1 #!/bin/ksh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 23 # 24 # Copyright 2009 Sun Microsystems, Inc. All rights reserved. 25 # Use is subject to license terms. 26 # 27 # Upgrade a machine from a cpio archive area in about 5 minutes. 28 # By Roger Faulkner and Jeff Bonwick, April 1993. 29 # (bfu == Bonwick/Faulkner Upgrade, a.k.a. Blindingly Fast Upgrade) 30 # 31 # Usage: bfu [-f] <archive_dir> [root-dir] # for normal machines 32 # bfu -c [-f] <archive_dir> <exec-dir> # for diskless clients 33 # 34 # The -f flag is to override the built-in safety check which requires 35 # that the starting-point OS be a least a certain revision. 36 # 37 # You have to be super-user. It's safest to run this from the 38 # system console, although I've run it under OW and even via 39 # remote login with no problems. 40 # 41 # You will have to reboot the system when the upgrade is complete. 42 # 43 # You should add any administrative files you care about to this list. 44 # Warning: there had better be no leading '/' on any of these filenames. 45 46 # 47 # The CDPATH variable causes ksh's `cd' builtin to emit messages to stdout 48 # under certain circumstances, which can really screw things up; unset it. 49 # 50 unset CDPATH 51 52 export LC_ALL="C" 53 54 if [ -z "$GATEPATH" ]; then 55 GATEPATH=/ws/onnv-gate 56 test -d $GATEPATH || GATEPATH=/net/onnv.eng/export/onnv-gate 57 fi 58 export GATE=${GATEPATH} 59 export ARCHIVE=${ARCHIVEPATH:-${GATEPATH}} 60 61 # 62 # NOTE: Entries in *_files must expand to either the exact files required, 63 # or to directories that will be scoured for files. Any directories 64 # (and subdirectories) resulting from a wildcard expansion will be 65 # fully recursed by BFU's searching for files. (E.g. /etc/inet/* will 66 # include all files in any of its directories, as well as any files in 67 # /etc/inet/ itself. 68 # 69 # These lists should really be generated automatically from the 70 # pkgmap(4) metadata. 71 # 72 73 # 74 # First list: files to be saved in global and non-global zones. 75 # 76 all_zones_files=" 77 etc/.login 78 etc/acct/holidays 79 etc/auto_* 80 etc/cron.d/at.deny 81 etc/cron.d/cron.deny 82 etc/crypto/pkcs11.conf 83 etc/default/* 84 etc/dev/reserved_devnames 85 etc/dfs/dfstab 86 etc/dumpdates 87 etc/ftpd/* 88 etc/ftpusers 89 etc/group 90 etc/gss/gsscred.conf 91 etc/gss/mech 92 etc/gss/qop 93 etc/inet/* 94 etc/init.d/* 95 etc/inittab 96 etc/ipf/ipf.conf 97 etc/iu.ap 98 etc/krb5/kadm5.acl 99 etc/krb5/kdc.conf 100 etc/krb5/kpropd.acl 101 etc/krb5/krb5.conf 102 etc/krb5/warn.conf 103 etc/ksh.kshrc 104 etc/logadm.conf 105 etc/logindevperm 106 etc/lp/Systems 107 etc/mail/*.cf 108 etc/mail/*.hf 109 etc/mail/*.rc 110 etc/mail/aliases 111 etc/mail/helpfile 112 etc/mail/local-host-names 113 etc/mail/trusted-users 114 etc/named.conf 115 etc/net/*/services 116 etc/netconfig 117 etc/nfs/nfslog.conf 118 etc/nfssec.conf 119 etc/nscd.conf 120 etc/nsswitch.* 121 etc/pam.conf 122 etc/passwd 123 etc/policy.conf 124 etc/printers.conf 125 etc/profile 126 etc/project 127 etc/publickey 128 etc/remote 129 etc/resolv.conf 130 etc/rmmount.conf 131 etc/rpc 132 etc/rpld.conf 133 etc/saf/_sactab 134 etc/saf/_sysconfig 135 etc/saf/zsmon/_pmtab 136 etc/security/audit_class 137 etc/security/audit_control 138 etc/security/audit_event 139 etc/security/audit_startup 140 etc/security/audit_user 141 etc/security/audit_warn 142 etc/security/auth_attr 143 etc/security/crypt.conf 144 etc/security/exec_attr 145 etc/security/policy.conf 146 etc/security/prof_attr 147 etc/sfw/openssl/openssl.cnf 148 etc/shadow 149 etc/skel/.profile 150 etc/skel/local.* 151 etc/ssh/ssh_config 152 etc/ssh/sshd_config 153 etc/syslog.conf 154 etc/ttydefs 155 etc/ttysrch 156 etc/user_attr 157 etc/uucp/[A-Z]* 158 etc/vfstab 159 var/smb/* 160 var/spool/cron/crontabs/* 161 var/yp/Makefile 162 var/yp/aliases 163 var/yp/nicknames 164 " 165 166 # 167 # Second list: files to be saved in the global zone only. 168 # 169 global_zone_only_files=" 170 boot/grub/menu.lst 171 boot/solaris/bootenv.rc 172 boot/solaris/devicedb/master 173 boot/solaris/filelist.ramdisk 174 etc/aggregation.conf 175 etc/bootrc 176 etc/crypto/kcf.conf 177 etc/devlink.tab 178 etc/dladm/* 179 etc/driver_aliases 180 etc/driver_classes 181 etc/lvm/devpath 182 etc/lvm/lock 183 etc/lvm/md.cf 184 etc/lvm/md.ctlrmap 185 etc/lvm/md.tab 186 etc/lvm/mddb.cf 187 etc/lvm/runtime.cf 188 etc/mach 189 etc/minor_perm 190 etc/name_to_major 191 etc/name_to_sysnum 192 etc/nca/nca.if 193 etc/nca/ncakmod.conf 194 etc/nca/ncalogd.conf 195 etc/nca/ncaport.conf 196 etc/openwin/server/etc/OWconfig 197 etc/path_to_inst 198 etc/power.conf 199 etc/ppp/chap-secrets 200 etc/ppp/options 201 etc/ppp/pap-secrets 202 etc/security/device_policy 203 etc/security/extra_privs 204 etc/security/tsol/devalloc_defaults 205 etc/security/tsol/label_encodings 206 etc/security/tsol/relabel 207 etc/security/tsol/tnrhdb 208 etc/security/tsol/tnrhtp 209 etc/security/tsol/tnzonecfg 210 etc/system 211 etc/zones/index 212 kernel/drv/aac.conf 213 kernel/drv/elxl.conf 214 kernel/drv/emlxs.conf 215 kernel/drv/fp.conf 216 kernel/drv/iscsi.conf 217 kernel/drv/md.conf 218 kernel/drv/mpt.conf 219 kernel/drv/mpt_sas.conf 220 kernel/drv/options.conf 221 kernel/drv/pmcs.conf 222 kernel/drv/qlc.conf 223 kernel/drv/ra.conf 224 kernel/drv/scsa2usb.conf 225 kernel/drv/scsi_vhci.conf 226 kernel/drv/sd.conf 227 kernel/drv/ssd.conf 228 platform/*/kernel/drv/*ppm.conf 229 platform/i86pc/kernel/drv/aha.conf 230 platform/i86pc/kernel/drv/asy.conf 231 platform/sun4u/boot.conf 232 " 233 234 # 235 # Third list: files extracted from generic.root but which belong in the global 236 # zone only: they are superfluous (and some even harmful) in nonglobal zones. 237 # 238 # (note: as /etc/init.d scripts are converted to smf(5) "Greenline" services, 239 # they (and their /etc/rc?.d hardlinks) should be removed from this list when 240 # they are added to smf_obsolete_rc_files, below) 241 # 242 superfluous_nonglobal_zone_files=" 243 dev/dsk 244 dev/fd 245 dev/pts 246 dev/rdsk 247 dev/rmt 248 dev/stderr 249 dev/stdin 250 dev/stdout 251 dev/swap 252 dev/term 253 dev/vt 254 devices 255 etc/dacf.conf 256 etc/dat 257 etc/default/metassist.xml 258 etc/default/power 259 etc/flash/postdeployment/svm.cleanup 260 etc/flash/predeployment/svm.save 261 etc/inet/ipqosconf.1.sample 262 etc/inet/ipqosconf.2.sample 263 etc/inet/ipqosconf.3.sample 264 etc/inet/sock2path 265 etc/init.d/devlinks 266 etc/init.d/dodatadm.udaplt 267 etc/init.d/drvconfig 268 etc/init.d/llc2 269 etc/init.d/ncakmod 270 etc/init.d/ncalogd 271 etc/init.d/pcmcia 272 etc/init.d/pppd 273 etc/init.d/wrsmcfg 274 etc/llc2 275 etc/lvm 276 etc/nca 277 etc/openwin 278 etc/ppp 279 etc/rc0.d/K34ncalogd 280 etc/rc0.d/K50pppd 281 etc/rc0.d/K52llc2 282 etc/rc1.d/K34ncalogd 283 etc/rc1.d/K50pppd 284 etc/rc1.d/K52llc2 285 etc/rc2.d/S40llc2 286 etc/rc2.d/S42ncakmod 287 etc/rc2.d/S47pppd 288 etc/rc2.d/S81dodatadm.udaplt 289 etc/rc2.d/S94ncalogd 290 etc/rcS.d/K34ncalogd 291 etc/rcS.d/K44wrsmcfg 292 etc/rcS.d/K50pppd 293 etc/rcS.d/K52llc2 294 etc/rcS.d/S29wrsmcfg 295 etc/rcm 296 etc/sock2path 297 etc/usb 298 etc/wrsm 299 etc/zones 300 kernel 301 lib/libmeta.so 302 lib/libmeta.so.1 303 lib/svc/method/devices-audio 304 lib/svc/method/fc-fabric 305 lib/svc/method/iscsi-initiator 306 lib/svc/method/ldoms-agents 307 lib/svc/method/npivconfig 308 lib/svc/method/sf880dr 309 lib/svc/method/svc-cvcd 310 lib/svc/method/svc-dcs 311 lib/svc/method/svc-drd 312 lib/svc/method/svc-dscp 313 lib/svc/method/svc-dumpadm 314 lib/svc/method/svc-fcoei 315 lib/svc/method/svc-fcoet 316 lib/svc/method/svc-intrd 317 lib/svc/method/svc-hal 318 lib/svc/method/svc-labeld 319 lib/svc/method/svc-mdmonitor 320 lib/svc/method/svc-metainit 321 lib/svc/method/svc-metasync 322 lib/svc/method/svc-oplhpd 323 lib/svc/method/svc-poold 324 lib/svc/method/svc-pools 325 lib/svc/method/svc-power 326 lib/svc/method/svc-resource-mgmt 327 lib/svc/method/svc-rmvolmgr 328 lib/svc/method/svc-scheduler 329 lib/svc/method/svc-sckmd 330 lib/svc/method/svc-stmf 331 lib/svc/method/svc-syseventd 332 lib/svc/method/svc-tnctl 333 lib/svc/method/svc-tnd 334 lib/svc/method/svc-vntsd 335 lib/svc/method/svc-zones 336 lib/svc/method/vtdaemon 337 platform/*/kernel 338 platform/SUNW,Sun-Fire-15000/lib/cvcd 339 platform/SUNW,Ultra-Enterprise-10000/lib/cvcd 340 platform/i86pc/biosint 341 platform/i86pc/multiboot 342 platform/sun4u/cprboot 343 platform/sun4u/lib/libwrsmconf.so 344 platform/sun4u/lib/libwrsmconf.so.1 345 platform/sun4u/lib/sparcv9/libwrsmconf.so 346 platform/sun4u/lib/sparcv9/libwrsmconf.so.1 347 platform/sun4u/sbin 348 platform/sun4u/wanboot 349 platform/sun4v/wanboot 350 sbin/metadb 351 sbin/metadevadm 352 sbin/metainit 353 sbin/metarecover 354 sbin/metastat 355 usr/include/sys/dcam 356 usr/lib/devfsadm/linkmod/SUNW_dcam1394_link.so 357 usr/lib/ldoms 358 usr/platform/SUNW,SPARC-Enterprise/lib/dscp.ppp.options 359 usr/platform/SUNW,SPARC-Enterprise/lib/libdscp.so 360 usr/platform/SUNW,SPARC-Enterprise/lib/libdscp.so.1 361 usr/platform/SUNW,SPARC-Enterprise/lib/llib-ldscp.ln 362 usr/platform/SUNW,SPARC-Enterprise/sbin/prtdscp 363 var/adm/pool 364 var/log/pool 365 var/svc/manifest/network/iscsi/iscsi-initiator.xml 366 var/svc/manifest/network/npiv_config.xml 367 var/svc/manifest/network/rpc/mdcomm.xml 368 var/svc/manifest/network/rpc/meta.xml 369 var/svc/manifest/network/rpc/metamed.xml 370 var/svc/manifest/network/rpc/metamh.xml 371 var/svc/manifest/network/tnctl.xml 372 var/svc/manifest/network/tnd.xml 373 var/svc/manifest/platform/i86pc/eeprom.xml 374 var/svc/manifest/platform/sun4u/dcs.xml 375 var/svc/manifest/platform/sun4u/dscp.xml 376 var/svc/manifest/platform/sun4u/efdaemon.xml 377 var/svc/manifest/platform/sun4u/oplhpd.xml 378 var/svc/manifest/platform/sun4u/sckmd.xml 379 var/svc/manifest/platform/sun4u/sf880drd.xml 380 var/svc/manifest/platform/sun4v 381 var/svc/manifest/system/cvc.xml 382 var/svc/manifest/system/device/devices-audio.xml 383 var/svc/manifest/system/device/devices-fc-fabric.xml 384 var/svc/manifest/system/dumpadm.xml 385 var/svc/manifest/system/fcoe_initiator.xml 386 var/svc/manifest/system/fcoe_target.xml 387 var/svc/manifest/system/filesystem/rmvolmgr.xml 388 var/svc/manifest/system/fmd.xml 389 var/svc/manifest/system/hal.xml 390 var/svc/manifest/system/intrd.xml 391 var/svc/manifest/system/labeld.xml 392 var/svc/manifest/system/mdmonitor.xml 393 var/svc/manifest/system/metainit.xml 394 var/svc/manifest/system/metasync.xml 395 var/svc/manifest/system/picl.xml 396 var/svc/manifest/system/poold.xml 397 var/svc/manifest/system/pools.xml 398 var/svc/manifest/system/power.xml 399 var/svc/manifest/system/resource-mgmt.xml 400 var/svc/manifest/system/scheduler.xml 401 var/svc/manifest/system/stmf.xml 402 var/svc/manifest/system/sysevent.xml 403 var/svc/manifest/system/vtdaemon.xml 404 var/svc/manifest/system/zones.xml 405 " 406 407 # 408 # Fourth list: files to be preserved, ie unconditionally restored to 409 # "child" versions 410 # 411 preserve_files=" 412 etc/hostid 413 kernel/misc/amd64/sysinit 414 kernel/misc/amd64/usbs49_fw 415 kernel/misc/sparcv9/usbs49_fw 416 kernel/misc/sysinit 417 kernel/misc/usbs49_fw 418 var/adm/aculog 419 var/adm/spellhist 420 var/adm/utmpx 421 var/adm/wtmpx 422 var/log/authlog 423 var/log/syslog 424 var/saf/zsmon/log 425 " 426 427 realmode_files=" 428 boot/solaris/bootenv.rc 429 boot/solaris/devicedb/master 430 " 431 432 # 433 # /usr/sadm/install/scripts/i.build class runs class client provided 434 # script. The files below are managed by build class and its build script. 435 # They are added /bfu.conflict/NEW and the acr.sh process runs the script 436 # as part of conflict resolution. 