Home | History | Annotate | Download | only in scripts
      1 #!/bin/ksh
      2 #
      3 # CDDL HEADER START
      4 #
      5 # The contents of this file are subject to the terms of the
      6 # Common Development and Distribution License (the "License").
      7 # You may not use this file except in compliance with the License.
      8 #
      9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
     10 # or http://www.opensolaris.org/os/licensing.
     11 # See the License for the specific language governing permissions
     12 # and limitations under the License.
     13 #
     14 # When distributing Covered Code, include this CDDL HEADER in each
     15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
     16 # If applicable, add the following below this CDDL HEADER, with the
     17 # fields enclosed by brackets "[]" replaced with your own identifying
     18 # information: Portions Copyright [yyyy] [name of copyright owner]
     19 #
     20 # CDDL HEADER END
     21 #
     22 
     23 #
     24 # Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
     25 # Use is subject to license terms.
     26 #
     27 # Upgrade a machine from a cpio archive area in about 5 minutes.
     28 # By Roger Faulkner and Jeff Bonwick, April 1993.
     29 # (bfu == Bonwick/Faulkner Upgrade, a.k.a. Blindingly Fast Upgrade)
     30 #
     31 # Usage: bfu    [-f] <archive_dir> [root-dir]	# for normal machines
     32 #        bfu -c [-f] <archive_dir> <exec-dir>	# for diskless clients
     33 #
     34 # The -f flag is to override the built-in safety check which requires
     35 # that the starting-point OS be a least a certain revision.
     36 #
     37 # You have to be super-user.  It's safest to run this from the
     38 # system console, although I've run it under OW and even via
     39 # remote login with no problems.
     40 #
     41 # You will have to reboot the system when the upgrade is complete.
     42 #
     43 # You should add any administrative files you care about to this list.
     44 # Warning: there had better be no leading '/' on any of these filenames.
     45 
     46 #
     47 # The CDPATH variable causes ksh's `cd' builtin to emit messages to stdout
     48 # under certain circumstances, which can really screw things up; unset it.
     49 #
     50 unset CDPATH
     51 
     52 export LC_ALL="C"
     53 
     54 if [ -z "$GATEPATH" ]; then
     55 	GATEPATH=/ws/onnv-gate
     56 	test -d $GATEPATH || GATEPATH=/net/onnv.eng/export/onnv-gate
     57 fi
     58 export GATE=${GATEPATH}
     59 export ARCHIVE=${ARCHIVEPATH:-${GATEPATH}}
     60 
     61 #
     62 # NOTE:	Entries in *_files must expand to either the exact files required,
     63 #	or to directories that will be scoured for files.  Any directories
     64 #	(and subdirectories) resulting from a wildcard expansion will be
     65 #	fully recursed by BFU's searching for files.  (E.g. /etc/inet/* will
     66 #	include all files in any of its directories, as well as any files in
     67 #	/etc/inet/ itself.
     68 #
     69 #	These lists should really be generated automatically from the
     70 #	pkgmap(4) metadata.
     71 #
     72 
     73 #
     74 # First list: files to be saved in global and non-global zones.
     75 #
     76 all_zones_files="
     77 	etc/.login
     78 	etc/acct/holidays
     79 	etc/auto_*
     80 	etc/cron.d/at.deny
     81 	etc/cron.d/cron.deny
     82 	etc/crypto/pkcs11.conf
     83 	etc/default/*
     84 	etc/dev/reserved_devnames
     85 	etc/dfs/dfstab
     86 	etc/dumpdates
     87 	etc/ftpd/*
     88 	etc/ftpusers
     89 	etc/group
     90 	etc/gss/gsscred.conf
     91 	etc/gss/mech
     92 	etc/gss/qop
     93 	etc/inet/*
     94 	etc/init.d/*
     95 	etc/inittab
     96 	etc/ipf/ipf.conf
     97 	etc/iu.ap
     98 	etc/krb5/kadm5.acl
     99 	etc/krb5/kdc.conf
    100 	etc/krb5/kpropd.acl
    101 	etc/krb5/krb5.conf
    102 	etc/krb5/warn.conf
    103 	etc/ksh.kshrc
    104 	etc/logadm.conf
    105 	etc/logindevperm
    106 	etc/lp/Systems
    107 	etc/mail/*.cf
    108 	etc/mail/*.hf
    109 	etc/mail/*.rc
    110 	etc/mail/aliases
    111 	etc/mail/helpfile
    112 	etc/mail/local-host-names
    113 	etc/mail/trusted-users
    114 	etc/named.conf
    115 	etc/net/*/services
    116 	etc/netconfig
    117 	etc/nfs/nfslog.conf
    118 	etc/nfssec.conf
    119 	etc/nscd.conf
    120 	etc/nsswitch.*
    121 	etc/pam.conf
    122 	etc/passwd
    123 	etc/policy.conf
    124 	etc/printers.conf
    125 	etc/profile
    126 	etc/project
    127 	etc/publickey
    128 	etc/remote
    129 	etc/resolv.conf
    130 	etc/rmmount.conf
    131 	etc/rpc
    132 	etc/rpld.conf
    133 	etc/saf/_sactab
    134 	etc/saf/_sysconfig
    135 	etc/saf/zsmon/_pmtab
    136 	etc/security/audit_class
    137 	etc/security/audit_control
    138 	etc/security/audit_event
    139 	etc/security/audit_startup
    140 	etc/security/audit_user
    141 	etc/security/audit_warn
    142 	etc/security/auth_attr
    143 	etc/security/crypt.conf
    144 	etc/security/exec_attr
    145 	etc/security/policy.conf
    146 	etc/security/prof_attr
    147 	etc/sfw/openssl/openssl.cnf
    148 	etc/shadow
    149 	etc/skel/.profile
    150 	etc/skel/local.*
    151 	etc/ssh/ssh_config
    152 	etc/ssh/sshd_config
    153 	etc/syslog.conf
    154 	etc/ttydefs
    155 	etc/ttysrch
    156 	etc/user_attr
    157 	etc/uucp/[A-Z]*
    158 	etc/vfstab
    159 	var/smb/*
    160 	var/spool/cron/crontabs/*
    161 	var/yp/Makefile
    162 	var/yp/aliases
    163 	var/yp/nicknames
    164 "
    165 
    166 #
    167 # Second list: files to be saved in the global zone only.
    168 #
    169 global_zone_only_files="
    170 	boot/grub/menu.lst
    171 	boot/solaris/bootenv.rc
    172 	boot/solaris/devicedb/master
    173 	boot/solaris/filelist.ramdisk
    174 	etc/aggregation.conf
    175 	etc/bootrc
    176 	etc/crypto/kcf.conf
    177 	etc/devlink.tab
    178 	etc/dladm/*
    179 	etc/driver_aliases
    180 	etc/driver_classes
    181 	etc/lvm/devpath
    182 	etc/lvm/lock
    183 	etc/lvm/md.cf
    184 	etc/lvm/md.ctlrmap
    185 	etc/lvm/md.tab
    186 	etc/lvm/mddb.cf
    187 	etc/lvm/runtime.cf
    188 	etc/mach
    189 	etc/minor_perm
    190 	etc/name_to_major
    191 	etc/name_to_sysnum
    192 	etc/nca/nca.if
    193 	etc/nca/ncakmod.conf
    194 	etc/nca/ncalogd.conf
    195 	etc/nca/ncaport.conf
    196 	etc/openwin/server/etc/OWconfig
    197 	etc/path_to_inst
    198 	etc/power.conf
    199 	etc/ppp/chap-secrets
    200 	etc/ppp/options
    201 	etc/ppp/pap-secrets
    202 	etc/security/device_policy
    203 	etc/security/extra_privs
    204 	etc/security/tsol/devalloc_defaults
    205 	etc/security/tsol/label_encodings
    206 	etc/security/tsol/relabel
    207 	etc/security/tsol/tnrhdb
    208 	etc/security/tsol/tnrhtp
    209 	etc/security/tsol/tnzonecfg
    210 	etc/system
    211 	etc/zones/index
    212 	kernel/drv/aac.conf
    213 	kernel/drv/elxl.conf
    214 	kernel/drv/emlxs.conf
    215 	kernel/drv/fp.conf
    216 	kernel/drv/iscsi.conf
    217 	kernel/drv/md.conf
    218 	kernel/drv/mpt.conf
    219 	kernel/drv/mpt_sas.conf
    220 	kernel/drv/options.conf
    221 	kernel/drv/pmcs.conf
    222 	kernel/drv/qlc.conf
    223 	kernel/drv/ra.conf
    224 	kernel/drv/scsa2usb.conf
    225 	kernel/drv/scsi_vhci.conf
    226 	kernel/drv/sd.conf
    227 	kernel/drv/ssd.conf
    228 	platform/*/kernel/drv/*ppm.conf
    229 	platform/i86pc/kernel/drv/aha.conf
    230 	platform/i86pc/kernel/drv/asy.conf
    231 	platform/sun4u/boot.conf
    232 "
    233 
    234 #
    235 # Third list: files extracted from generic.root but which belong in the global
    236 # zone only: they are superfluous (and some even harmful) in nonglobal zones.
    237 #
    238 # (note: as /etc/init.d scripts are converted to smf(5) "Greenline" services,
    239 # they (and their /etc/rc?.d hardlinks) should be removed from this list when
    240 # they are added to smf_obsolete_rc_files, below)
    241 #
    242 superfluous_nonglobal_zone_files="
    243 	dev/dsk
    244 	dev/fd
    245 	dev/pts
    246 	dev/rdsk
    247 	dev/rmt
    248 	dev/stderr
    249 	dev/stdin
    250 	dev/stdout
    251 	dev/swap
    252 	dev/term
    253 	dev/vt
    254 	devices
    255 	etc/dacf.conf
    256 	etc/dat
    257 	etc/default/metassist.xml
    258 	etc/default/power
    259 	etc/flash/postdeployment/svm.cleanup
    260 	etc/flash/predeployment/svm.save
    261 	etc/inet/ipqosconf.1.sample
    262 	etc/inet/ipqosconf.2.sample
    263 	etc/inet/ipqosconf.3.sample
    264 	etc/inet/sock2path
    265 	etc/init.d/devlinks
    266 	etc/init.d/dodatadm.udaplt
    267 	etc/init.d/drvconfig
    268 	etc/init.d/llc2
    269 	etc/init.d/ncakmod
    270 	etc/init.d/ncalogd
    271 	etc/init.d/pcmcia
    272 	etc/init.d/pppd
    273 	etc/init.d/wrsmcfg
    274 	etc/llc2
    275 	etc/lvm
    276 	etc/nca
    277 	etc/openwin
    278 	etc/ppp
    279 	etc/rc0.d/K34ncalogd
    280 	etc/rc0.d/K50pppd
    281 	etc/rc0.d/K52llc2
    282 	etc/rc1.d/K34ncalogd
    283 	etc/rc1.d/K50pppd
    284 	etc/rc1.d/K52llc2
    285 	etc/rc2.d/S40llc2
    286 	etc/rc2.d/S42ncakmod
    287 	etc/rc2.d/S47pppd
    288 	etc/rc2.d/S81dodatadm.udaplt
    289 	etc/rc2.d/S94ncalogd
    290 	etc/rcS.d/K34ncalogd
    291 	etc/rcS.d/K44wrsmcfg
    292 	etc/rcS.d/K50pppd
    293 	etc/rcS.d/K52llc2
    294 	etc/rcS.d/S29wrsmcfg
    295 	etc/rcm
    296 	etc/sock2path
    297 	etc/usb
    298 	etc/wrsm
    299 	etc/zones
    300 	kernel
    301 	lib/libmeta.so
    302 	lib/libmeta.so.1
    303 	lib/svc/method/devices-audio
    304 	lib/svc/method/fc-fabric
    305 	lib/svc/method/iscsi-initiator
    306 	lib/svc/method/ldoms-agents
    307 	lib/svc/method/npivconfig
    308 	lib/svc/method/sf880dr
    309 	lib/svc/method/svc-cvcd
    310 	lib/svc/method/svc-dcs
    311 	lib/svc/method/svc-drd
    312 	lib/svc/method/svc-dscp
    313 	lib/svc/method/svc-dumpadm
    314 	lib/svc/method/svc-fcoei
    315 	lib/svc/method/svc-fcoet
    316 	lib/svc/method/svc-intrd
    317 	lib/svc/method/svc-hal
    318 	lib/svc/method/svc-labeld
    319 	lib/svc/method/svc-mdmonitor
    320 	lib/svc/method/svc-metainit
    321 	lib/svc/method/svc-metasync
    322 	lib/svc/method/svc-oplhpd
    323 	lib/svc/method/svc-poold
    324 	lib/svc/method/svc-pools
    325 	lib/svc/method/svc-power
    326 	lib/svc/method/svc-resource-mgmt
    327 	lib/svc/method/svc-rmvolmgr
    328 	lib/svc/method/svc-scheduler
    329 	lib/svc/method/svc-sckmd
    330 	lib/svc/method/svc-stmf
    331 	lib/svc/method/svc-syseventd
    332 	lib/svc/method/svc-tnctl
    333 	lib/svc/method/svc-tnd
    334 	lib/svc/method/svc-vntsd
    335 	lib/svc/method/svc-zones
    336 	lib/svc/method/vtdaemon
    337 	platform/*/kernel
    338 	platform/SUNW,Sun-Fire-15000/lib/cvcd
    339 	platform/SUNW,Ultra-Enterprise-10000/lib/cvcd
    340 	platform/i86pc/biosint
    341 	platform/i86pc/multiboot
    342 	platform/sun4u/cprboot
    343 	platform/sun4u/lib/libwrsmconf.so
    344 	platform/sun4u/lib/libwrsmconf.so.1
    345 	platform/sun4u/lib/sparcv9/libwrsmconf.so
    346 	platform/sun4u/lib/sparcv9/libwrsmconf.so.1
    347 	platform/sun4u/sbin
    348 	platform/sun4u/wanboot
    349 	platform/sun4v/wanboot
    350 	sbin/metadb
    351 	sbin/metadevadm
    352 	sbin/metainit
    353 	sbin/metarecover
    354 	sbin/metastat
    355 	usr/include/sys/dcam
    356 	usr/lib/devfsadm/linkmod/SUNW_dcam1394_link.so
    357 	usr/lib/ldoms
    358 	usr/platform/SUNW,SPARC-Enterprise/lib/dscp.ppp.options
    359 	usr/platform/SUNW,SPARC-Enterprise/lib/libdscp.so
    360 	usr/platform/SUNW,SPARC-Enterprise/lib/libdscp.so.1
    361 	usr/platform/SUNW,SPARC-Enterprise/lib/llib-ldscp.ln
    362 	usr/platform/SUNW,SPARC-Enterprise/sbin/prtdscp
    363 	var/adm/pool
    364 	var/log/pool
    365 	var/svc/manifest/network/iscsi/iscsi-initiator.xml
    366 	var/svc/manifest/network/npiv_config.xml
    367 	var/svc/manifest/network/rpc/mdcomm.xml
    368 	var/svc/manifest/network/rpc/meta.xml
    369 	var/svc/manifest/network/rpc/metamed.xml
    370 	var/svc/manifest/network/rpc/metamh.xml
    371 	var/svc/manifest/network/tnctl.xml
    372 	var/svc/manifest/network/tnd.xml
    373 	var/svc/manifest/platform/i86pc/eeprom.xml
    374 	var/svc/manifest/platform/sun4u/dcs.xml
    375 	var/svc/manifest/platform/sun4u/dscp.xml
    376 	var/svc/manifest/platform/sun4u/efdaemon.xml
    377 	var/svc/manifest/platform/sun4u/oplhpd.xml
    378 	var/svc/manifest/platform/sun4u/sckmd.xml
    379 	var/svc/manifest/platform/sun4u/sf880drd.xml
    380 	var/svc/manifest/platform/sun4v
    381 	var/svc/manifest/system/cvc.xml
    382 	var/svc/manifest/system/device/devices-audio.xml
    383 	var/svc/manifest/system/device/devices-fc-fabric.xml
    384 	var/svc/manifest/system/dumpadm.xml
    385 	var/svc/manifest/system/fcoe_initiator.xml
    386 	var/svc/manifest/system/fcoe_target.xml
    387 	var/svc/manifest/system/filesystem/rmvolmgr.xml
    388 	var/svc/manifest/system/fmd.xml
    389 	var/svc/manifest/system/hal.xml
    390 	var/svc/manifest/system/intrd.xml
    391 	var/svc/manifest/system/labeld.xml
    392 	var/svc/manifest/system/mdmonitor.xml
    393 	var/svc/manifest/system/metainit.xml
    394 	var/svc/manifest/system/metasync.xml
    395 	var/svc/manifest/system/picl.xml
    396 	var/svc/manifest/system/poold.xml
    397 	var/svc/manifest/system/pools.xml
    398 	var/svc/manifest/system/power.xml
    399 	var/svc/manifest/system/resource-mgmt.xml
    400 	var/svc/manifest/system/scheduler.xml
    401 	var/svc/manifest/system/stmf.xml
    402 	var/svc/manifest/system/sysevent.xml
    403 	var/svc/manifest/system/vtdaemon.xml
    404 	var/svc/manifest/system/zones.xml
    405 "
    406 
    407 #
    408 # Fourth list: files to be preserved, ie unconditionally restored to
    409 # "child" versions
    410 #
    411 preserve_files="
    412 	etc/hostid
    413 	kernel/misc/amd64/sysinit
    414 	kernel/misc/amd64/usbs49_fw
    415 	kernel/misc/sparcv9/usbs49_fw
    416 	kernel/misc/sysinit
    417 	kernel/misc/usbs49_fw
    418 	var/adm/aculog
    419 	var/adm/spellhist
    420 	var/adm/utmpx
    421 	var/adm/wtmpx
    422 	var/log/authlog
    423 	var/log/syslog
    424 	var/saf/zsmon/log
    425 "
    426 
    427 realmode_files="
    428 	boot/solaris/bootenv.rc
    429 	boot/solaris/devicedb/master
    430 "
    431 
    432 #
    433 # /usr/sadm/install/scripts/i.build class runs class client provided
    434 # script. The files below are managed by build class and its build script.
    435 # They are added /bfu.conflict/NEW and the acr.sh process runs the script
    436 # as part of conflict resolution. 
    437 #
    438 build_class_script_files="
    439 	etc/mpapi.conf
    440 	etc/hba.conf
    441 	etc/ima.conf
    442 "
    443 
    444 fail() {
    445 	print "$*" >& 2
    446 	print "bfu aborting" >& 2
    447 	rm -f "$bfu_zone_list"
    448 	exit 1
    449 }
    450 
    451 filelist() {
    452 	files="$all_zones_files $preserve_files"
    453 	if [ $1 = "global" ]; then
    454 		files="$global_zone_only_files $files"
    455 	fi
    456 	find $files -depth -type f ! -name core -print 2>/dev/null | sort -u || {
    457 		#
    458 		# Force cpio to return non-zero by printing an error message
    459 		# to stdout that it won't be able to lstat().
    460 		#
    461 		echo 'filelist: sort failed'
    462 		fail "sort failed"
    463 	}
    464 }
    465 
    466 realmode_filelist() {
    467 	find $realmode_files -depth -type f ! -name core -print 2>/dev/null | sort
    468 }
    469 
    470 smf_inetd_conversions="
    471 	100134
    472 	100150
    473 	100155
    474 	100229
    475 	100230
    476 	100234
    477 	100242
    478 	100422
    479 	chargen
    480 	comsat
    481 	daytime
    482 	discard
    483 	echo
    484 	eklogin
    485 	exec
    486 	finger
    487 	ftp
    488 	gssd
    489 	klogin
    490 	krb5_prop
    491 	kshell
    492 	ktkt_warnd
    493 	login
    494 	metad
    495 	metamedd
    496 	metamhd
    497 	name
    498 	printer
    499 	rexd
    500 	rquotad
    501 	rstatd
    502 	rusersd
    503 	shell
    504 	smserverd
    505 	sprayd
    506 	sun-dr
    507 	talk
    508 	telnet
    509 	time
    510 	uucp
    511 	walld
    512 "
    513 
    514 enable_next_boot () {
    515 	if [ -x /tmp/bfubin/svccfg ]; then
    516 	    svcadm disable -t $1
    517 	    [ $? = 0 ] || echo "warning: unable to temporarily disable $1"
    518 	    eval $BFUSVCCFG -s $1 setprop general/enabled = true
    519 	    [ $? = 0 ] || echo "warning: unable to enable $1 for next boot"
    520 	fi
    521 }
    522 
    523 #
    524 # If we're in the global zone, import the manifest for the specified service.
    525 # Note that we will need to see whether we are in an smf root if we are using
    526 # an alternate root. If so, import the service directly; otherwise, print the
    527 # warning messages.
    528 #
    529 # $1: the path of the xml file (the related path to /var/svc/manifest)
    530 # $2: the service name - specified only if the service is enabled after reboot.
    531 #
    532 smf_import_service() {
    533 	if [[ $zone = global && -f $rootprefix/var/svc/manifest/$1 ]]; then
    534 		if [[ -n $rootprefix && -x /usr/sbin/svccfg ]]; then
    535 			SVCCFG_REPOSITORY=$rootprefix/etc/svc/repository.db \
    536 			/usr/sbin/svccfg import $rootprefix/var/svc/manifest/$1
    537 		elif [[ -n $rootprefix ]]; then
    538 			echo "Warning: This system does not have SMF, so I"
    539 			echo "cannot ensure the pre-import of $1. If it does"
    540 			echo "not work, reboot your alternate root to fix it."
    541 		elif [[ -x /tmp/bfubin/svccfg ]]; then
    542 			if [[ "${2}a" == a ]]; then
    543 				eval $BFUSVCCFG import /var/svc/manifest/$1
    544 			else
    545 				tmpfile=/tmp/`echo "$1" | tr / :`.$$
    546 				sed -e "s/enabled='true'/enabled='false'/" \
    547 				    /var/svc/manifest/$1 > "$tmpfile"
    548 				eval $BFUSVCCFG import "$tmpfile"
    549 				#
    550 				# Make sure the service is enabled after reboot.
    551 				#
    552 				enable_next_boot $2
    553 			fi
    554 		fi
    555 	fi
    556 }
    557 
    558 smf_inetd_disable() {
    559 	inetconf=$rootprefix/etc/inet/inetd.conf
    560 	inettmp=/tmp/inetd.tmp.$$
    561 
    562 	sed "$(for i in $smf_inetd_conversions; do 
    563 		echo "s:^[ 	]*$i[ 	/]:#SMFbfu# &:"
    564 	done)" $inetconf > $inettmp && ! cmp -s $inettmp $inetconf &&
    565 	    cp $inettmp $inetconf
    566 
    567 	rm -f -- $inettmp
    568 }
    569 
    570 smf_inetd_reenable() {
    571 	inetconf=$rootprefix/etc/inet/inetd.conf
    572 	inettmp=/tmp/inetd.tmp.$$
    573 
    574 	sed 's/^#SMFbfu# //' $inetconf > $inettmp && cp $inettmp $inetconf
    575 
    576 	rm -f -- $inettmp
    577 }
    578 
    579 smf_tftp_reinstall() {
    580 	inetconf=$rootprefix/etc/inet/inetd.conf
    581 	inettmp=/tmp/inetd.tmp.$$
    582 
    583 	if grep '^#SMFbfu# tftp' $inetconf >/dev/null ; then
    584 		# BFU previously commented out, put it back in place
    585 	    	sed 's/^#SMFbfu# tftp/tftp/' $inetconf > $inettmp &&
    586 		    cp $inettmp $inetconf
    587 	elif ! grep '^[#	 ]*tftp' $inetconf >/dev/null; then
    588 		# No entry, append to end
    589 		cat >>$inetconf <<EOF
    590 # TFTPD - tftp server (primarily used for booting)
    591 #tftp	dgram	udp6	wait	root	/usr/sbin/in.tftpd	in.tftpd -s /tftpboot
    592 EOF
    593 	fi
    594 
    595 	rm -f -- $inettmp
    596 }
    597 
    598 inetd_conf_svm_hack() {
    599 	# Since inetd.conf is updated by SUNWmdr's postinstall script,
    600 	# we will update the actual inetd.conf here to reflect the postinstall
    601 	# changes.
    602 
    603 	inetconf=$rootprefix/etc/inet/inetd.conf
    604 	inettmp=/tmp/inetd.tmp.$$
    605 	inetnew=/tmp/inetd.new.$$
    606 
    607 	#
    608 	# only change inetd.conf if the rpc.metad entry is out of date
    609 	#
    610 
    611 	if ! grep "^[# 	]*100229/1-2" $inetconf > /dev/null ; then
    612 
    613 		# Grab existing rpc entries for rpc.metad
    614 		# and convert spaces to tabs within the rpc entry, as well as
    615 		# the transport method; 
    616 		# or add a new entry in case there was none.
    617 		if grep "^[# 	]*100229/1" $inetconf > /dev/null ; then
    618 			grep "^# METAD - SLVM metadb" $inetconf > $inettmp
    619 			grep "^[# 	]*100229/1" $inetconf | \
    620 			    sed -e 's/[ 	][ 	]*/	/g' \
    621 				-e 's?100229/1?100229/1-2?' >> $inettmp
    622 		else
    623 			echo '# METAD - SVM metadb Daemon' > $inettmp
    624 			echo "100229/1-2\ttli\trpc/tcp\twait\troot\t/usr/sbin/rpc.metad\trpc.metad" >> $inettmp
    625 		fi
    626 
    627 		grep -v '^# METAD - SLVM metadb' $inetconf | \
    628 		    grep -v '^[# 	]*100229/1' > $inetnew
    629 		cat $inettmp >> $inetnew
    630 
    631 		if ! diff $inetnew $inetconf > /dev/null ; then
    632 			print "Updating inet.conf metad entry ... \c"
    633 			if cp $inetnew $inetconf ; then
    634 				print "done."
    635 			else
    636 				print "failed."
    637 			fi
    638 		fi
    639 		rm -f $inettmp $inetnew
    640 	fi
    641 
    642 	#
    643 	# only change inetd.conf if the rpc.mdcommd entry is out of date
    644 	#
    645 
    646 	if ! grep "^[# 	]*100422/1" $inetconf > /dev/null ; then
    647 
    648 		# Grab existing rpc entries for rpc.mdcommd
    649 		# and convert spaces to tabs within the rpc entry,
    650 		# or add a new entry in case there was none.
    651 		if grep "^[#    ]*100422/1" $inetconf > /dev/null ; then
    652 			grep "^# MDMN_COMMD - SVM Multi node" $inetconf > $inettmp
    653 			grep "^[#       ]*100422/1" $inetconf | \
    654 				sed -e 's/[         ][      ]*/     /g' >> $inettmp 
    655 		else
    656 			echo '# MDMN_COMMD - SVM Multi node communication daemon' >$inettmp
    657 			echo '100422/1\ttli\trpc/tcp\twait\troot\t/usr/sbin/rpc.mdcommd\trpc.mdcommd' >> $inettmp
    658 		fi
    659 
    660 		grep -v '^# MDMN_COMMD - SVM Multi node' $inetconf | \
    661 		grep -v '^[#        ]*100422/1' > $inetnew
    662 		cat $inettmp >> $inetnew
    663 
    664 		if ! diff $inetnew $inetconf > /dev/null ; then
    665 			print "Updating inetd.conf rpc.mdcommd entry ... \c"
    666 			if cp $inetnew $inetconf; then
    667 				print "done."
    668 			else
    669 				print "failed."
    670 			fi
    671 		fi
    672 
    673 		rm -f $inettmp $inetnew
    674 	fi
    675 }
    676 
    677 upgrade_aggr_and_linkprop () {
    678 	# Since aggregation.conf and linkprop.conf are upgraded by 
    679 	# SUNWcnetr's postinstall script, put the relevant portions of the
    680 	# postinstall script here, modified to rename the old files instead
    681 	# of removing them.
    682 
    683 	#
    684 	# Convert datalink configuration into a series of dladm(1M) commands
    685 	# and keep them in an upgrade script. This script will then be run
    686 	# in the network-physical service.
    687 	#
    688 	# Note that we cannot use the /var/svc/profile/upgrade script because
    689 	# that script is run in the manifest-import service which is too late
    690 	# for the datalink configuration.
    691 	#
    692 	UPGRADE_SCRIPT=/var/svc/profile/upgrade_datalink
    693 
    694 	AGGR_CONF=/etc/aggregation.conf
    695 	ORIG=$rootprefix$AGGR_CONF
    696 	if [[ ! -f $ORIG ]]; then
    697 		# Try the alternate location.
    698 		AGGR_CONF=/etc/dladm/aggregation.conf
    699 		ORIG=$rootprefix$AGGR_CONF
    700 	fi
    701 
    702 	if [[ -f $ORIG ]]; then
    703 		# Strip off comments, then each remaining line defines
    704 		# an aggregation the administrator configured on the old
    705 		# system.  Each line corresponds to one dladm command
    706 		# that is appended to the upgrade script.
    707 		cat $ORIG | grep '^[^#]' | while read line; do
    708 			echo $line | while read aggr_index rest
    709 			do
    710 				policy=`echo $rest | /usr/bin/awk '{print $1}'`
    711 				nports=`echo $rest | /usr/bin/awk '{print $2}'`
    712 				ports=`echo $rest | /usr/bin/awk '{print $3}'`
    713 				mac=`echo $rest | /usr/bin/awk '{print $4}'`
    714 				lacp_mode=`echo $rest | /usr/bin/awk \
    715 				    '{print $5}'`
    716 				lacp_timer=`echo $rest | /usr/bin/awk \
    717 				    '{print $6}'`
    718 				dladm_string="dladm create-aggr -P $policy -l \
    719 				    $lacp_mode -T $lacp_timer"
    720 				# A fixed MAC address
    721 				if [[ $mac != "auto" ]]; then
    722 					dladm_string="$dladm_string -u $mac"
    723 				fi
    724 				i=1
    725 				while [ $i -le $nports ]; do
    726 					device=`echo $ports | cut -d, -f$i`
    727 					# Older aggregation.conf files have the
    728 					# format of device_name/port_number.
    729 					# We don't need the port number, so get
    730 					# rid of it if it is there.
    731 					device=`echo $device | cut -d/ -f1`
    732 					((i = i + 1))
    733 					dladm_string="$dladm_string -d \
    734 					    $device"
    735 				done
    736 				dladm_string="$dladm_string $aggr_index"
    737 				echo $dladm_string >> \
    738 					$rootprefix$UPGRADE_SCRIPT
    739 			done
    740 		done
    741 		mv $ORIG $ORIG.bak
    742 	fi
    743 
    744 	# Upgrade linkprop.conf
    745 	ORIG=$rootprefix/etc/dladm/linkprop.conf
    746 
    747 	if [[ -f $ORIG ]]; then
    748 		# Strip off comments, then each remaining line lists
    749 		# properties the administrator configured for a	
    750 		# particular interface.  Each line includes several
    751 		# properties, but we can only set one property per
    752 		# dladm invocation.
    753 		cat $ORIG | grep '^[^#]' | while read line; do
    754 			echo $line | while read link rest
    755 			do
    756 				while [ -n "$rest" ]; do
    757 					linkprop=`echo $rest | cut -d";" -f1`
    758 					rest=`echo $rest | cut -d";" -f2-`
    759 					echo dladm set-linkprop -p $linkprop \
    760 					    $link >> $rootprefix$UPGRADE_SCRIPT
    761 				done
    762 			done
    763 		done
    764 		mv $ORIG $ORIG.bak
    765 	fi
    766 }
    767 
    768 upgrade_vlan () {
    769 	# Convert hostname.*** and zonecfg vlan configurations
    770 	UPGRADE_SCRIPT=/var/svc/profile/upgrade_datalink
    771 
    772 	for ifname in $host_ifs $zone_ifs
    773 	do
    774 		phys=`echo $ifname | sed "s/[0-9]*$//"`
    775 		devnum=`echo $ifname | sed "s/$phys//g"`
    776 		if [ "$phys$devnum" != $ifname -o \
    777 		    -n "`echo $devnum | tr -d '[0-9]'`" ]; then
    778 			echo "skipping invalid interface $ifname"
    779 			continue
    780 		fi
    781 
    782 		vid=`expr $devnum / 1000`
    783 		inst=`expr $devnum % 1000`
    784 
    785 		if [ "$vid" != "0" ]; then
    786 			echo dladm create-vlan -l $phys$inst -v $vid $ifname \
    787 			    >> $rootprefix$UPGRADE_SCRIPT
    788 		fi
    789 	done
    790 }
    791 
    792 # Update aac.conf for set legacy-name-enable properly
    793 update_aac_conf()
    794 {
    795 	conffile=$rootprefix/kernel/drv/aac.conf
    796 	childconffile=$rootprefix/bfu.child/kernel/drv/aac.conf
    797 
    798 	# Already using autoenumeration mode, return
    799 	egrep -s "legacy-name-enable" $childconffile && \
    800 	    grep "legacy-name-enable" $childconffile | egrep -s "no" && return
    801 
    802 	# Else enable legacy mode
    803 	sed -e 's/legacy-name-enable="no"/legacy-name-enable="yes"/g' \
    804 	    < $conffile > /tmp/aac.conf.$$
    805 	mv -f /tmp/aac.conf.$$ $conffile
    806 }
    807 
    808 update_etc_inet_sock2path()
    809 {
    810 	#
    811 	# The PF_PACKET module may need to be added to the configuration
    812 	# file socket sockets.
    813 	#
    814 	# When being added to the system, the socket itself will remain
    815 	# inactive until the next reboot when soconfig is run. When being
    816 	# removed, the kernel configuration stays active until the system
    817 	# is rebooted and the sockets will continue to work until it is
    818 	# unloaded from the kernel, after which applications will fail.
    819 	#
    820 	sockfile=$rootprefix/etc/inet/sock2path
    821 	xgrep=/usr/xpg4/bin/grep
    822 
    823 	${ZCAT} ${cpiodir}/generic.usr$ZFIX | cpio -it 2>/dev/null |
    824 	    ${xgrep} -q sockpfp
    825 	if [ $? -eq 1 ] ; then
    826 		${xgrep} -v -E '^	32	[14]	0	sockpfp' \
    827 		    ${sockfile} > /tmp/sock2path.tmp.$$
    828 		cp /tmp/sock2path.tmp.$$ ${sockfile}
    829 	else
    830 		if ! ${xgrep} -q -E \
    831 		    '^	31	[14]	0	sockpfp' ${sockfile}; then
    832 			echo '' >> ${sockfile}
    833 			echo '	32	1	0	sockpfp' >> ${sockfile}
    834 			echo '	32	4	0	sockpfp' >> ${sockfile}
    835 		fi
    836 	fi
    837 }
    838 
    839 # update x86 version mpt.conf for property tape
    840 mpttapeprop='[ 	]*tape[ 	]*=[ 	]*"sctp"[ 	]*;'
    841 update_mptconf_i386()
    842 {
    843 	conffile=$rootprefix/kernel/drv/mpt.conf
    844 	test -f $conffile || return
    845 	egrep -s "$mpttapeprop" $conffile
    846 	if [ $? -ne 0 ] ; then
    847 	    echo 'tape="sctp";' >> $conffile
    848 	fi
    849 }
    850 
    851 # update x86 etc/mach file after xVM_uppc is added,
    852 # which makes xpv_psm a non-default psm module
    853 update_etc_mach_i386()
    854 {
    855 	etc_mach=$rootprefix/etc/mach
    856 	test -f $etc_mach || return
    857 	grep -w "xpv_psm" $etc_mach > /dev/null 2>&1
    858 	if [ $? -ne 0 ] ; then
    859 	    echo 'xpv_psm' >> $etc_mach
    860 	fi
    861 }
    862 
    863 # check and update driver class for scsi-self-identifying
    864 chk_update_drv_class()
    865 {
    866 
    867     drvclassfile=$rootprefix/etc/driver_classes
    868     name2majorfile=$rootprefix/etc/name_to_major
    869     drvname=$1
    870     classentry="^$drvname[ 	].*scsi-self-identifying"
    871 
    872     [ -f $drvclassfile ] || return
    873     [ -f $name2majorfile ] || return
    874 
    875     grep -w $drvname $name2majorfile > /dev/null 2>&1 || return
    876 
    877     egrep -s "$classentry" $drvclassfile
    878     if [ $? -ne 0 ]; then
    879 	echo "$drvname	scsi-self-identifying" >> $drvclassfile
    880     fi
    881 }
    882 
    883 update_drvclass_i386()
    884 {
    885     chk_update_drv_class ahci
    886     chk_update_drv_class si3124
    887     chk_update_drv_class marvell88sx
    888     chk_update_drv_class nv_sata
    889 }
    890 
    891 update_policy_conf() {
    892 	# update /etc/security/policy.conf with the default
    893 	# Solaris crypt(3c) policy.
