1 #!/bin/sh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 # 23 # Copyright 2009 Sun Microsystems, Inc. All rights reserved. 24 # Use is subject to license terms. 25 # 26 27 # 28 # NOTE: When a change is made to the source file for 29 # /etc/minor_perm, a corresponding change must be made to 30 # this class-action script. 31 # 32 # - If an existing entry in minor_perm is having its 33 # attributes e.g. permissions, ownership changed, 34 # add it to the list produced by make_chattr_list below. 35 # 36 # - If an existing entry must be deleted, add it to 37 # the list produced by make_delete_list below. 38 # 39 # - If a new entry must be added to the file, add it to the 40 # list produced by make_add_list. 41 # 42 # - If a new entry is being added to minor_perm, but there 43 # may already be devices of that name on the system (e.g. 44 # we used the system default permissions in a previous release), 45 # and those old devices now need to have their attributes changed, 46 # add it to the make_chattr_list AND the make_add_list lists 47 # 48 49 # 50 # If an entry in /etc/minor_perm needs to have its attributes 51 # changed, identify the entry in the list copied to /etc/chattr.$$ 52 # by this function. The fields are: 53 # 54 # <device>:<minor> <old_attrs> <new_attrs> <optional list of logical 55 # devices whose attributes 56 # will need to be changed> 57 # 58 # where an <attribute list> := <perm> <user> <group> 59 # 60 # NOTE: this list should also contain entries for nodes that previously 61 # were not in /etc/minor_perm (which means the default mode of 600, 62 # owner/group == root/sys), but now have an entry 63 # 64 65 make_chattr_list() 66 { 67 cat > /tmp/chattr.$$ << EOF 68 vol:volctl 0600 root sys 0666 root sys /dev/volctl 69 clone:llc1 0600 root sys 0666 root sys /dev/llc1 70 log:conslog 0620 root sys 0666 root sys /dev/conslog 71 sy:tty 0666 root sys 0666 root tty /dev/tty 72 icmp:icmp 0600 root sys 0666 root sys /dev/rawip 73 icmp6:icmp6 0600 root sys 0666 root sys /dev/rawip6 74 ip:ip 0660 root sys 0666 root sys /dev/ip 75 ip6:ip6 0660 root sys 0666 root sys /dev/ip6 76 rts:rts 0660 root sys 0666 root sys /dev/rts 77 keysock:keysock 0600 root sys 0666 root sys /dev/keysock 78 ipsecah:ipsecah 0600 root sys 0666 root sys /dev/ipsecah 79 ipsecesp:ipsecesp 0600 root sys 0666 root sys /dev/ipsecesp 80 spdsock:spdsock 0600 root sys 0666 root sys /dev/spdsock 81 sad:admin 0600 root sys 0666 root sys /dev/sad/admin 82 fssnap:ctl 0600 root sys 0666 root sys /dev/fssnapctl 83 fssnap:* 0600 root sys 0640 root sys /dev/fssnap/* 84 clone:dnet 0600 root sys 0666 root sys /dev/dnet 85 dnet:* 0600 root sys 0666 root sys /dev/dnet* 86 clone:elxl 0600 root sys 0666 root sys /dev/elxl 87 elxl:* 0600 root sys 0666 root sys /dev/elxl* 88 clone:iprb 0600 root sys 0666 root sys /dev/iprb 89 iprb:* 0600 root sys 0666 root sys /dev/iprb* 90 clone:pcelx 0600 root sys 0666 root sys /dev/pcelx 91 pcelx:* 0600 root sys 0666 root sys /dev/pcelx* 92 clone:spwr 0600 root sys 0666 root sys /dev/spwr 93 spwr:* 0600 root sys 0666 root sys /dev/spwr* 94 cpc:* 0600 root sys 0666 root sys /devices/pseudo/cpc* 95 ipf:* 0600 root sys 0666 root sys /dev/ipf 96 pfil:* 0600 root sys 0666 root sys /dev/pfil 97 scsi_vhci:devctl 0600 root sys 0666 root sys /devices/scsi_vhci:devctl 98 fbt:fbt 0600 root sys 0644 root sys /dev/dtrace/provider/fbt 