1 #!/bin/sh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 # 23 # Copyright 2008 Sun Microsystems, Inc. All rights reserved. 24 # Use is subject to license terms. 25 # 26 27 # 28 # NOTE: When a change is made to the source file for 29 # /etc/minor_perm, a corresponding change must be made to 30 # this class-action script. 31 # 32 # - If an existing entry in minor_perm is having its 33 # attributes e.g. permissions, ownership changed, 34 # add it to the list produced by make_chattr_list below. 35 # 36 # - If an existing entry must be deleted, add it to 37 # the list produced by make_delete_list below. 38 # 39 # - If a new entry must be added to the file, add it to the 40 # list produced by make_add_list. 41 # 42 # - If a new entry is being added to minor_perm, but there 43 # may already be devices of that name on the system (e.g. 44 # we used the system default permissions in a previous release), 45 # and those old devices now need to have their attributes changed, 46 # add it to the make_chattr_list AND the make_add_list lists 47 # 48 49 # 50 # If an entry in /etc/minor_perm needs to have its attributes 51 # changed, identify the entry in the list copied to /etc/chattr.$$ 52 # by this function. The fields are: 53 # 54 # <device>:<minor> <old_attrs> <new_attrs> <optional list of logical 55 # devices whose attributes 56 # will need to be changed> 57 # 58 # where an <attribute list> := <perm> <user> <group> 59 # 60 # NOTE: this list should also contain entries for nodes that previously 61 # were not in /etc/minor_perm (which means the default mode of 600, 62 # owner/group == root/sys), but now have an entry 63 # 64 65 make_chattr_list() 66 { 67 cat > /tmp/chattr.$$ << EOF 68 vol:volctl 0600 root sys 0666 root sys /dev/volctl 69 clone:llc1 0600 root sys 0666 root sys /dev/llc1 70 log:conslog 0620 root sys 0666 root sys /dev/conslog 71 sy:tty 0666 root sys 0666 root tty /dev/tty 72 icmp:icmp 0600 root sys 0666 root sys /dev/rawip 73 icmp6:icmp6 0600 root sys 0666 root sys /dev/rawip6 74 ip:ip 0660 root sys 0666 root sys /dev/ip 75 ip6:ip6 0660 root sys 0666 root sys /dev/ip6 76 rts:rts 0660 root sys 0666 root sys /dev/rts 77 keysock:keysock 0600 root sys 0666 root sys /dev/keysock 78 ipsecah:ipsecah 0600 root sys 0666 root sys /dev/ipsecah 79 ipsecesp:ipsecesp 0600 root sys 0666 root sys /dev/ipsecesp 80 spdsock:spdsock 0600 root sys 0666 root sys /dev/spdsock 81 sad:admin 0600 root sys 0666 root sys /dev/sad/admin 82 fssnap:ctl 0600 root sys 0666 root sys /dev/fssnapctl 83 fssnap:* 0600 root sys 0640 root sys /dev/fssnap/* 84 clone:dnet 0600 root sys 0666 root sys /dev/dnet 85 dnet:* 0600 root sys 0666 root sys /dev/dnet* 86 clone:elxl 0600 root sys 0666 root sys /dev/elxl 87 elxl:* 0600 root sys 0666 root sys /dev/elxl* 88 clone:iprb 0600 root sys 0666 root sys /dev/iprb 89 iprb:* 0600 root sys 0666 root sys /dev/iprb* 90 clone:pcelx 0600 root sys 0666 root sys /dev/pcelx 91 pcelx:* 0600 root sys 0666 root sys /dev/pcelx* 92 clone:spwr 0600 root sys 0666 root sys /dev/spwr 93 spwr:* 0600 root sys 0666 root sys /dev/spwr* 94 cpc:* 0600 root sys 0666 root sys /devices/pseudo/cpc* 95 ipf:* 0600 root sys 0666 root sys /dev/ipf 96 pfil:* 0600 root sys 0666 root sys /dev/pfil 97 scsi_vhci:devctl 0600 root sys 0666 root sys /devices/scsi_vhci:devctl 98 fbt:fbt 0600 root sys 0644 root sys /dev/dtrace/provider/fbt 99 lockstat:* 0600 root sys 0644 root sys /dev/dtrace/provider/lockstat 100 profile:profile 0600 root sys 0644 root sys /dev/dtrace/provider/profile 101 sdt:sdt 0600 root sys 0644 root sys /dev/dtrace/provider/sdt 102 systrace:systrace 0600 root sys 0644 root sys /dev/dtrace/provider/systrace 103 clone:bge 0600 root sys 0666 root sys /dev/bge 104 clone:igb 0600 root sys 0666 root sys /dev/igb 105 clone:ixgbe 0600 root sys 0666 root sys /dev/ixgbe 106 clone:rge 0600 root sys 0666 root sys /dev/rge 107 clone:xge 0600 root sys 0666 root sys /dev/xge 108 clone:nge 0600 root sys 0666 root sys /dev/nge 109 clone:chxge 0600 root sys 0666 root sys /dev/chxge 110 clone:pcn 0600 root sys 0666 root sys /dev/pcn 111 clone:rtls 0600 root sys 0666 root sys /dev/rtls 112 clone:ath 0600 root sys 0666 root sys /dev/ath 113 clone:ipw 0600 root sys 0666 root sys /dev/ipw 114 clone:iwh 0600 root sys 0666 root sys /dev/iwh 115 clone:iwi 0600 root sys 0666 root sys /dev/iwi 116 clone:iwk 0600 root sys 0666 root sys /dev/iwk 117 clone:pcwl 0600 root sys 0666 root sys /dev/pcwl 118 clone:pcan 0600 root sys 0666 root sys /dev/pcan 119 clone:ral 0600 root sys 0666 root sys /dev/ral 120 clone:rtw 0600 root sys 0666 root sys /dev/rtw 121 clone:ural 0600 root sys 0666 root sys /dev/ural 122 clone:wpi 0600 root sys 0666 root sys /dev/wpi 123 clone:afe 0600 root sys 0666 root sys /dev/afe 124 clone:dmfe 0600 root sys 0666 root sys /dev/dmfe 125 clone:mxfe 0600 root sys 0666 root sys /dev/mxfe 126 bge:* 0600 root sys 0666 root sys /dev/bge* 127 igb:* 0600 root sys 0666 root sys /dev/igb* 128 ixgbe:* 0600 root sys 0666 root sys /dev/ixgbe* 129 rge:* 0600 root sys 0666 root sys /dev/rge* 130 xge:* 0600 root sys 0666 root sys /dev/xge* 131 nge:* 0600 root sys 0666 root sys /dev/nge* 132 e1000g:* 0666 root root 0666 root sys /dev/e1000g* 133 chxge:* 0600 root sys 0666 root sys /dev/chxge* 134 pcn:* 0600 root sys 0666 root sys /dev/pcn* 135 rtls:* 0600 root sys 0666 root sys /dev/rtls* 136 ath:* 0600 root sys 0666 root sys /dev/ath* 137 ipw:* 0600 root sys 0666 root sys /dev/ipw* 138 iwh:* 0600 root sys 0666 root sys /dev/iwh* 139 iwi:* 0600 root sys 0666 root sys /dev/iwi* 140 iwk:* 0600 root sys 0666 root sys /dev/iwk* 141 pcwl:* 0600 root sys 0666 root sys /dev/pcwl* 142 pcan:* 0600 root sys 0666 root sys /dev/pcan* 143 ral:* 0600 root sys 0666 root sys /dev/ral* 144 rtw:* 0600 root sys 0666 root sys /dev/rtw* 145 ural:* 0600 root sys 0666 root sys /dev/ural* 146 wpi:* 0600 root sys 0666 root sys /dev/wpi* 147 afe:* 0600 root sys 0666 root sys /dev/afe* 148 dmfe:* 0600 root sys 0666 root sys /dev/dmfe* 149 mxfe:* 0600 root sys 0666 root sys /dev/mxfe* 150 balloon:* 0600 root sys 0444 root sys /dev/xen/balloon 151 domcaps:* 0600 root sys 0444 root sys /dev/xen/domcaps 152 evtchn:* 0600 root sys 0666 root sys /dev/xen/evtchn 153 privcmd:* 0600 root sys 0666 root sys /dev/xen/privcmd 154 xenbus:* 0600 root sys 0666 root sys /dev/xen/xenbus 155 xpvtap:* 0600 root sys 0666 root sys /devices/xpvd/xpvtap* 156 EOF 157 } 158 159 # 160 # If an entry in /etc/minor_perm needs to be deleted, identify 161 # the entry in the list copied to /etc/delete.