437 # 438 build_class_script_files=" 439 etc/mpapi.conf 440 etc/hba.conf 441 etc/ima.conf 442 " 443 444 fail() { 445 print "$*" >& 2 446 print "bfu aborting" >& 2 447 rm -f "$bfu_zone_list" 448 exit 1 449 } 450 451 filelist() { 452 files="$all_zones_files $preserve_files" 453 if [ $1 = "global" ]; then 454 files="$global_zone_only_files $files" 455 fi 456 find $files -depth -type f ! -name core -print 2>/dev/null | sort -u || { 457 # 458 # Force cpio to return non-zero by printing an error message 459 # to stdout that it won't be able to lstat(). 460 # 461 echo 'filelist: sort failed' 462 fail "sort failed" 463 } 464 } 465 466 realmode_filelist() { 467 find $realmode_files -depth -type f ! -name core -print 2>/dev/null | sort 468 } 469 470 smf_inetd_conversions=" 471 100134 472 100150 473 100155 474 100229 475 100230 476 100234 477 100242 478 100422 479 chargen 480 comsat 481 daytime 482 discard 483 echo 484 eklogin 485 exec 486 finger 487 ftp 488 gssd 489 klogin 490 krb5_prop 491 kshell 492 ktkt_warnd 493 login 494 metad 495 metamedd 496 metamhd 497 name 498 printer 499 rexd 500 rquotad 501 rstatd 502 rusersd 503 shell 504 smserverd 505 sprayd 506 sun-dr 507 talk 508 telnet 509 time 510 uucp 511 walld 512 " 513 514 enable_next_boot () { 515 if [ -x /tmp/bfubin/svccfg ]; then 516 svcadm disable -t $1 517 [ $? = 0 ] || echo "warning: unable to temporarily disable $1" 518 eval $BFUSVCCFG -s $1 setprop general/enabled = true 519 [ $? = 0 ] || echo "warning: unable to enable $1 for next boot" 520 fi 521 } 522 523 # 524 # If we're in the global zone, import the manifest for the specified service. 525 # Note that we will need to see whether we are in an smf root if we are using 526 # an alternate root. If so, import the service directly; otherwise, print the 527 # warning messages. 528 # 529 # $1: the path of the xml file (the related path to /var/svc/manifest) 530 # $2: the service name - specified only if the service is enabled after reboot. 531 # 532 smf_import_service() { 533 if [[ $zone = global && -f $rootprefix/var/svc/manifest/$1 ]]; then 534 if [[ -n $rootprefix && -x /usr/sbin/svccfg ]]; then 535 SVCCFG_REPOSITORY=$rootprefix/etc/svc/repository.db \ 536 /usr/sbin/svccfg import $rootprefix/var/svc/manifest/$1 537 elif [[ -n $rootprefix ]]; then 538 echo "Warning: This system does not have SMF, so I" 539 echo "cannot ensure the pre-import of $1. If it does" 540 echo "not work, reboot your alternate root to fix it." 541 elif [[ -x /tmp/bfubin/svccfg ]]; then 542 if [[ "${2}a" == a ]]; then 543 eval $BFUSVCCFG import /var/svc/manifest/$1 544 else 545 tmpfile=/tmp/`echo "$1" | tr / :`.$$ 546 sed -e "s/enabled='true'/enabled='false'/" \ 547 /var/svc/manifest/$1 > "$tmpfile" 548 eval $BFUSVCCFG import "$tmpfile" 549 # 550 # Make sure the service is enabled after reboot. 551 # 552 enable_next_boot $2 553 fi 554 fi 555 fi 556 } 557 558 smf_inetd_disable() { 559 inetconf=$rootprefix/etc/inet/inetd.conf 560 inettmp=/tmp/inetd.tmp.$$ 561 562 sed "$(for i in $smf_inetd_conversions; do 563 echo "s:^[ ]*$i[ /]:#SMFbfu# &:" 564 done)" $inetconf > $inettmp && ! cmp -s $inettmp $inetconf && 565 cp $inettmp $inetconf 566 567 rm -f -- $inettmp 568 } 569 570 smf_inetd_reenable() { 571 inetconf=$rootprefix/etc/inet/inetd.conf 572 inettmp=/tmp/inetd.tmp.$$ 573 574 sed 's/^#SMFbfu# //' $inetconf > $inettmp && cp $inettmp $inetconf 575 576 rm -f -- $inettmp 577 } 578 579 smf_tftp_reinstall() { 580 inetconf=$rootprefix/etc/inet/inetd.conf 581 inettmp=/tmp/inetd.tmp.$$ 582 583 if grep '^#SMFbfu# tftp' $inetconf >/dev/null ; then 584 # BFU previously commented out, put it back in place 585 sed 's/^#SMFbfu# tftp/tftp/' $inetconf > $inettmp && 586 cp $inettmp $inetconf 587 elif ! grep '^[# ]*tftp' $inetconf >/dev/null; then 588 # No entry, append to end 589 cat >>$inetconf <<EOF 590 # TFTPD - tftp server (primarily used for booting) 591 #tftp dgram udp6 wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot 592 EOF 593 fi 594 595 rm -f -- $inettmp 596 } 597 598 inetd_conf_svm_hack() { 599 # Since inetd.conf is updated by SUNWmdr's postinstall script, 600 # we will update the actual inetd.conf here to reflect the postinstall 601 # changes. 602 603 inetconf=$rootprefix/etc/inet/inetd.conf 604 inettmp=/tmp/inetd.tmp.$$ 605 inetnew=/tmp/inetd.new.$$ 606 607 # 608 # only change inetd.conf if the rpc.metad entry is out of date 609 # 610 611 if ! grep "^[# ]*100229/1-2" $inetconf > /dev/null ; then 612 613 # Grab existing rpc entries for rpc.metad 614 # and convert spaces to tabs within the rpc entry, as well as 615 # the transport method; 616 # or add a new entry in case there was none. 617 if grep "^[# ]*100229/1" $inetconf > /dev/null ; then 618 grep "^# METAD - SLVM metadb" $inetconf > $inettmp 619 grep "^[# ]*100229/1" $inetconf | \ 620 sed -e 's/[ ][ ]*/ /g' \ 621 -e 's?100229/1?100229/1-2?' >> $inettmp 622 else 623 echo '# METAD - SVM metadb Daemon' > $inettmp 624 echo "100229/1-2\ttli\trpc/tcp\twait\troot\t/usr/sbin/rpc.metad\trpc.metad" >> $inettmp 625 fi 626 627 grep -v '^# METAD - SLVM metadb' $inetconf | \ 628 grep -v '^[# ]*100229/1' > $inetnew 629 cat $inettmp >> $inetnew 630 631 if ! diff $inetnew $inetconf > /dev/null ; then 632 print "Updating inet.conf metad entry ... \c" 633 if cp $inetnew $inetconf ; then 634 print "done." 635 else 636 print "failed." 637 fi 638 fi 639 rm -f $inettmp $inetnew 640 fi 641 642 # 643 # only change inetd.conf if the rpc.mdcommd entry is out of date 644 # 645 646 if ! grep "^[# ]*100422/1" $inetconf > /dev/null ; then 647 648 # Grab existing rpc entries for rpc.mdcommd 649 # and convert spaces to tabs within the rpc entry, 650 # or add a new entry in case there was none. 651 if grep "^[# ]*100422/1" $inetconf > /dev/null ; then 652 grep "^# MDMN_COMMD - SVM Multi node" $inetconf > $inettmp 653 grep "^[# ]*100422/1" $inetconf | \ 654 sed -e 's/[ ][ ]*/ /g' >> $inettmp 655 else 656 echo '# MDMN_COMMD - SVM Multi node communication daemon' >$inettmp 657 echo '100422/1\ttli\trpc/tcp\twait\troot\t/usr/sbin/rpc.mdcommd\trpc.mdcommd' >> $inettmp 658 fi 659 660 grep -v '^# MDMN_COMMD - SVM Multi node' $inetconf | \ 661 grep -v '^[# ]*100422/1' > $inetnew 662 cat $inettmp >> $inetnew 663 664 if ! diff $inetnew $inetconf > /dev/null ; then 665 print "Updating inetd.conf rpc.mdcommd entry ... \c" 666 if cp $inetnew $inetconf; then 667 print "done." 668 else 669 print "failed." 670 fi 671 fi 672 673 rm -f $inettmp $inetnew 674 fi 675 } 676 677 upgrade_aggr_and_linkprop () { 678 # Since aggregation.conf and linkprop.conf are upgraded by 679 # SUNWcnetr's postinstall script, put the relevant portions of the 680 # postinstall script here, modified to rename the old files instead 681 # of removing them. 682 683 # 684 # Convert datalink configuration into a series of dladm(1M) commands 685 # and keep them in an upgrade script. This script will then be run 686 # in the network-physical service. 687 # 688 # Note that we cannot use the /var/svc/profile/upgrade script because 689 # that script is run in the manifest-import service which is too late 690 # for the datalink configuration. 691 # 692 UPGRADE_SCRIPT=/var/svc/profile/upgrade_datalink 693 694 AGGR_CONF=/etc/aggregation.conf 695 ORIG=$rootprefix$AGGR_CONF 696 if [[ ! -f $ORIG ]]; then 697 # Try the alternate location. 698 AGGR_CONF=/etc/dladm/aggregation.conf 699 ORIG=$rootprefix$AGGR_CONF 700 fi 701 702 if [[ -f $ORIG ]]; then 703 # Strip off comments, then each remaining line defines 704 # an aggregation the administrator configured on the old 705 # system. Each line corresponds to one dladm command 706 # that is appended to the upgrade script. 707 cat $ORIG | grep '^[^#]' | while read line; do 708 echo $line | while read aggr_index rest 709 do 710 policy=`echo $rest | /usr/bin/awk '{print $1}'` 711 nports=`echo $rest | /usr/bin/awk '{print $2}'` 712 ports=`echo $rest | /usr/bin/awk '{print $3}'` 713 mac=`echo $rest | /usr/bin/awk '{print $4}'` 714 lacp_mode=`echo $rest | /usr/bin/awk \ 715 '{print $5}'` 716 lacp_timer=`echo $rest | /usr/bin/awk \ 717 '{print $6}'` 718 dladm_string="dladm create-aggr -P $policy -l \ 719 $lacp_mode -T $lacp_timer" 720 # A fixed MAC address 721 if [[ $mac != "auto" ]]; then 722 dladm_string="$dladm_string -u $mac" 723 fi 724 i=1 725 while [ $i -le $nports ]; do 726 device=`echo $ports | cut -d, -f$i` 727 # Older aggregation.conf files have the 728 # format of device_name/port_number. 729 # We don't need the port number, so get 730 # rid of it if it is there. 731 device=`echo $device | cut -d/ -f1` 732 ((i = i + 1)) 733 dladm_string="$dladm_string -d \ 734 $device" 735 done 736 dladm_string="$dladm_string $aggr_index" 737 echo $dladm_string >> \ 738 $rootprefix$UPGRADE_SCRIPT 739 done 740 done 741 mv $ORIG $ORIG.bak 742 fi 743 744 # Upgrade linkprop.conf 745 ORIG=$rootprefix/etc/dladm/linkprop.conf 746 747 if [[ -f $ORIG ]]; then 748 # Strip off comments, then each remaining line lists 749 # properties the administrator configured for a 750 # particular interface. Each line includes several 751 # properties, but we can only set one property per 752 # dladm invocation. 753 cat $ORIG | grep '^[^#]' | while read line; do 754 echo $line | while read link rest 755 do 756 while [ -n "$rest" ]; do 757 linkprop=`echo $rest | cut -d";" -f1` 758 rest=`echo $rest | cut -d";" -f2-` 759 echo dladm set-linkprop -p $linkprop \ 760 $link >> $rootprefix$UPGRADE_SCRIPT 761 done 762 done 763 done 764 mv $ORIG $ORIG.bak 765 fi 766 } 767 768 upgrade_vlan () { 769 # Convert hostname.*** and zonecfg vlan configurations 770 UPGRADE_SCRIPT=/var/svc/profile/upgrade_datalink 771 772 for ifname in $host_ifs $zone_ifs 773 do 774 phys=`echo $ifname | sed "s/[0-9]*$//"` 775 devnum=`echo $ifname | sed "s/$phys//g"` 776 if [ "$phys$devnum" != $ifname -o \ 777 -n "`echo $devnum | tr -d '[0-9]'`" ]; then 778 echo "skipping invalid interface $ifname" 779 continue 780 fi 781 782 vid=`expr $devnum / 1000` 783 inst=`expr $devnum % 1000` 784 785 if [ "$vid" != "0" ]; then 786 echo dladm create-vlan -l $phys$inst -v $vid $ifname \ 787 >> $rootprefix$UPGRADE_SCRIPT 788 fi 789 done 790 } 791 792 # Update aac.conf for set legacy-name-enable properly 793 update_aac_conf() 794 { 795 conffile=$rootprefix/kernel/drv/aac.conf 796 childconffile=$rootprefix/bfu.child/kernel/drv/aac.conf 797 798 # Already using autoenumeration mode, return 799 egrep -s "legacy-name-enable" $childconffile && \ 800 grep "legacy-name-enable" $childconffile | egrep -s "no" && return 801 802 # Else enable legacy mode 803 sed -e 's/legacy-name-enable="no"/legacy-name-enable="yes"/g' \ 804 < $conffile > /tmp/aac.conf.$$ 805 mv -f /tmp/aac.conf.$$ $conffile 806 } 807 808 update_etc_inet_sock2path() 809 { 810 # 811 # The PF_PACKET module may need to be added to the configuration 812 # file socket sockets. 813 # 814 # When being added to the system, the socket itself will remain 815 # inactive until the next reboot when soconfig is run. When being 816 # removed, the kernel configuration stays active until the system 817 # is rebooted and the sockets will continue to work until it is 818 # unloaded from the kernel, after which applications will fail. 819 # 820 sockfile=$rootprefix/etc/inet/sock2path 821 xgrep=/usr/xpg4/bin/grep 822 823 ${ZCAT} ${cpiodir}/generic.usr$ZFIX | cpio -it 2>/dev/null | 824 ${xgrep} -q sockpfp 825 if [ $? -eq 1 ] ; then 826 ${xgrep} -v -E '^ 32 [14] 0 sockpfp' \ 827 ${sockfile} > /tmp/sock2path.tmp.$$ 828 cp /tmp/sock2path.tmp.