1 #!/bin/ksh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 23 # 24 # Copyright 2009 Sun Microsystems, Inc. All rights reserved. 25 # Use is subject to license terms. 26 # 27 # Upgrade a machine from a cpio archive area in about 5 minutes. 28 # By Roger Faulkner and Jeff Bonwick, April 1993. 29 # (bfu == Bonwick/Faulkner Upgrade, a.k.a. Blindingly Fast Upgrade) 30 # 31 # Usage: bfu [-f] <archive_dir> [root-dir] # for normal machines 32 # bfu -c [-f] <archive_dir> <exec-dir> # for diskless clients 33 # 34 # The -f flag is to override the built-in safety check which requires 35 # that the starting-point OS be a least a certain revision. 36 # 37 # You have to be super-user. It's safest to run this from the 38 # system console, although I've run it under OW and even via 39 # remote login with no problems. 40 # 41 # You will have to reboot the system when the upgrade is complete. 42 # 43 # You should add any administrative files you care about to this list. 44 # Warning: there had better be no leading '/' on any of these filenames. 45 46 # 47 # The CDPATH variable causes ksh's `cd' builtin to emit messages to stdout 48 # under certain circumstances, which can really screw things up; unset it. 49 # 50 unset CDPATH 51 52 export LC_ALL="C" 53 54 if [ -z "$GATEPATH" ]; then 55 GATEPATH=/ws/onnv-gate 56 test -d $GATEPATH || GATEPATH=/net/onnv.eng/export/onnv-gate 57 fi 58 export GATE=${GATEPATH} 59 export ARCHIVE=${ARCHIVEPATH:-${GATEPATH}} 60 61 # 62 # NOTE: Entries in *_files must expand to either the exact files required, 63 # or to directories that will be scoured for files. Any directories 64 # (and subdirectories) resulting from a wildcard expansion will be 65 # fully recursed by BFU's searching for files. (E.g. /etc/inet/* will 66 # include all files in any of its directories, as well as any files in 67 # /etc/inet/ itself. 68 # 69 # These lists should really be generated automatically from the 70 # pkgmap(4) metadata. 71 # 72 73 # 74 # First list: files to be saved in global and non-global zones. 75 # 76 all_zones_files=" 77 etc/.login 78 etc/acct/holidays 79 etc/auto_* 80 etc/cron.d/at.deny 81 etc/cron.d/cron.deny 82 etc/crypto/pkcs11.conf 83 etc/default/* 84 etc/dev/reserved_devnames 85 etc/dfs/dfstab 86 etc/dumpdates 87 etc/ftpd/* 88 etc/ftpusers 89 etc/group 90 etc/gss/gsscred.conf 91 etc/gss/mech 92 etc/gss/qop 93 etc/inet/* 94 etc/init.d/* 95 etc/inittab 96 etc/ipf/ipf.conf 97 etc/iu.ap 98 etc/krb5/kadm5.acl 99 etc/krb5/kdc.conf 100 etc/krb5/kpropd.acl 101 etc/krb5/krb5.conf 102 etc/krb5/warn.conf 103 etc/ksh.kshrc 104 etc/logadm.conf 105 etc/logindevperm 106 etc/lp/Systems 107 etc/mail/*.cf 108 etc/mail/*.hf 109 etc/mail/*.rc 110 etc/mail/aliases 111 etc/mail/helpfile 112 etc/mail/local-host-names 113 etc/mail/trusted-users 114 etc/named.conf 115 etc/net/*/services 116 etc/netconfig 117 etc/nfs/nfslog.conf 118 etc/nfssec.conf 119 etc/nscd.conf 120 etc/nsswitch.* 121 etc/pam.conf 122 etc/passwd 123 etc/policy.conf 124 etc/printers.conf 125 etc/profile 126 etc/project 127 etc/publickey 128 etc/remote 129 etc/resolv.conf 130 etc/rmmount.conf 131 etc/rpc 132 etc/rpld.conf 133 etc/saf/_sactab 134 etc/saf/_sysconfig 135 etc/saf/zsmon/_pmtab 136 etc/security/audit_class 137 etc/security/audit_control 138 etc/security/audit_event 139 etc/security/audit_startup 140 etc/security/audit_user 141 etc/security/audit_warn 142 etc/security/auth_attr 143 etc/security/crypt.conf 144 etc/security/exec_attr 145 etc/security/policy.conf 146 etc/security/prof_attr 147 etc/sfw/openssl/openssl.cnf 148 etc/shadow 149 etc/skel/.profile 150 etc/skel/local.* 151 etc/ssh/ssh_config 152 etc/ssh/sshd_config 153 etc/syslog.conf 154 etc/ttydefs 155 etc/ttysrch 156 etc/user_attr 157 etc/uucp/[A-Z]* 158 etc/vfstab 159 var/smb/* 160 var/spool/cron/crontabs/* 161 var/yp/Makefile 162 var/yp/aliases 163 var/yp/nicknames 164 " 165 166 # 167 # Second list: files to be saved in the global zone only. 168 # 169 global_zone_only_files=" 170 boot/grub/menu.lst 171 boot/solaris/bootenv.rc 172 boot/solaris/devicedb/master 173 boot/solaris/filelist.ramdisk 174 etc/aggregation.conf 175 etc/bootrc 176 etc/crypto/kcf.conf 177 etc/devlink.tab 178 etc/dladm/* 179 etc/driver_aliases 180 etc/driver_classes 181 etc/lvm/devpath 182 etc/lvm/lock 183 etc/lvm/md.cf 184 etc/lvm/md.ctlrmap 185 etc/lvm/md.tab 186 etc/lvm/mddb.cf 187 etc/lvm/runtime.cf 188 etc/mach 189 etc/minor_perm 190 etc/name_to_major 191 etc/name_to_sysnum 192 etc/nca/nca.if 193 etc/nca/ncakmod.conf 194 etc/nca/ncalogd.conf 195 etc/nca/ncaport.conf 196 etc/openwin/server/etc/OWconfig 197 etc/path_to_inst 198 etc/power.conf 199 etc/ppp/chap-secrets 200 etc/ppp/options 201 etc/ppp/pap-secrets 202 etc/security/device_policy 203 etc/security/extra_privs 204 etc/security/tsol/devalloc_defaults 205 etc/security/tsol/label_encodings 206 etc/security/tsol/relabel 207 etc/security/tsol/tnrhdb 208 etc/security/tsol/tnrhtp 209 etc/security/tsol/tnzonecfg 210 etc/system 211 etc/zones/index 212 kernel/drv/aac.conf 213 kernel/drv/elxl.conf 214 kernel/drv/emlxs.conf 215 kernel/drv/fp.conf 216 kernel/drv/iscsi.conf 217 kernel/drv/md.conf 218 kernel/drv/mpt.conf 219 kernel/drv/mpt_sas.conf 220 kernel/drv/options.conf 221 kernel/drv/pmcs.conf 222 kernel/drv/qlc.conf 223 kernel/drv/ra.conf 224 kernel/drv/scsa2usb.conf 225 kernel/drv/scsi_vhci.conf 226 kernel/drv/sd.conf 227 kernel/drv/ssd.conf 228 platform/*/kernel/drv/*ppm.conf 229 platform/i86pc/kernel/drv/aha.conf 230 platform/i86pc/kernel/drv/asy.conf 231 platform/sun4u/boot.conf 232 " 233 234 # 235 # Third list: files extracted from generic.root but which belong in the global 236 # zone only: they are superfluous (and some even harmful) in nonglobal zones. 237 # 238 # (note: as /etc/init.d scripts are converted to smf(5) "Greenline" services, 239 # they (and their /etc/rc?.d hardlinks) should be removed from this list when 240 # they are added to smf_obsolete_rc_files, below) 241 # 242 superfluous_nonglobal_zone_files=" 243 dev/dsk 244 dev/fd 245 dev/pts 246 dev/rdsk 247 dev/rmt 248 dev/stderr 249 dev/stdin 250 dev/stdout 251 dev/swap 252 dev/term 253 dev/vt 254 devices 255 etc/dacf.conf 256 etc/dat 257 etc/default/metassist.xml 258 etc/default/power 259 etc/flash/postdeployment/svm.cleanup 260 etc/flash/predeployment/svm.save 261 etc/inet/ipqosconf.1.sample 262 etc/inet/ipqosconf.2.sample 263 etc/inet/ipqosconf.3.sample 264 etc/inet/sock2path 265 etc/init.d/devlinks 266 etc/init.d/dodatadm.udaplt 267 etc/init.d/drvconfig 268 etc/init.d/llc2 269 etc/init.d/ncakmod 270 etc/init.d/ncalogd 271 etc/init.d/pcmcia 272 etc/init.d/pppd 273 etc/init.d/wrsmcfg 274 etc/llc2 275 etc/lvm 276 etc/nca 277 etc/openwin 278 etc/ppp 279 etc/rc0.d/K34ncalogd 280 etc/rc0.d/K50pppd 281 etc/rc0.d/K52llc2 282 etc/rc1.d/K34ncalogd 283 etc/rc1.d/K50pppd 284 etc/rc1.d/K52llc2 285 etc/rc2.d/S40llc2 286 etc/rc2.d/S42ncakmod 287 etc/rc2.d/S47pppd 288 etc/rc2.d/S81dodatadm.udaplt 289 etc/rc2.d/S94ncalogd 290 etc/rcS.d/K34ncalogd 291 etc/rcS.d/K44wrsmcfg 292 etc/rcS.d/K50pppd 293 etc/rcS.d/K52llc2 294 etc/rcS.d/S29wrsmcfg 295 etc/rcm 296 etc/sock2path 297 etc/usb 298 etc/wrsm 299 etc/zones 300 kernel 301 lib/libmeta.so 302 lib/libmeta.so.1 303 lib/svc/method/devices-audio 304 lib/svc/method/fc-fabric 305 lib/svc/method/iscsi-initiator 306 lib/svc/method/ldoms-agents 307 lib/svc/method/npivconfig 308 lib/svc/method/sf880dr 309 lib/svc/method/svc-cvcd 310 lib/svc/method/svc-dcs 311 lib/svc/method/svc-drd 312 lib/svc/method/svc-dscp 313 lib/svc/method/svc-dumpadm 314 lib/svc/method/svc-fcoei 315 lib/svc/method/svc-fcoet 316 lib/svc/method/svc-intrd 317 lib/svc/method/svc-hal 318 lib/svc/method/svc-labeld 319 lib/svc/method/svc-mdmonitor 320 lib/svc/method/svc-metainit 321 lib/svc/method/svc-metasync 322 lib/svc/method/svc-oplhpd 323 lib/svc/method/svc-poold 324 lib/svc/method/svc-pools 325 lib/svc/method/svc-power 326 lib/svc/method/svc-resource-mgmt 327 lib/svc/method/svc-rmvolmgr 328 lib/svc/method/svc-scheduler 329 lib/svc/method/svc-sckmd 330 lib/svc/method/svc-stmf 331 lib/svc/method/svc-syseventd 332 lib/svc/method/svc-tnctl 333 lib/svc/method/svc-tnd 334 lib/svc/method/svc-vntsd 335 lib/svc/method/svc-zones 336 lib/svc/method/vtdaemon 337 platform/*/kernel 338 platform/SUNW,Sun-Fire-15000/lib/cvcd 339 platform/SUNW,Ultra-Enterprise-10000/lib/cvcd 340 platform/i86pc/biosint 341 platform/i86pc/multiboot 342 platform/sun4u/cprboot 343 platform/sun4u/lib/libwrsmconf.so 344 platform/sun4u/lib/libwrsmconf.so.1 345 platform/sun4u/lib/sparcv9/libwrsmconf.so 346 platform/sun4u/lib/sparcv9/libwrsmconf.so.1 347 platform/sun4u/sbin 348 platform/sun4u/wanboot 349 platform/sun4v/wanboot 350 sbin/metadb 351 sbin/metadevadm 352 sbin/metainit 353 sbin/metarecover 354 sbin/metastat 355 usr/include/sys/dcam 356 usr/lib/devfsadm/linkmod/SUNW_dcam1394_link.so 357 usr/lib/ldoms 358 usr/platform/SUNW,SPARC-Enterprise/lib/dscp.ppp.options 359 usr/platform/SUNW,SPARC-Enterprise/lib/libdscp.so 360 usr/platform/SUNW,SPARC-Enterprise/lib/libdscp.so.1 361 usr/platform/SUNW,SPARC-Enterprise/lib/llib-ldscp.ln 362 usr/platform/SUNW,SPARC-Enterprise/sbin/prtdscp 363 var/adm/pool 364 var/log/pool 365 var/svc/manifest/network/iscsi/iscsi-initiator.xml 366 var/svc/manifest/network/npiv_config.xml 367 var/svc/manifest/network/rpc/mdcomm.xml 368 var/svc/manifest/network/rpc/meta.xml 369 var/svc/manifest/network/rpc/metamed.xml 370 var/svc/manifest/network/rpc/metamh.xml 371 var/svc/manifest/network/tnctl.xml 372 var/svc/manifest/network/tnd.xml 373 var/svc/manifest/platform/i86pc/eeprom.xml 374 var/svc/manifest/platform/sun4u/dcs.xml 375 var/svc/manifest/platform/sun4u/dscp.xml 376 var/svc/manifest/platform/sun4u/efdaemon.xml 377 var/svc/manifest/platform/sun4u/oplhpd.xml 378 var/svc/manifest/platform/sun4u/sckmd.xml 379 var/svc/manifest/platform/sun4u/sf880drd.xml 380 var/svc/manifest/platform/sun4v 381 var/svc/manifest/system/cvc.xml 382 var/svc/manifest/system/device/devices-audio.xml 383 var/svc/manifest/system/device/devices-fc-fabric.xml 384 var/svc/manifest/system/dumpadm.xml 385 var/svc/manifest/system/fcoe_initiator.xml 386 var/svc/manifest/system/fcoe_target.xml 387 var/svc/manifest/system/filesystem/rmvolmgr.xml 388 var/svc/manifest/system/fmd.xml 389 var/svc/manifest/system/hal.xml 390 var/svc/manifest/system/intrd.xml 391 var/svc/manifest/system/labeld.xml 392 var/svc/manifest/system/mdmonitor.xml 393 var/svc/manifest/system/metainit.xml 394 var/svc/manifest/system/metasync.xml 395 var/svc/manifest/system/picl.xml 396 var/svc/manifest/system/poold.xml 397 var/svc/manifest/system/pools.xml 398 var/svc/manifest/system/power.xml 399 var/svc/manifest/system/resource-mgmt.xml 400 var/svc/manifest/system/scheduler.xml 401 var/svc/manifest/system/stmf.xml 402 var/svc/manifest/system/sysevent.xml 403 var/svc/manifest/system/vtdaemon.xml 404 var/svc/manifest/system/zones.xml 405 " 406 407 # 408 # Fourth list: files to be preserved, ie unconditionally restored to 409 # "child" versions 410 # 411 preserve_files=" 412 etc/hostid 413 kernel/misc/amd64/sysinit 414 kernel/misc/amd64/usbs49_fw 415 kernel/misc/sparcv9/usbs49_fw 416 kernel/misc/sysinit 417 kernel/misc/usbs49_fw 418 var/adm/aculog 419 var/adm/spellhist 420 var/adm/utmpx 421 var/adm/wtmpx 422 var/log/authlog 423 var/log/syslog 424 var/saf/zsmon/log 425 " 426 427 realmode_files=" 428 boot/solaris/bootenv.rc 429 boot/solaris/devicedb/master 430 " 431 432 # 433 # /usr/sadm/install/scripts/i.build class runs class client provided 434 # script. The files below are managed by build class and its build script. 435 # They are added /bfu.conflict/NEW and the acr.sh process runs the script 436 # as part of conflict resolution. 437 # 438 build_class_script_files=" 439 etc/mpapi.conf 440 etc/hba.conf 441 etc/ima.conf 442 " 443 444 fail() { 445 print "$*" >& 2 446 print "bfu aborting" >& 2 447 rm -f "$bfu_zone_list" 448 exit 1 449 } 450 451 filelist() { 452 files="$all_zones_files $preserve_files" 453 if [ $1 = "global" ]; then 454 files="$global_zone_only_files $files" 455 fi 456 find $files -depth -type f ! -name core -print 2>/dev/null | sort -u || { 457 # 458 # Force cpio to return non-zero by printing an error message 459 # to stdout that it won't be able to lstat(). 460 # 461 echo 'filelist: sort failed' 462 fail "sort failed" 463 } 464 } 465 466 realmode_filelist() { 467 find $realmode_files -depth -type f ! -name core -print 2>/dev/null | sort 468 } 469 470 smf_inetd_conversions=" 471 100134 472 100150 473 100155 474 100229 475 100230 476 100234 477 100242 478 100422 479 chargen 480 comsat 481 daytime 482 discard 483 echo 484 eklogin 485 exec 486 finger 487 ftp 488 gssd 489 klogin 490 krb5_prop 491 kshell 492 ktkt_warnd 493 login 494 metad 495 metamedd 496 metamhd 497 name 498 printer 499 rexd 500 rquotad 501 rstatd 502 rusersd 503 shell 504 smserverd 505 sprayd 506 sun-dr 507 talk 508 telnet 509 time 510 uucp 511 walld 512 " 513 514 enable_next_boot () { 515 if [ -x /tmp/bfubin/svccfg ]; then 516 svcadm disable -t $1 517 [ $? = 0 ] || echo "warning: unable to temporarily disable $1" 518 eval $BFUSVCCFG -s $1 setprop general/enabled = true 519 [ $? = 0 ] || echo "warning: unable to enable $1 for next boot" 520 fi 521 } 522 523 # 524 # If we're in the global zone, import the manifest for the specified service. 525 # Note that we will need to see whether we are in an smf root if we are using 526 # an alternate root. If so, import the service directly; otherwise, print the 527 # warning messages. 528 # 529 # $1: the path of the xml file (the related path to /var/svc/manifest) 530 # $2: the service name - specified only if the service is enabled after reboot. 531 # 532 smf_import_service() { 533 if [[ $zone = global && -f $rootprefix/var/svc/manifest/$1 ]]; then 534 if [[ -n $rootprefix && -x /usr/sbin/svccfg ]]; then 535 SVCCFG_REPOSITORY=$rootprefix/etc/svc/repository.db \ 536 /usr/sbin/svccfg import $rootprefix/var/svc/manifest/$1 537 elif [[ -n $rootprefix ]]; then 538 echo "Warning: This system does not have SMF, so I" 539 echo "cannot ensure the pre-import of $1. If it does" 540 echo "not work, reboot your alternate root to fix it." 541 elif [[ -x /tmp/bfubin/svccfg ]]; then 542 if [[ "${2}a" == a ]]; then 543 eval $BFUSVCCFG import /var/svc/manifest/$1 544 else 545 tmpfile=/tmp/`echo "$1" | tr / :`.$$ 546 sed -e "s/enabled='true'/enabled='false'/" \ 547 /var/svc/manifest/$1 > "$tmpfile" 548 eval $BFUSVCCFG import "$tmpfile" 549 # 550 # Make sure the service is enabled after reboot. 551 # 552 enable_next_boot $2 553 fi 554 fi 555 fi 556 } 557 558 smf_inetd_disable() { 559 inetconf=$rootprefix/etc/inet/inetd.conf 560 inettmp=/tmp/inetd.tmp.$$ 561 562 sed "$(for i in $smf_inetd_conversions; do 563 echo "s:^[ ]*$i[ /]:#SMFbfu# &:" 564 done)" $inetconf > $inettmp && ! cmp -s $inettmp $inetconf && 565 cp $inettmp $inetconf 566 567 rm -f -- $inettmp 568 } 569 570 smf_inetd_reenable() { 571 inetconf=$rootprefix/etc/inet/inetd.conf 572 inettmp=/tmp/inetd.tmp.$$ 573 574 sed 's/^#SMFbfu# //' $inetconf > $inettmp && cp $inettmp $inetconf 575 576 rm -f -- $inettmp 577 } 578 579 smf_tftp_reinstall() { 580 inetconf=$rootprefix/etc/inet/inetd.conf 581 inettmp=/tmp/inetd.tmp.$$ 582 583 if grep '^#SMFbfu# tftp' $inetconf >/dev/null ; then 584 # BFU previously commented out, put it back in place 585 sed 's/^#SMFbfu# tftp/tftp/' $inetconf > $inettmp && 586 cp $inettmp $inetconf 587 elif ! grep '^[# ]*tftp' $inetconf >/dev/null; then 588 # No entry, append to end 589 cat >>$inetconf <<EOF 590 # TFTPD - tftp server (primarily used for booting) 591 #tftp dgram udp6 wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot 592 EOF 593 fi 594 595 rm -f -- $inettmp 596 } 597 598 inetd_conf_svm_hack() { 599 # Since inetd.conf is updated by SUNWmdr's postinstall script, 600 # we will update the actual inetd.conf here to reflect the postinstall 601 # changes. 602 603 inetconf=$rootprefix/etc/inet/inetd.conf 604 inettmp=/tmp/inetd.tmp.$$ 605 inetnew=/tmp/inetd.new.$$ 606 607 # 608 # only change inetd.conf if the rpc.metad entry is out of date 609 # 610 611 if ! grep "^[# ]*100229/1-2" $inetconf > /dev/null ; then 612 613 # Grab existing rpc entries for rpc.metad 614 # and convert spaces to tabs within the rpc entry, as well as 615 # the transport method; 616 # or add a new entry in case there was none. 617 if grep "^[# ]*100229/1" $inetconf > /dev/null ; then 618 grep "^# METAD - SLVM metadb" $inetconf > $inettmp 619 grep "^[# ]*100229/1" $inetconf | \ 620 sed -e 's/[ ][ ]*/ /g' \ 621 -e 's?100229/1?100229/1-2?' >> $inettmp 622 else 623 echo '# METAD - SVM metadb Daemon' > $inettmp 624 echo "100229/1-2\ttli\trpc/tcp\twait\troot\t/usr/sbin/rpc.metad\trpc.metad" >> $inettmp 625 fi 626 627 grep -v '^# METAD - SLVM metadb' $inetconf | \ 628 grep -v '^[# ]*100229/1' > $inetnew 629 cat $inettmp >> $inetnew 630 631 if ! diff $inetnew $inetconf > /dev/null ; then 632 print "Updating inet.conf metad entry ... \c" 633 if cp $inetnew $inetconf ; then 634 print "done." 635 else 636 print "failed." 637 fi 638 fi 639 rm -f $inettmp $inetnew 640 fi 641 642 # 643 # only change inetd.conf if the rpc.mdcommd entry is out of date 644 # 645 646 if ! grep "^[# ]*100422/1" $inetconf > /dev/null ; then 647 648 # Grab existing rpc entries for rpc.mdcommd 649 # and convert spaces to tabs within the rpc entry, 650 # or add a new entry in case there was none. 651 if grep "^[# ]*100422/1" $inetconf > /dev/null ; then 652 grep "^# MDMN_COMMD - SVM Multi node" $inetconf > $inettmp 653 grep "^[# ]*100422/1" $inetconf | \ 654 sed -e 's/[ ][ ]*/ /g' >> $inettmp 655 else 656 echo '# MDMN_COMMD - SVM Multi node communication daemon' >$inettmp 657 echo '100422/1\ttli\trpc/tcp\twait\troot\t/usr/sbin/rpc.mdcommd\trpc.mdcommd' >> $inettmp 658 fi 659 660 grep -v '^# MDMN_COMMD - SVM Multi node' $inetconf | \ 661 grep -v '^[# ]*100422/1' > $inetnew 662 cat $inettmp >> $inetnew 663 664 if ! diff $inetnew $inetconf > /dev/null ; then 665 print "Updating inetd.conf rpc.mdcommd entry ... \c" 666 if cp $inetnew $inetconf; then 667 print "done." 668 else 669 print "failed." 670 fi 671 fi 672 673 rm -f $inettmp $inetnew 674 fi 675 } 676 677 upgrade_aggr_and_linkprop () { 678 # Since aggregation.conf and linkprop.conf are upgraded by 679 # SUNWcnetr's postinstall script, put the relevant portions of the 680 # postinstall script here, modified to rename the old files instead 681 # of removing them. 682 683 # 684 # Convert datalink configuration into a series of dladm(1M) commands 685 # and keep them in an upgrade script. This script will then be run 686 # in the network-physical service. 687 # 688 # Note that we cannot use the /var/svc/profile/upgrade script because 689 # that script is run in the manifest-import service which is too late 690 # for the datalink configuration. 691 # 692 UPGRADE_SCRIPT=/var/svc/profile/upgrade_datalink 693 694 AGGR_CONF=/etc/aggregation.conf 695 ORIG=$rootprefix$AGGR_CONF 696 if [[ ! -f $ORIG ]]; then 697 # Try the alternate location. 698 AGGR_CONF=/etc/dladm/aggregation.conf 699 ORIG=$rootprefix$AGGR_CONF 700 fi 701 702 if [[ -f $ORIG ]]; then 703 # Strip off comments, then each remaining line defines 704 # an aggregation the administrator configured on the old 705 # system. Each line corresponds to one dladm command 706 # that is appended to the upgrade script. 707 cat $ORIG | grep '^[^#]' | while read line; do 708 echo $line | while read aggr_index rest 709 do 710 policy=`echo $rest | /usr/bin/awk '{print $1}'` 711 nports=`echo $rest | /usr/bin/awk '{print $2}'` 712 ports=`echo $rest | /usr/bin/awk '{print $3}'` 713 mac=`echo $rest | /usr/bin/awk '{print $4}'` 714 lacp_mode=`echo $rest | /usr/bin/awk \ 715 '{print $5}'` 716 lacp_timer=`echo $rest | /usr/bin/awk \ 717 '{print $6}'` 718 dladm_string="dladm create-aggr -P $policy -l \ 719 $lacp_mode -T $lacp_timer" 720 # A fixed MAC address 721 if [[ $mac != "auto" ]]; then 722 dladm_string="$dladm_string -u $mac" 723 fi 724 i=1 725 while [ $i -le $nports ]; do 726 device=`echo $ports | cut -d, -f$i` 727 # Older aggregation.conf files have the 728 # format of device_name/port_number. 729 # We don't need the port number, so get 730 # rid of it if it is there. 731 device=`echo $device | cut -d/ -f1` 732 ((i = i + 1)) 733 dladm_string="$dladm_string -d \ 734 $device" 735 done 736 dladm_string="$dladm_string $aggr_index" 737 echo $dladm_string >> \ 738 $rootprefix$UPGRADE_SCRIPT 739 done 740 done 741 mv $ORIG $ORIG.bak 742 fi 743 744 # Upgrade linkprop.conf 745 ORIG=$rootprefix/etc/dladm/linkprop.conf 746 747 if [[ -f $ORIG ]]; then 748 # Strip off comments, then each remaining line lists 749 # properties the administrator configured for a 750 # particular interface. Each line includes several 751 # properties, but we can only set one property per 752 # dladm invocation. 753 cat $ORIG | grep '^[^#]' | while read line; do 754 echo $line | while read link rest 755 do 756 while [ -n "$rest" ]; do 757 linkprop=`echo $rest | cut -d";" -f1` 758 rest=`echo $rest | cut -d";" -f2-` 759 echo dladm set-linkprop -p $linkprop \ 760 $link >> $rootprefix$UPGRADE_SCRIPT 761 done 762 done 763 done 764 mv $ORIG $ORIG.bak 765 fi 766 } 767 768 upgrade_vlan () { 769 # Convert hostname.*** and zonecfg vlan configurations 770 UPGRADE_SCRIPT=/var/svc/profile/upgrade_datalink 771 772 for ifname in $host_ifs $zone_ifs 773 do 774 phys=`echo $ifname | sed "s/[0-9]*$//"` 775 devnum=`echo $ifname | sed "s/$phys//g"` 776 if [ "$phys$devnum" != $ifname -o \ 777 -n "`echo $devnum | tr -d '[0-9]'`" ]; then 778 echo "skipping invalid interface $ifname" 779 continue 780 fi 781 782 vid=`expr $devnum / 1000` 783 inst=`expr $devnum % 1000` 784 785 if [ "$vid" != "0" ]; then 786 echo dladm create-vlan -l $phys$inst -v $vid $ifname \ 787 >> $rootprefix$UPGRADE_SCRIPT 788 fi 789 done 790 } 791 792 # Update aac.conf for set legacy-name-enable properly 793 update_aac_conf() 794 { 795 conffile=$rootprefix/kernel/drv/aac.conf 796 childconffile=$rootprefix/bfu.child/kernel/drv/aac.conf 797 798 # Already using autoenumeration mode, return 799 egrep -s "legacy-name-enable" $childconffile && \ 800 grep "legacy-name-enable" $childconffile | egrep -s "no" && return 801 802 # Else enable legacy mode 803 sed -e 's/legacy-name-enable="no"/legacy-name-enable="yes"/g' \ 804 < $conffile > /tmp/aac.conf.$$ 805 mv -f /tmp/aac.conf.$$ $conffile 806 } 807 808 update_etc_inet_sock2path() 809 { 810 # 811 # The PF_PACKET module may need to be added to the configuration 812 # file socket sockets. 813 # 814 # When being added to the system, the socket itself will remain 815 # inactive until the next reboot when soconfig is run. When being 816 # removed, the kernel configuration stays active until the system 817 # is rebooted and the sockets will continue to work until it is 818 # unloaded from the kernel, after which applications will fail. 819 # 820 sockfile=$rootprefix/etc/inet/sock2path 821 xgrep=/usr/xpg4/bin/grep 822 823 ${ZCAT} ${cpiodir}/generic.usr$ZFIX | cpio -it 2>/dev/null | 824 ${xgrep} -q sockpfp 825 if [ $? -eq 1 ] ; then 826 ${xgrep} -v -E '^ 32 [14] 0 sockpfp' \ 827 ${sockfile} > /tmp/sock2path.tmp.$$ 828 cp /tmp/sock2path.tmp.$$ ${sockfile} 829 else 830 if ! ${xgrep} -q -E \ 831 '^ 31 [14] 0 sockpfp' ${sockfile}; then 832 echo '' >> ${sockfile} 833 echo ' 32 1 0 sockpfp' >> ${sockfile} 834 echo ' 32 4 0 sockpfp' >> ${sockfile} 835 fi 836 fi 837 } 838 839 # update x86 version mpt.conf for property tape 840 mpttapeprop='[ ]*tape[ ]*=[ ]*"sctp"[ ]*;' 841 update_mptconf_i386() 842 { 843 conffile=$rootprefix/kernel/drv/mpt.conf 844 test -f $conffile || return 845 egrep -s "$mpttapeprop" $conffile 846 if [ $? -ne 0 ] ; then 847 echo 'tape="sctp";' >> $conffile 848 fi 849 } 850 851 # update x86 etc/mach file after xVM_uppc is added, 852 # which makes xpv_psm a non-default psm module 853 update_etc_mach_i386() 854 { 855 etc_mach=$rootprefix/etc/mach 856 test -f $etc_mach || return 857 grep -w "xpv_psm" $etc_mach > /dev/null 2>&1 858 if [ $? -ne 0 ] ; then 859 echo 'xpv_psm' >> $etc_mach 860 fi 861 } 862 863 # check and update driver class for scsi-self-identifying 864 chk_update_drv_class() 865 { 866 867 drvclassfile=$rootprefix/etc/driver_classes 868 name2majorfile=$rootprefix/etc/name_to_major 869 drvname=$1 870 classentry="^$drvname[ ].