    894 	
    895 	dest=$rootprefix/etc/security/policy.conf
    896 
    897 	grep 'CRYPT_' $dest > /dev/null 2>&1
    898 	if [ $? = 1 ] ; then
    899 		print "Updating entries for crypt(3c), see policy.conf(4)"
    900 	cat >> $dest <<EOM
    901 
    902 # crypt(3c) Algorithms Configuration
    903 #
    904 # CRYPT_ALGORITHMS_ALLOW specifies the algorithms that are allowed to
    905 # be used for new passwords.  This is enforced only in crypt_gensalt(3c).
    906 #
    907 CRYPT_ALGORITHMS_ALLOW=1,2a,md5
    908 
    909 # To deprecate use of the traditional unix algorithm, uncomment below
    910 # and change CRYPT_DEFAULT= to another algorithm.  For example,
    911 # CRYPT_DEFAULT=1 for BSD/Linux MD5.
    912 #
    913 #CRYPT_ALGORITHMS_DEPRECATE=__unix__
    914 
    915 # The Solaris default is the traditional UNIX algorithm.  This is not
    916 # listed in crypt.conf(4) since it is internal to libc.  The reserved
    917 # name __unix__ is used to refer to it.
    918 #
    919 CRYPT_DEFAULT=__unix__
    920 EOM
    921 	fi
    922 	grep PRIV_ $dest >/dev/null 2>&1
    923 	if [ $? = 1 ]; then
    924 		echo "Updating entries for privileges(5)," \
    925 		     "see policy.conf(4) for details."
    926 cat >> $dest <<EOM
    927 #
    928 # These settings determine the default privileges users have.  If not set,
    929 # the default privileges are taken from the inherited set.
    930 # There are two different settings; PRIV_DEFAULT determines the default
    931 # set on login; PRIV_LIMIT defines the Limit set on login.
    932 # Individual users can have privileges assigned or taken away through
    933 # user_attr.  Privileges can also be assigned to profiles in which case
    934 # the users with those profiles can use those privileges through pfexec(1m).
    935 # For maximum future compatibility, the specifications should
    936 # always include "basic" or "all"; privileges should then be removed using
    937 # the negation.  E.g., PRIV_LIMIT=all,!sys_linkdir takes away only the
    938 # sys_linkdir privilege, regardless of future additional privileges.
    939 # Similarly, PRIV_DEFAULT=basic,!file_link_any takes away only the
    940 # file_link_any privilege from the basic privilege set; only that notation
    941 # is immune from a future addition of currently unprivileged operations to
    942 # the basic privilege set.
    943 # NOTE: removing privileges from the the Limit set requires EXTREME care
    944 # as any set-uid root program may suddenly fail because it lacks certain
    945 # privilege(s).
    946 #
    947 #PRIV_DEFAULT=basic
    948 #PRIV_LIMIT=all
    949 EOM
    950 	fi
    951 
    952 }
    953 
    954 #
    955 # Cleanup nfsmapid configuration before extracting
    956 # root bits.  Remove if they exist:
    957 #	nfsmapid entry in inetd.conf
    958 #	nfsmapid entry in /etc/net/ti*/services
    959 #
    960 # Going forward neither should exist, but no harm if services entry exists
    961 # Going way backwards (pre-04/28/2004), inetd.conf must exist but will
    962 # be a conflict that should be merged in
    963 #
    964 nfsmapid_cfg() {
    965 	inetdconf=$rootprefix/etc/inet/inetd.conf
    966 	tmpinetcf=/tmp/inetd.conf.$$
    967 	cp -pf ${inetdconf} ${tmpinetcf}
    968 	cat /dev/null > ${inetdconf} 2>&1
    969        	sed -e "/^#[#	 ]*NFSv4/d"		\
    970 	    -e "/^[#	 ]*100166\/1/d"		\
    971 	    ${tmpinetcf} > ${inetdconf} 2>&1
    972 	rm -f ${tmpinetcf}
    973 
    974 	tmpservices=/tmp/services.$$
    975 
    976 	services=$rootprefix/etc/net/ticotsord/services
    977 	cp -pf ${services} ${tmpservices}
    978 	cat /dev/null > ${services} 2>&1
    979        	sed -e "/^[#	 ]*nfsmapid/d"		\
    980 	    ${tmpservices} > ${services} 2>&1
    981 	rm -f ${tmpservices}
    982 
    983 	services=$rootprefix/etc/net/ticots/services
    984 	cp -pf ${services} ${tmpservices}
    985 	cat /dev/null > ${services} 2>&1
    986        	sed -e "/^[#	 ]*nfsmapid/d"		\
    987 	    ${tmpservices} > ${services} 2>&1
    988 	rm -f ${tmpservices}
    989 
    990 	services=$rootprefix/etc/net/ticlts/services
    991 	cp -pf ${services} ${tmpservices}
    992 	cat /dev/null > ${services} 2>&1
    993        	sed -e "/^[#	 ]*nfsmapid/d"		\
    994 	    ${tmpservices} > ${services} 2>&1
    995 	rm -f ${tmpservices}
    996 }
    997 
    998 #
    999 # Detect Boomer audio framework; used to emit a notice at the end of BFU
   1000 # telling the user to run update_audio to complete the upgrade.
   1001 #
   1002 BOOMER_PRESENT_SYS=false
   1003 BOOMER_PRESENT_BFU=false
   1004 BOOMER_DRIVERS="audio"
   1005 AUSTR_PRESENT_SYS=false
   1006 AUSTR_PRESENT_BFU=false
   1007 
   1008 check_boomer_sys() {
   1009 	typeset root=$1
   1010 	typeset n2m=$root/etc/name_to_major
   1011 	typeset drv
   1012 
   1013 	for drv in $BOOMER_DRIVERS; do
   1014 		if ! grep -w $drv $n2m > /dev/null 2>&1; then
   1015 			return 1
   1016 		fi
   1017 	done
   1018 
   1019 	return 0
   1020 }
   1021 
   1022 check_boomer_bfu() {
   1023 	$ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null |
   1024 	    grep devices-audio.xml > /dev/null 2>&1
   1025 }
   1026 
   1027 check_austr_sys() {
   1028 	typeset root=$1
   1029 	typeset n2m=$root/etc/name_to_major
   1030 	typeset drv
   1031 
   1032 	if ! grep -w austr $n2m > /dev/null 2>&1; then
   1033 		return 1
   1034 	fi
   1035 	return 0
   1036 }
   1037 
   1038 check_austr_bfu() {
   1039 	$ZCAT $cpiodir/generic.kernel$ZFIX | cpio -it 2>/dev/null |
   1040 	    grep austr > /dev/null 2>&1
   1041 }
   1042 
   1043 #
   1044 #
   1045 # Define global variables
   1046 #
   1047 CALL_DEVID_DESTROY=""
   1048 #
   1049 # List of SDS commands that must be deleted.
   1050 #
   1051 SDSCMDLIST="
   1052 growfs
   1053 metaclear
   1054 metadb
   1055 metadetach
   1056 metahs
   1057 metainit
   1058 metaoffline
   1059 metaonline
   1060 metaparam
   1061 metarename
   1062 metareplace
   1063 metaroot
   1064 metaset
   1065 metastat
   1066 metasync
   1067 metattach
   1068 rpc.metad
   1069 rpc.metamhd
   1070 "
   1071 #
   1072 # List of SDS configuration files that must be deleted.
   1073 #
   1074 SDSCONFIGLIST="
   1075 lock
   1076 md.cf
   1077 mddb.cf
   1078 md.tab
   1079 devpath
   1080 md.ctlrmap
   1081 "
   1082 #
   1083 # List of rc scripts that must be deleted.
   1084 #
   1085 RCLIST="
   1086 etc/init.d/SUNWmd.init
   1087 etc/init.d/SUNWmd.sync
   1088 etc/init.d/lvm.init
   1089 etc/init.d/lvm.sync
   1090 etc/rcS.d/S35SUNWmd.init
   1091 etc/rcS.d/S35lvm.init
   1092 etc/rc2.d/S95SUNWmd.sync
   1093 etc/rc2.d/S95lvm.sync
   1094 etc/rcS.d/S35slvm.init
   1095 etc/rc2.d/S95slvm.sync
   1096 etc/init.d/slvm.init
   1097 etc/init.d/slvm.sync
   1098 etc/init.d/init.mdlogd
   1099 etc/rc3.d/S25mdlogd
   1100 "
   1101 #
   1102 # List of flashprom-related files that must be deleted.
   1103 #
   1104 FLASHPROMLIST="
   1105 etc/rc2.d/S75flashprom
   1106 etc/init.d/flashprom
   1107 usr/platform/SUNW,Ultra-2/lib/flash-update.sh
   1108 usr/platform/SUNW,Ultra-4/lib/flash-update.sh
   1109 usr/platform/SUNW,Ultra-Enterprise/lib/flash-update.sh
   1110 usr/platform/sun4u/doc/flashupdate.txt
   1111 usr/platform/sun4u/lib/flash-update.sh
   1112 usr/platform/sun4u/lib/prom/SUNW,Ultra-2
   1113 usr/platform/sun4u/lib/prom/SUNW,Ultra-4
   1114 usr/platform/sun4u/lib/prom/SUNW,Ultra-Enterprise
   1115 "
   1116 
   1117 #
   1118 # delete the entries associated with bootlist from /etc/system
   1119 #
   1120 
   1121 delete_system_bootlist() {
   1122 	sed -e /"Begin MDD database info"/,/"End MDD database info"/d \
   1123 	    < ${SYSTEM_FILE} > /tmp/system.$$
   1124 	cp /tmp/system.$$ ${SYSTEM_FILE} || \
   1125 	    echo "copy error: /tmp/system.$$ to ${SYSTEM_FILE}"
   1126 }
   1127 
   1128 #
   1129 # Add entries in md.conf for bootlist
   1130 #
   1131 
   1132 fix_mdconf() {
   1133 	cp ${mdconf} /tmp/md.conf.$$
   1134 	echo >> /tmp/md.conf.$$
   1135 	echo "# Begin MDD database info (do not edit)" >> /tmp/md.conf.$$
   1136 	sed -e 's/^set md://' -e 's/$/;/' ${SYSTEM_FILE} | \
   1137 	    grep mddb_bootlist >> /tmp/md.conf.$$
   1138 	echo "# End MDD database info (do not edit)" >> /tmp/md.conf.$$
   1139 	cp /tmp/md.conf.$$ ${mdconf} || \
   1140 	    echo "copy error: /tmp/md.conf.$$ to ${mdconf}"
   1141 }
   1142 
   1143 #
   1144 # add_devid_destroy(filename)
   1145 # returns contents in filename
   1146 # md_devid_destroy property is required when upgrading
   1147 # from pre SVM to SVM releases or when the device ID returned from
   1148 # the driver changes.
   1149 # It is specifically placed between
   1150 # # Begin MDD database info and # End MDD database info because
   1151 # on the subsequent reboot, this line will be removed automatically when
   1152 # metadevadm is run in rc2.d.
   1153 #
   1154 add_devid_destroy() {
   1155 	cat $1 | awk '{
   1156 		if ( $2 == "End" && $4 == "database") {
   1157 			print "md_devid_destroy=1;"
   1158 		}
   1159 		print $0
   1160 	}' >> /tmp/t$$
   1161 	mv /tmp/t$$ $1
   1162 }
   1163 
   1164 #
   1165 # Reads existing configuration values in /etc/rcap.conf and puts 
   1166 # them in repository upon reboot(via /var/svc/profile/upgrade).
   1167 #
   1168 migrate_rcap_conf() {
   1169 	RCAP_CONF="${rootprefix}/etc/rcap.conf"
   1170 	PROFILE_UPGRADE="${rootprefix}/var/svc/profile/upgrade"
   1171 	SVCCFG="/usr/sbin/svccfg"
   1172 	RCAP_FMRI="svc:/system/rcap:default"
   1173 	PG="config"
   1174 
   1175 	pressure=`awk '$1 == "RCAPD_MEMORY_CAP_ENFORCEMENT_PRESSURE" \
   1176 	    && NF == 3 {print $3}' $RCAP_CONF`
   1177 
   1178 	reconfig_int=`awk '$1 == "RCAPD_RECONFIGURATION_INTERVAL" \
   1179 	    && NF == 3 {print $3}' $RCAP_CONF`
   1180 
   1181 	walk_int=`awk '$1 == "RCAPD_PROC_WALK_INTERVAL" && \
   1182 	    NF == 3 {print $3}' $RCAP_CONF`
   1183 
   1184 	report_int=`awk '$1 == "RCAPD_REPORT_INTERVAL" && \
   1185 	    NF == 3 {print $3}' $RCAP_CONF`
   1186 
   1187 	rss_sample_int=`awk '$1 == "RCAPD_RSS_SAMPLE_INTERVAL" && \
   1188 	    NF == 3 {print $3}' $RCAP_CONF`
   1189 
   1190 	# Blindly update default configuration values with
   1191 	# pre-existing values
   1192 	#
   1193 	echo "# Migrating pre-existing rcap configuration" >> \
   1194 	    $PROFILE_UPGRADE
   1195 
   1196 	echo "$SVCCFG -s $RCAP_FMRI setprop ${PG}/pressure = " \
   1197 	    "$pressure" >> $PROFILE_UPGRADE
   1198 
   1199 	echo "$SVCCFG -s $RCAP_FMRI " \
   1200 	    "setprop ${PG}/reconfig_interval = $reconfig_int" >> \
   1201 	    $PROFILE_UPGRADE
   1202 
   1203 	echo "$SVCCFG -s $RCAP_FMRI " \
   1204 	    "setprop ${PG}/walk_interval = $walk_int" >> \
   1205 	    $PROFILE_UPGRADE
   1206 
   1207 	echo "$SVCCFG -s $RCAP_FMRI " \
   1208 	    "setprop ${PG}/report_interval = $report_int" >> \
   1209 	    $PROFILE_UPGRADE
   1210 
   1211 	echo "$SVCCFG -s $RCAP_FMRI " \
   1212 	    "setprop ${PG}/rss_sample_interval = $rss_sample_int" >> \
   1213 	    $PROFILE_UPGRADE
   1214 
   1215 	echo "/usr/sbin/svcadm refresh $RCAP_FMRI" >> \
   1216 	    $PROFILE_UPGRADE
   1217 
   1218 	echo "rm /etc/rcap.conf" >> \
   1219 	    $PROFILE_UPGRADE
   1220 }
   1221 
   1222 #
   1223 # Migrate an existing extended accounting configuration from /etc/acctadm.conf
   1224 # to the smf(5) repository upon reboot.  Enable the instance if the 
   1225 # configuration differs from the default configuration.
   1226 #
   1227 migrate_acctadm_conf()
   1228 {
   1229 	cat >> $rootprefix/var/svc/profile/upgrade <<\_EOF
   1230 	if [ -f /etc/acctadm.conf ]; then 
   1231 		. /etc/acctadm.conf
   1232 
   1233 		fmri="svc:/system/extended-accounting:flow"
   1234 		eval $BFUSVCCFG -s $fmri setprop config/file = \
   1235 		    ${ACCTADM_FLOW_FILE:="none"}
   1236 		eval $BFUSVCCFG -s $fmri setprop config/tracked = \
   1237 		    ${ACCTADM_FLOW_TRACKED:="none"}
   1238 		eval $BFUSVCCFG -s $fmri setprop config/untracked = \
   1239 		    ${ACCTADM_FLOW_UNTRACKED:="extended"}
   1240 		if [ ${ACCTADM_FLOW_ENABLE:="no"} = "yes" ]; then
   1241 			eval $BFUSVCCFG -s $fmri setprop config/enabled = "true"
   1242 		else
   1243 			eval $BFUSVCCFG -s $fmri setprop config/enabled = "false"
   1244 		fi
   1245 		if [ $ACCTADM_FLOW_ENABLE = "yes" -o \
   1246 		    $ACCTADM_FLOW_FILE != "none" -o \
   1247 		    $ACCTADM_FLOW_TRACKED != "none" ]; then
   1248 			svcadm enable $fmri
   1249 		fi
   1250 
   1251 		fmri="svc:/system/extended-accounting:process"
   1252 		eval $BFUSVCCFG -s $fmri setprop config/file = \
   1253 		    ${ACCTADM_PROC_FILE:="none"}
   1254 		eval $BFUSVCCFG -s $fmri setprop config/tracked = \
   1255 		    ${ACCTADM_PROC_TRACKED:="none"}
   1256 		eval $BFUSVCCFG -s $fmri setprop config/untracked = \
   1257 		    ${ACCTADM_PROC_UNTRACKED:="extended"}
   1258 		if [ ${ACCTADM_PROC_ENABLE:="no"} = "yes" ]; then
   1259 			eval $BFUSVCCFG -s $fmri setprop config/enabled = "true"
   1260 		else
   1261 			eval $BFUSVCCFG -s $fmri setprop config/enabled = "false"
   1262 		fi
   1263 		if [ $ACCTADM_PROC_ENABLE = "yes" -o \
   1264 		    $ACCTADM_PROC_FILE != "none" -o \
   1265 		    $ACCTADM_PROC_TRACKED != "none" ]; then
   1266 			svcadm enable $fmri
   1267 		fi
   1268 
   1269 		fmri="svc:/system/extended-accounting:task"
   1270 		eval $BFUSVCCFG -s $fmri setprop config/file = \
   1271 		    ${ACCTADM_TASK_FILE:="none"}
   1272 		eval $BFUSVCCFG -s $fmri setprop config/tracked = \
   1273 		    ${ACCTADM_TASK_TRACKED:="none"}
   1274 		eval $BFUSVCCFG -s $fmri setprop config/untracked = \
   1275 		    ${ACCTADM_TASK_UNTRACKED:="extended"}
   1276 		if [ ${ACCTADM_TASK_ENABLE:="no"} = "yes" ]; then
   1277 			eval $BFUSVCCFG -s $fmri setprop config/enabled = "true"
   1278 		else
   1279 			eval $BFUSVCCFG -s $fmri setprop config/enabled = "false"
   1280 		fi
   1281 		if [ $ACCTADM_TASK_ENABLE = "yes" -o \
   1282 		    $ACCTADM_TASK_FILE != "none" -o \
   1283 		    $ACCTADM_TASK_TRACKED != "none" ]; then
   1284 			svcadm enable $fmri
   1285 		fi
   1286 
   1287 		fmri="svc:/system/extended-accounting:net"
   1288 		eval $BFUSVCCFG -s $fmri setprop config/file = \
   1289 		    ${ACCTADM_NET_FILE:="none"}
   1290 		eval $BFUSVCCFG -s $fmri setprop config/tracked = \
   1291 		    ${ACCTADM_NET_TRACKED:="none"}
   1292 		eval $BFUSVCCFG -s $fmri setprop config/untracked = \
   1293 		    ${ACCTADM_NET_UNTRACKED:="extended"}
   1294 		if [ ${ACCTADM_NET_ENABLE:="no"} = "yes" ]; then
   1295 			eval $BFUSVCCFG -s $fmri setprop config/enabled = "true"
   1296 		else
   1297 			eval $BFUSVCCFG -s $fmri setprop config/enabled = "false"
   1298 		fi
   1299 		if [ $ACCTADM_NET_ENABLE = "yes" -o \
   1300 		    $ACCTADM_NET_FILE != "none" -o \
   1301 		    $ACCTADM_NET_TRACKED != "none" ]; then
   1302 			svcadm enable $fmri
   1303 		fi
   1304 
   1305 		rm /etc/acctadm.conf
   1306 	fi
   1307 _EOF
   1308 }
   1309 
   1310 #
   1311 # smf(5) "Greenline" doesn't install the init.d or rc*.d scripts for
   1312 # converted services.  Clean up previous scripts for such services.
   1313 #
   1314 smf_obsolete_rc_files="
   1315 	etc/init.d/ANNOUNCE
   1316 	etc/init.d/MOUNTFSYS
   1317 	etc/init.d/RMTMPFILES
   1318 	etc/init.d/acctadm
   1319 	etc/init.d/audit
   1320 	etc/init.d/autofs
   1321 	etc/init.d/boot.server
   1322 	etc/init.d/coreadm
   1323 	etc/init.d/cron
   1324 	etc/init.d/cryptosvc
   1325 	etc/init.d/cvc
   1326 	etc/init.d/devfsadm
   1327 	etc/init.d/dhcp
   1328 	etc/init.d/dhcpagent
   1329 	etc/init.d/domainname
   1330 	etc/init.d/efcode
   1331 	etc/init.d/inetd
   1332 	etc/init.d/inetinit
   1333 	etc/init.d/inetsvc
   1334 	etc/init.d/initboot
   1335 	etc/init.d/ipfboot
   1336 	etc/init.d/kdc
   1337 	etc/init.d/kdc.master
   1338 	etc/init.d/keymap
   1339 	etc/init.d/ldap.client
   1340 	etc/init.d/libc.mount
   1341 	etc/init.d/network
   1342 	etc/init.d/nfs.client
   1343 	etc/init.d/nodename
   1344 	etc/init.d/nscd
   1345 	etc/init.d/perf
   1346 	etc/init.d/picld
   1347 	etc/init.d/power
   1348 	etc/init.d/rcapd
   1349 	etc/init.d/rootusr
   1350 	etc/init.d/rpc
   1351 	etc/init.d/savecore
   1352 	etc/init.d/sckm
   1353 	etc/init.d/sf880dr
   1354 	etc/init.d/slpd
   1355 	etc/init.d/sshd
   1356 	etc/init.d/standardmounts
   1357 	etc/init.d/svm.init
   1358 	etc/init.d/svm.sync
   1359 	etc/init.d/sysid.net
   1360 	etc/init.d/sysid.sys
   1361 	etc/init.d/syslog
   1362 	etc/init.d/utmpd
   1363 	etc/init.d/volmgt
   1364 	etc/init.d/xntpd
   1365 	etc/init.d/zones
   1366 	etc/rc0.d/K00ANNOUNCE
   1367 	etc/rc0.d/K01zones
   1368 	etc/rc0.d/K03sshd
   1369 	etc/rc0.d/K05volmgt
   1370 	etc/rc0.d/K07snmpdx
   1371 	etc/rc0.d/K10rcapd
   1372 	etc/rc0.d/K21dhcp
   1373 	etc/rc0.d/K27boot.server
   1374 	etc/rc0.d/K28kdc
   1375 	etc/rc0.d/K28kdc.master
   1376 	etc/rc0.d/K28nfs.server
   1377 	etc/rc0.d/K32cryptosvc
   1378 	etc/rc0.d/K33audit
   1379 	etc/rc0.d/K33efcode
   1380 	etc/rc0.d/K34svm.sync
   1381 	etc/rc0.d/K36sendmail
   1382 	etc/rc0.d/K36utmpd
   1383 	etc/rc0.d/K37power
   1384 	etc/rc0.d/K40cron
   1385 	etc/rc0.d/K40inetd
   1386 	etc/rc0.d/K40nscd
   1387 	etc/rc0.d/K40sf880dr
   1388 	etc/rc0.d/K40slpd
   1389 	etc/rc0.d/K40syslog
   1390 	etc/rc0.d/K40xntpd
   1391 	etc/rc0.d/K41autofs
   1392 	etc/rc0.d/K41ldap.client
   1393 	etc/rc0.d/K41nfs.client
   1394 	etc/rc0.d/K41rpc
   1395 	etc/rc0.d/K42sckm
   1396 	etc/rc0.d/K43inet
   1397 	etc/rc0.d/K68picld
   1398 	etc/rc0.d/K83devfsadm
   1399 	etc/rc0.d/K90dhcpagent
   1400 	etc/rc1.d/K00ANNOUNCE
   1401 	etc/rc1.d/K01zones
   1402 	etc/rc1.d/K03sshd
   1403 	etc/rc1.d/K05volmgt
   1404 	etc/rc1.d/K07snmpdx
   1405 	etc/rc1.d/K10rcapd
   1406 	etc/rc1.d/K21dhcp
   1407 	etc/rc1.d/K27boot.server
   1408 	etc/rc1.d/K28kdc
   1409 	etc/rc1.d/K28kdc.master
   1410 	etc/rc1.d/K28nfs.server
   1411 	etc/rc1.d/K33audit
   1412 	etc/rc1.d/K33efcode
   1413 	etc/rc1.d/K34svm.sync
   1414 	etc/rc1.d/K36sendmail
   1415 	etc/rc1.d/K36utmpd
   1416 	etc/rc1.d/K37power
   1417 	etc/rc1.d/K40cron
   1418 	etc/rc1.d/K40inetd
   1419 	etc/rc1.d/K40nscd
   1420 	etc/rc1.d/K40sf880dr
   1421 	etc/rc1.d/K40slpd
   1422 	etc/rc1.d/K40syslog
   1423 	etc/rc1.d/K40xntpd
   1424 	etc/rc1.d/K41autofs
   1425 	etc/rc1.d/K41ldap.client
   1426 	etc/rc1.d/K41rpc
   1427 	etc/rc1.d/K42sckm
   1428 	etc/rc1.d/K43inet
   1429 	etc/rc1.d/K99libc.mount
   1430 	etc/rc1.d/S01MOUNTFSYS
   1431 	etc/rc2.d/K01zones
   1432 	etc/rc2.d/K03sshd
   1433 	etc/rc2.d/K05volmgt
   1434 	etc/rc2.d/K07snmpdx
   1435 	etc/rc2.d/K21dhcp
   1436 	etc/rc2.d/K27boot.server
   1437 	etc/rc2.d/K28kdc
   1438 	etc/rc2.d/K28kdc.master
   1439 	etc/rc2.d/K28nfs.server
   1440 	etc/rc2.d/S01MOUNTFSYS
   1441 	etc/rc2.d/S05RMTMPFILES
   1442 	etc/rc2.d/S21perf
   1443 	etc/rc2.d/S30sysid.net
   1444 	etc/rc2.d/S65ipfboot
   1445 	etc/rc2.d/S69domainname
   1446 	etc/rc2.d/S69inet
   1447 	etc/rc2.d/S70sckm
   1448 	etc/rc2.d/S71ldap.client
   1449 	etc/rc2.d/S71rpc
   1450 	etc/rc2.d/S71sysid.sys
   1451 	etc/rc2.d/S72inetsvc
   1452 	etc/rc2.d/S72slpd
   1453 	etc/rc2.d/S73nfs.client
   1454 	etc/rc2.d/S74autofs
   1455 	etc/rc2.d/S74syslog
   1456 	etc/rc2.d/S74xntpd
   1457 	etc/rc2.d/S75cron
   1458 	etc/rc2.d/S75savecore
   1459 	etc/rc2.d/S76nscd
   1460 	etc/rc2.d/S77inetd
   1461 	etc/rc2.d/S77sf880dr
   1462 	etc/rc2.d/S85power
   1463 	etc/rc2.d/S88sendmail
   1464 	etc/rc2.d/S88utmpd
   1465 	etc/rc2.d/S95svm.sync
   1466 	etc/rc2.d/S98efcode
   1467 	etc/rc2.d/S98libc.mount
   1468 	etc/rc2.d/S99audit
   1469 	etc/rc2.d/S99rcapd
   1470 	etc/rc3.d/S13kdc.master
   1471 	etc/rc3.d/S14kdc
   1472 	etc/rc3.d/S15nfs.server
   1473 	etc/rc3.d/S16boot.server
   1474 	etc/rc3.d/S34dhcp
   1475 	etc/rc3.d/S76snmpdx
   1476 	etc/rc3.d/S81volmgt
   1477 	etc/rc3.d/S89sshd
   1478 	etc/rc3.d/S99zones
   1479 	etc/rcS.d/K01zones
   1480 	etc/rcS.d/K03sshd
   1481 	etc/rcS.d/K05volmgt
   1482 	etc/rcS.d/K07snmpdx
   1483 	etc/rcS.d/K10rcapd
   1484 	etc/rcS.d/K21dhcp
   1485 	etc/rcS.d/K27boot.server
   1486 	etc/rcS.d/K28kdc
   1487 	etc/rcS.d/K28kdc.master
   1488 	etc/rcS.d/K28nfs.server
   1489 	etc/rcS.d/K33audit
   1490 	etc/rcS.d/K33efcode
   1491 	etc/rcS.d/K34svm.sync
   1492 	etc/rcS.d/K36sendmail
   1493 	etc/rcS.d/K36utmpd
   1494 	etc/rcS.d/K37power
   1495 	etc/rcS.d/K40cron
   1496 	etc/rcS.d/K40inetd
   1497 	etc/rcS.d/K40nscd
   1498 	etc/rcS.d/K40sf880dr
   1499 	etc/rcS.d/K40slpd
   1500 	etc/rcS.d/K40syslog
   1501 	etc/rcS.d/K40xntpd
   1502 	etc/rcS.d/K41autofs
   1503 	etc/rcS.d/K41ldap.client
   1504 	etc/rcS.d/K41rpc
   1505 	etc/rcS.d/K42sckm
   1506 	etc/rcS.d/K43inet
   1507 	etc/rcS.d/K99libc.mount
   1508 	etc/rcS.d/S10cvc
   1509 	etc/rcS.d/S28network.sh
   1510 	etc/rcS.d/S29nodename.sh
   1511 	etc/rcS.d/S30rootusr.sh
   1512 	etc/rcS.d/S33keymap.sh
   1513 	etc/rcS.d/S35svm.init
   1514 	etc/rcS.d/S40standardmounts.sh
   1515 	etc/rcS.d/S42coreadm
   1516 	etc/rcS.d/S45initboot
   1517 	etc/rcS.d/S50devfsadm
   1518 	etc/rcS.d/S72cryptosvc
   1519 	etc/rcS.d/S95picld
   1520 "
   1521 
   1522 # Obsolete smf manifests
   1523 smf_obsolete_manifests="
   1524 	var/svc/manifest/application/print/cleanup.xml
   1525 	var/svc/manifest/network/tftp.xml
   1526 	var/svc/manifest/network/lp.xml
   1527 	var/svc/manifest/system/filesystem/volfs.xml
   1528 	var/svc/manifest/network/pfil.xml
   1529 	var/svc/manifest/platform/sun4u/mpxio-upgrade.xml
   1530 	var/svc/manifest/network/tname.xml
   1531 	var/svc/manifest/network/aggregation.xml
   1532 	var/svc/manifest/network/datalink.xml
   1533 	var/svc/manifest/network/datalink-init.xml
   1534 	var/svc/manifest/network/iscsi_initiator.xml
   1535 	var/svc/manifest/network/fcoe_config.xml
   1536 	var/svc/manifest/network/rpc/ocfserv.xml
   1537 "
   1538 
   1539 # smf services whose manifests have been renamed
   1540 smf_renamed_manifests="
   1541 	var/svc/manifest/milestone/name-service.xml
   1542 	var/svc/manifest/system/filesystem/boot-archive.xml
   1543 "
   1544 
   1545 # Obsolete smf methods
   1546 smf_obsolete_methods="
   1547 	lib/svc/method/print-cleanup
   1548 	lib/svc/method/print-server
   1549 	lib/svc/method/svc-volfs
   1550 	lib/svc/method/pfil
   1551 	lib/svc/method/aggregation
   1552 	lib/svc/method/datalink
   1553 	lib/svc/method/datalink-init
   1554 	lib/svc/method/svc-kdc
   1555 	lib/svc/method/svc-kdc.master
   1556 	lib/svc/method/svc-kdc.slave
   1557 	lib/svc/share/krb_include.sh
   1558 	lib/svc/method/iscsid
   1559 	lib/svc/method/fcoeconfig
   1560 "
   1561 
   1562 smf_cleanup () {
   1563 	(
   1564 		cd $root;
   1565 		print "Removing obsolete rc.d scripts ... \c"
   1566 		rm -f $smf_obsolete_rc_files
   1567 		print "done."
   1568 	)
   1569 }
   1570 
   1571 smf_new_profiles () {
   1572 	[[ "$bfu_isa" = "sparc" ]] || return 0
   1573 
   1574 	[[ -x /tmp/bfubin/svccfg ]] || return 0
   1575 
   1576 	print "Clearing platform profile hash ..."
   1577 
   1578 	# platform_SUNW,Sun-Fire.xml (and other new and
   1579 	# corrected platforms) were delivered in Build 68.
   1580 	if [ ! -f \
   1581 		$rootprefix/var/svc/profile/platform_SUNW,Sun-Fire.xml \
   1582 		]; then
   1583 		for pfx in " " "v"; do
   1584 			for plname in \
   1585 			    none \
   1586 			    SUNW_Sun_Fire_880 \
   1587 			    SUNW_Sun_Fire_V890 \
   1588 			    SUNW_Sun_Fire_15000 \
   1589 			    SUNW_UltraEnterprise_10000; do
   1590 				eval $BFUSVCCFG -f - <<EOF
   1591 select smf/manifest
   1592 delpg ${pfx}ar_svc_profile_platform_${plname}_xml
   1593 exit
   1594 EOF
   1595 			done
   1596 		done
   1597 	fi
   1598 }
   1599 
   1600 smf_handle_new_services () {
   1601 	#
   1602 	# Detect, prior to extraction the arrival of new,
   1603 	# default-enabled-in-profile services.  If so, add a command
   1604 	# such that they are enabled.
   1605 	#
   1606 	if [ ! -f $rootprefix/var/svc/profile/system/sac.xml ]; then
   1607 		echo /usr/sbin/svcadm enable system/sac >> \
   1608 		    $rootprefix/var/svc/profile/upgrade
   1609 	fi
   1610 	if [[ $zone = global &&
   1611             ! -f $rootprefix/var/svc/manifest/system/intrd.xml ]]; then
   1612 		echo /usr/sbin/svcadm enable system/intrd >> \
   1613 		    $rootprefix/var/svc/profile/upgrade
   1614 	fi
   1615 	if [[ $zone = global &&
   1616 	    ! -f $rootprefix/var/svc/manifest/system/scheduler.xml ]]; then
   1617 		echo /usr/sbin/svcadm enable system/scheduler >> \
   1618 		    $rootprefix/var/svc/profile/upgrade
   1619 	fi
   1620 	if [[ $zone = global &&
   1621 	    ! -f $rootprefix/var/svc/manifest/system/hal.xml ]]; then
   1622 		echo /usr/sbin/svcadm enable system/hal >> \
   1623 		    $rootprefix/var/svc/profile/upgrade
   1624 	fi
   1625 	if [[ $zone = global &&
   1626 	    ! -f $rootprefix/var/svc/manifest/system/filesystem/rmvolmgr.xml ]]; then
   1627 		echo /usr/sbin/svcadm enable system/filesystem/rmvolmgr >> \
   1628 		    $rootprefix/var/svc/profile/upgrade
   1629 	fi
   1630 	if [[ $zone = global &&
   1631 	    ! -f $rootprefix/var/svc/manifest/network/ipsec/manual-key.xml &&
   1632 	    -f $rootprefix/etc/inet/secret/ipseckeys ]]; then
   1633 		smf_enable svc:/network/ipsec/manual-key:default
   1634 	fi
   1635 	if [[ $zone = global &&
   1636 	    ! -f $rootprefix/var/svc/manifest/network/ipsec/ike.xml &&
   1637 	    -f $rootprefix/etc/inet/ike/config ]]; then
   1638 		smf_enable svc:/network/ipsec/ike:default
   1639 	fi
   1640 	if [[ $zone = global &&
   1641 	    ! -f $rootprefix/var/svc/manifest/system/pools.xml &&
   1642 	    -f $rootprefix/etc/pooladm.conf ]]; then
   1643 		smf_enable svc:/system/pools:default
   1644 	fi
   1645 	if [[ $zone = global && $karch = sun4v &&
   1646 	    ! -f $rootprefix/var/svc/manifest/platforms/sun4v/ldoms-agents.xml ]]; then
   1647 		smf_enable svc:/ldoms/agents:default
   1648 	fi
   1649 }
   1650 
   1651 smf_copy_manifest() {
   1652 	mfstbase=`basename $1`
   1653 	mymfs=$rootprefix/var/svc/manifest/$2/$mfstbase
   1654 	if [[ ! -f $mymfs ]] || ! cmp -s $manifest_src/$1 $mymfs ; then
   1655 		cp $manifest_src/$1 $mymfs ||
   1656 		    echo "bfu: could not copy $manifest_src/$1"
   1657 	fi
   1658 }
   1659 
   1660 smf_copy_method() {
   1661 	cp $manifest_src/$1 $rootprefix/lib/svc/method ||
   1662 	    echo "bfu: could not copy $manifest_src/$1"
   1663 }
   1664 
   1665 smf_cleanup_initd() {
   1666 	rm -f $rootprefix/etc/rc?.d/[SK]??$1
   1667 }
   1668 
   1669 smf_delete_manifest() {
   1670 (
   1671 	mfst=$1
   1672 	cd $root
   1673 	[[ -f $mfst ]] || return;
   1674 	if [ -r /etc/svc/volatile/repository_door ]; then
   1675 		ENTITIES=`eval $BFUSVCCFG inventory $mfst`
   1676 		for fmri in $ENTITIES; do
   1677 			if [[ -n $root && $root != "/" ]]; then
   1678 				SVCCFG_REPOSITORY=$root/etc/svc/repository.db
   1679 				export SVCCFG_REPOSITORY
   1680 			fi
   1681 			eval $BFUSVCCFG delete -f $fmri >/dev/null 2>&1
   1682 			if [[ -n $root && $root != "/" ]]; then
   1683 				unset SVCCFG_REPOSITORY
   1684 			fi
   1685 		done
   1686 	fi
   1687 	rm $mfst
   1688 )
   1689 }
   1690 
   1691 smf_delete_methods() {
   1692 (
   1693 	cd $root;
   1694 	rm -f $smf_obsolete_methods
   1695 )
   1696 }	
   1697 
   1698 smf_delete_renamed_manifests() {
   1699 (
   1700 	cd $root;
   1701 	rm -f $smf_renamed_manifests
   1702 )
   1703 }
   1704 
   1705 smf_cleanup_dlmgmtd() {
   1706 (
   1707 	#
   1708 	# Delete the service instance, then refresh all its dependents in the
   1709 	# cases of alternative root and zones.
