1 #!/bin/sh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 # Copyright 2006 Sun Microsystems, Inc. All rights reserved. 23 # Use is subject to license terms. 24 # 25 #ident "%Z%%M% %I% %E% SMI" 26 # 27 28 CLEANUP=/tmp/CLEANUP 29 30 write_ipnodes_message() { 31 echo '\nThe ipnodes policy has been changed to match the hosts' >> $1 32 echo 'policy. Please review the changes to the ipnodes policy' >> $1 33 echo 'in the /etc/nsswitch.conf file and refer to the Solaris' >> $1 34 echo 'Naming Administration Guide for more information' >> $1 35 echo 'about these changes.\n' >> $1 36 } 37 38 write_sed_script() { 39 cat > /tmp/sed.scr.$$ << EOF 40 /hosts:[ ]*nisplus[ ][ ]*dns/i\\ 41 #You must also set up the /etc/resolv.conf file for DNS name\\ 42 #server lookup. See resolv.conf(4). 43 EOF 44 } 45 46 write_ipnodes_sed_script() { 47 cat > /tmp/sed.scr.$$ << EOF 48 # original hosts entry 49 /^hosts:/p 50 # match ipnodes entry to hosts entry 51 s/^hosts: /ipnodes:/ 52 53 # Add a commented out line for ipnodes in the example for adding DNS 54 # and update the comment found in nsswitch.conf, based on nsswitch.nisplus. 55 s/#Uncomment the following line/#Uncomment the following two lines/ 56 /^#hosts:/p 57 s/^#hosts:/#ipnodes:/ 58 59 # add ipnodes comment before ipnodes policy 60 /^ipnodes:/i\\ 61 # Note that IPv4 addresses are searched for in all of the ipnodes databases\\ 62 # before searching the hosts databases. 63 EOF 64 } 65 66 change_ipnodes_sed_script() { 67 cat > /tmp/sed.scr.$$ << EOF 68 69 # find ipnodes comment and delete 70 /^# Uncomment the following line and comment out the above to resolve/d 71 /^# both IPv4 and IPv6 addresses from the ipnodes databases. Note that/d 72 /^# IPv4 addresses are searched in all of the ipnodes databases before/d 73 /^# searching the hosts databases. Before turning this option on, consult/d 74 /^# the Network Administration Guide for more details on using IPv6./d 75 /^#ipnodes:/d 76 77 # Add a commented out line for ipnodes in the example for adding DNS 78 # and update the comment found in nsswitch.conf, based on nsswitch.nisplus. 79 s/#Uncomment the following line/#Uncomment the following two lines/ 80 /^#hosts:/p 81 s/^#hosts:/#ipnodes:/ 82 83 # add new ipnodes comment before ipnodes policy 84 /^ipnodes:/i\\ 85 # Note that IPv4 addresses are searched for in all of the ipnodes databases\\ 86 # before searching the hosts databases. 87 EOF 88 } 89 90 while read src dest 91 do 92 if [ ! -f $dest ] ; then 93 cp $src $dest 94 else 95 grep '/etc/nsswitch.nisplus' $dest > /dev/null 2>&1 96 if [ $? = 0 ] ; then 97 grep 'You must also set up the /etc/resolv.conf' \ 98 $dest > /dev/null 2>&1 99 if [ $? != 0 ]; then 100 write_sed_script 101 sed -f /tmp/sed.scr.$$ $dest > /tmp/d.$$ 102 cp /tmp/d.$$ $dest 103 rm -f /tmp/d.$$ /tmp/sed.scr.$$ 104 fi 105 fi 106 grep 'nametoaddr_libs of' $dest > /dev/null 2>&1 107 if [ $? != 0 ]; then 108 cat $dest | \ 109 sed -e 's/# "hosts:" and "services:" in this file are used only if the \/etc\/netconfig.*/# "hosts:" and "services:" in this file are used only if the/' \ 110 -e 's/# file contains "switch.so" as a nametoaddr library for/# \/etc\/netconfig file has a "-" for nametoaddr_libs of/' > /tmp/d2.