$$ ${sockfile} 829 else 830 if ! ${xgrep} -q -E \ 831 '^ 31 [14] 0 sockpfp' ${sockfile}; then 832 echo '' >> ${sockfile} 833 echo ' 32 1 0 sockpfp' >> ${sockfile} 834 echo ' 32 4 0 sockpfp' >> ${sockfile} 835 fi 836 fi 837 } 838 839 # update x86 version mpt.conf for property tape 840 mpttapeprop='[ ]*tape[ ]*=[ ]*"sctp"[ ]*;' 841 update_mptconf_i386() 842 { 843 conffile=$rootprefix/kernel/drv/mpt.conf 844 test -f $conffile || return 845 egrep -s "$mpttapeprop" $conffile 846 if [ $? -ne 0 ] ; then 847 echo 'tape="sctp";' >> $conffile 848 fi 849 } 850 851 # update x86 etc/mach file after xVM_uppc is added, 852 # which makes xpv_psm a non-default psm module 853 update_etc_mach_i386() 854 { 855 etc_mach=$rootprefix/etc/mach 856 test -f $etc_mach || return 857 grep -w "xpv_psm" $etc_mach > /dev/null 2>&1 858 if [ $? -ne 0 ] ; then 859 echo 'xpv_psm' >> $etc_mach 860 fi 861 } 862 863 # check and update driver class for scsi-self-identifying 864 chk_update_drv_class() 865 { 866 867 drvclassfile=$rootprefix/etc/driver_classes 868 name2majorfile=$rootprefix/etc/name_to_major 869 drvname=$1 870 classentry="^$drvname[ ].*scsi-self-identifying" 871 872 [ -f $drvclassfile ] || return 873 [ -f $name2majorfile ] || return 874 875 grep -w $drvname $name2majorfile > /dev/null 2>&1 || return 876 877 egrep -s "$classentry" $drvclassfile 878 if [ $? -ne 0 ]; then 879 echo "$drvname scsi-self-identifying" >> $drvclassfile 880 fi 881 } 882 883 update_drvclass_i386() 884 { 885 chk_update_drv_class ahci 886 chk_update_drv_class si3124 887 chk_update_drv_class marvell88sx 888 chk_update_drv_class nv_sata 889 } 890 891 update_policy_conf() { 892 # update /etc/security/policy.conf with the default 893 # Solaris crypt(3c) policy. 894 895 dest=$rootprefix/etc/security/policy.conf 896 897 grep 'CRYPT_' $dest > /dev/null 2>&1 898 if [ $? = 1 ] ; then 899 print "Updating entries for crypt(3c), see policy.conf(4)" 900 cat >> $dest <<EOM 901 902 # crypt(3c) Algorithms Configuration 903 # 904 # CRYPT_ALGORITHMS_ALLOW specifies the algorithms that are allowed to 905 # be used for new passwords. This is enforced only in crypt_gensalt(3c). 906 # 907 CRYPT_ALGORITHMS_ALLOW=1,2a,md5 908 909 # To deprecate use of the traditional unix algorithm, uncomment below 910 # and change CRYPT_DEFAULT= to another algorithm. For example, 911 # CRYPT_DEFAULT=1 for BSD/Linux MD5. 912 # 913 #CRYPT_ALGORITHMS_DEPRECATE=__unix__ 914 915 # The Solaris default is the traditional UNIX algorithm. This is not 916 # listed in crypt.conf(4) since it is internal to libc. The reserved 917 # name __unix__ is used to refer to it. 918 # 919 CRYPT_DEFAULT=__unix__ 920 EOM 921 fi 922 grep PRIV_ $dest >/dev/null 2>&1 923 if [ $? = 1 ]; then 924 echo "Updating entries for privileges(5)," \ 925 "see policy.conf(4) for details." 926 cat >> $dest <<EOM 927 # 928 # These settings determine the default privileges users have. If not set, 929 # the default privileges are taken from the inherited set. 930 # There are two different settings; PRIV_DEFAULT determines the default 931 # set on login; PRIV_LIMIT defines the Limit set on login. 932 # Individual users can have privileges assigned or taken away through 933 # user_attr. Privileges can also be assigned to profiles in which case 934 # the users with those profiles can use those privileges through pfexec(1m). 935 # For maximum future compatibility, the specifications should 936 # always include "basic" or "all"; privileges should then be removed using 937 # the negation. E.g., PRIV_LIMIT=all,!sys_linkdir takes away only the 938 # sys_linkdir privilege, regardless of future additional privileges. 939 # Similarly, PRIV_DEFAULT=basic,!file_link_any takes away only the 940 # file_link_any privilege from the basic privilege set; only that notation 941 # is immune from a future addition of currently unprivileged operations to 942 # the basic privilege set. 943 # NOTE: removing privileges from the the Limit set requires EXTREME care 944 # as any set-uid root program may suddenly fail because it lacks certain 945 # privilege(s). 946 # 947 #PRIV_DEFAULT=basic 948 #PRIV_LIMIT=all 949 EOM 950 fi 951 952 } 953 954 # 955 # Cleanup nfsmapid configuration before extracting 956 # root bits. Remove if they exist: 957 # nfsmapid entry in inetd.conf 958 # nfsmapid entry in /etc/net/ti*/services 959 # 960 # Going forward neither should exist, but no harm if services entry exists 961 # Going way backwards (pre-04/28/2004), inetd.conf must exist but will 962 # be a conflict that should be merged in 963 # 964 nfsmapid_cfg() { 965 inetdconf=$rootprefix/etc/inet/inetd.conf 966 tmpinetcf=/tmp/inetd.conf.$$ 967 cp -pf ${inetdconf} ${tmpinetcf} 968 cat /dev/null > ${inetdconf} 2>&1 969 sed -e "/^#[# ]*NFSv4/d" \ 970 -e "/^[# ]*100166\/1/d" \ 971 ${tmpinetcf} > ${inetdconf} 2>&1 972 rm -f ${tmpinetcf} 973 974 tmpservices=/tmp/services.$$ 975 976 services=$rootprefix/etc/net/ticotsord/services 977 cp -pf ${services} ${tmpservices} 978 cat /dev/null > ${services} 2>&1 979 sed -e "/^[# ]*nfsmapid/d" \ 980 ${tmpservices} > ${services} 2>&1 981 rm -f ${tmpservices} 982 983 services=$rootprefix/etc/net/ticots/services 984 cp -pf ${services} ${tmpservices} 985 cat /dev/null > ${services} 2>&1 986 sed -e "/^[# ]*nfsmapid/d" \ 987 ${tmpservices} > ${services} 2>&1 988 rm -f ${tmpservices} 989 990 services=$rootprefix/etc/net/ticlts/services 991 cp -pf ${services} ${tmpservices} 992 cat /dev/null > ${services} 2>&1 993 sed -e "/^[# ]*nfsmapid/d" \ 994 ${tmpservices} > ${services} 2>&1 995 rm -f ${tmpservices} 996 } 997 998 # 999 # Detect Boomer audio framework; used to emit a notice at the end of BFU 1000 # telling the user to run update_audio to complete the upgrade. 1001 # 1002 BOOMER_PRESENT_SYS=false 1003 BOOMER_PRESENT_BFU=false 1004 BOOMER_DRIVERS="audio" 1005 AUSTR_PRESENT_SYS=false 1006 AUSTR_PRESENT_BFU=false 1007 1008 check_boomer_sys() { 1009 typeset root=$1 1010 typeset n2m=$root/etc/name_to_major 1011 typeset drv 1012 1013 for drv in $BOOMER_DRIVERS; do 1014 if ! grep -w $drv $n2m > /dev/null 2>&1; then 1015 return 1 1016 fi 1017 done 1018 1019 return 0 1020 } 1021 1022 check_boomer_bfu() { 1023 $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | 1024 grep devices-audio.xml > /dev/null 2>&1 1025 } 1026 1027 check_austr_sys() { 1028 typeset root=$1 1029 typeset n2m=$root/etc/name_to_major 1030 typeset drv 1031 1032 if ! grep -w austr $n2m > /dev/null 2>&1; then 1033 return 1 1034 fi 1035 return 0 1036 } 1037 1038 check_austr_bfu() { 1039 $ZCAT $cpiodir/generic.kernel$ZFIX | cpio -it 2>/dev/null | 1040 grep austr > /dev/null 2>&1 1041 } 1042 1043 # 1044 # 1045 # Define global variables 1046 # 1047 CALL_DEVID_DESTROY="" 1048 # 1049 # List of SDS commands that must be deleted. 1050 # 1051 SDSCMDLIST=" 1052 growfs 1053 metaclear 1054 metadb 1055 metadetach 1056 metahs 1057 metainit 1058 metaoffline 1059 metaonline 1060 metaparam 1061 metarename 1062 metareplace 1063 metaroot 1064 metaset 1065 metastat 1066 metasync 1067 metattach 1068 rpc.metad 1069 rpc.metamhd 1070 " 1071 # 1072 # List of SDS configuration files that must be deleted. 1073 # 1074 SDSCONFIGLIST=" 1075 lock 1076 md.cf 1077 mddb.cf 1078 md.tab 1079 devpath 1080 md.ctlrmap 1081 " 1082 # 1083 # List of rc scripts that must be deleted. 1084 # 1085 RCLIST=" 1086 etc/init.d/SUNWmd.init 1087 etc/init.d/SUNWmd.sync 1088 etc/init.d/lvm.init 1089 etc/init.d/lvm.sync 1090 etc/rcS.d/S35SUNWmd.init 1091 etc/rcS.d/S35lvm.init 1092 etc/rc2.d/S95SUNWmd.sync 1093 etc/rc2.d/S95lvm.sync 1094 etc/rcS.d/S35slvm.init 1095 etc/rc2.d/S95slvm.sync 1096 etc/init.d/slvm.init 1097 etc/init.d/slvm.sync 1098 etc/init.d/init.mdlogd 1099 etc/rc3.d/S25mdlogd 1100 " 1101 # 1102 # List of flashprom-related files that must be deleted. 1103 # 1104 FLASHPROMLIST=" 1105 etc/rc2.d/S75flashprom 1106 etc/init.d/flashprom 1107 usr/platform/SUNW,Ultra-2/lib/flash-update.sh 1108 usr/platform/SUNW,Ultra-4/lib/flash-update.sh 1109 usr/platform/SUNW,Ultra-Enterprise/lib/flash-update.sh 1110 usr/platform/sun4u/doc/flashupdate.txt 1111 usr/platform/sun4u/lib/flash-update.sh 1112 usr/platform/sun4u/lib/prom/SUNW,Ultra-2 1113 usr/platform/sun4u/lib/prom/SUNW,Ultra-4 1114 usr/platform/sun4u/lib/prom/SUNW,Ultra-Enterprise 1115 " 1116 1117 # 1118 # delete the entries associated with bootlist from /etc/system 1119 # 1120 1121 delete_system_bootlist() { 1122 sed -e /"Begin MDD database info"/,/"End MDD database info"/d \ 1123 < ${SYSTEM_FILE} > /tmp/system.$$ 1124 cp /tmp/system.$$ ${SYSTEM_FILE} || \ 1125 echo "copy error: /tmp/system.$$ to ${SYSTEM_FILE}" 1126 } 1127 1128 # 1129 # Add entries in md.conf for bootlist 1130 # 1131 1132 fix_mdconf() { 1133 cp ${mdconf} /tmp/md.conf.$$ 1134 echo >> /tmp/md.conf.$$ 1135 echo "# Begin MDD database info (do not edit)" >> /tmp/md.conf.$$ 1136 sed -e 's/^set md://' -e 's/$/;/' ${SYSTEM_FILE} | \ 1137 grep mddb_bootlist >> /tmp/md.conf.$$ 1138 echo "# End MDD database info (do not edit)" >> /tmp/md.conf.$$ 1139 cp /tmp/md.conf.$$ ${mdconf} || \ 1140 echo "copy error: /tmp/md.conf.$$ to ${mdconf}" 1141 } 1142 1143 # 1144 # add_devid_destroy(filename) 1145 # returns contents in filename 1146 # md_devid_destroy property is required when upgrading 1147 # from pre SVM to SVM releases or when the device ID returned from 1148 # the driver changes. 1149 # It is specifically placed between 1150 # # Begin MDD database info and # End MDD database info because 1151 # on the subsequent reboot, this line will be removed automatically when 1152 # metadevadm is run in rc2.d. 1153 # 1154 add_devid_destroy() { 1155 cat $1 | awk '{ 1156 if ( $2 == "End" && $4 == "database") { 1157 print "md_devid_destroy=1;" 1158 } 1159 print $0 1160 }' >> /tmp/t$$ 1161 mv /tmp/t$$ $1 1162 } 1163 1164 # 1165 # Reads existing configuration values in /etc/rcap.conf and puts 1166 # them in repository upon reboot(via /var/svc/profile/upgrade). 1167 # 1168 migrate_rcap_conf() { 1169 RCAP_CONF="${rootprefix}/etc/rcap.conf" 1170 PROFILE_UPGRADE="${rootprefix}/var/svc/profile/upgrade" 1171 SVCCFG="/usr/sbin/svccfg" 1172 RCAP_FMRI="svc:/system/rcap:default" 1173 PG="config" 1174 1175 pressure=`awk '$1 == "RCAPD_MEMORY_CAP_ENFORCEMENT_PRESSURE" \ 1176 && NF == 3 {print $3}' $RCAP_CONF` 1177 1178 reconfig_int=`awk '$1 == "RCAPD_RECONFIGURATION_INTERVAL" \ 1179 && NF == 3 {print $3}' $RCAP_CONF` 1180 1181 walk_int=`awk '$1 == "RCAPD_PROC_WALK_INTERVAL" && \ 1182 NF == 3 {print $3}' $RCAP_CONF` 1183 1184 report_int=`awk '$1 == "RCAPD_REPORT_INTERVAL" && \ 1185 NF == 3 {print $3}' $RCAP_CONF` 1186 1187 rss_sample_int=`awk '$1 == "RCAPD_RSS_SAMPLE_INTERVAL" && \ 1188 NF == 3 {print $3}' $RCAP_CONF` 1189 1190 # Blindly update default configuration values with 1191 # pre-existing values 1192 # 1193 echo "# Migrating pre-existing rcap configuration" >> \ 1194 $PROFILE_UPGRADE 1195 1196 echo "$SVCCFG -s $RCAP_FMRI setprop ${PG}/pressure = " \ 1197 "$pressure" >> $PROFILE_UPGRADE 1198 1199 echo "$SVCCFG -s $RCAP_FMRI " \ 1200 "setprop ${PG}/reconfig_interval = $reconfig_int" >> \ 1201 $PROFILE_UPGRADE 1202 1203 echo "$SVCCFG -s $RCAP_FMRI " \ 1204 "setprop ${PG}/walk_interval = $walk_int" >> \ 1205 $PROFILE_UPGRADE 1206 1207 echo "$SVCCFG -s $RCAP_FMRI " \ 1208 "setprop ${PG}/report_interval = $report_int" >> \ 1209 $PROFILE_UPGRADE 1210 1211 echo "$SVCCFG -s $RCAP_FMRI " \ 1212 "setprop ${PG}/rss_sample_interval = $rss_sample_int" >> \ 1213 $PROFILE_UPGRADE 1214 1215 echo "/usr/sbin/svcadm refresh $RCAP_FMRI" >> \ 1216 $PROFILE_UPGRADE 1217 1218 echo "rm /etc/rcap.conf" >> \ 1219 $PROFILE_UPGRADE 1220 } 1221 1222 # 1223 # Migrate an existing extended accounting configuration from /etc/acctadm.conf 1224 # to the smf(5) repository upon reboot. Enable the instance if the 1225 # configuration differs from the default configuration. 