   1710 	#
   1711 	smf_delete_manifest "var/svc/manifest/network/dlmgmt.xml"
   1712 
   1713 	if [[ -n $root && $root != "/" ]]; then
   1714 		export SVCCFG_REPOSITORY=$root/etc/svc/repository.db
   1715 		eval $BFUSVCCFG -s svc:/network/physical:nwam refresh
   1716 		eval $BFUSVCCFG -s svc:/network/physical:default refresh
   1717 		eval $BFUSVCCFG -s svc:/system/device/local:default refresh
   1718 		unset SVCCFG_REPOSITORY
   1719 	fi
   1720 	cd $root
   1721 	rm -f lib/svc/method/svc-dlmgmtd
   1722 	rm -f etc/.dlmgmt_door
   1723 	rm -f sbin/dlmgmtd
   1724 )
   1725 }
   1726 
   1727 smf_cleanup_vt() {
   1728 	(
   1729 		smf_delete_manifest var/src/manifest/system/vtdaemon.xml
   1730 		cd $root
   1731 		rm -f lib/svc/method/vtdaemon
   1732 
   1733 		vt_conslogin_instances=`/tmp/bfubin/svcs -o FMRI | \
   1734 		    grep console-login:vt`
   1735 		for i in $vt_conslogin_instances; do
   1736 			eval $BFUSVCCFG delete -f $i
   1737 		done
   1738 	)
   1739 }
   1740 
   1741 smf_cleanup_boomer() {
   1742 	(
   1743 		smf_delete_manifest var/src/manifest/system/devices-audio.xml
   1744 		cd $root
   1745 		rm -f lib/svc/method/devices-audio
   1746 
   1747 		/tmp/bfubin/svccfg delete -f svc:/system/device/audio
   1748 	)
   1749 }
   1750 
   1751 old_mfst_dir="var/svc/manifest.orig"
   1752 new_mfst_dir="var/svc/manifest"
   1753 
   1754 smf_enable() {
   1755 	echo "svcadm enable $*" >> $rootprefix/var/svc/profile/upgrade
   1756 }
   1757 
   1758 smf_check_repository() {
   1759 	repository=etc/svc/repository.db
   1760 	[[ -f $rootprefix/$repository ]] || return
   1761 
   1762 	print -n "$rootprefix/$repository: " >&2
   1763 
   1764 	sqlite="${SQLITEBIN-$GATE/public/bin/$bfu_isa/sqlite}"
   1765 	[[ -x $sqlite ]] || sqlite=/lib/svc/bin/sqlite
   1766 	if [[ ! -x $sqlite ]]; then
   1767 		echo "no sqlite binary: skipped integrity check" >&2
   1768 		return
   1769 	fi
   1770 
   1771 	rm -f /tmp/bfurepo.db;
   1772 	cp $rootprefix/$repository /tmp/bfurepo.db
   1773 	bad_errors=`echo "PRAGMA integrity_check;" |
   1774 	    $sqlite /tmp/bfurepo.db 2>&1 | grep -v '^ok$'`
   1775 	if [[ $? -eq 0 ]]; then
   1776 		echo "integrity check failed:" >&2
   1777 		echo "$bad_errors" >&2
   1778 		echo >&2
   1779 		if [[ $force_override = no ]]; then
   1780 			cat >&2 <<EOF
   1781 Reseed the repository (see http://greenline.eng/quickstart.shtml#newrep)
   1782 before BFUing (or use the -f flag to force BFU to continue).  Re-seeding
   1783 will lose all smf(5) customizations.
   1784 EOF
   1785 			echo >&2
   1786 			exit 2;
   1787 		else
   1788 			echo "driving on anyway" >&2
   1789 		fi
   1790 	else
   1791 		echo "passed integrity check" >&2;
   1792 	fi
   1793 }
   1794 
   1795 smf_bkbfu_warning() {
   1796 	print ""
   1797 	print "*************************************************************"
   1798 	print " WARNING: BFU'ing $1 backwards across 5090532."
   1799 	print " Fixes have been made but the services cannot be refreshed"
   1800 	print " on the $1's inactive repository. Next boot for the"
   1801 	print " $1 will probably result in maintenance mode due to"
   1802 	print " dependency cycles. If so, at the $1's console, run:"
   1803 	print ""
   1804 	print " /usr/sbin/svcadm refresh system/sysidtool:system"
   1805 	print " /usr/sbin/svcadm refresh system/sysidtool:net"
   1806 	print " /usr/sbin/svcadm clear milestone/single-user"
   1807 	print " /usr/sbin/svcadm clear system/sysidtool:system"
   1808 	print " /usr/sbin/svcadm clear system/sysidtool:net"
   1809 	print ""
   1810 	print " to resolve."
   1811 	print " To avoid these problems, reseed the zone's repository."
   1812 	print " See http://greenline.eng/quickstart.shtml#newrep ."
   1813 	print " Note: Re-seeding will lose all smf(5) customization."
   1814 	print "*************************************************************"
   1815 	print ""
   1816 }
   1817 
   1818 smf_is_sysconfig() {
   1819 	#
   1820 	# Return success if going to post-5090532, i.e. post-sysconfig bits
   1821 	#
   1822 	# By now, we're going to post-smf bits - so multi-user.xml must
   1823 	# exist (since it was introduced by first SMF putback).
   1824 	# 
   1825 	# Function return status is return status of last command executed.
   1826 	# So, no need to check return status from grep below.
   1827 
   1828 	grep sysconfig $rootprefix/var/svc/manifest/milestone/multi-user.xml \
   1829 		>/dev/null 2>&1
   1830 }
   1831 
   1832 smf_bkbfu_past_sysconfig() {
   1833 	#
   1834 	# Check if bfu'ing back from post-5090532 to pre-5090532 bits.
   1835 	#
   1836 	if [[ -f $rootprefix/var/svc/manifest/milestone/sysconfig.xml ]] &&
   1837 	    ! smf_is_sysconfig ; then
   1838 		return 0
   1839 	fi
   1840 	return 1
   1841 }
   1842 
   1843 smf_bkbfu_repair_sysconfig() {
   1844 	#
   1845 	# Perform the necessary corrections when bfu'ing backwards
   1846 	# from post-5090532 to pre-5090532 bits.
   1847 	#
   1848 	# Get the pre-5090532 non-ON manifests, and issue minimal fixes
   1849 	# to the repository, to enable re-boot.
   1850 	#
   1851 	smf_copy_manifest pre-5090532/sysidtool.xml system
   1852 	if [[ $zone = global && $karch = i86pc ]]; then
   1853 		smf_copy_manifest pre-5090532/kdmconfig.xml platform/i86pc
   1854 	fi
   1855 	#
   1856 	# Now, remove sysidtool:{system, net}'s dependency on
   1857 	# single-user and filesystem-local.
   1858 	#
   1859 	# If $rootprefix is not empty, this could be the global zone,
   1860 	# with an alternate root BFU, or a non-global zone. For either
   1861 	# case, the repository to be updated is not the live one: use
   1862 	# SVCCFG_REPOSITORY to point to the repository to be updated.
   1863 	#
   1864 	# Note that in the alternate-root case, doing this seems better
   1865 	# than forcing the user to re-seed, or to dis-allow it. The
   1866 	# issue of svccfg and the repository not matching seems remote,
   1867 	# given that from initial SMF integration (on10_64) to on10_74,
   1868 	# there was no mismatch. In the remote possibility that there is a
   1869 	# mis-match (in the future) causing these calls to be suspect,
   1870 	# the user is already being advised, via the warning message, to
   1871 	# reseed the repository in case of trouble. If a mis-match is ever
   1872 	# introduced, code such as this would have to be fixed, so this
   1873 	# aspect of the warning is useful only during the interim period.
   1874 	#
   1875 	# NOTE that this is not an issue for non-global zones'
   1876 	# repositories - they couldn't be out-of-sync with
   1877 	# /tmp/bfubin/svccfg.
   1878 	#
   1879 	if [[ -n $rootprefix ]]; then
   1880 		export SVCCFG_REPOSITORY=$rootprefix/etc/svc/repository.db
   1881 		if [[ $zone = global ]]; then
   1882 			smf_bkbfu_warning "alternate root"
   1883 		else
   1884 			smf_bkbfu_warning "zone"
   1885 		fi
   1886 	fi
   1887 	#
   1888 	# Using the newer "-s" option to svccfg in the following is OK
   1889 	# since its introduction preceded 5090532 (and this routine wouldn't
   1890 	# be called unless the machine is running post-5090532 bits).
   1891 	#
   1892 	eval $BFUSVCCFG -s system/sysidtool:net delpg single-user
   1893 	eval $BFUSVCCFG -s system/sysidtool:system delpg single-user
   1894 	eval $BFUSVCCFG -s system/sysidtool:net delpg filesystem_local
   1895 	eval $BFUSVCCFG -s system/sysidtool:system delpg filesystem_local
   1896 
   1897 	#
   1898 	# On a live system, issue the refresh; For alternate root or non-global
   1899 	# zone, the user was asked to issue the refreshes and "clear"s in the
   1900 	# message above after a post-bfu reboot.
   1901 	#
   1902 	if [[ -z $rootprefix ]]; then
   1903 		/tmp/bfubin/svcadm refresh system/sysidtool:system \
   1904 		    system/sysidtool:net
   1905 	fi
   1906 
   1907 	#
   1908 	# Now, reset SVCCFG_REPOSITORY, if it was set
   1909 	#
   1910 	[[ -n $rootprefix ]] && unset SVCCFG_REPOSITORY
   1911 
   1912 	#
   1913 	# Remove the sysconfig.xml manifest when going back.  So backward
   1914 	# bfu check continues to work, and all manifests are correct.
   1915 	#
   1916 	cat >> $rootprefix/var/svc/profile/upgrade <<-EOF
   1917 	rm -f /var/svc/manifest/milestone/sysconfig.xml
   1918 	EOF
   1919 }
   1920 
   1921 #
   1922 # Return true if $file exists in $archive.  $file may also be a pattern.
   1923 #
   1924 archive_file_exists()
   1925 {
   1926 	archive=$1
   1927 	file=$2
   1928 
   1929 	$ZCAT $cpiodir/${archive}${ZFIX} | cpio -it 2>/dev/null | \
   1930 	    egrep -s "$file"
   1931 }
   1932 
   1933 #
   1934 # extract one or more files from an archive into a temporary directory
   1935 # provided by the caller.  The caller is responsible for checking to
   1936 # to see whether the desired file or files were extracted
   1937 #
   1938 # $1 - archive
   1939 # $2 - temporary dir
   1940 # remaining args: file(s) to be extracted.
   1941 #
   1942 archive_file_peek() {
   1943 	compressed_archive=`pwd`/$1
   1944 	tdir=$2
   1945 	shift
   1946 	shift
   1947 	if [ ! -d $tdir ] ; then
   1948 		return
   1949 	fi
   1950 	(cd $tdir; $ZCAT $compressed_archive | cpio -idmucB $* 2>&1 )
   1951 }
   1952 
   1953 #
   1954 # If we're no longer delivering the eeprom service, remove it from the system,
   1955 # as eeprom -I is removed as well.
   1956 #
   1957 smf_fix_i86pc_profile () {
   1958 	mfst="var/svc/manifest/platform/i86pc/eeprom.xml"
   1959 	profile="var/svc/profile/platform_i86pc.xml"
   1960 
   1961 	if [ ! "$karch" = "i86pc" ]; then
   1962 		return
   1963 	fi
   1964 
   1965 	if ! archive_file_exists generic.root "^$profile"; then
   1966 		rm -f $rootprefix/$profile
   1967 		rm -f $rootprefix/var/svc/profile/platform.xml
   1968 	fi
   1969 
   1970 	if [ ! -f $rootprefix/$mfst ]; then
   1971 		return
   1972 	fi
   1973 
   1974 	if archive_file_exists generic.root "^$mfst"; then
   1975 		return
   1976 	fi
   1977 
   1978 	rm -f $rootprefix/$mfst
   1979 
   1980 	#
   1981 	# we must disable via svccfg directly, as manifest-import runs after
   1982 	# this service tries to run
   1983 	#
   1984 	[[ -n "$rootprefix" ]] &&
   1985 	    export SVCCFG_REPOSITORY=$rootprefix/etc/svc/repository.db
   1986 	eval $BFUSVCCFG delete -f platform/i86pc/eeprom
   1987 	[[ -n "$rootprefix" ]] && unset SVCCFG_REPOSITORY
   1988 }
   1989 
   1990 #
   1991 # If the new system doesn't support the templates DTD extensions
   1992 # (due to backwards bfu), the global.xml manifest should be deleted.
   1993 #
   1994 smf_bkbfu_templates() {
   1995 	mfst="var/svc/manifest/system/svc/global.xml"
   1996 
   1997 	grep "pg_pattern" \
   1998 	    $rootprefix/usr/share/lib/xml/dtd/service_bundle.dtd.1> \
   1999 	    /dev/null 2>&1
   2000 	if [ $? -eq 1 ]; then
   2001 		rm -f $rootprefix/$mfst
   2002 	fi
   2003 
   2004 }
   2005 
   2006 smf_apply_conf () {
   2007 	#
   2008 	# Go thru the original manifests and move any that were unchanged
   2009 	# (or are not system-provided) back to their proper location.  This
   2010 	# will avoid superfluous re-import on reboot, as the inode and mtime
   2011 	# are both part of the hash.
   2012 	#
   2013 	if [ -d $rootprefix/$old_mfst_dir ]; then
   2014 		for f in `cd $rootprefix/$old_mfst_dir ; find . -type f`
   2015 		do
   2016 			old=$rootprefix/$old_mfst_dir/$f
   2017 			new=$rootprefix/$new_mfst_dir/$f
   2018 			if [ ! -f $new ]; then
   2019 				mkdir -m 0755 -p `dirname $new`
   2020 				mv $old $new
   2021 				continue
   2022 			fi
   2023 			cmp -s $old $new && mv $old $new
   2024 		done
   2025 		rm -rf $rootprefix/$old_mfst_dir
   2026 	fi
   2027 
   2028 	if [ -f $rootprefix/etc/init.d/inetd ]; then
   2029 		#
   2030 		# BFUing to non-SMF system -- undo our previous changes,
   2031 		# run an old hack, and skip the remainder of this function.
   2032 		#
   2033 		smf_inetd_reenable
   2034 		smf_tftp_reinstall
   2035 
   2036 		# Update inetd.conf only if we find rpc.metad file.
   2037 		[ -f $usr/sbin/rpc.metad ] &&
   2038 		    inetd_conf_svm_hack
   2039 
   2040 		return
   2041 	fi
   2042 
   2043 	#
   2044 	# At this point, the archive in question is a SMF version.  If
   2045 	# the smf(5) repository does not yet exist, create it by copying
   2046 	# the appropriate seed repository.  Since updating of non-global
   2047 	# zones only occurs when the live system is bfu'ed, the
   2048 	# appropriate seed is guaranteed to exist under the /lib
   2049 	# directory.
   2050 	#
   2051 	repository=$rootprefix/etc/svc/repository.db
   2052 	if [ ! -f $repository ]; then
   2053 		print "Initializing service configuration repository ..."
   2054 		if [ $zone = global ]; then
   2055 			cp $rootprefix/lib/svc/seed/global.db $repository
   2056 		else
   2057 			cp /lib/svc/seed/nonglobal.db $repository
   2058 		fi
   2059 		chmod 0600 $repository
   2060 		chown root:sys $repository
   2061 	fi
   2062 
   2063 	print "Removing obsolete smf services ..."
   2064 	for f in $smf_obsolete_manifests; do
   2065 		smf_delete_manifest $f
   2066 	done
   2067 	smf_delete_methods
   2068 	smf_delete_renamed_manifests
   2069 
   2070 	if [[ $dlmgmtd_status = cleanup ]]; then
   2071 		smf_cleanup_dlmgmtd
   2072 	fi
   2073 
   2074 	#
   2075 	# When doing backwards BFU, if the target does not contain
   2076 	# vtdaemon manifest, delete it and delete all the additional
   2077 	# console-login service instances which were used to provide
   2078 	# additional console sessions.
   2079 	#
   2080 	if ((! $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | \
   2081 	    grep vtdaemon.xml > /dev/null 2>&1) && [ $zone = global ]); then
   2082 		smf_cleanup_vt
   2083 	fi
   2084 
   2085 	#
   2086 	# Remove the Boomer audio service when BFUing to legacy audio bits
   2087 	#
   2088 	if ! check_boomer_bfu && [ $zone = global ]; then
   2089 		smf_cleanup_boomer
   2090 	fi
   2091 
   2092 	print "Disabling unneeded inetd.conf entries ..."
   2093 	smf_inetd_disable
   2094 	smf_tftp_reinstall
   2095 
   2096 	print "Connecting platform and name service profiles ..."
   2097 
   2098 	rm -f $rootprefix/var/svc/profile/name_service.xml
   2099 
   2100 	grep ldap $rootprefix/etc/nsswitch.conf >/dev/null 2>&1
   2101 	is_ldap=$?
   2102 	grep nisplus $rootprefix/etc/nsswitch.conf >/dev/null 2>&1
   2103 	is_nisplus=$?
   2104 	grep nis $rootprefix/etc/nsswitch.conf >/dev/null 2>&1
   2105 	is_nis=$?
   2106 
   2107 	if [ $is_ldap  = 0 ]; then
   2108 		ns_profile=ns_ldap.xml
   2109 	elif [ $is_nisplus = 0  ]; then
   2110 		ns_profile=ns_nisplus.xml
   2111 	elif [ $is_nis = 0 ]; then
   2112 		ns_profile=ns_nis.xml
   2113 	else
   2114 		ns_profile=ns_files.xml
   2115 	fi
   2116 
   2117 	ln -s $ns_profile $rootprefix/var/svc/profile/name_service.xml
   2118 
   2119 	rm -f $rootprefix/var/svc/profile/inetd_services.xml
   2120 	ln -s inetd_upgrade.xml $rootprefix/var/svc/profile/inetd_services.xml
   2121 
   2122 	print "Marking converted services as enabled ..."
   2123 
   2124 	[ -f $rootprefix/etc/resolv.conf ] && smf_enable network/dns/client
   2125 	[ -f $rootprefix/etc/inet/dhcpsvc.conf ] && \
   2126 	    smf_enable network/dhcp-server
   2127   
   2128 	# Not concerned about enabling/disabling rcap but will migrate
   2129 	# configuration parameters if rcap.conf exists
   2130 	#
   2131 	if [ -f $rootprefix/etc/rcap.conf ]; then
   2132 		migrate_rcap_conf
   2133 	fi
   2134 
   2135 	migrate_acctadm_conf
   2136 
   2137 	if [ $zone = global ]; then
   2138 		if [ -f $rootprefix/etc/dfs/dfstab ] &&
   2139 		    grep '^[ 	]*[^# 	]' $rootprefix/etc/dfs/dfstab \
   2140 		    > /dev/null; then
   2141 		    	smf_enable network/nfs/server
   2142 		fi
   2143 	else
   2144 		echo "/usr/sbin/svcadm disable network/nfs/server" >> \
   2145 		    $rootprefix/var/svc/profile/upgrade
   2146 	fi
   2147 
   2148 	[ -f $rootprefix/etc/inet/ntp.conf ] && smf_enable network/ntp
   2149 
   2150 
   2151 	domainname=`cat $rootprefix/etc/defaultdomain 2>/dev/null`
   2152         if [ ! -z "$domainname" -a -d $rootprefix/var/yp/$domainname ]; then
   2153 		smf_enable network/nis/server
   2154 
   2155 		# Determining whether we're a NIS master requires
   2156 		# looking through the maps.
   2157 		cat >>$rootprefix/var/svc/profile/upgrade <<\_EOF
   2158 # Determine whether we are a YP master.
   2159 domain=`/usr/bin/domainname`
   2160 hostname=`uname -n | cut -d. -f1 | tr '[A-Z]' '[a-z]'`
   2161 
   2162 if [ -x /usr/sbin/makedbm ]; then
   2163 	if [ -f /var/yp/NISLDAPmapping ]; then
   2164 		master=`/usr/sbin/makedbm -u /var/yp/\$domain/LDAP_passwd.byname | grep YP_MASTER_NAME | nawk '{ print $2 }'`
   2165 	else
   2166 		master=`/usr/sbin/makedbm -u /var/yp/\$domain/passwd.byname | grep YP_MASTER_NAME | nawk '{ print $2 }'`
   2167 	fi
   2168 fi
   2169 
   2170 # If we are the master server, enable appropriate services.
   2171 if [ "$master" = "$hostname" -a "$YP_SERVER" = "TRUE" ]; then
   2172 	/usr/sbin/svcadm enable network/nis/xfr
   2173 	/usr/sbin/svcadm enable network/nis/passwd
   2174 
   2175 	if [ ! -f /var/yp/NISLDAPmapping ]; then
   2176 		[ -f /var/yp/updaters ] && \
   2177 		    /usr/svc/svcadm enable network/nis/update
   2178 	fi
   2179 fi
   2180 _EOF
   2181 	fi
   2182 
   2183 	# Check if mddbs don't exist on the image.  If so, disable SVM services.
   2184 	MDDB_STATUS=1
   2185 	if [ -f $rootprefix/kernel/drv/md.conf ]; then
   2186 		sed -e 's/#.*$//' $rootprefix/kernel/drv/md.conf | \
   2187 		    egrep '^[        ]*mddb_bootlist' >/dev/null 2>&1
   2188 		MDDB_STATUS=$?
   2189 	fi
   2190 
   2191 	if [ $MDDB_STATUS -ne 0 ]; then
   2192 		for svc in metainit mdmonitor; do
   2193 		    echo "/usr/sbin/svcadm disable system/$svc:default" >> \
   2194 			$rootprefix/var/svc/profile/upgrade
   2195 		done
   2196 
   2197 		for svc in meta mdcomm metamed metamh; do
   2198 		    echo "/usr/sbin/svcadm disable network/rpc/$svc:default" \
   2199 			>> $rootprefix/var/svc/profile/upgrade
   2200 		done
   2201 	fi
   2202 
   2203 	# Workaround inetd's handling of "tcp6/udp6" when no IPv6 interfaces
   2204 	# are configured.
   2205 	for svc in meta mdcomm metamed metamh; do
   2206 	    echo "/usr/sbin/inetadm -m network/rpc/$svc:default proto=tcp" \
   2207 		">/dev/null 2>&1" >> $rootprefix/var/svc/profile/upgrade
   2208 	done
   2209 
   2210 	manifest_src=${MANIFEST_SRC-$GATE/public/smf}
   2211 	[[ -d $manifest_src ]] ||
   2212 	    manifest_src=${GATE}/public/smf
   2213 	[[ -d $manifest_src ]] || manifest_src=/net/greenline.eng/meta0/smf
   2214 
   2215 	if smf_bkbfu_past_sysconfig ; then
   2216 		echo "BFU'ing backwards across 5090532! Now repairing..."
   2217 		smf_bkbfu_repair_sysconfig
   2218 	fi
   2219 
   2220 	#
   2221 	# If bfu'ing milestone/sysconfig bits or onwards, update the
   2222 	# corresponding non-ON manifests - sysidtool and kdmconfig.
   2223 	#
   2224 	sysidmfst=$rootprefix/var/svc/manifest/system/sysidtool.xml
   2225 	kdmmfst=$rootprefix/var/svc/manifest/platform/i86pc/kdmconfig.xml
   2226 	if smf_is_sysconfig ; then
   2227 		if [[ ! -f $sysidmfst ]]; then
   2228 			#
   2229 			# if WOS build on machine is pre-greenline, and
   2230 			# we're bfu'ing to the sysconfig bits.
   2231 			#
   2232 			smf_copy_manifest post-5090532/sysidtool.xml system
   2233 			if [[ $zone = global ]]; then
   2234 				smf_copy_method sysidtool-net
   2235 				smf_copy_method sysidtool-system
   2236 			fi
   2237 			echo "Converted system/sysidtool (post-5090532)"
   2238 		else
   2239 			#
   2240 			# If sysidtool.xml already exists, update it
   2241 			# if necessary. Future updates of sysidtool.xml
   2242 			# must occur in the dir: $manifest_src/post-5090532
   2243 			#
   2244 			smf_copy_manifest post-5090532/sysidtool.xml system
   2245 		fi
   2246 		if [[ $zone = global && $karch = i86pc ]]; then
   2247 			if [[ ! -f $kdmmfst ]]; then
   2248 				#
   2249 				# if WOS build on machine is pre-greenline, and
   2250 				# we're bfu'ing to the sysconfig bits.
   2251 				#
   2252 				smf_copy_manifest post-5090532/kdmconfig.xml \
   2253 				    platform/i86pc
   2254 				smf_copy_method   svc-kdmconfig
   2255 				smf_cleanup_initd kdmconfig
   2256 				echo "Converted platform/i86pc/kdmconfig"
   2257 				echo "(post-5090532)"
   2258 			else
   2259 				#
   2260 				# If kdmconfig.xml already exists, update
   2261 				# it if necessary. Future updates of
   2262 				# kdmconfig.xml must occur in the dir:
   2263 				# $manifest_src/post-5090532
   2264 				#
   2265 				smf_copy_manifest post-5090532/kdmconfig.xml \
   2266 				    platform/i86pc
   2267 			fi
   2268 		fi
   2269 	else
   2270 		if [[ ! -f $sysidmfst ]]; then
   2271 			smf_copy_manifest pre-5090532/sysidtool.xml system
   2272 			if [[ $zone = global ]]; then
   2273 				smf_copy_method sysidtool-net
   2274 				smf_copy_method sysidtool-system
   2275 			fi
   2276 			echo "Converted system/sysidtool"
   2277 		fi
   2278 		if [[ $zone = global && $karch = i86pc && ! -f $kdmmfst ]];
   2279 		then
   2280 			smf_copy_manifest pre-5090532/kdmconfig.xml \
   2281 			    platform/i86pc
   2282 			smf_copy_method   svc-kdmconfig
   2283 			smf_cleanup_initd kdmconfig
   2284 			echo "Converted platform/i86pc/kdmconfig"
   2285 		fi
   2286 	fi
   2287 
   2288 	# If we've still got the old dtlogin manifest delivered by earlier
   2289 	# versions of bfu, delete it, as it was broken and should have
   2290 	# never been delivered.  A new version delivered by the CDE
   2291 	# consolidation should be left alone.
   2292 	if [[ -f $rootprefix/var/svc/manifest/application/dtlogin.xml &&
   2293 	    `grep -c GLXXX \
   2294 	    $rootprefix/var/svc/manifest/application/dtlogin.xml` -gt 0 &&
   2295 	    -x /tmp/bfubin/svccfg ]]; then
   2296 
   2297 		# Delete the obsolete manifest.
   2298 		rm -f $rootprefix/var/svc/manifest/application/dtlogin.xml
   2299 
   2300 		# Delete the service from repository, then use dtconfig -e to
   2301 		# revert to whatever the WOS bits are using if dtlogin was
   2302 		# enabled.
   2303 		cat >> $rootprefix/var/svc/profile/upgrade <<-EOFA
   2304 if /usr/bin/svcprop -q application/cde-login; then
   2305 	if [ \`/usr/bin/svcprop -p general/enabled \
   2306 		application/cde-login:default\` = "true" ]; then
   2307 		do_dtconfig=1;
   2308 	else
   2309 		do_dtconfig=0;
   2310 	fi
   2311 
   2312 	/usr/sbin/svccfg delete -f application/cde-login
   2313 	type instance_refresh 2>&1 > /dev/null
   2314 	if [ \$? = 0 ]; then
   2315 		instance_refresh system/console-login
   2316 	else
   2317 		/usr/sbin/svcadm refresh system/console-login
   2318 	fi
   2319 
   2320 	if [ \$do_dtconfig -eq 1 -a -x /usr/dt/bin/dtconfig ]; then
   2321 		/usr/dt/bin/dtconfig -e
   2322 	fi
   2323 fi
   2324 EOFA
   2325 	fi
   2326 
   2327 
   2328 	# Enable the inetd-upgrade service to convert any changes to inetd.conf
   2329 	smf_enable network/inetd-upgrade
   2330 
   2331 	# If global zone, and bfu'ing from smf, and the inetd-upgrade
   2332 	# service has an obsolete dependency, then add a clear of inetd
   2333 	# and inetd-upgrade to the upgrade file as either may drop into
   2334 	# maintenance due to a dependency loop resulting from the new
   2335 	# inetd manifest
   2336 	if [[ $zone = global && -x /tmp/bfubin/svccfg ]]; then
   2337 		/tmp/bfubin/svcprop -q -p network/entities network/inetd-upgrade
   2338 		if [[ $? = 0 ]]; then
   2339 		    	echo "/usr/sbin/svcadm clear network/inetd" >> \
   2340 			    $rootprefix/var/svc/profile/upgrade
   2341 			echo "/usr/sbin/svcadm clear network/inetd-upgrade" >> \
   2342 			    $rootprefix/var/svc/profile/upgrade
   2343 		fi
   2344 	fi
   2345 
   2346 	#
   2347 	# Import the name-service-cache service. This is to get the service
   2348 	# (with correct dependencies) in the repository before reboot.
   2349 	#
   2350 	smf_import_service system/name-service-cache.xml
   2351 
   2352 	#
   2353 	# Import the datalink-management service.
   2354 	#
   2355 	smf_import_service network/dlmgmt.xml \
   2356 	    svc:/network/datalink-management:default
   2357 
   2358 	#
   2359 	# Import the ldap/client service. This is to get the service
   2360 	# (with correct dependencies) in the repository before reboot.
   2361 	#
   2362 	smf_import_service network/ldap/client.xml
   2363 
   2364 	# Enable new NFS status and nlockmgr services if client is enabled
   2365 	cat >> $rootprefix/var/svc/profile/upgrade <<-EOF
   2366 	    cl="svc:/network/nfs/client:default"
   2367 	    if [ \`/usr/bin/svcprop -p general/enabled \$cl\` = "true" ]; then
   2368 		/usr/sbin/svcadm enable svc:/network/nfs/status:default
   2369 		/usr/sbin/svcadm enable svc:/network/nfs/nlockmgr:default
   2370 	    fi
   2371 
   2372 EOF
   2373 
   2374 	kpmani="$rootprefix/var/svc/manifest/network/security/krb5_prop.xml"
   2375 	if grep svc-kdc.slave $kpmani > /dev/null 2>&1; then
   2376 		cat >> $rootprefix/var/svc/profile/upgrade <<EOF
   2377 		# We are deleting and reimporting kpropd's manifest, because we
   2378 		# need to change the restarter.
   2379 		kpfmri="svc:/network/security/krb5_prop"
   2380 		kkfmri="svc:/network/security/krb5kdc:default"
   2381 		lkpmani="/var/svc/manifest/network/security/krb5_prop.xml"
   2382 		restarter=\`svcprop -c -p general/restarter \$kpfmri 2>&1\`
   2383 		case \$restarter in
   2384 			*network/inetd:default)
   2385 				kken=\`svcprop -c -p general/enabled \$kkfmri\`
   2386 				eval $BFUSVCCFG delete -f \$kpfmri
   2387 				eval $BFUSVCCFG import \$lkpmani 
   2388 				# Enable kpropd if krb5kdc is enabled, since
   2389 				# krb5kdc would have run kpropd
   2390 				if [ \$kken = "true" ]; then
   2391 					svcadm enable \$kpfmri
   2392 				fi
   2393 				;;
   2394 		esac
   2395 EOF
   2396 	fi
   2397 
   2398 	# Enable print server if there are local queues
   2399 	queues=`echo $rootprefix/etc/lp/printers/*/configuration`
   2400 	if [ "$queues" != "$rootprefix/etc/lp/printers/*/configuration" ]; then
   2401 		smf_enable application/print/server
   2402 	fi
   2403 
   2404 	# Enable rarpd and bootparamd if they would have been running pre-SMF
   2405 	if [ -d $rootprefix/tftpboot ] || [ -d $rootprefix/rplboot ]; then
   2406 		smf_enable network/rarp
   2407 		smf_enable network/rpc/bootparams
   2408 	fi
   2409 
   2410 	touch $rootprefix/var/svc/profile/.upgrade_prophist
   2411 
   2412 	cat >> $rootprefix/var/svc/profile/upgrade <<EOF
   2413 	# We are deleting and reimporting dcs's manifest, because we
   2414 	# need to change the restarter.
   2415 	dcsfmri="svc:/platform/sun4u/dcs:default"
   2416 	dcsmani="/var/svc/manifest/platform/sun4u/dcs.xml"
   2417 	restarter=\`svcprop -c -p general/restarter \$dcsfmri 2>&1\`
   2418 	case \$restarter in
   2419 		*network/inetd:default)
   2420 			en=\`svcprop -c -p general/enabled \$dcsfmri\`
   2421 			eval $BFUSVCCFG delete -f \$dcsfmri
   2422 			eval $BFUSVCCFG import \$dcsmani
   2423 			if [ \$en = "true" ]; then
   2424 				svcadm enable \$dcsfmri
   2425 			fi
   2426 			;;
   2427 	esac
   2428 EOF
   2429 
   2430 	smf_fix_i86pc_profile
   2431 
   2432 	smf_bkbfu_templates
   2433 }
   2434 
   2435 tx_check_update() {
   2436 #
   2437 # If a lbl_edition file is found it's a likely sign that old unbundled
   2438 # Trusted Extensions packages are installed and TX is active.  Update
   2439 # etc/system if needed, to complete enabling of the bundled TX.
   2440 #
   2441 	LMOD1=$rootprefix/kernel/sys/lbl_edition
   2442 	LMOD2=$rootprefix/kernel/sys/amd64/lbl_edition
   2443 	LMOD3=$rootprefix/kernel/sys/sparcv9/lbl_edition
   2444 
   2445 	grep "^set sys_labeling=" $rootprefix/bfu.child/etc/system > \
   2446 	    /dev/null 2>&1
   2447 	if [ $? -eq 0 ]; then
   2448 		return
   2449 	fi
   2450 
   2451 	if [ -f $LMOD1 -o -f $LMOD2 -o -f $LMOD3 ]; then
   2452 		echo "set sys_labeling=1" >> $rootprefix/bfu.child/etc/system
   2453 		if [ $? -ne 0 ]; then
   2454     			echo "cannot set sys_labeling in $rootprefix/bfu.child/etc/system"
   2455 			return
   2456 		fi
   2457 
   2458 		rm -f $LMOD1 $LMOD2 $LMOD3
   2459 	fi
   2460 }
   2461 
   2462 tx_check_bkbfu() {
   2463 #
   2464 # Emit a warning message if bfu'ing a Trusted Extensions-enabled system
   2465 # backwards to pre TX-merge bits.  In this case, unbundled packages must
   2466 # be reinstalled to complete restoration of old TX bits.