99 lockstat:* 0600 root sys 0644 root sys /dev/dtrace/provider/lockstat 100 profile:profile 0600 root sys 0644 root sys /dev/dtrace/provider/profile 101 sdt:sdt 0600 root sys 0644 root sys /dev/dtrace/provider/sdt 102 systrace:systrace 0600 root sys 0644 root sys /dev/dtrace/provider/systrace 103 clone:bge 0600 root sys 0666 root sys /dev/bge 104 clone:igb 0600 root sys 0666 root sys /dev/igb 105 clone:ixgbe 0600 root sys 0666 root sys /dev/ixgbe 106 clone:myri10ge 0600 root sys 0666 root sys /dev/myri10ge 107 clone:rge 0600 root sys 0666 root sys /dev/rge 108 clone:xge 0600 root sys 0666 root sys /dev/xge 109 clone:nge 0600 root sys 0666 root sys /dev/nge 110 clone:chxge 0600 root sys 0666 root sys /dev/chxge 111 clone:pcn 0600 root sys 0666 root sys /dev/pcn 112 clone:rtls 0600 root sys 0666 root sys /dev/rtls 113 clone:arn 0600 root sys 0666 root sys /dev/arn 114 clone:ath 0600 root sys 0666 root sys /dev/ath 115 clone:atu 0600 root sys 0666 root sys /dev/atu 116 clone:ipw 0600 root sys 0666 root sys /dev/ipw 117 clone:iwh 0600 root sys 0666 root sys /dev/iwh 118 clone:iwi 0600 root sys 0666 root sys /dev/iwi 119 clone:iwk 0600 root sys 0666 root sys /dev/iwk 120 clone:iwp 0600 root sys 0666 root sys /dev/iwp 121 clone:mwl 0600 root sys 0666 root sys /dev/mwl 122 clone:pcwl 0600 root sys 0666 root sys /dev/pcwl 123 clone:pcan 0600 root sys 0666 root sys /dev/pcan 124 clone:ral 0600 root sys 0666 root sys /dev/ral 125 clone:rtw 0600 root sys 0666 root sys /dev/rtw 126 clone:rum 0600 root sys 0666 root sys /dev/rum 127 clone:rwd 0600 root sys 0666 root sys /dev/rwd 128 clone:rwn 0600 root sys 0666 root sys /dev/rwn 129 clone:uath 0600 root sys 0666 root sys /dev/uath 130 clone:ural 0600 root sys 0666 root sys /dev/ural 131 clone:urtw 0600 root sys 0666 root sys /dev/urtw 132 clone:wpi 0600 root sys 0666 root sys /dev/wpi 133 clone:zyd 0600 root sys 0666 root sys /dev/zyd 134 clone:afe 0600 root sys 0666 root sys /dev/afe 135 clone:dmfe 0600 root sys 0666 root sys /dev/dmfe 136 clone:mxfe 0600 root sys 0666 root sys /dev/mxfe 137 bge:* 0600 root sys 0666 root sys /dev/bge* 138 igb:* 0600 root sys 0666 root sys /dev/igb* 139 ixgbe:* 0600 root sys 0666 root sys /dev/ixgbe* 140 myri10ge:* 0600 root sys 0666 root sys /dev/myri10ge* 141 rge:* 0600 root sys 0666 root sys /dev/rge* 142 xge:* 0600 root sys 0666 root sys /dev/xge* 143 nge:* 0600 root sys 0666 root sys /dev/nge* 144 e1000g:* 0666 root root 0666 root sys /dev/e1000g* 145 chxge:* 0600 root sys 0666 root sys /dev/chxge* 146 pcn:* 0600 root sys 0666 root sys /dev/pcn* 147 rtls:* 0600 root sys 0666 root sys /dev/rtls* 148 arn:* 0600 root sys 0666 root sys /dev/arn* 149 ath:* 0600 root sys 0666 root sys /dev/ath* 150 atu:* 0600 root sys 0666 root sys /dev/atu* 151 ipw:* 0600 root sys 0666 root sys /dev/ipw* 152 iwh:* 0600 root sys 0666 root sys /dev/iwh* 153 iwi:* 0600 root sys 0666 root sys /dev/iwi* 154 iwk:* 0600 root sys 0666 root sys /dev/iwk* 155 iwp:* 0600 root sys 0666 root sys /dev/iwp* 156 mwl:* 0600 root sys 0666 root sys /dev/mwl* 157 pcwl:* 0600 root sys 0666 root sys /dev/pcwl* 158 pcan:* 0600 root sys 0666 root sys /dev/pcan* 159 ral:* 0600 root sys 0666 root sys /dev/ral* 160 rtw:* 0600 root sys 0666 root sys /dev/rtw* 161 rum:* 0600 root sys 0666 root sys /dev/rum* 162 rwd:* 0600 root sys 0666 root sys /dev/rwd* 163 rwn:* 0600 root