1 #! /bin/sh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 23 # 24 # Copyright 2010 Sun Microsystems, Inc. All rights reserved. 25 # Use is subject to license terms. 26 # 27 28 # 29 # NOTE: When a change is made to the source file for 30 # /etc/minor_perm, a corresponding change must be made to 31 # this class-action script. 32 # 33 # - If an existing entry in minor_perm is having its 34 # attributes e.g. permissions, ownership changed, 35 # add it to the list produced by make_chattr_list below. 36 # 37 # - If an existing entry must be deleted, add it to 38 # the list produced by make_delete_list below. 39 # 40 # - If a new entry must be added to the file, add it to the 41 # list produced by make_add_list. 42 # 43 # - If a new entry is being added to minor_perm, but there 44 # may already be devices of that name on the system (e.g. 45 # we used the system default permissions in a previous release), 46 # and those old devices now need to have their attributes changed, 47 # add it to the make_chattr_list AND the make_add_list lists 48 # 49 50 # 51 # If an entry in /etc/minor_perm needs to have its attributes 52 # changed, identify the entry in the list copied to /etc/chattr.$$ 53 # by this function. The fields are: 54 # 55 # <device>:<minor> <old_attrs> <new_attrs> <optional list of logical 56 # devices whose attributes 57 # will need to be changed> 58 # 59 # where an <attribute list> := <perm> <user> <group> 60 # 61 62 make_chattr_list() { 63 cat > /tmp/chattr.$$ << EOF 64 audio:* 0666 root sys 0600 root sys /dev/sound/* 65 vol:volctl 0600 root sys 0666 root sys /dev/volctl 66 sad:user 0600 root sys 0666 root sys /dev/sad/user 67 se:* 0666 root sys 0600 uucp uucp /dev/cua/* 68 zs:* 0666 root sys 0600 uucp uucp /dev/cua/* 69 su:* 0666 root sys 0600 uucp uucp /dev/cua/* 70 ssd:* 0666 root sys 0640 root sys /dev/dsk/* /dev/rdsk/* 71 dad:* 0600 root sys 0640 root sys /dev/dsk/* /dev/rdsk/* 72 cpc:* 0600 root sys 0666 root sys /devices/pseudo/cpc* 73 log:conslog 0622 root sys 0666 root sys /dev/conslog 74 sy:tty 0666 root sys 0666 root tty /dev/tty 75 cvc:* 0666 root sys 0600 root sys 76 cvcredir:* 0666 root sys 0600 root sys 77 ssm:* 0600 root sys 0640 root sys /devices/ssm*:* 78 icmp:icmp 0600 root sys 0666 root sys /dev/rawip 79 icmp6:icmp6 0600 root sys 0666 root sys /dev/rawip6 80 ip:ip 0660 root sys 0666 root sys /dev/ip 81 ip6:ip6 0660 root sys 0666 root sys /dev/ip6 82 rts:rts 0660 root sys 0666 root sys /dev/rts 83 keysock:keysock 0600 root sys 0666 root sys /dev/keysock 84 ipsecah:ipsecah 0600 root sys 0666 root sys /dev/ipsecah 85 ipsecesp:ipsecesp 0600 root sys 0666 root sys /dev/ipsecesp 86 spdsock:spdsock 0600 root sys 0666 root sys /dev/spdsock 87 sad:admin 0600 root sys 0666 root sys /dev/sad/admin 88 fssnap:ctl 0600 root sys 0666 root sys /dev/fssnapctl 89 fssnap:* 0600 root sys 0640 root sys /dev/fssnap/* 90 clone:ce 0600 root sys 0666 root sys /dev/ce 91 clone:eri 0600 root sys 0666 root sys /dev/eri 92 clone:ge 0600 root sys 0666 root sys /dev/ge 93 clone:hme 0600 root sys 0666 root sys /dev/hme 94 clone:qfe 0600 root sys 0666 root sys /dev/qfe 95 clone:bge 0600 root sys 0666 root sys /dev/bge 96 clone:igb 0600 root sys 0666 root sys /dev/igb 97 clone:ixgbe 0600 root sys 0666 root sys /dev/ixgbe 98 clone:myri10ge 0600 root sys 0666 root sys /dev/myri10ge 