1226 # 1227 migrate_acctadm_conf() 1228 { 1229 cat >> $rootprefix/var/svc/profile/upgrade <<\_EOF 1230 if [ -f /etc/acctadm.conf ]; then 1231 . /etc/acctadm.conf 1232 1233 fmri="svc:/system/extended-accounting:flow" 1234 eval $BFUSVCCFG -s $fmri setprop config/file = \ 1235 ${ACCTADM_FLOW_FILE:="none"} 1236 eval $BFUSVCCFG -s $fmri setprop config/tracked = \ 1237 ${ACCTADM_FLOW_TRACKED:="none"} 1238 eval $BFUSVCCFG -s $fmri setprop config/untracked = \ 1239 ${ACCTADM_FLOW_UNTRACKED:="extended"} 1240 if [ ${ACCTADM_FLOW_ENABLE:="no"} = "yes" ]; then 1241 eval $BFUSVCCFG -s $fmri setprop config/enabled = "true" 1242 else 1243 eval $BFUSVCCFG -s $fmri setprop config/enabled = "false" 1244 fi 1245 if [ $ACCTADM_FLOW_ENABLE = "yes" -o \ 1246 $ACCTADM_FLOW_FILE != "none" -o \ 1247 $ACCTADM_FLOW_TRACKED != "none" ]; then 1248 svcadm enable $fmri 1249 fi 1250 1251 fmri="svc:/system/extended-accounting:process" 1252 eval $BFUSVCCFG -s $fmri setprop config/file = \ 1253 ${ACCTADM_PROC_FILE:="none"} 1254 eval $BFUSVCCFG -s $fmri setprop config/tracked = \ 1255 ${ACCTADM_PROC_TRACKED:="none"} 1256 eval $BFUSVCCFG -s $fmri setprop config/untracked = \ 1257 ${ACCTADM_PROC_UNTRACKED:="extended"} 1258 if [ ${ACCTADM_PROC_ENABLE:="no"} = "yes" ]; then 1259 eval $BFUSVCCFG -s $fmri setprop config/enabled = "true" 1260 else 1261 eval $BFUSVCCFG -s $fmri setprop config/enabled = "false" 1262 fi 1263 if [ $ACCTADM_PROC_ENABLE = "yes" -o \ 1264 $ACCTADM_PROC_FILE != "none" -o \ 1265 $ACCTADM_PROC_TRACKED != "none" ]; then 1266 svcadm enable $fmri 1267 fi 1268 1269 fmri="svc:/system/extended-accounting:task" 1270 eval $BFUSVCCFG -s $fmri setprop config/file = \ 1271 ${ACCTADM_TASK_FILE:="none"} 1272 eval $BFUSVCCFG -s $fmri setprop config/tracked = \ 1273 ${ACCTADM_TASK_TRACKED:="none"} 1274 eval $BFUSVCCFG -s $fmri setprop config/untracked = \ 1275 ${ACCTADM_TASK_UNTRACKED:="extended"} 1276 if [ ${ACCTADM_TASK_ENABLE:="no"} = "yes" ]; then 1277 eval $BFUSVCCFG -s $fmri setprop config/enabled = "true" 1278 else 1279 eval $BFUSVCCFG -s $fmri setprop config/enabled = "false" 1280 fi 1281 if [ $ACCTADM_TASK_ENABLE = "yes" -o \ 1282 $ACCTADM_TASK_FILE != "none" -o \ 1283 $ACCTADM_TASK_TRACKED != "none" ]; then 1284 svcadm enable $fmri 1285 fi 1286 1287 fmri="svc:/system/extended-accounting:net" 1288 eval $BFUSVCCFG -s $fmri setprop config/file = \ 1289 ${ACCTADM_NET_FILE:="none"} 1290 eval $BFUSVCCFG -s $fmri setprop config/tracked = \ 1291 ${ACCTADM_NET_TRACKED:="none"} 1292 eval $BFUSVCCFG -s $fmri setprop config/untracked = \ 1293 ${ACCTADM_NET_UNTRACKED:="extended"} 1294 if [ ${ACCTADM_NET_ENABLE:="no"} = "yes" ]; then 1295 eval $BFUSVCCFG -s $fmri setprop config/enabled = "true" 1296 else 1297 eval $BFUSVCCFG -s $fmri setprop config/enabled = "false" 1298 fi 1299 if [ $ACCTADM_NET_ENABLE = "yes" -o \ 1300 $ACCTADM_NET_FILE != "none" -o \ 1301 $ACCTADM_NET_TRACKED != "none" ]; then 1302 svcadm enable $fmri 1303 fi 1304 1305 rm /etc/acctadm.conf 1306 fi 1307 _EOF 1308 } 1309 1310 # 1311 # smf(5) "Greenline" doesn't install the init.d or rc*.d scripts for 1312 # converted services. Clean up previous scripts for such services. 1313 # 1314 smf_obsolete_rc_files=" 1315 etc/init.d/ANNOUNCE 1316 etc/init.d/MOUNTFSYS 1317 etc/init.d/RMTMPFILES 1318 etc/init.d/acctadm 1319 etc/init.d/audit 1320 etc/init.d/autofs 1321 etc/init.d/boot.server 1322 etc/init.d/coreadm 1323 etc/init.d/cron 1324 etc/init.d/cryptosvc 1325 etc/init.d/cvc 1326 etc/init.d/devfsadm 1327 etc/init.d/dhcp 1328 etc/init.d/dhcpagent 1329 etc/init.d/domainname 1330 etc/init.d/efcode 1331 etc/init.d/inetd 1332 etc/init.d/inetinit 1333 etc/init.d/inetsvc 1334 etc/init.d/initboot 1335 etc/init.d/ipfboot 1336 etc/init.d/kdc 1337 etc/init.d/kdc.master 1338 etc/init.d/keymap 1339 etc/init.d/ldap.client 1340 etc/init.d/libc.mount 1341 etc/init.d/network 1342 etc/init.d/nfs.client 1343 etc/init.d/nodename 1344 etc/init.d/nscd 1345 etc/init.d/perf 1346 etc/init.d/picld 1347 etc/init.d/power 1348 etc/init.d/rcapd 1349 etc/init.d/rootusr 1350 etc/init.d/rpc 1351 etc/init.d/savecore 1352 etc/init.d/sckm 1353 etc/init.d/sf880dr 1354 etc/init.d/slpd 1355 etc/init.d/sshd 1356 etc/init.d/standardmounts 1357 etc/init.d/svm.init 1358 etc/init.d/svm.sync 1359 etc/init.d/sysid.net 1360 etc/init.d/sysid.sys 1361 etc/init.d/syslog 1362 etc/init.d/utmpd 1363 etc/init.d/volmgt 1364 etc/init.d/xntpd 1365 etc/init.d/zones 1366 etc/rc0.d/K00ANNOUNCE 1367 etc/rc0.d/K01zones 1368 etc/rc0.d/K03sshd 1369 etc/rc0.d/K05volmgt 1370 etc/rc0.d/K07snmpdx 1371 etc/rc0.d/K10rcapd 1372 etc/rc0.d/K21dhcp 1373 etc/rc0.d/K27boot.server 1374 etc/rc0.d/K28kdc 1375 etc/rc0.d/K28kdc.master 1376 etc/rc0.d/K28nfs.server 1377 etc/rc0.d/K32cryptosvc 1378 etc/rc0.d/K33audit 1379 etc/rc0.d/K33efcode 1380 etc/rc0.d/K34svm.sync 1381 etc/rc0.d/K36sendmail 1382 etc/rc0.d/K36utmpd 1383 etc/rc0.d/K37power 1384 etc/rc0.d/K40cron 1385 etc/rc0.d/K40inetd 1386 etc/rc0.d/K40nscd 1387 etc/rc0.d/K40sf880dr 1388 etc/rc0.d/K40slpd 1389 etc/rc0.d/K40syslog 1390 etc/rc0.d/K40xntpd 1391 etc/rc0.d/K41autofs 1392 etc/rc0.d/K41ldap.client 1393 etc/rc0.d/K41nfs.client 1394 etc/rc0.d/K41rpc 1395 etc/rc0.d/K42sckm 1396 etc/rc0.d/K43inet 1397 etc/rc0.d/K68picld 1398 etc/rc0.d/K83devfsadm 1399 etc/rc0.d/K90dhcpagent 1400 etc/rc1.d/K00ANNOUNCE 1401 etc/rc1.d/K01zones 1402 etc/rc1.d/K03sshd 1403 etc/rc1.d/K05volmgt 1404 etc/rc1.d/K07snmpdx 1405 etc/rc1.d/K10rcapd 1406 etc/rc1.d/K21dhcp 1407 etc/rc1.d/K27boot.server 1408 etc/rc1.d/K28kdc 1409 etc/rc1.d/K28kdc.master 1410 etc/rc1.d/K28nfs.server 1411 etc/rc1.d/K33audit 1412 etc/rc1.d/K33efcode 1413 etc/rc1.d/K34svm.sync 1414 etc/rc1.d/K36sendmail 1415 etc/rc1.d/K36utmpd 1416 etc/rc1.d/K37power 1417 etc/rc1.d/K40cron 1418 etc/rc1.d/K40inetd 1419 etc/rc1.d/K40nscd 1420 etc/rc1.d/K40sf880dr 1421 etc/rc1.d/K40slpd 1422 etc/rc1.d/K40syslog 1423 etc/rc1.d/K40xntpd 1424 etc/rc1.d/K41autofs 1425 etc/rc1.d/K41ldap.client 1426 etc/rc1.d/K41rpc 1427 etc/rc1.d/K42sckm 1428 etc/rc1.d/K43inet 1429 etc/rc1.d/K99libc.mount 1430 etc/rc1.d/S01MOUNTFSYS 1431 etc/rc2.d/K01zones 1432 etc/rc2.d/K03sshd 1433 etc/rc2.d/K05volmgt 1434 etc/rc2.d/K07snmpdx 1435 etc/rc2.d/K21dhcp 1436 etc/rc2.d/K27boot.server 1437 etc/rc2.d/K28kdc 1438 etc/rc2.d/K28kdc.master 1439 etc/rc2.d/K28nfs.server 1440 etc/rc2.d/S01MOUNTFSYS 1441 etc/rc2.d/S05RMTMPFILES 1442 etc/rc2.d/S21perf 1443 etc/rc2.d/S30sysid.net 1444 etc/rc2.d/S65ipfboot 1445 etc/rc2.d/S69domainname 1446 etc/rc2.d/S69inet 1447 etc/rc2.d/S70sckm 1448 etc/rc2.d/S71ldap.client 1449 etc/rc2.d/S71rpc 1450 etc/rc2.d/S71sysid.sys 1451 etc/rc2.d/S72inetsvc 1452 etc/rc2.d/S72slpd 1453 etc/rc2.d/S73nfs.client 1454 etc/rc2.d/S74autofs 1455 etc/rc2.d/S74syslog 1456 etc/rc2.d/S74xntpd 1457 etc/rc2.d/S75cron 1458 etc/rc2.d/S75savecore 1459 etc/rc2.d/S76nscd 1460 etc/rc2.d/S77inetd 1461 etc/rc2.d/S77sf880dr 1462 etc/rc2.d/S85power 1463 etc/rc2.d/S88sendmail 1464 etc/rc2.d/S88utmpd 1465 etc/rc2.d/S95svm.sync 1466 etc/rc2.d/S98efcode 1467 etc/rc2.d/S98libc.mount 1468 etc/rc2.d/S99audit 1469 etc/rc2.d/S99rcapd 1470 etc/rc3.d/S13kdc.master 1471 etc/rc3.d/S14kdc 1472 etc/rc3.d/S15nfs.server 1473 etc/rc3.d/S16boot.server 1474 etc/rc3.d/S34dhcp 1475 etc/rc3.d/S76snmpdx 1476 etc/rc3.d/S81volmgt 1477 etc/rc3.d/S89sshd 1478 etc/rc3.d/S99zones 1479 etc/rcS.d/K01zones 1480 etc/rcS.d/K03sshd 1481 etc/rcS.d/K05volmgt 1482 etc/rcS.d/K07snmpdx 1483 etc/rcS.d/K10rcapd 1484 etc/rcS.d/K21dhcp 1485 etc/rcS.d/K27boot.server 1486 etc/rcS.d/K28kdc 1487 etc/rcS.d/K28kdc.master 1488 etc/rcS.d/K28nfs.server 1489 etc/rcS.d/K33audit 1490 etc/rcS.d/K33efcode 1491 etc/rcS.d/K34svm.sync 1492 etc/rcS.d/K36sendmail 1493 etc/rcS.d/K36utmpd 1494 etc/rcS.d/K37power 1495 etc/rcS.d/K40cron 1496 etc/rcS.d/K40inetd 1497 etc/rcS.d/K40nscd 1498 etc/rcS.d/K40sf880dr 1499 etc/rcS.d/K40slpd 1500 etc/rcS.d/K40syslog 1501 etc/rcS.d/K40xntpd 1502 etc/rcS.d/K41autofs 1503 etc/rcS.d/K41ldap.client 1504 etc/rcS.d/K41rpc 1505 etc/rcS.d/K42sckm 1506 etc/rcS.d/K43inet 1507 etc/rcS.d/K99libc.mount 1508 etc/rcS.d/S10cvc 1509 etc/rcS.d/S28network.sh 1510 etc/rcS.d/S29nodename.sh 1511 etc/rcS.d/S30rootusr.sh 1512 etc/rcS.d/S33keymap.sh 1513 etc/rcS.d/S35svm.init 1514 etc/rcS.d/S40standardmounts.sh 1515 etc/rcS.d/S42coreadm 1516 etc/rcS.d/S45initboot 1517 etc/rcS.d/S50devfsadm 1518 etc/rcS.d/S72cryptosvc 1519 etc/rcS.d/S95picld 1520 " 1521 1522 # Obsolete smf manifests 1523 smf_obsolete_manifests=" 1524 var/svc/manifest/application/print/cleanup.xml 1525 var/svc/manifest/network/tftp.xml 1526 var/svc/manifest/network/lp.xml 1527 var/svc/manifest/system/filesystem/volfs.xml 1528 var/svc/manifest/network/pfil.xml 1529 var/svc/manifest/platform/sun4u/mpxio-upgrade.xml 1530 var/svc/manifest/network/tname.xml 1531 var/svc/manifest/network/aggregation.xml 1532 var/svc/manifest/network/datalink.xml 1533 var/svc/manifest/network/datalink-init.xml 1534 var/svc/manifest/network/iscsi_initiator.xml 1535 var/svc/manifest/network/fcoe_config.xml 1536 var/svc/manifest/network/rpc/ocfserv.xml 1537 " 1538 1539 # smf services whose manifests have been renamed 1540 smf_renamed_manifests=" 1541 var/svc/manifest/milestone/name-service.xml 1542 var/svc/manifest/system/filesystem/boot-archive.xml 1543 " 1544 1545 # Obsolete smf methods 1546 smf_obsolete_methods=" 1547 lib/svc/method/print-cleanup 1548 lib/svc/method/print-server 1549 lib/svc/method/svc-volfs 1550 lib/svc/method/pfil 1551 lib/svc/method/aggregation 1552 lib/svc/method/datalink 1553 lib/svc/method/datalink-init 1554 lib/svc/method/svc-kdc 1555 lib/svc/method/svc-kdc.master 1556 lib/svc/method/svc-kdc.slave 1557 lib/svc/share/krb_include.sh 1558 lib/svc/method/iscsid 1559 lib/svc/method/fcoeconfig 1560 " 1561 1562 smf_cleanup () { 1563 ( 1564 cd $root; 1565 print "Removing obsolete rc.d scripts ... \c" 1566 rm -f $smf_obsolete_rc_files 1567 print "done." 1568 ) 1569 } 1570 1571 smf_new_profiles () { 1572 [[ "$bfu_isa" = "sparc" ]] || return 0 1573 1574 [[ -x /tmp/bfubin/svccfg ]] || return 0 1575 1576 print "Clearing platform profile hash ..." 1577 1578 # platform_SUNW,Sun-Fire.xml (and other new and 1579 # corrected platforms) were delivered in Build 68. 1580 if [ ! -f \ 1581 $rootprefix/var/svc/profile/platform_SUNW,Sun-Fire.xml \ 1582 ]; then 1583 for pfx in " " "v"; do 1584 for plname in \ 1585 none \ 1586 SUNW_Sun_Fire_880 \ 1587 SUNW_Sun_Fire_V890 \ 1588 SUNW_Sun_Fire_15000 \ 1589 SUNW_UltraEnterprise_10000; do 1590 eval $BFUSVCCFG -f - <<EOF 1591 select smf/manifest 1592 delpg ${pfx}ar_svc_profile_platform_${plname}_xml 1593 exit 1594 EOF 1595 done 1596 done 1597 fi 1598 } 1599 1600 smf_handle_new_services () { 1601 # 1602 # Detect, prior to extraction the arrival of new, 1603 # default-enabled-in-profile services. If so, add a command 1604 # such that they are enabled. 1605 # 1606 if [ ! -f $rootprefix/var/svc/profile/system/sac.xml ]; then 1607 echo /usr/sbin/svcadm enable system/sac >> \ 1608 $rootprefix/var/svc/profile/upgrade 1609 fi 1610 if [[ $zone = global && 1611 ! -f $rootprefix/var/svc/manifest/system/intrd.xml ]]; then 1612 echo /usr/sbin/svcadm enable system/intrd >> \ 1613 $rootprefix/var/svc/profile/upgrade 1614 fi 1615 if [[ $zone = global && 1616 ! -f $rootprefix/var/svc/manifest/system/scheduler.xml ]]; then 1617 echo /usr/sbin/svcadm enable system/scheduler >> \ 1618 $rootprefix/var/svc/profile/upgrade 1619 fi 1620 if [[ $zone = global && 1621 ! -f $rootprefix/var/svc/manifest/system/hal.xml ]]; then 1622 echo /usr/sbin/svcadm enable system/hal >> \ 1623 $rootprefix/var/svc/profile/upgrade 1624 fi 1625 if [[ $zone = global && 1626 ! -f $rootprefix/var/svc/manifest/system/filesystem/rmvolmgr.xml ]]; then 1627 echo /usr/sbin/svcadm enable system/filesystem/rmvolmgr >> \ 1628 $rootprefix/var/svc/profile/upgrade 1629 fi 1630 if [[ $zone = global && 1631 ! -f $rootprefix/var/svc/manifest/network/ipsec/manual-key.xml && 1632 -f $rootprefix/etc/inet/secret/ipseckeys ]]; then 1633 smf_enable svc:/network/ipsec/manual-key:default 1634 fi 1635 if [[ $zone = global && 1636 ! -f $rootprefix/var/svc/manifest/network/ipsec/ike.xml && 1637 -f $rootprefix/etc/inet/ike/config ]]; then 1638 smf_enable svc:/network/ipsec/ike:default 1639 fi 1640 if [[ $zone = global && 1641 ! -f $rootprefix/var/svc/manifest/system/pools.xml && 1642 -f $rootprefix/etc/pooladm.conf ]]; then 1643 smf_enable svc:/system/pools:default 1644 fi 1645 if [[ $zone = global && $karch = sun4v && 1646 ! -f $rootprefix/var/svc/manifest/platforms/sun4v/ldoms-agents.xml ]]; then 1647 smf_enable svc:/ldoms/agents:default 1648 fi 1649 } 1650 1651 smf_copy_manifest() { 1652 mfstbase=`basename $1` 1653 mymfs=$rootprefix/var/svc/manifest/$2/$mfstbase 1654 if [[ ! -f $mymfs ]] || ! cmp -s $manifest_src/$1 $mymfs ; then 1655 cp $manifest_src/$1 $mymfs || 1656 echo "bfu: could not copy $manifest_src/$1" 1657 fi 1658 } 1659 1660 smf_copy_method() { 1661 cp $manifest_src/$1 $rootprefix/lib/svc/method || 1662 echo "bfu: could not copy $manifest_src/$1" 1663 } 1664 1665 smf_cleanup_initd() { 1666 rm -f $rootprefix/etc/rc?.d/[SK]??