sys 0666 root sys /dev/rwn* 164 uath:* 0600 root sys 0666 root sys /dev/uath* 165 ural:* 0600 root sys 0666 root sys /dev/ural* 166 urtw:* 0600 root sys 0666 root sys /dev/urtw* 167 wpi:* 0600 root sys 0666 root sys /dev/wpi* 168 zyd:* 0600 root sys 0666 root sys /dev/zyd* 169 afe:* 0600 root sys 0666 root sys /dev/afe* 170 dmfe:* 0600 root sys 0666 root sys /dev/dmfe* 171 mxfe:* 0600 root sys 0666 root sys /dev/mxfe* 172 balloon:* 0600 root sys 0444 root sys /dev/xen/balloon 173 domcaps:* 0600 root sys 0444 root sys /dev/xen/domcaps 174 evtchn:* 0600 root sys 0666 root sys /dev/xen/evtchn 175 privcmd:* 0600 root sys 0666 root sys /dev/xen/privcmd 176 xenbus:* 0600 root sys 0666 root sys /dev/xen/xenbus 177 xpvtap:* 0600 root sys 0666 root sys /devices/xpvd/xpvtap* 178 EOF 179 } 180 181 # 182 # If an entry in /etc/minor_perm needs to be deleted, identify 183 # the entry in the list copied to /etc/delete.$$ by this function. 184 # The fields are: 185 # 186 # <device>:<minor> <optional list of logical devices to be deleted> 187 # 188 189 make_delete_list() 190 { 191 cat > /tmp/delete.$$ << EOF 192 rip:rawip 193 consfb:consfb 194 clone:el 195 clone:elx 196 clone:sle 197 clone:sie 198 clone:sp 199 clone:ip 200 clone:icmp 201 clone:udp 202 clone:tcp 203 clone:rts 204 clone:arp 205 clone:ipsecah 206 clone:ipsecesp 207 clone:keysock 208 clone:smc 209 clone:tr 210 clone:sbpro 211 elx:* 212 sbpro:* 213 win:* 214 cmtp:* 215 profile:profile 216 asy:[a-z] 217 asy:[a-z],cu 218 i2o_bs:* 219 vni:* 220 EOF 221 } 222 223 # 224 # If an entry needs to be added to /etc/minor_perm, add the first 225 # field of the entry to the list created by this function. The 226 # remainder of the entry will be extracted from the /etc/minor_perm 227 # in the package being installed, so it is not necessary to supply 228 # it here. 229 # 230 231 make_add_list() 232 { 233 cat > /tmp/add.$$ << EOF 234 vol:volctl 235 clone:llc1 236 tnf:tnfctl 237 tnf:tnfmap 238 st:* 239 pm:* 240 devinfo:devinfo 241 openeepr:openprom 242 wc:* 243 ip:ip 244 ip6:ip6 245 ipnet:lo0 246 icmp:icmp 247 icmp6:icmp6 248 udp:udp 249 udp6:udp6 250 tcp:tcp 251 tcp6:tcp6 252 rts:rts 253 arp:arp 254 poll:* 255 pool:pool 256 pool:poolctl 257 cpc:shared 258 sysmsg:msglog 259 sysmsg:sysmsg 260 ipsecah:ipsecah 261 ipsecesp:ipsecesp 262 keysock:keysock 263 spdsock:spdsock 264 devinfo:devinfo,ro 265 lofi:* 266 lofi:ctl 267 sgen:* 268 fssnap:* 269 fssnap:ctl 270 rsm:* 271 random:* 272 mm:allkmem 273 clone:dnet 274 dnet:* 275 clone:elxl 276 elxl:* 277 clone:ibd 278 ibd:* 279 clone:iprb 280 iprb:* 281 clone:pcelx 282 pcelx:* 283 clone:spwr 284 spwr:* 285 sysevent:* 286 ramdisk:* 287 ramdisk:ctl 288 cryptoadm:cryptoadm 289 crypto:crypto 290 dtrace:* 291 fasttrap:fasttrap 292 ipf:* 293 pfil:* 294 bl:* 295 sctp:* 296 sctp6:* 297 dlpistub:* 298 cpuid:self 299 clone:bge 300 clone:igb 301 clone:ixgbe 302 clone:myri10ge 303 clone:rge 304 clone:xge 305 clone:nge 306 clone:e1000g 307 clone:chxge 308 clone:pcn 309 clone:rtls 310 clone:arn 311 clone:ath 312 clone:atu 313 clone:ipw 314 clone:iwh 315 clone:iwi 316 clone:iwk 317 clone:iwp 318 clone:mwl 319 clone:pcwl 320 clone:pcan 321 clone:ral 322 clone:rtw 323 clone:rum 324 clone:rwd 325 clone:rwn 326 clone:uath 327 clone:ural 328 clone:urtw 329 clone:wpi 330 clone:zyd 331 clone:afe 332 clone:dmfe 333 clone:mxfe 334 bge:* 335 igb:* 336 ixgbe:* 