*scsi-self-identifying" 871 872 [ -f $drvclassfile ] || return 873 [ -f $name2majorfile ] || return 874 875 grep -w $drvname $name2majorfile > /dev/null 2>&1 || return 876 877 egrep -s "$classentry" $drvclassfile 878 if [ $? -ne 0 ]; then 879 echo "$drvname scsi-self-identifying" >> $drvclassfile 880 fi 881 } 882 883 update_drvclass_i386() 884 { 885 chk_update_drv_class ahci 886 chk_update_drv_class si3124 887 chk_update_drv_class marvell88sx 888 chk_update_drv_class nv_sata 889 } 890 891 update_policy_conf() { 892 # update /etc/security/policy.conf with the default 893 # Solaris crypt(3c) policy. 894 895 dest=$rootprefix/etc/security/policy.conf 896 897 grep 'CRYPT_' $dest > /dev/null 2>&1 898 if [ $? = 1 ] ; then 899 print "Updating entries for crypt(3c), see policy.conf(4)" 900 cat >> $dest <<EOM 901 902 # crypt(3c) Algorithms Configuration 903 # 904 # CRYPT_ALGORITHMS_ALLOW specifies the algorithms that are allowed to 905 # be used for new passwords. This is enforced only in crypt_gensalt(3c). 906 # 907 CRYPT_ALGORITHMS_ALLOW=1,2a,md5 908 909 # To deprecate use of the traditional unix algorithm, uncomment below 910 # and change CRYPT_DEFAULT= to another algorithm. For example, 911 # CRYPT_DEFAULT=1 for BSD/Linux MD5. 912 # 913 #CRYPT_ALGORITHMS_DEPRECATE=__unix__ 914 915 # The Solaris default is the traditional UNIX algorithm. This is not 916 # listed in crypt.conf(4) since it is internal to libc. The reserved 917 # name __unix__ is used to refer to it. 918 # 919 CRYPT_DEFAULT=__unix__ 920 EOM 921 fi 922 grep PRIV_ $dest >/dev/null 2>&1 923 if [ $? = 1 ]; then 924 echo "Updating entries for privileges(5)," \ 925 "see policy.conf(4) for details." 926 cat >> $dest <<EOM 927 # 928 # These settings determine the default privileges users have. If not set, 929 # the default privileges are taken from the inherited set. 930 # There are two different settings; PRIV_DEFAULT determines the default 931 # set on login; PRIV_LIMIT defines the Limit set on login. 932 # Individual users can have privileges assigned or taken away through 933 # user_attr. Privileges can also be assigned to profiles in which case 934 # the users with those profiles can use those privileges through pfexec(1m). 935 # For maximum future compatibility, the specifications should 936 # always include "basic" or "all"; privileges should then be removed using 937 # the negation. E.g., PRIV_LIMIT=all,!sys_linkdir takes away only the 938 # sys_linkdir privilege, regardless of future additional privileges. 939 # Similarly, PRIV_DEFAULT=basic,!file_link_any takes away only the 940 # file_link_any privilege from the basic privilege set; only that notation 941 # is immune from a future addition of currently unprivileged operations to 942 # the basic privilege set. 943 # NOTE: removing privileges from the the Limit set requires EXTREME care 944 # as any set-uid root program may suddenly fail because it lacks certain 945 # privilege(s). 946 # 947 #PRIV_DEFAULT=basic 948 #PRIV_LIMIT=all 949 EOM 950 fi 951 952 } 953 954 # 955 # Cleanup nfsmapid configuration before extracting 956 # root bits. Remove if they exist: 957 # nfsmapid entry in inetd.conf 958 # nfsmapid entry in /etc/net/ti*/services 959 # 960 # Going forward neither should exist, but no harm if services entry exists 961 # Going way backwards (pre-04/28/2004), inetd.conf must exist but will 962 # be a conflict that should be merged in 963 # 964 nfsmapid_cfg() { 965 inetdconf=$rootprefix/etc/inet/inetd.conf 966 tmpinetcf=/tmp/inetd.conf.$$ 967 cp -pf ${inetdconf} ${tmpinetcf} 968 cat /dev/null > ${inetdconf} 2>&1 969 sed -e "/^#[# ]*NFSv4/d" \ 970 -e "/^[# ]*100166\/1/d" \ 971 ${tmpinetcf} > ${inetdconf} 2>&1 972 rm -f ${tmpinetcf} 973 974 tmpservices=/tmp/services.$$ 975 976 services=$rootprefix/etc/net/ticotsord/services 977 cp -pf ${services} ${tmpservices} 978 cat /dev/null > ${services} 2>&1 979 sed -e "/^[# ]*nfsmapid/d" \ 980 ${tmpservices} > ${services} 2>&1 981 rm -f ${tmpservices} 982 983 services=$rootprefix/etc/net/ticots/services 984 cp -pf ${services} ${tmpservices} 985 cat /dev/null > ${services} 2>&1 986 sed -e "/^[# ]*nfsmapid/d" \ 987 ${tmpservices} > ${services} 2>&1 988 rm -f ${tmpservices} 989 990 services=$rootprefix/etc/net/ticlts/services 991 cp -pf ${services} ${tmpservices} 992 cat /dev/null > ${services} 2>&1 993 sed -e "/^[# ]*nfsmapid/d" \ 994 ${tmpservices} > ${services} 2>&1 995 rm -f ${tmpservices} 996 } 997 998 # 999 # Detect Boomer audio framework; used to emit a notice at the end of BFU 1000 # telling the user to run update_audio to complete the upgrade. 1001 # 1002 BOOMER_PRESENT_SYS=false 1003 BOOMER_PRESENT_BFU=false 1004 BOOMER_DRIVERS="audio" 1005 AUSTR_PRESENT_SYS=false 1006 AUSTR_PRESENT_BFU=false 1007 1008 check_boomer_sys() { 1009 typeset root=$1 1010 typeset n2m=$root/etc/name_to_major 1011 typeset drv 1012 1013 for drv in $BOOMER_DRIVERS; do 1014 if ! grep -w $drv $n2m > /dev/null 2>&1; then 1015 return 1 1016 fi 1017 done 1018 1019 return 0 1020 } 1021 1022 check_boomer_bfu() { 1023 $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | 1024 grep devices-audio.xml > /dev/null 2>&1 1025 } 1026 1027 check_austr_sys() { 1028 typeset root=$1 1029 typeset n2m=$root/etc/name_to_major 1030 typeset drv 1031 1032 if ! grep -w austr $n2m > /dev/null 2>&1; then 1033 return 1 1034 fi 1035 return 0 1036 } 1037 1038 check_austr_bfu() { 1039 $ZCAT $cpiodir/generic.kernel$ZFIX | cpio -it 2>/dev/null | 1040 grep austr > /dev/null 2>&1 1041 } 1042 1043 # 1044 # 1045 # Define global variables 1046 # 1047 CALL_DEVID_DESTROY="" 1048 # 1049 # List of SDS commands that must be deleted. 1050 # 1051 SDSCMDLIST=" 1052 growfs 1053 metaclear 1054 metadb 1055 metadetach 1056 metahs 1057 metainit 1058 metaoffline 1059 metaonline 1060 metaparam 1061 metarename 1062 metareplace 1063 metaroot 1064 metaset 1065 metastat 1066 metasync 1067 metattach 1068 rpc.metad 1069 rpc.metamhd 1070 " 1071 # 1072 # List of SDS configuration files that must be deleted. 1073 # 1074 SDSCONFIGLIST=" 1075 lock 1076 md.cf 1077 mddb.cf 1078 md.tab 1079 devpath 1080 md.ctlrmap 1081 " 1082 # 1083 # List of rc scripts that must be deleted. 1084 # 1085 RCLIST=" 1086 etc/init.d/SUNWmd.init 1087 etc/init.d/SUNWmd.sync 1088 etc/init.d/lvm.init 1089 etc/init.d/lvm.sync 1090 etc/rcS.d/S35SUNWmd.init 1091 etc/rcS.d/S35lvm.init 1092 etc/rc2.d/S95SUNWmd.sync 1093 etc/rc2.d/S95lvm.sync 1094 etc/rcS.d/S35slvm.init 1095 etc/rc2.d/S95slvm.sync 1096 etc/init.d/slvm.init 1097 etc/init.d/slvm.sync 1098 etc/init.d/init.mdlogd 1099 etc/rc3.d/S25mdlogd 1100 " 1101 # 1102 # List of flashprom-related files that must be deleted. 1103 # 1104 FLASHPROMLIST=" 1105 etc/rc2.d/S75flashprom 1106 etc/init.d/flashprom 1107 usr/platform/SUNW,Ultra-2/lib/flash-update.sh 1108 usr/platform/SUNW,Ultra-4/lib/flash-update.sh 1109 usr/platform/SUNW,Ultra-Enterprise/lib/flash-update.sh 1110 usr/platform/sun4u/doc/flashupdate.txt 1111 usr/platform/sun4u/lib/flash-update.sh 1112 usr/platform/sun4u/lib/prom/SUNW,Ultra-2 1113 usr/platform/sun4u/lib/prom/SUNW,Ultra-4 1114 usr/platform/sun4u/lib/prom/SUNW,Ultra-Enterprise 1115 " 1116 1117 # 1118 # delete the entries associated with bootlist from /etc/system 1119 # 1120 1121 delete_system_bootlist() { 1122 sed -e /"Begin MDD database info"/,/"End MDD database info"/d \ 1123 < ${SYSTEM_FILE} > /tmp/system.$$ 1124 cp /tmp/system.$$ ${SYSTEM_FILE} || \ 1125 echo "copy error: /tmp/system.$$ to ${SYSTEM_FILE}" 1126 } 1127 1128 # 1129 # Add entries in md.conf for bootlist 1130 # 1131 1132 fix_mdconf() { 1133 cp ${mdconf} /tmp/md.conf.$$ 1134 echo >> /tmp/md.conf.$$ 1135 echo "# Begin MDD database info (do not edit)" >> /tmp/md.conf.$$ 1136 sed -e 's/^set md://' -e 's/$/;/' ${SYSTEM_FILE} | \ 1137 grep mddb_bootlist >> /tmp/md.conf.$$ 1138 echo "# End MDD database info (do not edit)" >> /tmp/md.conf.$$ 1139 cp /tmp/md.conf.$$ ${mdconf} || \ 1140 echo "copy error: /tmp/md.conf.$$ to ${mdconf}" 1141 } 1142 1143 # 1144 # add_devid_destroy(filename) 1145 # returns contents in filename 1146 # md_devid_destroy property is required when upgrading 1147 # from pre SVM to SVM releases or when the device ID returned from 1148 # the driver changes. 1149 # It is specifically placed between 1150 # # Begin MDD database info and # End MDD database info because 1151 # on the subsequent reboot, this line will be removed automatically when 1152 # metadevadm is run in rc2.d. 1153 # 1154 add_devid_destroy() { 1155 cat $1 | awk '{ 1156 if ( $2 == "End" && $4 == "database") { 1157 print "md_devid_destroy=1;" 1158 } 1159 print $0 1160 }' >> /tmp/t$$ 1161 mv /tmp/t$$ $1 1162 } 1163 1164 # 1165 # Reads existing configuration values in /etc/rcap.conf and puts 1166 # them in repository upon reboot(via /var/svc/profile/upgrade). 1167 # 1168 migrate_rcap_conf() { 1169 RCAP_CONF="${rootprefix}/etc/rcap.conf" 1170 PROFILE_UPGRADE="${rootprefix}/var/svc/profile/upgrade" 1171 SVCCFG="/usr/sbin/svccfg" 1172 RCAP_FMRI="svc:/system/rcap:default" 1173 PG="config" 1174 1175 pressure=`awk '$1 == "RCAPD_MEMORY_CAP_ENFORCEMENT_PRESSURE" \ 1176 && NF == 3 {print $3}' $RCAP_CONF` 1177 1178 reconfig_int=`awk '$1 == "RCAPD_RECONFIGURATION_INTERVAL" \ 1179 && NF == 3 {print $3}' $RCAP_CONF` 1180 1181 walk_int=`awk '$1 == "RCAPD_PROC_WALK_INTERVAL" && \ 1182 NF == 3 {print $3}' $RCAP_CONF` 1183 1184 report_int=`awk '$1 == "RCAPD_REPORT_INTERVAL" && \ 1185 NF == 3 {print $3}' $RCAP_CONF` 1186 1187 rss_sample_int=`awk '$1 == "RCAPD_RSS_SAMPLE_INTERVAL" && \ 1188 NF == 3 {print $3}' $RCAP_CONF` 1189 1190 # Blindly update default configuration values with 1191 # pre-existing values 1192 # 1193 echo "# Migrating pre-existing rcap configuration" >> \ 1194 $PROFILE_UPGRADE 1195 1196 echo "$SVCCFG -s $RCAP_FMRI setprop ${PG}/pressure = " \ 1197 "$pressure" >> $PROFILE_UPGRADE 1198 1199 echo "$SVCCFG -s $RCAP_FMRI " \ 1200 "setprop ${PG}/reconfig_interval = $reconfig_int" >> \ 1201 $PROFILE_UPGRADE 1202 1203 echo "$SVCCFG -s $RCAP_FMRI " \ 1204 "setprop ${PG}/walk_interval = $walk_int" >> \ 1205 $PROFILE_UPGRADE 1206 1207 echo "$SVCCFG -s $RCAP_FMRI " \ 1208 "setprop ${PG}/report_interval = $report_int" >> \ 1209 $PROFILE_UPGRADE 1210 1211 echo "$SVCCFG -s $RCAP_FMRI " \ 1212 "setprop ${PG}/rss_sample_interval = $rss_sample_int" >> \ 1213 $PROFILE_UPGRADE 1214 1215 echo "/usr/sbin/svcadm refresh $RCAP_FMRI" >> \ 1216 $PROFILE_UPGRADE 1217 1218 echo "rm /etc/rcap.conf" >> \ 1219 $PROFILE_UPGRADE 1220 } 1221 1222 # 1223 # Migrate an existing extended accounting configuration from /etc/acctadm.conf 1224 # to the smf(5) repository upon reboot. Enable the instance if the 1225 # configuration differs from the default configuration. 1226 # 1227 migrate_acctadm_conf() 1228 { 1229 cat >> $rootprefix/var/svc/profile/upgrade <<\_EOF 1230 if [ -f /etc/acctadm.conf ]; then 1231 . /etc/acctadm.conf 1232 1233 fmri="svc:/system/extended-accounting:flow" 1234 eval $BFUSVCCFG -s $fmri setprop config/file = \ 1235 ${ACCTADM_FLOW_FILE:="none"} 1236 eval $BFUSVCCFG -s $fmri setprop config/tracked = \ 1237 ${ACCTADM_FLOW_TRACKED:="none"} 1238 eval $BFUSVCCFG -s $fmri setprop config/untracked = \ 1239 ${ACCTADM_FLOW_UNTRACKED:="extended"} 1240 if [ ${ACCTADM_FLOW_ENABLE:="no"} = "yes" ]; then 1241 eval $BFUSVCCFG -s $fmri setprop config/enabled = "true" 1242 else 1243 eval $BFUSVCCFG -s $fmri setprop config/enabled = "false" 1244 fi 1245 if [ $ACCTADM_FLOW_ENABLE = "yes" -o \ 1246 $ACCTADM_FLOW_FILE != "none" -o \ 1247 $ACCTADM_FLOW_TRACKED != "none" ]; then 1248 svcadm enable $fmri 1249 fi 1250 1251 fmri="svc:/system/extended-accounting:process" 1252 eval $BFUSVCCFG -s $fmri setprop config/file = \ 1253 ${ACCTADM_PROC_FILE:="none"} 1254 eval $BFUSVCCFG -s $fmri setprop config/tracked = \ 1255 ${ACCTADM_PROC_TRACKED:="none"} 1256 eval $BFUSVCCFG -s $fmri setprop config/untracked = \ 1257 ${ACCTADM_PROC_UNTRACKED:="extended"} 1258 if [ ${ACCTADM_PROC_ENABLE:="no"} = "yes" ]; then 1259 eval $BFUSVCCFG -s $fmri setprop config/enabled = "true" 1260 else 1261 eval $BFUSVCCFG -s $fmri setprop config/enabled = "false" 1262 fi 1263 if [ $ACCTADM_PROC_ENABLE = "yes" -o \ 1264 $ACCTADM_PROC_FILE != "none" -o \ 1265 $ACCTADM_PROC_TRACKED != "none" ]; then 1266 svcadm enable $fmri 1267 fi 1268 1269 fmri="svc:/system/extended-accounting:task" 1270 eval $BFUSVCCFG -s $fmri setprop config/file = \ 1271 ${ACCTADM_TASK_FILE:="none"} 1272 eval $BFUSVCCFG -s $fmri setprop config/tracked = \ 1273 ${ACCTADM_TASK_TRACKED:="none"} 1274 eval $BFUSVCCFG -s $fmri setprop config/untracked = \ 1275 ${ACCTADM_TASK_UNTRACKED:="extended"} 1276 if [ ${ACCTADM_TASK_ENABLE:="no"} = "yes" ]; then 1277 eval $BFUSVCCFG -s $fmri setprop config/enabled = "true" 1278 else 1279 eval $BFUSVCCFG -s $fmri setprop config/enabled = "false" 1280 fi 1281 if [ $ACCTADM_TASK_ENABLE = "yes" -o \ 1282 $ACCTADM_TASK_FILE != "none" -o \ 1283 $ACCTADM_TASK_TRACKED != "none" ]; then 1284 svcadm enable $fmri 1285 fi 1286 1287 fmri="svc:/system/extended-accounting:net" 1288 eval $BFUSVCCFG -s $fmri setprop config/file = \ 1289 ${ACCTADM_NET_FILE:="none"} 1290 eval $BFUSVCCFG -s $fmri setprop config/tracked = \ 1291 ${ACCTADM_NET_TRACKED:="none"} 1292 eval $BFUSVCCFG -s $fmri setprop config/untracked = \ 1293 ${ACCTADM_NET_UNTRACKED:="extended"} 1294 if [ ${ACCTADM_NET_ENABLE:="no"} = "yes" ]; then 1295 eval $BFUSVCCFG -s $fmri setprop config/enabled = "true" 1296 else 1297 eval $BFUSVCCFG -s $fmri setprop config/enabled = "false" 1298 fi 1299 if [ $ACCTADM_NET_ENABLE = "yes" -o \ 1300 $ACCTADM_NET_FILE != "none" -o \ 1301 $ACCTADM_NET_TRACKED != "none" ]; then 1302 svcadm enable $fmri 1303 fi 1304 1305 rm /etc/acctadm.conf 1306 fi 1307 _EOF 1308 } 1309 1310 # 1311 # smf(5) "Greenline" doesn't install the init.d or rc*.d scripts for 1312 # converted services. Clean up previous scripts for such services. 1313 # 1314 smf_obsolete_rc_files=" 1315 etc/init.d/ANNOUNCE 1316 etc/init.d/MOUNTFSYS 1317 etc/init.d/RMTMPFILES 1318 etc/init.d/acctadm 1319 etc/init.d/audit 1320 etc/init.d/autofs 1321 etc/init.d/boot.server 1322 etc/init.d/coreadm 1323 etc/init.d/cron 1324 etc/init.d/cryptosvc 1325 etc/init.d/cvc 1326 etc/init.d/devfsadm 1327 etc/init.d/dhcp 1328 etc/init.d/dhcpagent 1329 etc/init.d/domainname 1330 etc/init.d/efcode 1331 etc/init.d/inetd 1332 etc/init.d/inetinit 1333 etc/init.d/inetsvc 1334 etc/init.d/initboot 1335 etc/init.d/ipfboot 1336 etc/init.d/kdc 1337 etc/init.d/kdc.master 1338 etc/init.d/keymap 1339 etc/init.d/ldap.client 1340 etc/init.d/libc.mount 1341 etc/init.d/network 1342 etc/init.d/nfs.client 1343 etc/init.d/nodename 1344 etc/init.d/nscd 1345 etc/init.d/perf 1346 etc/init.d/picld 1347 etc/init.d/power 1348 etc/init.d/rcapd 1349 etc/init.d/rootusr 1350 etc/init.d/rpc 1351 etc/init.d/savecore 1352 etc/init.d/sckm 1353 etc/init.d/sf880dr 1354 etc/init.d/slpd 1355 etc/init.d/sshd 1356 etc/init.d/standardmounts 1357 etc/init.d/svm.init 1358 etc/init.d/svm.sync 1359 etc/init.d/sysid.net 1360 etc/init.d/sysid.sys 1361 etc/init.d/syslog 1362 etc/init.d/utmpd 1363 etc/init.d/volmgt 1364 etc/init.d/xntpd 1365 etc/init.d/zones 1366 etc/rc0.d/K00ANNOUNCE 1367 etc/rc0.d/K01zones 1368 etc/rc0.d/K03sshd 1369 etc/rc0.d/K05volmgt 1370 etc/rc0.d/K07snmpdx 1371 etc/rc0.d/K10rcapd 1372 etc/rc0.d/K21dhcp 1373 etc/rc0.d/K27boot.server 1374 etc/rc0.d/K28kdc 1375 etc/rc0.d/K28kdc.master 1376 etc/rc0.d/K28nfs.server 1377 etc/rc0.d/K32cryptosvc 1378 etc/rc0.d/K33audit 1379 etc/rc0.d/K33efcode 1380 etc/rc0.d/K34svm.sync 1381 etc/rc0.d/K36sendmail 1382 etc/rc0.d/K36utmpd 1383 etc/rc0.d/K37power 1384 etc/rc0.d/K40cron 1385 etc/rc0.d/K40inetd 1386 etc/rc0.d/K40nscd 1387 etc/rc0.d/K40sf880dr 1388 etc/rc0.d/K40slpd 1389 etc/rc0.d/K40syslog 1390 etc/rc0.d/K40xntpd 1391 etc/rc0.d/K41autofs 1392 etc/rc0.d/K41ldap.client 1393 etc/rc0.d/K41nfs.client 1394 etc/rc0.d/K41rpc 1395 etc/rc0.d/K42sckm 1396 etc/rc0.d/K43inet 1397 etc/rc0.d/K68picld 1398 etc/rc0.d/K83devfsadm 1399 etc/rc0.d/K90dhcpagent 1400 etc/rc1.d/K00ANNOUNCE 1401 etc/rc1.d/K01zones 1402 etc/rc1.d/K03sshd 1403 etc/rc1.d/K05volmgt 1404 etc/rc1.d/K07snmpdx 1405 etc/rc1.d/K10rcapd 1406 etc/rc1.d/K21dhcp 1407 etc/rc1.d/K27boot.server 1408 etc/rc1.d/K28kdc 1409 etc/rc1.d/K28kdc.master 1410 etc/rc1.d/K28nfs.server 1411 etc/rc1.d/K33audit 1412 etc/rc1.d/K33efcode 1413 etc/rc1.d/K34svm.sync 1414 etc/rc1.d/K36sendmail 1415 etc/rc1.d/K36utmpd 1416 etc/rc1.d/K37power 1417 etc/rc1.d/K40cron 1418 etc/rc1.d/K40inetd 1419 etc/rc1.d/K40nscd 1420 etc/rc1.d/K40sf880dr 1421 etc/rc1.d/K40slpd 1422 etc/rc1.d/K40syslog 1423 etc/rc1.d/K40xntpd 1424 etc/rc1.d/K41autofs 1425 etc/rc1.d/K41ldap.client 1426 etc/rc1.d/K41rpc 1427 etc/rc1.d/K42sckm 1428 etc/rc1.d/K43inet 1429 etc/rc1.d/K99libc.mount 1430 etc/rc1.d/S01MOUNTFSYS 1431 etc/rc2.d/K01zones 1432 etc/rc2.d/K03sshd 1433 etc/rc2.d/K05volmgt 1434 etc/rc2.d/K07snmpdx 1435 etc/rc2.d/K21dhcp 1436 etc/rc2.d/K27boot.server 1437 etc/rc2.d/K28kdc 1438 etc/rc2.d/K28kdc.master 1439 etc/rc2.d/K28nfs.server 1440 etc/rc2.d/S01MOUNTFSYS 1441 etc/rc2.d/S05RMTMPFILES 1442 etc/rc2.d/S21perf 1443 etc/rc2.d/S30sysid.net 1444 etc/rc2.d/S65ipfboot 1445 etc/rc2.d/S69domainname 1446 etc/rc2.d/S69inet 1447 etc/rc2.d/S70sckm 1448 etc/rc2.d/S71ldap.client 1449 etc/rc2.d/S71rpc 1450 etc/rc2.d/S71sysid.sys 1451 etc/rc2.d/S72inetsvc 1452 etc/rc2.d/S72slpd 1453 etc/rc2.d/S73nfs.client 1454 etc/rc2.d/S74autofs 1455 etc/rc2.d/S74syslog 1456 etc/rc2.d/S74xntpd 1457 etc/rc2.d/S75cron 1458 etc/rc2.d/S75savecore 1459 etc/rc2.d/S76nscd 1460 etc/rc2.d/S77inetd 1461 etc/rc2.d/S77sf880dr 1462 etc/rc2.d/S85power 1463 etc/rc2.d/S88sendmail 1464 etc/rc2.d/S88utmpd 1465 etc/rc2.d/S95svm.sync 1466 etc/rc2.d/S98efcode 1467 etc/rc2.d/S98libc.mount 1468 etc/rc2.d/S99audit 1469 etc/rc2.d/S99rcapd 1470 etc/rc3.d/S13kdc.master 1471 etc/rc3.d/S14kdc 1472 etc/rc3.d/S15nfs.server 1473 etc/rc3.d/S16boot.server 1474 etc/rc3.d/S34dhcp 1475 etc/rc3.d/S76snmpdx 1476 etc/rc3.d/S81volmgt 1477 etc/rc3.d/S89sshd 1478 etc/rc3.d/S99zones 1479 etc/rcS.d/K01zones 1480 etc/rcS.d/K03sshd 1481 etc/rcS.d/K05volmgt 1482 etc/rcS.d/K07snmpdx 1483 etc/rcS.d/K10rcapd 1484 etc/rcS.d/K21dhcp 1485 etc/rcS.d/K27boot.server 1486 etc/rcS.d/K28kdc 1487 etc/rcS.d/K28kdc.master 1488 etc/rcS.d/K28nfs.server 1489 etc/rcS.d/K33audit 1490 etc/rcS.d/K33efcode 1491 etc/rcS.d/K34svm.sync 1492 etc/rcS.d/K36sendmail 1493 etc/rcS.d/K36utmpd 1494 etc/rcS.d/K37power 1495 etc/rcS.d/K40cron 1496 etc/rcS.d/K40inetd 1497 etc/rcS.d/K40nscd 1498 etc/rcS.d/K40sf880dr 1499 etc/rcS.d/K40slpd 1500 etc/rcS.d/K40syslog 1501 etc/rcS.d/K40xntpd 1502 etc/rcS.d/K41autofs 1503 etc/rcS.d/K41ldap.client 1504 etc/rcS.d/K41rpc 1505 etc/rcS.d/K42sckm 1506 etc/rcS.d/K43inet 1507 etc/rcS.d/K99libc.mount 1508 etc/rcS.d/S10cvc 1509 etc/rcS.d/S28network.sh 1510 etc/rcS.d/S29nodename.sh 1511 etc/rcS.d/S30rootusr.sh 1512 etc/rcS.d/S33keymap.sh 1513 etc/rcS.d/S35svm.init 1514 etc/rcS.d/S40standardmounts.sh 1515 etc/rcS.d/S42coreadm 1516 etc/rcS.d/S45initboot 1517 etc/rcS.d/S50devfsadm 1518 etc/rcS.d/S72cryptosvc 1519 etc/rcS.d/S95picld 1520 " 1521 1522 # Obsolete smf manifests 1523 smf_obsolete_manifests=" 1524 var/svc/manifest/application/print/cleanup.xml 1525 var/svc/manifest/network/tftp.xml 1526 var/svc/manifest/network/lp.xml 1527 var/svc/manifest/system/filesystem/volfs.xml 1528 var/svc/manifest/network/pfil.xml 1529 var/svc/manifest/platform/sun4u/mpxio-upgrade.xml 1530 var/svc/manifest/network/tname.xml 1531 var/svc/manifest/network/aggregation.xml 1532 var/svc/manifest/network/datalink.xml 1533 var/svc/manifest/network/datalink-init.xml 1534 var/svc/manifest/network/iscsi_initiator.xml 1535 var/svc/manifest/network/fcoe_config.xml 1536 var/svc/manifest/network/rpc/ocfserv.xml 1537 " 1538 1539 # smf services whose manifests have been renamed 1540 smf_renamed_manifests=" 1541 var/svc/manifest/milestone/name-service.xml 1542 var/svc/manifest/system/filesystem/boot-archive.xml 1543 " 1544 1545 # Obsolete smf methods 1546 smf_obsolete_methods=" 1547 lib/svc/method/print-cleanup 1548 lib/svc/method/print-server 1549 lib/svc/method/svc-volfs 1550 lib/svc/method/pfil 1551 lib/svc/method/aggregation 1552 lib/svc/method/datalink 1553 lib/svc/method/datalink-init 1554 lib/svc/method/svc-kdc 1555 lib/svc/method/svc-kdc.master 1556 lib/svc/method/svc-kdc.slave 1557 lib/svc/share/krb_include.sh 1558 lib/svc/method/iscsid 1559 lib/svc/method/fcoeconfig 1560 " 1561 1562 smf_cleanup () { 1563 ( 1564 cd $root; 1565 print "Removing obsolete rc.d scripts ... \c" 1566 rm -f $smf_obsolete_rc_files 1567 print "done." 1568 ) 1569 } 1570 1571 smf_new_profiles () { 1572 [[ "$bfu_isa" = "sparc" ]] || return 0 1573 1574 [[ -x /tmp/bfubin/svccfg ]] || return 0 1575 1576 print "Clearing platform profile hash ..." 1577 1578 # platform_SUNW,Sun-Fire.xml (and other new and 1579 # corrected platforms) were delivered in Build 68. 1580 if [ ! -f \ 1581 $rootprefix/var/svc/profile/platform_SUNW,Sun-Fire.xml \ 1582 ]; then 1583 for pfx in " " "v"; do 1584 for plname in \ 1585 none \ 1586 SUNW_Sun_Fire_880 \ 1587 SUNW_Sun_Fire_V890 \ 1588 SUNW_Sun_Fire_15000 \ 1589 SUNW_UltraEnterprise_10000; do 1590 eval $BFUSVCCFG -f - <<EOF 1591 select smf/manifest 1592 delpg ${pfx}ar_svc_profile_platform_${plname}_xml 1593 exit 1594 EOF 1595 done 1596 done 1597 fi 1598 } 1599 1600 smf_handle_new_services () { 1601 # 1602 # Detect, prior to extraction the arrival of new, 1603 # default-enabled-in-profile services. If so, add a command 1604 # such that they are enabled. 1605 # 1606 if [ ! -f $rootprefix/var/svc/profile/system/sac.xml ]; then 1607 echo /usr/sbin/svcadm enable system/sac >> \ 1608 $rootprefix/var/svc/profile/upgrade 1609 fi 1610 if [[ $zone = global && 1611 ! -f $rootprefix/var/svc/manifest/system/intrd.xml ]]; then 1612 echo /usr/sbin/svcadm enable system/intrd >> \ 1613 $rootprefix/var/svc/profile/upgrade 1614 fi 1615 if [[ $zone = global && 1616 ! -f $rootprefix/var/svc/manifest/system/scheduler.xml ]]; then 1617 echo /usr/sbin/svcadm enable system/scheduler >> \ 1618 $rootprefix/var/svc/profile/upgrade 1619 fi 1620 if [[ $zone = global && 1621 ! -f $rootprefix/var/svc/manifest/system/hal.xml ]]; then 1622 echo /usr/sbin/svcadm enable system/hal >> \ 1623 $rootprefix/var/svc/profile/upgrade 1624 fi 1625 if [[ $zone = global && 1626 ! -f $rootprefix/var/svc/manifest/system/filesystem/rmvolmgr.xml ]]; then 1627 echo /usr/sbin/svcadm enable system/filesystem/rmvolmgr >> \ 1628 $rootprefix/var/svc/profile/upgrade 1629 fi 1630 if [[ $zone = global && 1631 ! -f $rootprefix/var/svc/manifest/network/ipsec/manual-key.xml && 1632 -f $rootprefix/etc/inet/secret/ipseckeys ]]; then 1633 smf_enable svc:/network/ipsec/manual-key:default 1634 fi 1635 if [[ $zone = global && 1636 ! -f $rootprefix/var/svc/manifest/network/ipsec/ike.xml && 1637 -f $rootprefix/etc/inet/ike/config ]]; then 1638 smf_enable svc:/network/ipsec/ike:default 1639 fi 1640 if [[ $zone = global && 1641 ! -f $rootprefix/var/svc/manifest/system/pools.xml && 1642 -f $rootprefix/etc/pooladm.conf ]]; then 1643 smf_enable svc:/system/pools:default 1644 fi 1645 if [[ $zone = global && $karch = sun4v && 1646 ! -f $rootprefix/var/svc/manifest/platforms/sun4v/ldoms-agents.xml ]]; then 1647 smf_enable svc:/ldoms/agents:default 1648 fi 1649 } 1650 1651 smf_copy_manifest() { 1652 mfstbase=`basename $1` 1653 mymfs=$rootprefix/var/svc/manifest/$2/$mfstbase 1654 if [[ ! -f $mymfs ]] || ! cmp -s $manifest_src/$1 $mymfs ; then 1655 cp $manifest_src/$1 $mymfs || 1656 echo "bfu: could not copy $manifest_src/$1" 1657 fi 1658 } 1659 1660 smf_copy_method() { 1661 cp $manifest_src/$1 $rootprefix/lib/svc/method || 1662 echo "bfu: could not copy $manifest_src/$1" 1663 } 1664 1665 smf_cleanup_initd() { 1666 rm -f $rootprefix/etc/rc?.d/[SK]??