   2467 #
   2468 	bsmconv=$rootprefix/etc/security/bsmconv
   2469 
   2470 	# This check is only needed in global zone
   2471 	if [[ $zone != global ]]; then
   2472 		return
   2473 	fi
   2474 
   2475 	# No warning needed if TX is not currently enabled
   2476 	grep "^set sys_labeling=" $rootprefix/bfu.child/etc/system > \
   2477 	    /dev/null 2>&1
   2478 	if [ $? -ne 0 ]; then
   2479 		return
   2480 	fi
   2481 
   2482 	if [ ! -f $bsmconv ]; then
   2483 		return
   2484 	fi
   2485 	grep " -x /usr/bin/plabel " $bsmconv > /dev/null 2>&1
   2486 	if [ $? != 0 ]; then
   2487 		return
   2488 	fi
   2489 
   2490 	print ""
   2491 	print "*************************************************************"
   2492 	print " WARNING: BFU'ing TX backwards across 6533113."
   2493 	print " Must re-install unbundled TX packages to remain Trusted."
   2494 	print "*************************************************************"
   2495 	print ""
   2496 }
   2497 
   2498 #
   2499 # The directboot putback moved the console property from
   2500 # /boot/solaris/bootenv.rc to /boot/grub/menu.lst.  It should be kept in both.
   2501 #
   2502 cleanup_eeprom_console()
   2503 {
   2504 	bootenvrc="$root/boot/solaris/bootenv.rc"
   2505 	menu_console=`eeprom console 2>/dev/null | \
   2506 	    grep -v 'data not available' | cut -d= -f2-`
   2507 	bootenv_console=`grep '^setprop[	 ]\{1,\}console\>' $bootenvrc`
   2508 	if [ -n "$menu_console" ] && [ -z "$bootenv_console" ]; then
   2509 		echo "setprop console '$menu_console'" >> $bootenvrc
   2510 	fi
   2511 }
   2512 
   2513 EXTRACT_LOG=/tmp/bfu-extract-log.$$
   2514 
   2515 rm -f $EXTRACT_LOG
   2516 
   2517 extraction_error() {
   2518 	echo error $* >> $EXTRACT_LOG
   2519 }
   2520 
   2521 #
   2522 # Make a local copy of bfu in /tmp and execute that instead.
   2523 # This makes us immune to loss of networking and/or changes
   2524 # to the original copy that might occur during execution.
   2525 #
   2526 cd .
   2527 abspath=`[[ $0 = /* ]] && print $0 || print $PWD/$0`
   2528 if [[ $abspath != /tmp/* ]]; then
   2529 	localpath=/tmp/bfu.$$
   2530 	print "Copying $abspath to $localpath"
   2531 	cp $abspath $localpath
   2532 	chmod +x $localpath
   2533 	print "Executing $localpath $*\n"
   2534 	exec $localpath $*
   2535 fi
   2536 
   2537 export PATH=/usr/bin:/usr/sbin:/sbin
   2538 
   2539 usage() {
   2540 	echo "Usage:"
   2541 	echo "    bfu    [-fh] <archive_dir> [root-dir]"
   2542 	echo "\tUpdate a single machine by loading archives on root-dir."
   2543 	echo "\troot-dir defaults to / (a live bfu).\n"
   2544 	echo "    bfu -c [-fh] <archive_dir> <exec-dir>"
   2545 	echo "\tUpdate all diskless clients by loading archives on each client"
   2546 	echo "\tthat mounts exec-dir as /usr.  <exec-dir> must start with"
   2547 	echo "\t/export/exec and each client's root must be in /export/root.\n"
   2548 	echo "\t-f        force bfu to continue even if it doesn't seem safe"
   2549 	fail "\t-h|-help  print this usage message and exit\n"
   2550 }
   2551 
   2552 diskless=no
   2553 force_override=no
   2554 while [ $# -gt 0 ]; do
   2555 	case $1 in
   2556 		-c)		diskless=yes;;
   2557 		-f)		force_override=yes;;
   2558 		-h|-help)	usage;;
   2559 		*)      	break;;
   2560 	esac
   2561 	shift
   2562 done
   2563 
   2564 # Variables for x86 platforms
   2565 boot_is_pcfs=no
   2566 have_realmode=no
   2567 is_pcfs_boot=no
   2568 new_dladm=no
   2569 
   2570 # Set when moving to either directboot or multiboot
   2571 multi_or_direct=no
   2572 
   2573 #
   2574 # Shows which type of archives we have, which type of system we are
   2575 # running on (before the bfu), and what the failsafe archives are
   2576 # (again, before the bfu).  failsafe_type is only needed on diskful
   2577 # bfu's, so it's not set in the diskless case.
   2578 # Possible values: unknown, dca, multiboot, directboot, xpv
   2579 #
   2580 archive_type=unknown
   2581 system_type=unknown
   2582 failsafe_type=unknown
   2583 
   2584 test $# -ge 1 || usage
   2585 
   2586 if [ -x /usr/bin/ppriv ]; then
   2587 	# We prefer to use ppriv, as it is a more accurate test, and also
   2588 	# has the benefit of preventing use from within a nonglobal zone.
   2589 	ppriv $$ | grep -w "E: all" > /dev/null 2>&1 || \
   2590 	    fail "bfu requires all privileges"
   2591 else
   2592 	# Fall back to old id check if system does not yet have ppriv.
   2593 	uid=`id | nawk '{print $1}'`
   2594 	[ "$uid" = "uid=0(root)" ] || \
   2595 	    fail "You must be super-user to run this script."
   2596 fi
   2597 
   2598 bfu_isa=`uname -p`
   2599 target_isa=$bfu_isa
   2600 karch=`uname -m`
   2601 plat=`uname -i`
   2602 
   2603 cpiodir=$1
   2604 
   2605 if [ "$cpiodir" = again ]; then
   2606 	cpiodir=`nawk '/^bfu.ed from / { print $3; exit }' /etc/motd`
   2607 fi
   2608 
   2609 [[ "$cpiodir" = */* ]] || cpiodir=$ARCHIVE/archives/$target_isa/$1
   2610 
   2611 [[ "$cpiodir" = /* ]] || fail "archive-dir must be an absolute path"
   2612 
   2613 cd $cpiodir
   2614 case `echo generic.root*` in
   2615 	generic.root)		ZFIX="";	ZCAT="cat";;
   2616 	generic.root.gz)	ZFIX=".gz";	ZCAT="gzip -d -c";;
   2617 	generic.root.Z)		ZFIX=".Z";	ZCAT="zcat";;
   2618 	*) fail "generic.root missing or in unknown compression format";;
   2619 esac
   2620 
   2621 #
   2622 # Determine what kind of archives we're installing, using the following rules:
   2623 #
   2624 # 1. If i86xpv archives exist, the archives are xpv
   2625 # 2. If strap.com is present, the archives are pre-multiboot
   2626 # 3. If symdef is present, the archives are directboot
   2627 # 4. Otherwise, the archives are multiboot
   2628 #
   2629 if [ $target_isa = i386 ]; then
   2630 	if [ -f $cpiodir/i86xpv.root$ZFIX ]; then
   2631 		archive_type=xpv
   2632 		multi_or_direct=yes
   2633 	elif [ -f $cpiodir/i86pc.boot$ZFIX ] && \
   2634 	    archive_file_exists i86pc.boot "strap.com"; then
   2635 		archive_type=dca
   2636 	elif [ -f $cpiodir/i86pc.root$ZFIX ] && \
   2637 	    archive_file_exists i86pc.boot symdef; then
   2638 		archive_type=directboot
   2639 		multi_or_direct=yes
   2640 	else
   2641 		archive_type=multiboot
   2642 		multi_or_direct=yes
   2643 	fi
   2644 fi
   2645 
   2646 if [ $diskless = no ]; then
   2647 	root=${2:-/}
   2648 	[[ "$root" = /* ]] || fail "root-dir must be an absolute path"
   2649 	usrroot=$root
   2650 	usr=${usrroot%/}/usr
   2651 	rootlist=$root
   2652 
   2653 	[[ -f $root/etc/system ]] || \
   2654 	    fail "$root/etc/system not found; nonglobal zone target not allowed"
   2655 
   2656 	rootfstype=`df -n $root | awk '{print $3}'`
   2657 
   2658 	if [ "$rootfstype" = "zfs" ]; then
   2659 		archive_has_zfs_root_support=no
   2660 		mkdir /tmp/zfschk.$$
   2661 		archive_file_peek generic.lib /tmp/zfschk.$$ \
   2662 		    "lib/svc/share/fs_include.sh"
   2663 		if [ -f /tmp/zfschk.$$/lib/svc/share/fs_include.sh ] ; then
   2664 			if grep '^readswapdev' \
   2665 			     /tmp/zfschk.$$/lib/svc/share/fs_include.sh \
   2666 			     >/dev/null 2>&1 ; then
   2667 				archive_has_zfs_root_support=yes
   2668 			fi
   2669 		fi
   2670 		rm -fr /tmp/zfschk.$$
   2671 
   2672 		if [ "$archive_has_zfs_root_support" = "no" ] ; then
   2673 			fail "Cannot bfu a system with zfs root to an archive with no zfs root support"
   2674 		fi
   2675 	fi
   2676 
   2677 	# Make sure we extract the sun4u-us3 libc_psr.so.1
   2678 	if [ -d $root/platform/sun4u -a \
   2679 	   ! -d $root/platform/sun4u-us3 ]
   2680 	then
   2681 		mkdir $root/platform/sun4u-us3
   2682 		chmod 755 $root/platform/sun4u-us3
   2683 		chown root $root/platform/sun4u-us3
   2684 		chgrp sys $root/platform/sun4u-us3
   2685 	fi
   2686 
   2687 	if [ $target_isa = i386 ]; then
   2688 		if [ $archive_type = xpv ]; then
   2689 			#
   2690 			# On i386, we want to apply the archives for both
   2691 			# platforms (i86pc and i86xpv) if they exist.  We
   2692 			# force the platform to i86xpv so that both will be
   2693 			# applied.
   2694 			#
   2695 			karch=i86pc
   2696 			plat=i86xpv
   2697 		fi
   2698 		if [ ! -d $root/platform/i86hvm ]; then
   2699 			mkdir $root/platform/i86hvm
   2700 		fi
   2701 	fi
   2702 
   2703 	if [ $karch != $plat -a -f ${cpiodir}/${plat}.usr$ZFIX ]; then
   2704 		usrarchs="$karch $plat"
   2705 	else
   2706 		usrarchs="$karch"
   2707 	fi
   2708 	if [ $karch != $plat -a -f ${cpiodir}/${plat}.root$ZFIX ]; then
   2709 		rootarchs="$karch $plat"
   2710 	else
   2711 		rootarchs="$karch"
   2712 	fi
   2713 
   2714 	if [ -h ${root}/platform/${plat} ]; then
   2715 		rm -f ${root}/platform/${plat}
   2716 	fi
   2717 	if [ -h ${usr}/platform/${plat} ]; then
   2718 		rm -f ${usr}/platform/${plat}
   2719 	fi
   2720 
   2721 	if [ $plat != $karch -a -f ${cpiodir}/${plat}.root$ZFIX \
   2722 	    -a -f ${cpiodir}/${plat}.usr$ZFIX ]
   2723 	then
   2724 		cd $cpiodir
   2725 		#
   2726 		#  Look through all the archives we build and match
   2727 		#  the names of built archives with the names of
   2728 		#  directories installed on this machine.  We assume
   2729 		#  here that we can get the names of all architectures
   2730 		#  by pattern matching the names of .root archives - so
   2731 		#  if we ever had a case where we had only a .usr archive
   2732 		#  we wouldn't find that archive.
   2733 		#
   2734 		for i in *.root*
   2735 		do
   2736 			platname=${i%.root*}
   2737 			if [ -z "${platname}" -o ${platname} = $karch -o \
   2738 			    $platname = generic -o ${platname} = $plat ]; then
   2739 				continue;
   2740 			fi
   2741 			if [ -d ${root}/platform/${platname} -o \
   2742 			    -h ${root}/platform/${platname} ]; then
   2743 				rootarchs="${rootarchs} ${platname}"
   2744 			fi
   2745 			if [ -d ${usr}/platform/${platname} -o \
   2746 			    -h ${usr}/platform/${platname} ]; then
   2747 				usrarchs="${usrarchs} ${platname}"
   2748 			fi
   2749 			if [ -h ${root}/platform/${platname} ]; then
   2750 				rm -f ${root}/platform/${platname}
   2751 			fi
   2752 			if [ -h ${usr}/platform/${platname} ]; then
   2753 				rm -f ${usr}/platform/${platname}
   2754 			fi
   2755 		done
   2756 	fi
   2757 	if [ "$rootfstype" = "ufs" ] ; then
   2758 		rootslice=`df -k $root | nawk 'NR > 1 { print $1 }' | \
   2759 		    sed s/dsk/rdsk/`
   2760 	fi
   2761 
   2762 	print "Loading $cpiodir on $root"
   2763 else
   2764 	usrroot=$2
   2765 	usr=$2/usr
   2766 	[[ "$usr" = /export/exec/* ]] || fail "exec-dir $usrroot sounds bogus"
   2767 	case $2 in
   2768 	    *sparc*)
   2769 		target_isa=sparc ;;
   2770 	    *i386*)
   2771 		target_isa=i386 ;;
   2772 	esac
   2773 	cd $cpiodir
   2774 	test -f generic.root$ZFIX || fail "$cpiodir/generic.root$ZFIX missing"
   2775 	allarchs=$(echo $(ls *.root$ZFIX | grep -v generic.root$ZFIX | \
   2776 		sed -e 's/.root.*//'))
   2777 
   2778 	if [ $target_isa = i386 -a $archive_type = xpv ]; then
   2779 		#
   2780 		# On i386, we want to apply the archives for both platforms
   2781 		# (i86pc and i86xpv) if they exist.  We force the platform
   2782 		# to i86xpv so that both will be applied.
   2783 		#
   2784 		karch=i86pc
   2785 		plat=i86xpv
   2786 	else
   2787 		# XXX Pick karch as last available root arch
   2788 		karch=${allarchs##* }
   2789 		# XXX Pick plat as first available root arch
   2790 		plat=${allarchs%% *}
   2791 	fi
   2792 
   2793 	rootlist=""
   2794 	for root in /export/root/*
   2795 	do
   2796 		test -f $root/etc/vfstab &&
   2797 			egrep -s $usrroot $root/etc/vfstab &&
   2798 			rootlist="$rootlist $root"
   2799 	done
   2800 	test -n "$rootlist" || fail "no clients to upgrade"
   2801 	print "Loading $cpiodir usr archives on:\n\t$usr\n"
   2802 	print "Loading $cpiodir root archives on:"
   2803 	for root in $rootlist
   2804 	do
   2805 		print "\t$root"
   2806 	done
   2807 fi
   2808 
   2809 if grep '^[ 	]*zfsroot:' $root/etc/system >/dev/null && \
   2810 	    archive_file_exists i86pc.boot boot/grub/zfs_stage1_5; then
   2811 	echo "Cannot BFU a system with the mountroot version"\
   2812 		"of zfs boot support."
   2813 	echo "For information on how to transition this system to the new"
   2814 	echo "zfs boot support, see:"
   2815 	echo "http://www.opensolaris.org/os/community/zfs/boot/zfsboot-manual/mntroot-transition/"
   2816 	fail ""
   2817 fi
   2818 
   2819 nss_lib="$usr/lib/mps/libnss3.so"
   2820 nss_lib64="$usr/lib/mps/64/libnss3.so"
   2821 valid_rpath="\$ORIGIN:/usr/lib/mps/secv1:/usr/lib/mps"
   2822 rpath_msg="R(UN)?PATH from file ${nss_lib}\)"
   2823 if [ ! -x /usr/bin/ldd ]; then
   2824 	if [ "$force_override" = yes ]; then
   2825 		echo "/usr/bin/ldd is missing but -f is set; continuing."
   2826 	else
   2827 		echo "/usr/bin/ldd is missing."
   2828 		fail "Install the SUNWtoo package."
   2829 	fi
   2830 fi
   2831 nss_rpath=`ldd -s $nss_lib | egrep "$rpath_msg" | head -1 | cut -d'=' -f2 | \
   2832 		awk '{print $1}'`
   2833 update_script="${GATE}/public/bin/update_nsspkgs"
   2834 if [ $valid_rpath != "$nss_rpath" ]; then
   2835 	if [ "$force_override" = yes ]; then
   2836 		echo "$nss_lib is not valid but -f is set; continuing."
   2837 	else
   2838 		echo "$nss_lib is not valid."
   2839 		fail "Run $update_script to update the SUNWtls package."
   2840 	fi
   2841 fi
   2842 if [ $target_isa = i386 -a ! -f $nss_lib64 ]; then
   2843 	echo "$nss_lib64 does not exist."
   2844 	fail "Run $update_script to update the NSS packages."
   2845 fi
   2846 
   2847 update_script="${GATE}/public/bin/migrate_bind9"
   2848 if [[ ! -f $usr/lib/dns/libdns.so ]] && ! $ZCAT $cpiodir/generic.usr$ZFIX | \
   2849 	    cpio -it 2>/dev/null |  egrep -s '^usr/sbin/ndc' ; then
   2850 	if [ "$force_override" = yes ]; then
   2851 		echo "BIND 9 has not been installed, but -f is set; continuing."
   2852 	else
   2853 		echo "BIND 8 has been removed from ON; BIND 9 is available from SFW."
   2854 		fail "Run $update_script to migrate to BIND 9."
   2855 	fi
   2856 fi
   2857 
   2858 update_script="${GATE}/public/bin/update_ce"
   2859 if ifconfig -a | egrep '^ce' >/dev/null 2>/dev/null; then
   2860 	# CE version 1.148 or later is required
   2861 	cever=`modinfo | grep 'CE Ethernet' | sed 's/.*v1\.//' | tr -d ')' | \
   2862 	    nawk '{ if ($1 < 148) print "BAD"; else print $1 }'`
   2863 	if [ "$cever" = "BAD" ]; then
   2864 		fail "You must run $update_script to upgrade your ce driver."
   2865 	fi
   2866 fi
   2867 
   2868 update_script="${GATE}/public/bin/update_dbus"
   2869 if [ ! -x $usr/lib/dbus-daemon ]; then
   2870 	fail "Run $update_script to update D-Bus."
   2871 fi
   2872 
   2873 #
   2874 # We need biosdev if we're moving from pre-multiboot to multiboot or directboot
   2875 # kernels.  If we already have an i86xpv kernel, then we must already be a
   2876 # directboot kernel, and can therefore skip the check.
   2877 #
   2878 if [ $target_isa = i386 ] && [ $multi_or_direct = yes ] && \
   2879     [ $diskless = no ] && [ ! -d /platform/i86xpv/ ]; then
   2880 	prtconf -v | grep biosdev >/dev/null 2>&1
   2881 	if [ $? -ne 0 ] && [ ! -f $rootprefix/platform/i86pc/multiboot ]; then
   2882 		echo "biosdev cannot be run on this machine."
   2883 		echo "Transitioning from classic to multiboot requires a"
   2884 		echo "bootconf which is compatible with biosdev."
   2885 		echo "bfu to onnv_12 first, then to a build with multiboot."
   2886 		fail ""
   2887 	fi
   2888 fi
   2889 
   2890 #
   2891 # Check whether the archives have a datalink-management services; this is
   2892 # later used to determine whether we need to upgrade the existing datalink
   2893 # configuration and if the datalink-management service needs to be removed.
   2894 #
   2895 if archive_file_exists generic.sbin "sbin/dlmgmtd"; then
   2896 	dlmgmtd_exists=true
   2897 else
   2898 	dlmgmtd_exists=false
   2899 fi
   2900 #
   2901 # Set the value of dlmgmtd_status based on the existence of the
   2902 # /sbin/dlmgmtd file
   2903 #
   2904 dlmgmtd_status=none
   2905 if [[ -f $root/sbin/dlmgmtd ]] && ! $dlmgmtd_exists ; then
   2906 	dlmgmtd_status=cleanup
   2907 elif [[ ! -f $root/sbin/dlmgmtd ]] && $dlmgmtd_exists ; then
   2908 	dlmgmtd_status=new
   2909 fi
   2910 
   2911 #
   2912 # Check whether the archives have an etc/dladm directory; this is
   2913 # later used to determine if aggregation.conf needs to be moved.
   2914 #
   2915 if $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | \
   2916     grep etc/dladm > /dev/null 2>&1 ; then
   2917 	new_dladm=yes
   2918 fi
   2919 
   2920 #
   2921 # The Clearview IP Tunneling project changes the format of the
   2922 # /etc/dladm/datalink.conf file.  The conversion is done in the
   2923 # dlmgmtd daemon, so there is no backwards conversion when bfu'ing
   2924 # backwards.  The solution is to have bfu save the old file away when
   2925 # bfu'ing across this project, and restore it when bfu'ing back.
   2926 #
   2927 datalink_file=$root/etc/dladm/datalink.conf
   2928 datalink_backup=$root/etc/dladm/datalink.conf.bfusave
   2929 datalink_action=none
   2930 if [[ -f $datalink_file ]]; then
   2931 	iptun_exists=false
   2932 	if archive_file_exists generic.kernel "kernel/drv/iptun.conf"; then
   2933 		iptun_exists=true
   2934 	fi
   2935 	if [[ ! -f $root/kernel/drv/iptun.conf ]] && $iptun_exists; then
   2936 		datalink_action=save
   2937 	elif [[ -f $root/kernel/drv/iptun.conf ]] && ! $iptun_exists; then
   2938 	    	datalink_action=restore
   2939 	fi
   2940 fi
   2941 
   2942 #
   2943 # Check whether the build is boot-archive or ufsboot sparc
   2944 # boot based on the existence of a generic.boot archive
   2945 #
   2946 newboot_sparc=no
   2947 if [ $target_isa = sparc -a -f $cpiodir/generic.boot$ZFIX ]; then
   2948 	newboot_sparc=yes
   2949 fi
   2950 
   2951 time_ref=/tmp/bfu.time_ref.$$
   2952 rm -f $time_ref
   2953 touch $time_ref || fail "$time_ref: Unable to create time reference."
   2954 time_ref_seconds=$SECONDS
   2955 
   2956 print "\nCreating bfu execution environment ..."
   2957 
   2958 #
   2959 # Save off a few critical libraries and commands, so that bfu will
   2960 # continue to function properly even in the face of major
   2961 # kernel/library/command incompatibilities during a live upgrade.
   2962 #
   2963 bfucmd="
   2964 	/usr/bin/awk
   2965 	/usr/bin/cat
   2966 	/usr/bin/chgrp
   2967 	/usr/bin/chmod
   2968 	/usr/bin/chown
   2969 	/usr/bin/cmp
   2970 	/usr/bin/cp
   2971 	/usr/bin/cpio
   2972 	/usr/bin/csh
   2973 	/usr/bin/cut
   2974 	/usr/bin/date
   2975 	/usr/bin/dd
   2976 	/usr/bin/df
   2977 	/usr/bin/diff
   2978 	/usr/bin/du
   2979 	/usr/bin/echo
   2980 	/usr/bin/ed
   2981 	/usr/bin/egrep
   2982 	/usr/bin/env
   2983 	/usr/bin/ex
   2984 	/usr/bin/expr
   2985 	/usr/bin/false
   2986 	/usr/bin/fgrep
   2987 	/usr/bin/file
   2988 	/usr/bin/find
   2989 	/usr/bin/gettext
   2990 	/usr/bin/grep
   2991 	/usr/bin/head
   2992 	/usr/bin/id
   2993 	/usr/bin/ksh
   2994 	/usr/bin/ksh93
   2995 	/usr/bin/line
   2996 	/usr/bin/ln
   2997 	/usr/bin/ls
   2998 	/usr/bin/mkdir
   2999 	/usr/bin/mktemp
   3000 	/usr/bin/more
   3001 	/usr/bin/mv
   3002 	/usr/bin/nawk
   3003 	/usr/bin/pgrep
   3004 	/usr/bin/pkginfo
   3005 	/usr/bin/pkill
   3006 	/usr/bin/printf
   3007 	/usr/bin/ps
   3008 	/usr/bin/ptree
   3009 	/usr/bin/rm
   3010 	/usr/bin/rmdir
   3011 	/usr/bin/sed
   3012 	/usr/bin/sh
   3013 	/usr/bin/sort
   3014 	/usr/bin/strings
   3015 	/usr/bin/stty
   3016 	/usr/bin/su
   3017 	/usr/bin/tail
   3018 	/usr/bin/tee
   3019 	/usr/bin/touch
   3020 	/usr/bin/tr
   3021 	/usr/bin/true
   3022 	/usr/bin/truss
   3023 	/usr/bin/tty
   3024 	/usr/bin/uname
   3025 	/usr/bin/uniq
   3026 	/usr/bin/uptime
   3027 	/usr/bin/vi
   3028 	/usr/bin/w
   3029 	/usr/bin/wc
   3030 	/usr/bin/xargs
   3031 	/usr/bin/zcat
   3032 	/usr/sbin/add_drv
   3033 	/usr/sbin/chroot
   3034 	/usr/sbin/halt
   3035 	/usr/sbin/lockfs
   3036 	/usr/sbin/lofiadm
   3037 	/usr/sbin/mkfile
   3038 	/usr/sbin/mkfs
   3039 	/usr/sbin/mknod
   3040 	/usr/sbin/mount
   3041 	/usr/sbin/newfs
   3042 	/usr/sbin/pkgrm
   3043 	/usr/sbin/prtconf
   3044 	/usr/sbin/reboot
   3045 	/usr/sbin/rem_drv
   3046 	/usr/sbin/sync
   3047 	/usr/sbin/tar
   3048 	/usr/sbin/uadmin
   3049 	/usr/sbin/umount
   3050 	/usr/sbin/update_drv
   3051 	/usr/sbin/wall
   3052 	/usr/sbin/zonecfg
   3053 	${FASTFS-$GATE/public/bin/$bfu_isa/fastfs}
   3054 	${GZIPBIN-$GATE/public/bin/$bfu_isa/gzip}
   3055 "
   3056 #
   3057 # Scripts needed by BFU. These must be modified to use the interpreters in
   3058 # /tmp/bfubin. The interpreters in /usr/bin may not be compatible with the
   3059 # libraries in the archives being extracted.
   3060 #
   3061 bfuscr="
   3062 	${ACR-${GATE}/public/bin/acr}
   3063 "
   3064 
   3065 #
   3066 # Tools which may be either scripts or ELF binaries,
   3067 # so we need to check them before adding to either $bfucmd or $bfuscr.
   3068 # This does not handle compiled shell scripts yet.
   3069 #
   3070 bfuchameleons="
   3071         /usr/bin/basename
   3072         /usr/bin/bg
   3073         /usr/bin/cd
   3074         /usr/bin/cksum
   3075         /usr/bin/cmp
   3076         /usr/bin/comm
   3077         /usr/bin/command
   3078         /usr/bin/dirname
   3079         /usr/bin/cut
   3080         /usr/bin/fc
   3081         /usr/bin/fg
   3082         /usr/bin/getopts
   3083         /usr/bin/hash
   3084         /usr/bin/jobs
   3085         /usr/bin/join
   3086         /usr/bin/kill
   3087         /usr/bin/logname
   3088         /usr/bin/paste
   3089         /usr/bin/print
   3090         /usr/bin/read
   3091         /usr/bin/rev
   3092         /usr/bin/sleep
   3093         /usr/bin/sum
   3094         /usr/bin/tee
   3095         /usr/bin/test
   3096         /usr/bin/type
   3097         /usr/bin/ulimit
   3098         /usr/bin/umask
   3099         /usr/bin/unalias
   3100         /usr/bin/uniq
   3101         /usr/bin/wait
   3102         /usr/bin/wc
   3103 "
   3104 
   3105 for chameleon in ${bfuchameleons} ; do
   3106         if [[ "$(file "${chameleon}")" == *ELF* ]] ; then
   3107                 bfucmd="${bfucmd} ${chameleon}"
   3108         else
   3109                 bfuscr="${bfuscr} ${chameleon}"
   3110         fi
   3111 done
   3112 
   3113 rm -rf /tmp/bfubin
   3114 mkdir /tmp/bfubin
   3115 set $bfucmd
   3116 isalist=`isalist`
   3117 while [ $# -gt 0 ]
   3118 do
   3119 	dir=${1%/*}
   3120 	cmd=${1##*/}
   3121 	cd $dir
   3122 	isacmd=`(find $isalist -name $cmd 2>/dev/null; echo $cmd) | head -1`
   3123 	cp $dir/$isacmd /tmp/bfubin || fail "cannot copy $dir/$isacmd"
   3124 	shift
   3125 done
   3126 
   3127 #
   3128 # Optional commands.  We warn, but do not abort, if we are crossing a
   3129 # feature boundary (where a command is not present in the parent).
   3130 # Clauses requiring these commands must explicitly test for their
   3131 # presence in /tmp/bfubin.
   3132 #
   3133 bfuoptcmd="
   3134 	/sbin/biosdev
   3135 	/sbin/bootadm
   3136 	/sbin/installgrub
   3137 	/usr/sbin/fdisk
   3138 	/usr/sbin/metastat
   3139 	/usr/bin/mkisofs
   3140 	/usr/sbin/svcadm
   3141 	/usr/sbin/svccfg
   3142 	/usr/bin/svcprop
   3143 	/usr/bin/svcs
   3144 "
   3145 
   3146 set $bfuoptcmd
   3147 isalist=`isalist`
   3148 while [ $# -gt 0 ]
   3149 do
   3150 	dir=${1%/*}
   3151 	cmd=${1##*/}
   3152 	cd $dir
   3153 	isacmd=`(find $isalist -name $cmd 2>/dev/null; echo $cmd) | head -1`
   3154 	cp $dir/$isacmd /tmp/bfubin 2>/dev/null
   3155 	shift
   3156 done
   3157 
   3158 
   3159 #
   3160 # set up installgrub and friends if transitioning to multiboot or directboot
   3161 # do this now so ldd can determine library dependencies
   3162 #
   3163 # We split the binaries into two groups: the type where we want to make any
   3164 # effort to get the newest version (like symdef and bootadm), and the type
   3165 # where any old version will do (like installgrub and biosdev).
   3166 #
   3167 # If we're bfu'ing across the directboot/multiboot boundary, we need the new
   3168 # bootadm and symdef to properly handle menu.lst changes.  If the system is
   3169 # directboot, we can use the local copies.  If the system is multiboot but
   3170 # the archives are directboot, we extract the binaries early.  Otherwise,
   3171 # we're not crossing the boundary, and which one we use doesn't matter.
   3172 #
   3173 # NB - if bootadm or symdef is ever changed to require a new library, the
   3174 # early extraction will blow up horribly.
   3175 #
   3176 # For testing purposes, a user can set DIRECTBOOT_BIN_DIR in the environment,
   3177 # and we'll use that instead.
   3178 #
   3179 MULTIBOOT_BIN_DIR=${MULTIBOOT_BIN_DIR:=${GATE}/public/multiboot}
   3180 have_new_bootadm=unknown
   3181 
   3182 if [ -f "$root/platform/i86xpv/kernel/unix" ]; then
   3183 	root_is_xpv=yes
   3184 	root_is_directboot=yes
   3185 elif [ -x "$root/boot/solaris/bin/symdef" ] && \
   3186     "$root"/boot/solaris/bin/symdef "$root/platform/i86pc/kernel/unix" \
   3187     dboot_image; then
   3188 	root_is_xpv=no
   3189 	root_is_directboot=yes
   3190 else
   3191 	root_is_xpv=no
   3192 	root_is_directboot=no
   3193 fi
   3194 
   3195 #
   3196 # A comma-separated list of the command and the archive it's in
   3197 #
   3198 multiboot_new_cmds="
   3199 	sbin/bootadm,generic.sbin
   3200 	boot/solaris/bin/symdef,i86pc.boot
   3201 "
   3202 
   3203 if [ $multi_or_direct = yes ]; then
   3204 	for line in $multiboot_new_cmds
   3205 	do
   3206 		cmd=${line%,*}
   3207 		file=${cmd##*/}
   3208 		archive=${line#*,}
   3209 		if [ -n "$DIRECTBOOT_BIN_DIR" ] && \
   3210 		    [ -f $DIRECTBOOT_BIN_DIR/$file ]; then
   3211 			cp $DIRECTBOOT_BIN_DIR/$file /tmp/bfubin/
   3212 		else
   3213 			if [[ $root_is_xpv = yes ||
   3214 			    $root_is_directboot = yes &&
   3215 			    $archive_type = multiboot ]]; then
   3216 				cp $root/$cmd /tmp/bfubin/
   3217 				have_new_bootadm=yes
   3218 			elif [ $archive_type = directboot ] || \
   3219 			    [ $archive_type = xpv ]; then
   3220 				DBOOT_TMPDIR=/tmp/dboot.$$
   3221 				trap "rm -rf $DBOOT_TMPDIR" EXIT
   3222 				OLD_PWD=$(pwd)
   3223 				rm -rf $DBOOT_TMPDIR
   3224 				mkdir $DBOOT_TMPDIR
   3225 				cd $DBOOT_TMPDIR
   3226 				$ZCAT $cpiodir/${archive}$ZFIX | \
   3227 				    cpio -id "$cmd" 2>/dev/null
   3228 				if [ -x $cmd ]; then
   3229 					cp $cmd /tmp/bfubin/
   3230 					have_new_bootadm=yes
   3231 				fi
   3232 				cd $OLD_PWD
   3233 				rm -rf $DBOOT_TMPDIR
   3234 				trap - EXIT
   3235 			fi
   3236 		fi
   3237 
   3238 		#
   3239 		# If all else fails, grab the local version
   3240 		#
   3241 		if [ ! -x /tmp/bfubin/$file ]; then
   3242 			[ -x /$cmd ] && cp /$cmd /tmp/bfubin
   3243 		fi
   3244 	done
   3245 	if [ $archive_type = directboot ] && [ $root_is_directboot = yes ]; then
   3246 		cleanup_eeprom_console
   3247 	fi
   3248 fi
   3249 
   3250 multiboot_cmds="
   3251 	/sbin/biosdev
   3252 	/sbin/installgrub
   3253 "
   3254 copying_mboot_cmds=no
   3255 if [ $multi_or_direct = yes ]; then
   3256 	for cmd in $multiboot_cmds
   3257 	do
   3258 		file=`basename $cmd`
   3259 		if [ -f $cmd ]; then
   3260 			cp $cmd /tmp/bfubin
   3261 		elif [ -n "$DIRECTBOOT_BIN_DIR" ] &&
   3262 		    [ -d $DIRECTBOOT_BIN_DIR ] &&
   3263 		    [ -x $DIRECTBOOT_BIN_DIR/$file ]; then
   3264 			cp $DIRECTBOOT_BIN_DIR/$file /tmp/bfubin/
   3265 		else
   3266 			if [ ! -d $MULTIBOOT_BIN_DIR ]; then
   3267 				echo "$MULTIBOOT_BIN_DIR: not found"
   3268 			elif [ ! -f $MULTIBOOT_BIN_DIR/$file ]; then
   3269 				echo "$MULTIBOOT_BIN_DIR/$file: not found"
   3270 			fi
   3271 			if [ $copying_mboot_cmds = no ]; then
   3272 				echo "installing files from $MULTIBOOT_BIN_DIR"
   3273 				copying_mboot_cmds=yes
   3274 			fi
   3275 			cp $MULTIBOOT_BIN_DIR/$file /tmp/bfubin
   3276 		fi
   3277 
   3278 	done
   3279 fi
   3280 
   3281 #
   3282 # If available, use ldd to determine which libraries bfu depends on.
   3283 # Otherwise, just make an educated guess.
