemon 207 inetd_remove ocfserv <<EOF 208 ^[# ]*100150/1 209 ^# OCFSERV 210 ^# OCF (Smart card) Daemon 211 EOF 212 213 # Remove entry in inetd.conf for rpc.rexd 214 inetd_remove rpc.rexd <<EOF 215 ^[# ]*rexd/1 216 ^# REXD 217 ^# The rexd server provides only minimal authentication 218 EOF 219 220 # Remove entry in inetd.conf for rquotad 221 inetd_remove rquotad <<EOF 222 ^[# ]*rquotad/1 223 ^# RQUOTAD 224 ^# Rquotad supports UFS disk quotas for NFS clients 225 EOF 226 227 # Remove entries in inetd.conf for SLVM daemons 228 inetd_remove rpc.metad rpc.metamhd rpc.metamedd <<EOF 229 ^[# ]*100229/1 230 ^[# ]*100230/1 231 ^[# ]*100242/1 232 ^# METAD 233 ^# METAMHD 234 ^# METAMEDD 235 ^# SLVM Daemons 236 EOF 237 238 # Remove entry in inetd.conf for ktkt_warnd daemon 239 inetd_remove ktkt_warnd <<EOF 240 ^[# ]*100134/1 241 ^# KTKT_WARND 242 ^# Kerberos V5 Warning Message Daemon 243 EOF 244 245 # Remove entries in inetd.conf for kpropd 246 inetd_remove kpropd << EOF 247 ^[# ]*krb5_prop[ ]*stream 248 ^# Kerberos V5 DB Propagation Daemon 249 EOF 250 251 # Remove entry in inetd.conf for GSS daemon 252 inetd_remove gssd <<EOF 253 ^[# ]*100234/1 254 ^# GSSD 255 ^# GSS Daemon 256 EOF 257 258 # Remove entry in inetd.conf for ftp daemon 259 # Also removes the old SEAM entry 260 inetd_remove in.ftpd <<EOF 261 ^[# ]*ftp[ ]*stream 262 ^[# ]*ftp.*/usr/krb5/lib/ftpd 263 ^# FTPD 264 ^# Ftp and telnet are standard Internet services. 265 EOF 266 267 # Remove dr_daemon entry if it is present. 268 inetd_remove dr_daemon <<EOF 269 ^[# ]*300326/4[ ]*tli 270 EOF 271 272 # Remove the DCS entries from /etc/inetd.conf. 273 inetd_remove dcs <<EOF 274 ^[# ]*sun-dr[ ]*stream 275 EOF 276 277 # Remove entry in inetd.conf for uucp daemon 278 inetd_remove in.uucpd <<EOF 279 ^[# ]*uucp[ ]*stream 280 ^# UUCPD 281 ^# Must run as root 282 EOF 283 284 # Not yet converted 285 # Remove cachefsd 286 #inetd_remove cachefsd <<EOF 287 #^[# ]*100235/1[ ]*tli 288 #^# CacheFS Daemon 289 #EOF 290 291 # Remove font server 292 inetd_remove fs <<EOF 293 ^[# ]*fs[ ]*stream 294 ^# Sun Font Server 295 EOF 296 297 # Remove nfsmapid 298 # Only appears in Solaris 10 299 inetd_remove nfsmapid <<EOF 300 ^[# ]*100166/1 301 ^# NFSv4 302 EOF 303 304 # Remove stfsloader 305 inetd_remove stfsloader <<EOF 306 ^[# ]*100424/1 307 ^# Standard Type Services Framework 308 EOF 309 310 # Things below here don't appear after Solaris 9 311 312 # Remove KCMS 313 inetd_remove kcms_server <<EOF 314 ^[# ]*100221/1[ ]*tli 315 ^# Sun KCMS Profile Server 316 EOF 317 318 # Remove sadmind 319 inetd_remove sadmind <<EOF 320 ^[# ]*100232/10[ ]*tli 321 ^# Solstice system 322 EOF 323 324 # Things below here don't appear after Solaris 8 325 326 # Remove ufsd 327 inetd_remove ufsd <<EOF 328 ^[# ]*ufsd/1[ ]*tli 329 ^# UFS-aware service daemon 330 EOF 331 332 # Remove amiserv 333 inetd_remove amiserv <<EOF 334 ^[# ]*100146/1[ ]*tli 335 ^[# ]*100147/1[ ]*tli 336 ^# AMI Daemon 337 EOF 338 339 # Things below here don't appear after Solaris 7 340 341 # Remove kerbd 342 inetd_remove kerbd <<EOF 343 ^[# ]*kerbd/4[ ]*tli 344 ^# Kerbd Daemon 345 EOF 346 347 # Things below here don't appear after Solaris 2.6 348 349 # Remove xaudio 350 inetd_remove xaudio <<EOF 351 ^[# ]*xaudio[ ]*stream 352 EOF 353 354 # Remove CDE rpc services 355 inetd_remove cde <<EOF 356 ^[# ]*dtspc[ ]*stream 357 ^[# ]*100083/1[ ]*tli 358 ^[# ]*100068/2-[45][ ]*dgram 359 ^# Sun ToolTalk Database Server 360 EOF 361 362 # End of setup, now process the file 363 while read src dest 364 do 365 sedhdr="-f $inetsedhdr" 366 367 if [ ! -f $dest ] ; then 368 # Must be a fresh install, skip the gymnastics 369 cp $src $dest 370 else 371 inetconf=$dest 372 inetold=$dest.preupgrade 373 inettmp=/tmp/inetd.tmp.$$ 374 375 # Save existing file first 376 cp $dest $inetold 377 if [ $? -ne 0 ]; then 378 echo "Unable to create $inetold" 379 exit 1 380 fi 381 382 # if new header already there, don't strip copyright or prepend 383 # new header 384 grep inetconv $inetconf >/dev/null 2>&1 && sedhdr= && src= 385 386 # Execute the stored sed script to remove all standard stuff 387 sed $sedhdr -f $inetsed < $inetconf > $inettmp 388 if [ $? -ne 0 ]; then 389 echo "Unable to create $inettmp" 390 inetd_undo 391 exit 1 392 fi 393 394 # Now we have just the customer/3rd-party records and comments. 395 # Stick our new header on the front, and clean up all the 396 # extraneous blank comment lines left over from above. 397 cmp -s $inetconf $inettmp 398 case $? in 399 0) ;; 400 1) cat $src $inettmp | nawk ' 401 BEGIN { lastblank = 0 } 402 /^#[ \t]*$/ { 403 if (lastblank == 0) { 404 lastblank = 1 405 print 406 } 407 next 408 } 409 { lastblank = 0; print } 410 ' > $inetconf 411 if [ $? -ne 0 ]; then 412 echo "Unable to construct $inetconf" 413 inetd_undo 414 exit 1 415 fi 416 ;; 417 418 *) echo "Unable to read $inetconf or $inettmp" 419 inetd_undo 420 exit 1 421 ;; 422 esac 423 fi 424 425 # Add cachefsd if not there 426 grep "^[# ]*100235/1[ ]" $dest >/dev/null 2>&1 || \ 427 cat >>$dest <<EOF 428 # 429 # CacheFS daemon. Provided only as a basis for conversion by inetconv(1M). 430 # 431 100235/1 tli rpc/ticotsord wait root /usr/lib/fs/cachefs/cachefsd cachefsd 432 EOF 433 434 done 435 436 # Clean up temp files 437 inetd_fini 438 439 exit 0 440 441
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.