$1 1667 } 1668 1669 smf_delete_manifest() { 1670 ( 1671 mfst=$1 1672 cd $root 1673 [[ -f $mfst ]] || return; 1674 if [ -r /etc/svc/volatile/repository_door ]; then 1675 ENTITIES=`eval $BFUSVCCFG inventory $mfst` 1676 for fmri in $ENTITIES; do 1677 if [[ -n $root && $root != "/" ]]; then 1678 SVCCFG_REPOSITORY=$root/etc/svc/repository.db 1679 export SVCCFG_REPOSITORY 1680 fi 1681 eval $BFUSVCCFG delete -f $fmri >/dev/null 2>&1 1682 if [[ -n $root && $root != "/" ]]; then 1683 unset SVCCFG_REPOSITORY 1684 fi 1685 done 1686 fi 1687 rm $mfst 1688 ) 1689 } 1690 1691 smf_delete_methods() { 1692 ( 1693 cd $root; 1694 rm -f $smf_obsolete_methods 1695 ) 1696 } 1697 1698 smf_delete_renamed_manifests() { 1699 ( 1700 cd $root; 1701 rm -f $smf_renamed_manifests 1702 ) 1703 } 1704 1705 smf_cleanup_dlmgmtd() { 1706 ( 1707 # 1708 # Delete the service instance, then refresh all its dependents in the 1709 # cases of alternative root and zones. 1710 # 1711 smf_delete_manifest "var/svc/manifest/network/dlmgmt.xml" 1712 1713 if [[ -n $root && $root != "/" ]]; then 1714 export SVCCFG_REPOSITORY=$root/etc/svc/repository.db 1715 eval $BFUSVCCFG -s svc:/network/physical:nwam refresh 1716 eval $BFUSVCCFG -s svc:/network/physical:default refresh 1717 eval $BFUSVCCFG -s svc:/system/device/local:default refresh 1718 unset SVCCFG_REPOSITORY 1719 fi 1720 cd $root 1721 rm -f lib/svc/method/svc-dlmgmtd 1722 rm -f etc/.dlmgmt_door 1723 rm -f sbin/dlmgmtd 1724 ) 1725 } 1726 1727 smf_cleanup_vt() { 1728 ( 1729 smf_delete_manifest var/src/manifest/system/vtdaemon.xml 1730 cd $root 1731 rm -f lib/svc/method/vtdaemon 1732 1733 vt_conslogin_instances=`/tmp/bfubin/svcs -o FMRI | \ 1734 grep console-login:vt` 1735 for i in $vt_conslogin_instances; do 1736 eval $BFUSVCCFG delete -f $i 1737 done 1738 ) 1739 } 1740 1741 smf_cleanup_boomer() { 1742 ( 1743 smf_delete_manifest var/src/manifest/system/devices-audio.xml 1744 cd $root 1745 rm -f lib/svc/method/devices-audio 1746 1747 /tmp/bfubin/svccfg delete -f svc:/system/device/audio 1748 ) 1749 } 1750 1751 old_mfst_dir="var/svc/manifest.orig" 1752 new_mfst_dir="var/svc/manifest" 1753 1754 smf_enable() { 1755 echo "svcadm enable $*" >> $rootprefix/var/svc/profile/upgrade 1756 } 1757 1758 smf_check_repository() { 1759 repository=etc/svc/repository.db 1760 [[ -f $rootprefix/$repository ]] || return 1761 1762 print -n "$rootprefix/$repository: " >&2 1763 1764 sqlite="${SQLITEBIN-$GATE/public/bin/$bfu_isa/sqlite}" 1765 [[ -x $sqlite ]] || sqlite=/lib/svc/bin/sqlite 1766 if [[ ! -x $sqlite ]]; then 1767 echo "no sqlite binary: skipped integrity check" >&2 1768 return 1769 fi 1770 1771 rm -f /tmp/bfurepo.db; 1772 cp $rootprefix/$repository /tmp/bfurepo.db 1773 bad_errors=`echo "PRAGMA integrity_check;" | 1774 $sqlite /tmp/bfurepo.db 2>&1 | grep -v '^ok$'` 1775 if [[ $? -eq 0 ]]; then 1776 echo "integrity check failed:" >&2 1777 echo "$bad_errors" >&2 1778 echo >&2 1779 if [[ $force_override = no ]]; then 1780 cat >&2 <<EOF 1781 Reseed the repository (see http://greenline.eng/quickstart.shtml#newrep) 1782 before BFUing (or use the -f flag to force BFU to continue). Re-seeding 1783 will lose all smf(5) customizations. 1784 EOF 1785 echo >&2 1786 exit 2; 1787 else 1788 echo "driving on anyway" >&2 1789 fi 1790 else 1791 echo "passed integrity check" >&2; 1792 fi 1793 } 1794 1795 smf_bkbfu_warning() { 1796 print "" 1797 print "*************************************************************" 1798 print " WARNING: BFU'ing $1 backwards across 5090532." 1799 print " Fixes have been made but the services cannot be refreshed" 1800 print " on the $1's inactive repository. Next boot for the" 1801 print " $1 will probably result in maintenance mode due to" 1802 print " dependency cycles. If so, at the $1's console, run:" 1803 print "" 1804 print " /usr/sbin/svcadm refresh system/sysidtool:system" 1805 print " /usr/sbin/svcadm refresh system/sysidtool:net" 1806 print " /usr/sbin/svcadm clear milestone/single-user" 1807 print " /usr/sbin/svcadm clear system/sysidtool:system" 1808 print " /usr/sbin/svcadm clear system/sysidtool:net" 1809 print "" 1810 print " to resolve." 1811 print " To avoid these problems, reseed the zone's repository." 1812 print " See http://greenline.eng/quickstart.shtml#newrep ." 1813 print " Note: Re-seeding will lose all smf(5) customization." 1814 print "*************************************************************" 1815 print "" 1816 } 1817 1818 smf_is_sysconfig() { 1819 # 1820 # Return success if going to post-5090532, i.e. post-sysconfig bits 1821 # 1822 # By now, we're going to post-smf bits - so multi-user.xml must 1823 # exist (since it was introduced by first SMF putback). 1824 # 1825 # Function return status is return status of last command executed. 1826 # So, no need to check return status from grep below. 1827 1828 grep sysconfig $rootprefix/var/svc/manifest/milestone/multi-user.xml \ 1829 >/dev/null 2>&1 1830 } 1831 1832 smf_bkbfu_past_sysconfig() { 1833 # 1834 # Check if bfu'ing back from post-5090532 to pre-5090532 bits. 1835 # 1836 if [[ -f $rootprefix/var/svc/manifest/milestone/sysconfig.xml ]] && 1837 ! smf_is_sysconfig ; then 1838 return 0 1839 fi 1840 return 1 1841 } 1842 1843 smf_bkbfu_repair_sysconfig() { 1844 # 1845 # Perform the necessary corrections when bfu'ing backwards 1846 # from post-5090532 to pre-5090532 bits. 1847 # 1848 # Get the pre-5090532 non-ON manifests, and issue minimal fixes 1849 # to the repository, to enable re-boot. 1850 # 1851 smf_copy_manifest pre-5090532/sysidtool.xml system 1852 if [[ $zone = global && $karch = i86pc ]]; then 1853 smf_copy_manifest pre-5090532/kdmconfig.xml platform/i86pc 1854 fi 1855 # 1856 # Now, remove sysidtool:{system, net}'s dependency on 1857 # single-user and filesystem-local. 1858 # 1859 # If $rootprefix is not empty, this could be the global zone, 1860 # with an alternate root BFU, or a non-global zone. For either 1861 # case, the repository to be updated is not the live one: use 1862 # SVCCFG_REPOSITORY to point to the repository to be updated. 1863 # 1864 # Note that in the alternate-root case, doing this seems better 1865 # than forcing the user to re-seed, or to dis-allow it. The 1866 # issue of svccfg and the repository not matching seems remote, 1867 # given that from initial SMF integration (on10_64) to on10_74, 1868 # there was no mismatch. In the remote possibility that there is a 1869 # mis-match (in the future) causing these calls to be suspect, 1870 # the user is already being advised, via the warning message, to 1871 # reseed the repository in case of trouble. If a mis-match is ever 1872 # introduced, code such as this would have to be fixed, so this 1873 # aspect of the warning is useful only during the interim period. 1874 # 1875 # NOTE that this is not an issue for non-global zones' 1876 # repositories - they couldn't be out-of-sync with 1877 # /tmp/bfubin/svccfg. 1878 # 1879 if [[ -n $rootprefix ]]; then 1880 export SVCCFG_REPOSITORY=$rootprefix/etc/svc/repository.db 1881 if [[ $zone = global ]]; then 1882 smf_bkbfu_warning "alternate root" 1883 else 1884 smf_bkbfu_warning "zone" 1885 fi 1886 fi 1887 # 1888 # Using the newer "-s" option to svccfg in the following is OK 1889 # since its introduction preceded 5090532 (and this routine wouldn't 1890 # be called unless the machine is running post-5090532 bits). 1891 # 1892 eval $BFUSVCCFG -s system/sysidtool:net delpg single-user 1893 eval $BFUSVCCFG -s system/sysidtool:system delpg single-user 1894 eval $BFUSVCCFG -s system/sysidtool:net delpg filesystem_local 1895 eval $BFUSVCCFG -s system/sysidtool:system delpg filesystem_local 1896 1897 # 1898 # On a live system, issue the refresh; For alternate root or non-global 1899 # zone, the user was asked to issue the refreshes and "clear"s in the 1900 # message above after a post-bfu reboot. 1901 # 1902 if [[ -z $rootprefix ]]; then 1903 /tmp/bfubin/svcadm refresh system/sysidtool:system \ 1904 system/sysidtool:net 1905 fi 1906 1907 # 1908 # Now, reset SVCCFG_REPOSITORY, if it was set 1909 # 1910 [[ -n $rootprefix ]] && unset SVCCFG_REPOSITORY 1911 1912 # 1913 # Remove the sysconfig.xml manifest when going back. So backward 1914 # bfu check continues to work, and all manifests are correct. 1915 # 1916 cat >> $rootprefix/var/svc/profile/upgrade <<-EOF 1917 rm -f /var/svc/manifest/milestone/sysconfig.xml 1918 EOF 1919 } 1920 1921 # 1922 # Return true if $file exists in $archive. $file may also be a pattern. 1923 # 1924 archive_file_exists() 1925 { 1926 archive=$1 1927 file=$2 1928 1929 $ZCAT $cpiodir/${archive}${ZFIX} | cpio -it 2>/dev/null | \ 1930 egrep -s "$file" 1931 } 1932 1933 # 1934 # extract one or more files from an archive into a temporary directory 1935 # provided by the caller. The caller is responsible for checking to 1936 # to see whether the desired file or files were extracted 1937 # 1938 # $1 - archive 1939 # $2 - temporary dir 1940 # remaining args: file(s) to be extracted. 1941 # 1942 archive_file_peek() { 1943 compressed_archive=`pwd`/$1 1944 tdir=$2 1945 shift 1946 shift 1947 if [ ! -d $tdir ] ; then 1948 return 1949 fi 1950 (cd $tdir; $ZCAT $compressed_archive | cpio -idmucB $* 2>&1 ) 1951 } 1952 1953 # 1954 # If we're no longer delivering the eeprom service, remove it from the system, 1955 # as eeprom -I is removed as well. 1956 # 1957 smf_fix_i86pc_profile () { 1958 mfst="var/svc/manifest/platform/i86pc/eeprom.xml" 1959 profile="var/svc/profile/platform_i86pc.xml" 1960 1961 if [ ! "$karch" = "i86pc" ]; then 1962 return 1963 fi 1964 1965 if ! archive_file_exists generic.root "^$profile"; then 1966 rm -f $rootprefix/$profile 1967 rm -f $rootprefix/var/svc/profile/platform.xml 1968 fi 1969 1970 if [ ! -f $rootprefix/$mfst ]; then 1971 return 1972 fi 1973 1974 if archive_file_exists generic.root "^$mfst"; then 1975 return 1976 fi 1977 1978 rm -f $rootprefix/$mfst 1979 1980 # 1981 # we must disable via svccfg directly, as manifest-import runs after 1982 # this service tries to run 1983 # 1984 [[ -n "$rootprefix" ]] && 1985 export SVCCFG_REPOSITORY=$rootprefix/etc/svc/repository.db 1986 eval $BFUSVCCFG delete -f platform/i86pc/eeprom 1987 [[ -n "$rootprefix" ]] && unset SVCCFG_REPOSITORY 1988 } 1989 1990 # 1991 # If the new system doesn't support the templates DTD extensions 1992 # (due to backwards bfu), the global.xml manifest should be deleted. 1993 # 1994 smf_bkbfu_templates() { 1995 mfst="var/svc/manifest/system/svc/global.xml" 1996 1997 grep "pg_pattern" \ 1998 $rootprefix/usr/share/lib/xml/dtd/service_bundle.dtd.1> \ 1999 /dev/null 2>&1 2000 if [ $? -eq 1 ]; then 2001 rm -f $rootprefix/$mfst 2002 fi 2003 2004 } 2005 2006 smf_apply_conf () { 2007 # 2008 # Go thru the original manifests and move any that were unchanged 2009 # (or are not system-provided) back to their proper location. This 2010 # will avoid superfluous re-import on reboot, as the inode and mtime 2011 # are both part of the hash. 2012 # 2013 if [ -d $rootprefix/$old_mfst_dir ]; then 2014 for f in `cd $rootprefix/$old_mfst_dir ; find . -type f` 2015 do 2016 old=$rootprefix/$old_mfst_dir/$f 2017 new=$rootprefix/$new_mfst_dir/$f 2018 if [ ! -f $new ]; then 2019 mkdir -m 0755 -p `dirname $new` 2020 mv $old $new 2021 continue 2022 fi 2023 cmp -s $old $new && mv $old $new 2024 done 2025 rm -rf $rootprefix/$old_mfst_dir 2026 fi 2027 2028 if [ -f $rootprefix/etc/init.d/inetd ]; then 2029 # 2030 # BFUing to non-SMF system -- undo our previous changes, 2031 # run an old hack, and skip the remainder of this function. 2032 # 2033 smf_inetd_reenable 2034 smf_tftp_reinstall 2035 2036 # Update inetd.conf only if we find rpc.metad file. 2037 [ -f $usr/sbin/rpc.metad ] && 2038 inetd_conf_svm_hack 2039 2040 return 2041 fi 2042 2043 # 2044 # At this point, the archive in question is a SMF version. If 2045 # the smf(5) repository does not yet exist, create it by copying 2046 # the appropriate seed repository. Since updating of non-global 2047 # zones only occurs when the live system is bfu'ed, the 2048 # appropriate seed is guaranteed to exist under the /lib 2049 # directory. 2050 # 2051 repository=$rootprefix/etc/svc/repository.db 2052 if [ ! -f $repository ]; then 2053 print "Initializing service configuration repository ..." 2054 if [ $zone = global ]; then 2055 cp $rootprefix/lib/svc/seed/global.db $repository 2056 else 2057 cp /lib/svc/seed/nonglobal.db $repository 2058 fi 2059 chmod 0600 $repository 2060 chown root:sys $repository 2061 fi 2062 2063 print "Removing obsolete smf services ..." 2064 for f in $smf_obsolete_manifests; do 2065 smf_delete_manifest $f 2066 done 2067 smf_delete_methods 2068 smf_delete_renamed_manifests 2069 2070 if [[ $dlmgmtd_status = cleanup ]]; then 2071 smf_cleanup_dlmgmtd 2072 fi 2073 2074 # 2075 # When doing backwards BFU, if the target does not contain 2076 # vtdaemon manifest, delete it and delete all the additional 2077 # console-login service instances which were used to provide 2078 # additional console sessions. 2079 # 2080 if ((! $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | \ 2081 grep vtdaemon.xml > /dev/null 2>&1) && [ $zone = global ]); then 2082 smf_cleanup_vt 2083 fi 2084 2085 # 2086 # Remove the Boomer audio service when BFUing to legacy audio bits 2087 # 2088 if ! check_boomer_bfu && [ $zone = global ]; then 2089 smf_cleanup_boomer 2090 fi 2091 2092 print "Disabling unneeded inetd.conf entries ..." 2093 smf_inetd_disable 2094 smf_tftp_reinstall 2095 2096 print "Connecting platform and name service profiles ..." 2097 2098 rm -f $rootprefix/var/svc/profile/name_service.xml 2099 2100 grep ldap $rootprefix/etc/nsswitch.conf >/dev/null 2>&1 2101 is_ldap=$? 2102 grep nisplus $rootprefix/etc/nsswitch.conf >/dev/null 2>&1 2103 is_nisplus=$? 2104 grep nis $rootprefix/etc/nsswitch.conf >/dev/null 2>&1 2105 is_nis=$? 2106 2107 if [ $is_ldap = 0 ]; then 2108 ns_profile=ns_ldap.xml 2109 elif [ $is_nisplus = 0 ]; then 2110 ns_profile=ns_nisplus.xml 2111 elif [ $is_nis = 0 ]; then 2112 ns_profile=ns_nis.xml 2113 else 2114 ns_profile=ns_files.xml 2115 fi 2116 2117 ln -s $ns_profile $rootprefix/var/svc/profile/name_service.xml 2118 2119 rm -f $rootprefix/var/svc/profile/inetd_services.xml 2120 ln -s inetd_upgrade.xml $rootprefix/var/svc/profile/inetd_services.xml 2121 2122 print "Marking converted services as enabled ..." 2123 2124 [ -f $rootprefix/etc/resolv.conf ] && smf_enable network/dns/client 2125 [ -f $rootprefix/etc/inet/dhcpsvc.conf ] && \ 2126 smf_enable network/dhcp-server 2127 2128 # Not concerned about enabling/disabling rcap but will migrate 2129 # configuration parameters if rcap.conf exists 2130 # 2131 if [ -f $rootprefix/etc/rcap.conf ]; then 2132 migrate_rcap_conf 2133 fi 2134 2135 migrate_acctadm_conf 2136 2137 if [ $zone = global ]; then 2138 if [ -f $rootprefix/etc/dfs/dfstab ] && 2139 grep '^[ ]*[^# ]' $rootprefix/etc/dfs/dfstab \ 2140 > /dev/null; then 2141 smf_enable network/nfs/server 2142 fi 2143 else 2144 echo "/usr/sbin/svcadm disable network/nfs/server" >> \ 2145 $rootprefix/var/svc/profile/upgrade 2146 fi 2147 2148 [ -f $rootprefix/etc/inet/ntp.conf ] && smf_enable network/ntp 2149 2150 2151 domainname=`cat $rootprefix/etc/defaultdomain 2>/dev/null` 2152 if [ ! -z "$domainname" -a -d $rootprefix/var/yp/$domainname ]; then 2153 smf_enable network/nis/server 2154 2155 # Determining whether we're a NIS master requires 2156 # looking through the maps. 2157 cat >>$rootprefix/var/svc/profile/upgrade <<\_EOF 2158 # Determine whether we are a YP master. 2159 domain=`/usr/bin/domainname` 2160 hostname=`uname -n | cut -d. -f1 | tr '[A-Z]' '[a-z]'` 2161 2162 if [ -x /usr/sbin/makedbm ]; then 2163 if [ -f /var/yp/NISLDAPmapping ]; then 2164 master=`/usr/sbin/makedbm -u /var/yp/\$domain/LDAP_passwd.byname | grep YP_MASTER_NAME | nawk '{ print $2 }'` 2165 else 2166 master=`/usr/sbin/makedbm -u /var/yp/\$domain/passwd.byname | grep YP_MASTER_NAME | nawk '{ print $2 }'` 2167 fi 2168 fi 2169 2170 # If we are the master server, enable appropriate services. 2171 if [ "$master" = "$hostname" -a "$YP_SERVER" = "TRUE" ]; then 2172 /usr/sbin/svcadm enable network/nis/xfr 2173 /usr/sbin/svcadm enable network/nis/passwd 2174 2175 if [ ! -f /var/yp/NISLDAPmapping ]; then 2176 [ -f /var/yp/updaters ] && \ 2177 /usr/svc/svcadm enable network/nis/update 2178 fi 2179 fi 2180 _EOF 2181 fi 2182 2183 # Check if mddbs don't exist on the image. If so, disable SVM services. 2184 MDDB_STATUS=1 2185 if [ -f $rootprefix/kernel/drv/md.conf ]; then 2186 sed -e 's/#.*$//' $rootprefix/kernel/drv/md.conf | \ 2187 egrep '^[ ]*mddb_bootlist' >/dev/null 2>&1 2188 MDDB_STATUS=$? 2189 fi 2190 2191 if [ $MDDB_STATUS -ne 0 ]; then 2192 for svc in metainit mdmonitor; do 2193 echo "/usr/sbin/svcadm disable system/$svc:default" >> \ 2194 $rootprefix/var/svc/profile/upgrade 2195 done 2196 2197 for svc in meta mdcomm metamed metamh; do 2198 echo "/usr/sbin/svcadm disable network/rpc/$svc:default" \ 2199 >> $rootprefix/var/svc/profile/upgrade 2200 done 2201 fi 2202 2203 # Workaround inetd's handling of "tcp6/udp6" when no IPv6 interfaces 2204 # are configured. 2205 for svc in meta mdcomm metamed metamh; do 2206 echo "/usr/sbin/inetadm -m network/rpc/$svc:default proto=tcp" \ 2207 ">/dev/null 2>&1" >> $rootprefix/var/svc/profile/upgrade 2208 done 2209 2210 manifest_src=${MANIFEST_SRC-$GATE/public/smf} 2211 [[ -d $manifest_src ]] || 2212 manifest_src=${GATE}/public/smf 2213 [[ -d $manifest_src ]] || manifest_src=/net/greenline.eng/meta0/smf 2214 2215 if smf_bkbfu_past_sysconfig ; then 2216 echo "BFU'ing backwards across 5090532! Now repairing..." 2217 smf_bkbfu_repair_sysconfig 2218 fi 2219 2220 # 2221 # If bfu'ing milestone/sysconfig bits or onwards, update the 2222 # corresponding non-ON manifests - sysidtool and kdmconfig. 2223 # 2224 sysidmfst=$rootprefix/var/svc/manifest/system/sysidtool.xml 2225 kdmmfst=$rootprefix/var/svc/manifest/platform/i86pc/kdmconfig.xml 2226 if smf_is_sysconfig ; then 2227 if [[ ! -f $sysidmfst ]]; then 2228 # 2229 # if WOS build on machine is pre-greenline, and 2230 # we're bfu'ing to the sysconfig bits. 2231 # 2232 smf_copy_manifest post-5090532/sysidtool.xml system 2233 if [[ $zone = global ]]; then 2234 smf_copy_method sysidtool-net 2235 smf_copy_method sysidtool-system 2236 fi 2237 echo "Converted system/sysidtool (post-5090532)" 2238 else 2239 # 2240 # If sysidtool.xml already exists, update it 2241 # if necessary. Future updates of sysidtool.xml 2242 # must occur in the dir: $manifest_src/post-5090532 2243 # 2244 smf_copy_manifest post-5090532/sysidtool.xml system 2245 fi 2246 if [[ $zone = global && $karch = i86pc ]]; then 2247 if [[ ! -f $kdmmfst ]]; then 2248 # 2249 # if WOS build on machine is pre-greenline, and 2250 # we're bfu'ing to the sysconfig bits. 2251 # 2252 smf_copy_manifest post-5090532/kdmconfig.xml \ 2253 platform/i86pc 2254 smf_copy_method svc-kdmconfig 2255 smf_cleanup_initd kdmconfig 2256 echo "Converted platform/i86pc/kdmconfig" 2257 echo "(post-5090532)" 2258 else 2259 # 2260 # If kdmconfig.xml already exists, update 2261 # it if necessary. Future updates of 2262 # kdmconfig.xml must occur in the dir: 2263 # $manifest_src/post-5090532 2264 # 2265 smf_copy_manifest post-5090532/kdmconfig.xml \ 2266 platform/i86pc 2267 fi 2268 fi 2269 else 2270 if [[ ! -f $sysidmfst ]]; then 2271 smf_copy_manifest pre-5090532/sysidtool.xml system 2272 if [[ $zone = global ]]; then 2273 smf_copy_method sysidtool-net 2274 smf_copy_method sysidtool-system 2275 fi 2276 echo "Converted system/sysidtool" 2277 fi 2278 if [[ $zone = global && $karch = i86pc && ! -f $kdmmfst ]]; 2279 then 2280 smf_copy_manifest pre-5090532/kdmconfig.xml \ 2281 platform/i86pc 2282 smf_copy_method svc-kdmconfig 2283 smf_cleanup_initd kdmconfig 2284 echo "Converted platform/i86pc/kdmconfig" 2285 fi 2286 fi 2287 2288 # If we've still got the old dtlogin manifest delivered by earlier 2289 # versions of bfu, delete it, as it was broken and should have 2290 # never been delivered. A new version delivered by the CDE 2291 # consolidation should be left alone. 2292 if [[ -f $rootprefix/var/svc/manifest/application/dtlogin.xml && 2293 `grep -c GLXXX \ 2294 $rootprefix/var/svc/manifest/application/dtlogin.xml` -gt 0 && 2295 -x /tmp/bfubin/svccfg ]]; then 2296 2297 # Delete the obsolete manifest. 2298 rm -f $rootprefix/var/svc/manifest/application/dtlogin.xml 2299 2300 # Delete the service from repository, then use dtconfig -e to 2301 # revert to whatever the WOS bits are using if dtlogin was 2302 # enabled. 2303 cat >> $rootprefix/var/svc/profile/upgrade <<-EOFA 2304 if /usr/bin/svcprop -q application/cde-login; then 2305 if [ \`/usr/bin/svcprop -p general/enabled \ 2306 application/cde-login:default\` = "true" ]; then 2307 do_dtconfig=1; 2308 else 2309 do_dtconfig=0; 2310 fi 2311 2312 /usr/sbin/svccfg delete -f application/cde-login 2313 type instance_refresh 2>&1 > /dev/null 2314 if [ \$? = 0 ]; then 2315 instance_refresh system/console-login 2316 else 2317 /usr/sbin/svcadm refresh system/console-login 2318 fi 2319 2320 if [ \$do_dtconfig -eq 1 -a -x /usr/dt/bin/dtconfig ]; then 2321 /usr/dt/bin/dtconfig -e 2322 fi 2323 fi 2324 EOFA 2325 fi 2326 2327 2328 # Enable the inetd-upgrade service to convert any changes to inetd.conf 2329 smf_enable network/inetd-upgrade 2330 2331 # If global zone, and bfu'ing from smf, and the inetd-upgrade 2332 # service has an obsolete dependency, then add a clear of inetd 2333 # and inetd-upgrade to the upgrade file as either may drop into 2334 # maintenance due to a dependency loop resulting from the new 2335 # inetd manifest 2336 if [[ $zone = global && -x /tmp/bfubin/svccfg ]]; then 2337 /tmp/bfubin/svcprop -q -p network/entities network/inetd-upgrade 2338 if [[ $? = 0 ]]; then 2339 echo "/usr/sbin/svcadm clear network/inetd" >> \ 2340 $rootprefix/var/svc/profile/upgrade 2341 echo "/usr/sbin/svcadm clear network/inetd-upgrade" >> \ 2342 $rootprefix/var/svc/profile/upgrade 2343 fi 2344 fi 2345 2346 # 2347 # Import the name-service-cache service. This is to get the service 2348 # (with correct dependencies) in the repository before reboot. 2349 # 2350 smf_import_service system/name-service-cache.xml 2351 2352 # 2353 # Import the datalink-management service. 2354 # 2355 smf_import_service network/dlmgmt.xml \ 2356 svc:/network/datalink-management:default 2357 2358 # 2359 # Import the ldap/client service. This is to get the service 2360 # (with correct dependencies) in the repository before reboot. 2361 # 2362 smf_import_service network/ldap/client.xml 2363 2364 # Enable new NFS status and nlockmgr services if client is enabled 2365 cat >> $rootprefix/var/svc/profile/upgrade <<-EOF 2366 cl="svc:/network/nfs/client:default" 2367 if [ \`/usr/bin/svcprop -p general/enabled \$cl\` = "true" ]; then 2368 /usr/sbin/svcadm enable svc:/network/nfs/status:default 2369 /usr/sbin/svcadm enable svc:/network/nfs/nlockmgr:default 2370 fi 2371 2372 EOF 2373 2374 kpmani="$rootprefix/var/svc/manifest/network/security/krb5_prop.xml" 2375 if grep svc-kdc.slave $kpmani > /dev/null 2>&1; then 2376 cat >> $rootprefix/var/svc/profile/upgrade <<EOF 2377 # We are deleting and reimporting kpropd's manifest, because we 2378 # need to change the restarter. 2379 kpfmri="svc:/network/security/krb5_prop" 2380 kkfmri="svc:/network/security/krb5kdc:default" 2381 lkpmani="/var/svc/manifest/network/security/krb5_prop.xml" 2382 restarter=\`svcprop -c -p general/restarter \$kpfmri 2>&1\` 2383 case \$restarter in 2384 *network/inetd:default) 2385 kken=\`svcprop -c -p general/enabled \$kkfmri\` 2386 eval $BFUSVCCFG delete -f \$kpfmri 2387 eval $BFUSVCCFG import \$lkpmani 2388 # Enable kpropd if krb5kdc is enabled, since 2389 # krb5kdc would have run kpropd 2390 if [ \$kken = "true" ]; then 2391 svcadm enable \$kpfmri 2392 fi 2393 ;; 2394 esac 2395 EOF 2396 fi 2397 2398 # Enable print server if there are local queues 2399 queues=`echo $rootprefix/etc/lp/printers/*/configuration` 2400 if [ "$queues" != "$rootprefix/etc/lp/printers/*/configuration" ]; then 2401 smf_enable application/print/server 2402 fi 2403 2404 # Enable rarpd and bootparamd if they would have been running pre-SMF 2405 if [ -d $rootprefix/tftpboot ] || [ -d $rootprefix/rplboot ]; then 2406 smf_enable network/rarp 2407 smf_enable network/rpc/bootparams 2408 fi 2409 2410 touch $rootprefix/var/svc/profile/.upgrade_prophist 2411 2412 cat >> $rootprefix/var/svc/profile/upgrade <<EOF 2413 # We are deleting and reimporting dcs's manifest, because we 2414 # need to change the restarter. 