$$ 111 cp /tmp/d2.$$ $dest 112 rm -f /tmp/d2.$$ 113 fi 114 115 # 116 # If the file contains "xfn" in the "hosts:" line, omit it. 117 # The support for "xfn" has been removed 118 # 119 grep xfn $dest > /dev/null 2>&1 120 if [ $? = 0 ]; then 121 sed '/hosts:/s/xfn[ ]*//' $dest > /tmp/d.$$ 122 cp /tmp/d.$$ $dest 123 rm -f /tmp/d.$$ 124 fi 125 126 # If the file doesn't have a "printers" database entry, add 127 # an appropriate entry. Default to everything if we can't 128 # figure out what is appropriate. 129 grep printers: $dest > /dev/null 2>&1 130 if [ $? != 0 ]; then 131 PRINTERS="files nis ldap nisplus" 132 egrep '/etc/nsswitch\.(dns|files)' $dest >/dev/null 2>&1 133 if [ $? = 0 ] ; then 134 PRINTERS="files" 135 fi 136 grep '/etc/nsswitch.nis' $dest >/dev/null 2>&1 137 if [ $? = 0 ] ; then 138 PRINTERS="files nis" 139 fi 140 grep '/etc/nsswitch.ldap' $dest >/dev/null 2>&1 141 if [ $? = 0 ] ; then 142 PRINTERS="files ldap" 143 fi 144 grep '/etc/nsswitch.nisplus' $dest >/dev/null 2>&1 145 if [ $? = 0 ] ; then 146 PRINTERS="nisplus files" 147 fi 148 echo "printers: user ${PRINTERS}" >>$dest 149 else 150 # 151 # If the file contains "xfn" in the "printers:" line, 152 # omit it. The support for "xfn" has been removed 153 # 154 grep xfn $dest > /dev/null 2>&1 155 if [ $? = 0 ]; then 156 sed '/printers:/s/xfn[ ]*//' $dest > /tmp/d.$$ 157 cp /tmp/d.$$ $dest 158 rm -f /tmp/d.$$ 159 fi 160 fi 161 162 # 163 # If not there, add "ipnodes:" databases for unified host 164 # addresses. In all cases except the simple "hosts: files" one, 165 # add an ipnodes policy that matches the "hosts" policy and a 166 # comment regarding the search order of the "ipnodes" and 167 # "hosts" databases. All of this is followed by a blank line. 168 # 169 grep -s 'ipnodes:' $dest > /dev/null 2>&1 170 if [ $? != 0 ] ; then 171 grep -s '^hosts:[ ]*files[ ]*$' $dest \ 172 > /dev/null 2>&1 173 if [ $? = 0 ]; then 174 sed '/^hosts:/p;s/^hosts.*/ipnodes: files/' \ 175 $dest > /tmp/d.$$ 176 if [ $? = 0 ]; then 177 cp /tmp/d.$$ $dest 178 fi 179 else 180 write_ipnodes_sed_script 181 sed -f /tmp/sed.scr.$$ $dest > /tmp/d.$$ 182 if [ $? = 0 ]; then 183 cp /tmp/d.$$ $dest 184 fi 185 rm -f /tmp/sed.scr.$$ 186 fi 187 rm -f /tmp/d.$$ 188 else 189 # 190 # The ipnodes policy is there (post S8), we just need 191 # to update the ipnodes policy to match the hosts 192 # policy. 193 # 194 grep -s '^hosts:[ ]*files[ ]*$' $dest \ 195 > /dev/null 2>&1 196 if [ $? != 0 ]; then 197 # 198 # find ipnodes entry, delete it and replace it 199 # with one matching the hosts policy. Do this 200 # only if it's not been changed. 201 # 202 grep -s '^ipnodes:[ ]*files[ ]*$' \ 203 $dest > /dev/null 2>&1 204 if [ $? = 0 ]; then 205 sed -e '/^ipnodes:[ ]*files*$/d' \ 206 -e '/^hosts:/p' \ 207 -e 's/^hosts: /ipnodes:/' $dest \ 208 > /tmp/d.$$ 209 if [ $? = 0 ]; then 210 cp /tmp/d.$$ $dest 211 fi 212 if [ "$UPDATE" = yes ]; then 213 write_ipnodes_message $CLEANUP 214 fi 215 rm -f /tmp/d.$$ 216 fi 217 # 218 # Now clean up the comments, if they haven't 219 # already been cleaned. 