$1 1667 } 1668 1669 smf_delete_manifest() { 1670 ( 1671 mfst=$1 1672 cd $root 1673 [[ -f $mfst ]] || return; 1674 if [ -r /etc/svc/volatile/repository_door ]; then 1675 ENTITIES=`eval $BFUSVCCFG inventory $mfst` 1676 for fmri in $ENTITIES; do 1677 if [[ -n $root && $root != "/" ]]; then 1678 SVCCFG_REPOSITORY=$root/etc/svc/repository.db 1679 export SVCCFG_REPOSITORY 1680 fi 1681 eval $BFUSVCCFG delete -f $fmri >/dev/null 2>&1 1682 if [[ -n $root && $root != "/" ]]; then 1683 unset SVCCFG_REPOSITORY 1684 fi 1685 done 1686 fi 1687 rm $mfst 1688 ) 1689 } 1690 1691 smf_delete_methods() { 1692 ( 1693 cd $root; 1694 rm -f $smf_obsolete_methods 1695 ) 1696 } 1697 1698 smf_delete_renamed_manifests() { 1699 ( 1700 cd $root; 1701 rm -f $smf_renamed_manifests 1702 ) 1703 } 1704 1705 smf_cleanup_dlmgmtd() { 1706 ( 1707 # 1708 # Delete the service instance, then refresh all its dependents in the 1709 # cases of alternative root and zones. 1710 # 1711 smf_delete_manifest "var/svc/manifest/network/dlmgmt.xml" 1712 1713 if [[ -n $root && $root != "/" ]]; then 1714 export SVCCFG_REPOSITORY=$root/etc/svc/repository.db 1715 eval $BFUSVCCFG -s svc:/network/physical:nwam refresh 1716 eval $BFUSVCCFG -s svc:/network/physical:default refresh 1717 eval $BFUSVCCFG -s svc:/system/device/local:default refresh 1718 unset SVCCFG_REPOSITORY 1719 fi 1720 cd $root 1721 rm -f lib/svc/method/svc-dlmgmtd 1722 rm -f etc/.dlmgmt_door 1723 rm -f sbin/dlmgmtd 1724 ) 1725 } 1726 1727 smf_cleanup_vt() { 1728 ( 1729 smf_delete_manifest var/src/manifest/system/vtdaemon.xml 1730 cd $root 1731 rm -f lib/svc/method/vtdaemon 1732 1733 vt_conslogin_instances=`/tmp/bfubin/svcs -o FMRI | \ 1734 grep console-login:vt` 1735 for i in $vt_conslogin_instances; do 1736 eval $BFUSVCCFG delete -f $i 1737 done 1738 ) 1739 } 1740 1741 smf_cleanup_boomer() { 1742 ( 1743 smf_delete_manifest var/src/manifest/system/devices-audio.xml 1744 cd $root 1745 rm -f lib/svc/method/devices-audio 1746 1747 /tmp/bfubin/svccfg delete -f svc:/system/device/audio 1748 ) 1749 } 1750 1751 old_mfst_dir="var/svc/manifest.orig" 1752 new_mfst_dir="var/svc/manifest" 1753 1754 smf_enable() { 1755 echo "svcadm enable $*" >> $rootprefix/var/svc/profile/upgrade 1756 } 1757 1758 smf_check_repository() { 1759 repository=etc/svc/repository.db 1760 [[ -f $rootprefix/$repository ]] || return 1761 1762 print -n "$rootprefix/$repository: " >&2 1763 1764 sqlite="${SQLITEBIN-$GATE/public/bin/$bfu_isa/sqlite}" 1765 [[ -x $sqlite ]] || sqlite=/lib/svc/bin/sqlite 1766 if [[ ! -x $sqlite ]]; then 1767 echo "no sqlite binary: skipped integrity check" >&2 1768 return 1769 fi 1770 1771 rm -f /tmp/bfurepo.db; 1772 cp $rootprefix/$repository /tmp/bfurepo.db 1773 bad_errors=`echo "PRAGMA integrity_check;" | 1774 $sqlite /tmp/bfurepo.db 2>&1 | grep -v '^ok$'` 1775 if [[ $? -eq 0 ]]; then 1776 echo "integrity check failed:" >&2 1777 echo "$bad_errors" >&2 1778 echo >&2 1779 if [[ $force_override = no ]]; then 1780 cat >&2 <<EOF 1781 Reseed the repository (see http://greenline.eng/quickstart.shtml#newrep) 1782 before BFUing (or use the -f flag to force BFU to continue). Re-seeding 1783 will lose all smf(5) customizations. 1784 EOF 1785 echo >&2 1786 exit 2; 1787 else 1788 echo "driving on anyway" >&2 1789 fi 1790 else 1791 echo "passed integrity check" >&2; 1792 fi 1793 } 1794 1795 smf_bkbfu_warning() { 1796 print "" 1797 print "*************************************************************" 1798 print " WARNING: BFU'ing $1 backwards across 5090532." 1799 print " Fixes have been made but the services cannot be refreshed" 1800 print " on the $1's inactive repository. Next boot for the" 1801 print " $1 will probably result in maintenance mode due to" 1802 print " dependency cycles. If so, at the $1's console, run:" 1803 print "" 1804 print " /usr/sbin/svcadm refresh system/sysidtool:system" 1805 print " /usr/sbin/svcadm refresh system/sysidtool:net" 1806 print " /usr/sbin/svcadm clear milestone/single-user" 1807 print " /usr/sbin/svcadm clear system/sysidtool:system" 1808 print " /usr/sbin/svcadm clear system/sysidtool:net" 1809 print "" 1810 print " to resolve." 1811 print " To avoid these problems, reseed the zone's repository." 1812 print " See http://greenline.eng/quickstart.shtml#newrep ." 1813 print " Note: Re-seeding will lose all smf(5) customization." 1814 print "*************************************************************" 1815 print "" 1816 } 1817 1818 smf_is_sysconfig() { 1819 # 1820 # Return success if going to post-5090532, i.e. post-sysconfig bits 1821 # 1822 # By now, we're going to post-smf bits - so multi-user.xml must 1823 # exist (since it was introduced by first SMF putback). 1824 # 1825 # Function return status is return status of last command executed. 1826 # So, no need to check return status from grep below. 1827 1828 grep sysconfig $rootprefix/var/svc/manifest/milestone/multi-user.xml \ 1829 >/dev/null 2>&1 1830 } 1831 1832 smf_bkbfu_past_sysconfig() { 1833 # 1834 # Check if bfu'ing back from post-5090532 to pre-5090532 bits. 1835 # 1836 if [[ -f $rootprefix/var/svc/manifest/milestone/sysconfig.xml ]] && 1837 ! smf_is_sysconfig ; then 1838 return 0 1839 fi 1840 return 1 1841 } 1842 1843 smf_bkbfu_repair_sysconfig() { 1844 # 1845 # Perform the necessary corrections when bfu'ing backwards 1846 # from post-5090532 to pre-5090532 bits. 1847 # 1848 # Get the pre-5090532 non-ON manifests, and issue minimal fixes 1849 # to the repository, to enable re-boot. 1850 # 1851 smf_copy_manifest pre-5090532/sysidtool.xml system 1852 if [[ $zone = global && $karch = i86pc ]]; then 1853 smf_copy_manifest pre-5090532/kdmconfig.xml platform/i86pc 1854 fi 1855 # 1856 # Now, remove sysidtool:{system, net}'s dependency on 1857 # single-user and filesystem-local. 1858 # 1859 # If $rootprefix is not empty, this could be the global zone, 1860 # with an alternate root BFU, or a non-global zone. For either 1861 # case, the repository to be updated is not the live one: use 1862 # SVCCFG_REPOSITORY to point to the repository to be updated. 1863 # 1864 # Note that in the alternate-root case, doing this seems better 1865 # than forcing the user to re-seed, or to dis-allow it. The 1866 # issue of svccfg and the repository not matching seems remote, 1867 # given that from initial SMF integration (on10_64) to on10_74, 1868 # there was no mismatch. In the remote possibility that there is a 1869 # mis-match (in the future) causing these calls to be suspect, 1870 # the user is already being advised, via the warning message, to 1871 # reseed the repository in case of trouble. If a mis-match is ever 1872 # introduced, code such as this would have to be fixed, so this 1873 # aspect of the warning is useful only during the interim period. 1874 # 1875 # NOTE that this is not an issue for non-global zones' 1876 # repositories - they couldn't be out-of-sync with 1877 # /tmp/bfubin/svccfg. 1878 # 1879 if [[ -n $rootprefix ]]; then 1880 export SVCCFG_REPOSITORY=$rootprefix/etc/svc/repository.db 1881 if [[ $zone = global ]]; then 1882 smf_bkbfu_warning "alternate root" 1883 else 1884 smf_bkbfu_warning "zone" 1885 fi 1886 fi 1887 # 1888 # Using the newer "-s" option to svccfg in the following is OK 1889 # since its introduction preceded 5090532 (and this routine wouldn't 1890 # be called unless the machine is running post-5090532 bits). 1891 # 1892 eval $BFUSVCCFG -s system/sysidtool:net delpg single-user 1893 eval $BFUSVCCFG -s system/sysidtool:system delpg single-user 1894 eval $BFUSVCCFG -s system/sysidtool:net delpg filesystem_local 1895 eval $BFUSVCCFG -s system/sysidtool:system delpg filesystem_local 1896 1897 # 1898 # On a live system, issue the refresh; For alternate root or non-global 1899 # zone, the user was asked to issue the refreshes and "clear"s in the 1900 # message above after a post-bfu reboot. 1901 # 1902 if [[ -z $rootprefix ]]; then 1903 /tmp/bfubin/svcadm refresh system/sysidtool:system \ 1904 system/sysidtool:net 1905 fi 1906 1907 # 1908 # Now, reset SVCCFG_REPOSITORY, if it was set 1909 # 1910 [[ -n $rootprefix ]] && unset SVCCFG_REPOSITORY 1911 1912 # 1913 # Remove the sysconfig.xml manifest when going back. So backward 1914 # bfu check continues to work, and all manifests are correct. 1915 # 1916 cat >> $rootprefix/var/svc/profile/upgrade <<-EOF 1917 rm -f /var/svc/manifest/milestone/sysconfig.xml 1918 EOF 1919 } 1920 1921 # 1922 # Return true if $file exists in $archive. $file may also be a pattern. 1923 # 1924 archive_file_exists() 1925 { 1926 archive=$1 1927 file=$2 1928 1929 $ZCAT $cpiodir/${archive}${ZFIX} | cpio -it 2>/dev/null | \ 1930 egrep -s "$file" 1931 } 1932 1933 # 1934 # extract one or more files from an archive into a temporary directory 1935 # provided by the caller. The caller is responsible for checking to 1936 # to see whether the desired file or files were extracted 1937 # 1938 # $1 - archive 1939 # $2 - temporary dir 1940 # remaining args: file(s) to be extracted. 1941 # 1942 archive_file_peek() { 1943 compressed_archive=`pwd`/$1 1944 tdir=$2 1945 shift 1946 shift 1947 if [ ! -d $tdir ] ; then 1948 return 1949 fi 1950 (cd $tdir; $ZCAT $compressed_archive | cpio -idmucB $* 2>&1 ) 1951 } 1952 1953 # 1954 # If we're no longer delivering the eeprom service, remove it from the system, 1955 # as eeprom -I is removed as well. 1956 # 1957 smf_fix_i86pc_profile () { 1958 mfst="var/svc/manifest/platform/i86pc/eeprom.xml" 1959 profile="var/svc/profile/platform_i86pc.xml" 1960 1961 if [ ! "$karch" = "i86pc" ]; then 1962 return 1963 fi 1964 1965 if ! archive_file_exists generic.root "^$profile"; then 1966 rm -f $rootprefix/$profile 1967 rm -f $rootprefix/var/svc/profile/platform.xml 1968 fi 1969 1970 if [ ! -f $rootprefix/$mfst ]; then 1971 return 1972 fi 1973 1974 if archive_file_exists generic.root "^$mfst"; then 1975 return 1976 fi 1977 1978 rm -f $rootprefix/$mfst 1979 1980 # 1981 # we must disable via svccfg directly, as manifest-import runs after 1982 # this service tries to run 1983 # 1984 [[ -n "$rootprefix" ]] && 1985 export SVCCFG_REPOSITORY=$rootprefix/etc/svc/repository.db 1986 eval $BFUSVCCFG delete -f platform/i86pc/eeprom 1987 [[ -n "$rootprefix" ]] && unset SVCCFG_REPOSITORY 1988 } 1989 1990 # 1991 # If the new system doesn't support the templates DTD extensions 1992 # (due to backwards bfu), the global.xml manifest should be deleted. 1993 # 1994 smf_bkbfu_templates() { 1995 mfst="var/svc/manifest/system/svc/global.xml" 1996 1997 grep "pg_pattern" \ 1998 $rootprefix/usr/share/lib/xml/dtd/service_bundle.dtd.1> \ 1999 /dev/null 2>&1 2000 if [ $? -eq 1 ]; then 2001 rm -f $rootprefix/$mfst 2002 fi 2003 2004 } 2005 2006 smf_apply_conf () { 2007 # 2008 # Go thru the original manifests and move any that were unchanged 2009 # (or are not system-provided) back to their proper location. This 2010 # will avoid superfluous re-import on reboot, as the inode and mtime 2011 # are both part of the hash. 2012 # 2013 if [ -d $rootprefix/$old_mfst_dir ]; then 2014 for f in `cd $rootprefix/$old_mfst_dir ; find . -type f` 2015 do 2016 old=$rootprefix/$old_mfst_dir/$f 2017 new=$rootprefix/$new_mfst_dir/$f 2018 if [ ! -f $new ]; then 2019 mkdir -m 0755 -p `dirname $new` 2020 mv $old $new 2021 continue 2022 fi 2023 cmp -s $old $new && mv $old $new 2024 done 2025 rm -rf $rootprefix/$old_mfst_dir 2026 fi 2027 2028 if [ -f $rootprefix/etc/init.d/inetd ]; then 2029 # 2030 # BFUing to non-SMF system -- undo our previous changes, 2031 # run an old hack, and skip the remainder of this function. 