2415 dcsfmri="svc:/platform/sun4u/dcs:default" 2416 dcsmani="/var/svc/manifest/platform/sun4u/dcs.xml" 2417 restarter=\`svcprop -c -p general/restarter \$dcsfmri 2>&1\` 2418 case \$restarter in 2419 *network/inetd:default) 2420 en=\`svcprop -c -p general/enabled \$dcsfmri\` 2421 eval $BFUSVCCFG delete -f \$dcsfmri 2422 eval $BFUSVCCFG import \$dcsmani 2423 if [ \$en = "true" ]; then 2424 svcadm enable \$dcsfmri 2425 fi 2426 ;; 2427 esac 2428 EOF 2429 2430 smf_fix_i86pc_profile 2431 2432 smf_bkbfu_templates 2433 } 2434 2435 tx_check_update() { 2436 # 2437 # If a lbl_edition file is found it's a likely sign that old unbundled 2438 # Trusted Extensions packages are installed and TX is active. Update 2439 # etc/system if needed, to complete enabling of the bundled TX. 2440 # 2441 LMOD1=$rootprefix/kernel/sys/lbl_edition 2442 LMOD2=$rootprefix/kernel/sys/amd64/lbl_edition 2443 LMOD3=$rootprefix/kernel/sys/sparcv9/lbl_edition 2444 2445 grep "^set sys_labeling=" $rootprefix/bfu.child/etc/system > \ 2446 /dev/null 2>&1 2447 if [ $? -eq 0 ]; then 2448 return 2449 fi 2450 2451 if [ -f $LMOD1 -o -f $LMOD2 -o -f $LMOD3 ]; then 2452 echo "set sys_labeling=1" >> $rootprefix/bfu.child/etc/system 2453 if [ $? -ne 0 ]; then 2454 echo "cannot set sys_labeling in $rootprefix/bfu.child/etc/system" 2455 return 2456 fi 2457 2458 rm -f $LMOD1 $LMOD2 $LMOD3 2459 fi 2460 } 2461 2462 tx_check_bkbfu() { 2463 # 2464 # Emit a warning message if bfu'ing a Trusted Extensions-enabled system 2465 # backwards to pre TX-merge bits. In this case, unbundled packages must 2466 # be reinstalled to complete restoration of old TX bits. 2467 # 2468 bsmconv=$rootprefix/etc/security/bsmconv 2469 2470 # This check is only needed in global zone 2471 if [[ $zone != global ]]; then 2472 return 2473 fi 2474 2475 # No warning needed if TX is not currently enabled 2476 grep "^set sys_labeling=" $rootprefix/bfu.child/etc/system > \ 2477 /dev/null 2>&1 2478 if [ $? -ne 0 ]; then 2479 return 2480 fi 2481 2482 if [ ! -f $bsmconv ]; then 2483 return 2484 fi 2485 grep " -x /usr/bin/plabel " $bsmconv > /dev/null 2>&1 2486 if [ $? != 0 ]; then 2487 return 2488 fi 2489 2490 print "" 2491 print "*************************************************************" 2492 print " WARNING: BFU'ing TX backwards across 6533113." 2493 print " Must re-install unbundled TX packages to remain Trusted." 2494 print "*************************************************************" 2495 print "" 2496 } 2497 2498 # 2499 # The directboot putback moved the console property from 2500 # /boot/solaris/bootenv.rc to /boot/grub/menu.lst. It should be kept in both. 2501 # 2502 cleanup_eeprom_console() 2503 { 2504 bootenvrc="$root/boot/solaris/bootenv.rc" 2505 menu_console=`eeprom console 2>/dev/null | \ 2506 grep -v 'data not available' | cut -d= -f2-` 2507 bootenv_console=`grep '^setprop[ ]\{1,\}console\>' $bootenvrc` 2508 if [ -n "$menu_console" ] && [ -z "$bootenv_console" ]; then 2509 echo "setprop console '$menu_console'" >> $bootenvrc 2510 fi 2511 } 2512 2513 EXTRACT_LOG=/tmp/bfu-extract-log.$$ 2514 2515 rm -f $EXTRACT_LOG 2516 2517 extraction_error() { 2518 echo error $* >> $EXTRACT_LOG 2519 } 2520 2521 # 2522 # Make a local copy of bfu in /tmp and execute that instead. 2523 # This makes us immune to loss of networking and/or changes 2524 # to the original copy that might occur during execution. 2525 # 2526 cd . 2527 abspath=`[[ $0 = /* ]] && print $0 || print $PWD/$0` 2528 if [[ $abspath != /tmp/* ]]; then 2529 localpath=/tmp/bfu.$$ 2530 print "Copying $abspath to $localpath" 2531 cp $abspath $localpath 2532 chmod +x $localpath 2533 print "Executing $localpath $*\n" 2534 exec $localpath $* 2535 fi 2536 2537 export PATH=/usr/bin:/usr/sbin:/sbin 2538 2539 usage() { 2540 echo "Usage:" 2541 echo " bfu [-fh] <archive_dir> [root-dir]" 2542 echo "\tUpdate a single machine by loading archives on root-dir." 2543 echo "\troot-dir defaults to / (a live bfu).\n" 2544 echo " bfu -c [-fh] <archive_dir> <exec-dir>" 2545 echo "\tUpdate all diskless clients by loading archives on each client" 2546 echo "\tthat mounts exec-dir as /usr. <exec-dir> must start with" 2547 echo "\t/export/exec and each client's root must be in /export/root.\n" 2548 echo "\t-f force bfu to continue even if it doesn't seem safe" 2549 fail "\t-h|-help print this usage message and exit\n" 2550 } 2551 2552 diskless=no 2553 force_override=no 2554 while [ $# -gt 0 ]; do 2555 case $1 in 2556 -c) diskless=yes;; 2557 -f) force_override=yes;; 2558 -h|-help) usage;; 2559 *) break;; 2560 esac 2561 shift 2562 done 2563 2564 # Variables for x86 platforms 2565 boot_is_pcfs=no 2566 have_realmode=no 2567 is_pcfs_boot=no 2568 new_dladm=no 2569 2570 # Set when moving to either directboot or multiboot 2571 multi_or_direct=no 2572 2573 # 2574 # Shows which type of archives we have, which type of system we are 2575 # running on (before the bfu), and what the failsafe archives are 2576 # (again, before the bfu). failsafe_type is only needed on diskful 2577 # bfu's, so it's not set in the diskless case. 2578 # Possible values: unknown, dca, multiboot, directboot, xpv 2579 # 2580 archive_type=unknown 2581 system_type=unknown 2582 failsafe_type=unknown 2583 2584 test $# -ge 1 || usage 2585 2586 if [ -x /usr/bin/ppriv ]; then 2587 # We prefer to use ppriv, as it is a more accurate test, and also 2588 # has the benefit of preventing use from within a nonglobal zone. 2589 ppriv $$ | grep -w "E: all" > /dev/null 2>&1 || \ 2590 fail "bfu requires all privileges" 2591 else 2592 # Fall back to old id check if system does not yet have ppriv. 2593 uid=`id | nawk '{print $1}'` 2594 [ "$uid" = "uid=0(root)" ] || \ 2595 fail "You must be super-user to run this script." 2596 fi 2597 2598 bfu_isa=`uname -p` 2599 target_isa=$bfu_isa 2600 karch=`uname -m` 2601 plat=`uname -i` 2602 2603 cpiodir=$1 2604 2605 if [ "$cpiodir" = again ]; then 2606 cpiodir=`nawk '/^bfu.ed from / { print $3; exit }' /etc/motd` 2607 fi 2608 2609 [[ "$cpiodir" = */* ]] || cpiodir=$ARCHIVE/archives/$target_isa/$1 2610 2611 [[ "$cpiodir" = /* ]] || fail "archive-dir must be an absolute path" 2612 2613 cd $cpiodir 2614 case `echo generic.root*` in 2615 generic.root) ZFIX=""; ZCAT="cat";; 2616 generic.root.gz) ZFIX=".gz"; ZCAT="gzip -d -c";; 2617 generic.root.Z) ZFIX=".Z"; ZCAT="zcat";; 2618 *) fail "generic.root missing or in unknown compression format";; 2619 esac 2620 2621 # 2622 # Determine what kind of archives we're installing, using the following rules: 2623 # 2624 # 1. If i86xpv archives exist, the archives are xpv 2625 # 2. If strap.com is present, the archives are pre-multiboot 2626 # 3. If symdef is present, the archives are directboot 2627 # 4. Otherwise, the archives are multiboot 2628 # 2629 if [ $target_isa = i386 ]; then 2630 if [ -f $cpiodir/i86xpv.root$ZFIX ]; then 2631 archive_type=xpv 2632 multi_or_direct=yes 2633 elif [ -f $cpiodir/i86pc.boot$ZFIX ] && \ 2634 archive_file_exists i86pc.boot "strap.com"; then 2635 archive_type=dca 2636 elif [ -f $cpiodir/i86pc.root$ZFIX ] && \ 2637 archive_file_exists i86pc.boot symdef; then 2638 archive_type=directboot 2639 multi_or_direct=yes 2640 else 2641 archive_type=multiboot 2642 multi_or_direct=yes 2643 fi 2644 fi 2645 2646 if [ $diskless = no ]; then 2647 root=${2:-/} 2648 [[ "$root" = /* ]] || fail "root-dir must be an absolute path" 2649 usrroot=$root 2650 usr=${usrroot%/}/usr 2651 rootlist=$root 2652 2653 [[ -f $root/etc/system ]] || \ 2654 fail "$root/etc/system not found; nonglobal zone target not allowed" 2655 2656 rootfstype=`df -n $root | awk '{print $3}'` 2657 2658 if [ "$rootfstype" = "zfs" ]; then 2659 archive_has_zfs_root_support=no 2660 mkdir /tmp/zfschk.$$ 2661 archive_file_peek generic.lib /tmp/zfschk.$$ \ 2662 "lib/svc/share/fs_include.sh" 2663 if [ -f /tmp/zfschk.$$/lib/svc/share/fs_include.sh ] ; then 2664 if grep '^readswapdev' \ 2665 /tmp/zfschk.$$/lib/svc/share/fs_include.sh \ 2666 >/dev/null 2>&1 ; then 2667 archive_has_zfs_root_support=yes 2668 fi 2669 fi 2670 rm -fr /tmp/zfschk.$$ 2671 2672 if [ "$archive_has_zfs_root_support" = "no" ] ; then 2673 fail "Cannot bfu a system with zfs root to an archive with no zfs root support" 2674 fi 2675 fi 2676 2677 # Make sure we extract the sun4u-us3 libc_psr.so.1 2678 if [ -d $root/platform/sun4u -a \ 2679 ! -d $root/platform/sun4u-us3 ] 2680 then 2681 mkdir $root/platform/sun4u-us3 2682 chmod 755 $root/platform/sun4u-us3 2683 chown root $root/platform/sun4u-us3 2684 chgrp sys $root/platform/sun4u-us3 2685 fi 2686 2687 if [ $target_isa = i386 ]; then 2688 if [ $archive_type = xpv ]; then 2689 # 2690 # On i386, we want to apply the archives for both 2691 # platforms (i86pc and i86xpv) if they exist. We 2692 # force the platform to i86xpv so that both will be 2693 # applied. 2694 # 2695 karch=i86pc 2696 plat=i86xpv 2697 fi 2698 if [ ! -d $root/platform/i86hvm ]; then 2699 mkdir $root/platform/i86hvm 2700 fi 2701 fi 2702 2703 if [ $karch != $plat -a -f ${cpiodir}/${plat}.usr$ZFIX ]; then 2704 usrarchs="$karch $plat" 2705 else 2706 usrarchs="$karch" 2707 fi 2708 if [ $karch != $plat -a -f ${cpiodir}/${plat}.root$ZFIX ]; then 2709 rootarchs="$karch $plat" 2710 else 2711 rootarchs="$karch" 2712 fi 2713 2714 if [ -h ${root}/platform/${plat} ]; then 2715 rm -f ${root}/platform/${plat} 2716 fi 2717 if [ -h ${usr}/platform/${plat} ]; then 2718 rm -f ${usr}/platform/${plat} 2719 fi 2720 2721 if [ $plat != $karch -a -f ${cpiodir}/${plat}.root$ZFIX \ 2722 -a -f ${cpiodir}/${plat}.usr$ZFIX ] 2723 then 2724 cd $cpiodir 2725 # 2726 # Look through all the archives we build and match 2727 # the names of built archives with the names of 2728 # directories installed on this machine. We assume 2729 # here that we can get the names of all architectures 2730 # by pattern matching the names of .root archives - so 2731 # if we ever had a case where we had only a .usr archive 2732 # we wouldn't find that archive. 2733 # 2734 for i in *.root* 2735 do 2736 platname=${i%.root*} 2737 if [ -z "${platname}" -o ${platname} = $karch -o \ 2738 $platname = generic -o ${platname} = $plat ]; then 2739 continue; 2740 fi 2741 if [ -d ${root}/platform/${platname} -o \ 2742 -h ${root}/platform/${platname} ]; then 2743 rootarchs="${rootarchs} ${platname}" 2744 fi 2745 if [ -d ${usr}/platform/${platname} -o \ 2746 -h ${usr}/platform/${platname} ]; then 2747 usrarchs="${usrarchs} ${platname}" 2748 fi 2749 if [ -h ${root}/platform/${platname} ]; then 2750 rm -f ${root}/platform/${platname} 2751 fi 2752 if [ -h ${usr}/platform/${platname} ]; then 2753 rm -f ${usr}/platform/${platname} 2754 fi 2755 done 2756 fi 2757 if [ "$rootfstype" = "ufs" ] ; then 2758 rootslice=`df -k $root | nawk 'NR > 1 { print $1 }' | \ 2759 sed s/dsk/rdsk/` 2760 fi 2761 2762 print "Loading $cpiodir on $root" 2763 else 2764 usrroot=$2 2765 usr=$2/usr 2766 [[ "$usr" = /export/exec/* ]] || fail "exec-dir $usrroot sounds bogus" 2767 case $2 in 2768 *sparc*) 2769 target_isa=sparc ;; 2770 *i386*) 2771 target_isa=i386 ;; 2772 esac 2773 cd $cpiodir 2774 test -f generic.root$ZFIX || fail "$cpiodir/generic.root$ZFIX missing" 2775 allarchs=$(echo $(ls *.root$ZFIX | grep -v generic.root$ZFIX | \ 2776 sed -e 's/.root.*//')) 2777 2778 if [ $target_isa = i386 -a $archive_type = xpv ]; then 2779 # 2780 # On i386, we want to apply the archives for both platforms 2781 # (i86pc and i86xpv) if they exist. We force the platform 2782 # to i86xpv so that both will be applied. 2783 # 2784 karch=i86pc 2785 plat=i86xpv 2786 else 2787 # XXX Pick karch as last available root arch 2788 karch=${allarchs##* } 2789 # XXX Pick plat as first available root arch 2790 plat=${allarchs%% *} 2791 fi 2792 2793 rootlist="" 2794 for root in /export/root/* 2795 do 2796 test -f $root/etc/vfstab && 2797 egrep -s $usrroot $root/etc/vfstab && 2798 rootlist="$rootlist $root" 2799 done 2800 test -n "$rootlist" || fail "no clients to upgrade" 2801 print "Loading $cpiodir usr archives on:\n\t$usr\n" 2802 print "Loading $cpiodir root archives on:" 2803 for root in $rootlist 2804 do 2805 print "\t$root" 2806 done 2807 fi 2808 2809 if grep '^[ ]*zfsroot:' $root/etc/system >/dev/null && \ 2810 archive_file_exists i86pc.boot boot/grub/zfs_stage1_5; then 2811 echo "Cannot BFU a system with the mountroot version"\ 2812 "of zfs boot support." 2813 echo "For information on how to transition this system to the new" 2814 echo "zfs boot support, see:" 2815 echo "http://www.opensolaris.org/os/community/zfs/boot/zfsboot-manual/mntroot-transition/" 2816 fail "" 2817 fi 2818 2819 nss_lib="$usr/lib/mps/libnss3.so" 2820 nss_lib64="$usr/lib/mps/64/libnss3.so" 2821 valid_rpath="\$ORIGIN:/usr/lib/mps/secv1:/usr/lib/mps" 2822 rpath_msg="R(UN)?PATH from file ${nss_lib}\)" 2823 if [ ! -x /usr/bin/ldd ]; then 2824 if [ "$force_override" = yes ]; then 2825 echo "/usr/bin/ldd is missing but -f is set; continuing." 2826 else 2827 echo "/usr/bin/ldd is missing." 2828 fail "Install the SUNWtoo package." 2829 fi 2830 fi 2831 nss_rpath=`ldd -s $nss_lib | egrep "$rpath_msg" | head -1 | cut -d'=' -f2 | \ 2832 awk '{print $1}'` 2833 update_script="${GATE}/public/bin/update_nsspkgs" 2834 if [ $valid_rpath != "$nss_rpath" ]; then 2835 if [ "$force_override" = yes ]; then 2836 echo "$nss_lib is not valid but -f is set; continuing." 2837 else 2838 echo "$nss_lib is not valid." 2839 fail "Run $update_script to update the SUNWtls package." 2840 fi 2841 fi 2842 if [ $target_isa = i386 -a ! -f $nss_lib64 ]; then 2843 echo "$nss_lib64 does not exist." 2844 fail "Run $update_script to update the NSS packages." 2845 fi 2846 2847 update_script="${GATE}/public/bin/migrate_bind9" 2848 if [[ ! -f $usr/lib/dns/libdns.so ]] && ! $ZCAT $cpiodir/generic.usr$ZFIX | \ 2849 cpio -it 2>/dev/null | egrep -s '^usr/sbin/ndc' ; then 2850 if [ "$force_override" = yes ]; then 2851 echo "BIND 9 has not been installed, but -f is set; continuing." 2852 else 2853 echo "BIND 8 has been removed from ON; BIND 9 is available from SFW." 2854 fail "Run $update_script to migrate to BIND 9." 2855 fi 2856 fi 2857 2858 update_script="${GATE}/public/bin/update_ce" 2859 if ifconfig -a | egrep '^ce' >/dev/null 2>/dev/null; then 2860 # CE version 1.148 or later is required 2861 cever=`modinfo | grep 'CE Ethernet' | sed 's/.*v1\.//' | tr -d ')' | \ 2862 nawk '{ if ($1 < 148) print "BAD"; else print $1 }'` 2863 if [ "$cever" = "BAD" ]; then 2864 fail "You must run $update_script to upgrade your ce driver." 2865 fi 2866 fi 2867 2868 update_script="${GATE}/public/bin/update_dbus" 2869 if [ ! -x $usr/lib/dbus-daemon ]; then 2870 fail "Run $update_script to update D-Bus." 2871 fi 2872 2873 # 2874 # We need biosdev if we're moving from pre-multiboot to multiboot or directboot 2875 # kernels. If we already have an i86xpv kernel, then we must already be a 2876 # directboot kernel, and can therefore skip the check. 2877 # 2878 if [ $target_isa = i386 ] && [ $multi_or_direct = yes ] && \ 2879 [ $diskless = no ] && [ ! -d /platform/i86xpv/ ]; then 2880 prtconf -v | grep biosdev >/dev/null 2>&1 2881 if [ $? -ne 0 ] && [ ! -f $rootprefix/platform/i86pc/multiboot ]; then 2882 echo "biosdev cannot be run on this machine." 2883 echo "Transitioning from classic to multiboot requires a" 2884 echo "bootconf which is compatible with biosdev." 2885 echo "bfu to onnv_12 first, then to a build with multiboot." 2886 fail "" 2887 fi 2888 fi 2889 2890 # 2891 # Check whether the archives have a datalink-management services; this is 2892 # later used to determine whether we need to upgrade the existing datalink 2893 # configuration and if the datalink-management service needs to be removed. 2894 # 2895 if archive_file_exists generic.sbin "sbin/dlmgmtd"; then 2896 dlmgmtd_exists=true 2897 else 2898 dlmgmtd_exists=false 2899 fi 2900 # 2901 # Set the value of dlmgmtd_status based on the existence of the 2902 # /sbin/dlmgmtd file 2903 # 2904 dlmgmtd_status=none 2905 if [[ -f $root/sbin/dlmgmtd ]] && ! $dlmgmtd_exists ; then 2906 dlmgmtd_status=cleanup 2907 elif [[ ! -f $root/sbin/dlmgmtd ]] && $dlmgmtd_exists ; then 2908 dlmgmtd_status=new 2909 fi 2910 2911 # 2912 # Check whether the archives have an etc/dladm directory; this is 2913 # later used to determine if aggregation.conf needs to be moved. 2914 # 2915 if $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | \ 2916 grep etc/dladm > /dev/null 2>&1 ; then 2917 new_dladm=yes 2918 fi 2919 2920 # 2921 # The Clearview IP Tunneling project changes the format of the 2922 # /etc/dladm/datalink.conf file. The conversion is done in the 2923 # dlmgmtd daemon, so there is no backwards conversion when bfu'ing 2924 # backwards. The solution is to have bfu save the old file away when 2925 # bfu'ing across this project, and restore it when bfu'ing back. 2926 # 2927 datalink_file=$root/etc/dladm/datalink.conf 2928 datalink_backup=$root/etc/dladm/datalink.conf.bfusave 2929 datalink_action=none 2930 if [[ -f $datalink_file ]]; then 2931 iptun_exists=false 2932 if archive_file_exists generic.kernel "kernel/drv/iptun.conf"; then 2933 iptun_exists=true 2934 fi 2935 if [[ ! -f $root/kernel/drv/iptun.conf ]] && $iptun_exists; then 2936 datalink_action=save 2937 elif [[ -f $root/kernel/drv/iptun.conf ]] && ! $iptun_exists; then 2938 datalink_action=restore 2939 fi 2940 fi 2941 2942 # 2943 # Check whether the build is boot-archive or ufsboot sparc 2944 # boot based on the existence of a generic.boot archive 2945 # 2946 newboot_sparc=no 2947 if [ $target_isa = sparc -a -f $cpiodir/generic.boot$ZFIX ]; then 2948 newboot_sparc=yes 2949 fi 2950 2951 time_ref=/tmp/bfu.time_ref.$$ 2952 rm -f $time_ref 2953 touch $time_ref || fail "$time_ref: Unable to create time reference." 2954 time_ref_seconds=$SECONDS 2955 2956 print "\nCreating bfu execution environment ..." 2957 2958 # 2959 # Save off a few critical libraries and commands, so that bfu will 2960 # continue to function properly even in the face of major 2961 # kernel/library/command incompatibilities during a live upgrade. 2962 # 2963 bfucmd=" 2964 /usr/bin/awk 2965 /usr/bin/cat 2966 /usr/bin/chgrp 2967 /usr/bin/chmod 2968 /usr/bin/chown 2969 /usr/bin/cmp 2970 /usr/bin/cp 2971 /usr/bin/cpio 2972 /usr/bin/csh 2973 /usr/bin/cut 2974 /usr/bin/date 2975 /usr/bin/dd 2976 /usr/bin/df 2977 /usr/bin/diff 2978 /usr/bin/du 2979 /usr/bin/echo 2980 /usr/bin/ed 2981 /usr/bin/egrep 2982 /usr/bin/env 2983 /usr/bin/ex 2984 /usr/bin/expr 2985 /usr/bin/false 2986 /usr/bin/fgrep 2987 /usr/bin/file 2988 /usr/bin/find 2989 /usr/bin/gettext 2990 /usr/bin/grep 2991 /usr/bin/head 2992 /usr/bin/id 2993 /usr/bin/ksh 2994 /usr/bin/ksh93 2995 /usr/bin/line 2996 /usr/bin/ln 2997 /usr/bin/ls 2998 /usr/bin/mkdir 2999 /usr/bin/mktemp 3000 /usr/bin/more 3001 /usr/bin/mv 3002 /usr/bin/nawk 3003 /usr/bin/pgrep 3004 /usr/bin/pkginfo 3005 /usr/bin/pkill 3006 /usr/bin/printf 3007 /usr/bin/ps 3008 /usr/bin/ptree 3009 /usr/bin/rm 3010 /usr/bin/rmdir 3011 /usr/bin/sed 3012 /usr/bin/sh 3013 /usr/bin/sort 3014 /usr/bin/strings 3015 /usr/bin/stty 3016 /usr/bin/su 3017 /usr/bin/tail 3018 /usr/bin/tee 3019 /usr/bin/touch 3020 /usr/bin/tr 3021 /usr/bin/true 3022 /usr/bin/truss 3023 /usr/bin/tty 3024 /usr/bin/uname 3025 /usr/bin/uniq 3026 /usr/bin/uptime 3027 /usr/bin/vi 3028 /usr/bin/w 3029 /usr/bin/wc 3030 /usr/bin/xargs 3031 /usr/bin/zcat 3032 /usr/sbin/add_drv 3033 /usr/sbin/chroot 3034 /usr/sbin/halt 3035 /usr/sbin/lockfs 3036 /usr/sbin/lofiadm 3037 /usr/sbin/mkfile 3038 /usr/sbin/mkfs 3039 /usr/sbin/mknod 3040 /usr/sbin/mount 3041 /usr/sbin/newfs 3042 /usr/sbin/pkgrm 3043 /usr/sbin/prtconf 3044 /usr/sbin/reboot 3045 /usr/sbin/rem_drv 3046 /usr/sbin/sync 3047 /usr/sbin/tar 3048 /usr/sbin/uadmin 3049 /usr/sbin/umount 3050 /usr/sbin/update_drv 3051 /usr/sbin/wall 3052 /usr/sbin/zonecfg 3053 ${FASTFS-$GATE/public/bin/$bfu_isa/fastfs} 3054 ${GZIPBIN-$GATE/public/bin/$bfu_isa/gzip} 3055 " 3056 # 3057 # Scripts needed by BFU. These must be modified to use the interpreters in 3058 # /tmp/bfubin. The interpreters in /usr/bin may not be compatible with the 3059 # libraries in the archives being extracted. 3060 # 3061 bfuscr=" 3062 ${ACR-${GATE}/public/bin/acr} 3063 " 3064 3065 # 3066 # Tools which may be either scripts or ELF binaries, 3067 # so we need to check them before adding to either $bfucmd or $bfuscr. 3068 # This does not handle compiled shell scripts yet. 3069 # 3070 bfuchameleons=" 3071 /usr/bin/basename 3072 /usr/bin/bg 3073 /usr/bin/cd 3074 /usr/bin/cksum 3075 /usr/bin/cmp 3076 /usr/bin/comm 3077 /usr/bin/command 3078 /usr/bin/dirname 3079 /usr/bin/cut 3080 /usr/bin/fc 3081 /usr/bin/fg 3082 /usr/bin/getopts 3083 /usr/bin/hash 3084 /usr/bin/jobs 3085 /usr/bin/join 3086 /usr/bin/kill 3087 /usr/bin/logname 3088 /usr/bin/paste 3089 /usr/bin/print 3090 /usr/bin/read 3091 /usr/bin/rev 3092 /usr/bin/sleep 3093 /usr/bin/sum 3094 /usr/bin/tee 3095 /usr/bin/test 3096 /usr/bin/type 3097 /usr/bin/ulimit 3098 /usr/bin/umask 3099 /usr/bin/unalias 3100 /usr/bin/uniq 3101 /usr/bin/wait 3102 /usr/bin/wc 3103 " 3104 3105 for chameleon in ${bfuchameleons} ; do 3106 if [[ "$(file "${chameleon}")" == *ELF* ]] ; then 3107 bfucmd="${bfucmd} ${chameleon}" 3108 else 3109 bfuscr="${bfuscr} ${chameleon}" 3110 fi 3111 done 3112 3113 rm -rf /tmp/bfubin 3114 mkdir /tmp/bfubin 3115 set $bfucmd 3116 isalist=`isalist` 3117 while [ $# -gt 0 ] 3118 do 3119 dir=${1%/*} 3120 cmd=${1##*/} 3121 cd $dir 3122 isacmd=`(find $isalist -name $cmd 2>/dev/null; echo $cmd) | head -1` 3123 cp $dir/$isacmd /tmp/bfubin || fail "cannot copy $dir/$isacmd" 3124 shift 3125 done 3126 3127 # 3128 # Optional commands. We warn, but do not abort, if we are crossing a 3129 # feature boundary (where a command is not present in the parent). 3130 # Clauses requiring these commands must explicitly test for their 3131 # presence in /tmp/bfubin. 3132 # 3133 bfuoptcmd=" 3134 /sbin/biosdev 3135 /sbin/bootadm 3136 /sbin/installgrub 3137 /usr/sbin/fdisk 3138 /usr/sbin/metastat 3139 /usr/bin/mkisofs 3140 /usr/sbin/svcadm 3141 /usr/sbin/svccfg 3142 /usr/bin/svcprop 3143 /usr/bin/svcs 3144 " 3145 3146 set $bfuoptcmd 3147 isalist=`isalist` 3148 while [ $# -gt 0 ] 3149 do 3150 dir=${1%/*} 3151 cmd=${1##*/} 3152 cd $dir 3153 isacmd=`(find $isalist -name $cmd 2>/dev/null; echo $cmd) | head -1` 3154 cp $dir/$isacmd /tmp/bfubin 2>/dev/null 3155 shift 3156 done 3157 3158 3159 # 3160 # set up installgrub and friends if transitioning to multiboot or directboot 3161 # do this now so ldd can determine library dependencies 3162 # 3163 # We split the binaries into two groups: the type where we want to make any 3164 # effort to get the newest version (like symdef and bootadm), and the type 3165 # where any old version will do (like installgrub and biosdev). 3166 # 3167 # If we're bfu'ing across the directboot/multiboot boundary, we need the new 3168 # bootadm and symdef to properly handle menu.lst changes. If the system is 3169 # directboot, we can use the local copies. If the system is multiboot but 3170 # the archives are directboot, we extract the binaries early. Otherwise, 3171 # we're not crossing the boundary, and which one we use doesn't matter. 3172 # 3173 # NB - if bootadm or symdef is ever changed to require a new library, the 3174 # early extraction will blow up horribly. 3175 # 3176 # For testing purposes, a user can set DIRECTBOOT_BIN_DIR in the environment, 3177 # and we'll use that instead. 3178 # 3179 MULTIBOOT_BIN_DIR=${MULTIBOOT_BIN_DIR:=${GATE}/public/multiboot} 3180 have_new_bootadm=unknown 3181 3182 if [ -f "$root/platform/i86xpv/kernel/unix" ]; then 3183 root_is_xpv=yes 3184 root_is_directboot=yes 3185 elif [ -x "$root/boot/solaris/bin/symdef" ] && \ 3186 "$root"/boot/solaris/bin/symdef "$root/platform/i86pc/kernel/unix" \ 3187 dboot_image; then 3188 root_is_xpv=no 3189 root_is_directboot=yes 3190 else 3191 root_is_xpv=no 3192 root_is_directboot=no 3193 fi 3194 3195 # 3196 # A comma-separated list of the command and the archive it's in 3197 # 3198 multiboot_new_cmds=" 3199 sbin/bootadm,generic.sbin 3200 boot/solaris/bin/symdef,i86pc.boot 3201 " 3202 3203 if [ $multi_or_direct = yes ]; then 3204 for line in $multiboot_new_cmds 3205 do 3206 cmd=${line%,*} 3207 file=${cmd##*/} 3208 archive=${line#*,} 3209 if [ -n "$DIRECTBOOT_BIN_DIR" ] && \ 3210 [ -f $DIRECTBOOT_BIN_DIR/$file ]; then 3211 cp $DIRECTBOOT_BIN_DIR/$file /tmp/bfubin/ 3212 else 3213 if [[ $root_is_xpv = yes || 3214 $root_is_directboot = yes && 3215 $archive_type = multiboot ]]; then 3216 cp $root/$cmd /tmp/bfubin/ 3217 have_new_bootadm=yes 3218 elif [ $archive_type = directboot ] || \ 3219 [ $archive_type = xpv ]; then 3220 DBOOT_TMPDIR=/tmp/dboot.