99 clone:rge 0600 root sys 0666 root sys /dev/rge 100 clone:xge 0600 root sys 0666 root sys /dev/xge 101 clone:nge 0600 root sys 0666 root sys /dev/nge 102 clone:e1000g 0666 root root 0666 root sys /dev/e1000g 103 clone:chxge 0600 root sys 0666 root sys /dev/chxge 104 clone:vsw 0600 root sys 0666 root sys /dev/vsw 105 clone:vnet 0600 root sys 0666 root sys /dev/vnet 106 clone:pcwl 0600 root sys 0666 root sys /dev/pcwl 107 clone:pcan 0600 root sys 0666 root sys /dev/pcan 108 clone:afe 0600 root sys 0666 root sys /dev/afe 109 clone:mxfe 0600 root sys 0666 root sys /dev/mxfe 110 clone:rtls 0600 root sys 0666 root sys /dev/rtls 111 bge:* 0600 root sys 0666 root sys /dev/bge* 112 igb:* 0600 root sys 0666 root sys /dev/igb* 113 ixgbe:* 0600 root sys 0666 root sys /dev/ixgbe* 114 myri10ge:* 0600 root sys 0666 root sys /dev/myri10ge* 115 rge:* 0600 root sys 0666 root sys /dev/rge* 116 xge:* 0600 root sys 0666 root sys /dev/xge* 117 nge:* 0600 root sys 0666 root sys /dev/nge* 118 e1000g:* 0666 root root 0666 root sys /dev/e1000g* 119 chxge:* 0600 root sys 0666 root sys /dev/chxge* 120 vsw:* 0600 root sys 0666 root sys /dev/vsw* 121 vnet:* 0600 root sys 0666 root sys /dev/vnet* 122 pcwl:* 0600 root sys 0666 root sys /dev/pcwl* 123 pcan:* 0600 root sys 0666 root sys /dev/pcan* 124 clone:dmfe 0600 root sys 0666 root sys /dev/dmfe 125 dmfe:* 0600 root sys 0666 root sys /dev/dmfe* 126 afe:* 0600 root sys 0666 root sys /dev/afe* 127 mxfe:* 0600 root sys 0666 root sys /dev/mxfe* 128 rtls:* 0600 root sys 0666 root sys /dev/rtls* 129 ipf:* 0600 root sys 0666 root sys /dev/ipf 130 pfil:* 0600 root sys 0666 root sys /dev/pfil 131 scsi_vhci:devctl 0600 root sys 0666 root sys /devices/scsi_vhci:devctl 132 fbt:fbt 0600 root sys 0644 root sys /dev/dtrace/provider/fbt 133 lockstat:* 0600 root sys 0644 root sys /dev/dtrace/provider/lockstat 134 profile:profile 0600 root sys 0644 root sys /dev/dtrace/provider/profile 135 sdt:sdt 0600 root sys 0644 root sys /dev/dtrace/provider/sdt 136 systrace:systrace 0600 root sys 0644 root sys /dev/dtrace/provider/systrace 137 EOF 138 } 139 140 141 # 142 # If an entry in /etc/minor_perm needs to be deleted, identify 143 # the entry in the list copied to /etc/delete.$$ by this function. 144 # The fields are: 145 # 146 # <device>:<minor> <optional list of logical devices to be deleted> 147 # 148 149 make_delete_list() { 150 cat > /tmp/delete.$$ << EOF 151 mm:mbio /dev/mbio /devices/pseudo/mm:mbio 152 mm:mbmem /dev/mbmem /devices/pseudo/mm:mbmem 153 clone:amd,0,aux,audio 154 sw:drum 155 rip:rawip 156 zs:* 157 consfb:consfb 158 win:* 159 rtvc:* 160 gt:* 161 mic:* 162 cgeight-p4:* 163 cgfour:* 164 cgtwo:* 165 id:* 166 xd:* 167 xt:* 168 xy:* 169 ie:* 170 be:* 171 se:ucm 172 se:ucmctl 173 clone:arp 174 clone:icmp 175 clone:ip 176 clone:tcp 177 clone:udp 178 clone:rts 179 clone:ipsecah 180 clone:ipsecesp 181 clone:keysock 182 clone:le 183 clone:pcelx 184 su:* 185 profile:profile 186 clone:qe 187 cgfourteen:* 188 cgeight:* 189 SUNW,sx:* 190 sx_cmem:* 191 stc:* 192 dbri:* 193 SUNW,DBRId:* 194 SUNW,DBRIe:* 195 SUNW,DBRIf:* 196 pcelx:* 197 vni:* 198 EOF 199 } 200 201 # 202 # If an entry needs to be added to /etc/minor_perm, add the first 203 # field of the entry to the list created by this function. The 204 # remainder of the entry will be extracted from the /etc/minor_perm 205 # in the package being installed, so it is not necessary to supply 206 # it here. 207 # 208 209 make_add_list() { 210 cat > /tmp/add.