337 myri10ge:* 338 rge:* 339 xge:* 340 nge:* 341 e1000g:* 342 chxge:* 343 pcn:* 344 rtls:* 345 arn:* 346 ath:* 347 atu:* 348 ipw:* 349 iwh:* 350 iwi:* 351 iwk:* 352 iwp:* 353 mwl:* 354 pcwl:* 355 pcan:* 356 ral:* 357 rtw:* 358 rum:* 359 rwd:* 360 rwn:* 361 uath:* 362 ural:* 363 urtw:* 364 wpi:* 365 zyd:* 366 afe:* 367 dmfe:* 368 mxfe:* 369 bmc:bmc 370 dld:* 371 smbios:smbios 372 zfs:* 373 zfs:zfs 374 scsi_vhci:* 375 kssl:* 376 fbt:fbt 377 profile:profile 378 sdt:sdt 379 softmac:* 380 systrace:systrace 381 lx_ptm:lx_ptmajor 382 lx_systrace:* 383 physmem:* 384 asy:* 385 asy:*,cu 386 ucode:* 387 acpi_drv:* 388 smbsrv:* 389 vscan:* 390 nsmb:* 391 balloon:* 392 domcaps:* 393 evtchn:* 394 privcmd:* 395 xenbus:* 396 iptunq:* 397 fm:* 398 amd_iommu:* 399 xpvtap:* 400 clone:bridge 401 EOF 402 } 403 404 PATH="/sbin:/usr/sbin:/usr/bin:/usr/sadm/install/bin" 405 export PATH 406 407 # Internal routine to create a sed script which can be used to 408 # escape all shell globbing metacharacters in a path. 409 410 create_esc_sedscript() 411 { 412 cat > /tmp/esc.sed.$$ << EOF 413 s/\*/\\\\*/g 414 s/\?/\\\\?/g 415 s/\[/\\\\[/g 416 s/\]/\\\\]/g 417 EOF 418 } 419 420 # Internal routine to convert an entry in a /tmp/chwhatever.$$ file to 421 # an appropriately escaped pattern which can be used to grep into minor_perm. 422 423 entry2pattern() 424 { 425 # the first argument is the 'key' field from the change file. 426 # entries can contain shell globbing characters to match 427 # several devices - hence all the palaver below. 428 429 printf '%s' `echo "$1" | sed \ 430 -e 's/\*/\\\\*/g' -e 's/\?/\\\\?/g' \ 431 -e 's/\./\\\\./g' -e 's/\[/\\\\[/g' \ 432 -e 's/\]/\\\\]/g'` 433 shift 434 435 # the remaining optional arguments are tokens separated by white-space 436 437 if [ $# = 0 ] ; then 438 printf '[ \t]' 439 else 440 while [ -n "$1" ] 441 do 442 printf '[ \t][ \t]*%s' $1 443 shift 444 done 445 printf '[ \t]*$' 446 fi 447 } 448 449 while read src dest 450 do 451 if [ ! -f $dest ] ; then 452 cp $src $dest 453 else 454 rm -f /tmp/*.$$ 455 create_esc_sedscript 456 make_chattr_list 457 make_delete_list 458 make_add_list 459 460 # 461 # Process the list of devices whose attributes are to be 462 # changed. Find those that actually need to be 463 # applied to the file. For each change that needs 464 # to be applied, add an entry for it to the sed 465 # script that will eventually be applied to the 466 # currently-installed /etc/minor_perm file. Also, 467 # add an entry to the /tmp/chdevs.$$ file, which 468 # contains the list of logical names of devices 469 # whose permissions need to be changed. 470 # 471 472 cat /tmp/chattr.$$ | \ 473 while read key oldp oldu oldg newp newu newg chdevs 474 do 475 do_chdevs=no 476 477 # 478 # First determine whether the device entry 479 # is already in the file, but with the old 480 # permissions. If so, the entry needs to be 481 # modified and the devices in the chdevs list 482 # need to have their permissions and ownerships 483 # changed. 484 # 485 grepstr=`entry2pattern "${key}" $oldp $oldu $oldg` 486 if grep "$grepstr" $dest > /dev/null 2>&1; then 487 echo "s/${grepstr}/$key $newp $newu $newg/" \ 488 >> /tmp/sedscript.$$ 489 do_chdevs=yes 490 fi 491 492 # 493 # Now determine whether the device entry is 494 # in the file at all. If not, it is a new 495 # entry, but there may already be devices 496 # on the system whose permissions need to 497 # be changed. 