$$ 3221 trap "rm -rf $DBOOT_TMPDIR" EXIT 3222 OLD_PWD=$(pwd) 3223 rm -rf $DBOOT_TMPDIR 3224 mkdir $DBOOT_TMPDIR 3225 cd $DBOOT_TMPDIR 3226 $ZCAT $cpiodir/${archive}$ZFIX | \ 3227 cpio -id "$cmd" 2>/dev/null 3228 if [ -x $cmd ]; then 3229 cp $cmd /tmp/bfubin/ 3230 have_new_bootadm=yes 3231 fi 3232 cd $OLD_PWD 3233 rm -rf $DBOOT_TMPDIR 3234 trap - EXIT 3235 fi 3236 fi 3237 3238 # 3239 # If all else fails, grab the local version 3240 # 3241 if [ ! -x /tmp/bfubin/$file ]; then 3242 [ -x /$cmd ] && cp /$cmd /tmp/bfubin 3243 fi 3244 done 3245 if [ $archive_type = directboot ] && [ $root_is_directboot = yes ]; then 3246 cleanup_eeprom_console 3247 fi 3248 fi 3249 3250 multiboot_cmds=" 3251 /sbin/biosdev 3252 /sbin/installgrub 3253 " 3254 copying_mboot_cmds=no 3255 if [ $multi_or_direct = yes ]; then 3256 for cmd in $multiboot_cmds 3257 do 3258 file=`basename $cmd` 3259 if [ -f $cmd ]; then 3260 cp $cmd /tmp/bfubin 3261 elif [ -n "$DIRECTBOOT_BIN_DIR" ] && 3262 [ -d $DIRECTBOOT_BIN_DIR ] && 3263 [ -x $DIRECTBOOT_BIN_DIR/$file ]; then 3264 cp $DIRECTBOOT_BIN_DIR/$file /tmp/bfubin/ 3265 else 3266 if [ ! -d $MULTIBOOT_BIN_DIR ]; then 3267 echo "$MULTIBOOT_BIN_DIR: not found" 3268 elif [ ! -f $MULTIBOOT_BIN_DIR/$file ]; then 3269 echo "$MULTIBOOT_BIN_DIR/$file: not found" 3270 fi 3271 if [ $copying_mboot_cmds = no ]; then 3272 echo "installing files from $MULTIBOOT_BIN_DIR" 3273 copying_mboot_cmds=yes 3274 fi 3275 cp $MULTIBOOT_BIN_DIR/$file /tmp/bfubin 3276 fi 3277 3278 done 3279 fi 3280 3281 # 3282 # If available, use ldd to determine which libraries bfu depends on. 3283 # Otherwise, just make an educated guess. 3284 # 3285 if [ -x /usr/bin/ldd ]; then 3286 bfulib="`ldd /tmp/bfubin/* | nawk '$3 ~ /lib/ { print $3 }' | sort -u`" 3287 else 3288 bfulib=" 3289 /lib/libc.so.1 3290 /lib/libm.so.2 3291 /lib/libdoor.so.1 3292 /lib/libm.so.2 3293 /lib/libmd.so.1 3294 /lib/libmd5.so.1 3295 /lib/libnvpair.so.1 3296 /lib/libscf.so.1 3297 /lib/libuutil.so.1 3298 /usr/lib/libbsm.so.1 3299 /usr/lib/libc2.so 3300 /usr/lib/libdl.so.1 3301 /usr/lib/libelf.so.1 3302 /usr/lib/libkstat.so.1 3303 /usr/lib/libmapmalloc.so.1 3304 /usr/lib/libmp.so.1 3305 /usr/lib/libnsl.so.1 3306 /usr/lib/libpam.so.1 3307 /usr/lib/libsec.so.1 3308 /usr/lib/libsocket.so.1 3309 /usr/lib/libtecla.so.1 3310 " 3311 fi 3312 3313 # add dlopen()'ed stuff 3314 bfulib=" 3315 $bfulib 3316 /lib/ld.so.1 3317 /usr/lib/nss_* 3318 " 3319 3320 # add svccfg dtd rules 3321 bfulib=" 3322 $bfulib 3323 /usr/share/lib/xml/dtd/service_bundle.dtd.1 3324 " 3325 3326 BFUSVCCFG="SVCCFG_DTD=/tmp/bfulib/service_bundle.dtd.1 /tmp/bfubin/svccfg" 3327 3328 # add libc_psr.so.1, if available and not empty 3329 if [ -s /platform/`uname -i`/lib/libc_psr.so.1 ]; then 3330 bfulib=" 3331 $bfulib 3332 /platform/`uname -i`/lib/libc_psr.so.1 3333 " 3334 fi 3335 3336 rm -rf /tmp/bfulib /tmp/bl 3337 mkdir /tmp/bfulib /tmp/bl 3338 3339 # 3340 # Create 64 bit directory structure and determine 64 bit arch name. 3341 # 3342 if [ -h /usr/lib/64 ] 3343 then 3344 link=`ls -dl /usr/lib/64 | awk '{print $NF}'` 3345 ln -s $link /tmp/bfulib/64 3346 ln -s $link /tmp/bl/64 3347 mkdir /tmp/bfulib/$link /tmp/bl/$link 3348 bfulib="$bfulib /usr/lib/64/nss_*" 3349 # 3350 # Copy libraries to proper directories 3351 # 3352 for lib in $bfulib 3353 do 3354 case $lib in 3355 */64/* | */$link/*) 3356 cp $lib /tmp/bfulib/64;; 3357 *) 3358 cp $lib /tmp/bfulib;; 3359 esac 3360 done 3361 # 3362 # Private 64 bit runtime linker. 3363 # 3364 cp /lib/64/ld.so.1 /tmp/bfulib/64/bf.1 3365 cp /lib/64/ld.so.1 /tmp/bl/64/bf.1 3366 else 3367 cp $bfulib /tmp/bfulib 3368 fi 3369 cp /lib/ld.so.1 /tmp/bfulib/bf.1 # bfu's private runtime linker 3370 cp /lib/ld.so.1 /tmp/bl/bf.1 3371 3372 ${BFULD-$GATE/public/bin/$bfu_isa/bfuld} /tmp/bfubin/* || fail "bfuld failed" 3373 3374 for x in $bfuscr 3375 do 3376 sed -e 's/\/usr\/bin\//\/tmp\/bfubin\//g' \ 3377 -e 's/\/bin\//\/tmp\/bfubin\//g' < $x > /tmp/bfubin/`basename $x` 3378 chmod +x /tmp/bfubin/`basename $x` 3379 done 3380 3381 # 3382 # scripts used together with multiboot 3383 # 3384 multiboot_scr=" 3385 /boot/solaris/bin/create_ramdisk 3386 /boot/solaris/bin/create_diskmap 3387 /boot/solaris/bin/root_archive 3388 " 3389 3390 if [ $multi_or_direct = yes ]; then 3391 for cmd in $multiboot_scr 3392 do 3393 file=`basename $cmd` 3394 if [ -f $cmd ]; then 3395 cp $cmd /tmp/bfubin 3396 else 3397 if [ ! -d $MULTIBOOT_BIN_DIR ]; then 3398 echo "$MULTIBOOT_BIN_DIR: not found" 3399 fail "" 3400 fi 3401 3402 if [ ! -f $MULTIBOOT_BIN_DIR/$file ]; then 3403 echo "$MULTIBOOT_BIN_DIR/$file: not found" 3404 fail "" 3405 fi 3406 echo "copying $file from $MULTIBOOT_BIN_DIR" 3407 cp $MULTIBOOT_BIN_DIR/$file /tmp/bfubin 3408 fi 3409 3410 # 3411 # We do two substitutions here to replace references to 3412 # both /usr/bin/ and /bin/ with /tmp/bfubin/ 3413 # 3414 mv /tmp/bfubin/${file} /tmp/bfubin/${file}- 3415 sed -e 's/\/usr\/bin\//\/tmp\/bfubin\//g' \ 3416 -e 's/\/bin\//\/tmp\/bfubin\//g' \ 3417 < /tmp/bfubin/${file}- > /tmp/bfubin/${file} 3418 chmod +x /tmp/bfubin/${file} 3419 done 3420 fi 3421 3422 # 3423 # For directboot archives, /boot/platform/i86pc/kernel/unix will be 3424 # overwritten, which could cause a mis-match with the failsafe 3425 # miniroot. Extract unix from the miniroot and save it off for now. 3426 # 3427 if [ $archive_type = directboot ] && [ $diskless = no ]; then 3428 if gunzip -c "$root/boot/x86.miniroot-safe" \ 3429 >/tmp/bfubin/miniroot-unzipped; then 3430 lofifile=/tmp/bfubin/miniroot-unzipped 3431 else 3432 # Shouldn't happen? See if someone already unzipped it. 3433 lofifile="$root/boot/x86.miniroot-safe" 3434 fi 3435 lofidev=`lofiadm -a $lofifile 2>/dev/null` 3436 if [ -n "$lofidev" ]; then 3437 mkdir /tmp/bfubin/mnt 3438 mount -r $lofidev /tmp/bfubin/mnt 3439 3440 unix=/tmp/bfubin/mnt/boot/platform/i86pc/kernel/unix 3441 if [ -f $unix ]; then 3442 cp $unix /tmp/bfubin/unix 3443 failsafe_type=directboot 3444 elif [ -f /tmp/bfubin/mnt/platform/i86pc/multiboot ] 3445 then 3446 failsafe_type=multiboot 3447 fi 3448 3449 umount /tmp/bfubin/mnt 3450 rmdir /tmp/bfubin/mnt 3451 lofiadm -d $lofidev 3452 fi 3453 rm -f /tmp/bfubin/miniroot-unzipped 3454 fi 3455 3456 revert_aggregation_conf() 3457 { 3458 aggrconf=$rootprefix/etc/aggregation.conf 3459 nawk ' 3460 /^[ \t]*#/ || /^[ \t]*$/ || $4 ~ "/0" { 3461 print; 3462 next; 3463 } 3464 3465 { 3466 OFS="\t"; 3467 gsub(/[^,]*/, "&/0", $4); 3468 print; 3469 }' $aggrconf > $aggrconf.bfutmp 3470 mv -f $aggrconf.bfutmp $aggrconf 3471 } 3472 3473 remove_initd_links() 3474 { 3475 # If we're delivering a new version of an existing /etc/init.d script, 3476 # remove all hard links to the existing file in /etc/rc?.d whose 3477 # names begin with [SK][0-9][0-9]. Additionally, in case an S or K 3478 # file was previously delivered as a symbolic link or the hard link 3479 # was broken, remove any file in /etc/rc?.d whose name is 3480 # [SK][0-9][0-9] followed by the basename of the file we're going 3481 # to update in /etc/init.d. 3482 3483 print "Removing init.d links ... \c" 3484 scripts=`$ZCAT $cpiodir/generic.root$ZFIX | 3485 cpio -it 2>/dev/null | grep '^etc/init\.d/'` 3486 if [ -n "$scripts" ]; then 3487 inodes=`ls -li $scripts 2>/dev/null | \ 3488 nawk '{ print "-inum " $1 " -o " }'` 3489 names=`ls -1 $scripts 2>/dev/null | \ 3490 nawk -F/ '{ print "-name [SK][0-9][0-9]" $NF }'` 3491 find etc/rc?.d \( $inodes $names \) -print | xargs rm -f 3492 fi 3493 print "done." 3494 } 3495 3496 # 3497 # Remove Wildcat (aka Sun Fire Link) 3498 # 3499 remove_eof_wildcat() 3500 { 3501 # Packages to remove 3502 typeset -r wildcat_pkgs='SUNWwrsa SUNWwrsd SUNWwrsu SUNWwrsm' 3503 typeset pkg 3504 3505 # 3506 # First, attempt to remove the packages cleanly if possible. 3507 # Use a custom "admin" file to specify that removal scripts 3508 # in the packages being removed should be run even if they 3509 # will run as root. 3510 # 3511 typeset -r admfile='/tmp/wcat_eof.$$' 3512 echo "action=nocheck" > $admfile 3513 3514 printf 'Removing Wildcat packages...' 3515 for pkg in $wildcat_pkgs 3516 do 3517 if pkginfo $pkgroot -q $pkg; then 3518 printf ' %s' $pkg 3519 pkgrm $pkgroot -n -a $admfile $pkg >/dev/null 2>&1 3520 fi 3521 done 3522 printf '\n' 3523 3524 # 3525 # In case that didn't work, do it manually. 3526 # 3527 printf 'Removing Wildcat from %s/var/sadm/install/contents...' \ 3528 $rootprefix 3529 for pkg in $wildcat_pkgs 3530 do 3531 printf ' %s' $pkg 3532 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3533 rm -rf $rootprefix/var/sadm/pkg/$pkg 3534 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3535 /tmp/contents.$$ 3536 cp /tmp/contents.$$ \ 3537 $rootprefix/var/sadm/install/contents 3538 rm /tmp/contents.$$ 3539 fi 3540 done 3541 printf '\n' 3542 3543 # 3544 # Cleanup any remaining Wildcat files, symlinks, and directories. 3545 # 3546 rm -f $usr/platform/sun4u/include/sys/wci_common.h 3547 rm -f $usr/platform/sun4u/include/sys/wci_regs.h 3548 rm -f $usr/platform/sun4u/include/sys/wci_offsets.h 3549 rm -f $usr/platform/sun4u/include/sys/wci_cmmu.h 3550 rm -f $usr/platform/sun4u/include/sys/wrsm.h 3551 rm -f $usr/platform/sun4u/include/sys/wrsm_common.h 3552 rm -f $usr/platform/sun4u/include/sys/wrsm_config.h 3553 rm -f $usr/platform/sun4u/include/sys/wrsm_types.h 3554 rm -f $usr/platform/sun4u/include/sys/wrsm_plat.h 3555 rm -f $usr/platform/sun4u/include/sys/wrsm_plugin.h 3556 rm -f $usr/platform/sun4u/include/sys/wrsmconf.h 3557 3558 rm -f $usr/platform/sun4u/lib/mdb/kvm/sparcv9/wrsm.so 3559 rm -f $usr/platform/sun4u/lib/mdb/kvm/sparcv9/wrsmd.so 3560 3561 rm -f $rootprefix/platform/SUNW,Sun-Fire-15000/kernel/misc/sparcv9/gptwo_wci 3562 3563 rm -f $rootprefix/platform/sun4u/kernel/kmdb/sparcv9/wrsm 3564 rm -f $rootprefix/platform/sun4u/kernel/kmdb/sparcv9/wrsmd 3565 3566 rm -f $admfile 3567 } 3568 3569 # 3570 # Remove ASET 3571 # 3572 remove_eof_aset() 3573 { 3574 # Packages to remove 3575 typeset -r aset_pkgs='SUNWast' 3576 typeset pkg 3577 3578 printf 'Removing ASET... ' 3579 3580 # 3581 # First, attempt to remove the packages cleanly if possible. 3582 # 3583 for pkg in $aset_pkgs 3584 do 3585 if pkginfo $pkgroot -q $pkg; then 3586 printf ' %s' $pkg 3587 pkgrm $pkgroot -n $pkg >/dev/null 2>&1 3588 fi 3589 done 3590 printf '\n' 3591 3592 # 3593 # In case that didn't work, do it manually. 3594 # Remove ASET from $rootprefix/var/sadm/install/contents 3595 # 3596 for pkg in $aset_pkgs 3597 do 3598 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3599 rm -rf $rootprefix/var/sadm/pkg/$pkg 3600 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3601 /tmp/contents.$$ 3602 cp /tmp/contents.$$ $rootprefix/var/sadm/install/contents.$$ 3603 rm /tmp/contents.$$ 3604 fi 3605 done 3606 3607 # 3608 # Cleanup any remaining ASET files, symlinks, and directories. 3609 # 3610 rm -rf $usr/aset 3611 } 3612 3613 # 3614 # Remove BIND 8 named server/tools packages 3615 # 3616 remove_eof_bind8() 3617 { 3618 # Packages to remove 3619 typeset -r bind8_pkg='SUNWinamd' 3620 typeset pkg 3621 3622 printf 'Removing BIND 8 named server/tools... ' 3623 3624 # 3625 # We cann't pkgrm SUNWinamd at this time as the BIND 9 binaries are 3626 # already in /usr/sbin. 3627 # Remove BIND 8 packages from $rootprefix/var/sadm/install/contents 3628 # 3629 for pkg in $bind8_pkgs 3630 do 3631 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3632 rm -rf $rootprefix/var/sadm/pkg/$pkg 3633 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3634 /tmp/contents.$$ 3635 cp /tmp/contents.$$ /var/sadm/install/contents.$$ 3636 rm /tmp/contents.$$ 3637 fi 3638 done 3639 3640 # 3641 # Cleanup any BIND 8 specific files, symlinks. 3642 # 3643 3644 # files and symlinks. 3645 rm -f $usr/sbin/named-xfer 3646 rm -f $usr/lib/nslookup.help 3647 rm -f $usr/sbin/dnskeygen 3648 rm -f $usr/sbin/named-bootconf 3649 rm -f $usr/sbin/nstest 3650 rm -rf $rootprefix/var/run/ndc.d 3651 printf 'done.\n' 3652 } 3653 3654 # 3655 # Remove the 5.6.1 version of perl. 3656 # 3657 remove_perl_561() 3658 { 3659 3660 # 3661 # Packages to remove. 3662 # 3663 typeset -r perl_pkgs='SUNWpl5m SUNWpl5p SUNWpl5u SUNWpl5v' 3664 3665 # 3666 # First, attempt to remove the packages cleanly if possible. 3667 # 3668 typeset pkg 3669 printf 'Removing perl 5.6.1 packages' 3670 for pkg in $perl_pkgs 3671 do 3672 if pkginfo $pkgroot -q $pkg; then 3673 printf ' %s' $pkg 3674 pkgrm $pkgroot -n $pkg >/dev/null 2>&1 3675 fi 3676 done 3677 printf '\n' 3678 3679 # 3680 # In case that didn't work, do it manually. 3681 # 3682 printf 'Removing perl 5.6.1 from %s/var/sadm/install/contents' \ 3683 $rootprefix 3684 for pkg in $PKGS 3685 do 3686 printf ' %s' $pkg 3687 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3688 rm -rf $rootprefix/var/sadm/pkg/$pkg 3689 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3690 /tmp/contents.$$ 3691 cp /tmp/contents.$$ /var/sadm/install/contents.$$ 3692 rm /tmp/contents.$$ 3693 fi 3694 done 3695 printf '\n' 3696 3697 # 3698 # Remove any remaining 5.6.1 files, 3699 # 3700 printf 'Removing perl 5.6.1 from %s/perl5\n' $usr 3701 3702 # Directories. 3703 rm -rf $usr/perl5/5.6.1 3704 rm -rf $usr/perl5/site_perl/5.6.1 3705 rm -rf $usr/perl5/vendor_perl/5.6.1 3706 } 3707 # 3708 # Remove FNS/XFN packages 3709 # 3710 remove_eof_fns() 3711 { 3712 # Packages to remove 3713 typeset -r fns_pkgs='SUNWfnx5x SUNWfnsx5 SUNWfnsx SUNWfns' 3714 typeset pkg 3715 3716 printf 'Removing FNS/XFN ... ' 3717 3718 # 3719 # First, attempt to remove the packages cleanly if possible. 3720 # 3721 for pkg in $fns_pkgs 3722 do 3723 if pkginfo $pkgroot -q $pkg; then 3724 printf ' %s' $pkg 3725 pkgrm $pkgroot -n $pkg >/dev/null 2>&1 3726 fi 3727 done 3728 printf '\n' 3729 3730 # 3731 # In case that didn't work, do it manually. 3732 # Remove FNS/XFN from $rootprefix/var/sadm/install/contents 3733 # 3734 for pkg in $fns_pkgs 3735 do 3736 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3737 rm -rf $rootprefix/var/sadm/pkg/$pkg 3738 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3739 /tmp/contents.$$ 3740 cp /tmp/contents.$$ $rootprefix/var/sadm/install/contents.$$ 3741 rm /tmp/contents.$$ 3742 fi 3743 done 3744 3745 # 3746 # Cleanup if any remaining FNS/XFN files, symlinks, and directories. 3747 # 3748 3749 # directories. 3750 rm -rf $rootprefix/etc/fn 3751 rm -rf $usr/include/xfn 3752 rm -rf $usr/lib/fn 3753 rm -rf $rootprefix/var/fn 3754 3755 # files and symlinks. 3756 rm -f $rootprefix/etc/fn.conf 3757 rm -f $usr/bin/fnattr 3758 rm -f $usr/bin/fnbind 3759 rm -f $usr/bin/fncreate_printer 3760 rm -f $usr/bin/fnlist 3761 rm -f $usr/bin/fnlookup 3762 rm -f $usr/bin/fnrename 3763 rm -f $usr/bin/fnsearch 3764 rm -f $usr/bin/fnunbind 3765 rm -f $usr/sbin/fncheck 3766 rm -f $usr/sbin/fncopy 3767 rm -f $usr/sbin/fncreate 3768 rm -f $usr/sbin/fncreate_fs 3769 rm -f $usr/sbin/fndestroy 3770 rm -f $usr/sbin/fnselect 3771 rm -f $usr/sbin/fnsypd 3772 rm -f $usr/lib/libfn_p.so 3773 rm -f $usr/lib/libfn_p.so.1 3774 rm -f $usr/lib/libfn_spf.so 3775 rm -f $usr/lib/libfn_spf.so.1 3776 rm -f $usr/lib/libxfn.so 3777 rm -f $usr/lib/libxfn.so.1 3778 rm -f $usr/lib/libxfn.so.2 3779 rm -f $usr/lib/sparcv9/libfn_p.so 3780 rm -f $usr/lib/sparcv9/libfn_p.so.1 3781 rm -f $usr/lib/sparcv9/libfn_spf.so 3782 rm -f $usr/lib/sparcv9/libfn_spf.so.1 3783 rm -f $usr/lib/sparcv9/libxfn.so 3784 rm -f $usr/lib/sparcv9/libxfn.so.1 3785 rm -f $usr/lib/sparcv9/libxfn.so.2 3786 } 3787 3788 remove_eof_face() { 3789 # Packages to remove 3790 typeset -r face_pkgs='SUNWfac' 3791 typeset pkg 3792 3793 printf 'Removing AT&T FACE... ' 3794 3795 # 3796 # First, attempt to remove the packages cleanly if possible. 3797 # 3798 for pkg in $face_pkgs 3799 do 3800 if pkginfo $pkgroot -q $pkg; then 3801 printf ' %s' $pkg 3802 pkgrm $pkgroot -n $pkg >/dev/null 2>&1 3803 fi 3804 done 3805 printf '\n' 3806 3807 # 3808 # In case that didn't work, do it manually. 3809 # Remove FACE from $rootprefix/var/sadm/install/contents 3810 # 3811 for pkg in $face_pkgs 3812 do 3813 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3814 rm -rf $rootprefix/var/sadm/pkg/$pkg 3815 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3816 /tmp/contents.$$ 3817 cp /tmp/contents.$$ $rootprefix/var/sadm/install/contents.$$ 3818 rm /tmp/contents.$$ 3819 fi 3820 done 3821 3822 # 3823 # Cleanup any remaining FACE files, symlinks, and directories. 3824 # 3825 rm -rf $usr/oasys 3826 rm -rf $usr/vmsys 3827 } 3828 3829 remove_eof_dmi() { 3830 # Packages to remove 3831 typeset -r dmi_pkgs='SUNWsadmi' 3832 typeset pkg 3833 3834 printf 'Removing DMI... ' 3835 3836 # 3837 # First, attempt to remove the packages cleanly if possible. 3838 # 3839 for pkg in $dmi_pkgs 3840 do 3841 if pkginfo $pkgroot -q $pkg; then 3842 printf ' %s' $pkg 3843 pkgrm $pkgroot -n $pkg >/dev/null 2>&1 3844 fi 3845 done 3846 printf '\n' 3847 3848 # 3849 # In case that didn't work, do it manually. 3850 # Remove DMI from $rootprefix/var/sadm/install/contents 3851 # 3852 for pkg in $dmi_pkgs 3853 do 3854 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3855 rm -rf $rootprefix/var/sadm/pkg/$pkg 3856 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3857 /tmp/contents.$$ 3858 cp /tmp/contents.$$ $rootprefix/var/sadm/install/contents.$$ 3859 rm /tmp/contents.$$ 3860 fi 3861 done 3862 3863 # 3864 # Cleanup any remaining DMI files, symlinks, and directories. 3865 # 3866 rm -rf $usr/lib/dmi 3867 rm -rf $rootprefix/var/dmi 3868 rm -rf $rootprefix/etc/dmi 3869 rm -f $usr/lib/libdmi.so 3870 rm -f $usr/lib/libdmici.so 3871 rm -f $usr/lib/libdmimi.so 3872 rm -f $usr/lib/libdmi.so.1 3873 rm -f $usr/lib/libdmici.so.1 3874 rm -f $usr/lib/libdmimi.so.1 3875 rm -f $usr/lib/sparcv9/libdmi.so 3876 rm -f $usr/lib/sparcv9/libdmici.so 3877 rm -f $usr/lib/sparcv9/libdmimi.so 3878 rm -f $usr/lib/sparcv9/libdmi.so.1 3879 rm -f $usr/lib/sparcv9/libdmici.so.1 3880 rm -f $usr/lib/sparcv9/libdmimi.so.1 3881 rm -f $usr/lib/amd64/libdmi.so 3882 rm -f $usr/lib/amd64/libdmici.so 3883 rm -f $usr/lib/amd64/libdmimi.so 3884 rm -f $usr/lib/amd64/libdmi.so.1 3885 rm -f $usr/lib/amd64/libdmici.so.1 3886 rm -f $usr/lib/amd64/libdmimi.so.1 3887 rm -f $usr/sbin/dmi_cmd 3888 rm -f $usr/sbin/dmiget 3889 rm -f $rootprefix/etc/init.d/init.dmi 3890 rm -f $rootprefix/etc/rc0.d/K07dmi 3891 rm -f $rootprefix/etc/rc1.d/K07dmi 3892 rm -f $rootprefix/etc/rc2.d/K07dmi 3893 rm -f $rootprefix/etc/rcS.d/K07dmi 3894 rm -f $rootprefix/etc/rc3.d/S77dmi 3895 } 3896 3897 # 3898 # Remove vold 3899 # 3900 remove_eof_vold() 3901 { 3902 printf 'Removing vold... ' 3903 3904 rm -rf $usr/lib/vold 3905 rm -rf $usr/lib/rmmount 3906 rm -f $usr/lib/fs/hsfs/ident_hsfs.so.1 3907 rm -f $usr/lib/fs/pcfs/ident_pcfs.so.1 3908 rm -f $usr/lib/fs/udfs/ident_udfs.so.1 3909 rm -f $usr/lib/fs/ufs/ident_ufs.so.1 3910 rm -f $usr/sbin/vold 3911 rm -f $usr/kernel/drv/vol 3912 rm -f $usr/kernel/drv/amd64/vol 3913 rm -f $usr/kernel/drv/sparcv9/vol 3914 rm -f $usr/include/rmmount.h 3915 rm -f $usr/include/vol.h 3916 rm -f $rootprefix/etc/vold.conf 3917 rm -f $rootprefix/etc/rmmount.conf 3918 3919 printf '\n' 3920 } 3921 3922 # 3923 # Remove the obsolete Mobile IP packages 3924 # 3925 remove_eof_mobileip() { 3926 typeset -r mip_pkgs='SUNWmipr SUNWmipu' 3927 typeset pkg 3928 3929 printf 'Removing Mobile IP... ' 3930 3931 for pkg in $mip_pkgs 3932 do 3933 if pkginfo $pkgroot -q $pkg; then 3934 printf ' %s' $pkg 3935 pkgrm $pkgroot -n $pkg >/dev/null 2>&1 3936 fi 3937 done 3938 3939 # In case that did not work, do it manually. 3940 if [[ -d $rootprefix/var/sadm/pkg/SUNWmipr ]]; then 3941 rm -f "$rootprefix/etc/inet/mipagent.conf-sample" 3942 rm -f "$rootprefix/etc/inet/mipagent.conf.fa-sample" 3943 rm -f "$rootprefix/etc/inet/mipagent.conf.ha-sample" 3944 rm -f "$rootprefix/etc/init.d/mipagent" 3945 rm -f "$rootprefix/etc/rc0.d/K06mipagent" 3946 rm -f "$rootprefix/etc/rc1.d/K06mipagent" 3947 rm -f "$rootprefix/etc/rc2.d/K06mipagent" 3948 rm -f "$rootprefix/etc/rc3.d/S80mipagent" 3949 rm -f "$rootprefix/etc/rcS.d/K06mipagent" 3950 rm -f "$rootprefix/etc/snmp/conf/mipagent.acl" 3951 rm -f "$rootprefix/etc/snmp/conf/mipagent.reg" 3952 fi 3953 if [[ -d $rootprefix/var/sadm/pkg/SUNWmipu ]]; then 3954 rm -f "$rootprefix/usr/lib/inet/mipagent" 3955 rm -f "$rootprefix/usr/sbin/mipagentconfig" 3956 rm -f "$rootprefix/usr/sbin/mipagentstat" 3957 fi 3958 printf '\n' 3959 } 3960 3961 # 3962 # Remove EOF Smartcard framework 3963 # 3964 remove_eof_smartcard() 3965 { 3966 # Packages to remove 3967 typeset -r smartcard_pkg='SUNWjcom SUNWkib SUNWocf SUNWocfd SUNWocfh 3968 SUNWocfr SUNWpamsc SUNWscmhdlr' 3969 typeset pkg 3970 3971 printf 'Removing EOF Smartcard... ' 3972 3973 for pkg in $smartcard_pkgs 3974 do 3975 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3976 rm -rf $rootprefix/var/sadm/pkg/$pkg 3977 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3978 /tmp/contents.$$ 3979 cp /tmp/contents.$$ /var/sadm/install/contents.$$ 3980 rm /tmp/contents.$$ 3981 fi 3982 done 3983 3984 # 3985 # Remove smartcard headers, libraries, Old readers and the 3986 # parts delivered from other consolidations 3987 # that no longer work with the ON parts removed. 3988 # 3989 rm -rf $usr/lib/smartcard \ 3990 $usr/share/lib/smartcard \ 3991 $usr/include/smartcard.h \ 3992 $usr/include/smartcard \ 3993 $root/etc/smartcard \ 3994 $root/platform/sun4u/kernel/drv/sparcv9/scmi2c 3995 3996 printf 'done.\n' 3997 } 3998 3999 remove_properties() { 4000 4001 # 4002 # Remove obsolete smartii setprop from bootenv.rc 4003 # 4004 srcbootenvrc=$root/boot/solaris/bootenv.rc 4005 tmpbootenvrc=/tmp/tmp.bootenvrc.$$ 4006 4007 # Don't touch bootenv.rc unless it contains obsolete property 4008 egrep -s 'target-driver-for-smartii' $srcbootenvrc 2>/dev/null 4009 res=$? 4010 if [ -f $srcbootenvrc -a $res -eq 0 ]; then 4011 egrep -v "target-driver-for-smartii"\ 4012 $srcbootenvrc > $tmpbootenvrc 2>/dev/null 4013 cp $tmpbootenvrc $srcbootenvrc 4014 fi 4015 rm -f $tmpbootenvrc 4016 } 4017 4018 rbac_cleanup() 4019 { 4020 # This is a copy of the RBAC portions of the SUNWcsr postinstall 4021 # We need to ensure that the RBAC profiles are self-consistent 4022 # as refinements are made that add granularity to the profiles 4023 4024 print "Cleaning up old RBAC profiles... \c" 4025 auth_attr=$rootprefix/etc/security/auth_attr 4026 exec_attr=$rootprefix/etc/security/exec_attr 4027 4028 if [ -f $auth_attr ]; then 4029 sed '/^solaris\.\*/d' $auth_attr > /tmp/a.$$ 4030 cp /tmp/a.$$ $auth_attr 4031 rm -f /tmp/a.$$ 4032 fi 4033 4034 if [ -f $exec_attr ]; then 4035 sed -e '/^Network Security.*sbin\/ipsec.*/ D' \ 4036 -e '/^Network Security.*sbin\/ike.*/ D' \ 4037 -e '/^Network Security.*inet\/in\.iked.*/ D' \ 4038 -e '/^Network Security.*inet\/cert.*/ D' $exec_attr > /tmp/e.$$ 4039 cp /tmp/e.$$ $exec_attr 4040 rm -f /tmp/e.$$ 4041 fi 4042 print "\n" 4043 } 4044 4045 crypto_cleanup() 4046 { 4047 # This function will remove no longer needed cryptography 4048 # related packages. 4049 4050 print "SUNWcry, SUNWcryr, SUNWn2cpact.v removal cleanup...\n" 4051 4052 # This clean up of ipsecalgs is not directly related to the EOF 4053 # of SUNWcry and SUWNcryr, but due to mistakes in this file seen 4054 # in earlier builds. The following lines will have no effect on 4055 # most machines. 4056 4057 ipsecalgs=$rootprefix/etc/inet/ipsecalgs 4058 4059 cp $ipsecalgs ${ipsecalgs}.tmp 4060 4061 sed -e 's/_CBC|128\/32-128,8/_CBC|128\/32-448,8/' \ 4062 -e 's/AES_CBC|128|/AES_CBC|128\/128-256,64|/' \ 4063 $ipsecalgs > ${ipsecalgs}.tmp 4064 4065 mv -f ${ipsecalgs}.tmp $ipsecalgs 4066 4067 # Packages to remove. 4068 typeset -r crypt_pkgs='SUNWcry SUNWcryr SUNWn2cpact.v' 4069 typeset pkg 4070 4071 # 4072 # First, attempt to remove the packages cleanly if possible. 