$$ << EOF 211 clone:llc1 212 stc:* 213 mcpzsa:* 214 mcpp:* 215 vol:volctl 216 tl:* 217 tnf:tnfctl 218 tnf:tnfmap 219 zs:[a-z] 220 zs:[a-z],cu 221 sad:user 222 se:* 223 su:[a-z] 224 su:[a-z],cu 225 su:ssp 226 su:sspctl 227 fdthree:* 228 ssd:* 229 dad:* 230 pm:* 231 tod:* 232 SUNW,pmc:* 233 SUNW,mic:* 234 SUNW,fas:devctl 235 cvc:* 236 cvcredir:* 237 devinfo:devinfo 238 envctrltwo:* 239 se:[a-h] 240 se:[a-h],cu 241 se:[0-7],hdlc 242 se:ssp 243 se:sspctl 244 clone:hme 245 clone:eri 246 wc:* 247 arp:arp 248 icmp:icmp 249 icmp6:icmp6 250 ip:ip 251 ip6:ip6 252 ipnet:lo0 253 tcp:tcp 254 tcp6:tcp6 255 udp:udp 256 udp6:udp6 257 rts:rts 258 poll:* 259 pool:pool 260 pool:poolctl 261 cpc:shared 262 sysmsg:msglog 263 sysmsg:sysmsg 264 ipsecah:ipsecah 265 ipsecesp:ipsecesp 266 keysock:keysock 267 spdsock:spdsock 268 devinfo:devinfo,ro 269 lofi:* 270 lofi:ctl 271 sgen:* 272 fssnap:* 273 fssnap:ctl 274 pcf8574:* 275 pcf8591:* 276 gpio_87317:* 277 rsm:* 278 random:* 279 mm:allkmem 280 ssm:* 281 bscv:* 282 clone:bge 283 clone:igb 284 clone:ixgbe 285 clone:myri10ge 286 clone:rge 287 clone:xge 288 clone:nge 289 clone:e1000g 290 clone:chxge 291 clone:vsw 292 clone:vnet 293 clone:pcwl 294 clone:pcan 295 clone:afe 296 clone:mxfe 297 clone:rtls 298 bge:* 299 igb:* 300 ixgbe:* 301 myri10ge:* 302 rge:* 303 xge:* 304 nge:* 305 e1000g:* 306 chxge:* 307 vsw:* 308 vnet:* 309 pcwl:* 310 pcan:* 311 afe:* 312 mxfe:* 313 rtls:* 314 clone:dmfe 315 dmfe:* 316 clone:ibd 317 ibd:* 318 sysevent:* 319 ramdisk:* 320 ramdisk:ctl 321 cryptoadm:cryptoadm 322 crypto:crypto 323 dtrace:* 324 fasttrap:fasttrap 325 ipf:* 326 pfil:* 327 bl:* 328 sctp:* 329 sctp6:* 330 dlpistub:* 331 cpuid:self 332 ntwdt:* 333 dld:* 334 mdesc:* 335 zfs:* 336 zfs:zfs 337 scsi_vhci:* 338 kssl:* 339 fbt:fbt 340 profile:profile 341 sdt:sdt 342 softmac:* 343 systrace:systrace 344 physmem:* 345 smbsrv:* 346 vscan:* 347 nsmb:* 348 bmc:bmc 349 iptunq:* 350 fm:* 351 clone:bridge 352 EOF 353 } 354 355 PATH="/sbin:/usr/sbin:/usr/bin:/usr/sadm/install/bin" 356 export PATH 357 358 # Internal routine to create a sed script which can be used to 359 # escape all shell globbing metacharacters in a path. 360 361 create_esc_sedscript() 362 { 363 cat > /tmp/esc.sed.$$ << EOF 364 s/\*/\\\\*/g 365 s/\?/\\\\?/g 366 s/\[/\\\\[/g 367 s/\]/\\\\]/g 368 EOF 369 } 370 371 # Internal routine to convert an entry in a /tmp/chwhatever.$$ file to 372 # an appropriately escaped pattern which can be used to grep into minor_perm. 373 374 entry2pattern() 375 { 376 # the first argument is the 'key' field from the change file. 377 # entries can contain shell globbing characters to match 378 # several devices - hence all the palaver below. 379 380 printf '%s' `echo "$1" | sed \ 381 -e 's/\*/\\\\*/g' -e 's/\?/\\\\?/g' \ 382 -e 's/\./\\\\./g' -e 's/\[/\\\\[/g' \ 383 -e 's/\]/\\\\]/g'` 384 shift 385 386 # the remaining optional arguments are tokens separated by white-space 387 388 if [ $# = 0 ] ; then 389 printf '[ \t]' 390 else 391 while [ -n "$1" ] 392 do 393 printf '[ \t][ \t]*%s' $1 394 shift 395 done 396 printf '[ \t]*$' 397 fi 398 } 399 400 while read src dest 401 do 402 if [ ! -f $dest ] ; then 403 cp $src $dest 404 else 405 rm -f /tmp/*.