220 # 221 grep -s '^# Note that IPv4 addresses' \ 222 $dest > /dev/null 2>&1 223 if [ $? != 0 ]; then 224 change_ipnodes_sed_script 225 sed -f /tmp/sed.scr.$$ $dest > /tmp/d.$$ 226 if [ $? = 0 ]; then 227 cp /tmp/d.$$ $dest 228 fi 229 rm -f /tmp/sed.scr.$$ /tmp/d.$$ 230 fi 231 fi 232 fi 233 234 #role-based access control databases 235 # Solaris 8 Beta refresh had audit_user, exec_attr and 236 # user_attr entries for dns, files, nis, nis+ and ldap. 237 # Remove them if they are present 238 sed -e '/^# role-based access control/d'\ 239 -e '/^exec_attr:/d' \ 240 -e '/^user_attr:/d' \ 241 -e '/^# audit/d' \ 242 -e '/^audit_user:/d' \ 243 $dest > /tmp/d.$$ 244 cp /tmp/d.$$ $dest 245 rm -f /tmp/d.$$ 246 # If the file doesn't have user attr database entries, add 247 # appropriate entries. Default to everything if we can't 248 # figure out what is appropriate. 249 for DB in auth_attr prof_attr 250 do 251 grep $DB: $dest > /dev/null 2>&1 252 if [ $? != 0 ]; then 253 ATTR="files nis nisplus ldap" 254 egrep '/etc/nsswitch\.(dns|files)' $dest >\ 255 /dev/null 2>&1 256 if [ $? = 0 ] ; then 257 ATTR="files" 258 fi 259 grep '/etc/nsswitch.nis' $dest >/dev/null 2>&1 260 if [ $? = 0 ] ; then 261 ATTR="files nis" 262 fi 263 grep '/etc/nsswitch.nisplus' $dest >/dev/null \ 264 2>&1 265 if [ $? = 0 ] ; then 266 ATTR="files nisplus" 267 fi 268 echo "${DB}: ${ATTR}" >> $dest 269 grep '/etc/nsswitch.ldap' $dest >/dev/null \ 270 2>&1 271 if [ $? = 0 ] ; then 272 ATTR="files ldap" 273 fi 274 echo "${DB}: ${ATTR}" >> $dest 275 fi 276 done 277 278 # If the file doesn't have a "project" database entry, add 279 # an appropriate entry. Default to "files" if we can't 280 # figure out what is appropriate. 281 grep project: $dest > /dev/null 2>&1 282 if [ $? != 0 ]; then 283 PROJECT="files" 284 egrep '/etc/nsswitch\.(dns|files)' $dest >/dev/null 2>&1 285 if [ $? = 0 ] ; then 286 PROJECT="files" 287 fi 288 grep '/etc/nsswitch.nis' $dest >/dev/null 2>&1 289 if [ $? = 0 ] ; then 290 PROJECT="files nis" 291 fi 292 grep '/etc/nsswitch.ldap' $dest >/dev/null 2>&1 293 if [ $? = 0 ] ; then 294 PROJECT="files ldap" 295 fi 296 echo "project: ${PROJECT}" >>$dest 297 fi 298 299 # sendmailvars bites the dust in S10 300 sed -e '/^sendmailvars:/d' $dest > /tmp/d.$$ 301 cp /tmp/d.$$ $dest 302 rm -f /tmp/d.$$ 303 304 # If the file doesn't have Trusted Extensions networking 305 # database (TNdb) entries, add appropriate entries. 306 # TNdb entries is not supported in nis/nisplus, So avoid 307 # appending these entries in /etc/nsswitch.conf. 308 # And for rest of the name services append these TNdb entries 309 # according to name service. 310 egrep '/etc/nsswitch.(nis|nisplus)' $dest >\ 311 /dev/null 2>&1 312 if [ $? != 0 ] ; then 313 for DB in tnrhtp tnrhdb 314 do 315 grep $DB: $dest > /dev/null 2>&1 316 if [ $? != 0 ]; then 317 ATTR="files ldap" 318 egrep '/etc/nsswitch\.(dns|files)' $dest >\ 319 /dev/null 2>&1 320 if [ $? = 0 ] ; then 321 ATTR="files" 322 fi 323 grep '/etc/nsswitch.ldap' $dest >/dev/null \ 324 2>&1 325 if [ $? = 0 ] ; then 326 ATTR="files ldap" 327 fi 328 echo "${DB}: ${ATTR}" >> $dest 329 fi 330 done 331 fi 332 fi 333 done 334 335 exit 0 336
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.