4073 # Use a custom "admin" file to specify that removal scripts 4074 # in the packages being removed should be run even if they 4075 # will run as root. 4076 4077 typeset -r admfile='/tmp/crypt_eof.$$' 4078 cat > $admfile <<- EOF 4079 mail= 4080 instance=overwrite 4081 partial=nocheck 4082 runlevel=nocheck 4083 idepend=nocheck 4084 rdepend=nocheck 4085 space=nocheck 4086 setuid=nocheck 4087 conflict=nocheck 4088 action=nocheck 4089 basedir=default 4090 EOF 4091 4092 printf ' Removing packages...' 4093 for pkg in $crypt_pkgs 4094 do 4095 if pkginfo $pkgroot -q $pkg; then 4096 printf ' %s' $pkg 4097 pkgrm $pkgroot -n -a $admfile $pkg >/dev/null 2>&1 4098 fi 4099 done 4100 printf '\n' 4101 4102 # SUNWcry/SUNWcryr contents go away, if pkgrm didn't take 4103 # care of them. 4104 # The userland modules, kernel modules and OpenSSL filter libs 4105 rm -f $rootprefix/usr/lib/security/pkcs11_softtoken_extra.so.1 4106 rm -f $rootprefix/usr/lib/security/pkcs11_softtoken_extra.so 4107 rm -f $rootprefix/usr/lib/security/sparcv9/pkcs11_softtoken_extra.so.1 4108 rm -f $rootprefix/usr/lib/security/sparcv9/pkcs11_softtoken_extra.so 4109 rm -f $rootprefix/usr/lib/security/amd64/pkcs11_softtoken_extra.so.1 4110 rm -f $rootprefix/usr/lib/security/amd64/pkcs11_softtoken_extra.so 4111 4112 rm -f $rootprefix/kernel/crypto/aes256 4113 rm -f $rootprefix/kernel/crypto/sparcv9/aes256 4114 rm -f $rootprefix/kernel/crypto/amd64/aes256 4115 rm -f $rootprefix/platform/SUNW,A70/kernel/crypto/sparcv9/aes256 4116 rm -f $rootprefix/platform/SUNW,Netra-CP3010/kernel/crypto/sparcv9/aes256 4117 rm -f $rootprefix/platform/SUNW,Netra-T12/kernel/crypto/sparcv9/aes256 4118 rm -f $rootprefix/platform/SUNW,Netra-T4/kernel/crypto/sparcv9/aes256 4119 rm -f $rootprefix/platform/SUNW,SPARC-Enterprise/kernel/crypto/sparcv9/aes256 4120 rm -f $rootprefix/platform/SUNW,Sun-Blade-1000/kernel/crypto/sparcv9/aes256 4121 rm -f $rootprefix/platform/SUNW,Sun-Blade-1500/kernel/crypto/sparcv9/aes256 4122 rm -f $rootprefix/platform/SUNW,Sun-Blade-2500/kernel/crypto/sparcv9/aes256 4123 rm -f $rootprefix/platform/SUNW,Sun-Fire-15000/kernel/crypto/sparcv9/aes256 4124 rm -f $rootprefix/platform/SUNW,Sun-Fire-280R/kernel/crypto/sparcv9/aes256 4125 rm -f $rootprefix/platform/SUNW,Sun-Fire-480R/kernel/crypto/sparcv9/aes256 4126 rm -f $rootprefix/platform/SUNW,Sun-Fire-880/kernel/crypto/sparcv9/aes256 4127 rm -f $rootprefix/platform/SUNW,Sun-Fire-V215/kernel/crypto/sparcv9/aes256 4128 rm -f $rootprefix/platform/SUNW,Sun-Fire-V240/kernel/crypto/sparcv9/aes256 4129 rm -f $rootprefix/platform/SUNW,Sun-Fire-V250/kernel/crypto/sparcv9/aes256 4130 rm -f $rootprefix/platform/SUNW,Sun-Fire-V440/kernel/crypto/sparcv9/aes256 4131 rm -f $rootprefix/platform/SUNW,Sun-Fire-V445/kernel/crypto/sparcv9/aes256 4132 rm -f $rootprefix/platform/SUNW,Sun-Fire/kernel/crypto/sparcv9/aes256 4133 rm -f $rootprefix/platform/sun4u-us3/kernel/crypto/sparcv9/aes256 4134 rm -f $rootprefix/kernel/crypto/arcfour2048 4135 rm -f $rootprefix/kernel/crypto/sparcv9/arcfour2048 4136 rm -f $rootprefix/kernel/crypto/amd64/arcfour2048 4137 rm -f $rootprefix/platform/sun4u/kernel/crypto/sparcv9/arcfour2048 4138 rm -f $rootprefix/kernel/crypto/blowfish448 4139 rm -f $rootprefix/kernel/crypto/sparcv9/blowfish448 4140 rm -f $rootprefix/kernel/crypto/amd64/blowfish448 4141 rm -f $rootprefix/usr/sfw/lib/libssl_extra.so.0.9.8 4142 rm -f $rootprefix/usr/sfw/lib/libcrypto_extra.so.0.9.8 4143 4144 # SUNWn2cpact.v contents go away, if pkgrm didn't take 4145 # care of them 4146 rm -f $rootprefix/platform/sun4v/kernel/drv/sparcv9/n2cp.esa 4147 4148 print "\n" 4149 } 4150 4151 # 4152 # Remove old fips-140 entry from kcf.conf if it is found 4153 # 4154 cleanup_kcf_fips140() 4155 { 4156 4157 kcfconf=$rootprefix/etc/crypto/kcf.conf 4158 kcfconftmp=/tmp/kcfconf.tmp.$$ 4159 4160 if grep '^fips-140:' $kcfconf >/dev/null ; then 4161 grep -v '^fips-140:' $kcfconf > $kcfconftmp 4162 print "Removing obsolete fips-140 entry from kcf.conf" 4163 cp $kcfconftmp $kcfconf 4164 rm -f $kcfconftmp 4165 fi 4166 } 4167 4168 # 4169 # Add metaslot configuration to pkcs11.conf if it doesn't already exist 4170 # 4171 enable_crypto_metaslot() 4172 { 4173 pkcs11conf=$rootprefix/etc/crypto/pkcs11.conf 4174 egrep '^metaslot' ${pkcs11conf} > /dev/null 2>& 1 4175 if [ $? != 0 ] ; then 4176 print "Adding cryptographic framework's meta slot feature" 4177 cp $pkcs11conf ${pkcs11conf}.tmp 4178 export metaslot_config=\ 4179 "metaslot:metaslot_status=enabled;metaslot_auto_key_migrate=enabled;"\ 4180 "metaslot_token=Sun Software PKCS#11 softtoken;"\ 4181 "metaslot_slot=Sun Crypto Softtoken" 4182 nawk '/^# End SUNWcsr/ \ 4183 { print ENVIRON["metaslot_config"] } \ 4184 { print } \ 4185 ' ${pkcs11conf} > ${pkcs11conf}.tmp 4186 mv -f ${pkcs11conf}.tmp $pkcs11conf 4187 print "\n" 4188 fi 4189 } 4190 4191 cleanup_kerberos_mechanisms() 4192 { 4193 # 4194 # This checks to see if the old 'gl' and 'do' directories 4195 # for the Kerberos GSS-API mechanisms can be deleted. 4196 # If the mechanism exists in /usr/lib/gss, then the old 4197 # subdirs may be deleted. 4198 # 4199 print "Cleaning up old Kerberos GSS-API mechanisms...\c" 4200 4201 kerneldir=kernel/misc/kgss 4202 kerneldir_sparc=kernel/misc/kgss/sparcv9 4203 4204 newmech=no; 4205 if [ -f $usr/lib/gss/mech_krb5.so.1 ]; then 4206 # 4207 # There is a mech in the "new" location, so 4208 # the old stuff can be deleted. 4209 # 4210 if [ -d $usr/lib/gss/gl ]; then 4211 rm -rf $usr/lib/gss/gl 4212 fi 4213 if [ -d $usr/lib/gss/do ]; then 4214 rm -rf $usr/lib/gss/do 4215 fi 4216 newmech=yes; 4217 fi 4218 if [ -f $usr/lib/sparcv9/gss/mech_krb5.so.1 ]; then 4219 if [ -d $usr/lib/sparcv9/gss/gl ]; then 4220 rm -rf $usr/lib/sparcv9/gss/gl 4221 fi 4222 if [ -d $usr/lib/sparcv9/gss/do ]; then 4223 rm -rf $usr/lib/sparcv9/gss/do 4224 fi 4225 fi 4226 # 4227 # Cleanup kernel mechanisms from default location 4228 # 4229 if [ -f $rootprefix/$kerneldir/kmech_krb5 ]; then 4230 if [ -f $rootprefix/$kerneldir/gl_kmech_krb5 ]; then 4231 rm -f $rootprefix/$kerneldir/gl_kmech_krb5 4232 fi 4233 if [ -f $rootprefix/$kerneldir/do_kmech_krb5 ]; then 4234 rm -f $rootprefix/$kerneldir/do_kmech_krb5 4235 fi 4236 fi 4237 # 4238 # For SPARC, cleanup from 2 locations. 4239 # 4240 # 1. /kernel/misc/kgss/sparcv9 4241 # 4242 if [ -f $rootprefix/$kerneldir_sparc/kmech_krb5 ]; then 4243 if [ -f $rootprefix/$kerneldir_sparc/gl_kmech_krb5 ]; then 4244 rm -f $rootprefix/$kerneldir_sparc/gl_kmech_krb5 4245 fi 4246 if [ -f $rootprefix/$kerneldir_sparc/do_kmech_krb5 ]; then 4247 rm -f $rootprefix/$kerneldir_sparc/do_kmech_krb5 4248 fi 4249 fi 4250 # 4251 # 2. /platform/sun4u/kernel/misc/kgss/sparcv9 4252 # 4253 kerneldir_sparc=platform/$karch/$kerneldir_sparc 4254 if [ -f $rootprefix/$kerneldir_sparc/kmech_krb5 ]; then 4255 if [ -f $rootprefix/$kerneldir_sparc/gl_kmech_krb5 ]; then 4256 rm -f $rootprefix/$kerneldir_sparc/gl_kmech_krb5 4257 fi 4258 if [ -f $rootprefix/$kerneldir_sparc/do_kmech_krb5 ]; then 4259 rm -f $rootprefix/$kerneldir_sparc/do_kmech_krb5 4260 fi 4261 fi 4262 # 4263 # Make sure the GSS mechanism configuration file is correct 4264 # 4265 if [ "$newmech" = "yes" ]; then 4266 gssmechconf=$rootprefix/etc/gss/mech 4267 4268 sed -e 's/gl\/mech_krb5\.so/mech_krb5\.so/' \ 4269 -e 's/do\/mech_krb5\.so/mech_krb5\.so/' \ 4270 -e 's/gl_kmech_krb5/kmech_krb5/' \ 4271 -e 's/do_kmech_krb5/kmech_krb5/'\ 4272 $gssmechconf > ${gssmechconf}.tmp 4273 4274 if [ $? -eq 0 ]; then 4275 mv -f ${gssmechconf}.tmp $gssmechconf 4276 else 4277 echo "WARNING: update of $gssmechconf failed." 4278 return 1 4279 fi 4280 fi 4281 print "\n" 4282 } 4283 4284 mpxiodisableno='^[ ]*mpxio-disable[ ]*=[ ]*"no"[ ]*;' 4285 mpxiodisableyes='^[ ]*mpxio-disable[ ]*=[ ]*"yes"[ ]*;' 4286 4287 fix_up_perms() 4288 { 4289 # 4290 # fix up audit permissions 4291 # 4292 chmod 644 $root/etc/security/audit_control 4293 chmod 644 $root/etc/security/audit_user 4294 4295 # 4296 # fix up /etc/inet config file permissions 4297 # 4298 INETFILES="hosts networks netmasks protocols services \ 4299 inetd.conf ipaddrsel.conf sock2path ipsecalgs" 4300 for file in ${INETFILES}; do 4301 chmod 644 $root/etc/inet/$file 4302 done 4303 } 4304 4305 # 4306 # disable mpxio on fp(7D) ports using fp.conf 4307 # 4308 disable_mpxio_using_fpconf() 4309 { 4310 conffile=$rootprefix/kernel/drv/fp.conf 4311 test -f $conffile || return 4312 egrep -s "$mpxiodisableyes" $conffile && return 4313 4314 print "To preserve device names, disabled mpxio on fp(7D) ports by" 4315 4316 if egrep -s "$mpxiodisableno" $conffile; then 4317 tmpfile=/tmp/fp.conf.$$ 4318 sed "s/$mpxiodisableno/mpxio-disable=\"yes\";/" $conffile \ 4319 > $tmpfile 4320 cp $tmpfile $conffile 4321 rm -f $tmpfile 4322 print "changing the value of mpxio-disable to \"yes\" in" \ 4323 "$conffile" 4324 else 4325 echo 'mpxio-disable="yes";' >> $conffile 4326 print "adding mpxio-disable=\"yes\" entry to $conffile" 4327 fi 4328 } 4329 4330 # 4331 # enable mpxio in scsi_vhci 4332 # 4333 enable_mpxio_using_scsivhciconf() 4334 { 4335 # 4336 # depending on whether the bfu restored the child's or parent's version 4337 # of scsi_vhci.conf file, we may already have the file with the change 4338 # we need in place. So make the change only if necessary. 4339 # 4340 4341 conffile=$rootprefix/kernel/drv/scsi_vhci.conf 4342 egrep -s "$mpxiodisableno" $conffile && return 4343 4344 print "To preserve device names, restored your current mpxio" \ 4345 "configuration by" 4346 4347 if egrep -s "$mpxiodisableyes" $conffile; then 4348 tmpfile=/tmp/scsi_vhci.conf.$$ 4349 sed "s/$mpxiodisableyes/mpxio-disable=\"no\";/" $conffile \ 4350 > $tmpfile 4351 cp $tmpfile $conffile 4352 rm -f $tmpfile 4353 print "changing the value of mpxio-disable to \"no\" in" \ 4354 "$conffile" 4355 else 4356 echo 'mpxio-disable="no";' >> $conffile 4357 print "adding mpxio-disable=\"no\" entry to $conffile" 4358 fi 4359 } 4360 4361 # 4362 # restore the pre-bfu MPxIO on/off setting to the post-bfued configuration 4363 # 4364 fixup_mpxio() 4365 { 4366 conffile=$rootprefix/kernel/drv/scsi_vhci.conf 4367 parentconffile=$rootprefix/bfu.parent/kernel/drv/scsi_vhci.conf 4368 childconffile=$rootprefix/bfu.child/kernel/drv/scsi_vhci.conf 4369 ancestorconffile=$rootprefix/bfu.ancestor/kernel/drv/scsi_vhci.conf 4370 4371 # if scsi_vhci.conf doesn't exist return 4372 test -f $conffile || return 4373 4374 # 4375 # Determine the mpxio setting in the child. If the system was bfued 4376 # before and running with mpxio on by deafult bits, can't rely on the 4377 # mpxio-disable entry in the child's scsi_vhci.conf file as it may 4378 # contain stale left over entries. 4379 # 4380 mpxio_child=1 4381 if [ -f $ancestorconffile ]; then 4382 if egrep -s "$mpxiodisableyes" $ancestorconffile; then 4383 # 4384 # prior to the bfu the system was running with 4385 # mpxio off by default bits. 4386 # 4387 mpxio_child=0 4388 egrep -s "$mpxiodisableno" $childconffile && \ 4389 mpxio_child=1 4390 fi 4391 else 4392 egrep -s "$mpxiodisableyes" $childconffile && mpxio_child=0 4393 fi 4394 4395 if egrep -s "$mpxiodisableyes" $parentconffile; then 4396 # these bits require explicit enabling of mpxio at in scsi_vhci 4397 if [ $mpxio_child -eq 1 ]; then 4398 egrep -s "$mpxiodisableyes" \ 4399 $rootprefix/kernel/drv/fp.conf || \ 4400 enable_mpxio_using_scsivhciconf 4401 fi 4402 else 4403 # 4404 # these bits have mpxio enabled by default in scsi_vhci. 4405 # if mpxio is disabled in the child, disable mpxio on all 4406 # fp(7D) ports using fp.conf. 4407 # 4408 [ $mpxio_child -eq 0 ] && disable_mpxio_using_fpconf 4409 fi 4410 } 4411 4412 fixup_isa_bfu() 4413 { 4414 aliasfile=$rootprefix/etc/driver_aliases 4415 parentalias=$rootprefix/bfu.parent/etc/driver_aliases 4416 pathtoinst=$rootprefix/etc/path_to_inst 4417 tmppath=/tmp/path_to_inst 4418 isaalias="pciclass,060100" 4419 4420 if [ $target_isa != i386 ]; then 4421 return; 4422 fi 4423 egrep -s "\"\/isa[\"\/]" $pathtoinst && child_pseudo_isa=1 4424 egrep -s "\"$isaalias\"" $parentalias || parent_pseudo_isa=1 4425 if [ "$child_pseudo_isa" != "$parent_pseudo_isa" ]; then 4426 sed -e '/\/isa[\"\/@]/d' <$pathtoinst >$tmppath 4427 mv $tmppath $pathtoinst 4428 fi 4429 4430 # bfu forwards, just return 4431 [[ "$parent_pseudo_isa" != 1 ]] && return 4432 4433 # remove the pciclass,060100 entry for isa when going backwards 4434 egrep -s "\"$isaalias\"" $aliasfile || return 4435 /tmp/bfubin/update_drv -b $root -d -i "$isaalias" isa >/dev/null 2>&1 4436 } 4437 4438 # 4439 # Check to see if root in $1 has a mounted boot, and that 4440 # it's mounted at the right place for bfu to handle it. 4441 # 4442 # Returns 0 (true) if bfu can handle the upgrade; fails if not 4443 # 4444 4445 boot_is_upgradeable() 4446 { 4447 ROOT=$1 4448 if [ "$ROOT" = "/" ] ; then ROOT=""; fi 4449 4450 BOOTPARTDEV="$(grep -s -v '^#' ${ROOT}/etc/vfstab | \ 4451 grep "[ ]/boot[ ]*pcfs[ ]" | \ 4452 awk '{print $1}')" 4453 4454 # find out if, and where, boot is mounted 4455 4456 if [ -n "$BOOTPARTDEV" ] ; then 4457 if [ -n "$ROOT" ] ; then 4458 4459 BOOTMNT=$(mount | grep "$BOOTPARTDEV" | \ 4460 awk '{print $1}') 4461 else 4462 BOOTMNT="/boot" 4463 fi 4464 if [ "$BOOTMNT" != ${ROOT}/boot ] ; then 4465 cat << BOOTMOUNTERR 4466 4467 ${ROOT} refers to an x86 boot partition, but it's not mounted 4468 at ${ROOT}/boot. 4469 4470 BOOTMOUNTERR 4471 fail "Mount ${ROOT}s bootpart at ${ROOT}/boot.\n\n" 4472 fi 4473 fi 4474 4475 return 0 4476 } 4477 4478 # update the realmode boot programs at $1 (root) 4479 # from classic boot psm/stand/bootblks/ufs/i386/installboot.sh 4480 4481 install_boot_i386() 4482 { 4483 PBOOT=$1 4484 BOOTBLK=$2 4485 DEVICE=$3 4486 if [ ! -f $PBOOT ]; then 4487 echo "$PBOOT: File not found" 4488 return 1 4489 fi 4490 if [ ! -f $BOOTBLK ]; then 4491 echo "$BOOTBLK: File not found" 4492 return 1 4493 fi 4494 if [ ! -c $DEVICE ]; then 4495 echo "$DEVICE: Not a character device" 4496 return 1 4497 fi 4498 if [ ! -w $DEVICE ]; then 4499 echo "$DEVICE: Not writeable" 4500 return 1 4501 fi 4502 4503 # pboot at block 0, label at blocks 1 and 2, bootblk from block 3 on 4504 dd if=$PBOOT of=$DEVICE bs=1b count=1 conv=sync >/dev/null 2>&1 4505 4506 dd if=$BOOTBLK of=$DEVICE bs=1b oseek=3 conv=sync >/dev/null 2>&1 4507 4508 return 0 4509 } 4510 4511 update_realmode_booters() 4512 { 4513 ROOT=$1 4514 4515 TMPDIR=/tmp/rmupdate.$$ 4516 trap "rm -rf $TMPDIR" EXIT 4517 4518 # go get new versions of boot files into TMPDIR 4519 4520 OLD_PWD=$(pwd) 4521 mkdir $TMPDIR 4522 cd $TMPDIR 4523 4524 # i86pc.boot archive 4525 REQFILES="boot/mdboot boot/strap.com" 4526 $ZCAT $cpiodir/i86pc.boot$ZFIX | cpio -id $REQFILES 2>/dev/null 4527 mv $REQFILES $TMPDIR 4528 4529 # i86pc.usr archive 4530 REQFILES="usr/platform/i86pc/lib/fs/ufs/pboot" 4531 REQFILES="$REQFILES usr/platform/i86pc/lib/fs/ufs/bootblk" 4532 $ZCAT $cpiodir/i86pc.usr$ZFIX | cpio -id $REQFILES 2>/dev/null 4533 mv $REQFILES $TMPDIR 4534 4535 cd $OLD_PWD 4536 4537 grep -s -v '^#' ${ROOT}/etc/vfstab | \ 4538 grep "[ ]/boot[ ]*pcfs[ ]" >/dev/null 4539 4540 if [ $? -eq 0 ] ; then 4541 echo 'Updating /boot on x86 boot partition.' 4542 4543 REQFILES="mdboot strap.com" 4544 for f in ${REQFILES}; do 4545 if [ ! -f ${TMPDIR}/$f ]; then 4546 fail "Missing $f, aborting." 4547 fi 4548 done 4549 4550 MDBOOT=${TMPDIR}/mdboot 4551 STRAP=${TMPDIR}/strap.com 4552 4553 LUBIN=/usr/lib/lu 4554 TMP_FDFILE1=${TMPDIR}/fdfile1.$$ 4555 LOGFILE=${TMPDIR}/mkfs.log.$$ 4556 DDCOPY=${TMPDIR}/.dd_x86_boot_copy 4557 4558 DISKID="$(grep -s -v '^#' ${ROOT}/etc/vfstab | \ 4559 grep "[ ]/boot[ ]*pcfs[ ]" |\ 4560 awk '{print $1}' | sed -e 's:p0\:boot::g')" 4561 4562 DISKID="$(basename ${DISKID})" 4563 4564 # Obtain the disk table; it will look something like the following: 4565 # 4566 # * Id Act Bhead Bsect Bcyl Ehead Esect Ecyl Rsect Numsect 4567 # 130 128 27 28 0 242 9 553 1728 8897472 4568 # 4569 # Delete all blank lines, and all lines that begin with *, 4570 # leaving only actual fdisk entries that we can scan 4571 # looking for the X86BOOT partition 4572 4573 fdisk -W - /dev/rdsk/${DISKID}p0 | \ 4574 grep -v '^*' | grep -v '^$' > ${TMP_FDFILE1} 4575 4576 num=1 4577 4578 while read id act bhead bcyl ehead ecyl rsect numsect 4579 do 4580 # Ignore entry if not X86 /boot partition 4581 # ID '190' is the X86BOOT partition (see man fdisk(1M)) 4582 4583 if [ $id -ne "190" ] ; then 4584 num=$(expr $num + 1) 4585 continue 4586 fi 4587 4588 # Found X86 boot partition - save contents to $DDCOPY 4589 BOOTPART=/dev/rdsk/${DISKID}p${num} 4590 echo "Boot device is <${BOOTPART}>" 4591 4592 ERRMSG="$(dd if=${BOOTPART} of=${DDCOPY} 2>&1)" 4593 if [ $? -ne 0 ] ; then 4594 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4595 fail "Unable to save copy of <${BOOTPART}>." 4596 fi 4597 4598 # mount copy of old /boot partition 4599 LOBOOTDEV=$(lofiadm -a ${DDCOPY} 2>&1) 4600 if [ $? -ne 0 ] ; then 4601 [ -n "${LOBOOTDEV}" ] && echo "${LOBOOTDEV}" 4602 fail "Unable to make lo-device <${DDCOPY}>" 4603 fi 4604 SOURCE_BOOT_DEV="${TMPDIR}/tmpbootdev.$$" 4605 mkdir ${SOURCE_BOOT_DEV} 4606 ERRMSG=$(mount -F pcfs ${LOBOOTDEV} \ 4607 ${SOURCE_BOOT_DEV}) 4608 if [ $? -ne 0 ] ; then 4609 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4610 fail "Unable to mount lo-device <${LOBOOTDEV}>." 4611 fi 4612 4613 # recreate existing boot partition with updated 4614 # boot files 4615 4616 # umount ${ROOT}'s /boot if mounted 4617 4618 BOOTMOUNTPT=$(mount | grep ${DISKID}p0:boot 2>&1 | \ 4619 awk '{print $1;}') 4620 4621 if [ -n "${BOOTMOUNTPT}" ] ; then 4622 echo "unmounting /dev/dsk/${DISKID}p0:boot" 4623 ERRMSG=$(umount \ 4624 /dev/dsk/${DISKID}p0:boot 2>&1) 4625 if [ $? -ne 0 ] ; then 4626 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4627 fail "Unable to umount X86 boot device." 4628 fi 4629 fi 4630 4631 echo "Making new pcfs file system on ${DISKID}" 4632 4633 echo y | /usr/lib/fs/pcfs/mkfs -F pcfs \ 4634 -o S,s,B=$MDBOOT,b=BOOT,i=$STRAP \ 4635 /dev/rdsk/${DISKID}p0:boot >> ${LOGFILE} 2>&1 4636 if [ $? -ne 0 ] ; then 4637 echo "Unable to make pcfs:" 4638 cat ${LOGFILE} 4639 fail "" 4640 fi 4641 4642 echo "Copying x86 boot partition contents back\c" 4643 echo " to new /boot fs." 4644 4645 OLD_PWD=$(pwd) 4646 4647 echo "Remounting freshened /boot partition" 4648 4649 if [ -z "${BOOTMOUNTPT}" ] ; then 4650 # boot ptn wasn't mounted 4651 BOOTMOUNT="/tmp/bootpart" 4652 mkdir ${BOOTMOUNT} 4653 else 4654 BOOTMOUNT=${BOOTMOUNTPT} 4655 fi 4656 4657 ERRMSG=$(mount -F pcfs \ 4658 /dev/dsk/${DISKID}p0:boot ${BOOTMOUNT} 2>&1) 4659 4660 if [ $? -ne 0 ] ; then 4661 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4662 fail "Unable to mount X86 boot device." 4663 fi 4664 4665 # copy old /boot contents 4666 cd ${SOURCE_BOOT_DEV} 4667 find . -mount \! -type s -print | \ 4668 cpio -pcdum ${BOOTMOUNT} 2>&1 | \ 4669 ${LUBIN}/lustripcpioerr 4670 4671 if [ $? -ne 0 ] ; then 4672 fail "Unable to copy boot partition contents." 4673 fi 4674 4675 cd ${OLD_PWD} 4676 4677 # unmount and rm our boot mount, if we created it 4678 if [ -z "${BOOTMOUNTPT}" ] ; then 4679 ERRMSG=$(umount ${BOOTMOUNT} 2>&1) 4680 if [ $? -ne 0 ] ; then 4681 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4682 fail "Unable to umount <$BOOTMOUNT>." 4683 fi 4684 rm -rf ${BOOTMOUNT} 4685 fi 4686 4687 # unmount, un-lofi, and rm SOURCE_BOOT_DEV 4688 4689 ERRMSG=$(umount ${SOURCE_BOOT_DEV} 2>&1) 4690 if [ $? -ne 0 ] ; then 4691 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4692 fail "Cannot umount lo-device <${LOBOOTDEV}>." 4693 fi 4694 4695 ERRMSG=$(lofiadm -d ${DDCOPY} 2>&1) 4696 if [ $? -ne 0 ] ; then 4697 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4698 fail "Cannot remove lo-device <${LOBOOTDEV}>." 4699 fi 4700 4701 rm -rf ${SOURCE_BOOT_DEV} 4702 4703 done < ${TMP_FDFILE1} 4704 rm ${TMP_FDFILE1} ${LOGFILE} ${DDCOPY} 4705 4706 else 4707 4708 # non boot-partition: use installboot to get pboot and bootblk 4709 echo "Updating /boot on Solaris partition." 4710 4711 if [ -z "${ROOT}" ] ; then SEARCH="/"; else SEARCH="${ROOT}"; fi 4712 4713 ROOTRAWDEV=$(mount | grep "^${SEARCH} on " | \ 4714 awk '{print $3}' | sed 's;/dsk;/rdsk;') 4715 4716 if [ -z "${ROOTRAWDEV}" ] ; then 4717 [ -n "${ROOTRAWDEV}" && echo "${ROOTRAWDEV}" ] 4718 fail "${SEARCH} must be a mounted filesystem" 4719 fi 4720 4721 echo "Updating Solaris partition ${ROOTRAWDEV} with installboot" 4722 REQFILES="pboot bootblk" 4723 for f in ${REQFILES}; do 4724 if [ ! -f ${TMPDIR}/$f ]; then 4725 fail "Missing $f, aborting." 4726 fi 4727 done 4728 PBOOT=${TMPDIR}/pboot 4729 BOOTBLK=${TMPDIR}/bootblk 4730 install_boot_i386 $PBOOT $BOOTBLK ${ROOTRAWDEV} 4731 if [ $? -ne 0 ] ; then 4732 fail "Unable to installboot to <${ROOTRAWDEV}>." 4733 fi 4734 fi 4735 } 4736 4737 # 4738 print "Verifying archives ..." 4739 4740 for a in generic $allarchs $rootarchs 4741 do 4742 test -r $cpiodir/$a.root$ZFIX || 4743 fail "bfu archive $cpiodir/$a.root$ZFIX missing" 4744 done 4745 4746 if [ ! -r $cpiodir/generic.lib$ZFIX -o ! -r $cpiodir/generic.kernel$ZFIX -o \ 4747 ! -r $cpiodir/generic.sbin$ZFIX ]; then 4748 old_style_archives="true" 4749 $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | \ 4750 egrep -s '^etc/zones' && \ 4751 fail "bfu archive $cpiodir/generic.{kernel,lib,sbin}$ZFIX" \ 4752 "missing;\npossible mkbfu version mismatch: pre-zones" \ 4753 "style archives with zones files." 4754 fi 4755 4756 for a in generic $allarchs $usrarchs 4757 do 4758 test -r $cpiodir/$a.usr$ZFIX || 4759 fail "bfu archive $cpiodir/$a.usr$ZFIX missing" 4760 done 4761 4762 for root in $rootlist 4763 do 4764 cd $root || fail "Cannot cd $root" 4765 prologue=${root%/}/bfu.prologue 4766 if [ -f $prologue ]; then 4767 print "Executing $prologue" 4768 $prologue || fail "$prologue failed with code $?" 4769 fi 4770 done 4771 4772 print "Performing basic sanity checks ..." 4773 4774 for dir in $usr $rootlist 4775 do 4776 test -d $dir || fail "$dir does not exist" 4777 test -w $dir || fail "$dir is not writable" 4778 cd $dir || fail "Cannot cd $dir" 4779 done 4780 4781 RM_32BIT_KERNEL=0; 4782 if [ "$karch" = "sun4u" ] && 4783 ($ZCAT $cpiodir/sun4u.root$ZFIX | cpio -itv 2>&1 | 4784 grep "^l.*platform/sun4u/kernel/unix -> sparcv9/unix$" > /dev/null); 4785 then 4786 RM_32BIT_KERNEL=1; 4787 if [ "$force_override" = "no" ] && 4788 (prtconf -F 2>&1 | egrep '(cgthree|bwtwo)' > /dev/null); 4789 then 4790 print "\n\nERROR: You are upgrading to a 64-bit-only OS. " \ 4791 "Your frame buffer does not have a 64-bit driver and " \ 4792 "will not work after reboot. To proceed you must run " \ 4793 "bfu with the -f flag."; 4794 exit; 4795 fi; 4796 fi; 4797 4798 if [ $plat = "SUNW,Ultra-1" ] && [ ! -f $cpiodir/SUNW,Ultra-1.root$ZFIX ] && 4799 [ "$force_override" = "no" ]; 4800 then 4801 print "\nERROR: These archives do not have Ultra-1 platform support." \ 4802 "\nProceeding with this BFU may render this machine unbootable." \ 4803 "\nTo proceed anyway, you must run bfu with the -f flag.\n"; 4804 exit; 4805 fi; 4806 4807 for root in $rootlist 4808 do 4809 rootprefix=${root%/} 4810 smf_check_repository 4811 done 4812 4813 MINIMUM_OS_REV=10 4814 4815 # 4816 # Perform additional sanity checks if we are upgrading the live system. 4817 # 4818 if [ "$rootlist" = "/" ] 4819 then 4820 # 4821 # Disallow from older releases 4822 # 4823 os_rev=`uname -r | sed -e s/5.//` 4824 if [ $os_rev -lt $MINIMUM_OS_REV -a "$force_override" = "no" ]; then 4825 fail "Cannot bfu from pre-Solaris $MINIMUM_OS_REV" 4826 fi 4827 if [ ! -x /usr/sbin/svcadm ]; then 4828 fail "This version of bfu cannot run on pre-Greenline " \ 4829 "(s10_64) systems" 4830 fi 4831 4832 # 4833 # Filesystem space checks 4834 # 4835 set $root 4 $usr 6 4836 while [ $# -gt 0 ] 4837 do 4838 test "`df -b $1 | tail -1 | nawk '{ print $2 }'`" -ge ${2}000 || 4839 fail "Less than $2 MB free on $1 -- bfu not safe." 4840 shift 2 4841 done 4842 # 4843 # Disable kernel module unloading 4844 # 4845 print "Disabling kernel module unloading ... \c" 4846 test -x /usr/bin/adb || fail "/usr/bin/adb not found: bfu not safe." 4847 echo "moddebug/W20000" | adb -kw /dev/ksyms /dev/mem | grep moddebug 4848 # 4849 # Load modules and drivers here not to reload them when you access 4850 # /devices or its subdirectories later. 