$$ 406 create_esc_sedscript 407 make_chattr_list 408 make_delete_list 409 make_add_list 410 411 # 412 # Process the list of devices whose attributes are to be 413 # changed. Find those that actually need to be 414 # applied to the file. For each change that needs 415 # to be applied, add an entry for it to the sed 416 # script that will eventually be applied to the 417 # currently-installed /etc/minor_perm file. Also, 418 # add an entry to the /tmp/chdevs.$$ file, which 419 # contains the list of logical names of devices 420 # whose permissions need to be changed. 421 # 422 423 cat /tmp/chattr.$$ | \ 424 while read key oldp oldu oldg newp newu newg chdevs 425 do 426 do_chdevs=no 427 428 # 429 # First determine whether the device entry 430 # is already in the file, but with the old 431 # permissions. If so, the entry needs to be 432 # modified and the devices in the chdevs list 433 # need to have their permissions and ownerships 434 # changed. 435 # 436 grepstr=`entry2pattern "${key}" $oldp $oldu $oldg` 437 if grep "$grepstr" $dest > /dev/null 2>&1; then 438 echo "s/${grepstr}/$key $newp $newu $newg/" \ 439 >> /tmp/sedscript.$$ 440 do_chdevs=yes 441 fi 442 443 # 444 # Now determine whether the device entry is 445 # in the file at all. If not, it is a new 446 # entry, but there may already be devices 447 # on the system whose permissions need to 448 # be changed. 449 # 450 grepstr=`entry2pattern "${key}"` 451 grep "${grepstr}" $dest > /dev/null 2>&1 452 if [ $? != 0 ] ; then 453 do_chdevs=yes 454 fi 455 456 if [ $do_chdevs = yes -a "$chdevs" != "" ] ; then 457 xchdevs=`echo "$chdevs" | \ 458 sed -f /tmp/esc.sed.$$` 459 for m in $xchdevs ; do 460 echo "$m" $oldp $oldu $oldg \ 461 $newp $newu $newg >> /tmp/chdevs.$$ 462 done 463 fi 464 done 465 466 # 467 # Make sure /dev/volctl gets its permissions corrected. 468 # (systems upgraded from 2.2 to 2.3 may have a correct 469 # entry for /dev/volctl in the /etc/minor_perm file 470 # but the actual /dev/volctl node may have the wrong 471 # permissions.) 472 # 473 474 echo /dev/volctl 0600 root sys 0666 root sys >> /tmp/chdevs.$$ 475 476 if [ -s /tmp/chdevs.$$ ] ; then 477 sort -u /tmp/chdevs.$$ > /tmp/tmp.$$ 478 mv /tmp/tmp.$$ /tmp/chdevs.$$ 479 fi 480 481 # 482 # Process the list of devices to be deleted. 483 # Find those that actually need to be deleted 484 # from the file. For each entry to be deleted, 485 # add an entry for it to the sed script that will 486 # eventually be applied to the currently-installed 487 # /etc/minor_perm file. Also, add an entry to the 488 # /tmp/deldevs.$$ file, which contains the list of 489 # logical names of devices to be deleted. 490 # 491 492 cat /tmp/delete.$$ | while read key deldevs 493 do 494 grepstr=`entry2pattern "${key}"` 495 if grep "$grepstr" $dest > /dev/null 2>&1; then 496 echo "/${grepstr}/d" >> /tmp/sedscript.$$ 497 if [ "$deldevs" != "" ] ; then 498 xdeldevs=`echo "$deldevs" | \ 499 sed -f /tmp/esc.sed.$$` 500 for m in $xdeldevs ; do 501 echo "$m" >> /tmp/deldevs.$$ 502 done 503 fi 504 fi 505 done 506 if [ -s /tmp/deldevs.$$ ] ; then 507 sort -u /tmp/deldevs.$$ > /tmp/tmp.$$ 508 mv /tmp/tmp.$$ /tmp/deldevs.$$ 509 fi 510 511 # 512 # Apply the sed script built above to the 513 # currently-installed /etc/minor_perm file. 514 # 515 516 if [ -s /tmp/sedscript.$$ ] ; then 517 sed -f /tmp/sedscript.