$$ by this function. 162 # The fields are: 163 # 164 # <device>:<minor> <optional list of logical devices to be deleted> 165 # 166 167 make_delete_list() 168 { 169 cat > /tmp/delete.$$ << EOF 170 rip:rawip 171 consfb:consfb 172 clone:el 173 clone:elx 174 clone:sle 175 clone:sie 176 clone:sp 177 clone:ip 178 clone:icmp 179 clone:udp 180 clone:tcp 181 clone:rts 182 clone:arp 183 clone:ipsecah 184 clone:ipsecesp 185 clone:keysock 186 clone:smc 187 clone:tr 188 clone:sbpro 189 elx:* 190 sbpro:* 191 win:* 192 cmtp:* 193 profile:profile 194 asy:[a-z] 195 asy:[a-z],cu 196 i2o_bs:* 197 EOF 198 } 199 200 # 201 # If an entry needs to be added to /etc/minor_perm, add the first 202 # field of the entry to the list created by this function. The 203 # remainder of the entry will be extracted from the /etc/minor_perm 204 # in the package being installed, so it is not necessary to supply 205 # it here. 206 # 207 208 make_add_list() 209 { 210 cat > /tmp/add.$$ << EOF 211 vol:volctl 212 clone:llc1 213 tnf:tnfctl 214 tnf:tnfmap 215 st:* 216 pm:* 217 devinfo:devinfo 218 openeepr:openprom 219 wc:* 220 ip:ip 221 ip6:ip6 222 icmp:icmp 223 icmp6:icmp6 224 udp:udp 225 udp6:udp6 226 tcp:tcp 227 tcp6:tcp6 228 rts:rts 229 arp:arp 230 poll:* 231 pool:pool 232 pool:poolctl 233 cpc:shared 234 sysmsg:msglog 235 sysmsg:sysmsg 236 ipsecah:ipsecah 237 ipsecesp:ipsecesp 238 keysock:keysock 239 spdsock:spdsock 240 devinfo:devinfo,ro 241 lofi:* 242 lofi:ctl 243 sgen:* 244 fssnap:* 245 fssnap:ctl 246 rsm:* 247 random:* 248 mm:allkmem 249 clone:dnet 250 dnet:* 251 clone:elxl 252 elxl:* 253 clone:ibd 254 ibd:* 255 clone:iprb 256 iprb:* 257 clone:pcelx 258 pcelx:* 259 clone:spwr 260 spwr:* 261 sysevent:* 262 ramdisk:* 263 ramdisk:ctl 264 cryptoadm:cryptoadm 265 crypto:crypto 266 dtrace:* 267 fasttrap:fasttrap 268 ipf:* 269 pfil:* 270 bl:* 271 sctp:* 272 sctp6:* 273 vni:* 274 cpuid:self 275 clone:bge 276 clone:igb 277 clone:ixgbe 278 clone:rge 279 clone:xge 280 clone:nge 281 clone:e1000g 282 clone:chxge 283 clone:pcn 284 clone:rtls 285 clone:ath 286 clone:ipw 287 clone:iwh 288 clone:iwi 289 clone:iwk 290 clone:pcwl 291 clone:pcan 292 clone:ral 293 clone:rtw 294 clone:ural 295 clone:wpi 296 clone:afe 297 clone:dmfe 298 clone:mxfe 299 bge:* 300 igb:* 301 ixgbe:* 302 rge:* 303 xge:* 304 nge:* 305 e1000g:* 306 chxge:* 307 pcn:* 308 rtls:* 309 ath:* 310 ipw:* 311 iwh:* 312 iwi:* 313 iwk:* 314 pcwl:* 315 pcan:* 316 ral:* 317 rtw:* 318 ural:* 319 wpi:* 320 afe:* 321 dmfe:* 322 mxfe:* 323 bmc:bmc 324 dld:* 325 aggr:* 326 smbios:smbios 327 zfs:* 328 zfs:zfs 329 scsi_vhci:* 330 kssl:* 331 fbt:fbt 332 profile:profile 333 sdt:sdt 334 softmac:* 335 systrace:systrace 336 lx_ptm:lx_ptmajor 