4851 # 4852 nawk '$1 !~ /^#|^$/ {print $1}' /etc/name_to_major | \ 4853 sed -e 's/#.*$//' | while read driver 4854 do 4855 modload -p drv/${driver} >/dev/null 2>&1 4856 done 4857 ls $cpiodir >>/dev/null # loads elfexec and networking 4858 4859 # exec/intpexec and sys/kaio are needed by lofi 4860 modload -p exec/intpexec >/dev/null 2>&1 4861 modload -p sys/kaio >/dev/null 2>&1 4862 4863 # umount /lib/libc.so.1 if necessary 4864 if [ -n "`mount | grep '^/lib/libc.so.1'`" ] 4865 then 4866 print "Unmounting /lib/libc.so.1 ..." 4867 umount /lib/libc.so.1 4868 fi 4869 4870 PLAT=`/usr/bin/uname -i` 4871 ARCH=`/usr/bin/uname -m` 4872 # umount /platform/$PLAT/lib/libc_psr.so.1 if necessary 4873 if [ -n "`mount | grep "^/platform/$PLAT/lib/libc_psr.so.1"`" ] 4874 then 4875 print "Unmounting /platform/$PLAT/lib/libc_psr.so.1 ..." 4876 umount /platform/$PLAT/lib/libc_psr.so.1 4877 else 4878 # umount /platform/$ARCH/lib/libc_psr.so.1 if necessary 4879 if [ -n "`mount | grep "^/platform/$ARCH/lib/libc_psr.so.1"`" ] 4880 then 4881 print "Unmounting /platform/$ARCH/lib/libc_psr.so.1 ..." 4882 umount /platform/$ARCH/lib/libc_psr.so.1 4883 fi 4884 fi 4885 4886 # umount /platform/$PLAT/lib/sparcv9/libc_psr.so.1 if necessary 4887 if [ -n "`mount | grep "^/platform/$PLAT/lib/sparcv9/libc_psr.so.1"`" ] 4888 then 4889 print "Unmounting /platform/$PLAT/lib/sparcv9/libc_psr.so.1 ..." 4890 umount /platform/$PLAT/lib/sparcv9/libc_psr.so.1 4891 else 4892 # umount /platform/$ARCH/lib/sparcv9/libc_psr.so.1 if necessary 4893 if [ -n "`mount | grep \ 4894 "^/platform/$ARCH/lib/sparcv9/libc_psr.so.1"`" ] 4895 then 4896 print "Unmounting \c" 4897 print "/platform/$ARCH/lib/sparcv9/libc_psr.so.1 ..." 4898 umount /platform/$ARCH/lib/sparcv9/libc_psr.so.1 4899 fi 4900 fi 4901 4902 # umount /platform/sun4u-us3/lib/libc_psr.so.1 if necessary 4903 if [ -n "`mount | grep '^/platform/sun4u-us3/lib/libc_psr.so.1'`" ] 4904 then 4905 print "Unmounting /platform/sun4u-us3/lib/libc_psr.so.1 ..." 4906 umount /platform/sun4u-us3/lib/libc_psr.so.1 4907 fi 4908 4909 # umount /platform/sun4u-us3/lib/sparcv9/libc_psr.so.1 if necessary 4910 if [ -n "`mount | grep '^/platform/sun4u-us3/lib/sparcv9/libc_psr.so.1'`" ] 4911 then 4912 print "Unmounting /platform/sun4u-us3/lib/sparcv9/libc_psr.so.1 ..." 4913 umount /platform/sun4u-us3/lib/sparcv9/libc_psr.so.1 4914 fi 4915 4916 # 4917 # The libpiclsbl.so.1 library has been moved from 4918 # /usr/platform/SUNW,Sun-Fire-T200/lib/... to 4919 # /usr/platform/sun4v/lib/... . Other sun4v platforms create 4920 # symbolic link to T200's libpiclsbl.so.1. Therefore check 4921 # if library is present in T200's directory and then remove 4922 # it and the symbolic links. 4923 if [ -a \ 4924 $usr/platform/SUNW,Sun-Fire-T200/lib/picl/plugins/libpiclsbl.so.1 ] 4925 then 4926 print "Removing libpiclsbl.so library ..." 4927 find $usr/platform -name libpiclsbl\* -exec rm {} \; 4928 fi 4929 4930 if [ -x /usr/sbin/zoneadm ]; then 4931 # 4932 # Stop any running zones: the init script will print a 4933 # message if needed. 4934 # 4935 if [ -x /etc/init.d/zones ]; then 4936 /etc/init.d/zones stop 4937 elif [ -x /lib/svc/method/svc-zones ]; then 4938 # 4939 # We need all zones to be down before proceeding. 4940 # We can't accomplish this by just disabling the 4941 # zones service, since it might already be disabled. 4942 # So we pretend to be SMF, and invoke the stop method. 4943 # 4944 # When zones are someday independently managed as 4945 # service instances, this will need to be revised. 4946 # 4947 export SMF_FMRI="svc:/system/zones:default" 4948 /lib/svc/method/svc-zones stop 4949 unset SMF_FMRI 4950 fi 4951 4952 [ -z `zoneadm list | grep -v global` ] || \ 4953 fail "zone(s) failed to halt" 4954 # 4955 # Determine the installed zones, which we will want to do 4956 # after we're done with the global zone. This is done now 4957 # rather than later in case bfu'ing the global zone causes 4958 # the zone configuration to become unreadable (e.g., via a 4959 # DTD flag day). 4960 # 4961 bfu_zone_list=$root/.bfu_zone_list 4962 rm -f $bfu_zone_list 4963 4964 zoneadm list -pi | nawk -F: '{ 4965 if ($3 == "installed" && 4966 ($6 == "native" || $6 == "" || $6 == "sn1")) { 4967 printf "%s %s\n", $2, $4 4968 } 4969 }' > $bfu_zone_list 4970 fi 4971 4972 # 4973 # save vlans associated with zones to be upgraded 4974 # to the new dladm based format 4975 # 4976 flowadm_status="old" 4977 if [[ ! -f $root/sbin/flowadm ]] && \ 4978 archive_file_exists generic.sbin "sbin/flowadm"; then 4979 flowadm_status="new" 4980 4981 for iftype in hostname hostname6 dhcp 4982 do 4983 interface_names="`echo /etc/$iftype.*[0-9] 2>/dev/null`" 4984 if [ "$interface_names" != "/etc/iftype.*[0-9]" ]; then 4985 ORIGIFS="$IFS" 4986 IFS="$IFS." 4987 set -- $interface_names 4988 IFS="$ORIGIFS" 4989 while [ $# -ge 2 ]; do 4990 shift 4991 if [ $# -gt 1 -a \ 4992 "$2" != "/etc/$iftype" ]; then 4993 while [ $# -gt 1 -a \ 4994 "$1" != "/etc/$iftype" ]; do 4995 shift 4996 done 4997 else 4998 host_ifs="$host_ifs $1" 4999 shift 5000 fi 5001 done 5002 fi 5003 done 5004 5005 zones=`zoneadm list -c | grep -v global` 5006 for zone in $zones 5007 do 5008 zonecfg -z $zone info ip-type | grep exclusive \ 5009 >/dev/null 5010 if [ $? -eq 0 ]; then 5011 zif=`zonecfg -z $zone info net | \ 5012 grep physical | nawk '{print $2}'` 5013 zone_ifs="$zone_ifs $zif" 5014 fi 5015 done 5016 fi 5017 # 5018 # Stop sendmail so that mail doesn't bounce during the interval 5019 # where /etc/mail/aliases is (effectively) empty. 5020 # 5021 # (note that unlike other services here, /etc/init.d/sendmail 5022 # remains post-smf(5) because it is a public interface.) 5023 # 5024 if [ -r /etc/svc/volatile/repository_door ]; then 5025 print "Disabling sendmail temporarily ..." 5026 svcadm disable -t network/smtp 5027 else 5028 print "Killing sendmail ..." 5029 /etc/init.d/sendmail stop 5030 fi 5031 5032 print "Disabling remote logins ..." 5033 echo "bfu in progress -- remote logins disabled" >/etc/nologin 5034 5035 # 5036 # Stop syslogd so it doesn't interfere with saving preserved files. 5037 # 5038 if [ -f /etc/init.d/syslog ]; then 5039 print "Killing syslogd ..." 5040 /etc/init.d/syslog stop 5041 elif [ -r /etc/svc/volatile/repository_door ]; then 5042 print "Disabling syslog temporarily ..." 5043 svcadm disable -t system/system-log 5044 fi 5045 5046 # 5047 # Stop apache so it doesn't get upset when the entire world changes 5048 # out from underneath it. 5049 # 5050 if [ -f /etc/init.d/apache ]; then 5051 print "Killing httpd ..." 5052 /etc/init.d/apache stop 5053 elif [ -r /etc/svc/volatile/repository_door ]; then 5054 print "Disabling httpd temporarily ..." 5055 svcadm disable -t network/http 5056 fi 5057 5058 # 5059 # Kill off fmd so it doesn't get upset when the entire world changes 5060 # out from underneath it. 5061 # 5062 if [ -f /etc/init.d/savecore ]; then 5063 print "Killing fmd ..." 5064 pkill -x fmd 5065 elif [ -r /etc/svc/volatile/repository_door ]; then 5066 print "Disabling fmd temporarily ..." 5067 svcadm disable -t system/fmd 5068 fi 5069 5070 # 5071 # Stop nscd so it doesn't interfere with stuff. 5072 # 5073 if [ -x /etc/init.d/nscd ]; then 5074 print "Killing nscd ..." 5075 /etc/init.d/nscd stop 5076 elif [ -r /etc/svc/volatile/repository_door ]; then 5077 print "Disabling nscd temporarily ..." 5078 svcadm disable -t system/name-service-cache:default 5079 fi 5080 5081 if grep -v "^#" $rootprefix/etc/vfstab | grep boot | \ 5082 grep "[ ]pcfs[ ]" >/dev/null 2>&1 5083 then 5084 boot_is_pcfs=yes 5085 fi 5086 5087 smf_new_profiles 5088 5089 else 5090 # 5091 # Check ${root}/etc/motd for SunOS value to get `uname -r` 5092 # 5093 os_rev=`head -1 ${root}/etc/motd | sed -e 's/^.*SunOS //' | \ 5094 awk '{print $1}' | sed -e s/5.//` 5095 if [ $os_rev -lt $MINIMUM_OS_REV -a "$force_override" = "no" ]; then 5096 fail "Cannot bfu from pre-Solaris $MINIMUM_OS_REV" 5097 fi 5098 if [ ! -x /usr/sbin/svcadm ]; then 5099 fail "This version of bfu cannot run on pre-Greenline " \ 5100 "(s10_64) systems" 5101 fi 5102 fi 5103 5104 export PATH=/tmp/bfubin:$PATH 5105 export LD_LIBRARY_PATH=/tmp/bfulib 5106 5107 if [ -h /tmp/bfulib/64 ] 5108 then 5109 ldlib64="LD_LIBRARY_PATH_64=/tmp/bfulib/64" 5110 export LD_LIBRARY_PATH_64=/tmp/bfulib/64 5111 fi 5112 5113 # turn off auxiliary filters, since they can cause objects to be loaded 5114 # from outside of the protected environment. 5115 export LD_NOAUXFLTR=1 5116 5117 # 5118 # Since we've turned off auxiliary filters, libc_psr will normally not 5119 # be loaded at all. But libc_psr was overriding broken code in libc 5120 # for over a week before the fix for 6324631, so we need to explicitly 5121 # LD_PRELOAD it to allow users to bfu from the broken libc. This can be 5122 # removed once there are no sun4u machines bfued to Nevada bits between 5123 # 9/7/2005 and 9/15/2005. 5124 # 5125 if [ -f /tmp/bfulib/libc_psr.so.1 ]; then 5126 export LD_PRELOAD_32=/tmp/bfulib/libc_psr.so.1 5127 fi 5128 5129 print "Turning on delayed i/o ..." 5130 fastfs -f $rootlist $usr 5131 fastfs $rootlist $usr 5132 5133 # 5134 # The "| tee -a $EXTRACT_LOG" following do_extraction() is not pulled into the 5135 # function itself because it interferes with the cpio exit status detection. 5136 # pcfs boot is an exception, since its cpio exit status is expected to be bad, 5137 # so a heuristic must be employed to infer whether or not any errors occurred. 5138 # 5139 do_extraction() { 5140 compressed_archive=$1 5141 shift 5142 $ZCAT $compressed_archive | cpio -idmucB $* 2>&1 \ 5143 || extraction_error "extracting archive $1" 5144 } 5145 5146 do_pcfs_boot_extraction() { 5147 PCFS_BOOT_LOG=/tmp/bfu-pcfs-boot-log.$$ 5148 $ZCAT $1 | cpio -idmucB 2>&1 | grep -v "error.s" | \ 5149 grep -v "cpio: Cannot chown()" | \ 5150 grep -v "cpio: Error during chown()" | tee $PCFS_BOOT_LOG 5151 cat $PCFS_BOOT_LOG >> $EXTRACT_LOG 5152 egrep -s -v blocks $PCFS_BOOT_LOG 5153 if [ $? -eq 0 ]; then 5154 extraction_error "extracting archive $1 ... see $PCFS_BOOT_LOG" 5155 else 5156 rm -f $PCFS_BOOT_LOG 5157 fi 5158 } 5159 5160 # 5161 # Usage: extract_archives (root|usr|lib|sbin|kernel) arch-list 5162 # 5163 extract_archives() { 5164 base=$1 5165 shift 5166 test $base = usr && cd $usrroot || cd $root 5167 for archive in $* 5168 do 5169 print "Extracting $archive.$base$ZFIX ... \c" \ 5170 | tee -a $EXTRACT_LOG 5171 test -h platform/$archive && rm platform/$archive 5172 if [ $base = root ]; then 5173 exclude="-f dev/fd home proc etc/mnttab" 5174 5175 # 5176 # We don't want to overwrite the sharetab if 5177 # it is a mount-point. We assume it is a 5178 # mount-point if it is not writable. 5179 # 5180 if [ -f etc/dfs/sharetab ]; then 5181 if [ ! -w etc/dfs/sharetab ]; then 5182 exclude="$exclude etc/dfs/sharetab" 5183 fi 5184 fi 5185 5186 [ -d system/contract ] && 5187 exclude="$exclude system/contract" 5188 [ -d system/object ] && 5189 exclude="$exclude system/object" 5190 [ -f etc/svc/repository.db ] && 5191 exclude="$exclude etc/svc/repository.db" 5192 [ -e etc/repository_door ] && 5193 exclude="$exclude etc/repository_door" 5194 [ -f etc/svc/volatile ] && 5195 exclude="$exclude etc/svc/volatile" 5196 do_extraction $cpiodir/$archive.$base$ZFIX $exclude | 5197 tee -a $EXTRACT_LOG 5198 elif [ $base = usr ]; then 5199 do_extraction $cpiodir/$archive.$base$ZFIX \ 5200 -f "usr/openwin" | tee -a $EXTRACT_LOG 5201 else 5202 do_extraction $cpiodir/$archive.$base$ZFIX \ 5203 | tee -a $EXTRACT_LOG 5204 fi 5205 done 5206 cd $root 5207 } 5208 5209 extract_boot_archives() { 5210 base=$1 5211 shift 5212 cd $root 5213 for archive in $* 5214 do 5215 if [ ! -f $cpiodir/$archive.$base$ZFIX ]; then 5216 continue 5217 fi 5218 print "Extracting $archive.$base$ZFIX ... \c" \ 5219 | tee -a $EXTRACT_LOG 5220 if [ $boot_is_pcfs = yes ]; then 5221 do_pcfs_boot_extraction $cpiodir/$archive.$base$ZFIX 5222 else 5223 do_extraction $cpiodir/$archive.$base$ZFIX | \ 5224 tee -a $EXTRACT_LOG 5225 fi 5226 $ZCAT $cpiodir/$archive.$base$ZFIX | cpio -it 2>&1 | \ 5227 grep "boot/solaris/devicedb/master" >/dev/null 2>&1 5228 if [ "$?" = "0" ]; then 5229 have_realmode=yes 5230 fi 5231 done 5232 cd $root 5233 } 5234 5235 # 5236 # Classic boot pboot and bootblk compatibility with old archives 5237 # 5238 setup_pboot() 5239 { 5240 NEWPBOOTDIR=$GATE/public/pboot 5241 NEWPBOOT=${NEWPBOOTDIR}/pboot 5242 NEWBOOTBLK=${NEWPBOOTDIR}/bootblk 5243 PBOOTDIR=$usr/platform/$karch/lib/fs/ufs 5244 PBOOT=${PBOOTDIR}/pboot 5245 BOOTBLK=${PBOOTDIR}/bootblk 5246 5247 # they should already be there, but... 5248 if [ -f $NEWPBOOT -a ! -f $PBOOT ]; then 5249 print "Installing pboot from $NEWPBOOTDIR" 5250 cp $NEWPBOOT $PBOOT 5251 fi 5252 if [ -f $NEWBOOTBLK -a ! -f $BOOTBLK ]; then 5253 print "Installing bootblk from $NEWPBOOTDIR" 5254 cp $NEWBOOTBLK $BOOTBLK 5255 fi 5256 5257 if [ -f $NEWPBOOT -a -f $PBOOT ]; then 5258 LATEST=`ls -Lt $PBOOT $NEWPBOOT | head -1` 5259 if [ "$LATEST" = "$NEWPBOOT" ]; then 5260 print "Updating pboot from $NEWPBOOT" 5261 cp $NEWPBOOT $PBOOT 5262 fi 5263 fi 5264 if [ -f $NEWBOOTBLK -a -f $BOOTBLK ]; then 5265 LATEST=`ls -Lt $BOOTBLK $NEWBOOTBLK | head -1` 5266 if [ "$LATEST" = "$NEWBOOTBLK" ]; then 5267 print "Updating bootblk from $NEWBOOTBLK" 5268 cp $NEWBOOTBLK $BOOTBLK 5269 fi 5270 fi 5271 # 5272 # This function will never be called when upgrading a zfs root, 5273 # so it's safe to assume a value for rootslice here. 5274 # 5275 if [[ "$rootslice" = /dev/rdsk/* ]]; then 5276 print "Installing boot block." 5277 ( cd $PBOOTDIR ; 5278 install_boot_i386 ./pboot ./bootblk ${rootslice%??}s2 ) 5279 fi 5280 # 5281 # Since /platform/i86pc/boot/solaris/boot.bin is moved 5282 # to /boot/solaris, remove the old one if it really 5283 # exists. 5284 # 5285 OLDBOOTDIR=${root}/platform/i86pc/boot/solaris 5286 OLDBOOTBIN=${OLDBOOTDIR}/boot.bin 5287 if [ ! -h ${OLDBOOTDIR} -a -f ${OLDBOOTBIN} ] ; 5288 then 5289 print "Removing old boot.bin." 5290 rm -rf ${OLDBOOTBIN} 5291 fi 5292 } 5293 5294 # 5295 # Multiboot support 5296 # 5297 5298 saved_boot_files=" 5299 solaris/bootenv.rc 5300 solaris/devicedb/master 5301 " 5302 5303 # 5304 # transition from multiboot to dca 5305 # 5306 check_multi_to_dca_boot() 5307 { 5308 bootdev=`grep p0:boot $rootprefix/etc/vfstab | \ 5309 grep pcfs | nawk '{print $1}'` 5310 if [ "$bootdev" != "" ]; then 5311 is_pcfs_boot=yes 5312 fi 5313 5314 if [ $is_pcfs_boot = yes ]; then 5315 df -h | grep stubboot >/dev/null 2>&1 5316 if [ $? -eq 0 ]; then 5317 5318 # save configurable files from /boot 5319 # before remounting /stubboot. 5320 # files are relative to /boot. 5321 for file in $saved_boot_files 5322 do 5323 dir="`dirname $rootprefix/stubboot/$file`" 5324 mkdir -p $dir 5325 cp $rootprefix/boot/$file $dir 5326 done 5327 5328 echo "unmount $bootdev at $rootprefix/stubboot" 5329 ERRMSG=$(umount $bootdev 2>&1) 5330 if [ $? -ne 0 ] ; then 5331 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 5332 fail "Unable to umount $bootdev on $rootprefix/stubboot." 5333 fi 5334 5335 # adjust vfstab 5336 sed -e "s/[ ]\/stubboot[ ]/ \/boot /" \ 5337 <$rootprefix/etc/vfstab >$rootprefix/etc/vfstab+ 5338 mv $rootprefix/etc/vfstab $rootprefix/etc/vfstab- 5339 mv $rootprefix/etc/vfstab+ $rootprefix/etc/vfstab 5340 5341 ERRMSG=$(mount -F pcfs $bootdev $rootprefix/boot 2>&1) 5342 if [ $? -ne 0 ] ; then 5343 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 5344 fail "Unable to mount $bootdev on $rootprefix/boot." 5345 fi 5346 fi 5347 fi 5348 } 5349 5350 check_dca_to_multiboot() 5351 { 5352 bootdev=`grep p0:boot $rootprefix/etc/vfstab | \ 5353 grep pcfs | nawk '{print $1}'` 5354 if [ "$bootdev" != "" ]; then 5355 is_pcfs_boot=yes 5356 fi 5357 if [ $system_type != dca ]; then 5358 return 5359 fi 5360 5361 # ensure bootpath is in $rootprefix/boot/solaris/bootenv.rc 5362 # It's ok to put a meta device path in there 5363 bootenvrc=$rootprefix/boot/solaris/bootenv.rc 5364 grep "^setprop[ ]*bootpath[ ]" $bootenvrc > /dev/null 5365 if [ $? != 0 ]; then 5366 rootdev=`grep -v "^#" $rootprefix/etc/vfstab | \ 5367 grep "[ ]/[ ]" | nawk '{print $1}'` 5368 bootpath=`ls -l $rootdev | nawk '{ print $NF }' |\ 5369 sed "s#../../devices##"` 5370 echo "setprop bootpath '$bootpath'" >> $bootenvrc 5371 fi 5372 5373 rm -f $rootprefix/boot/mdboot 5374 } 5375 5376 # 5377 # Figure out the boot architecture of the current system: 5378 # 1. If an i86xpv kernel exists, it's a xpv system 5379 # 2. If dboot_image is in unix, it's a dboot system 5380 # 3. Otherwise, if multiboot is present, it's a multiboot system 5381 # 4. Otherwise, it's a pre-multiboot system 5382 # 5383 # This is called before we lay down the new archives. 5384 # 5385 check_system_type() 5386 { 5387 if [ -f $root/platform/i86xpv/kernel/unix ]; then 5388 system_type=xpv 5389 elif [ -x $root/boot/solaris/bin/symdef ] && \ 5390 $root/boot/solaris/bin/symdef $root/platform/i86pc/kernel/unix \ 5391 dboot_image; then 5392 system_type=directboot 5393 elif [ -x $root/platform/i86pc/multiboot ]; then 5394 system_type=multiboot 5395 else 5396 system_type=dca 5397 fi 5398 } 5399 5400 # 5401 # Detect SVM root and return the list of raw devices under the mirror 5402 # 5403 get_rootdev_list() 5404 { 5405 if [ -f $rootprefix/etc/lu/GRUB_slice ]; then 5406 dev=`grep '^PHYS_SLICE' $rootprefix/etc/lu/GRUB_slice | 5407 cut -d= -f2` 5408 if [ "$rootfstype" = "zfs" ]; then 5409 fstyp -a "$dev" | grep 'path: ' | grep -v phys_path: | 5410 cut -d"'" -f2 | sed 's+/dsk/+/rdsk/+' 5411 else 5412 echo "$dev" 5413 fi 5414 return 5415 elif [ "$rootfstype" = "zfs" ]; then 5416 rootpool=`df -k ${rootprefix:-/} | tail +2 | cut -d/ -f1` 5417 rootdevlist=`LC_ALL=C zpool iostat -v "$rootpool" | tail +5 | 5418 egrep -v "mirror|spare|replacing" | 5419 sed -n -e '/--/q' -e p | awk '{print $1}'` 5420 else 5421 metadev=`grep -v "^#" $rootprefix/etc/vfstab | \ 5422 grep "[ ]/[ ]" | nawk '{print $2}'` 5423 if [[ $metadev = /dev/rdsk/* ]]; then 5424 rootdevlist=`basename "$metadev"` 5425 elif [[ $metadev = /dev/md/rdsk/* ]]; then 5426 metavol=`basename "$metadev"` 5427 rootdevlist=`metastat -p $metavol |\ 5428 grep -v "^$metavol[ ]" | nawk '{print $4}'` 5429 fi 5430 fi 5431 for rootdev in $rootdevlist 5432 do 5433 echo /dev/rdsk/`basename $rootdev` 5434 done 5435 } 5436 5437 # 5438 # Done once per transition from classic (dca) to multi boot 5439 # 5440 setup_stubboot() 5441 { 5442 bootdev=`grep -v "^#" $rootprefix/etc/vfstab | grep pcfs | \ 5443 grep "[ ]/boot[ ]"` 5444 if [[ -n $bootdev ]] ; then 5445 5446 bootdev=`echo "$bootdev" | nawk '{print $1}'` 5447 rbootdev=`echo "$bootdev" | sed -e "s/dev\/dsk/dev\/rdsk/"` 5448 5449 # Remount boot partition as /stubboot, set up new /boot 5450 mkdir -p $rootprefix/stubboot 5451 5452 ERRMSG=$(umount $bootdev 2>&1) 5453 if [ $? -ne 0 ] ; then 5454 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 5455 fail "Unable to umount $bootdev." 5456 fi 5457 ERRMSG=$(mount -F pcfs $bootdev $rootprefix/stubboot 2>&1) 5458 if [ $? -ne 0 ] ; then 5459 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 5460 fail "Unable to mount $bootdev on $rootprefix/stubboot." 5461 fi 5462 5463 mkdir -p $rootprefix/boot 5464 cp -r $rootprefix/stubboot/* $rootprefix/boot 5465 5466 # adjust /etc/vfstab 5467 sed <$rootprefix/etc/vfstab \ 5468 -e "s/[ ]\/boot[ ]/ \/stubboot /" | \ 5469 sed -n >$rootprefix/etc/vfstab+ ' 5470 /p0:boot/ { 5471 s/[ ]no/ yes/ 5472 } 5473 p 5474 ' 5475 5476 mv $rootprefix/etc/vfstab $rootprefix/etc/vfstab- 5477 mv $rootprefix/etc/vfstab+ $rootprefix/etc/vfstab 5478 fi 5479 } 5480 5481 # 5482 # multiboot: install grub on the boot slice 5483 # 5484 install_grub() 5485 { 5486 STAGE1=$rootprefix/boot/grub/stage1 5487 STAGE2=$rootprefix/boot/grub/stage2 5488 5489 if [ -x $rootprefix/boot/solaris/bin/update_grub ]; then 5490 /tmp/bfubin/ksh $rootprefix/boot/solaris/bin/update_grub \ 5491 -R $root 5492 elif [ $is_pcfs_boot = no ]; then 5493 get_rootdev_list | while read rootdev 5494 do 5495 print "Install grub on $rootdev" 5496 PATH=/tmp/bfubin /tmp/bfubin/installgrub \ 5497 $STAGE1 $STAGE2 $rootdev 5498 done 5499 else 5500 # copy /boot grub & solaris to /stubboot 5501 cp -r $rootprefix/boot/grub $rootprefix/stubboot/grub 5502 cp -r $rootprefix/boot/solaris $rootprefix/stubboot/solaris 5503 5504 # Adjust grub paths relative to pcfs filesystem 5505 rm -rf $rootprefix/stubboot/boot 5506 mkdir -p $rootprefix/stubboot/boot 5507 mv $rootprefix/stubboot/grub $rootprefix/stubboot/boot 5508 mv $rootprefix/stubboot/solaris $rootprefix/stubboot/boot 5509 5510 # 5511 # Run installgrub after copying stubboot to avoid overwriting 5512 # /stubboot/boot/grub/stage2, which must stay untouched. 5513 # 5514 bootdev=`grep -v "^#" $rootprefix/etc/vfstab | grep pcfs | \ 5515 grep "[ ]/stubboot[ ]" | nawk '{print $1}'` 5516 rbootdev=`echo "$bootdev" | sed -e "s/dev\/dsk/dev\/rdsk/"` 5517 if [ "$rbootdev" != "" ]; then 5518 print "Install grub on $rbootdev" 5519 PATH=/tmp/bfubin /tmp/bfubin/installgrub $STAGE1 $STAGE2 $rbootdev 5520 fi 5521 fi 5522 } 5523 5524 # 5525 # We check for several possibilites of a bootenv.rc line: 5526 # 5527 # 1. setprop name 'value' 5528 # 2. setprop name "value" 5529 # 3. setprop name value 5530 # 5531 parse_bootenv_line() 5532 { 5533 line=$1 5534 value=`echo $line | grep "'" | cut -d\' -f2` 5535 if [ -z "$value" ]; then 5536 value=`echo $line | grep "\"" | cut -d\" -f2` 5537 if [ -z "$value" ]; then 5538 value=`echo $line | cut -d' ' -f3-` 5539 fi 5540 fi 5541 echo $value 5542 } 5543 5544 update_bootenv() 5545 { 5546 bootenvrc=$rootprefix/boot/solaris/bootenv.rc 5547 bootenvrc_updated=0 5548 5549 # Note: the big space below is actually a space and tab 5550 boot_file=`grep '^setprop[ ]\{1,\}boot-file\>' $bootenvrc` 5551 if [ -n "$boot_file" ]; then 5552 file=`parse_bootenv_line "$boot_file"` 5553 if [ -n "$file" ]; then 5554 PATH=/tmp/bfubin /tmp/bfubin/bootadm set-menu kernel="$file" 5555 bootenvrc_updated=1 5556 fi 5557 fi 5558 5559 console=`grep '^setprop[ ]\{1,\}console\>' $bootenvrc` 5560 if [ -z "$console" ]; then 5561 console=`grep '^setprop[ ]\{1,\}input-device\>' \ 5562 $bootenvrc` 5563 fi 5564 if [ -n "$console" ]; then 5565 cons=`parse_bootenv_line "$console"` 5566 fi 5567 boot_args=`grep '^setprop[ ]\{1,\}boot-args\>' $bootenvrc` 5568 if [ -n "boot_args" ]; then 5569 args=`parse_bootenv_line "$boot_args"` 5570 fi 5571 if [ -n "$cons" ] && [ -n "$args" ]; then 5572 # If args starts with a -B, remove it and add a comma instead 5573 if echo $args | grep '^-B ' >/dev/null; then 5574 new_args=`echo $args | sed 's/^-B //'` 5575 args_line="-B console=$cons,$new_args" 5576 else 5577 args_line="-B console=$cons $args" 5578 fi 5579 elif [ -n "$cons" ]; then 5580 args_line="-B console=$cons" 5581 elif [ -n "$args" ]; then 5582 args_line="$args" 5583 else 5584 args_line="" 5585 fi 5586 if [ -n "$args_line" ]; then 5587 PATH=/tmp/bfubin /tmp/bfubin/bootadm set-menu args="$args_line" 5588 bootenvrc_updated=1 5589 fi 5590 5591 if [ $bootenvrc_updated = 1 ]; then 5592 egrep -v '^setprop[ ]+(boot-file|boot-args)[ ]' $bootenvrc > ${bootenvrc}.new 5593 [ -s ${bootenvrc}.new ] && mv ${bootenvrc}.new $bootenvrc 5594 fi 5595 } 5596 5597 get_biosdisk() 5598 { 5599 rootdev=$1 5600 rootphys=`ls -l $rootdev | nawk '{ print $NF }' | \ 5601 sed -e "s/\.\.\/\.\.