2032 # 2033 smf_inetd_reenable 2034 smf_tftp_reinstall 2035 2036 # Update inetd.conf only if we find rpc.metad file. 2037 [ -f $usr/sbin/rpc.metad ] && 2038 inetd_conf_svm_hack 2039 2040 return 2041 fi 2042 2043 # 2044 # At this point, the archive in question is a SMF version. If 2045 # the smf(5) repository does not yet exist, create it by copying 2046 # the appropriate seed repository. Since updating of non-global 2047 # zones only occurs when the live system is bfu'ed, the 2048 # appropriate seed is guaranteed to exist under the /lib 2049 # directory. 2050 # 2051 repository=$rootprefix/etc/svc/repository.db 2052 if [ ! -f $repository ]; then 2053 print "Initializing service configuration repository ..." 2054 if [ $zone = global ]; then 2055 cp $rootprefix/lib/svc/seed/global.db $repository 2056 else 2057 cp /lib/svc/seed/nonglobal.db $repository 2058 fi 2059 chmod 0600 $repository 2060 chown root:sys $repository 2061 fi 2062 2063 print "Removing obsolete smf services ..." 2064 for f in $smf_obsolete_manifests; do 2065 smf_delete_manifest $f 2066 done 2067 smf_delete_methods 2068 smf_delete_renamed_manifests 2069 2070 if [[ $dlmgmtd_status = cleanup ]]; then 2071 smf_cleanup_dlmgmtd 2072 fi 2073 2074 # 2075 # When doing backwards BFU, if the target does not contain 2076 # vtdaemon manifest, delete it and delete all the additional 2077 # console-login service instances which were used to provide 2078 # additional console sessions. 2079 # 2080 if ((! $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | \ 2081 grep vtdaemon.xml > /dev/null 2>&1) && [ $zone = global ]); then 2082 smf_cleanup_vt 2083 fi 2084 2085 # 2086 # Remove the Boomer audio service when BFUing to legacy audio bits 2087 # 2088 if ! check_boomer_bfu && [ $zone = global ]; then 2089 smf_cleanup_boomer 2090 fi 2091 2092 print "Disabling unneeded inetd.conf entries ..." 2093 smf_inetd_disable 2094 smf_tftp_reinstall 2095 2096 print "Connecting platform and name service profiles ..." 2097 2098 rm -f $rootprefix/var/svc/profile/name_service.xml 2099 2100 grep ldap $rootprefix/etc/nsswitch.conf >/dev/null 2>&1 2101 is_ldap=$? 2102 grep nisplus $rootprefix/etc/nsswitch.conf >/dev/null 2>&1 2103 is_nisplus=$? 2104 grep nis $rootprefix/etc/nsswitch.conf >/dev/null 2>&1 2105 is_nis=$? 2106 2107 if [ $is_ldap = 0 ]; then 2108 ns_profile=ns_ldap.xml 2109 elif [ $is_nisplus = 0 ]; then 2110 ns_profile=ns_nisplus.xml 2111 elif [ $is_nis = 0 ]; then 2112 ns_profile=ns_nis.xml 2113 else 2114 ns_profile=ns_files.xml 2115 fi 2116 2117 ln -s $ns_profile $rootprefix/var/svc/profile/name_service.xml 2118 2119 rm -f $rootprefix/var/svc/profile/inetd_services.xml 2120 ln -s inetd_upgrade.xml $rootprefix/var/svc/profile/inetd_services.xml 2121 2122 print "Marking converted services as enabled ..." 2123 2124 [ -f $rootprefix/etc/resolv.conf ] && smf_enable network/dns/client 2125 [ -f $rootprefix/etc/inet/dhcpsvc.conf ] && \ 2126 smf_enable network/dhcp-server 2127 2128 # Not concerned about enabling/disabling rcap but will migrate 2129 # configuration parameters if rcap.conf exists 2130 # 2131 if [ -f $rootprefix/etc/rcap.conf ]; then 2132 migrate_rcap_conf 2133 fi 2134 2135 migrate_acctadm_conf 2136 2137 if [ $zone = global ]; then 2138 if [ -f $rootprefix/etc/dfs/dfstab ] && 2139 grep '^[ ]*[^# ]' $rootprefix/etc/dfs/dfstab \ 2140 > /dev/null; then 2141 smf_enable network/nfs/server 2142 fi 2143 else 2144 echo "/usr/sbin/svcadm disable network/nfs/server" >> \ 2145 $rootprefix/var/svc/profile/upgrade 2146 fi 2147 2148 [ -f $rootprefix/etc/inet/ntp.conf ] && smf_enable network/ntp 2149 2150 2151 domainname=`cat $rootprefix/etc/defaultdomain 2>/dev/null` 2152 if [ ! -z "$domainname" -a -d $rootprefix/var/yp/$domainname ]; then 2153 smf_enable network/nis/server 2154 2155 # Determining whether we're a NIS master requires 2156 # looking through the maps. 2157 cat >>$rootprefix/var/svc/profile/upgrade <<\_EOF 2158 # Determine whether we are a YP master. 2159 domain=`/usr/bin/domainname` 2160 hostname=`uname -n | cut -d. -f1 | tr '[A-Z]' '[a-z]'` 2161 2162 if [ -x /usr/sbin/makedbm ]; then 2163 if [ -f /var/yp/NISLDAPmapping ]; then 2164 master=`/usr/sbin/makedbm -u /var/yp/\$domain/LDAP_passwd.byname | grep YP_MASTER_NAME | nawk '{ print $2 }'` 2165 else 2166 master=`/usr/sbin/makedbm -u /var/yp/\$domain/passwd.byname | grep YP_MASTER_NAME | nawk '{ print $2 }'` 2167 fi 2168 fi 2169 2170 # If we are the master server, enable appropriate services. 2171 if [ "$master" = "$hostname" -a "$YP_SERVER" = "TRUE" ]; then 2172 /usr/sbin/svcadm enable network/nis/xfr 2173 /usr/sbin/svcadm enable network/nis/passwd 2174 2175 if [ ! -f /var/yp/NISLDAPmapping ]; then 2176 [ -f /var/yp/updaters ] && \ 2177 /usr/svc/svcadm enable network/nis/update 2178 fi 2179 fi 2180 _EOF 2181 fi 2182 2183 # Check if mddbs don't exist on the image. If so, disable SVM services. 2184 MDDB_STATUS=1 2185 if [ -f $rootprefix/kernel/drv/md.conf ]; then 2186 sed -e 's/#.*$//' $rootprefix/kernel/drv/md.conf | \ 2187 egrep '^[ ]*mddb_bootlist' >/dev/null 2>&1 2188 MDDB_STATUS=$? 2189 fi 2190 2191 if [ $MDDB_STATUS -ne 0 ]; then 2192 for svc in metainit mdmonitor; do 2193 echo "/usr/sbin/svcadm disable system/$svc:default" >> \ 2194 $rootprefix/var/svc/profile/upgrade 2195 done 2196 2197 for svc in meta mdcomm metamed metamh; do 2198 echo "/usr/sbin/svcadm disable network/rpc/$svc:default" \ 2199 >> $rootprefix/var/svc/profile/upgrade 2200 done 2201 fi 2202 2203 # Workaround inetd's handling of "tcp6/udp6" when no IPv6 interfaces 2204 # are configured. 2205 for svc in meta mdcomm metamed metamh; do 2206 echo "/usr/sbin/inetadm -m network/rpc/$svc:default proto=tcp" \ 2207 ">/dev/null 2>&1" >> $rootprefix/var/svc/profile/upgrade 2208 done 2209 2210 manifest_src=${MANIFEST_SRC-$GATE/public/smf} 2211 [[ -d $manifest_src ]] || 2212 manifest_src=${GATE}/public/smf 2213 [[ -d $manifest_src ]] || manifest_src=/net/greenline.eng/meta0/smf 2214 2215 if smf_bkbfu_past_sysconfig ; then 2216 echo "BFU'ing backwards across 5090532! Now repairing..." 2217 smf_bkbfu_repair_sysconfig 2218 fi 2219 2220 # 2221 # If bfu'ing milestone/sysconfig bits or onwards, update the 2222 # corresponding non-ON manifests - sysidtool and kdmconfig. 2223 # 2224 sysidmfst=$rootprefix/var/svc/manifest/system/sysidtool.xml 2225 kdmmfst=$rootprefix/var/svc/manifest/platform/i86pc/kdmconfig.xml 2226 if smf_is_sysconfig ; then 2227 if [[ ! -f $sysidmfst ]]; then 2228 # 2229 # if WOS build on machine is pre-greenline, and 2230 # we're bfu'ing to the sysconfig bits. 2231 # 2232 smf_copy_manifest post-5090532/sysidtool.xml system 2233 if [[ $zone = global ]]; then 2234 smf_copy_method sysidtool-net 2235 smf_copy_method sysidtool-system 2236 fi 2237 echo "Converted system/sysidtool (post-5090532)" 2238 else 2239 # 2240 # If sysidtool.xml already exists, update it 2241 # if necessary. Future updates of sysidtool.xml 2242 # must occur in the dir: $manifest_src/post-5090532 2243 # 2244 smf_copy_manifest post-5090532/sysidtool.xml system 2245 fi 2246 if [[ $zone = global && $karch = i86pc ]]; then 2247 if [[ ! -f $kdmmfst ]]; then 2248 # 2249 # if WOS build on machine is pre-greenline, and 2250 # we're bfu'ing to the sysconfig bits. 2251 # 2252 smf_copy_manifest post-5090532/kdmconfig.xml \ 2253 platform/i86pc 2254 smf_copy_method svc-kdmconfig 2255 smf_cleanup_initd kdmconfig 2256 echo "Converted platform/i86pc/kdmconfig" 2257 echo "(post-5090532)" 2258 else 2259 # 2260 # If kdmconfig.xml already exists, update 2261 # it if necessary. Future updates of 2262 # kdmconfig.xml must occur in the dir: 2263 # $manifest_src/post-5090532 2264 # 2265 smf_copy_manifest post-5090532/kdmconfig.xml \ 2266 platform/i86pc 2267 fi 2268 fi 2269 else 2270 if [[ ! -f $sysidmfst ]]; then 2271 smf_copy_manifest pre-5090532/sysidtool.xml system 2272 if [[ $zone = global ]]; then 2273 smf_copy_method sysidtool-net 2274 smf_copy_method sysidtool-system 2275 fi 2276 echo "Converted system/sysidtool" 2277 fi 2278 if [[ $zone = global && $karch = i86pc && ! -f $kdmmfst ]]; 2279 then 2280 smf_copy_manifest pre-5090532/kdmconfig.xml \ 2281 platform/i86pc 2282 smf_copy_method svc-kdmconfig 2283 smf_cleanup_initd kdmconfig 2284 echo "Converted platform/i86pc/kdmconfig" 2285 fi 2286 fi 2287 2288 # If we've still got the old dtlogin manifest delivered by earlier 2289 # versions of bfu, delete it, as it was broken and should have 2290 # never been delivered. A new version delivered by the CDE 2291 # consolidation should be left alone. 2292 if [[ -f $rootprefix/var/svc/manifest/application/dtlogin.xml && 2293 `grep -c GLXXX \ 2294 $rootprefix/var/svc/manifest/application/dtlogin.xml` -gt 0 && 2295 -x /tmp/bfubin/svccfg ]]; then 2296 2297 # Delete the obsolete manifest. 2298 rm -f $rootprefix/var/svc/manifest/application/dtlogin.xml 2299 2300 # Delete the service from repository, then use dtconfig -e to 2301 # revert to whatever the WOS bits are using if dtlogin was 2302 # enabled. 2303 cat >> $rootprefix/var/svc/profile/upgrade <<-EOFA 2304 if /usr/bin/svcprop -q application/cde-login; then 2305 if [ \`/usr/bin/svcprop -p general/enabled \ 2306 application/cde-login:default\` = "true" ]; then 2307 do_dtconfig=1; 2308 else 2309 do_dtconfig=0; 2310 fi 2311 2312 /usr/sbin/svccfg delete -f application/cde-login 2313 type instance_refresh 2>&1 > /dev/null 2314 if [ \$? = 0 ]; then 2315 instance_refresh system/console-login 2316 else 2317 /usr/sbin/svcadm refresh system/console-login 2318 fi 2319 2320 if [ \$do_dtconfig -eq 1 -a -x /usr/dt/bin/dtconfig ]; then 2321 /usr/dt/bin/dtconfig -e 2322 fi 2323 fi 2324 EOFA 2325 fi 2326 2327 2328 # Enable the inetd-upgrade service to convert any changes to inetd.conf 2329 smf_enable network/inetd-upgrade 2330 2331 # If global zone, and bfu'ing from smf, and the inetd-upgrade 2332 # service has an obsolete dependency, then add a clear of inetd 2333 # and inetd-upgrade to the upgrade file as either may drop into 2334 # maintenance due to a dependency loop resulting from the new 2335 # inetd manifest 2336 if [[ $zone = global && -x /tmp/bfubin/svccfg ]]; then 2337 /tmp/bfubin/svcprop -q -p network/entities network/inetd-upgrade 2338 if [[ $? = 0 ]]; then 2339 echo "/usr/sbin/svcadm clear network/inetd" >> \ 2340 $rootprefix/var/svc/profile/upgrade 2341 echo "/usr/sbin/svcadm clear network/inetd-upgrade" >> \ 2342 $rootprefix/var/svc/profile/upgrade 2343 fi 2344 fi 2345 2346 # 2347 # Import the name-service-cache service. This is to get the service 2348 # (with correct dependencies) in the repository before reboot. 2349 # 2350 smf_import_service system/name-service-cache.xml 2351 2352 # 2353 # Import the datalink-management service. 2354 # 2355 smf_import_service network/dlmgmt.xml \ 2356 svc:/network/datalink-management:default 2357 2358 # 2359 # Import the ldap/client service. This is to get the service 2360 # (with correct dependencies) in the repository before reboot. 2361 # 2362 smf_import_service network/ldap/client.xml 2363 2364 # Enable new NFS status and nlockmgr services if client is enabled 2365 cat >> $rootprefix/var/svc/profile/upgrade <<-EOF 2366 cl="svc:/network/nfs/client:default" 2367 if [ \`/usr/bin/svcprop -p general/enabled \$cl\` = "true" ]; then 2368 /usr/sbin/svcadm enable svc:/network/nfs/status:default 2369 /usr/sbin/svcadm enable svc:/network/nfs/nlockmgr:default 2370 fi 2371 2372 EOF 2373 2374 kpmani="$rootprefix/var/svc/manifest/network/security/krb5_prop.xml" 2375 if grep svc-kdc.slave $kpmani > /dev/null 2>&1; then 2376 cat >> $rootprefix/var/svc/profile/upgrade <<EOF 2377 # We are deleting and reimporting kpropd's manifest, because we 2378 # need to change the restarter. 