337 lx_systrace:* 338 physmem:* 339 asy:* 340 asy:*,cu 341 ucode:* 342 acpi_drv:* 343 smbsrv:* 344 vscan:* 345 nsmb:* 346 balloon:* 347 domcaps:* 348 evtchn:* 349 privcmd:* 350 xenbus:* 351 fm:* 352 amd_iommu:* 353 xpvtap:* 354 EOF 355 } 356 357 PATH="/sbin:/usr/sbin:/usr/bin:/usr/sadm/install/bin" 358 export PATH 359 360 # Internal routine to create a sed script which can be used to 361 # escape all shell globbing metacharacters in a path. 362 363 create_esc_sedscript() 364 { 365 cat > /tmp/esc.sed.$$ << EOF 366 s/\*/\\\\*/g 367 s/\?/\\\\?/g 368 s/\[/\\\\[/g 369 s/\]/\\\\]/g 370 EOF 371 } 372 373 # Internal routine to convert an entry in a /tmp/chwhatever.$$ file to 374 # an appropriately escaped pattern which can be used to grep into minor_perm. 375 376 entry2pattern() 377 { 378 # the first argument is the 'key' field from the change file. 379 # entries can contain shell globbing characters to match 380 # several devices - hence all the palaver below. 381 382 printf '%s' `echo "$1" | sed \ 383 -e 's/\*/\\\\*/g' -e 's/\?/\\\\?/g' \ 384 -e 's/\./\\\\./g' -e 's/\[/\\\\[/g' \ 385 -e 's/\]/\\\\]/g'` 386 shift 387 388 # the remaining optional arguments are tokens separated by white-space 389 390 if [ $# = 0 ] ; then 391 printf '[ \t]' 392 else 393 while [ -n "$1" ] 394 do 395 printf '[ \t][ \t]*%s' $1 396 shift 397 done 398 printf '[ \t]*$' 399 fi 400 } 401 402 while read src dest 403 do 404 if [ ! -f $dest ] ; then 405 cp $src $dest 406 else 407 rm -f /tmp/*.$$ 408 create_esc_sedscript 409 make_chattr_list 410 make_delete_list 411 make_add_list 412 413 # 414 # Process the list of devices whose attributes are to be 415 # changed. Find those that actually need to be 416 # applied to the file. For each change that needs 417 # to be applied, add an entry for it to the sed 418 # script that will eventually be applied to the 419 # currently-installed /etc/minor_perm file. Also, 420 # add an entry to the /tmp/chdevs.$$ file, which 421 # contains the list of logical names of devices 422 # whose permissions need to be changed. 423 # 424 425 cat /tmp/chattr.$$ | \ 426 while read key oldp oldu oldg newp newu newg chdevs 427 do 428 do_chdevs=no 429 430 # 431 # First determine whether the device entry 432 # is already in the file, but with the old 433 # permissions. If so, the entry needs to be 434 # modified and the devices in the chdevs list 435 # need to have their permissions and ownerships 436 # changed. 437 # 438 grepstr=`entry2pattern "${key}" $oldp $oldu $oldg` 439 if grep "$grepstr" $dest > /dev/null 2>&1; then 440 echo "s/${grepstr}/$key $newp $newu $newg/" \ 441 >> /tmp/sedscript.$$ 442 do_chdevs=yes 443 fi 444 445 # 446 # Now determine whether the device entry is 447 # in the file at all. If not, it is a new 448 # entry, but there may already be devices 449 # on the system whose permissions need to 450 # be changed. 451 # 452 grepstr=`entry2pattern "${key}"` 453 grep "${grepstr}" $dest > /dev/null 2>&1 454 if [ $? != 0 ] ; then 455 do_chdevs=yes 456 fi 457 458 if [ $do_chdevs = yes -a "$chdevs" != "" ] ; then 459 xchdevs=`echo "$chdevs" | \ 460 sed -f /tmp/esc.sed.