$$ $dest > /tmp/tmp.$$ 518 cp /tmp/tmp.$$ $dest 519 fi 520 521 # 522 # Special case code to handle bug in 2.1, 2.2, and 523 # early 2.3 releases: the link from /dev/sound/* 524 # has one extra set of "../"'s in the link. This 525 # doesn't cause problems in normal operation 526 # because ".."'s that would take the search path 527 # higher than the real root are ignored. However, 528 # during upgrade, when the system being upgraded is 529 # mounted at /a, the extra ".." in the link causes 530 # the link to be unresolvable. The link must be 531 # corrected so that the chmod of /dev/sound/* 532 # works. 533 # 534 535 if [ "$PKG_INSTALL_ROOT" != "" -a "$PKG_INSTALL_ROOT" != "/" ] 536 then 537 for i in $PKG_INSTALL_ROOT/dev/sound/* ; do 538 if [ "$i" = "$PKG_INSTALL_ROOT/dev/sound/*" ] 539 then 540 break; 541 fi 542 543 # if it's not a symlink, continue 544 if [ ! -h $i ] ; then 545 continue 546 fi 547 548 ls -L $i >/dev/null 2>&1 549 if [ $? = 0 ] ; then 550 # link is already OK 551 continue 552 fi 553 554 # otherwise, link can't be followed 555 556 # build the correct link 557 link=`ls -l $i | sed 's,.* ,,'` 558 link=`expr $link : '\.\.\/\(.*\)'` 559 if [ "$link" = "" ] ; then 560 continue; 561 fi 562 563 # build a test link 564 rm -f $PKG_INSTALL_ROOT/dev/sound/test.$$ 565 ln -s $link $PKG_INSTALL_ROOT/dev/sound/test.$$ 566 567 # test the link 568 ls -L $PKG_INSTALL_ROOT/dev/sound/test.$$ \ 569 >/dev/null 2>&1 570 571 # it worked, so replace old link with new 572 if [ $? = 0 ] ; then 573 rm -f $i 574 ln -s $link $i 575 fi 576 rm -f $PKG_INSTALL_ROOT/dev/sound/test.$$ 577 done 578 fi 579 580 # For all entries in minor_perm whose attributes had 581 # to be corrected, correct the relevant attributes of the 582 # already-existing devices that correspond to those 583 # entries. 584 # 585 if [ -s /tmp/chdevs.$$ -a "$PKG_INSTALL_ROOT" != "" -a \ 586 "$PKG_INSTALL_ROOT" != "/" ] ; then 587 cat /tmp/chdevs.$$ |\ 588 while read device oldp oldu oldg newp newu newg 589 do 590 # 591 # Note that we take pains -only- to change 592 # the permission/ownership of devices that 593 # have kept their original permissions. 594 # 595 for dev in $PKG_INSTALL_ROOT/$device; do 596 find $dev -follow -perm $oldp -exec \ 597 chmod $newp $dev \; >/dev/null 2>&1 598 find $dev -follow -user $oldu -exec \ 599 chown $newu $dev \; >/dev/null 2>&1 600 find $dev -follow -group $oldg -exec \ 601 chgrp $newg $dev \; >/dev/null 2>&1 602 done 603 done 604 fi 605 606 # 607 # For all entries in minor_perm that were deleted, 608 # remove the /dev entries that point to device nodes 609 # that correspond to those entries. 610 # 611 if [ -s /tmp/deldevs.$$ -a "$PKG_INSTALL_ROOT" != "" -a \ 612 "$PKG_INSTALL_ROOT" != "/" ] ; then 613 cat /tmp/deldevs.$$ | while read device 614 do 615 rm -f $PKG_INSTALL_ROOT/$device 616 done 617 fi 618 619 620 cat /tmp/add.$$ | while read key 621 do 622 grepstr=`entry2pattern "${key}"` 623 grep "$grepstr" $dest > /dev/null 2>&1 624 if [ $? != 0 ] ; then 625 grep "$grepstr" $src >> $dest 626 fi 627 done 628 629 rm -f /tmp/*.$$ 630 fi 631 done 632 633 exit 0 634 635
Indexes created Wed Feb 10 08:45:31 UTC 2010
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Site Map |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
© 2010, Oracle Corporation and/or its affiliates