   3284 #
   3285 if [ -x /usr/bin/ldd ]; then
   3286 	bfulib="`ldd /tmp/bfubin/* | nawk '$3 ~ /lib/ { print $3 }' | sort -u`"
   3287 else
   3288 	bfulib="
   3289 		/lib/libc.so.1
   3290 		/lib/libm.so.2
   3291 		/lib/libdoor.so.1
   3292 		/lib/libm.so.2
   3293 		/lib/libmd.so.1
   3294 		/lib/libmd5.so.1
   3295 		/lib/libnvpair.so.1
   3296 		/lib/libscf.so.1
   3297 		/lib/libuutil.so.1
   3298 		/usr/lib/libbsm.so.1
   3299 		/usr/lib/libc2.so
   3300 		/usr/lib/libdl.so.1
   3301 		/usr/lib/libelf.so.1
   3302 		/usr/lib/libkstat.so.1
   3303 		/usr/lib/libmapmalloc.so.1
   3304 		/usr/lib/libmp.so.1
   3305 		/usr/lib/libnsl.so.1
   3306 		/usr/lib/libpam.so.1
   3307 		/usr/lib/libsec.so.1
   3308 		/usr/lib/libsocket.so.1
   3309 		/usr/lib/libtecla.so.1
   3310 	"
   3311 fi
   3312 
   3313 # add dlopen()'ed stuff
   3314 bfulib="
   3315 	$bfulib
   3316 	/lib/ld.so.1
   3317 	/usr/lib/nss_*
   3318 "
   3319 
   3320 # add svccfg dtd rules
   3321 bfulib="
   3322 	$bfulib
   3323 	/usr/share/lib/xml/dtd/service_bundle.dtd.1
   3324 "
   3325 
   3326 BFUSVCCFG="SVCCFG_DTD=/tmp/bfulib/service_bundle.dtd.1 /tmp/bfubin/svccfg"
   3327 
   3328 # add libc_psr.so.1, if available and not empty
   3329 if [ -s /platform/`uname -i`/lib/libc_psr.so.1 ]; then
   3330 	bfulib="
   3331 		$bfulib
   3332 		/platform/`uname -i`/lib/libc_psr.so.1
   3333 	"
   3334 fi
   3335 
   3336 rm -rf /tmp/bfulib /tmp/bl
   3337 mkdir /tmp/bfulib /tmp/bl
   3338 
   3339 #
   3340 # Create 64 bit directory structure and determine 64 bit arch name.
   3341 #
   3342 if [ -h /usr/lib/64 ]
   3343 then
   3344 	link=`ls -dl /usr/lib/64  | awk '{print $NF}'`
   3345 	ln -s $link /tmp/bfulib/64
   3346 	ln -s $link /tmp/bl/64
   3347 	mkdir /tmp/bfulib/$link /tmp/bl/$link
   3348 	bfulib="$bfulib /usr/lib/64/nss_*"
   3349 	#
   3350 	# Copy libraries to proper directories
   3351 	#
   3352 	for lib in $bfulib
   3353 	do
   3354 		case $lib in
   3355 		*/64/* | */$link/*)
   3356 			cp $lib /tmp/bfulib/64;;
   3357 		*)
   3358 			cp $lib /tmp/bfulib;;
   3359 		esac
   3360 	done
   3361 	#
   3362 	# Private 64 bit runtime linker.
   3363 	#
   3364 	cp /lib/64/ld.so.1 /tmp/bfulib/64/bf.1
   3365 	cp /lib/64/ld.so.1 /tmp/bl/64/bf.1
   3366 else
   3367 	cp $bfulib /tmp/bfulib
   3368 fi
   3369 cp /lib/ld.so.1 /tmp/bfulib/bf.1	# bfu's private runtime linker
   3370 cp /lib/ld.so.1 /tmp/bl/bf.1
   3371 
   3372 ${BFULD-$GATE/public/bin/$bfu_isa/bfuld} /tmp/bfubin/* || fail "bfuld failed"
   3373 
   3374 for x in $bfuscr
   3375 do
   3376 	sed -e 's/\/usr\/bin\//\/tmp\/bfubin\//g' \
   3377 	    -e 's/\/bin\//\/tmp\/bfubin\//g' < $x > /tmp/bfubin/`basename $x`
   3378 	chmod +x /tmp/bfubin/`basename $x`
   3379 done
   3380 
   3381 #
   3382 # scripts used together with multiboot
   3383 #
   3384 multiboot_scr="
   3385 	/boot/solaris/bin/create_ramdisk
   3386 	/boot/solaris/bin/create_diskmap
   3387 	/boot/solaris/bin/root_archive
   3388 "
   3389 
   3390 if [ $multi_or_direct = yes ]; then
   3391 	for cmd in $multiboot_scr
   3392 	do
   3393 		file=`basename $cmd`
   3394 		if [ -f $cmd ]; then
   3395 			cp $cmd /tmp/bfubin
   3396 		else
   3397 			if [ ! -d $MULTIBOOT_BIN_DIR ]; then
   3398 				echo "$MULTIBOOT_BIN_DIR: not found"
   3399 				fail ""
   3400 			fi
   3401 
   3402 			if [ ! -f $MULTIBOOT_BIN_DIR/$file ]; then
   3403 				echo "$MULTIBOOT_BIN_DIR/$file: not found"
   3404 				fail ""
   3405 			fi
   3406 			echo "copying $file from $MULTIBOOT_BIN_DIR"
   3407 			cp $MULTIBOOT_BIN_DIR/$file /tmp/bfubin
   3408 		fi
   3409 
   3410 		#
   3411 		# We do two substitutions here to replace references to
   3412 		# both /usr/bin/ and /bin/ with /tmp/bfubin/
   3413 		#
   3414 		mv /tmp/bfubin/${file} /tmp/bfubin/${file}-
   3415 		sed -e 's/\/usr\/bin\//\/tmp\/bfubin\//g' \
   3416 		    -e 's/\/bin\//\/tmp\/bfubin\//g' \
   3417 		    < /tmp/bfubin/${file}- > /tmp/bfubin/${file}
   3418 		chmod +x /tmp/bfubin/${file}
   3419 	done
   3420 fi
   3421 
   3422 #
   3423 # For directboot archives, /boot/platform/i86pc/kernel/unix will be
   3424 # overwritten, which could cause a mis-match with the failsafe
   3425 # miniroot.  Extract unix from the miniroot and save it off for now.
   3426 #
   3427 if [ $archive_type = directboot ] && [ $diskless = no ]; then
   3428 	if gunzip -c "$root/boot/x86.miniroot-safe" \
   3429 	    >/tmp/bfubin/miniroot-unzipped; then
   3430 		lofifile=/tmp/bfubin/miniroot-unzipped
   3431 	else
   3432 		# Shouldn't happen?  See if someone already unzipped it.
   3433 		lofifile="$root/boot/x86.miniroot-safe"
   3434 	fi
   3435 	lofidev=`lofiadm -a $lofifile 2>/dev/null`
   3436 	if [ -n "$lofidev" ]; then
   3437 		mkdir /tmp/bfubin/mnt
   3438 		mount -r $lofidev /tmp/bfubin/mnt
   3439 
   3440 		unix=/tmp/bfubin/mnt/boot/platform/i86pc/kernel/unix
   3441 		if [ -f $unix ]; then
   3442 			cp $unix /tmp/bfubin/unix
   3443 			failsafe_type=directboot
   3444 		elif [ -f /tmp/bfubin/mnt/platform/i86pc/multiboot ]
   3445 		then
   3446 			failsafe_type=multiboot
   3447 		fi
   3448 
   3449 		umount /tmp/bfubin/mnt
   3450 		rmdir /tmp/bfubin/mnt
   3451 		lofiadm -d $lofidev
   3452 	fi
   3453 	rm -f /tmp/bfubin/miniroot-unzipped
   3454 fi
   3455 
   3456 revert_aggregation_conf()
   3457 {
   3458 	aggrconf=$rootprefix/etc/aggregation.conf
   3459 	nawk '
   3460 		/^[ \t]*#/ || /^[ \t]*$/ || $4 ~ "/0" {
   3461 			print;
   3462 			next;
   3463 		}
   3464 
   3465 		{
   3466 			OFS="\t";
   3467 			gsub(/[^,]*/, "&/0", $4);
   3468 			print;
   3469 		}' $aggrconf > $aggrconf.bfutmp
   3470 	mv -f $aggrconf.bfutmp $aggrconf
   3471 }
   3472 
   3473 remove_initd_links()
   3474 {
   3475 	# If we're delivering a new version of an existing /etc/init.d script,
   3476 	# remove all hard links to the existing file in /etc/rc?.d whose
   3477 	# names begin with [SK][0-9][0-9].  Additionally, in case an S or K
   3478 	# file was previously delivered as a symbolic link or the hard link
   3479 	# was broken, remove any file in /etc/rc?.d whose name is
   3480 	# [SK][0-9][0-9] followed by the basename of the file we're going
   3481 	# to update in /etc/init.d.
   3482 
   3483 	print "Removing init.d links ... \c"
   3484 	scripts=`$ZCAT $cpiodir/generic.root$ZFIX |
   3485 		cpio -it 2>/dev/null | grep '^etc/init\.d/'`
   3486 	if [ -n "$scripts" ]; then
   3487 		inodes=`ls -li $scripts 2>/dev/null | \
   3488 			nawk '{ print "-inum " $1 " -o " }'`
   3489 		names=`ls -1 $scripts 2>/dev/null | \
   3490 			nawk -F/ '{ print "-name [SK][0-9][0-9]" $NF }'`
   3491 		find etc/rc?.d \( $inodes $names \) -print | xargs rm -f
   3492 	fi
   3493 	print "done."
   3494 }
   3495 
   3496 #
   3497 # Remove Wildcat (aka Sun Fire Link)
   3498 #
   3499 remove_eof_wildcat()
   3500 {
   3501 	# Packages to remove
   3502 	typeset -r wildcat_pkgs='SUNWwrsa SUNWwrsd SUNWwrsu SUNWwrsm'
   3503 	typeset pkg
   3504 
   3505 	#
   3506 	# First, attempt to remove the packages cleanly if possible.
   3507 	# Use a custom "admin" file to specify that removal scripts
   3508 	# in the packages being removed should be run even if they
   3509 	# will run as root.
   3510 	#
   3511 	typeset -r admfile='/tmp/wcat_eof.$$'
   3512 	echo "action=nocheck" > $admfile
   3513 
   3514 	printf 'Removing Wildcat packages...'
   3515 	for pkg in $wildcat_pkgs
   3516 	do
   3517 		if pkginfo $pkgroot -q $pkg; then
   3518 			printf ' %s' $pkg
   3519 			pkgrm $pkgroot -n -a $admfile $pkg >/dev/null 2>&1
   3520 		fi
   3521 	done
   3522 	printf '\n'
   3523 
   3524 	#
   3525 	# In case that didn't work, do it manually.
   3526 	#
   3527 	printf 'Removing Wildcat from %s/var/sadm/install/contents...' \
   3528 	    $rootprefix
   3529 	for pkg in $wildcat_pkgs
   3530 	do
   3531 		printf ' %s' $pkg
   3532 		if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then
   3533 			rm -rf $rootprefix/var/sadm/pkg/$pkg
   3534 			grep -vw $pkg $rootprefix/var/sadm/install/contents > \
   3535 			    /tmp/contents.$$
   3536 			cp /tmp/contents.$$ \
   3537 			    $rootprefix/var/sadm/install/contents
   3538 			rm /tmp/contents.$$
   3539 		fi
   3540 	done
   3541 	printf '\n'
   3542 
   3543 	#
   3544 	# Cleanup any remaining Wildcat files, symlinks, and directories.
   3545 	#
   3546 	rm -f $usr/platform/sun4u/include/sys/wci_common.h
   3547 	rm -f $usr/platform/sun4u/include/sys/wci_regs.h
   3548 	rm -f $usr/platform/sun4u/include/sys/wci_offsets.h
   3549 	rm -f $usr/platform/sun4u/include/sys/wci_cmmu.h
   3550 	rm -f $usr/platform/sun4u/include/sys/wrsm.h
   3551 	rm -f $usr/platform/sun4u/include/sys/wrsm_common.h
   3552 	rm -f $usr/platform/sun4u/include/sys/wrsm_config.h
   3553 	rm -f $usr/platform/sun4u/include/sys/wrsm_types.h
   3554 	rm -f $usr/platform/sun4u/include/sys/wrsm_plat.h
   3555 	rm -f $usr/platform/sun4u/include/sys/wrsm_plugin.h
   3556 	rm -f $usr/platform/sun4u/include/sys/wrsmconf.h
   3557 
   3558 	rm -f $usr/platform/sun4u/lib/mdb/kvm/sparcv9/wrsm.so
   3559 	rm -f $usr/platform/sun4u/lib/mdb/kvm/sparcv9/wrsmd.so
   3560 
   3561 	rm -f $rootprefix/platform/SUNW,Sun-Fire-15000/kernel/misc/sparcv9/gptwo_wci
   3562 
   3563 	rm -f $rootprefix/platform/sun4u/kernel/kmdb/sparcv9/wrsm
   3564 	rm -f $rootprefix/platform/sun4u/kernel/kmdb/sparcv9/wrsmd
   3565 
   3566 	rm -f $admfile
   3567 }
   3568 
   3569 #
   3570 # Remove ASET
   3571 #
   3572 remove_eof_aset()
   3573 {
   3574 	# Packages to remove
   3575 	typeset -r aset_pkgs='SUNWast'
   3576 	typeset pkg
   3577 
   3578 	printf 'Removing ASET... '
   3579 
   3580 	#
   3581 	# First, attempt to remove the packages cleanly if possible.
   3582 	#
   3583 	for pkg in $aset_pkgs
   3584 	do
   3585 		if pkginfo $pkgroot -q $pkg; then
   3586 			printf ' %s' $pkg
   3587 			pkgrm $pkgroot -n $pkg >/dev/null 2>&1
   3588 		fi
   3589 	done
   3590 	printf '\n'
   3591 
   3592 	#
   3593 	# In case that didn't work, do it manually.
   3594 	# Remove ASET from $rootprefix/var/sadm/install/contents
   3595 	#
   3596 	for pkg in $aset_pkgs
   3597 	do
   3598 		if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then
   3599 			rm -rf $rootprefix/var/sadm/pkg/$pkg
   3600 			grep -vw $pkg $rootprefix/var/sadm/install/contents > \
   3601 			    /tmp/contents.$$
   3602 			cp /tmp/contents.$$ $rootprefix/var/sadm/install/contents.$$
   3603 			rm /tmp/contents.$$
   3604 		fi
   3605 	done
   3606 
   3607 	#
   3608 	# Cleanup any remaining ASET files, symlinks, and directories.
   3609 	#
   3610 	rm -rf $usr/aset
   3611 }
   3612 
   3613 #
   3614 # Remove BIND 8 named server/tools packages
   3615 #
   3616 remove_eof_bind8()
   3617 {
   3618 	# Packages to remove
   3619 	typeset -r bind8_pkg='SUNWinamd'
   3620 	typeset pkg
   3621 
   3622 	printf 'Removing BIND 8 named server/tools... '
   3623 
   3624 	#
   3625 	# We cann't pkgrm SUNWinamd at this time as the BIND 9 binaries are
   3626 	# already in /usr/sbin.
   3627 	# Remove BIND 8 packages from $rootprefix/var/sadm/install/contents
   3628 	#
   3629 	for pkg in $bind8_pkgs
   3630 	do
   3631 		if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then
   3632 			rm -rf $rootprefix/var/sadm/pkg/$pkg
   3633 			grep -vw $pkg $rootprefix/var/sadm/install/contents > \
   3634 			    /tmp/contents.$$
   3635 			cp /tmp/contents.$$ /var/sadm/install/contents.$$
   3636 			rm /tmp/contents.$$
   3637 		fi
   3638 	done
   3639 
   3640 	#
   3641 	# Cleanup any BIND 8 specific files, symlinks.
   3642 	#
   3643 
   3644 	# files and symlinks.
   3645 	rm -f $usr/sbin/named-xfer
   3646 	rm -f $usr/lib/nslookup.help
   3647 	rm -f $usr/sbin/dnskeygen
   3648 	rm -f $usr/sbin/named-bootconf
   3649 	rm -f $usr/sbin/nstest
   3650 	rm -rf $rootprefix/var/run/ndc.d
   3651 	printf 'done.\n'
   3652 }
   3653 
   3654 #
   3655 # Remove the 5.6.1 version of perl.
   3656 #
   3657 remove_perl_561()
   3658 {
   3659 
   3660         #
   3661         # Packages to remove.
   3662         #
   3663         typeset -r perl_pkgs='SUNWpl5m SUNWpl5p SUNWpl5u SUNWpl5v'
   3664 
   3665         #
   3666         # First, attempt to remove the packages cleanly if possible.
   3667         #
   3668         typeset pkg
   3669         printf 'Removing perl 5.6.1 packages'
   3670         for pkg in $perl_pkgs
   3671         do
   3672                 if pkginfo $pkgroot -q $pkg; then
   3673                         printf ' %s' $pkg
   3674                         pkgrm $pkgroot -n $pkg >/dev/null 2>&1
   3675                 fi
   3676         done
   3677         printf '\n'
   3678 
   3679         #
   3680         # In case that didn't work, do it manually.
   3681         #
   3682         printf 'Removing perl 5.6.1 from %s/var/sadm/install/contents' \
   3683             $rootprefix
   3684         for pkg in $PKGS
   3685         do
   3686                 printf ' %s' $pkg
   3687                 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then
   3688                         rm -rf $rootprefix/var/sadm/pkg/$pkg
   3689                         grep -vw $pkg $rootprefix/var/sadm/install/contents > \
   3690                             /tmp/contents.$$
   3691                         cp /tmp/contents.$$ /var/sadm/install/contents.$$
   3692                         rm /tmp/contents.$$
   3693                 fi
   3694         done
   3695         printf '\n'
   3696 
   3697         #
   3698         # Remove any remaining 5.6.1 files,
   3699         #
   3700         printf 'Removing perl 5.6.1 from %s/perl5\n' $usr
   3701 
   3702         # Directories.
   3703         rm -rf $usr/perl5/5.6.1
   3704         rm -rf $usr/perl5/site_perl/5.6.1
   3705         rm -rf $usr/perl5/vendor_perl/5.6.1
   3706 }
   3707 #
   3708 # Remove FNS/XFN packages
   3709 #
   3710 remove_eof_fns()
   3711 {
   3712 	# Packages to remove
   3713 	typeset -r fns_pkgs='SUNWfnx5x SUNWfnsx5 SUNWfnsx SUNWfns'
   3714 	typeset pkg
   3715 
   3716 	printf 'Removing FNS/XFN ... '
   3717 
   3718 	#
   3719 	# First, attempt to remove the packages cleanly if possible.
   3720 	#
   3721 	for pkg in $fns_pkgs
   3722 	do
   3723 		if pkginfo $pkgroot -q $pkg; then
   3724 			printf ' %s' $pkg
   3725 			pkgrm $pkgroot -n $pkg >/dev/null 2>&1
   3726 		fi
   3727 	done
   3728 	printf '\n'
   3729 
   3730 	#
   3731 	# In case that didn't work, do it manually.
   3732 	# Remove FNS/XFN from $rootprefix/var/sadm/install/contents
   3733 	#
   3734 	for pkg in $fns_pkgs
   3735 	do
   3736 		if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then
   3737 			rm -rf $rootprefix/var/sadm/pkg/$pkg
   3738 			grep -vw $pkg $rootprefix/var/sadm/install/contents > \
   3739 			    /tmp/contents.$$
   3740 			cp /tmp/contents.$$ $rootprefix/var/sadm/install/contents.$$
   3741 			rm /tmp/contents.$$
   3742 		fi
   3743 	done
   3744 
   3745 	#
   3746 	# Cleanup if any remaining FNS/XFN files, symlinks, and directories.
   3747 	#
   3748 
   3749 	# directories.
   3750 	rm -rf $rootprefix/etc/fn
   3751 	rm -rf $usr/include/xfn
   3752 	rm -rf $usr/lib/fn
   3753 	rm -rf $rootprefix/var/fn
   3754 
   3755 	# files and symlinks.
   3756 	rm -f $rootprefix/etc/fn.conf
   3757 	rm -f $usr/bin/fnattr
   3758 	rm -f $usr/bin/fnbind
   3759 	rm -f $usr/bin/fncreate_printer
   3760 	rm -f $usr/bin/fnlist
   3761 	rm -f $usr/bin/fnlookup
   3762 	rm -f $usr/bin/fnrename
   3763 	rm -f $usr/bin/fnsearch
   3764 	rm -f $usr/bin/fnunbind
   3765 	rm -f $usr/sbin/fncheck
   3766 	rm -f $usr/sbin/fncopy
   3767 	rm -f $usr/sbin/fncreate
   3768 	rm -f $usr/sbin/fncreate_fs
   3769 	rm -f $usr/sbin/fndestroy
   3770 	rm -f $usr/sbin/fnselect
   3771 	rm -f $usr/sbin/fnsypd
   3772 	rm -f $usr/lib/libfn_p.so
   3773 	rm -f $usr/lib/libfn_p.so.1
   3774 	rm -f $usr/lib/libfn_spf.so
   3775 	rm -f $usr/lib/libfn_spf.so.1
   3776 	rm -f $usr/lib/libxfn.so
   3777 	rm -f $usr/lib/libxfn.so.1
   3778 	rm -f $usr/lib/libxfn.so.2
   3779 	rm -f $usr/lib/sparcv9/libfn_p.so
   3780 	rm -f $usr/lib/sparcv9/libfn_p.so.1
   3781 	rm -f $usr/lib/sparcv9/libfn_spf.so
   3782 	rm -f $usr/lib/sparcv9/libfn_spf.so.1
   3783 	rm -f $usr/lib/sparcv9/libxfn.so
   3784 	rm -f $usr/lib/sparcv9/libxfn.so.1
   3785 	rm -f $usr/lib/sparcv9/libxfn.so.2
   3786 }
   3787 
   3788 remove_eof_face() {
   3789 	# Packages to remove
   3790 	typeset -r face_pkgs='SUNWfac'
   3791 	typeset pkg
   3792 
   3793 	printf 'Removing AT&T FACE... '
   3794 
   3795 	#
   3796 	# First, attempt to remove the packages cleanly if possible.
   3797 	#
   3798 	for pkg in $face_pkgs
   3799 	do
   3800 		if pkginfo $pkgroot -q $pkg; then
   3801 			printf ' %s' $pkg
   3802 			pkgrm $pkgroot -n $pkg >/dev/null 2>&1
   3803 		fi
   3804 	done
   3805 	printf '\n'
   3806 
   3807 	#
   3808 	# In case that didn't work, do it manually.
   3809 	# Remove FACE from $rootprefix/var/sadm/install/contents
   3810 	#
   3811 	for pkg in $face_pkgs
   3812 	do
   3813 		if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then
   3814 			rm -rf $rootprefix/var/sadm/pkg/$pkg
   3815 			grep -vw $pkg $rootprefix/var/sadm/install/contents > \
   3816 			    /tmp/contents.$$
   3817 			cp /tmp/contents.$$ $rootprefix/var/sadm/install/contents.$$
   3818 			rm /tmp/contents.$$
   3819 		fi
   3820 	done
   3821 
   3822 	#
   3823 	# Cleanup any remaining FACE files, symlinks, and directories.
   3824 	#
   3825 	rm -rf $usr/oasys
   3826 	rm -rf $usr/vmsys
   3827 }
   3828 
   3829 remove_eof_dmi() {
   3830 	# Packages to remove
   3831 	typeset -r dmi_pkgs='SUNWsadmi'
   3832 	typeset pkg
   3833 
   3834 	printf 'Removing DMI... '
   3835 
   3836 	#
   3837 	# First, attempt to remove the packages cleanly if possible.
   3838 	#
   3839 	for pkg in $dmi_pkgs
   3840 	do
   3841 		if pkginfo $pkgroot -q $pkg; then
   3842 			printf ' %s' $pkg
   3843 			pkgrm $pkgroot -n $pkg >/dev/null 2>&1
   3844 		fi
   3845 	done
   3846 	printf '\n'
   3847 
   3848 	#
   3849 	# In case that didn't work, do it manually.
   3850 	# Remove DMI from $rootprefix/var/sadm/install/contents
   3851 	#
   3852 	for pkg in $dmi_pkgs
   3853 	do
   3854 		if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then
   3855 			rm -rf $rootprefix/var/sadm/pkg/$pkg
   3856 			grep -vw $pkg $rootprefix/var/sadm/install/contents > \
   3857 			    /tmp/contents.$$
   3858 			cp /tmp/contents.$$ $rootprefix/var/sadm/install/contents.$$
   3859 			rm /tmp/contents.$$
   3860 		fi
   3861 	done
   3862 
   3863 	#
   3864 	# Cleanup any remaining DMI files, symlinks, and directories.
   3865 	#
   3866 	rm -rf $usr/lib/dmi
   3867 	rm -rf $rootprefix/var/dmi
   3868 	rm -rf $rootprefix/etc/dmi
   3869 	rm -f $usr/lib/libdmi.so
   3870 	rm -f $usr/lib/libdmici.so
   3871 	rm -f $usr/lib/libdmimi.so
   3872 	rm -f $usr/lib/libdmi.so.1
   3873 	rm -f $usr/lib/libdmici.so.1
   3874 	rm -f $usr/lib/libdmimi.so.1
   3875 	rm -f $usr/lib/sparcv9/libdmi.so
   3876 	rm -f $usr/lib/sparcv9/libdmici.so
   3877 	rm -f $usr/lib/sparcv9/libdmimi.so
   3878 	rm -f $usr/lib/sparcv9/libdmi.so.1
   3879 	rm -f $usr/lib/sparcv9/libdmici.so.1
   3880 	rm -f $usr/lib/sparcv9/libdmimi.so.1
   3881 	rm -f $usr/lib/amd64/libdmi.so
   3882 	rm -f $usr/lib/amd64/libdmici.so
   3883 	rm -f $usr/lib/amd64/libdmimi.so
   3884 	rm -f $usr/lib/amd64/libdmi.so.1
   3885 	rm -f $usr/lib/amd64/libdmici.so.1
   3886 	rm -f $usr/lib/amd64/libdmimi.so.1
   3887 	rm -f $usr/sbin/dmi_cmd
   3888 	rm -f $usr/sbin/dmiget
   3889 	rm -f $rootprefix/etc/init.d/init.dmi
   3890 	rm -f $rootprefix/etc/rc0.d/K07dmi
   3891 	rm -f $rootprefix/etc/rc1.d/K07dmi
   3892 	rm -f $rootprefix/etc/rc2.d/K07dmi
   3893 	rm -f $rootprefix/etc/rcS.d/K07dmi
   3894 	rm -f $rootprefix/etc/rc3.d/S77dmi
   3895 }
   3896 
   3897 #
   3898 # Remove vold
   3899 #
   3900 remove_eof_vold()
   3901 {
   3902 	printf 'Removing vold... '
   3903 
   3904 	rm -rf $usr/lib/vold
   3905 	rm -rf $usr/lib/rmmount
   3906 	rm -f $usr/lib/fs/hsfs/ident_hsfs.so.1
   3907 	rm -f $usr/lib/fs/pcfs/ident_pcfs.so.1
   3908 	rm -f $usr/lib/fs/udfs/ident_udfs.so.1
   3909 	rm -f $usr/lib/fs/ufs/ident_ufs.so.1
   3910 	rm -f $usr/sbin/vold
   3911 	rm -f $usr/kernel/drv/vol
   3912 	rm -f $usr/kernel/drv/amd64/vol
   3913 	rm -f $usr/kernel/drv/sparcv9/vol
   3914 	rm -f $usr/include/rmmount.h
   3915 	rm -f $usr/include/vol.h
   3916 	rm -f $rootprefix/etc/vold.conf
   3917 	rm -f $rootprefix/etc/rmmount.conf
   3918 
   3919 	printf '\n'
   3920 }
   3921 
   3922 #
   3923 # Remove the obsolete Mobile IP packages
   3924 #
   3925 remove_eof_mobileip() {
   3926 	typeset -r mip_pkgs='SUNWmipr SUNWmipu'
   3927 	typeset pkg
   3928 
   3929 	printf 'Removing Mobile IP... '
   3930 
   3931 	for pkg in $mip_pkgs
   3932 	do
   3933 		if pkginfo $pkgroot -q $pkg; then
   3934 			printf ' %s' $pkg
   3935 			pkgrm $pkgroot -n $pkg >/dev/null 2>&1
   3936 		fi
   3937 	done
   3938 
   3939 	# In case that did not work, do it manually.
   3940 	if [[ -d $rootprefix/var/sadm/pkg/SUNWmipr ]]; then
   3941 		rm -f "$rootprefix/etc/inet/mipagent.conf-sample"
   3942 		rm -f "$rootprefix/etc/inet/mipagent.conf.fa-sample"
   3943 		rm -f "$rootprefix/etc/inet/mipagent.conf.ha-sample"
   3944 		rm -f "$rootprefix/etc/init.d/mipagent"
   3945 		rm -f "$rootprefix/etc/rc0.d/K06mipagent"
   3946 		rm -f "$rootprefix/etc/rc1.d/K06mipagent"
   3947 		rm -f "$rootprefix/etc/rc2.d/K06mipagent"
   3948 		rm -f "$rootprefix/etc/rc3.d/S80mipagent"
   3949 		rm -f "$rootprefix/etc/rcS.d/K06mipagent"
   3950 		rm -f "$rootprefix/etc/snmp/conf/mipagent.acl"
   3951 		rm -f "$rootprefix/etc/snmp/conf/mipagent.reg"
   3952 	fi
   3953 	if [[ -d $rootprefix/var/sadm/pkg/SUNWmipu ]]; then
   3954 		rm -f "$rootprefix/usr/lib/inet/mipagent"
   3955 		rm -f "$rootprefix/usr/sbin/mipagentconfig"
   3956 		rm -f "$rootprefix/usr/sbin/mipagentstat"
   3957 	fi
   3958 	printf '\n'
   3959 }
   3960 
   3961 #
   3962 # Remove EOF Smartcard framework
   3963 #
   3964 remove_eof_smartcard()
   3965 {
   3966 	# Packages to remove
   3967 	typeset -r smartcard_pkg='SUNWjcom SUNWkib SUNWocf SUNWocfd SUNWocfh
   3968 SUNWocfr SUNWpamsc SUNWscmhdlr'
   3969 	typeset pkg
   3970 
   3971 	printf 'Removing EOF Smartcard... '
   3972 
   3973 	for pkg in $smartcard_pkgs
   3974 	do
   3975 		if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then
   3976 			rm -rf $rootprefix/var/sadm/pkg/$pkg
   3977 			grep -vw $pkg $rootprefix/var/sadm/install/contents > \
   3978 			    /tmp/contents.$$
   3979 			cp /tmp/contents.$$ /var/sadm/install/contents.$$
   3980 			rm /tmp/contents.$$
   3981 		fi
   3982 	done
   3983 
   3984 	#
   3985 	# Remove smartcard headers, libraries,  Old readers and the 
   3986 	# parts delivered from other consolidations
   3987 	# that no longer work with the ON parts removed.
   3988 	#
   3989 	rm -rf  $usr/lib/smartcard \
   3990 		$usr/share/lib/smartcard \
   3991 		$usr/include/smartcard.h \
   3992 		$usr/include/smartcard \
   3993 		$root/etc/smartcard \
   3994 		$root/platform/sun4u/kernel/drv/sparcv9/scmi2c
   3995 
   3996 	printf 'done.\n'
   3997 }
   3998 
   3999 remove_properties() {
   4000 
   4001 	#
   4002 	# Remove obsolete smartii setprop from bootenv.rc
   4003 	#
   4004 	srcbootenvrc=$root/boot/solaris/bootenv.rc
   4005 	tmpbootenvrc=/tmp/tmp.bootenvrc.$$
   4006 
   4007 	# Don't touch bootenv.rc unless it contains obsolete property
   4008 	egrep -s 'target-driver-for-smartii' $srcbootenvrc 2>/dev/null
   4009 	res=$?
   4010 	if [ -f $srcbootenvrc -a $res -eq 0 ]; then
   4011 		egrep -v "target-driver-for-smartii"\
   4012 			$srcbootenvrc > $tmpbootenvrc 2>/dev/null
   4013 		cp $tmpbootenvrc $srcbootenvrc
   4014 	fi
   4015 	rm -f $tmpbootenvrc
   4016 }
   4017 
   4018 rbac_cleanup()
   4019 {
   4020 # This is a copy of the RBAC portions of the SUNWcsr postinstall
   4021 # We need to ensure that the RBAC profiles are self-consistent
   4022 # as refinements are made that add granularity to the profiles
   4023 
   4024 	print "Cleaning up old RBAC profiles... \c"
   4025 	auth_attr=$rootprefix/etc/security/auth_attr
   4026 	exec_attr=$rootprefix/etc/security/exec_attr
   4027 
   4028 	if [ -f $auth_attr ]; then
   4029 		sed '/^solaris\.\*/d' $auth_attr > /tmp/a.$$
   4030 		cp /tmp/a.$$ $auth_attr
   4031 		rm -f /tmp/a.$$
   4032 	fi
   4033 
   4034 	if [ -f $exec_attr ]; then
   4035 		sed -e '/^Network Security.*sbin\/ipsec.*/ D' \
   4036 		-e '/^Network Security.*sbin\/ike.*/ D' \
   4037 		-e '/^Network Security.*inet\/in\.iked.*/ D' \
   4038 		-e '/^Network Security.*inet\/cert.*/ D' $exec_attr > /tmp/e.$$
   4039 		cp /tmp/e.$$ $exec_attr
   4040 		rm -f /tmp/e.$$
   4041 	fi
   4042 	print "\n"
   4043 }
   4044 
   4045 crypto_cleanup()
   4046 {
   4047 	# This function will remove no longer needed cryptography
   4048 	# related packages.
   4049 
   4050 	print "SUNWcry, SUNWcryr, SUNWn2cpact.v removal cleanup...\n"
   4051 
   4052 	# This clean up of ipsecalgs is not directly related to the EOF
   4053 	# of SUNWcry and SUWNcryr, but due to mistakes in this file seen
   4054 	# in earlier builds. The following lines will have no effect on
   4055 	# most machines.
   4056 
   4057 	ipsecalgs=$rootprefix/etc/inet/ipsecalgs
   4058 
   4059 	cp $ipsecalgs ${ipsecalgs}.tmp
   4060 
   4061 	sed -e 's/_CBC|128\/32-128,8/_CBC|128\/32-448,8/' \
   4062 	    -e 's/AES_CBC|128|/AES_CBC|128\/128-256,64|/' \
   4063 	    $ipsecalgs > ${ipsecalgs}.tmp
   4064 
   4065 	mv -f ${ipsecalgs}.tmp $ipsecalgs
   4066 
   4067 	# Packages to remove.
   4068 	typeset -r crypt_pkgs='SUNWcry SUNWcryr SUNWn2cpact.v'
   4069 	typeset pkg
   4070 
   4071 	#
   4072 	# First, attempt to remove the packages cleanly if possible.
   4073 	# Use a custom "admin" file to specify that removal scripts
   4074 	# in the packages being removed should be run even if they
   4075 	# will run as root.
   4076 
   4077 	typeset -r admfile='/tmp/crypt_eof.$$'
   4078 	cat > $admfile <<- EOF
   4079 	mail=
   4080 	instance=overwrite
   4081 	partial=nocheck
   4082 	runlevel=nocheck
   4083 	idepend=nocheck
   4084 	rdepend=nocheck
   4085 	space=nocheck
   4086 	setuid=nocheck
   4087 	conflict=nocheck
   4088 	action=nocheck
   4089 	basedir=default
   4090 	EOF
   4091 
   4092 	printf '    Removing packages...'
   4093 	for pkg in $crypt_pkgs
   4094 	do
   4095 		if pkginfo $pkgroot -q $pkg; then
   4096 			printf ' %s' $pkg
   4097 			pkgrm $pkgroot -n -a $admfile $pkg >/dev/null 2>&1
   4098 		fi
   4099 	done
   4100 	printf '\n'
   4101 
   4102 	# SUNWcry/SUNWcryr contents go away, if pkgrm didn't take
   4103 	# care of them.