\/devices//" -e "s/:[abcdefgh],raw//"` 5602 rbootdev=`echo "$rootdev" | sed -e "s/s[0-7]/p0/"` 5603 5604 # 5605 # Use biosdev to get the bios disk number 5606 # 5607 biosdisk=`biosdev | grep $rootphys | \ 5608 nawk '{print $1}' | sed -e "s/0x8//"` 5609 } 5610 5611 # 5612 # multiboot: set up initial grub menu 5613 # 5614 update_grub_menu() 5615 { 5616 MENU=$rootprefix/boot/grub/menu.lst 5617 5618 grubhd=$1 5619 5620 if [ $archive_type = multiboot ]; then 5621 BOOT_PROG="kernel /platform/i86pc/multiboot" 5622 BOOT_ARCHIVE="module /platform/i86pc/boot_archive" 5623 else 5624 # 5625 # directboot archives 5626 # 5627 BOOT_PROG="kernel\$ /platform/i86pc/kernel/\$ISADIR/unix" 5628 BOOT_ARCHIVE="module\$ /platform/i86pc/\$ISADIR/boot_archive" 5629 fi 5630 5631 # 5632 # The failsafe archives may be different than the boot archives 5633 # 5634 if [ -x /boot/platform/i86pc/kernel/unix ]; then 5635 BOOT_FAILSAFE_FILE="/boot/platform/i86pc/kernel/unix" 5636 BOOT_FAILSAFE_SUFFIX="" 5637 else 5638 BOOT_FAILSAFE_FILE="/boot/multiboot" 5639 BOOT_FAILSAFE_SUFFIX="kernel/unix" 5640 fi 5641 5642 # 5643 # Append some useful entries to the existing menu 5644 # 5645 echo "Update GRUB menu $MENU with entries for $grubhd" 5646 5647 grep ^default $MENU > /dev/null 5648 [ $? = 0 ] || echo "default=0" >> $MENU 5649 grep ^timeout $MENU > /dev/null 5650 [ $? = 0 ] || echo "timeout=10" >> $MENU 5651 5652 echo "#serial --unit=0 --speed=9600" >> $MENU 5653 echo "#terminal serial" >> $MENU 5654 echo "#splashimage=$grubhd/boot/grub/splash.xpm.gz" >> $MENU 5655 echo "title Solaris" >> $MENU 5656 echo " root $grubhd" >> $MENU 5657 echo " ${BOOT_PROG}" >> $MENU 5658 echo " ${BOOT_ARCHIVE}" >> $MENU 5659 5660 echo "GRUB menu entry 'Solaris' boots to eeprom(1m) settings" 5661 5662 if [ -f ${rootprefix}/$BOOT_FAILSAFE_FILE ] && 5663 [ -f ${rootprefix}/boot/x86.miniroot-safe ] ; then 5664 5665 TTY=`grep "^setprop input-device" \ 5666 ${rootprefix}/boot/solaris/bootenv.rc | cut -f 2 -d \'` 5667 if [ -z "${TTY}" ] ; then 5668 TTY=`grep "^setprop console" \ 5669 ${rootprefix}/boot/solaris/bootenv.rc | \ 5670 cut -f 2 -d \'` 5671 fi 5672 5673 if [ "${TTY}" = "ttya" ] || [ "${TTY}" = "ttyb" ] ; then 5674 FS_CONSOLE="-B console=${TTY}" 5675 fi 5676 5677 cat >>$MENU <<EOF 5678 title Solaris failsafe 5679 root $grubhd 5680 kernel $BOOT_FAILSAFE_FILE $BOOT_FAILSAFE_SUFFIX $FS_CONSOLE -s 5681 module /boot/x86.miniroot-safe 5682 EOF 5683 fi 5684 } 5685 5686 bootadm_f_flag="" 5687 5688 install_failsafe() 5689 { 5690 if [ "$root" != "/" ] || \ 5691 [ -f /boot/x86.miniroot-safe ] || \ 5692 [ ! -x ${GATE}/public/bin/update_failsafe ]; then 5693 # 5694 # Either we're not bfu'ing /, or the failsafe archives were 5695 # already installed, or update_failsafe is not available. 5696 # If the old failsafe archives were multiboot, clear out the 5697 # directboot kernel. 5698 # 5699 if [ $failsafe_type = multiboot ]; then 5700 rm -f $rootprefix/boot/platform/i86pc/kernel/unix 5701 elif [ $failsafe_type = directboot ]; then 5702 cp /tmp/bfubin/unix \ 5703 $rootprefix/boot/platform/i86pc/kernel/unix 5704 fi 5705 else 5706 echo "Updating failsafe archives" 5707 ${GATE}/public/bin/update_failsafe 5708 5709 # Force bootadm to update the failsafe entry 5710 bootadm_f_flag="-f" 5711 fi 5712 } 5713 5714 # 5715 # setup_grub_menu is only called when upgrading from a system 5716 # with a dca boot. This cannot happen on systems with zfs root, 5717 # so this function need not take care of the case where the root 5718 # file system type is zfs 5719 # 5720 setup_grub_menu() 5721 { 5722 MENU=$rootprefix/boot/grub/menu.lst 5723 5724 get_rootdev_list | while read rootdev 5725 do 5726 rootphys=`ls -l $rootdev | nawk '{print $NF}' | \ 5727 sed -e "s/\.\.\/\.\.\/devices//"` 5728 gslice=`echo "$rootphys" | cut -f 2 -d : | sed s/,raw//` 5729 rootphys=`echo "$rootphys" | sed -e "s/:[abcdefgh],raw//"` 5730 rbootdev=`echo "$rootdev" | sed -e "s/s[0-7]/p0/"` 5731 5732 # 5733 # Wallow through fdisk to get the active partition number 5734 # Partition numbering is zero-based 5735 # 5736 part=0 5737 fdisk -W - $rbootdev | grep -v '^*' | grep -v '^$' | \ 5738 while read id act bhead bcyl ehead ecyl rsect numsect 5739 do 5740 # Find solaris partition, either older 130 or 191 5741 if [ $id -eq "191" -o $id -eq "130" ] ; then 5742 break 5743 fi 5744 part=`expr "$part" + 1` 5745 done 5746 5747 get_biosdisk $rootdev 5748 grubhd="(hd${biosdisk},${part},${gslice})" 5749 5750 # 5751 # update the grub menu if it doesn't exist or 5752 # doesn't have usable boot entries 5753 # 5754 if [ -f $MENU ]; then 5755 grep -v "^#" $MENU | grep $grubhd >/dev/null 2>&1 5756 if [ $? -eq 1 ]; then 5757 update_grub_menu $grubhd 5758 fi 5759 else 5760 update_grub_menu $grubhd 5761 fi 5762 done 5763 } 5764 5765 # 5766 # Build the multiboot boot archive 5767 # 5768 build_boot_archive() 5769 { 5770 # 5771 # We should be able to run bootadm here but that's a 5772 # little more complicated than one would think 5773 #bootadm_args=${rootprefix:+-R $rootprefix} 5774 #PATH=/tmp/bfubin /tmp/bfubin/bootadm update $bootadm_args 5775 5776 cr_args=${rootprefix:+ -R $rootprefix} 5777 LD_LIBRARY_PATH=/tmp/bfulib PATH=/tmp/bfubin \ 5778 /tmp/bfubin/ksh $rootprefix/boot/solaris/bin/create_ramdisk $cr_args 5779 5780 # 5781 # Disable the boot-archive service on the first boot 5782 # to silence complaints about new files 5783 # svccfg -s system/boot-archive setprop start/exec = true 5784 5785 mkdir -p $rootprefix/bfu.conflicts/lib/svc/method 5786 cp $rootprefix/lib/svc/method/boot-archive \ 5787 $rootprefix/bfu.conflicts/lib/svc/method/boot-archive 5788 cat >$rootprefix/lib/svc/method/boot-archive <<"EOF" 5789 #!/sbin/sh 5790 exit 0 5791 EOF 5792 5793 cat >$rootprefix/etc/rc2.d/S99postbfu <<EOF 5794 #!/bin/sh 5795 # 5796 case "\$1" in 5797 'start') 5798 cp /bfu.conflicts/lib/svc/method/boot-archive /lib/svc/method/boot-archive 5799 chmod +x /lib/svc/method/boot-archive 5800 rm -f /etc/rc2.d/S99postbfu 5801 ;; 5802 *) 5803 echo "usage: \$0 start" 5804 exit 1 5805 ;; 5806 esac 5807 exit 0 5808 EOF 5809 5810 chmod +x $rootprefix/etc/rc2.d/S99postbfu 5811 chmod +x $rootprefix/lib/svc/method/boot-archive 5812 chmod +x $rootprefix/bfu.conflicts/lib/svc/method/boot-archive 5813 } 5814 5815 # 5816 # Install failsafe archive on a sparc machine if not present. 5817 # Use a well-known server for the archive if we need it. 5818 # 5819 install_sparc_failsafe() 5820 { 5821 # check if failsafe already installed 5822 if [ -f $rootprefix/platform/$karch/failsafe ]; then 5823 return 5824 fi 5825 if [ -z "$FAILSAFE_SERVER" ]; then 5826 FAILSAFE_SERVER="netinstall.sfbay" 5827 fi 5828 if [ -z "$FAILSAFE_IMAGE" ]; then 5829 FAILSAFE_IMAGE="export/nv/s/latest" 5830 fi 5831 fs_wos_image="/net/${FAILSAFE_SERVER}/${FAILSAFE_IMAGE}" 5832 fs_archive="${fs_wos_image}/boot/sparc.miniroot" 5833 if [ ! -d $fs_wos_image ] || [ ! -f $fs_archive ]; then 5834 # XXX Remove this fallback to a known good archive once real 5835 # XXX images with boot archives become available. 5836 fs_wos_image="/net/netinstall.sfbay/export/setje/nbs-latest" 5837 fs_archive="${fs_wos_image}/boot/sparc.miniroot" 5838 fi 5839 if [ -d $fs_wos_image ] || [ ! -f $fs_archive ]; then 5840 echo "Installing failsafe archive from $fs_wos_image" 5841 cp $fs_archive $rootprefix/platform/$karch/failsafe 5842 fi 5843 } 5844 5845 disable_boot_service() 5846 { 5847 svccfg -s system/boot-archive setprop start/exec = true 5848 cat >$rootprefix/lib/svc/method/boot-archive <<EOF 5849 #!/sbin/sh 5850 . /lib/svc/share/smf_include.sh 5851 . /lib/svc/share/fs_include.sh 5852 exit 0 5853 EOF 5854 } 5855 5856 dir_is_inherited() { 5857 dir=$1 5858 set -- `zonecfg -z $zone info inherit-pkg-dir dir=/$dir` 5859 [ "$3" = "/$dir" ] && return 0 || return 1 5860 } 5861 5862 check_boot_env() 5863 { 5864 if [ $multi_or_direct = yes ]; then 5865 if [ $archive_type != $system_type ]; then 5866 install_failsafe 5867 [ $system_type = dca ] && setup_grub_menu 5868 5869 if [ $have_new_bootadm = yes ] || 5870 ( [ -x /tmp/bfubin/symdef ] && 5871 [ -x /tmp/bfubin/bootadm ] && 5872 /tmp/bfubin/symdef /tmp/bfubin/bootadm \ 5873 dboot_or_multiboot ); then 5874 if [[ -z $rootprefix ]]; then 5875 PATH=/tmp/bfubin /tmp/bfubin/bootadm \ 5876 -m upgrade $bootadm_f_flag 5877 else 5878 PATH=/tmp/bfubin /tmp/bfubin/bootadm \ 5879 -m upgrade -R $rootprefix \ 5880 $bootadm_f_flag 5881 fi 5882 install_grub 5883 [ $archive_type = directboot ] && update_bootenv 5884 else 5885 install_grub 5886 cat >&2 <<EOF 5887 5888 WARNING: Cannot find new bootadm. If bfu'ing across the multiboot/directboot 5889 boundary, you will need to manually change menu.lst. See 5890 http://www.sun.com/msg/SUNOS-8000-CF for details. 5891 5892 EOF 5893 fi 5894 5895 # 5896 # If we're going backwards, we need to remove the 5897 # symdef binary. 5898 # 5899 if [ -f $rootprefix/boot/solaris/bin/symdef ] && \ 5900 [ $archive_type = multiboot ] 5901 then 5902 rm -f $rootprefix/boot/solaris/bin/symdef \ 5903 $rootprefix/boot/solaris/bin/update_grub 5904 fi 5905 elif [ $failsafe_type = multiboot ]; then 5906 rm -f $rootprefix/boot/platform/i86pc/kernel/unix 5907 elif [ $failsafe_type = directboot ]; then 5908 cp /tmp/bfubin/unix \ 5909 $rootprefix/boot/platform/i86pc/kernel/unix 5910 fi 5911 build_boot_archive 5912 else 5913 disable_boot_service 5914 fi 5915 } 5916 5917 mondo_loop() { 5918 typeset pkgroot 5919 typeset pkg 5920 root=$1 5921 zone=$2 5922 if [ $zone != global ]; then 5923 usrroot=$root 5924 fi 5925 5926 # If the archives being installed contain i86pc.boot, 5927 # check to see if it contains strap.com, one of the 5928 # four possibly-required booters. If i86pc.boot does, 5929 # try to upgrade the realmode booters from the current 5930 # archive set. 5931 # 5932 # Don't bother doing the upgrade for diskless bfu, as the boot 5933 # will be done with floppy or PXE, which must match the build 5934 # anyway (floppy must match or add_install_client must be 5935 # rerun), and in any event we can't touch the boot bits 5936 # for diskless boot from here. Also don't do this for 5937 # any zone but 'global'. 5938 5939 cd $root || fail "Cannot cd $root" 5940 rootprefix=${root%/} 5941 pkgroot=${rootprefix:+-R $rootprefix} 5942 5943 if [ "$karch" = "i86pc" -a "$diskless" = "no" -a "$zone" = "global" ] 5944 then 5945 remove_properties 5946 check_system_type 5947 if boot_is_upgradeable $root && \ 5948 [ $archive_type = dca ]; then 5949 check_multi_to_dca_boot 5950 print "\nUpdating realmode boot loaders\n" 5951 update_realmode_booters $root 5952 setup_pboot 5953 fi 5954 if [ $multi_or_direct = yes ]; then 5955 check_dca_to_multiboot 5956 if [ $is_pcfs_boot = yes ]; then 5957 setup_stubboot 5958 fi 5959 fi 5960 fi 5961 5962 # before we save away driver_aliases, remove any obsolete entries 5963 if [ $target_isa = i386 ]; then 5964 # need to remove old pci5853,1 entry for xpv. The correct 5965 # entry going forward is pci5853,1.1 which is now in 5966 # uts/intel/os/driver_aliases 5967 grep '\"pci5853,1\"' $root/etc/driver_aliases > /dev/null 2>&1 5968 if [ "$?" -eq 0 ]; then 5969 /tmp/bfubin/update_drv -b $root -d -i '"pci5853,1"' xpv > /dev/null 2>&1 5970 fi 5971 fi 5972 5973 SECONDS=0 # time each iteration 5974 5975 print "\nSaving configuration files in $rootprefix/bfu.child ... \c" 5976 cd $root 5977 rm -rf bfu.default bfu.restore # historical 5978 rm -rf bfu.child bfu.conflicts 5979 mkdir bfu.child bfu.conflicts 5980 filelist $zone | cpio -pdmu bfu.child || \ 5981 fail 'failed to save config files' 5982 test -f etc/motd && mv etc/motd etc/motd.old 5983 5984 # 5985 # If the var/sadm/system/admin/INST_RELEASE file still exists, 5986 # this system has never been bfu'd before. Therefore, the 5987 # information in var/sadm/install/contents is still valid and 5988 # can be used to determine whether files have been modified 5989 # since installation (the bfu.ancestors directory serves this 5990 # purpose for systems that have already been bfu'd.) 5991 # 5992 if [ -f var/sadm/system/admin/INST_RELEASE ] ; then 5993 firstbfu=yes 5994 else 5995 firstbfu=no 5996 fi 5997 5998 # 5999 # bfu'ed systems are not upgradeable; prevent suninstall from 6000 # even *presenting* the upgrade option by removing INST_RELEASE. 6001 # 6002 rm -f var/sadm/system/admin/INST_RELEASE 6003 6004 # 6005 # Hacks to work around minor annoyances and make life more pleasant. 6006 # Part 1 of 2: pre-archive-extraction stuff 6007 # 6008 6009 # 6010 # Do not remove remove_initd_links, since this makes sure things 6011 # work properly when init scripts are shuffled around. 6012 # 6013 remove_initd_links 6014 6015 # 6016 # Remove rc.d scripts and things made superfluous by smf. 6017 # Backwards BFUs will resurrect them from the archives. 6018 # 6019 smf_cleanup 6020 6021 # 6022 # New, enabled-by-default services need to be checked for, such 6023 # that their enabled status is not flipped by BFU after their 6024 # initial arrival. 6025 # 6026 smf_handle_new_services 6027 6028 # 6029 # Handle unbundled TX conversion if needed 6030 # 6031 tx_check_update 6032 6033 # Reflect SUNWcsr's pre-install change, ensures 6034 # the i.hosts action script works during 'acr' 6035 if [[ -f $rootprefix/etc/inet/ipnodes && \ 6036 ! -h $rootprefix/etc/inet/ipnodes ]]; then 6037 rm -f $rootprefix/etc/inet/ipnodes.hostsmerge 6038 cp -p $rootprefix/etc/inet/ipnodes \ 6039 $rootprefix/etc/inet/ipnodes.hostsmerge 6040 fi 6041 6042 # 6043 # Remove obsolete disassembler module 6044 # 6045 if [ $target_isa = sparc ]; then 6046 rm -rf $usr/lib/mdb/disasm/* 6047 rm -f $root/kernel/kmdb/sparcv9/sparc 6048 fi 6049 6050 # 6051 # Remove obsolete Sun-Fire-880 (daktari) FMA Fault Tree directory 6052 # and file. Backwards BFUs will resurrect them from the archives. 6053 # 6054 if [ $target_isa = sparc ]; then 6055 rm -rf $usr/platform/SUNW,Sun-Fire-880/lib/fm 6056 fi 6057 6058 # 6059 # Remove old ndpd header (moved to /usr/include per 6509782) 6060 # 6061 rm -f $usr/include/protocols/ndpd.h 6062 6063 # 6064 # Remove old FMA dictionary files 6065 # 6066 rm -f $usr/lib/fm/FMD.dict 6067 rm -f $usr/lib/fm/SUN4U.dict 6068 rm -f $usr/lib/fm/SUNOS.dict 6069 6070 # Remove unused SMF dictionary 6071 rm -f $root/usr/lib/fm/dict/SMF.dict 6072 rm -f $root/usr/lib/locale/C/LC_MESSAGES/SMF.mo 6073 6074 # 6075 # Remove old FMA .eft files and directories 6076 # 6077 rm -f $usr/platform/sun4u/lib/fm/eft/pci-sun4u.eft 6078 rm -rf $usr/platform/SUNW,Serverblade1/lib/fm 6079 rm -rf $usr/platform/SUNW,Sun-Fire/lib/fm 6080 rm -rf $usr/platform/SUNW,Sun-Fire-15000/lib/fm 6081 6082 # 6083 # Remove old FMA LDOMS files 6084 # 6085 rm -f $usr/platform/sun4v/lib/fm/fmd/libldom.so.1 6086 rm -f $usr/platform/sun4v/lib/fm/fmd/libldom.so 6087 rm -f $usr/platform/sun4v/lib/fm/fmd/llib-lldom 6088 rm -f $usr/platform/sun4v/lib/fm/fmd/llib-lldom.ln 6089 rm -f $usr/platform/sun4v/lib/fm/fmd/sparcv9/libldom.so.1 6090 rm -f $usr/platform/sun4v/lib/fm/fmd/sparcv9/libldom.so 6091 rm -f $usr/platform/sun4v/lib/fm/fmd/sparcv9/llib-lldom.ln 6092 6093 # 6094 # Remove old topology data 6095 # 6096 rm -rf $usr/lib/fm/topo 6097 rm -f $usr/platform/*/lib/fm/topo/hc-topology.xml 6098 rm -f $usr/platform/SUNW,Sun-Fire-T200/lib/fm/topo/maps/Sun-Blade-T6300-hc-topology.xml 6099 6100 # 6101 # Remove old prtopo and obsoleted include file. 6102 # 6103 rm -f $usr/include/fm/libtopo_enum.h 6104 rm -f $usr/lib/fm/prtopo 6105 6106 # 6107 # Remove fm driver 6108 # 6109 rm -f $root/kernel/drv/fm 6110 rm -f $root/kernel/drv/fm.conf 6111 rm -f $root/kernel/drv/amd64/fm 6112 rm -f $root/kernel/drv/sparcv9/fm 6113 6114 # 6115 # Remove old AMD cpu module, to be replaced by extended cpu.generic 6116 # with AMD-specific support layered on top as a model-specific module. 6117 # Also remove the corresponding mdb and kmdb support. Backwards BFU 6118 # will reintroduce these files. 6119 rm -f $root/platform/i86pc/kernel/cpu/cpu.AuthenticAMD.15 6120 rm -f $root/platform/i86pc/kernel/cpu/amd64/cpu.AuthenticAMD.15 6121 rm -f $root/usr/platform/i86pc/lib/mdb/kvm/cpu.AuthenticAMD.15.so 6122 rm -f $root/usr/platform/i86pc/lib/mdb/kvm/amd64/cpu.AuthenticAMD.15.so 6123 rm -f $root/usr/platform/i86pc/lib/mdb/kvm/cpu.generic.so 6124 rm -f $root/usr/platform/i86pc/lib/mdb/kvm/amd64/cpu.generic.so 6125 rm -f $root/usr/platform/i86pc/lib/mdb/kvm/cpu_ms.AuthenticAMD.15.so 6126 rm -f $root/usr/platform/i86pc/lib/mdb/kvm/amd64/cpu_ms.AuthenticAMD.15.so 6127 rm -f $root/usr/lib/mdb/kvm/cpu.generic.so 6128 rm -f $root/usr/lib/mdb/kvm/amd64/cpu.generic.so 6129 rm -f $root/usr/lib/mdb/kvm/cpu_ms.AuthenticAMD.15.so 6130 rm -f $root/usr/lib/mdb/kvm/amd64/cpu_ms.AuthenticAMD.15.so 6131 6132 # Remove pcbe drivers for AMD 6133 # 6134 # old: need to remove going forwards: 6135 # 6136 rm -f $root/usr/kernel/pcbe/pcbe.AuthenticAMD.15 6137 rm -f $root/usr/kernel/pcbe/pcbe.AuthenticAMD.16 6138 rm -f $root/usr/kernel/pcbe/amd64/pcbe.AuthenticAMD.15 6139 rm -f $root/usr/kernel/pcbe/amd64/pcbe.AuthenticAMD.16 6140 # 6141 # new: need to remove going backwards: 6142 # 6143 rm -f $root/usr/kernel/pcbe/pcbe.AuthenticAMD 6144 rm -f $root/usr/kernel/pcbe/amd64/pcbe.AuthenticAMD 6145 6146 # Remove cpu.generic from i86xpv platform 6147 rm -f $root/platform/i86xpv/kernel/cpu/cpu.generic 6148 rm -f $root/platform/i86xpv/kernel/cpu/amd64/cpu.generic 6149 6150 # 6151 # Remove obsolete buildmnttab script. Backwards BFUs will 6152 # resurrect it by extracting it from the archives. 6153 # 6154 rm -f $root/etc/init.d/buildmnttab 6155 rm -f $root/etc/rcS.d/S70buildmnttab.sh 6156 6157 # 6158 # Break-up of inetsvc, inetinit & network -- remove both the old 6159 # and new init scripts. The correct ones will be extracted from 6160 # the archives whether bfu'ing backwards or forwards. 6161 # 6162 # old: need to remove going forwards: 6163 # 6164 rm -f $root/etc/rc0.d/K42inetsvc 6165 rm -f $root/etc/rc1.d/K42inetsvc 6166 rm -f $root/etc/rcS.d/K42inetsvc 6167 rm -f $root/etc/rcS.d/S29network.sh 6168 # 6169 # new: need to remove going backwards: 6170 # 6171 rm -f $root/etc/init.d/domainname 6172 rm -f $root/etc/init.d/inetd 6173 rm -f $root/etc/init.d/named 6174 rm -f $root/etc/init.d/nodename 6175 rm -f $root/etc/rc0.d/K40inetd 6176 rm -f $root/etc/rc0.d/K42named 6177 rm -f $root/etc/rc1.d/K40inetd 6178 rm -f $root/etc/rc1.d/K42named 6179 rm -f $root/etc/rc2.d/S69domainname 6180 rm -f $root/etc/rc2.d/S72named 6181 rm -f $root/etc/rc2.d/S77inetd 6182 rm -f $root/etc/rcS.d/K40inetd 6183 rm -f $root/etc/rcS.d/K42named 6184 rm -f $root/etc/rcS.d/S28network.sh 6185 rm -f $root/etc/rcS.d/S29nodename.sh 6186 6187 # 6188 # Remove Zones init scripts: they will be extracted properly 6189 # going forwards; after going backwards, they will be gone, 6190 # thus preventing scary warnings on subsequent bfu's. 6191 # 6192 rm -f $root/etc/init.d/zones 6193 rm -f $root/etc/rc0.d/K01zones 6194 rm -f $root/etc/rc1.d/K01zones 6195 rm -f $root/etc/rc2.d/K01zones 6196 rm -f $root/etc/rc3.d/S99zones 6197 rm -f $root/etc/rcS.d/K01zones 6198 6199 # 6200 # Remove <inet>6 STREAMS modules; these no longer exist (and 6201 # should never have existed in the first place). 6202 # 6203 rm -f $root/kernel/strmod/icmp6 \ 6204 $root/kernel/strmod/ip6 \ 6205 $root/kernel/strmod/tcp6 \ 6206 $root/kernel/strmod/udp6 6207 6208 rm -f $root/kernel/strmod/sparcv9/icmp6 \ 6209 $root/kernel/strmod/sparcv9/ip6 \ 6210 $root/kernel/strmod/sparcv9/tcp6 \ 6211 $root/kernel/strmod/sparcv9/udp6 6212 6213 # 6214 # Remove old ZFS binaries (back when it was three modules) 6215 # 6216 find $root/kernel/drv -name zpool 2> /dev/null | xargs rm -f 6217 rm -f $root/kernel/drv/zpool.conf 6218 rm -f $root/kernel/drv/zpool.cache 6219 6220 find $root/kernel/drv -name zvol 2> /dev/null | xargs rm -f 6221 rm -f $root/kernel/drv/zvol.conf 6222 rm -rf $root/kernel/devname 6223 rm -f $usr/include/sys/fs/sdev_node.h 6224 6225 # 6226 # Remove /usr/lib/old_libthread since support for it has 6227 # been removed from the kernel in Solaris 10. If this is 6228 # a backwards BFU, it will all be extracted again by cpio. 6229 rm -rf $usr/lib/old_libthread 6230 6231 # Remove libconfig 6232 rm -f $usr/lib/drv/config_md.so.1 6233 rm -f $usr/include/config_md.h 6234 # remove libssd 6235 rm -f $usr/lib/libssd.a 6236 rm -f $usr/lib/libssd.so 6237 rm -f $usr/lib/libssd.so.1 6238 # remove libap 6239 rm -f $usr/lib/libap_dmd.a 6240 rm -f $usr/lib/libap_dmd.so.1 6241 # remove libintpos 6242 rm -f $usr/lib/libintpos.a 6243 rm -f $usr/lib/libintpos.so.1 6244 6245 # Remove obsolete abi subdirectories 6246 if [ -d $usr/platform/*/lib/abi ]; then 6247 rm -rf $usr/platform/*/lib/abi 6248 fi 6249 rm -rf $usr/lib/gss/abi 6250 rm -rf $usr/lib/krb5/abi 6251 rm -rf $usr/xpg4/lib/abi 6252 rm -rf $usr/ucblib/abi 6253 6254 # 6255 # Remove old stuff related to libthread now that libthread has 6256 # been folded into libc and libthread_db has been renamed libc_db. 6257 # In addition, all the apptrace's tracing libraries (i.e., abi_*.so*), 6258 # spec2map and spec2trace are no longer needed, should be removed. 6259 rm -f \ 6260 $usr/lib/mdb/proc/libthread.so \ 6261 $usr/lib/mdb/proc/sparcv9/libthread.so \ 6262 $usr/lib/abi/spec2map \ 6263 $usr/lib/abi/spec2trace \ 6264 $usr/lib/abi/abi_*.so* \ 6265 $usr/lib/abi/sparcv9/abi_*.so* 6266 6267 # 6268 # Remove the old symlink /lib => usr/lib, if necessary. 6269 # /lib is now a real directory in the root filesystem. 6270 # Remove all of the old static libraries and commands now 6271 # that we no longer build them. If this is a backwards 6272 # BFU, all this will all be extracted again by cpio. 6273 rm $root/lib 2>/dev/null 6274 rm -rf $usr/lib/pics 6275 rm -rf $usr/sbin/static 6276 rm -f \ 6277 $usr/ccs/lib/libcurses.a \ 6278 $usr/ccs/lib/libform.a \ 6279 $usr/ccs/lib/libgen.a \ 6280 $usr/ccs/lib/libl.a \ 6281 $usr/ccs/lib/libmalloc.a \ 6282 $usr/ccs/lib/libmenu.a \ 6283 $usr/ccs/lib/libpanel.a \ 6284 $usr/ccs/lib/libtermcap.a \ 6285 $usr/ccs/lib/libtermlib.a \ 6286 $usr/ccs/lib/liby.a \ 6287 $usr/lib/lib300.a \ 6288 $usr/lib/lib300s.a \ 6289 $usr/lib/lib4014.a \ 6290 $usr/lib/lib450.a \ 6291 $usr/lib/libTL.a \ 6292 $usr/lib/libadm.a \ 6293 $usr/lib/libadt_jni.a \ 6294 $usr/lib/libbsdmalloc.a \ 6295 $usr/lib/libbsm.a \ 6296 $usr/lib/libc.a \ 6297 $usr/lib/libc2.a \ 6298 $usr/lib/libc2stubs.a \ 6299 $usr/lib/libcmd.a \ 6300 $usr/lib/libcrypt.a \ 6301 $usr/lib/libcrypt_d.a \ 6302 $usr/lib/libcrypt_i.a \ 6303 $usr/lib/libcurses.a \ 6304 $usr/lib/libdevid.a \ 6305 $usr/lib/libdevinfo.a \ 6306 $usr/lib/libdhcpagent.a \ 6307 $usr/lib/libdhcputil.a \ 6308 $usr/lib/libdl_stubs.a \ 6309 $usr/lib/libefi.a \ 6310 $usr/lib/libelf.a \ 6311 $usr/lib/libform.a \ 6312 $usr/lib/libgen.a \ 6313 $usr/lib/libgenIO.a \ 6314 $usr/lib/libike.a \ 6315 $usr/lib/libinetcfg.a \ 6316 $usr/lib/libinetutil.a \ 6317 $usr/lib/libintl.a \ 6318 $usr/lib/libkstat.a \ 6319 $usr/lib/libl.a \ 6320 $usr/lib/libldfeature.a \ 6321 $usr/lib/libmail.a \ 6322 $usr/lib/libmalloc.a \ 6323 $usr/lib/libmapmalloc.a \ 6324 $usr/lib/libmenu.a \ 6325 $usr/lib/libmeta.a \ 6326 $usr/lib/libmp.a \ 6327 $usr/lib/libnisdb.a \ 6328 $usr/lib/libnls.a \ 6329 $usr/lib/libnsl.a \ 6330 $usr/lib/libnss_compat.a \ 6331 $usr/lib/libnss_dns.a \ 6332 $usr/lib/libnss_files.a \ 6333 $usr/lib/libnss_nis.a \ 6334 $usr/lib/libnss_nisplus.a \ 6335 $usr/lib/libp/libc.a \ 6336 $usr/lib/libpam.a \ 6337 $usr/lib/libpanel.a \ 6338 $usr/lib/libplot.a \ 6339 $usr/lib/librac.a \ 6340 $usr/lib/libresolv.a \ 6341 $usr/lib/librpcsvc.a \ 6342 $usr/lib/libsec.a \ 6343 $usr/lib/libsendfile.a \ 6344 $usr/lib/libsocket.a \ 6345 $usr/lib/libstraddr.a \ 6346 $usr/lib/libtermcap.a \ 6347 $usr/lib/libtermlib.a \ 6348 $usr/lib/libuuid.a \ 6349 $usr/lib/libvolmgt.a \ 6350 $usr/lib/libvt0.a \ 6351 $usr/lib/libw.a \ 6352 $usr/lib/liby.a \ 6353 $usr/lib/null.a \ 6354 $usr/lib/sparcv9/libadt_jni.a \ 6355 $usr/lib/sparcv9/libinetutil.a \ 6356 $usr/lib/sparcv9/libldfeature.a \ 6357 $usr/lib/sparcv9/libsendfile.a \ 6358 $usr/platform/sun4u/lib/libwrsmconf.a \ 6359 $usr/ucblib/libcurses.a \ 6360 $usr/ucblib/libdbm.a \ 6361 $usr/ucblib/libtermcap.a \ 6362 $usr/ucblib/libucb.a 6363 6364 # 6365 # Remove other obsolete files, too 6366 rm -f \ 6367 $usr/include/table.h \ 6368 $usr/include/libgenIO.h \ 6369 $usr/include/sys/kd.h \ 6370 $usr/lib/llib-lTL \ 6371 $usr/lib/llib-lTL.ln 6372 6373 # 6374 # libc_psr.so.1 and libmd5_psr.so.1 have been moved 6375 # from /usr/platform/*/lib to /platform/*/lib. 6376 # Remove the old files and their containing directories 6377 rm -f $usr/platform/*/lib/libc_psr.so.1 6378 rm -f $usr/platform/*/lib/sparcv9/libc_psr.so.1 6379 rm -f $usr/platform/*/lib/libmd5_psr.so.1 6380 rm -f $usr/platform/*/lib/sparcv9/libmd5_psr.so.1 6381 rmdir $usr/platform/*/lib/sparcv9 2>/dev/null 6382 rmdir $usr/platform/*/lib 2>/dev/null 6383 6384 # 6385 # libmd5_psr.so.1 and symlinks to it have been replaced 6386 # by libmd_psr.so.1 and thus need to be removed 6387