2379 kpfmri="svc:/network/security/krb5_prop" 2380 kkfmri="svc:/network/security/krb5kdc:default" 2381 lkpmani="/var/svc/manifest/network/security/krb5_prop.xml" 2382 restarter=\`svcprop -c -p general/restarter \$kpfmri 2>&1\` 2383 case \$restarter in 2384 *network/inetd:default) 2385 kken=\`svcprop -c -p general/enabled \$kkfmri\` 2386 eval $BFUSVCCFG delete -f \$kpfmri 2387 eval $BFUSVCCFG import \$lkpmani 2388 # Enable kpropd if krb5kdc is enabled, since 2389 # krb5kdc would have run kpropd 2390 if [ \$kken = "true" ]; then 2391 svcadm enable \$kpfmri 2392 fi 2393 ;; 2394 esac 2395 EOF 2396 fi 2397 2398 # Enable print server if there are local queues 2399 queues=`echo $rootprefix/etc/lp/printers/*/configuration` 2400 if [ "$queues" != "$rootprefix/etc/lp/printers/*/configuration" ]; then 2401 smf_enable application/print/server 2402 fi 2403 2404 # Enable rarpd and bootparamd if they would have been running pre-SMF 2405 if [ -d $rootprefix/tftpboot ] || [ -d $rootprefix/rplboot ]; then 2406 smf_enable network/rarp 2407 smf_enable network/rpc/bootparams 2408 fi 2409 2410 touch $rootprefix/var/svc/profile/.upgrade_prophist 2411 2412 cat >> $rootprefix/var/svc/profile/upgrade <<EOF 2413 # We are deleting and reimporting dcs's manifest, because we 2414 # need to change the restarter. 2415 dcsfmri="svc:/platform/sun4u/dcs:default" 2416 dcsmani="/var/svc/manifest/platform/sun4u/dcs.xml" 2417 restarter=\`svcprop -c -p general/restarter \$dcsfmri 2>&1\` 2418 case \$restarter in 2419 *network/inetd:default) 2420 en=\`svcprop -c -p general/enabled \$dcsfmri\` 2421 eval $BFUSVCCFG delete -f \$dcsfmri 2422 eval $BFUSVCCFG import \$dcsmani 2423 if [ \$en = "true" ]; then 2424 svcadm enable \$dcsfmri 2425 fi 2426 ;; 2427 esac 2428 EOF 2429 2430 smf_fix_i86pc_profile 2431 2432 smf_bkbfu_templates 2433 } 2434 2435 tx_check_update() { 2436 # 2437 # If a lbl_edition file is found it's a likely sign that old unbundled 2438 # Trusted Extensions packages are installed and TX is active. Update 2439 # etc/system if needed, to complete enabling of the bundled TX. 2440 # 2441 LMOD1=$rootprefix/kernel/sys/lbl_edition 2442 LMOD2=$rootprefix/kernel/sys/amd64/lbl_edition 2443 LMOD3=$rootprefix/kernel/sys/sparcv9/lbl_edition 2444 2445 grep "^set sys_labeling=" $rootprefix/bfu.child/etc/system > \ 2446 /dev/null 2>&1 2447 if [ $? -eq 0 ]; then 2448 return 2449 fi 2450 2451 if [ -f $LMOD1 -o -f $LMOD2 -o -f $LMOD3 ]; then 2452 echo "set sys_labeling=1" >> $rootprefix/bfu.child/etc/system 2453 if [ $? -ne 0 ]; then 2454 echo "cannot set sys_labeling in $rootprefix/bfu.child/etc/system" 2455 return 2456 fi 2457 2458 rm -f $LMOD1 $LMOD2 $LMOD3 2459 fi 2460 } 2461 2462 tx_check_bkbfu() { 2463 # 2464 # Emit a warning message if bfu'ing a Trusted Extensions-enabled system 2465 # backwards to pre TX-merge bits. In this case, unbundled packages must 2466 # be reinstalled to complete restoration of old TX bits. 2467 # 2468 bsmconv=$rootprefix/etc/security/bsmconv 2469 2470 # This check is only needed in global zone 2471 if [[ $zone != global ]]; then 2472 return 2473 fi 2474 2475 # No warning needed if TX is not currently enabled 2476 grep "^set sys_labeling=" $rootprefix/bfu.child/etc/system > \ 2477 /dev/null 2>&1 2478 if [ $? -ne 0 ]; then 2479 return 2480 fi 2481 2482 if [ ! -f $bsmconv ]; then 2483 return 2484 fi 2485 grep " -x /usr/bin/plabel " $bsmconv > /dev/null 2>&1 2486 if [ $? != 0 ]; then 2487 return 2488 fi 2489 2490 print "" 2491 print "*************************************************************" 2492 print " WARNING: BFU'ing TX backwards across 6533113." 2493 print " Must re-install unbundled TX packages to remain Trusted." 2494 print "*************************************************************" 2495 print "" 2496 } 2497 2498 # 2499 # The directboot putback moved the console property from 2500 # /boot/solaris/bootenv.rc to /boot/grub/menu.lst. It should be kept in both. 2501 # 2502 cleanup_eeprom_console() 2503 { 2504 bootenvrc="$root/boot/solaris/bootenv.rc" 2505 menu_console=`eeprom console 2>/dev/null | \ 2506 grep -v 'data not available' | cut -d= -f2-` 2507 bootenv_console=`grep '^setprop[ ]\{1,\}console\>' $bootenvrc` 2508 if [ -n "$menu_console" ] && [ -z "$bootenv_console" ]; then 2509 echo "setprop console '$menu_console'" >> $bootenvrc 2510 fi 2511 } 2512 2513 EXTRACT_LOG=/tmp/bfu-extract-log.$$ 2514 2515 rm -f $EXTRACT_LOG 2516 2517 extraction_error() { 2518 echo error $* >> $EXTRACT_LOG 2519 } 2520 2521 # 2522 # Make a local copy of bfu in /tmp and execute that instead. 2523 # This makes us immune to loss of networking and/or changes 2524 # to the original copy that might occur during execution. 2525 # 2526 cd . 2527 abspath=`[[ $0 = /* ]] && print $0 || print $PWD/$0` 2528 if [[ $abspath != /tmp/* ]]; then 2529 localpath=/tmp/bfu.$$ 2530 print "Copying $abspath to $localpath" 2531 cp $abspath $localpath 2532 chmod +x $localpath 2533 print "Executing $localpath $*\n" 2534 exec $localpath $* 2535 fi 2536 2537 export PATH=/usr/bin:/usr/sbin:/sbin 2538 2539 usage() { 2540 echo "Usage:" 2541 echo " bfu [-fh] <archive_dir> [root-dir]" 2542 echo "\tUpdate a single machine by loading archives on root-dir." 2543 echo "\troot-dir defaults to / (a live bfu).\n" 2544 echo " bfu -c [-fh] <archive_dir> <exec-dir>" 2545 echo "\tUpdate all diskless clients by loading archives on each client" 2546 echo "\tthat mounts exec-dir as /usr. <exec-dir> must start with" 2547 echo "\t/export/exec and each client's root must be in /export/root.\n" 2548 echo "\t-f force bfu to continue even if it doesn't seem safe" 2549 fail "\t-h|-help print this usage message and exit\n" 2550 } 2551 2552 diskless=no 2553 force_override=no 2554 while [ $# -gt 0 ]; do 2555 case $1 in 2556 -c) diskless=yes;; 2557 -f) force_override=yes;; 2558 -h|-help) usage;; 2559 *) break;; 2560 esac 2561 shift 2562 done 2563 2564 # Variables for x86 platforms 2565 boot_is_pcfs=no 2566 have_realmode=no 2567 is_pcfs_boot=no 2568 new_dladm=no 2569 2570 # Set when moving to either directboot or multiboot 2571 multi_or_direct=no 2572 2573 # 2574 # Shows which type of archives we have, which type of system we are 2575 # running on (before the bfu), and what the failsafe archives are 2576 # (again, before the bfu). failsafe_type is only needed on diskful 2577 # bfu's, so it's not set in the diskless case. 2578 # Possible values: unknown, dca, multiboot, directboot, xpv 2579 # 2580 archive_type=unknown 2581 system_type=unknown 2582 failsafe_type=unknown 2583 2584 test $# -ge 1 || usage 2585 2586 if [ -x /usr/bin/ppriv ]; then 2587 # We prefer to use ppriv, as it is a more accurate test, and also 2588 # has the benefit of preventing use from within a nonglobal zone. 2589 ppriv $$ | grep -w "E: all" > /dev/null 2>&1 || \ 2590 fail "bfu requires all privileges" 2591 else 2592 # Fall back to old id check if system does not yet have ppriv. 2593 uid=`id | nawk '{print $1}'` 2594 [ "$uid" = "uid=0(root)" ] || \ 2595 fail "You must be super-user to run this script." 2596 fi 2597 2598 bfu_isa=`uname -p` 2599 target_isa=$bfu_isa 2600 karch=`uname -m` 2601 plat=`uname -i` 2602 2603 cpiodir=$1 2604 2605 if [ "$cpiodir" = again ]; then 2606 cpiodir=`nawk '/^bfu.ed from / { print $3; exit }' /etc/motd` 2607 fi 2608 2609 [[ "$cpiodir" = */* ]] || cpiodir=$ARCHIVE/archives/$target_isa/$1 2610 2611 [[ "$cpiodir" = /* ]] || fail "archive-dir must be an absolute path" 2612 2613 cd $cpiodir 2614 case `echo generic.root*` in 2615 generic.root) ZFIX=""; ZCAT="cat";; 2616 generic.root.gz) ZFIX=".gz"; ZCAT="gzip -d -c";; 2617 generic.root.Z) ZFIX=".Z"; ZCAT="zcat";; 2618 *) fail "generic.root missing or in unknown compression format";; 2619 esac 2620 2621 # 2622 # Determine what kind of archives we're installing, using the following rules: 2623 # 2624 # 1. If i86xpv archives exist, the archives are xpv 2625 # 2. If strap.com is present, the archives are pre-multiboot 2626 # 3. If symdef is present, the archives are directboot 2627 # 4. Otherwise, the archives are multiboot 2628 # 2629 if [ $target_isa = i386 ]; then 2630 if [ -f $cpiodir/i86xpv.root$ZFIX ]; then 2631 archive_type=xpv 2632 multi_or_direct=yes 2633 elif [ -f $cpiodir/i86pc.boot$ZFIX ] && \ 2634 archive_file_exists i86pc.boot "strap.com"; then 2635 archive_type=dca 2636 elif [ -f $cpiodir/i86pc.root$ZFIX ] && \ 2637 archive_file_exists i86pc.boot symdef; then 2638 archive_type=directboot 2639 multi_or_direct=yes 2640 else 2641 archive_type=multiboot 2642 multi_or_direct=yes 2643 fi 2644 fi 2645 2646 if [ $diskless = no ]; then 2647 root=${2:-/} 2648 [[ "$root" = /* ]] || fail "root-dir must be an absolute path" 2649 usrroot=$root 2650 usr=${usrroot%/}/usr 2651 rootlist=$root 2652 2653 [[ -f $root/etc/system ]] || \ 2654 fail "$root/etc/system not found; nonglobal zone target not allowed" 2655 2656 rootfstype=`df -n $root | awk '{print $3}'` 2657 2658 if [ "$rootfstype" = "zfs" ]; then 2659 archive_has_zfs_root_support=no 2660 mkdir /tmp/zfschk.$$ 2661 archive_file_peek generic.lib /tmp/zfschk.$$ \ 2662 "lib/svc/share/fs_include.sh" 2663 if [ -f /tmp/zfschk.$$/lib/svc/share/fs_include.sh ] ; then 2664 if grep '^readswapdev' \ 2665 /tmp/zfschk.$$/lib/svc/share/fs_include.sh \ 2666 >/dev/null 2>&1 ; then 2667 archive_has_zfs_root_support=yes 2668 fi 2669 fi 2670 rm -fr /tmp/zfschk.$$ 2671 2672 if [ "$archive_has_zfs_root_support" = "no" ] ; then 2673 fail "Cannot bfu a system with zfs root to an archive with no zfs root support" 2674 fi 2675 fi 2676 2677 # Make sure we extract the sun4u-us3 libc_psr.so.1 2678 if [ -d $root/platform/sun4u -a \ 2679 ! -d $root/platform/sun4u-us3 ] 2680 then 2681 mkdir $root/platform/sun4u-us3 2682 chmod 755 $root/platform/sun4u-us3 2683 chown root $root/platform/sun4u-us3 2684 chgrp sys $root/platform/sun4u-us3 2685 fi 2686 2687 if [ $target_isa = i386 ]; then 2688 if [ $archive_type = xpv ]; then 2689 # 2690 # On i386, we want to apply the archives for both 2691 # platforms (i86pc and i86xpv) if they exist. We 2692 # force the platform to i86xpv so that both will be 2693 # applied. 2694 # 2695 karch=i86pc 2696 plat=i86xpv 2697 fi 2698 if [ ! -d $root/platform/i86hvm ]; then 2699 mkdir $root/platform/i86hvm 2700 fi 2701 fi 2702 2703 if [ $karch != $plat -a -f ${cpiodir}/${plat}.usr$ZFIX ]; then 2704 usrarchs="$karch $plat" 2705 else 2706 usrarchs="$karch" 2707 fi 2708 if [ $karch != $plat -a -f ${cpiodir}/${plat}.root$ZFIX ]; then 2709 rootarchs="$karch $plat" 2710 else 2711 rootarchs="$karch" 2712 fi 2713 2714 if [ -h ${root}/platform/${plat} ]; then 2715 rm -f ${root}/platform/${plat} 2716 fi 2717 if [ -h ${usr}/platform/${plat} ]; then 2718 rm -f ${usr}/platform/${plat} 2719 fi 2720 2721 if [ $plat != $karch -a -f ${cpiodir}/${plat}.root$ZFIX \ 2722 -a -f ${cpiodir}/${plat}.usr$ZFIX ] 2723 then 2724 cd $cpiodir 2725 # 2726 # Look through all the archives we build and match 2727 # the names of built archives with the names of 2728 # directories installed on this machine. We assume 2729 # here that we can get the names of all architectures 2730 # by pattern matching the names of .root archives - so 2731 # if we ever had a case where we had only a .usr archive 2732 # we wouldn't find that archive. 