   4104 	# The userland modules, kernel modules and OpenSSL filter libs
   4105 	rm -f $rootprefix/usr/lib/security/pkcs11_softtoken_extra.so.1
   4106 	rm -f $rootprefix/usr/lib/security/pkcs11_softtoken_extra.so
   4107 	rm -f $rootprefix/usr/lib/security/sparcv9/pkcs11_softtoken_extra.so.1
   4108 	rm -f $rootprefix/usr/lib/security/sparcv9/pkcs11_softtoken_extra.so
   4109 	rm -f $rootprefix/usr/lib/security/amd64/pkcs11_softtoken_extra.so.1
   4110 	rm -f $rootprefix/usr/lib/security/amd64/pkcs11_softtoken_extra.so
   4111 
   4112 	rm -f $rootprefix/kernel/crypto/aes256
   4113 	rm -f $rootprefix/kernel/crypto/sparcv9/aes256
   4114 	rm -f $rootprefix/kernel/crypto/amd64/aes256
   4115 	rm -f $rootprefix/platform/SUNW,A70/kernel/crypto/sparcv9/aes256
   4116 	rm -f $rootprefix/platform/SUNW,Netra-CP3010/kernel/crypto/sparcv9/aes256
   4117 	rm -f $rootprefix/platform/SUNW,Netra-T12/kernel/crypto/sparcv9/aes256
   4118 	rm -f $rootprefix/platform/SUNW,Netra-T4/kernel/crypto/sparcv9/aes256
   4119 	rm -f $rootprefix/platform/SUNW,SPARC-Enterprise/kernel/crypto/sparcv9/aes256
   4120 	rm -f $rootprefix/platform/SUNW,Sun-Blade-1000/kernel/crypto/sparcv9/aes256
   4121 	rm -f $rootprefix/platform/SUNW,Sun-Blade-1500/kernel/crypto/sparcv9/aes256
   4122 	rm -f $rootprefix/platform/SUNW,Sun-Blade-2500/kernel/crypto/sparcv9/aes256
   4123 	rm -f $rootprefix/platform/SUNW,Sun-Fire-15000/kernel/crypto/sparcv9/aes256
   4124 	rm -f $rootprefix/platform/SUNW,Sun-Fire-280R/kernel/crypto/sparcv9/aes256
   4125 	rm -f $rootprefix/platform/SUNW,Sun-Fire-480R/kernel/crypto/sparcv9/aes256
   4126 	rm -f $rootprefix/platform/SUNW,Sun-Fire-880/kernel/crypto/sparcv9/aes256
   4127 	rm -f $rootprefix/platform/SUNW,Sun-Fire-V215/kernel/crypto/sparcv9/aes256
   4128 	rm -f $rootprefix/platform/SUNW,Sun-Fire-V240/kernel/crypto/sparcv9/aes256
   4129 	rm -f $rootprefix/platform/SUNW,Sun-Fire-V250/kernel/crypto/sparcv9/aes256
   4130 	rm -f $rootprefix/platform/SUNW,Sun-Fire-V440/kernel/crypto/sparcv9/aes256
   4131 	rm -f $rootprefix/platform/SUNW,Sun-Fire-V445/kernel/crypto/sparcv9/aes256
   4132 	rm -f $rootprefix/platform/SUNW,Sun-Fire/kernel/crypto/sparcv9/aes256
   4133 	rm -f $rootprefix/platform/sun4u-us3/kernel/crypto/sparcv9/aes256
   4134 	rm -f $rootprefix/kernel/crypto/arcfour2048
   4135 	rm -f $rootprefix/kernel/crypto/sparcv9/arcfour2048
   4136 	rm -f $rootprefix/kernel/crypto/amd64/arcfour2048
   4137 	rm -f $rootprefix/platform/sun4u/kernel/crypto/sparcv9/arcfour2048
   4138 	rm -f $rootprefix/kernel/crypto/blowfish448
   4139 	rm -f $rootprefix/kernel/crypto/sparcv9/blowfish448
   4140 	rm -f $rootprefix/kernel/crypto/amd64/blowfish448
   4141 	rm -f $rootprefix/usr/sfw/lib/libssl_extra.so.0.9.8
   4142 	rm -f $rootprefix/usr/sfw/lib/libcrypto_extra.so.0.9.8
   4143 
   4144 	# SUNWn2cpact.v contents go away, if pkgrm didn't take
   4145 	# care of them
   4146 	rm -f $rootprefix/platform/sun4v/kernel/drv/sparcv9/n2cp.esa
   4147 
   4148 	print "\n"
   4149 }
   4150 
   4151 #
   4152 # Remove old fips-140 entry from kcf.conf if it is found
   4153 #
   4154 cleanup_kcf_fips140()
   4155 {
   4156 
   4157 	kcfconf=$rootprefix/etc/crypto/kcf.conf
   4158 	kcfconftmp=/tmp/kcfconf.tmp.$$
   4159 
   4160 	if grep '^fips-140:' $kcfconf >/dev/null ; then
   4161 		grep -v '^fips-140:' $kcfconf > $kcfconftmp
   4162 		print "Removing obsolete fips-140 entry from kcf.conf"
   4163 		cp $kcfconftmp $kcfconf
   4164 		rm -f $kcfconftmp
   4165 	fi 
   4166 }
   4167 
   4168 #
   4169 # Add metaslot configuration to pkcs11.conf if it doesn't already exist
   4170 #
   4171 enable_crypto_metaslot()
   4172 {
   4173 	pkcs11conf=$rootprefix/etc/crypto/pkcs11.conf
   4174 	egrep '^metaslot' ${pkcs11conf} > /dev/null 2>& 1
   4175 	if [ $? != 0 ] ; then
   4176 		print "Adding cryptographic framework's meta slot feature"
   4177 		cp $pkcs11conf ${pkcs11conf}.tmp
   4178 		export metaslot_config=\
   4179 "metaslot:metaslot_status=enabled;metaslot_auto_key_migrate=enabled;"\
   4180 "metaslot_token=Sun Software PKCS#11 softtoken;"\
   4181 "metaslot_slot=Sun Crypto Softtoken"
   4182 		nawk '/^# End SUNWcsr/ \
   4183 			{ print ENVIRON["metaslot_config"] } \
   4184 			{ print } \
   4185 		' ${pkcs11conf}	> ${pkcs11conf}.tmp
   4186 		mv -f ${pkcs11conf}.tmp $pkcs11conf
   4187 		print "\n"
   4188 	fi
   4189 }
   4190 
   4191 cleanup_kerberos_mechanisms()
   4192 {
   4193 #
   4194 # This checks to see if the old 'gl' and 'do' directories
   4195 # for the Kerberos GSS-API mechanisms can be deleted.
   4196 # If the mechanism exists in /usr/lib/gss, then the old
   4197 # subdirs may be deleted.
   4198 #
   4199 	print "Cleaning up old Kerberos GSS-API mechanisms...\c"
   4200 
   4201 	kerneldir=kernel/misc/kgss
   4202 	kerneldir_sparc=kernel/misc/kgss/sparcv9
   4203 
   4204 	newmech=no;
   4205 	if [ -f $usr/lib/gss/mech_krb5.so.1 ]; then
   4206 		#
   4207 		# There is a mech  in the "new" location, so
   4208 		# the old stuff can be deleted.
   4209 		#
   4210 		if [ -d $usr/lib/gss/gl ]; then
   4211 			rm -rf $usr/lib/gss/gl
   4212 		fi
   4213 		if [ -d $usr/lib/gss/do ]; then
   4214 			rm -rf $usr/lib/gss/do
   4215 		fi
   4216 		newmech=yes;
   4217 	fi
   4218 	if [ -f $usr/lib/sparcv9/gss/mech_krb5.so.1 ]; then
   4219 		if [ -d $usr/lib/sparcv9/gss/gl ]; then
   4220 			rm -rf $usr/lib/sparcv9/gss/gl
   4221 		fi
   4222 		if [ -d $usr/lib/sparcv9/gss/do ]; then
   4223 			rm -rf $usr/lib/sparcv9/gss/do
   4224 		fi
   4225 	fi
   4226 	#
   4227 	# Cleanup kernel mechanisms from default location
   4228 	#
   4229 	if [ -f $rootprefix/$kerneldir/kmech_krb5 ]; then
   4230 		if [ -f $rootprefix/$kerneldir/gl_kmech_krb5 ]; then
   4231 			rm -f $rootprefix/$kerneldir/gl_kmech_krb5
   4232 		fi
   4233 		if [ -f $rootprefix/$kerneldir/do_kmech_krb5 ]; then
   4234 			rm -f $rootprefix/$kerneldir/do_kmech_krb5
   4235 		fi
   4236 	fi
   4237 	#
   4238 	# For SPARC, cleanup from 2 locations.
   4239 	#
   4240 	# 1.  /kernel/misc/kgss/sparcv9
   4241 	#
   4242 	if [ -f $rootprefix/$kerneldir_sparc/kmech_krb5 ]; then
   4243 		if [ -f $rootprefix/$kerneldir_sparc/gl_kmech_krb5 ]; then
   4244 			rm -f $rootprefix/$kerneldir_sparc/gl_kmech_krb5
   4245 		fi
   4246 		if [ -f $rootprefix/$kerneldir_sparc/do_kmech_krb5 ]; then
   4247 			rm -f $rootprefix/$kerneldir_sparc/do_kmech_krb5
   4248 		fi
   4249 	fi
   4250 	#
   4251 	# 2.  /platform/sun4u/kernel/misc/kgss/sparcv9
   4252 	#
   4253 	kerneldir_sparc=platform/$karch/$kerneldir_sparc
   4254 	if [ -f $rootprefix/$kerneldir_sparc/kmech_krb5 ]; then
   4255 		if [ -f $rootprefix/$kerneldir_sparc/gl_kmech_krb5 ]; then
   4256 			rm -f $rootprefix/$kerneldir_sparc/gl_kmech_krb5
   4257 		fi
   4258 		if [ -f $rootprefix/$kerneldir_sparc/do_kmech_krb5 ]; then
   4259 			rm -f $rootprefix/$kerneldir_sparc/do_kmech_krb5
   4260 		fi
   4261 	fi
   4262 	#
   4263 	# Make sure the GSS mechanism configuration file is correct
   4264 	#
   4265 	if [ "$newmech" = "yes" ]; then
   4266 		gssmechconf=$rootprefix/etc/gss/mech
   4267 
   4268 		sed -e 's/gl\/mech_krb5\.so/mech_krb5\.so/' \
   4269 		-e 's/do\/mech_krb5\.so/mech_krb5\.so/' \
   4270 		-e 's/gl_kmech_krb5/kmech_krb5/' \
   4271 		-e 's/do_kmech_krb5/kmech_krb5/'\
   4272 		$gssmechconf > ${gssmechconf}.tmp
   4273 
   4274 		if [ $? -eq 0 ]; then
   4275 			mv -f ${gssmechconf}.tmp $gssmechconf
   4276 		else
   4277 			echo  "WARNING: update of $gssmechconf failed."
   4278 			return 1
   4279 		fi
   4280 	fi
   4281 	print "\n"
   4282 }
   4283 
   4284 mpxiodisableno='^[ 	]*mpxio-disable[ 	]*=[ 	]*"no"[ 	]*;'
   4285 mpxiodisableyes='^[ 	]*mpxio-disable[ 	]*=[ 	]*"yes"[ 	]*;'
   4286 
   4287 fix_up_perms()
   4288 {
   4289 	#
   4290 	# fix up audit permissions
   4291 	#
   4292 	chmod 644 $root/etc/security/audit_control
   4293 	chmod 644 $root/etc/security/audit_user
   4294 
   4295 	#
   4296 	# fix up /etc/inet config file permissions
   4297 	#
   4298 	INETFILES="hosts networks netmasks protocols services \
   4299 	    inetd.conf ipaddrsel.conf sock2path ipsecalgs"
   4300 	for file in ${INETFILES}; do
   4301 		chmod 644 $root/etc/inet/$file
   4302 	done
   4303 }
   4304 
   4305 #
   4306 # disable mpxio on fp(7D) ports using fp.conf
   4307 #
   4308 disable_mpxio_using_fpconf()
   4309 {
   4310 	conffile=$rootprefix/kernel/drv/fp.conf
   4311 	test -f $conffile || return
   4312 	egrep -s "$mpxiodisableyes" $conffile && return
   4313 
   4314 	print "To preserve device names, disabled mpxio on fp(7D) ports by"
   4315 
   4316 	if egrep -s "$mpxiodisableno" $conffile; then
   4317 		tmpfile=/tmp/fp.conf.$$
   4318 		sed "s/$mpxiodisableno/mpxio-disable=\"yes\";/" $conffile \
   4319 		    > $tmpfile
   4320 		cp $tmpfile $conffile
   4321 		rm -f $tmpfile
   4322 		print "changing the value of mpxio-disable to \"yes\" in" \
   4323 		  "$conffile"
   4324 	else
   4325 		echo 'mpxio-disable="yes";' >> $conffile
   4326 		print "adding mpxio-disable=\"yes\" entry to $conffile"
   4327 	fi
   4328 }
   4329 
   4330 #
   4331 # enable mpxio in scsi_vhci
   4332 #
   4333 enable_mpxio_using_scsivhciconf()
   4334 {
   4335 	#
   4336 	# depending on whether the bfu restored the child's or parent's version
   4337 	# of scsi_vhci.conf file, we may already have the file with the change
   4338 	# we need in place. So make the change only if necessary.
   4339 	#
   4340 
   4341 	conffile=$rootprefix/kernel/drv/scsi_vhci.conf
   4342 	egrep -s "$mpxiodisableno" $conffile && return
   4343 
   4344 	print "To preserve device names, restored your current mpxio" \
   4345 	    "configuration by"
   4346 
   4347 	if egrep -s "$mpxiodisableyes" $conffile; then
   4348 		tmpfile=/tmp/scsi_vhci.conf.$$
   4349 		sed "s/$mpxiodisableyes/mpxio-disable=\"no\";/" $conffile \
   4350 		    > $tmpfile
   4351 		cp $tmpfile $conffile
   4352 		rm -f $tmpfile
   4353 		print "changing the value of mpxio-disable to \"no\" in" \
   4354 		  "$conffile"
   4355 	else
   4356 		echo 'mpxio-disable="no";' >> $conffile
   4357 		print "adding mpxio-disable=\"no\" entry to $conffile"
   4358 	fi
   4359 }
   4360 
   4361 #
   4362 # restore the pre-bfu MPxIO on/off setting to the post-bfued configuration
   4363 #
   4364 fixup_mpxio()
   4365 {
   4366 	conffile=$rootprefix/kernel/drv/scsi_vhci.conf
   4367 	parentconffile=$rootprefix/bfu.parent/kernel/drv/scsi_vhci.conf
   4368 	childconffile=$rootprefix/bfu.child/kernel/drv/scsi_vhci.conf
   4369 	ancestorconffile=$rootprefix/bfu.ancestor/kernel/drv/scsi_vhci.conf
   4370 
   4371 	# if scsi_vhci.conf doesn't exist return
   4372 	test -f $conffile || return
   4373 
   4374 	#
   4375 	# Determine the mpxio setting in the child. If the system was bfued
   4376 	# before and running with mpxio on by deafult bits, can't rely on the
   4377 	# mpxio-disable entry in the child's scsi_vhci.conf file as it may
   4378 	# contain stale left over entries.
   4379 	#
   4380 	mpxio_child=1
   4381 	if [ -f $ancestorconffile ]; then
   4382 		if egrep -s "$mpxiodisableyes" $ancestorconffile; then
   4383 			#
   4384 			# prior to the bfu the system was running with
   4385 			# mpxio off by default bits.
   4386 			#
   4387 			mpxio_child=0
   4388 			egrep -s "$mpxiodisableno" $childconffile && \
   4389 			    mpxio_child=1
   4390 		fi
   4391 	else
   4392 		egrep -s "$mpxiodisableyes" $childconffile && mpxio_child=0
   4393 	fi
   4394 
   4395 	if egrep -s "$mpxiodisableyes" $parentconffile; then
   4396 		# these bits require explicit enabling of mpxio at in scsi_vhci
   4397 		if [ $mpxio_child -eq 1 ]; then
   4398 			egrep -s "$mpxiodisableyes" \
   4399 			    $rootprefix/kernel/drv/fp.conf || \
   4400 			    enable_mpxio_using_scsivhciconf
   4401 		fi
   4402 	else
   4403 		#
   4404 		# these bits have mpxio enabled by default in scsi_vhci.
   4405 		# if mpxio is disabled in the child, disable mpxio on all
   4406 		# fp(7D) ports using fp.conf.
   4407 		#
   4408 		[ $mpxio_child -eq 0 ] && disable_mpxio_using_fpconf
   4409 	fi
   4410 }
   4411 
   4412 fixup_isa_bfu()
   4413 {
   4414 	aliasfile=$rootprefix/etc/driver_aliases
   4415 	parentalias=$rootprefix/bfu.parent/etc/driver_aliases
   4416 	pathtoinst=$rootprefix/etc/path_to_inst
   4417 	tmppath=/tmp/path_to_inst
   4418 	isaalias="pciclass,060100"
   4419 
   4420 	if [ $target_isa != i386 ]; then
   4421 		return;
   4422 	fi
   4423 	egrep -s "\"\/isa[\"\/]" $pathtoinst && child_pseudo_isa=1
   4424 	egrep -s "\"$isaalias\"" $parentalias || parent_pseudo_isa=1
   4425 	if [ "$child_pseudo_isa" != "$parent_pseudo_isa" ]; then
   4426 		sed -e '/\/isa[\"\/@]/d' <$pathtoinst >$tmppath
   4427 		mv $tmppath $pathtoinst
   4428 	fi
   4429 
   4430 	# bfu forwards, just return
   4431 	[[ "$parent_pseudo_isa" != 1 ]] && return
   4432 
   4433 	# remove the pciclass,060100 entry for isa when going backwards
   4434 	egrep -s "\"$isaalias\"" $aliasfile || return
   4435 	/tmp/bfubin/update_drv -b $root -d -i "$isaalias" isa >/dev/null 2>&1
   4436 }
   4437 
   4438 #
   4439 # Check to see if root in $1 has a mounted boot, and that
   4440 # it's mounted at the right place for bfu to handle it.
   4441 #
   4442 # Returns 0 (true) if bfu can handle the upgrade; fails if not
   4443 #
   4444 
   4445 boot_is_upgradeable()
   4446 {
   4447 	ROOT=$1
   4448 	if [ "$ROOT" = "/" ] ; then ROOT=""; fi
   4449 
   4450         BOOTPARTDEV="$(grep -s -v '^#' ${ROOT}/etc/vfstab | \
   4451 	    grep "[ 	]/boot[ 	]*pcfs[ 	]" | \
   4452 	    awk '{print $1}')"
   4453 
   4454 	# find out if, and where, boot is mounted
   4455 
   4456 	if [ -n "$BOOTPARTDEV" ] ; then 
   4457 		if [ -n "$ROOT" ] ; then
   4458 		
   4459 			BOOTMNT=$(mount | grep "$BOOTPARTDEV" | \
   4460 			    awk '{print $1}')
   4461 		else
   4462 			BOOTMNT="/boot"
   4463 		fi
   4464 		if [ "$BOOTMNT" != ${ROOT}/boot ] ; then
   4465 			cat << BOOTMOUNTERR
   4466 
   4467 ${ROOT} refers to an x86 boot partition, but it's not mounted 
   4468 at ${ROOT}/boot.
   4469 
   4470 BOOTMOUNTERR
   4471 			fail "Mount ${ROOT}s bootpart at ${ROOT}/boot.\n\n"
   4472 		fi
   4473 	fi
   4474 
   4475 	return 0
   4476 }
   4477 
   4478 # update the realmode boot programs at $1 (root) 
   4479 # from classic boot psm/stand/bootblks/ufs/i386/installboot.sh
   4480 
   4481 install_boot_i386()
   4482 {
   4483 	PBOOT=$1
   4484 	BOOTBLK=$2
   4485 	DEVICE=$3
   4486 	if [ ! -f $PBOOT ]; then
   4487 		echo "$PBOOT: File not found"
   4488 		return 1
   4489 	fi
   4490 	if [ ! -f $BOOTBLK ]; then
   4491 		echo "$BOOTBLK: File not found"
   4492 		return 1
   4493 	fi
   4494 	if [ ! -c $DEVICE ]; then
   4495 		echo "$DEVICE: Not a character device"
   4496 		return 1
   4497 	fi
   4498 	if [ ! -w $DEVICE ]; then
   4499 		echo "$DEVICE: Not writeable"
   4500 		return 1
   4501 	fi
   4502 
   4503 	# pboot at block 0, label at blocks 1 and 2, bootblk from block 3 on
   4504 	dd if=$PBOOT of=$DEVICE bs=1b count=1 conv=sync >/dev/null 2>&1
   4505 
   4506 	dd if=$BOOTBLK of=$DEVICE bs=1b oseek=3 conv=sync >/dev/null 2>&1
   4507 
   4508 	return 0
   4509 }
   4510 
   4511 update_realmode_booters()
   4512 {
   4513 	ROOT=$1
   4514 	
   4515 	TMPDIR=/tmp/rmupdate.$$
   4516 	trap "rm -rf $TMPDIR" EXIT
   4517 
   4518 	# go get new versions of boot files into TMPDIR
   4519 
   4520 	OLD_PWD=$(pwd)
   4521 	mkdir $TMPDIR
   4522 	cd $TMPDIR
   4523 
   4524 	# i86pc.boot archive
   4525 	REQFILES="boot/mdboot boot/strap.com"
   4526 	$ZCAT $cpiodir/i86pc.boot$ZFIX |  cpio -id $REQFILES 2>/dev/null 
   4527 	mv $REQFILES $TMPDIR
   4528 
   4529 	# i86pc.usr archive
   4530 	REQFILES="usr/platform/i86pc/lib/fs/ufs/pboot"
   4531 	REQFILES="$REQFILES usr/platform/i86pc/lib/fs/ufs/bootblk"
   4532 	$ZCAT $cpiodir/i86pc.usr$ZFIX | cpio -id $REQFILES 2>/dev/null
   4533 	mv $REQFILES $TMPDIR
   4534 
   4535 	cd $OLD_PWD
   4536 
   4537 	grep -s -v '^#' ${ROOT}/etc/vfstab | \
   4538 	    grep "[ 	]/boot[ 	]*pcfs[ 	]" >/dev/null
   4539 
   4540 	if [ $? -eq 0 ] ; then
   4541 		echo 'Updating /boot on x86 boot partition.'
   4542 
   4543 		REQFILES="mdboot strap.com"
   4544 		for f in ${REQFILES}; do
   4545 			if [ ! -f ${TMPDIR}/$f ]; then
   4546 				fail "Missing $f, aborting."
   4547 			fi
   4548 		done
   4549 
   4550 		MDBOOT=${TMPDIR}/mdboot
   4551 		STRAP=${TMPDIR}/strap.com
   4552 
   4553 		LUBIN=/usr/lib/lu
   4554 		TMP_FDFILE1=${TMPDIR}/fdfile1.$$
   4555 		LOGFILE=${TMPDIR}/mkfs.log.$$
   4556 		DDCOPY=${TMPDIR}/.dd_x86_boot_copy
   4557 
   4558 		DISKID="$(grep -s -v '^#' ${ROOT}/etc/vfstab | \
   4559 		    grep "[ 	]/boot[ 	]*pcfs[ 	]" |\
   4560 		    awk '{print $1}' | sed -e 's:p0\:boot::g')"
   4561 
   4562 		DISKID="$(basename ${DISKID})"
   4563 
   4564 		# Obtain the disk table; it will look something like the following:
   4565 		#
   4566 # * Id    Act  Bhead  Bsect  Bcyl    Ehead  Esect  Ecyl    Rsect    Numsect
   4567 #   130   128  27     28     0       242    9      553     1728     8897472
   4568 		# 
   4569 		# Delete all blank lines, and all lines that begin with *,
   4570 		# leaving only actual fdisk entries that we can scan
   4571 		# looking for the X86BOOT partition
   4572 
   4573 		fdisk -W - /dev/rdsk/${DISKID}p0 | \
   4574 		    grep -v '^*' | grep -v '^$' > ${TMP_FDFILE1}
   4575 
   4576 		num=1
   4577 
   4578 		while read id act bhead bcyl ehead ecyl rsect numsect
   4579 		do
   4580 			# Ignore entry if not X86 /boot partition
   4581 			# ID '190' is the X86BOOT partition (see man fdisk(1M))
   4582 
   4583 			if [ $id -ne "190" ] ; then
   4584 				num=$(expr $num + 1)
   4585 				continue
   4586 			fi
   4587 
   4588 			# Found X86 boot partition - save contents to $DDCOPY
   4589 			BOOTPART=/dev/rdsk/${DISKID}p${num}
   4590 			echo "Boot device is <${BOOTPART}>"
   4591 
   4592 			ERRMSG="$(dd if=${BOOTPART} of=${DDCOPY} 2>&1)"
   4593 			if [ $? -ne 0 ] ; then
   4594 				[ -n "${ERRMSG}" ] && echo "${ERRMSG}"
   4595 				fail "Unable to save copy of <${BOOTPART}>."
   4596 			fi
   4597 
   4598 			# mount copy of old /boot partition 
   4599 			LOBOOTDEV=$(lofiadm -a ${DDCOPY} 2>&1)
   4600 			if [ $? -ne 0 ] ; then
   4601 				[ -n "${LOBOOTDEV}" ] && echo "${LOBOOTDEV}"
   4602 				fail "Unable to make lo-device <${DDCOPY}>"
   4603 			fi
   4604 			SOURCE_BOOT_DEV="${TMPDIR}/tmpbootdev.$$"
   4605 			mkdir ${SOURCE_BOOT_DEV}
   4606 			ERRMSG=$(mount -F pcfs ${LOBOOTDEV} \
   4607 			    ${SOURCE_BOOT_DEV})
   4608 			if [ $? -ne 0 ] ; then
   4609 				[ -n "${ERRMSG}" ] && echo "${ERRMSG}"
   4610 				fail "Unable to mount lo-device <${LOBOOTDEV}>."
   4611 			fi
   4612 
   4613 			# recreate existing boot partition with updated 
   4614 			# boot files
   4615 
   4616 			# umount ${ROOT}'s /boot if mounted
   4617 
   4618 			BOOTMOUNTPT=$(mount | grep ${DISKID}p0:boot 2>&1 | \
   4619 			    awk '{print $1;}')
   4620 
   4621 			if [ -n "${BOOTMOUNTPT}" ] ; then
   4622 				echo "unmounting /dev/dsk/${DISKID}p0:boot"
   4623 				ERRMSG=$(umount \
   4624 				    /dev/dsk/${DISKID}p0:boot 2>&1)
   4625 				if [ $? -ne 0 ] ; then
   4626 					[ -n "${ERRMSG}" ] && echo "${ERRMSG}"
   4627 					fail "Unable to umount X86 boot device."
   4628 				fi
   4629 			fi
   4630 
   4631 			echo "Making new pcfs file system on ${DISKID}"
   4632 
   4633 			echo y | /usr/lib/fs/pcfs/mkfs -F pcfs \
   4634 			    -o S,s,B=$MDBOOT,b=BOOT,i=$STRAP \
   4635 			    /dev/rdsk/${DISKID}p0:boot >> ${LOGFILE} 2>&1
   4636 			if [ $? -ne 0 ] ; then
   4637 				echo "Unable to make pcfs:"
   4638 				cat ${LOGFILE}
   4639 				fail ""
   4640 			fi
   4641 
   4642 			echo "Copying x86 boot partition contents back\c"
   4643 			echo " to new /boot fs."
   4644 
   4645 			OLD_PWD=$(pwd)
   4646 
   4647 			echo "Remounting freshened /boot partition"
   4648 
   4649 			if [ -z "${BOOTMOUNTPT}" ] ; then 
   4650 				# boot ptn wasn't mounted
   4651 				BOOTMOUNT="/tmp/bootpart"
   4652 				mkdir ${BOOTMOUNT}
   4653 			else
   4654 				BOOTMOUNT=${BOOTMOUNTPT}
   4655 			fi
   4656 
   4657 			ERRMSG=$(mount -F pcfs \
   4658 			    /dev/dsk/${DISKID}p0:boot ${BOOTMOUNT} 2>&1)
   4659 
   4660 			if [ $? -ne 0 ] ; then
   4661 				[ -n "${ERRMSG}" ] && echo "${ERRMSG}"
   4662 				fail "Unable to mount X86 boot device."
   4663 			fi
   4664 
   4665 			# copy old /boot contents
   4666 			cd ${SOURCE_BOOT_DEV}
   4667 			find . -mount \! -type s -print | \
   4668 			    cpio -pcdum ${BOOTMOUNT} 2>&1 | \
   4669 			    ${LUBIN}/lustripcpioerr
   4670 
   4671 			if [ $? -ne 0 ] ; then
   4672 				fail "Unable to copy boot partition contents."
   4673 			fi
   4674 
   4675 			cd ${OLD_PWD}
   4676 
   4677 			# unmount and rm our boot mount, if we created it
   4678 			if [ -z "${BOOTMOUNTPT}" ] ; then
   4679 				ERRMSG=$(umount ${BOOTMOUNT} 2>&1)
   4680 				if [ $? -ne 0 ] ; then
   4681 					[ -n "${ERRMSG}" ] && echo "${ERRMSG}"
   4682 					fail "Unable to umount <$BOOTMOUNT>." 
   4683 				fi
   4684 				rm -rf ${BOOTMOUNT}
   4685 			fi
   4686 
   4687 			# unmount, un-lofi, and rm SOURCE_BOOT_DEV
   4688 
   4689 			ERRMSG=$(umount ${SOURCE_BOOT_DEV} 2>&1)
   4690 			if [ $? -ne 0 ] ; then
   4691 				[ -n "${ERRMSG}" ] && echo "${ERRMSG}"
   4692 				fail "Cannot umount lo-device <${LOBOOTDEV}>." 
   4693 			fi
   4694 
   4695 			ERRMSG=$(lofiadm -d ${DDCOPY} 2>&1)
   4696 			if [ $? -ne 0 ] ; then
   4697 				[ -n "${ERRMSG}" ] && echo "${ERRMSG}"
   4698 				fail "Cannot remove lo-device <${LOBOOTDEV}>." 
   4699 			fi
   4700 		
   4701 			rm -rf ${SOURCE_BOOT_DEV}
   4702 
   4703 		done < ${TMP_FDFILE1}
   4704 		rm ${TMP_FDFILE1} ${LOGFILE} ${DDCOPY}
   4705 
   4706 	else
   4707 
   4708 		# non boot-partition: use installboot to get pboot and bootblk
   4709 		echo "Updating /boot on Solaris partition."
   4710 
   4711 		if [ -z "${ROOT}" ] ; then SEARCH="/"; else SEARCH="${ROOT}"; fi
   4712 
   4713 		ROOTRAWDEV=$(mount | grep "^${SEARCH} on " | \
   4714 		    awk '{print $3}' | sed 's;/dsk;/rdsk;')
   4715 
   4716 		if [ -z "${ROOTRAWDEV}" ] ; then
   4717 			[ -n "${ROOTRAWDEV}" && echo "${ROOTRAWDEV}" ] 
   4718 			fail "${SEARCH} must be a mounted filesystem"
   4719 		fi
   4720 
   4721 		echo "Updating Solaris partition ${ROOTRAWDEV} with installboot"
   4722 		REQFILES="pboot bootblk"
   4723 		for f in ${REQFILES}; do
   4724 			if [ ! -f ${TMPDIR}/$f ]; then
   4725 				fail "Missing $f, aborting."
   4726 			fi
   4727 		done
   4728 		PBOOT=${TMPDIR}/pboot
   4729 		BOOTBLK=${TMPDIR}/bootblk
   4730 		install_boot_i386 $PBOOT $BOOTBLK ${ROOTRAWDEV}
   4731 		if [ $? -ne 0 ] ; then
   4732 			fail "Unable to installboot to <${ROOTRAWDEV}>." 
   4733 		fi
   4734 	fi
   4735 }
   4736 
   4737 #
   4738 print "Verifying archives ..."
   4739 
   4740 for a in generic $allarchs $rootarchs
   4741 do
   4742 	test -r $cpiodir/$a.root$ZFIX ||
   4743 		fail "bfu archive $cpiodir/$a.root$ZFIX missing"
   4744 done
   4745 
   4746 if [ ! -r $cpiodir/generic.lib$ZFIX -o ! -r $cpiodir/generic.kernel$ZFIX -o \
   4747     ! -r $cpiodir/generic.sbin$ZFIX ]; then
   4748 	old_style_archives="true"
   4749 	$ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | \
   4750 	    egrep -s '^etc/zones' && \
   4751 		fail "bfu archive $cpiodir/generic.{kernel,lib,sbin}$ZFIX" \
   4752 		     "missing;\npossible mkbfu version mismatch: pre-zones" \
   4753 		     "style archives with zones files."
   4754 fi
   4755 
   4756 for a in generic $allarchs $usrarchs
   4757 do
   4758 	test -r $cpiodir/$a.usr$ZFIX ||
   4759 		fail "bfu archive $cpiodir/$a.usr$ZFIX missing"
   4760 done
   4761 
   4762 for root in $rootlist
   4763 do
   4764 	cd $root || fail "Cannot cd $root"
   4765 	prologue=${root%/}/bfu.prologue
   4766 	if [ -f $prologue ]; then
   4767 		print "Executing $prologue"
   4768 		$prologue || fail "$prologue failed with code $?"
   4769 	fi
   4770 done
   4771 
   4772 print "Performing basic sanity checks ..."
   4773 
   4774 for dir in $usr $rootlist
   4775 do
   4776 	test -d $dir || fail "$dir does not exist"
   4777 	test -w $dir || fail "$dir is not writable"
   4778 	cd $dir || fail "Cannot cd $dir"
   4779 done
   4780 
   4781 RM_32BIT_KERNEL=0;
   4782 if [ "$karch" = "sun4u" ] &&
   4783    ($ZCAT $cpiodir/sun4u.root$ZFIX | cpio -itv 2>&1 |
   4784     grep "^l.*platform/sun4u/kernel/unix -> sparcv9/unix$" > /dev/null);
   4785     then
   4786 	RM_32BIT_KERNEL=1;
   4787 	if [ "$force_override" = "no" ] && 
   4788 	   (prtconf -F 2>&1 | egrep '(cgthree|bwtwo)' > /dev/null);
   4789 	    then
   4790 		print "\n\nERROR: You are upgrading to a 64-bit-only OS. " \
   4791 		      "Your frame buffer does not have a 64-bit driver and " \
   4792 		      "will not work after reboot.  To proceed you must run " \
   4793 		      "bfu with the -f flag.";
   4794 		exit;
   4795 	fi;
   4796 fi;
   4797 
   4798 if [ $plat = "SUNW,Ultra-1" ] && [ ! -f $cpiodir/SUNW,Ultra-1.root$ZFIX ] &&
   4799    [ "$force_override" = "no" ];
   4800    then
   4801 	print "\nERROR: These archives do not have Ultra-1 platform support." \
   4802 	      "\nProceeding with this BFU may render this machine unbootable." \
   4803 	      "\nTo proceed anyway, you must run bfu with the -f flag.\n";
   4804 	exit;
   4805 fi;
   4806 
   4807 for root in $rootlist
   4808 do
   4809 	rootprefix=${root%/}
   4810 	smf_check_repository
   4811 done
   4812 
   4813 MINIMUM_OS_REV=10
   4814 
   4815 #
   4816 # Perform additional sanity checks if we are upgrading the live system.
   4817 #
   4818 if [ "$rootlist" = "/" ]
   4819 then
   4820 	#
   4821 	# Disallow from older releases
   4822 	#
   4823 	os_rev=`uname -r | sed -e s/5.//`
   4824 	if [ $os_rev -lt $MINIMUM_OS_REV -a "$force_override" = "no" ]; then
   4825 		fail "Cannot bfu from pre-Solaris $MINIMUM_OS_REV"
   4826 	fi
   4827 	if [ ! -x /usr/sbin/svcadm ]; then
   4828 		fail "This version of bfu cannot run on pre-Greenline " \
   4829 		    "(s10_64) systems"
   4830 	fi
   4831 
   4832 	#
   4833 	# Filesystem space checks
   4834 	#
   4835 	set $root 4 $usr 6
   4836 	while [ $# -gt 0 ]
   4837 	do
   4838 		test "`df -b $1 | tail -1 | nawk '{ print $2 }'`" -ge ${2}000 ||
   4839 			fail "Less than $2 MB free on $1 -- bfu not safe."
   4840 		shift 2
   4841 	done
   4842 	#
   4843 	# Disable kernel module unloading
   4844 	#
   4845 	print "Disabling kernel module unloading ... \c"
   4846 	test -x /usr/bin/adb || fail "/usr/bin/adb not found: bfu not safe."
   4847 	echo "moddebug/W20000" | adb -kw /dev/ksyms /dev/mem | grep moddebug
   4848 	#
   4849 	# Load modules and drivers here not to reload them when you access
   4850 	# /devices or its subdirectories later.
   4851 	#
   4852 	nawk '$1 !~ /^#|^$/ {print $1}' /etc/name_to_major | \
   4853 	sed -e 's/#.*$//' | while read driver
   4854 	do
   4855 		modload -p drv/${driver} >/dev/null 2>&1
   4856 	done
   4857 	ls $cpiodir >>/dev/null		# loads elfexec and networking
   4858 
   4859 	# exec/intpexec and sys/kaio are needed by lofi
   4860 	modload -p exec/intpexec >/dev/null 2>&1
   4861 	modload -p sys/kaio >/dev/null 2>&1
   4862 
   4863 	# umount /lib/libc.so.1 if necessary
   4864 	if [ -n "`mount | grep '^/lib/libc.so.1'`" ]
   4865 	then
   4866 		print "Unmounting /lib/libc.so.1 ..."