$$` 461 for m in $xchdevs ; do 462 echo "$m" $oldp $oldu $oldg \ 463 $newp $newu $newg >> /tmp/chdevs.$$ 464 done 465 fi 466 done 467 468 # sort the "change attributes" list 469 if [ -s /tmp/chdevs.$$ ] ; then 470 sort -u /tmp/chdevs.$$ > /tmp/tmp.$$ 471 mv /tmp/tmp.$$ /tmp/chdevs.$$ 472 fi 473 474 # 475 # Process the list of devices to be deleted. 476 # Find those that actually need to be deleted 477 # from the file. For each entry to be deleted, 478 # add an entry for it to the sed script that will 479 # eventually be applied to the currently-installed 480 # /etc/minor_perm file. Also, add an entry to the 481 # /tmp/deldevs.$$ file, which contains the list of 482 # logical names of devices to be deleted. 483 # 484 485 cat /tmp/delete.$$ | while read key deldevs 486 do 487 grepstr=`entry2pattern "${key}"` 488 if grep "$grepstr" $dest > /dev/null 2>&1; then 489 echo "/${grepstr}/d" >> /tmp/sedscript.$$ 490 if [ "$deldevs" != "" ] ; then 491 xdeldevs=`echo "$deldevs" | \ 492 sed -f /tmp/esc.sed.$$` 493 for m in $xdeldevs ; do 494 echo "$m" >> /tmp/deldevs.$$ 495 done 496 fi 497 fi 498 done 499 if [ -s /tmp/deldevs.$$ ] ; then 500 sort -u /tmp/deldevs.$$ > /tmp/tmp.$$ 501 mv /tmp/tmp.$$ /tmp/deldevs.$$ 502 fi 503 504 # 505 # Apply the sed script possibly built above to the 506 # currently-installed /etc/minor_perm file. 507 # 508 509 if [ -s /tmp/sedscript.$$ ] ; then 510 sed -f /tmp/sedscript.$$ $dest > /tmp/tmp.$$ 511 cp /tmp/tmp.$$ $dest 512 fi 513 514 # For all entries in minor_perm whose attributes had 515 # to be corrected, correct the relevant attributes of the 516 # already-existing devices that correspond to those 517 # entries. 518 # 519 if [ -s /tmp/chdevs.$$ -a "$PKG_INSTALL_ROOT" != "" -a \ 520 "$PKG_INSTALL_ROOT" != "/" ] ; then 521 cat /tmp/chdevs.$$ |\ 522 while read device oldp oldu oldg newp newu newg 523 do 524 # 525 # Note that we take pains -only- to change 526 # the permission/ownership of devices that 527 # have kept their original permissions. 528 # 529 for dev in $PKG_INSTALL_ROOT/$device; do 530 find $dev -follow -perm $oldp -exec \ 531 chmod $newp $dev \; >/dev/null 2>&1 532 find $dev -follow -user $oldu -exec \ 533 chown $newu $dev \; >/dev/null 2>&1 534 find $dev -follow -group $oldg -exec \ 535 chgrp $newg $dev \; >/dev/null 2>&1 536 done 537 done 538 fi 539 540 # 541 # For all entries in minor_perm that were deleted, 542 # remove the /dev entries that point to device nodes 543 # that correspond to those entries. 544 # 545 if [ -s /tmp/deldevs.$$ -a "$PKG_INSTALL_ROOT" != "" -a \ 546 "$PKG_INSTALL_ROOT" != "/" ] ; then 547 cat /tmp/deldevs.$$ | while read device 548 do 549 rm -f $PKG_INSTALL_ROOT/$device 550 done 551 fi 552 553 cat /tmp/add.$$ | while read key 554 do 555 grepstr=`entry2pattern "${key}"` 556 grep "$grepstr" $dest > /dev/null 2>&1 557 if [ $? != 0 ] ; then 558 grep "$grepstr" $src >> $dest 559 fi 560 done 561 562 rm -f /tmp/*.$$ 563 fi 564 done 565 566 exit 0 567
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.