498 # 499 grepstr=`entry2pattern "${key}"` 500 grep "${grepstr}" $dest > /dev/null 2>&1 501 if [ $? != 0 ] ; then 502 do_chdevs=yes 503 fi 504 505 if [ $do_chdevs = yes -a "$chdevs" != "" ] ; then 506 xchdevs=`echo "$chdevs" | \ 507 sed -f /tmp/esc.sed.$$` 508 for m in $xchdevs ; do 509 echo "$m" $oldp $oldu $oldg \ 510 $newp $newu $newg >> /tmp/chdevs.$$ 511 done 512 fi 513 done 514 515 # sort the "change attributes" list 516 if [ -s /tmp/chdevs.$$ ] ; then 517 sort -u /tmp/chdevs.$$ > /tmp/tmp.$$ 518 mv /tmp/tmp.$$ /tmp/chdevs.$$ 519 fi 520 521 # 522 # Process the list of devices to be deleted. 523 # Find those that actually need to be deleted 524 # from the file. For each entry to be deleted, 525 # add an entry for it to the sed script that will 526 # eventually be applied to the currently-installed 527 # /etc/minor_perm file. Also, add an entry to the 528 # /tmp/deldevs.$$ file, which contains the list of 529 # logical names of devices to be deleted. 530 # 531 532 cat /tmp/delete.$$ | while read key deldevs 533 do 534 grepstr=`entry2pattern "${key}"` 535 if grep "$grepstr" $dest > /dev/null 2>&1; then 536 echo "/${grepstr}/d" >> /tmp/sedscript.$$ 537 if [ "$deldevs" != "" ] ; then 538 xdeldevs=`echo "$deldevs" | \ 539 sed -f /tmp/esc.sed.$$` 540 for m in $xdeldevs ; do 541 echo "$m" >> /tmp/deldevs.$$ 542 done 543 fi 544 fi 545 done 546 if [ -s /tmp/deldevs.$$ ] ; then 547 sort -u /tmp/deldevs.$$ > /tmp/tmp.$$ 548 mv /tmp/tmp.$$ /tmp/deldevs.$$ 549 fi 550 551 # 552 # Apply the sed script possibly built above to the 553 # currently-installed /etc/minor_perm file. 554 # 555 556 if [ -s /tmp/sedscript.$$ ] ; then 557 sed -f /tmp/sedscript.$$ $dest > /tmp/tmp.$$ 558 cp /tmp/tmp.$$ $dest 559 fi 560 561 # For all entries in minor_perm whose attributes had 562 # to be corrected, correct the relevant attributes of the 563 # already-existing devices that correspond to those 564 # entries. 565 # 566 if [ -s /tmp/chdevs.$$ -a "$PKG_INSTALL_ROOT" != "" -a \ 567 "$PKG_INSTALL_ROOT" != "/" ] ; then 568 cat /tmp/chdevs.$$ |\ 569 while read device oldp oldu oldg newp newu newg 570 do 571 # 572 # Note that we take pains -only- to change 573 # the permission/ownership of devices that 574 # have kept their original permissions. 575 # 576 for dev in $PKG_INSTALL_ROOT/$device; do 577 find $dev -follow -perm $oldp -exec \ 578 chmod $newp $dev \; >/dev/null 2>&1 579 find $dev -follow -user $oldu -exec \ 580 chown $newu $dev \; >/dev/null 2>&1 581 find $dev -follow -group $oldg -exec \ 582 chgrp $newg $dev \; >/dev/null 2>&1 583 done 584 done 585 fi 586 587 # 588 # For all entries in minor_perm that were deleted, 589 # remove the /dev entries that point to device nodes 590 # that correspond to those entries. 591 # 592 if [ -s /tmp/deldevs.$$ -a "$PKG_INSTALL_ROOT" != "" -a \ 593 "$PKG_INSTALL_ROOT" != "/" ] ; then 594 cat /tmp/deldevs.$$ | while read device 595 do 596 rm -f $PKG_INSTALL_ROOT/$device 597 done 598 fi 599 600 cat /tmp/add.$$ | while read key 601 do 602 grepstr=`entry2pattern "${key}"` 603 grep "$grepstr" $dest > /dev/null 2>&1 604 if [ $? != 0 ] ; then 605 grep "$grepstr" $src >> $dest 606 fi 607 done 608 609 rm -f /tmp/*.$$ 610 fi 611 done 612 613 exit 0 614
Indexes created Sat Nov 07 20:42:01 UTC 2009
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.