   4867 		umount /lib/libc.so.1
   4868 	fi
   4869 
   4870 	PLAT=`/usr/bin/uname -i`
   4871 	ARCH=`/usr/bin/uname -m`
   4872 	# umount /platform/$PLAT/lib/libc_psr.so.1 if necessary
   4873 	if [ -n "`mount | grep "^/platform/$PLAT/lib/libc_psr.so.1"`" ]
   4874 	then
   4875 		print "Unmounting /platform/$PLAT/lib/libc_psr.so.1 ..."
   4876 		umount /platform/$PLAT/lib/libc_psr.so.1
   4877 	else
   4878 		# umount /platform/$ARCH/lib/libc_psr.so.1 if necessary
   4879 		if [ -n "`mount | grep "^/platform/$ARCH/lib/libc_psr.so.1"`" ]
   4880 		then
   4881 			print "Unmounting /platform/$ARCH/lib/libc_psr.so.1 ..."
   4882 			umount /platform/$ARCH/lib/libc_psr.so.1
   4883 		fi
   4884 	fi
   4885 
   4886 	# umount /platform/$PLAT/lib/sparcv9/libc_psr.so.1 if necessary
   4887 	if [ -n "`mount | grep "^/platform/$PLAT/lib/sparcv9/libc_psr.so.1"`" ]
   4888 	then
   4889 		print "Unmounting /platform/$PLAT/lib/sparcv9/libc_psr.so.1 ..."
   4890 		umount /platform/$PLAT/lib/sparcv9/libc_psr.so.1
   4891 	else
   4892 		# umount /platform/$ARCH/lib/sparcv9/libc_psr.so.1 if necessary
   4893 		if [ -n "`mount | grep \
   4894 		    "^/platform/$ARCH/lib/sparcv9/libc_psr.so.1"`" ]
   4895 		then
   4896 			print "Unmounting \c"
   4897 			print "/platform/$ARCH/lib/sparcv9/libc_psr.so.1 ..."
   4898 			umount /platform/$ARCH/lib/sparcv9/libc_psr.so.1
   4899 		fi
   4900 	fi
   4901 
   4902 	# umount /platform/sun4u-us3/lib/libc_psr.so.1 if necessary
   4903 	if [ -n "`mount | grep '^/platform/sun4u-us3/lib/libc_psr.so.1'`" ]
   4904 	then
   4905 		print "Unmounting /platform/sun4u-us3/lib/libc_psr.so.1 ..."
   4906 		umount /platform/sun4u-us3/lib/libc_psr.so.1
   4907 	fi
   4908 
   4909 	# umount /platform/sun4u-us3/lib/sparcv9/libc_psr.so.1 if necessary
   4910 	if [ -n "`mount | grep '^/platform/sun4u-us3/lib/sparcv9/libc_psr.so.1'`" ]
   4911 	then
   4912 		print "Unmounting /platform/sun4u-us3/lib/sparcv9/libc_psr.so.1 ..."
   4913 		umount /platform/sun4u-us3/lib/sparcv9/libc_psr.so.1
   4914 	fi
   4915 
   4916 	# 
   4917 	# The libpiclsbl.so.1 library has been moved from
   4918 	# /usr/platform/SUNW,Sun-Fire-T200/lib/... to
   4919 	# /usr/platform/sun4v/lib/... .  Other sun4v platforms create
   4920 	# symbolic link to T200's libpiclsbl.so.1. Therefore check
   4921 	# if library is present in T200's directory and then remove
   4922 	# it and the symbolic links.
   4923 	if [ -a \
   4924 	    $usr/platform/SUNW,Sun-Fire-T200/lib/picl/plugins/libpiclsbl.so.1 ]
   4925 	then
   4926 		print "Removing libpiclsbl.so library ..."
   4927 		find $usr/platform -name libpiclsbl\* -exec rm {} \;
   4928 	fi
   4929 
   4930 	if [ -x /usr/sbin/zoneadm ]; then
   4931 		#
   4932 		# Stop any running zones: the init script will print a
   4933 		# message if needed.
   4934 		#
   4935 		if [ -x /etc/init.d/zones ]; then
   4936 			/etc/init.d/zones stop
   4937 		elif [ -x /lib/svc/method/svc-zones ]; then
   4938 			#
   4939 			# We need all zones to be down before proceeding.
   4940 			# We can't accomplish this by just disabling the
   4941 			# zones service, since it might already be disabled.
   4942 			# So we pretend to be SMF, and invoke the stop method.
   4943 			#
   4944 			# When zones are someday independently managed as
   4945 			# service instances, this will need to be revised.
   4946 			#
   4947 			export SMF_FMRI="svc:/system/zones:default"
   4948 			/lib/svc/method/svc-zones stop
   4949 			unset SMF_FMRI
   4950 		fi
   4951 
   4952 		[ -z `zoneadm list | grep -v global` ] || \
   4953 		    fail "zone(s) failed to halt"
   4954 		#
   4955 		# Determine the installed zones, which we will want to do
   4956 		# after we're done with the global zone.  This is done now
   4957 		# rather than later in case bfu'ing the global zone causes
   4958 		# the zone configuration to become unreadable (e.g., via a
   4959 		# DTD flag day).
   4960 		#
   4961 		bfu_zone_list=$root/.bfu_zone_list
   4962 		rm -f $bfu_zone_list
   4963 
   4964 		zoneadm list -pi | nawk -F: '{
   4965 			if ($3 == "installed" &&
   4966 			    ($6 == "native" || $6 == "" || $6 == "sn1")) {
   4967 				printf "%s %s\n", $2, $4
   4968 			}
   4969 		}' > $bfu_zone_list
   4970 	fi
   4971 
   4972 	#
   4973 	# save vlans associated with zones to be upgraded 
   4974 	# to the new dladm based format
   4975 	#
   4976 	flowadm_status="old"
   4977 	if [[ ! -f $root/sbin/flowadm ]] && \
   4978 	    archive_file_exists generic.sbin "sbin/flowadm"; then
   4979 		flowadm_status="new"
   4980 
   4981 		for iftype in hostname hostname6 dhcp
   4982 		do
   4983 			interface_names="`echo /etc/$iftype.*[0-9] 2>/dev/null`"
   4984 			if [ "$interface_names" != "/etc/iftype.*[0-9]" ]; then
   4985 				ORIGIFS="$IFS"
   4986 				IFS="$IFS."
   4987 				set -- $interface_names
   4988 				IFS="$ORIGIFS"
   4989 				while [ $# -ge 2 ]; do
   4990 					shift
   4991 					if [ $# -gt 1 -a \
   4992 					    "$2" != "/etc/$iftype" ]; then
   4993 						while [ $# -gt 1 -a \
   4994 						    "$1" != "/etc/$iftype" ]; do
   4995 							shift
   4996 						done
   4997 					else
   4998 						host_ifs="$host_ifs $1"
   4999 						shift
   5000 					fi
   5001 				done
   5002 			fi
   5003 		done
   5004 
   5005 		zones=`zoneadm list -c | grep -v global`
   5006 		for zone in $zones
   5007 		do
   5008 			zonecfg -z $zone info ip-type | grep exclusive \
   5009 			    >/dev/null
   5010 			if [ $? -eq 0 ]; then
   5011 				zif=`zonecfg -z $zone info net | \
   5012 				    grep physical | nawk '{print $2}'`
   5013 				zone_ifs="$zone_ifs $zif"
   5014 			fi
   5015 		done
   5016 	fi
   5017 	#
   5018 	# Stop sendmail so that mail doesn't bounce during the interval
   5019 	# where /etc/mail/aliases is (effectively) empty.
   5020 	#
   5021 	# (note that unlike other services here, /etc/init.d/sendmail
   5022 	# remains post-smf(5) because it is a public interface.)
   5023 	#
   5024 	if [ -r /etc/svc/volatile/repository_door ]; then
   5025 		print "Disabling sendmail temporarily ..."
   5026 		svcadm disable -t network/smtp
   5027 	else
   5028 		print "Killing sendmail ..."
   5029 		/etc/init.d/sendmail stop
   5030 	fi
   5031 
   5032 	print "Disabling remote logins ..."
   5033 	echo "bfu in progress -- remote logins disabled" >/etc/nologin
   5034 
   5035 	#
   5036 	# Stop syslogd so it doesn't interfere with saving preserved files.
   5037 	#
   5038 	if [ -f /etc/init.d/syslog ]; then
   5039 		print "Killing syslogd ..."
   5040 		/etc/init.d/syslog stop
   5041 	elif [ -r /etc/svc/volatile/repository_door ]; then
   5042 		print "Disabling syslog temporarily ..."
   5043 		svcadm disable -t system/system-log
   5044 	fi
   5045 
   5046 	#
   5047 	# Stop apache so it doesn't get upset when the entire world changes
   5048 	# out from underneath it.
   5049 	#
   5050 	if [ -f /etc/init.d/apache ]; then
   5051 		print "Killing httpd ..."
   5052 		/etc/init.d/apache stop
   5053 	elif [ -r /etc/svc/volatile/repository_door ]; then
   5054 		print "Disabling httpd temporarily ..."
   5055 		svcadm disable -t network/http
   5056 	fi
   5057 
   5058 	#
   5059 	# Kill off fmd so it doesn't get upset when the entire world changes
   5060 	# out from underneath it.
   5061 	#
   5062 	if [ -f /etc/init.d/savecore ]; then
   5063 		print "Killing fmd ..."
   5064 		pkill -x fmd
   5065 	elif [ -r /etc/svc/volatile/repository_door ]; then
   5066 		print "Disabling fmd temporarily ..."
   5067 		svcadm disable -t system/fmd
   5068 	fi
   5069 
   5070 	#
   5071 	# Stop nscd so it doesn't interfere with stuff.
   5072 	#
   5073 	if [ -x /etc/init.d/nscd ]; then
   5074 		print "Killing nscd ..."
   5075 		/etc/init.d/nscd stop
   5076 	elif [ -r /etc/svc/volatile/repository_door ]; then
   5077 		print "Disabling nscd temporarily ..."
   5078 		svcadm disable -t system/name-service-cache:default
   5079 	fi
   5080 
   5081 	if grep -v "^#" $rootprefix/etc/vfstab | grep boot | \
   5082 		grep "[ 	]pcfs[ 	]" >/dev/null 2>&1
   5083 	then
   5084 		boot_is_pcfs=yes
   5085 	fi
   5086 
   5087 	smf_new_profiles
   5088 
   5089 else
   5090 	#
   5091 	# Check ${root}/etc/motd for SunOS value to get `uname -r`
   5092 	#
   5093 	os_rev=`head -1 ${root}/etc/motd | sed -e 's/^.*SunOS //' | \
   5094 		awk '{print $1}' | sed -e s/5.//`
   5095 	if [ $os_rev -lt $MINIMUM_OS_REV -a "$force_override" = "no" ]; then
   5096 		fail "Cannot bfu from pre-Solaris $MINIMUM_OS_REV"
   5097 	fi
   5098 	if [ ! -x /usr/sbin/svcadm ]; then
   5099 		fail "This version of bfu cannot run on pre-Greenline " \
   5100 		    "(s10_64) systems"
   5101 	fi
   5102 fi
   5103 
   5104 export PATH=/tmp/bfubin:$PATH
   5105 export LD_LIBRARY_PATH=/tmp/bfulib
   5106 
   5107 if [ -h /tmp/bfulib/64 ]
   5108 then
   5109 	ldlib64="LD_LIBRARY_PATH_64=/tmp/bfulib/64"
   5110 	export LD_LIBRARY_PATH_64=/tmp/bfulib/64
   5111 fi
   5112 
   5113 # turn off auxiliary filters, since they can cause objects to be loaded
   5114 # from outside of the protected environment.
   5115 export LD_NOAUXFLTR=1
   5116 
   5117 #
   5118 # Since we've turned off auxiliary filters, libc_psr will normally not
   5119 # be loaded at all.  But libc_psr was overriding broken code in libc
   5120 # for over a week before the fix for 6324631, so we need to explicitly
   5121 # LD_PRELOAD it to allow users to bfu from the broken libc.  This can be
   5122 # removed once there are no sun4u machines bfued to Nevada bits between
   5123 # 9/7/2005 and 9/15/2005.
   5124 #
   5125 if [ -f /tmp/bfulib/libc_psr.so.1 ]; then
   5126 	export LD_PRELOAD_32=/tmp/bfulib/libc_psr.so.1
   5127 fi
   5128 
   5129 print "Turning on delayed i/o ..."
   5130 fastfs -f $rootlist $usr
   5131 fastfs $rootlist $usr
   5132 
   5133 #
   5134 # The "| tee -a $EXTRACT_LOG" following do_extraction() is not pulled into the
   5135 # function itself because it interferes with the cpio exit status detection.
   5136 # pcfs boot is an exception, since its cpio exit status is expected to be bad,
   5137 # so a heuristic must be employed to infer whether or not any errors occurred.
   5138 #
   5139 do_extraction() {
   5140 	compressed_archive=$1
   5141 	shift
   5142 	$ZCAT $compressed_archive | cpio -idmucB $* 2>&1 \
   5143 		|| extraction_error "extracting archive $1"
   5144 }
   5145 
   5146 do_pcfs_boot_extraction() {
   5147 	PCFS_BOOT_LOG=/tmp/bfu-pcfs-boot-log.$$
   5148 	$ZCAT $1 | cpio -idmucB 2>&1 | grep -v "error.s" | \
   5149 		grep -v "cpio: Cannot chown()" | \
   5150 		grep -v "cpio: Error during chown()" | tee $PCFS_BOOT_LOG
   5151 	cat $PCFS_BOOT_LOG >> $EXTRACT_LOG
   5152 	egrep -s -v blocks $PCFS_BOOT_LOG
   5153 	if [ $? -eq 0 ]; then
   5154 		extraction_error "extracting archive $1 ... see $PCFS_BOOT_LOG"
   5155 	else
   5156 		rm -f $PCFS_BOOT_LOG
   5157 	fi
   5158 }
   5159 
   5160 #
   5161 # Usage: extract_archives (root|usr|lib|sbin|kernel) arch-list
   5162 #
   5163 extract_archives() {
   5164 	base=$1
   5165 	shift
   5166 	test $base = usr && cd $usrroot || cd $root
   5167 	for archive in $*
   5168 	do
   5169 		print "Extracting $archive.$base$ZFIX ... \c" \
   5170 			| tee -a $EXTRACT_LOG
   5171 		test -h platform/$archive && rm platform/$archive
   5172 		if [ $base = root ]; then
   5173 			exclude="-f dev/fd home proc etc/mnttab"
   5174 
   5175 			#
   5176 			# We don't want to overwrite the sharetab if
   5177 			# it is a mount-point. We assume it is a
   5178 			# mount-point if it is not writable.
   5179 			#
   5180 			if [ -f etc/dfs/sharetab ]; then
   5181 				if [ ! -w etc/dfs/sharetab ]; then
   5182 					exclude="$exclude etc/dfs/sharetab"
   5183 				fi
   5184 			fi
   5185 
   5186 			[ -d system/contract ] &&
   5187 				exclude="$exclude system/contract"
   5188 			[ -d system/object ] &&
   5189 				exclude="$exclude system/object"
   5190 			[ -f etc/svc/repository.db ] &&
   5191 				exclude="$exclude etc/svc/repository.db"
   5192 			[ -e etc/repository_door ] &&
   5193 				exclude="$exclude etc/repository_door"
   5194 			[ -f etc/svc/volatile ] &&
   5195 				exclude="$exclude etc/svc/volatile"
   5196 			do_extraction $cpiodir/$archive.$base$ZFIX $exclude |
   5197 				tee -a $EXTRACT_LOG
   5198 		elif [ $base = usr ]; then
   5199 			do_extraction $cpiodir/$archive.$base$ZFIX \
   5200 				-f "usr/openwin" | tee -a $EXTRACT_LOG
   5201 		else
   5202 			do_extraction $cpiodir/$archive.$base$ZFIX \
   5203 				| tee -a $EXTRACT_LOG
   5204 		fi
   5205 	done
   5206 	cd $root
   5207 }
   5208 
   5209 extract_boot_archives() {
   5210 	base=$1
   5211 	shift
   5212 	cd $root
   5213 	for archive in $*
   5214 	do
   5215 		if [ ! -f $cpiodir/$archive.$base$ZFIX ]; then
   5216 			continue
   5217 		fi
   5218 		print "Extracting $archive.$base$ZFIX ... \c" \
   5219 			| tee -a $EXTRACT_LOG
   5220 		if [ $boot_is_pcfs = yes ]; then
   5221 			do_pcfs_boot_extraction $cpiodir/$archive.$base$ZFIX
   5222 		else
   5223 			do_extraction $cpiodir/$archive.$base$ZFIX | \
   5224 				tee -a $EXTRACT_LOG
   5225 		fi
   5226 		$ZCAT $cpiodir/$archive.$base$ZFIX | cpio -it 2>&1 | \
   5227 		    grep  "boot/solaris/devicedb/master" >/dev/null 2>&1
   5228 		if [ "$?" = "0" ]; then
   5229 			have_realmode=yes
   5230 		fi
   5231 	done
   5232 	cd $root
   5233 }
   5234 
   5235 #
   5236 # Classic boot pboot and bootblk compatibility with old archives
   5237 #
   5238 setup_pboot()
   5239 {
   5240 	NEWPBOOTDIR=$GATE/public/pboot
   5241 	NEWPBOOT=${NEWPBOOTDIR}/pboot
   5242 	NEWBOOTBLK=${NEWPBOOTDIR}/bootblk
   5243 	PBOOTDIR=$usr/platform/$karch/lib/fs/ufs
   5244 	PBOOT=${PBOOTDIR}/pboot
   5245 	BOOTBLK=${PBOOTDIR}/bootblk
   5246 
   5247 	# they should already be there, but...
   5248 	if [ -f $NEWPBOOT -a ! -f $PBOOT ]; then
   5249 		print "Installing pboot from $NEWPBOOTDIR"
   5250 		cp $NEWPBOOT $PBOOT
   5251 	fi
   5252 	if [ -f $NEWBOOTBLK -a ! -f $BOOTBLK ]; then
   5253 		print "Installing bootblk from $NEWPBOOTDIR"
   5254 		cp $NEWBOOTBLK $BOOTBLK
   5255 	fi
   5256 
   5257 	if [ -f $NEWPBOOT -a -f $PBOOT ]; then
   5258 		LATEST=`ls -Lt $PBOOT $NEWPBOOT | head -1`
   5259 		if [ "$LATEST" = "$NEWPBOOT" ]; then
   5260 			print "Updating pboot from $NEWPBOOT"
   5261 			cp $NEWPBOOT $PBOOT
   5262 		fi
   5263 	fi
   5264 	if [ -f $NEWBOOTBLK -a -f $BOOTBLK ]; then
   5265 		LATEST=`ls -Lt $BOOTBLK $NEWBOOTBLK | head -1`
   5266 		if [ "$LATEST" = "$NEWBOOTBLK" ]; then
   5267 			print "Updating bootblk from $NEWBOOTBLK"
   5268 			cp $NEWBOOTBLK $BOOTBLK
   5269 		fi
   5270 	fi
   5271 	#
   5272 	# This function will never be called when upgrading a zfs root,
   5273 	# so it's safe to assume a value for rootslice here.
   5274 	#
   5275 	if [[ "$rootslice" = /dev/rdsk/* ]]; then
   5276 		print "Installing boot block."
   5277 		( cd $PBOOTDIR ;
   5278 		    install_boot_i386 ./pboot ./bootblk ${rootslice%??}s2 )
   5279 	fi
   5280 	#
   5281 	# Since /platform/i86pc/boot/solaris/boot.bin is moved
   5282 	# to /boot/solaris, remove the old one if it really
   5283 	# exists.
   5284 	#
   5285 	OLDBOOTDIR=${root}/platform/i86pc/boot/solaris
   5286 	OLDBOOTBIN=${OLDBOOTDIR}/boot.bin
   5287 	if [ ! -h ${OLDBOOTDIR} -a -f ${OLDBOOTBIN} ] ;
   5288 	then
   5289 		print "Removing old boot.bin."
   5290 		rm -rf ${OLDBOOTBIN}
   5291 	fi
   5292 }
   5293 
   5294 #
   5295 # Multiboot support
   5296 #
   5297 
   5298 saved_boot_files="
   5299 	solaris/bootenv.rc
   5300 	solaris/devicedb/master
   5301 "
   5302 
   5303 #
   5304 # transition from multiboot to dca
   5305 #
   5306 check_multi_to_dca_boot()
   5307 {
   5308 	bootdev=`grep p0:boot $rootprefix/etc/vfstab | \
   5309 		grep pcfs | nawk '{print $1}'`
   5310 	if [ "$bootdev" != "" ]; then
   5311 		is_pcfs_boot=yes
   5312 	fi
   5313 
   5314 	if [ $is_pcfs_boot = yes ]; then
   5315 		df -h | grep stubboot >/dev/null 2>&1
   5316 		if [ $? -eq 0 ]; then
   5317 
   5318 			# save configurable files from /boot
   5319 			# before remounting /stubboot.
   5320 			# files are relative to /boot.
   5321 			for file in $saved_boot_files
   5322 			do
   5323 				dir="`dirname $rootprefix/stubboot/$file`"
   5324 				mkdir -p $dir
   5325 				cp $rootprefix/boot/$file $dir
   5326 			done
   5327 
   5328 			echo "unmount $bootdev at $rootprefix/stubboot"
   5329 			ERRMSG=$(umount $bootdev 2>&1)
   5330 			if [ $? -ne 0 ] ; then
   5331 				[ -n "${ERRMSG}" ] && echo "${ERRMSG}"
   5332 				fail "Unable to umount $bootdev on $rootprefix/stubboot."
   5333 			fi
   5334 
   5335 			# adjust vfstab
   5336 			sed -e "s/[ 	]\/stubboot[ 	]/	\/boot	/" \
   5337 			    <$rootprefix/etc/vfstab >$rootprefix/etc/vfstab+
   5338 			mv $rootprefix/etc/vfstab $rootprefix/etc/vfstab-
   5339 			mv $rootprefix/etc/vfstab+ $rootprefix/etc/vfstab
   5340 
   5341 			ERRMSG=$(mount -F pcfs $bootdev $rootprefix/boot 2>&1)
   5342 			if [ $? -ne 0 ] ; then
   5343 				[ -n "${ERRMSG}" ] && echo "${ERRMSG}"
   5344 				fail "Unable to mount $bootdev on $rootprefix/boot."
   5345 			fi
   5346 		fi
   5347 	fi
   5348 }
   5349 
   5350 check_dca_to_multiboot()
   5351 {
   5352 	bootdev=`grep p0:boot $rootprefix/etc/vfstab | \
   5353 	    grep pcfs | nawk '{print $1}'`
   5354 	if [ "$bootdev" != "" ]; then
   5355 		is_pcfs_boot=yes
   5356 	fi
   5357 	if [ $system_type != dca ]; then
   5358 		return
   5359 	fi
   5360 
   5361 	# ensure bootpath is in $rootprefix/boot/solaris/bootenv.rc
   5362 	# It's ok to put a meta device path in there
   5363 	bootenvrc=$rootprefix/boot/solaris/bootenv.rc
   5364 	grep "^setprop[	 ]*bootpath[	 ]" $bootenvrc > /dev/null
   5365 	if [ $? != 0 ]; then
   5366 		rootdev=`grep -v "^#" $rootprefix/etc/vfstab | \
   5367 		    grep "[	 ]/[	 ]" | nawk '{print $1}'`
   5368 		bootpath=`ls -l $rootdev | nawk '{ print $NF }' |\
   5369 		    sed "s#../../devices##"`
   5370 		echo "setprop bootpath '$bootpath'" >> $bootenvrc
   5371 	fi
   5372 
   5373 	rm -f $rootprefix/boot/mdboot
   5374 }
   5375 
   5376 #
   5377 # Figure out the boot architecture of the current system:
   5378 # 1. If an i86xpv kernel exists, it's a xpv system
   5379 # 2. If dboot_image is in unix, it's a dboot system
   5380 # 3. Otherwise, if multiboot is present, it's a multiboot system
   5381 # 4. Otherwise, it's a pre-multiboot system
   5382 #
   5383 # This is called before we lay down the new archives.
   5384 #
   5385 check_system_type()
   5386 {
   5387 	if [ -f $root/platform/i86xpv/kernel/unix ]; then
   5388 		system_type=xpv
   5389 	elif [ -x $root/boot/solaris/bin/symdef ] && \
   5390 	    $root/boot/solaris/bin/symdef $root/platform/i86pc/kernel/unix \
   5391 	    dboot_image; then
   5392 		system_type=directboot
   5393 	elif [ -x $root/platform/i86pc/multiboot ]; then
   5394 		system_type=multiboot
   5395 	else
   5396 		system_type=dca
   5397 	fi
   5398 }
   5399 
   5400 #
   5401 # Detect SVM root and return the list of raw devices under the mirror
   5402 #
   5403 get_rootdev_list()
   5404 {
   5405 	if [ -f $rootprefix/etc/lu/GRUB_slice ]; then
   5406 		dev=`grep '^PHYS_SLICE' $rootprefix/etc/lu/GRUB_slice |
   5407 		    cut -d= -f2`
   5408 		if [ "$rootfstype" = "zfs" ]; then
   5409 			fstyp -a "$dev" | grep 'path: ' | grep -v phys_path: | 
   5410 			    cut -d"'" -f2 | sed 's+/dsk/+/rdsk/+'
   5411 		else
   5412 			echo "$dev"
   5413 		fi
   5414 		return
   5415 	elif [ "$rootfstype" = "zfs" ]; then
   5416 		rootpool=`df -k ${rootprefix:-/} | tail +2 | cut -d/ -f1`
   5417 		rootdevlist=`LC_ALL=C zpool iostat -v "$rootpool" | tail +5 |
   5418 		    egrep -v "mirror|spare|replacing" |
   5419 		    sed -n -e '/--/q' -e p | awk '{print $1}'`
   5420 	else
   5421 		metadev=`grep -v "^#" $rootprefix/etc/vfstab | \
   5422 			grep "[	 ]/[ 	]" | nawk '{print $2}'`
   5423 		if [[ $metadev = /dev/rdsk/* ]]; then
   5424        		 	rootdevlist=`basename "$metadev"`
   5425 		elif [[ $metadev = /dev/md/rdsk/* ]]; then
   5426        		 	metavol=`basename "$metadev"`
   5427 			rootdevlist=`metastat -p $metavol |\
   5428 			    grep -v "^$metavol[         ]" | nawk '{print $4}'`
   5429 		fi
   5430 	fi
   5431 	for rootdev in $rootdevlist
   5432 	do
   5433 		echo /dev/rdsk/`basename $rootdev`
   5434 	done
   5435 }
   5436 
   5437 #
   5438 # Done once per transition from classic (dca) to multi boot
   5439 #
   5440 setup_stubboot()
   5441 {
   5442 	bootdev=`grep -v "^#" $rootprefix/etc/vfstab | grep pcfs | \
   5443 		grep "[ 	]/boot[ 	]"`
   5444 	if [[ -n $bootdev ]] ; then
   5445 
   5446 		bootdev=`echo "$bootdev" | nawk '{print $1}'`
   5447 		rbootdev=`echo "$bootdev" | sed -e "s/dev\/dsk/dev\/rdsk/"`
   5448 
   5449 		# Remount boot partition as /stubboot, set up new /boot
   5450 		mkdir -p $rootprefix/stubboot
   5451 
   5452 		ERRMSG=$(umount $bootdev 2>&1)
   5453 		if [ $? -ne 0 ] ; then
   5454 			[ -n "${ERRMSG}" ] && echo "${ERRMSG}"
   5455 			fail "Unable to umount $bootdev."
   5456 		fi
   5457 		ERRMSG=$(mount -F pcfs $bootdev $rootprefix/stubboot 2>&1)
   5458 		if [ $? -ne 0 ] ; then
   5459 			[ -n "${ERRMSG}" ] && echo "${ERRMSG}"
   5460 			fail "Unable to mount $bootdev on $rootprefix/stubboot."
   5461 		fi
   5462 
   5463 		mkdir -p $rootprefix/boot
   5464 		cp -r $rootprefix/stubboot/* $rootprefix/boot
   5465 	
   5466 		# adjust /etc/vfstab
   5467 		sed <$rootprefix/etc/vfstab \
   5468 		    -e "s/[ 	]\/boot[ 	]/	\/stubboot	/" | \
   5469 			sed -n >$rootprefix/etc/vfstab+ '
   5470 			/p0:boot/ {
   5471 				s/[ 	]no/	yes/
   5472 				}
   5473 				p
   5474 			'
   5475 
   5476 		mv $rootprefix/etc/vfstab $rootprefix/etc/vfstab-
   5477 		mv $rootprefix/etc/vfstab+ $rootprefix/etc/vfstab
   5478 	fi
   5479 }
   5480 
   5481 #
   5482 # multiboot: install grub on the boot slice
   5483 #
   5484 install_grub()
   5485 {
   5486 	STAGE1=$rootprefix/boot/grub/stage1
   5487 	STAGE2=$rootprefix/boot/grub/stage2
   5488 
   5489 	if [ -x $rootprefix/boot/solaris/bin/update_grub ]; then
   5490 		/tmp/bfubin/ksh $rootprefix/boot/solaris/bin/update_grub \
   5491 		    -R $root
   5492 	elif [ $is_pcfs_boot = no ]; then
   5493 		get_rootdev_list | while read rootdev
   5494 		do 
   5495 			print "Install grub on $rootdev"
   5496 			PATH=/tmp/bfubin /tmp/bfubin/installgrub \
   5497 				$STAGE1 $STAGE2 $rootdev
   5498 		done
   5499 	else
   5500 		# copy /boot grub & solaris to /stubboot
   5501 		cp -r $rootprefix/boot/grub $rootprefix/stubboot/grub
   5502 		cp -r $rootprefix/boot/solaris $rootprefix/stubboot/solaris
   5503 
   5504 		# Adjust grub paths relative to pcfs filesystem
   5505 		rm -rf $rootprefix/stubboot/boot
   5506 		mkdir -p $rootprefix/stubboot/boot
   5507 		mv $rootprefix/stubboot/grub $rootprefix/stubboot/boot
   5508 		mv $rootprefix/stubboot/solaris $rootprefix/stubboot/boot
   5509 
   5510 		#
   5511 		# Run installgrub after copying stubboot to avoid overwriting
   5512 		# /stubboot/boot/grub/stage2, which must stay untouched.
   5513 		#
   5514 		bootdev=`grep -v "^#" $rootprefix/etc/vfstab | grep pcfs | \
   5515 			grep "[ 	]/stubboot[ 	]" | nawk '{print $1}'`
   5516 		rbootdev=`echo "$bootdev" | sed -e "s/dev\/dsk/dev\/rdsk/"`
   5517 		if [ "$rbootdev" != "" ]; then
   5518 			print "Install grub on $rbootdev"
   5519 			PATH=/tmp/bfubin /tmp/bfubin/installgrub $STAGE1 $STAGE2 $rbootdev
   5520 		fi
   5521 	fi
   5522 }
   5523 
   5524 #
   5525 # We check for several possibilites of a bootenv.rc line:
   5526 #
   5527 # 1. setprop name 'value'
   5528 # 2. setprop name "value"
   5529 # 3. setprop name value
   5530 #
   5531 parse_bootenv_line()
   5532 {
   5533 	line=$1
   5534 	value=`echo $line | grep "'" | cut -d\' -f2`
   5535 	if [ -z "$value" ]; then
   5536 		value=`echo $line | grep "\"" | cut -d\" -f2`
   5537 		if [ -z "$value" ]; then
   5538 			value=`echo $line | cut -d' ' -f3-`
   5539 		fi
   5540 	fi
   5541 	echo $value
   5542 }
   5543 
   5544 update_bootenv()
   5545 {
   5546 	bootenvrc=$rootprefix/boot/solaris/bootenv.rc
   5547 	bootenvrc_updated=0
   5548 
   5549 	# Note: the big space below is actually a space and tab
   5550 	boot_file=`grep '^setprop[ 	]\{1,\}boot-file\>' $bootenvrc`
   5551 	if [ -n "$boot_file" ]; then
   5552 		file=`parse_bootenv_line "$boot_file"`
   5553 		if [ -n "$file" ]; then
   5554 			PATH=/tmp/bfubin /tmp/bfubin/bootadm set-menu kernel="$file"
   5555 			bootenvrc_updated=1
   5556 		fi
   5557 	fi
   5558 
   5559 	console=`grep '^setprop[ 	]\{1,\}console\>' $bootenvrc`
   5560 	if [ -z "$console" ]; then
   5561 		console=`grep '^setprop[ 	]\{1,\}input-device\>' \
   5562 		    $bootenvrc`
   5563 	fi
   5564 	if [ -n "$console" ]; then
   5565 		cons=`parse_bootenv_line "$console"`
   5566 	fi
   5567 	boot_args=`grep '^setprop[ 	]\{1,\}boot-args\>' $bootenvrc`
   5568 	if [ -n "boot_args" ]; then
   5569 		args=`parse_bootenv_line "$boot_args"`
   5570 	fi
   5571 	if [ -n "$cons" ] && [ -n "$args" ]; then
   5572 		# If args starts with a -B, remove it and add a comma instead
   5573 		if echo $args | grep '^-B ' >/dev/null; then
   5574 			new_args=`echo $args | sed 's/^-B //'`
   5575 			args_line="-B console=$cons,$new_args"
   5576 		else
   5577 			args_line="-B console=$cons $args"
   5578 		fi
   5579 	elif [ -n "$cons" ]; then
   5580 		args_line="-B console=$cons"
   5581 	elif [ -n "$args" ]; then
   5582 		args_line="$args"
   5583 	else
   5584 		args_line=""
   5585 	fi
   5586 	if [ -n "$args_line" ]; then
   5587 		PATH=/tmp/bfubin /tmp/bfubin/bootadm set-menu args="$args_line"
   5588 		bootenvrc_updated=1
   5589 	fi
   5590 
   5591 	if [ $bootenvrc_updated = 1 ]; then
   5592 		egrep -v '^setprop[ 	]+(boot-file|boot-args)[ 	]' $bootenvrc > ${bootenvrc}.new
   5593 		[ -s ${bootenvrc}.new ] && mv ${bootenvrc}.new $bootenvrc
   5594 	fi
   5595 }
   5596 
   5597 get_biosdisk()
   5598 {
   5599 	rootdev=$1
   5600 	rootphys=`ls -l $rootdev | nawk '{ print $NF }' | \
   5601 	    sed -e "s/\.\.\/\.\.\/devices//" -e "s/:[abcdefgh],raw//"`
   5602 	rbootdev=`echo "$rootdev" | sed -e "s/s[0-7]/p0/"`
   5603 
   5604 	#
   5605 	# Use biosdev to get the bios disk number
   5606 	#
   5607 	biosdisk=`biosdev | grep $rootphys | \
   5608 		nawk '{print $1}' | sed -e "s/0x8//"`
   5609 }
   5610 
   5611 #
   5612 # multiboot: set up initial grub menu
   5613 #
   5614 update_grub_menu()
   5615 {
   5616 	MENU=$rootprefix/boot/grub/menu.lst
   5617 
   5618 	grubhd=$1
   5619 
   5620 	if [ $archive_type = multiboot ]; then
   5621 		BOOT_PROG="kernel /platform/i86pc/multiboot"
   5622 		BOOT_ARCHIVE="module /platform/i86pc/boot_archive"
   5623 	else
   5624 		#
   5625 		# directboot archives
   5626 		#
   5627 		BOOT_PROG="kernel\$ /platform/i86pc/kernel/\$ISADIR/unix"
   5628 		BOOT_ARCHIVE="module\$ /platform/i86pc/\$ISADIR/boot_archive"
   5629 	fi
   5630 
   5631 	#
   5632 	# The failsafe archives may be different than the boot archives
   5633 	#
   5634 	if [ -x /boot/platform/i86pc/kernel/unix ]; then
   5635 		BOOT_FAILSAFE_FILE="/boot/platform/i86pc/kernel/unix"
   5636 		BOOT_FAILSAFE_SUFFIX=""
   5637 	else
   5638 		BOOT_FAILSAFE_FILE="/boot/multiboot"
   5639 		BOOT_FAILSAFE_SUFFIX="kernel/unix"
   5640 	fi
   5641 
   5642 	#
   5643 	# Append some useful entries to the existing menu
   5644 	#
   5645 	echo "Update GRUB menu $MENU with entries for $grubhd"
   5646 
   5647 	grep ^default $MENU > /dev/null
   5648 	[ $? = 0 ] || echo "default=0" >> $MENU
   5649 	grep ^timeout $MENU > /dev/null
   5650 	[ $? = 0 ] || echo "timeout=10" >> $MENU
   5651 
   5652 	echo "#serial --unit=0 --speed=9600" >> $MENU
   5653 	echo "#terminal serial" >> $MENU
   5654 	echo "#splashimage=$grubhd/boot/grub/splash.xpm.gz" >> $MENU
   5655 	echo "title Solaris" >> $MENU
   5656 	echo "	root $grubhd" >> $MENU
   5657 	echo "	${BOOT_PROG}" >> $MENU
   5658 	echo "	${BOOT_ARCHIVE}" >> $MENU
   5659 
   5660 	echo "GRUB menu entry 'Solaris' boots to eeprom(1m) settings"
   5661 
   5662 	if [ -f ${rootprefix}/$BOOT_FAILSAFE_FILE ] &&
   5663 	    [ -f ${rootprefix}/boot/x86.miniroot-safe ] ; then
   5664 
   5665 		TTY=`grep "^setprop input-device" \
   5666 		    ${rootprefix}/boot/solaris/bootenv.rc | cut -f 2 -d \'`
   5667 		if [ -z "${TTY}" ] ; then
   5668 			TTY=`grep "^setprop console" \
   5669 			    ${rootprefix}/boot/solaris/bootenv.rc | \
   5670 			    cut -f 2 -d \'`
   5671 		fi
   5672 
   5673 		if [ "${TTY}" = "ttya" ] || [ "${TTY}" = "ttyb" ] ; then
   5674 			FS_CONSOLE="-B console=${TTY}"
   5675 		fi
   5676 
   5677 cat >>$MENU <<EOF
   5678 title Solaris failsafe
   5679   root $grubhd
   5680   kernel $BOOT_FAILSAFE_FILE $BOOT_FAILSAFE_SUFFIX $FS_CONSOLE -s
   5681   module /boot/x86.miniroot-safe
   5682 EOF
   5683 	fi
   5684 }
   5685 
   5686 bootadm_f_flag=""
   5687 
   5688 install_failsafe()
   5689 {
   5690 	if [ "$root" != "/" ] || \
   5691 	    [ -f /boot/x86.miniroot-safe ] || \
   5692 	    [ ! -x ${GATE}/public/bin/update_failsafe ]; then
   5693 		#
   5694 		# Either we're not bfu'ing /, or the failsafe archives were
   5695 		# already installed, or update_failsafe is not available.