2733 # 2734 for i in *.root* 2735 do 2736 platname=${i%.root*} 2737 if [ -z "${platname}" -o ${platname} = $karch -o \ 2738 $platname = generic -o ${platname} = $plat ]; then 2739 continue; 2740 fi 2741 if [ -d ${root}/platform/${platname} -o \ 2742 -h ${root}/platform/${platname} ]; then 2743 rootarchs="${rootarchs} ${platname}" 2744 fi 2745 if [ -d ${usr}/platform/${platname} -o \ 2746 -h ${usr}/platform/${platname} ]; then 2747 usrarchs="${usrarchs} ${platname}" 2748 fi 2749 if [ -h ${root}/platform/${platname} ]; then 2750 rm -f ${root}/platform/${platname} 2751 fi 2752 if [ -h ${usr}/platform/${platname} ]; then 2753 rm -f ${usr}/platform/${platname} 2754 fi 2755 done 2756 fi 2757 if [ "$rootfstype" = "ufs" ] ; then 2758 rootslice=`df -k $root | nawk 'NR > 1 { print $1 }' | \ 2759 sed s/dsk/rdsk/` 2760 fi 2761 2762 print "Loading $cpiodir on $root" 2763 else 2764 usrroot=$2 2765 usr=$2/usr 2766 [[ "$usr" = /export/exec/* ]] || fail "exec-dir $usrroot sounds bogus" 2767 case $2 in 2768 *sparc*) 2769 target_isa=sparc ;; 2770 *i386*) 2771 target_isa=i386 ;; 2772 esac 2773 cd $cpiodir 2774 test -f generic.root$ZFIX || fail "$cpiodir/generic.root$ZFIX missing" 2775 allarchs=$(echo $(ls *.root$ZFIX | grep -v generic.root$ZFIX | \ 2776 sed -e 's/.root.*//')) 2777 2778 if [ $target_isa = i386 -a $archive_type = xpv ]; then 2779 # 2780 # On i386, we want to apply the archives for both platforms 2781 # (i86pc and i86xpv) if they exist. We force the platform 2782 # to i86xpv so that both will be applied. 2783 # 2784 karch=i86pc 2785 plat=i86xpv 2786 else 2787 # XXX Pick karch as last available root arch 2788 karch=${allarchs##* } 2789 # XXX Pick plat as first available root arch 2790 plat=${allarchs%% *} 2791 fi 2792 2793 rootlist="" 2794 for root in /export/root/* 2795 do 2796 test -f $root/etc/vfstab && 2797 egrep -s $usrroot $root/etc/vfstab && 2798 rootlist="$rootlist $root" 2799 done 2800 test -n "$rootlist" || fail "no clients to upgrade" 2801 print "Loading $cpiodir usr archives on:\n\t$usr\n" 2802 print "Loading $cpiodir root archives on:" 2803 for root in $rootlist 2804 do 2805 print "\t$root" 2806 done 2807 fi 2808 2809 if grep '^[ ]*zfsroot:' $root/etc/system >/dev/null && \ 2810 archive_file_exists i86pc.boot boot/grub/zfs_stage1_5; then 2811 echo "Cannot BFU a system with the mountroot version"\ 2812 "of zfs boot support." 2813 echo "For information on how to transition this system to the new" 2814 echo "zfs boot support, see:" 2815 echo "http://www.opensolaris.org/os/community/zfs/boot/zfsboot-manual/mntroot-transition/" 2816 fail "" 2817 fi 2818 2819 nss_lib="$usr/lib/mps/libnss3.so" 2820 nss_lib64="$usr/lib/mps/64/libnss3.so" 2821 valid_rpath="\$ORIGIN:/usr/lib/mps/secv1:/usr/lib/mps" 2822 rpath_msg="R(UN)?PATH from file ${nss_lib}\)" 2823 if [ ! -x /usr/bin/ldd ]; then 2824 if [ "$force_override" = yes ]; then 2825 echo "/usr/bin/ldd is missing but -f is set; continuing." 2826 else 2827 echo "/usr/bin/ldd is missing." 2828 fail "Install the SUNWtoo package." 2829 fi 2830 fi 2831 nss_rpath=`ldd -s $nss_lib | egrep "$rpath_msg" | head -1 | cut -d'=' -f2 | \ 2832 awk '{print $1}'` 2833 update_script="${GATE}/public/bin/update_nsspkgs" 2834 if [ $valid_rpath != "$nss_rpath" ]; then 2835 if [ "$force_override" = yes ]; then 2836 echo "$nss_lib is not valid but -f is set; continuing." 2837 else 2838 echo "$nss_lib is not valid." 2839 fail "Run $update_script to update the SUNWtls package." 2840 fi 2841 fi 2842 if [ $target_isa = i386 -a ! -f $nss_lib64 ]; then 2843 echo "$nss_lib64 does not exist." 2844 fail "Run $update_script to update the NSS packages." 2845 fi 2846 2847 update_script="${GATE}/public/bin/migrate_bind9" 2848 if [[ ! -f $usr/lib/dns/libdns.so ]] && ! $ZCAT $cpiodir/generic.usr$ZFIX | \ 2849 cpio -it 2>/dev/null | egrep -s '^usr/sbin/ndc' ; then 2850 if [ "$force_override" = yes ]; then 2851 echo "BIND 9 has not been installed, but -f is set; continuing." 2852 else 2853 echo "BIND 8 has been removed from ON; BIND 9 is available from SFW." 2854 fail "Run $update_script to migrate to BIND 9." 2855 fi 2856 fi 2857 2858 update_script="${GATE}/public/bin/update_ce" 2859 if ifconfig -a | egrep '^ce' >/dev/null 2>/dev/null; then 2860 # CE version 1.148 or later is required 2861 cever=`modinfo | grep 'CE Ethernet' | sed 's/.*v1\.//' | tr -d ')' | \ 2862 nawk '{ if ($1 < 148) print "BAD"; else print $1 }'` 2863 if [ "$cever" = "BAD" ]; then 2864 fail "You must run $update_script to upgrade your ce driver." 2865 fi 2866 fi 2867 2868 update_script="${GATE}/public/bin/update_dbus" 2869 if [ ! -x $usr/lib/dbus-daemon ]; then 2870 fail "Run $update_script to update D-Bus." 2871 fi 2872 2873 # 2874 # We need biosdev if we're moving from pre-multiboot to multiboot or directboot 2875 # kernels. If we already have an i86xpv kernel, then we must already be a 2876 # directboot kernel, and can therefore skip the check. 2877 # 2878 if [ $target_isa = i386 ] && [ $multi_or_direct = yes ] && \ 2879 [ $diskless = no ] && [ ! -d /platform/i86xpv/ ]; then 2880 prtconf -v | grep biosdev >/dev/null 2>&1 2881 if [ $? -ne 0 ] && [ ! -f $rootprefix/platform/i86pc/multiboot ]; then 2882 echo "biosdev cannot be run on this machine." 2883 echo "Transitioning from classic to multiboot requires a" 2884 echo "bootconf which is compatible with biosdev." 2885 echo "bfu to onnv_12 first, then to a build with multiboot." 2886 fail "" 2887 fi 2888 fi 2889 2890 # 2891 # Check whether the archives have a datalink-management services; this is 2892 # later used to determine whether we need to upgrade the existing datalink 2893 # configuration and if the datalink-management service needs to be removed. 2894 # 2895 if archive_file_exists generic.sbin "sbin/dlmgmtd"; then 2896 dlmgmtd_exists=true 2897 else 2898 dlmgmtd_exists=false 2899 fi 2900 # 2901 # Set the value of dlmgmtd_status based on the existence of the 2902 # /sbin/dlmgmtd file 2903 # 2904 dlmgmtd_status=none 2905 if [[ -f $root/sbin/dlmgmtd ]] && ! $dlmgmtd_exists ; then 2906 dlmgmtd_status=cleanup 2907 elif [[ ! -f $root/sbin/dlmgmtd ]] && $dlmgmtd_exists ; then 2908 dlmgmtd_status=new 2909 fi 2910 2911 # 2912 # Check whether the archives have an etc/dladm directory; this is 2913 # later used to determine if aggregation.conf needs to be moved. 2914 # 2915 if $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | \ 2916 grep etc/dladm > /dev/null 2>&1 ; then 2917 new_dladm=yes 2918 fi 2919 2920 # 2921 # The Clearview IP Tunneling project changes the format of the 2922 # /etc/dladm/datalink.conf file. The conversion is done in the 2923 # dlmgmtd daemon, so there is no backwards conversion when bfu'ing 2924 # backwards. The solution is to have bfu save the old file away when 2925 # bfu'ing across this project, and restore it when bfu'ing back. 2926 # 2927 datalink_file=$root/etc/dladm/datalink.conf 2928 datalink_backup=$root/etc/dladm/datalink.conf.bfusave 2929 datalink_action=none 2930 if [[ -f $datalink_file ]]; then 2931 iptun_exists=false 2932 if archive_file_exists generic.kernel "kernel/drv/iptun.conf"; then 2933 iptun_exists=true 2934 fi 2935 if [[ ! -f $root/kernel/drv/iptun.conf ]] && $iptun_exists; then 2936 datalink_action=save 2937 elif [[ -f $root/kernel/drv/iptun.conf ]] && ! $iptun_exists; then 2938 datalink_action=restore 2939 fi 2940 fi 2941 2942 # 2943 # Check whether the build is boot-archive or ufsboot sparc 2944 # boot based on the existence of a generic.boot archive 2945 # 2946 newboot_sparc=no 2947 if [ $target_isa = sparc -a -f $cpiodir/generic.boot$ZFIX ]; then 2948 newboot_sparc=yes 2949 fi 2950 2951 time_ref=/tmp/bfu.time_ref.$$ 2952 rm -f $time_ref 2953 touch $time_ref || fail "$time_ref: Unable to create time reference." 2954 time_ref_seconds=$SECONDS 2955 2956 print "\nCreating bfu execution environment ..." 2957 2958 # 2959 # Save off a few critical libraries and commands, so that bfu will 2960 # continue to function properly even in the face of major 2961 # kernel/library/command incompatibilities during a live upgrade. 2962 # 2963 bfucmd=" 2964 /usr/bin/awk 2965 /usr/bin/cat 2966 /usr/bin/chgrp 2967 /usr/bin/chmod 2968 /usr/bin/chown 2969 /usr/bin/cmp 2970 /usr/bin/cp 2971 /usr/bin/cpio 2972 /usr/bin/csh 2973 /usr/bin/cut 2974 /usr/bin/date 2975 /usr/bin/dd 2976 /usr/bin/df 2977 /usr/bin/diff 2978 /usr/bin/du 2979 /usr/bin/echo 2980 /usr/bin/ed 2981 /usr/bin/egrep 2982 /usr/bin/env 2983 /usr/bin/ex 2984 /usr/bin/expr 2985 /usr/bin/false 2986 /usr/bin/fgrep 2987 /usr/bin/file 2988 /usr/bin/find 2989 /usr/bin/gettext 2990 /usr/bin/grep 2991 /usr/bin/head 2992 /usr/bin/id 2993 /usr/bin/ksh 2994 /usr/bin/ksh93 2995 /usr/bin/line 2996 /usr/bin/ln 2997 /usr/bin/ls 2998 /usr/bin/mkdir 2999 /usr/bin/mktemp 3000 /usr/bin/more 3001 /usr/bin/mv 3002 /usr/bin/nawk 3003 /usr/bin/pgrep 3004 /usr/bin/pkginfo 3005 /usr/bin/pkill 3006 /usr/bin/printf 3007 /usr/bin/ps 3008 /usr/bin/ptree 3009 /usr/bin/rm 3010 /usr/bin/rmdir 3011 /usr/bin/sed 3012 /usr/bin/sh 3013 /usr/bin/sort 3014 /usr/bin/strings 3015 /usr/bin/stty 3016 /usr/bin/su 3017 /usr/bin/tail 3018 /usr/bin/tee 3019 /usr/bin/touch 3020 /usr/bin/tr 3021 /usr/bin/true 3022 /usr/bin/truss 3023 /usr/bin/tty 3024 /usr/bin/uname 3025 /usr/bin/uniq 3026 /usr/bin/uptime 3027 /usr/bin/vi 3028 /usr/bin/w 3029 /usr/bin/wc 3030 /usr/bin/xargs 3031 /usr/bin/zcat 3032 /usr/sbin/add_drv 3033 /usr/sbin/chroot 3034 /usr/sbin/halt 3035 /usr/sbin/lockfs 3036 /usr/sbin/lofiadm 3037 /usr/sbin/mkfile 3038 /usr/sbin/mkfs 3039 /usr/sbin/mknod 3040 /usr/sbin/mount 3041 /usr/sbin/newfs 3042 /usr/sbin/pkgrm 3043 /usr/sbin/prtconf 3044 /usr/sbin/reboot 3045 /usr/sbin/rem_drv 3046 /usr/sbin/sync 3047 /usr/sbin/tar 3048 /usr/sbin/uadmin 3049 /usr/sbin/umount 3050 /usr/sbin/update_drv 3051 /usr/sbin/wall 3052 /usr/sbin/zonecfg 3053 ${FASTFS-$GATE/public/bin/$bfu_isa/fastfs} 3054 ${GZIPBIN-$GATE/public/bin/$bfu_isa/gzip} 3055 " 3056 # 3057 # Scripts needed by BFU. These must be modified to use the interpreters in 3058 # /tmp/bfubin. The interpreters in /usr/bin may not be compatible with the 3059 # libraries in the archives being extracted. 3060 # 3061 bfuscr=" 3062 ${ACR-${GATE}/public/bin/acr} 3063 " 3064 3065 # 3066 # Tools which may be either scripts or ELF binaries, 3067 # so we need to check them before adding to either $bfucmd or $bfuscr. 3068 # This does not handle compiled shell scripts yet. 3069 # 3070 bfuchameleons=" 3071 /usr/bin/basename 3072 /usr/bin/bg 3073 /usr/bin/cd 3074 /usr/bin/cksum 3075 /usr/bin/cmp 3076 /usr/bin/comm 3077 /usr/bin/command 3078 /usr/bin/dirname 3079 /usr/bin/cut 3080 /usr/bin/fc 3081 /usr/bin/fg 3082 /usr/bin/getopts 3083 /usr/bin/hash 3084 /usr/bin/jobs 3085 /usr/bin/join 3086 /usr/bin/kill 3087 /usr/bin/logname 3088 /usr/bin/paste 3089 /usr/bin/print 3090 /usr/bin/read 3091 /usr/bin/rev 3092 /usr/bin/sleep 3093 /usr/bin/sum 3094 /usr/bin/tee 3095 /usr/bin/test 3096 /usr/bin/type 3097 /usr/bin/ulimit 3098 /usr/bin/umask 3099 /usr/bin/unalias 3100 /usr/bin/uniq 3101 /usr/bin/wait 3102 /usr/bin/wc 3103 " 3104 3105 for chameleon in ${bfuchameleons} ; do 3106 if [[ "$(file "${chameleon}")" == *ELF* ]] ; then 3107 bfucmd="${bfucmd} ${chameleon}" 3108 else 3109 bfuscr="${bfuscr} ${chameleon}" 3110 fi 3111 done 3112 3113 rm -rf /tmp/bfubin 3114 mkdir /tmp/bfubin 3115 set $bfucmd 3116 isalist=`isalist` 3117 while [ $# -gt 0 ] 3118 do 3119 dir=${1%/*} 3120 cmd=${1##*/} 3121 cd $dir 3122 isacmd=`(find $isalist -name $cmd 2>/dev/null; echo $cmd) | head -1` 3123 cp $dir/$isacmd /tmp/bfubin || fail "cannot copy $dir/$isacmd" 3124 shift 3125 done 3126 3127 # 3128 # Optional commands. We warn, but do not abort, if we are crossing a 3129 # feature boundary (where a command is not present in the parent). 3130 # Clauses requiring these commands must explicitly test for their 3131 # presence in /tmp/bfubin. 3132 # 3133 bfuoptcmd=" 3134 /sbin/biosdev 3135 /sbin/bootadm 3136 /sbin/installgrub 3137 /usr/sbin/fdisk 3138 /usr/sbin/metastat 3139 /usr/bin/mkisofs 3140 /usr/sbin/svcadm 3141 /usr/sbin/svccfg 3142 /usr/bin/svcprop 3143 /usr/bin/svcs 3144 " 3145 3146 set $bfuoptcmd 3147 isalist=`isalist` 3148 while [ $# -gt 0 ] 3149 do 3150 dir=${1%/*} 3151 cmd=${1##*/} 3152 cd $dir 3153 isacmd=`(find $isalist -name $cmd 2>/dev/null; echo $cmd) | head -1` 3154 cp $dir/$isacmd /tmp/bfubin 2>/dev/null