   5696 		# If the old failsafe archives were multiboot, clear out the
   5697 		# directboot kernel.
   5698 		# 
   5699 		if [ $failsafe_type = multiboot ]; then
   5700 			rm -f $rootprefix/boot/platform/i86pc/kernel/unix
   5701 		elif [ $failsafe_type = directboot ]; then
   5702 			cp /tmp/bfubin/unix \
   5703 			    $rootprefix/boot/platform/i86pc/kernel/unix
   5704 		fi
   5705 	else
   5706 		echo "Updating failsafe archives"
   5707 		${GATE}/public/bin/update_failsafe
   5708 
   5709 		# Force bootadm to update the failsafe entry
   5710 		bootadm_f_flag="-f"
   5711 	fi
   5712 }
   5713 
   5714 #
   5715 # setup_grub_menu is only called when upgrading from a system
   5716 # with a dca boot.  This cannot happen on systems with zfs root,
   5717 # so this function need not take care of the case where the root
   5718 # file system type is zfs
   5719 #
   5720 setup_grub_menu()
   5721 {
   5722 	MENU=$rootprefix/boot/grub/menu.lst
   5723 
   5724 	get_rootdev_list | while read rootdev
   5725 	do
   5726 		rootphys=`ls -l $rootdev | nawk '{print $NF}' | \
   5727 		    sed -e "s/\.\.\/\.\.\/devices//"`
   5728 		gslice=`echo "$rootphys" | cut -f 2 -d : | sed s/,raw//`
   5729 		rootphys=`echo "$rootphys" | sed -e "s/:[abcdefgh],raw//"`
   5730 		rbootdev=`echo "$rootdev" | sed -e "s/s[0-7]/p0/"`
   5731 
   5732 		#
   5733 		# Wallow through fdisk to get the active partition number
   5734 		# Partition numbering is zero-based
   5735 		#
   5736 		part=0
   5737 		fdisk -W - $rbootdev | grep -v '^*' | grep -v '^$' | \
   5738 		while read id act bhead bcyl ehead ecyl rsect numsect
   5739 		do
   5740 			# Find solaris partition, either older 130 or 191
   5741 			if [ $id -eq "191" -o $id -eq "130" ] ; then
   5742 				break
   5743 			fi
   5744 			part=`expr "$part" + 1`
   5745 		done
   5746 
   5747 		get_biosdisk $rootdev
   5748 		grubhd="(hd${biosdisk},${part},${gslice})"
   5749 
   5750 		#
   5751 		# update the grub menu if it doesn't exist or
   5752 		# doesn't have usable boot entries
   5753 		#
   5754 		if [ -f $MENU ]; then
   5755 			grep -v "^#" $MENU | grep $grubhd >/dev/null 2>&1
   5756 			if [ $? -eq 1 ]; then
   5757 				update_grub_menu $grubhd
   5758 			fi
   5759 		else
   5760 			update_grub_menu $grubhd
   5761 		fi
   5762 	done
   5763 }
   5764 
   5765 #
   5766 # Build the multiboot boot archive
   5767 #
   5768 build_boot_archive()
   5769 {
   5770 	#
   5771 	# We should be able to run bootadm here but that's a
   5772 	# little more complicated than one would think
   5773 	#bootadm_args=${rootprefix:+-R $rootprefix}
   5774 	#PATH=/tmp/bfubin /tmp/bfubin/bootadm update $bootadm_args
   5775 
   5776 	cr_args=${rootprefix:+ -R $rootprefix}
   5777 	LD_LIBRARY_PATH=/tmp/bfulib PATH=/tmp/bfubin \
   5778 	    /tmp/bfubin/ksh $rootprefix/boot/solaris/bin/create_ramdisk $cr_args
   5779 
   5780 	#
   5781 	# Disable the boot-archive service on the first boot
   5782 	# to silence complaints about new files
   5783 	# svccfg -s system/boot-archive setprop start/exec = true
   5784 
   5785 	mkdir -p $rootprefix/bfu.conflicts/lib/svc/method
   5786 	cp $rootprefix/lib/svc/method/boot-archive \
   5787 	    $rootprefix/bfu.conflicts/lib/svc/method/boot-archive
   5788 	cat >$rootprefix/lib/svc/method/boot-archive <<"EOF"
   5789 #!/sbin/sh
   5790 exit 0
   5791 EOF
   5792 
   5793 	cat >$rootprefix/etc/rc2.d/S99postbfu <<EOF
   5794 #!/bin/sh
   5795 #
   5796 case "\$1" in
   5797 'start')
   5798 	cp /bfu.conflicts/lib/svc/method/boot-archive /lib/svc/method/boot-archive
   5799 	chmod +x /lib/svc/method/boot-archive
   5800         rm -f /etc/rc2.d/S99postbfu
   5801         ;;
   5802 *)
   5803         echo "usage: \$0 start"
   5804         exit 1
   5805         ;;
   5806 esac
   5807 exit 0
   5808 EOF
   5809 
   5810 	chmod +x $rootprefix/etc/rc2.d/S99postbfu
   5811 	chmod +x $rootprefix/lib/svc/method/boot-archive
   5812 	chmod +x $rootprefix/bfu.conflicts/lib/svc/method/boot-archive
   5813 }
   5814 
   5815 #
   5816 # Install failsafe archive on a sparc machine if not present.
   5817 # Use a well-known server for the archive if we need it.
   5818 #
   5819 install_sparc_failsafe()
   5820 {
   5821 	# check if failsafe already installed
   5822         if [ -f $rootprefix/platform/$karch/failsafe ]; then
   5823                  return
   5824         fi
   5825         if [ -z "$FAILSAFE_SERVER" ]; then
   5826                 FAILSAFE_SERVER="netinstall.sfbay"
   5827         fi
   5828         if [ -z "$FAILSAFE_IMAGE" ]; then
   5829                 FAILSAFE_IMAGE="export/nv/s/latest"
   5830         fi
   5831         fs_wos_image="/net/${FAILSAFE_SERVER}/${FAILSAFE_IMAGE}"
   5832         fs_archive="${fs_wos_image}/boot/sparc.miniroot"
   5833         if [ ! -d $fs_wos_image ] || [ ! -f $fs_archive ]; then
   5834 		# XXX Remove this fallback to a known good archive once real
   5835                 # XXX images with boot archives become available.
   5836 		fs_wos_image="/net/netinstall.sfbay/export/setje/nbs-latest"
   5837                 fs_archive="${fs_wos_image}/boot/sparc.miniroot"
   5838         fi
   5839         if [ -d $fs_wos_image ] || [ ! -f $fs_archive ]; then
   5840                 echo "Installing failsafe archive from $fs_wos_image"
   5841                 cp $fs_archive $rootprefix/platform/$karch/failsafe
   5842         fi
   5843 }
   5844 
   5845 disable_boot_service()
   5846 {
   5847 	svccfg -s system/boot-archive setprop start/exec = true
   5848 	cat >$rootprefix/lib/svc/method/boot-archive <<EOF
   5849 #!/sbin/sh
   5850 . /lib/svc/share/smf_include.sh
   5851 . /lib/svc/share/fs_include.sh
   5852 exit 0
   5853 EOF
   5854 }
   5855 
   5856 dir_is_inherited() {
   5857 	dir=$1
   5858 	set -- `zonecfg -z $zone info inherit-pkg-dir dir=/$dir`
   5859 	[ "$3" = "/$dir" ] && return 0 || return 1
   5860 }
   5861 
   5862 check_boot_env()
   5863 {
   5864 	if [ $multi_or_direct = yes ]; then
   5865 		if [ $archive_type != $system_type ]; then
   5866 			install_failsafe
   5867 			[ $system_type = dca ] && setup_grub_menu
   5868 
   5869 			if [ $have_new_bootadm = yes ] ||
   5870 			    ( [ -x /tmp/bfubin/symdef ] &&
   5871 			    [ -x /tmp/bfubin/bootadm ] &&
   5872 			    /tmp/bfubin/symdef /tmp/bfubin/bootadm \
   5873 			    dboot_or_multiboot ); then
   5874 				if [[ -z $rootprefix ]]; then
   5875 					PATH=/tmp/bfubin /tmp/bfubin/bootadm \
   5876 					    -m upgrade $bootadm_f_flag
   5877 				else
   5878 					PATH=/tmp/bfubin /tmp/bfubin/bootadm \
   5879 					    -m upgrade -R $rootprefix \
   5880 					    $bootadm_f_flag
   5881 				fi
   5882 				install_grub
   5883 				[ $archive_type = directboot ] && update_bootenv
   5884 			else
   5885 				install_grub
   5886 				cat >&2 <<EOF
   5887 
   5888 WARNING: Cannot find new bootadm.  If bfu'ing across the multiboot/directboot
   5889 boundary, you will need to manually change menu.lst.  See
   5890 http://www.sun.com/msg/SUNOS-8000-CF for details.
   5891 
   5892 EOF
   5893 			fi
   5894 
   5895 			#
   5896 			# If we're going backwards, we need to remove the
   5897 			# symdef binary.
   5898 			#
   5899 			if [ -f $rootprefix/boot/solaris/bin/symdef ] && \
   5900 			    [ $archive_type = multiboot ]
   5901 			then
   5902 				rm -f $rootprefix/boot/solaris/bin/symdef \
   5903 				    $rootprefix/boot/solaris/bin/update_grub
   5904 			fi
   5905 		elif [ $failsafe_type = multiboot ]; then
   5906 			rm -f $rootprefix/boot/platform/i86pc/kernel/unix
   5907 		elif [ $failsafe_type = directboot ]; then
   5908 			cp /tmp/bfubin/unix \
   5909 			    $rootprefix/boot/platform/i86pc/kernel/unix
   5910 		fi
   5911 		build_boot_archive
   5912 	else
   5913 		disable_boot_service
   5914 	fi
   5915 }
   5916 
   5917 mondo_loop() {
   5918 	typeset pkgroot
   5919 	typeset pkg
   5920 	root=$1
   5921 	zone=$2
   5922 	if [ $zone != global ]; then
   5923 		usrroot=$root
   5924 	fi
   5925 
   5926 	# If the archives being installed contain i86pc.boot, 
   5927 	# check to see if it contains strap.com, one of the
   5928 	# four possibly-required booters.  If i86pc.boot does,
   5929 	# try to upgrade the realmode booters from the current 
   5930 	# archive set.
   5931 	#
   5932 	# Don't bother doing the upgrade for diskless bfu, as the boot
   5933 	# will be done with floppy or PXE, which must match the build
   5934 	# anyway (floppy must match or add_install_client must be 
   5935 	# rerun), and in any event we can't touch the boot bits
   5936 	# for diskless boot from here.  Also don't do this for
   5937 	# any zone but 'global'.
   5938 
   5939 	cd $root || fail "Cannot cd $root"
   5940 	rootprefix=${root%/}
   5941 	pkgroot=${rootprefix:+-R $rootprefix}
   5942 
   5943 	if [ "$karch" = "i86pc" -a "$diskless" = "no" -a "$zone" = "global" ]
   5944 	then
   5945 		remove_properties
   5946 		check_system_type
   5947 		if boot_is_upgradeable $root && \
   5948 		    [ $archive_type = dca ]; then
   5949 			check_multi_to_dca_boot
   5950 			print "\nUpdating realmode boot loaders\n"
   5951 			update_realmode_booters $root
   5952 			setup_pboot
   5953 		fi
   5954 		if [ $multi_or_direct = yes ]; then
   5955 			check_dca_to_multiboot
   5956 			if [ $is_pcfs_boot = yes ]; then
   5957 				setup_stubboot
   5958 			fi
   5959 		fi
   5960 	fi
   5961 
   5962 	# before we save away driver_aliases, remove any obsolete entries
   5963 	if [ $target_isa = i386 ]; then
   5964 		# need to remove old pci5853,1 entry for xpv. The correct
   5965 		# entry going forward is pci5853,1.1 which is now in
   5966 		# uts/intel/os/driver_aliases
   5967 		grep '\"pci5853,1\"' $root/etc/driver_aliases > /dev/null 2>&1
   5968 		if [ "$?" -eq 0 ]; then
   5969 			/tmp/bfubin/update_drv -b $root -d -i '"pci5853,1"' xpv > /dev/null 2>&1
   5970 		fi
   5971 	fi
   5972 
   5973 	SECONDS=0		# time each iteration
   5974 
   5975 	print "\nSaving configuration files in $rootprefix/bfu.child ... \c"
   5976 	cd $root
   5977 	rm -rf bfu.default bfu.restore	# historical
   5978 	rm -rf bfu.child bfu.conflicts
   5979 	mkdir bfu.child bfu.conflicts
   5980 	filelist $zone | cpio -pdmu bfu.child || \
   5981 	    fail 'failed to save config files'
   5982 	test -f etc/motd && mv etc/motd etc/motd.old
   5983 
   5984 	#
   5985 	# If the var/sadm/system/admin/INST_RELEASE file still exists,
   5986 	# this system has never been bfu'd before.  Therefore, the
   5987 	# information in var/sadm/install/contents is still valid and
   5988 	# can be used to determine whether files have been modified
   5989 	# since installation (the bfu.ancestors directory serves this
   5990 	# purpose for systems that have already been bfu'd.)
   5991 	#
   5992 	if [ -f var/sadm/system/admin/INST_RELEASE ] ; then
   5993 		firstbfu=yes
   5994 	else
   5995 		firstbfu=no
   5996 	fi
   5997 
   5998 	#
   5999 	# bfu'ed systems are not upgradeable; prevent suninstall from
   6000 	# even *presenting* the upgrade option by removing INST_RELEASE.
   6001 	#
   6002 	rm -f var/sadm/system/admin/INST_RELEASE
   6003 
   6004 	#
   6005 	# Hacks to work around minor annoyances and make life more pleasant.
   6006 	# Part 1 of 2: pre-archive-extraction stuff
   6007 	#
   6008 
   6009 	#
   6010 	# Do not remove remove_initd_links, since this makes sure things
   6011 	# work properly when init scripts are shuffled around.
   6012 	#
   6013 	remove_initd_links
   6014 
   6015 	#
   6016 	# Remove rc.d scripts and things made superfluous by smf.
   6017 	# Backwards BFUs will resurrect them from the archives.
   6018 	#
   6019 	smf_cleanup
   6020 
   6021 	#
   6022 	# New, enabled-by-default services need to be checked for, such
   6023 	# that their enabled status is not flipped by BFU after their
   6024 	# initial arrival.
   6025 	#
   6026 	smf_handle_new_services
   6027 
   6028 	#
   6029 	# Handle unbundled TX conversion if needed
   6030 	#
   6031 	tx_check_update
   6032 
   6033       	# Reflect SUNWcsr's pre-install change, ensures
   6034 	# the i.hosts action script works during 'acr'	
   6035 	if [[ -f $rootprefix/etc/inet/ipnodes && \
   6036 			! -h $rootprefix/etc/inet/ipnodes ]]; then
   6037 		rm -f $rootprefix/etc/inet/ipnodes.hostsmerge
   6038 		cp -p $rootprefix/etc/inet/ipnodes \
   6039 			$rootprefix/etc/inet/ipnodes.hostsmerge
   6040 	fi
   6041 
   6042 	#
   6043 	# Remove obsolete disassembler module
   6044 	#
   6045 	if [ $target_isa = sparc ]; then 
   6046 		rm -rf $usr/lib/mdb/disasm/*
   6047 		rm -f $root/kernel/kmdb/sparcv9/sparc
   6048 	fi
   6049 
   6050 	#
   6051 	# Remove obsolete Sun-Fire-880 (daktari) FMA Fault Tree directory
   6052 	# and file.  Backwards BFUs will resurrect them from the archives.
   6053 	#
   6054 	if [ $target_isa = sparc ]; then
   6055 		rm -rf $usr/platform/SUNW,Sun-Fire-880/lib/fm
   6056 	fi
   6057 
   6058 	#
   6059 	# Remove old ndpd header (moved to /usr/include per 6509782)
   6060 	#
   6061 	rm -f $usr/include/protocols/ndpd.h
   6062 
   6063 	#
   6064 	# Remove old FMA dictionary files
   6065 	#
   6066 	rm -f $usr/lib/fm/FMD.dict
   6067 	rm -f $usr/lib/fm/SUN4U.dict
   6068 	rm -f $usr/lib/fm/SUNOS.dict
   6069 
   6070 	# Remove unused SMF dictionary
   6071 	rm -f $root/usr/lib/fm/dict/SMF.dict
   6072 	rm -f $root/usr/lib/locale/C/LC_MESSAGES/SMF.mo
   6073 
   6074 	#
   6075 	# Remove old FMA .eft files and directories
   6076 	#
   6077 	rm -f $usr/platform/sun4u/lib/fm/eft/pci-sun4u.eft
   6078 	rm -rf $usr/platform/SUNW,Serverblade1/lib/fm
   6079 	rm -rf $usr/platform/SUNW,Sun-Fire/lib/fm
   6080 	rm -rf $usr/platform/SUNW,Sun-Fire-15000/lib/fm
   6081 
   6082 	#
   6083 	# Remove old FMA LDOMS files
   6084 	#
   6085 	rm -f $usr/platform/sun4v/lib/fm/fmd/libldom.so.1
   6086 	rm -f $usr/platform/sun4v/lib/fm/fmd/libldom.so
   6087 	rm -f $usr/platform/sun4v/lib/fm/fmd/llib-lldom
   6088 	rm -f $usr/platform/sun4v/lib/fm/fmd/llib-lldom.ln
   6089 	rm -f $usr/platform/sun4v/lib/fm/fmd/sparcv9/libldom.so.1
   6090 	rm -f $usr/platform/sun4v/lib/fm/fmd/sparcv9/libldom.so
   6091 	rm -f $usr/platform/sun4v/lib/fm/fmd/sparcv9/llib-lldom.ln
   6092 
   6093 	#
   6094 	# Remove old topology data
   6095 	#
   6096 	rm -rf $usr/lib/fm/topo
   6097 	rm -f $usr/platform/*/lib/fm/topo/hc-topology.xml
   6098 	rm -f $usr/platform/SUNW,Sun-Fire-T200/lib/fm/topo/maps/Sun-Blade-T6300-hc-topology.xml
   6099 
   6100 	#
   6101 	# Remove old prtopo and obsoleted include file.
   6102 	#
   6103 	rm -f $usr/include/fm/libtopo_enum.h
   6104 	rm -f $usr/lib/fm/prtopo
   6105 
   6106 	#
   6107 	# Remove fm driver
   6108 	#
   6109 	rm -f $root/kernel/drv/fm
   6110 	rm -f $root/kernel/drv/fm.conf
   6111 	rm -f $root/kernel/drv/amd64/fm
   6112 	rm -f $root/kernel/drv/sparcv9/fm
   6113 
   6114 	#
   6115 	# Remove old AMD cpu module, to be replaced by extended cpu.generic
   6116 	# with AMD-specific support layered on top as a model-specific module.
   6117 	# Also remove the corresponding mdb and kmdb support.  Backwards BFU
   6118 	# will reintroduce these files.
   6119 	rm -f $root/platform/i86pc/kernel/cpu/cpu.AuthenticAMD.15
   6120 	rm -f $root/platform/i86pc/kernel/cpu/amd64/cpu.AuthenticAMD.15
   6121 	rm -f $root/usr/platform/i86pc/lib/mdb/kvm/cpu.AuthenticAMD.15.so
   6122 	rm -f $root/usr/platform/i86pc/lib/mdb/kvm/amd64/cpu.AuthenticAMD.15.so
   6123 	rm -f $root/usr/platform/i86pc/lib/mdb/kvm/cpu.generic.so
   6124 	rm -f $root/usr/platform/i86pc/lib/mdb/kvm/amd64/cpu.generic.so
   6125 	rm -f $root/usr/platform/i86pc/lib/mdb/kvm/cpu_ms.AuthenticAMD.15.so
   6126 	rm -f $root/usr/platform/i86pc/lib/mdb/kvm/amd64/cpu_ms.AuthenticAMD.15.so
   6127 	rm -f $root/usr/lib/mdb/kvm/cpu.generic.so
   6128 	rm -f $root/usr/lib/mdb/kvm/amd64/cpu.generic.so
   6129 	rm -f $root/usr/lib/mdb/kvm/cpu_ms.AuthenticAMD.15.so
   6130 	rm -f $root/usr/lib/mdb/kvm/amd64/cpu_ms.AuthenticAMD.15.so
   6131 
   6132 	# Remove pcbe drivers for AMD
   6133 	#
   6134 	# old: need to remove going forwards:
   6135 	#
   6136 	rm -f $root/usr/kernel/pcbe/pcbe.AuthenticAMD.15
   6137 	rm -f $root/usr/kernel/pcbe/pcbe.AuthenticAMD.16
   6138 	rm -f $root/usr/kernel/pcbe/amd64/pcbe.AuthenticAMD.15
   6139 	rm -f $root/usr/kernel/pcbe/amd64/pcbe.AuthenticAMD.16
   6140 	#
   6141 	# new: need to remove going backwards:
   6142 	#
   6143 	rm -f $root/usr/kernel/pcbe/pcbe.AuthenticAMD
   6144 	rm -f $root/usr/kernel/pcbe/amd64/pcbe.AuthenticAMD
   6145 
   6146 	# Remove cpu.generic from i86xpv platform
   6147 	rm -f $root/platform/i86xpv/kernel/cpu/cpu.generic
   6148 	rm -f $root/platform/i86xpv/kernel/cpu/amd64/cpu.generic
   6149 
   6150 	#
   6151 	# Remove obsolete buildmnttab script.  Backwards BFUs will
   6152 	# resurrect it by extracting it from the archives.
   6153 	#
   6154 	rm -f $root/etc/init.d/buildmnttab
   6155 	rm -f $root/etc/rcS.d/S70buildmnttab.sh
   6156 
   6157 	#
   6158 	# Break-up of inetsvc, inetinit & network -- remove both the old
   6159 	# and new init scripts.  The correct ones will be extracted from
   6160 	# the archives whether bfu'ing backwards or forwards.
   6161 	#
   6162 	# old: need to remove going forwards:
   6163 	#
   6164 	rm -f $root/etc/rc0.d/K42inetsvc
   6165 	rm -f $root/etc/rc1.d/K42inetsvc
   6166 	rm -f $root/etc/rcS.d/K42inetsvc
   6167 	rm -f $root/etc/rcS.d/S29network.sh
   6168 	#
   6169 	# new: need to remove going backwards:
   6170 	#
   6171 	rm -f $root/etc/init.d/domainname
   6172 	rm -f $root/etc/init.d/inetd
   6173 	rm -f $root/etc/init.d/named
   6174 	rm -f $root/etc/init.d/nodename
   6175 	rm -f $root/etc/rc0.d/K40inetd
   6176 	rm -f $root/etc/rc0.d/K42named
   6177 	rm -f $root/etc/rc1.d/K40inetd
   6178 	rm -f $root/etc/rc1.d/K42named
   6179 	rm -f $root/etc/rc2.d/S69domainname
   6180 	rm -f $root/etc/rc2.d/S72named
   6181 	rm -f $root/etc/rc2.d/S77inetd
   6182 	rm -f $root/etc/rcS.d/K40inetd
   6183 	rm -f $root/etc/rcS.d/K42named
   6184 	rm -f $root/etc/rcS.d/S28network.sh
   6185 	rm -f $root/etc/rcS.d/S29nodename.sh
   6186 
   6187 	#
   6188 	# Remove Zones init scripts: they will be extracted properly
   6189 	# going forwards; after going backwards, they will be gone,
   6190 	# thus preventing scary warnings on subsequent bfu's.
   6191 	#
   6192 	rm -f $root/etc/init.d/zones
   6193 	rm -f $root/etc/rc0.d/K01zones
   6194 	rm -f $root/etc/rc1.d/K01zones
   6195 	rm -f $root/etc/rc2.d/K01zones
   6196 	rm -f $root/etc/rc3.d/S99zones
   6197 	rm -f $root/etc/rcS.d/K01zones
   6198 
   6199 	#
   6200 	# Remove <inet>6 STREAMS modules; these no longer exist (and
   6201 	# should never have existed in the first place).
   6202 	#
   6203 	rm -f $root/kernel/strmod/icmp6		\
   6204 	    $root/kernel/strmod/ip6		\
   6205 	    $root/kernel/strmod/tcp6		\
   6206 	    $root/kernel/strmod/udp6
   6207 
   6208 	rm -f $root/kernel/strmod/sparcv9/icmp6 \
   6209 	    $root/kernel/strmod/sparcv9/ip6	\
   6210 	    $root/kernel/strmod/sparcv9/tcp6	\
   6211 	    $root/kernel/strmod/sparcv9/udp6
   6212 
   6213 	#
   6214 	# Remove old ZFS binaries (back when it was three modules)
   6215 	#
   6216 	find $root/kernel/drv -name zpool 2> /dev/null | xargs rm -f
   6217 	rm -f $root/kernel/drv/zpool.conf
   6218 	rm -f $root/kernel/drv/zpool.cache
   6219 
   6220 	find $root/kernel/drv -name zvol 2> /dev/null | xargs rm -f
   6221 	rm -f $root/kernel/drv/zvol.conf
   6222 	rm -rf $root/kernel/devname
   6223 	rm -f $usr/include/sys/fs/sdev_node.h
   6224 
   6225 	#
   6226 	# Remove /usr/lib/old_libthread since support for it has
   6227 	# been removed from the kernel in Solaris 10.  If this is
   6228 	# a backwards BFU, it will all be extracted again by cpio.
   6229 	rm -rf $usr/lib/old_libthread
   6230 
   6231 	# Remove libconfig 
   6232 	rm -f $usr/lib/drv/config_md.so.1
   6233 	rm -f $usr/include/config_md.h
   6234 	# remove libssd
   6235 	rm -f $usr/lib/libssd.a
   6236 	rm -f $usr/lib/libssd.so
   6237 	rm -f $usr/lib/libssd.so.1
   6238 	# remove libap
   6239 	rm -f $usr/lib/libap_dmd.a
   6240 	rm -f $usr/lib/libap_dmd.so.1
   6241 	# remove libintpos
   6242 	rm -f $usr/lib/libintpos.a
   6243 	rm -f $usr/lib/libintpos.so.1
   6244 
   6245 	# Remove obsolete abi subdirectories
   6246 	if [ -d $usr/platform/*/lib/abi ]; then
   6247 		rm -rf $usr/platform/*/lib/abi
   6248 	fi
   6249 	rm -rf $usr/lib/gss/abi
   6250 	rm -rf $usr/lib/krb5/abi
   6251 	rm -rf $usr/xpg4/lib/abi
   6252 	rm -rf $usr/ucblib/abi
   6253 
   6254 	#
   6255 	# Remove old stuff related to libthread now that libthread has
   6256 	# been folded into libc and libthread_db has been renamed libc_db.
   6257 	# In addition, all the apptrace's tracing libraries (i.e., abi_*.so*),
   6258 	# spec2map and spec2trace are no longer needed, should be removed.
   6259 	rm -f	\
   6260 	    $usr/lib/mdb/proc/libthread.so		\
   6261 	    $usr/lib/mdb/proc/sparcv9/libthread.so	\
   6262 	    $usr/lib/abi/spec2map			\
   6263 	    $usr/lib/abi/spec2trace			\
   6264 	    $usr/lib/abi/abi_*.so*			\
   6265 	    $usr/lib/abi/sparcv9/abi_*.so*
   6266 
   6267 	#
   6268 	# Remove the old symlink /lib => usr/lib, if necessary.
   6269 	# /lib is now a real directory in the root filesystem.
   6270 	# Remove all of the old static libraries and commands now
   6271 	# that we no longer build them.  If this is a backwards
   6272 	# BFU, all this will all be extracted again by cpio.
   6273 	rm $root/lib 2>/dev/null
   6274 	rm -rf $usr/lib/pics
   6275 	rm -rf $usr/sbin/static
   6276 	rm -f	\
   6277 	    $usr/ccs/lib/libcurses.a			\
   6278 	    $usr/ccs/lib/libform.a			\
   6279 	    $usr/ccs/lib/libgen.a			\
   6280 	    $usr/ccs/lib/libl.a				\
   6281 	    $usr/ccs/lib/libmalloc.a			\
   6282 	    $usr/ccs/lib/libmenu.a			\
   6283 	    $usr/ccs/lib/libpanel.a			\
   6284 	    $usr/ccs/lib/libtermcap.a			\
   6285 	    $usr/ccs/lib/libtermlib.a			\
   6286 	    $usr/ccs/lib/liby.a				\
   6287 	    $usr/lib/lib300.a				\
   6288 	    $usr/lib/lib300s.a				\
   6289 	    $usr/lib/lib4014.a				\
   6290 	    $usr/lib/lib450.a				\
   6291 	    $usr/lib/libTL.a				\
   6292 	    $usr/lib/libadm.a				\
   6293 	    $usr/lib/libadt_jni.a			\
   6294 	    $usr/lib/libbsdmalloc.a			\
   6295 	    $usr/lib/libbsm.a				\
   6296 	    $usr/lib/libc.a				\
   6297 	    $usr/lib/libc2.a				\
   6298 	    $usr/lib/libc2stubs.a			\
   6299 	    $usr/lib/libcmd.a				\
   6300 	    $usr/lib/libcrypt.a				\
   6301 	    $usr/lib/libcrypt_d.a			\
   6302 	    $usr/lib/libcrypt_i.a			\
   6303 	    $usr/lib/libcurses.a			\
   6304 	    $usr/lib/libdevid.a				\
   6305 	    $usr/lib/libdevinfo.a			\
   6306 	    $usr/lib/libdhcpagent.a			\
   6307 	    $usr/lib/libdhcputil.a			\
   6308 	    $usr/lib/libdl_stubs.a			\
   6309 	    $usr/lib/libefi.a				\
   6310 	    $usr/lib/libelf.a				\
   6311 	    $usr/lib/libform.a				\
   6312 	    $usr/lib/libgen.a				\
   6313 	    $usr/lib/libgenIO.a				\
   6314 	    $usr/lib/libike.a				\
   6315 	    $usr/lib/libinetcfg.a			\
   6316 	    $usr/lib/libinetutil.a			\
   6317 	    $usr/lib/libintl.a				\
   6318 	    $usr/lib/libkstat.a				\
   6319 	    $usr/lib/libl.a				\
   6320 	    $usr/lib/libldfeature.a			\
   6321 	    $usr/lib/libmail.a				\
   6322 	    $usr/lib/libmalloc.a			\
   6323 	    $usr/lib/libmapmalloc.a			\
   6324 	    $usr/lib/libmenu.a				\
   6325 	    $usr/lib/libmeta.a				\
   6326 	    $usr/lib/libmp.a				\
   6327 	    $usr/lib/libnisdb.a				\
   6328 	    $usr/lib/libnls.a				\
   6329 	    $usr/lib/libnsl.a				\
   6330 	    $usr/lib/libnss_compat.a			\
   6331 	    $usr/lib/libnss_dns.a			\
   6332 	    $usr/lib/libnss_files.a			\
   6333 	    $usr/lib/libnss_nis.a			\
   6334 	    $usr/lib/libnss_nisplus.a			\
   6335 	    $usr/lib/libp/libc.a			\
   6336 	    $usr/lib/libpam.a				\
   6337 	    $usr/lib/libpanel.a				\
   6338 	    $usr/lib/libplot.a				\
   6339 	    $usr/lib/librac.a				\
   6340 	    $usr/lib/libresolv.a			\
   6341 	    $usr/lib/librpcsvc.a			\
   6342 	    $usr/lib/libsec.a				\
   6343 	    $usr/lib/libsendfile.a			\
   6344 	    $usr/lib/libsocket.a			\
   6345 	    $usr/lib/libstraddr.a			\
   6346 	    $usr/lib/libtermcap.a			\
   6347 	    $usr/lib/libtermlib.a			\
   6348 	    $usr/lib/libuuid.a				\
   6349 	    $usr/lib/libvolmgt.a			\
   6350 	    $usr/lib/libvt0.a				\
   6351 	    $usr/lib/libw.a				\
   6352 	    $usr/lib/liby.a				\
   6353 	    $usr/lib/null.a				\
   6354 	    $usr/lib/sparcv9/libadt_jni.a		\
   6355 	    $usr/lib/sparcv9/libinetutil.a		\
   6356 	    $usr/lib/sparcv9/libldfeature.a		\
   6357 	    $usr/lib/sparcv9/libsendfile.a		\
   6358 	    $usr/platform/sun4u/lib/libwrsmconf.a	\
   6359 	    $usr/ucblib/libcurses.a			\
   6360 	    $usr/ucblib/libdbm.a			\
   6361 	    $usr/ucblib/libtermcap.a			\
   6362 	    $usr/ucblib/libucb.a
   6363 
   6364 	#
   6365 	# Remove other obsolete files, too
   6366 	rm -f	\
   6367 	    $usr/include/table.h			\
   6368 	    $usr/include/libgenIO.h			\
   6369 	    $usr/include/sys/kd.h			\
   6370 	    $usr/lib/llib-lTL				\
   6371 	    $usr/lib/llib-lTL.ln
   6372 
   6373 	#
   6374 	# libc_psr.so.1 and libmd5_psr.so.1 have been moved
   6375 	# from /usr/platform/*/lib to /platform/*/lib.
   6376 	# Remove the old files and their containing directories
   6377 	rm -f $usr/platform/*/lib/libc_psr.so.1
   6378 	rm -f $usr/platform/*/lib/sparcv9/libc_psr.so.1
   6379 	rm -f $usr/platform/*/lib/libmd5_psr.so.1
   6380 	rm -f $usr/platform/*/lib/sparcv9/libmd5_psr.so.1
   6381 	rmdir $usr/platform/*/lib/sparcv9 2>/dev/null
   6382 	rmdir $usr/platform/*/lib 2>/dev/null
   6383 
   6384 	#
   6385 	# libmd5_psr.so.1 and symlinks to it have been replaced 
   6386 	# by libmd_psr.so.1 and thus need to be removed
   6387