1 #!/bin/ksh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 23 # 24 # Copyright 2010 Sun Microsystems, Inc. All rights reserved. 25 # Use is subject to license terms. 26 # 27 # Upgrade a machine from a cpio archive area in about 5 minutes. 28 # By Roger Faulkner and Jeff Bonwick, April 1993. 29 # (bfu == Bonwick/Faulkner Upgrade, a.k.a. Blindingly Fast Upgrade) 30 # 31 # Usage: bfu [-f] <archive_dir> [root-dir] # for normal machines 32 # bfu -c [-f] <archive_dir> <exec-dir> # for diskless clients 33 # 34 # The -f flag is to override the built-in safety check which requires 35 # that the starting-point OS be a least a certain revision. 36 # 37 # You have to be super-user. It's safest to run this from the 38 # system console, although I've run it under OW and even via 39 # remote login with no problems. 40 # 41 # You will have to reboot the system when the upgrade is complete. 42 # 43 # You should add any administrative files you care about to this list. 44 # Warning: there had better be no leading '/' on any of these filenames. 45 46 # 47 # The CDPATH variable causes ksh's `cd' builtin to emit messages to stdout 48 # under certain circumstances, which can really screw things up; unset it. 49 # 50 unset CDPATH 51 52 export LC_ALL="C" 53 54 if [ -z "$GATEPATH" ]; then 55 GATEPATH=/ws/onnv-gate 56 test -d $GATEPATH || GATEPATH=/net/onnv.eng/export/onnv-gate 57 fi 58 export GATE=${GATEPATH} 59 export ARCHIVE=${ARCHIVEPATH:-${GATEPATH}} 60 61 # 62 # NOTE: Entries in *_files must expand to either the exact files required, 63 # or to directories that will be scoured for files. Any directories 64 # (and subdirectories) resulting from a wildcard expansion will be 65 # fully recursed by BFU's searching for files. (E.g. /etc/inet/* will 66 # include all files in any of its directories, as well as any files in 67 # /etc/inet/ itself. 68 # 69 # These lists should really be generated automatically from the 70 # pkgmap(4) metadata. 71 # 72 73 # 74 # First list: files to be saved in global and non-global zones. 75 # 76 all_zones_files=" 77 etc/.login 78 etc/acct/holidays 79 etc/auto_* 80 etc/cron.d/at.deny 81 etc/cron.d/cron.deny 82 etc/crypto/pkcs11.conf 83 etc/default/* 84 etc/dev/reserved_devnames 85 etc/dfs/dfstab 86 etc/dumpdates 87 etc/ftpd/* 88 etc/ftpusers 89 etc/group 90 etc/gss/gsscred.conf 91 etc/gss/mech 92 etc/gss/qop 93 etc/inet/* 94 etc/init.d/* 95 etc/inittab 96 etc/ipf/ipf.conf 97 etc/iu.ap 98 etc/krb5/kadm5.acl 99 etc/krb5/kdc.conf 100 etc/krb5/kpropd.acl 101 etc/krb5/krb5.conf 102 etc/krb5/warn.conf 103 etc/ksh.kshrc 104 etc/logadm.conf 105 etc/logindevperm 106 etc/lp/Systems 107 etc/mail/*.cf 108 etc/mail/*.hf 109 etc/mail/*.rc 110 etc/mail/aliases 111 etc/mail/helpfile 112 etc/mail/local-host-names 113 etc/mail/trusted-users 114 etc/named.conf 115 etc/net/*/services 116 etc/netconfig 117 etc/nfs/nfslog.conf 118 etc/nfssec.conf 119 etc/nscd.conf 120 etc/nsswitch.* 121 etc/pam.conf 122 etc/passwd 123 etc/policy.conf 124 etc/printers.conf 125 etc/profile 126 etc/project 127 etc/publickey 128 etc/remote 129 etc/resolv.conf 130 etc/rmmount.conf 131 etc/rpc 132 etc/rpld.conf 133 etc/saf/_sactab 134 etc/saf/_sysconfig 135 etc/saf/zsmon/_pmtab 136 etc/security/audit_class 137 etc/security/audit_control 138 etc/security/audit_event 139 etc/security/audit_startup 140 etc/security/audit_user 141 etc/security/audit_warn 142 etc/security/auth_attr 143 etc/security/crypt.conf 144 etc/security/exec_attr 145 etc/security/policy.conf 146 etc/security/prof_attr 147 etc/sfw/openssl/openssl.cnf 148 etc/shadow 149 etc/skel/.profile 150 etc/skel/local.* 151 etc/ssh/ssh_config 152 etc/ssh/sshd_config 153 etc/syslog.conf 154 etc/ttydefs 155 etc/ttysrch 156 etc/user_attr 157 etc/uucp/[A-Z]* 158 etc/vfstab 159 var/smb/* 160 var/spool/cron/crontabs/* 161 var/yp/Makefile 162 var/yp/aliases 163 var/yp/nicknames 164 " 165 166 # 167 # Second list: files to be saved in the global zone only. 168 # 169 global_zone_only_files=" 170 boot/grub/menu.lst 171 boot/solaris/bootenv.rc 172 boot/solaris/devicedb/master 173 boot/solaris/filelist.ramdisk 174 etc/aggregation.conf 175 etc/bootrc 176 etc/crypto/kcf.conf 177 etc/devlink.tab 178 etc/dladm/* 179 etc/driver_aliases 180 etc/driver_classes 181 etc/lvm/devpath 182 etc/lvm/lock 183 etc/lvm/md.cf 184 etc/lvm/md.ctlrmap 185 etc/lvm/md.tab 186 etc/lvm/mddb.cf 187 etc/lvm/runtime.cf 188 etc/mach 189 etc/minor_perm 190 etc/name_to_major 191 etc/name_to_sysnum 192 etc/nca/nca.if 193 etc/nca/ncakmod.conf 194 etc/nca/ncalogd.conf 195 etc/nca/ncaport.conf 196 etc/openwin/server/etc/OWconfig 197 etc/path_to_inst 198 etc/power.conf 199 etc/ppp/chap-secrets 200 etc/ppp/options 201 etc/ppp/pap-secrets 202 etc/security/device_policy 203 etc/security/extra_privs 204 etc/security/tsol/devalloc_defaults 205 etc/security/tsol/label_encodings 206 etc/security/tsol/relabel 207 etc/security/tsol/tnrhdb 208 etc/security/tsol/tnrhtp 209 etc/security/tsol/tnzonecfg 210 etc/system 211 etc/zones/index 212 kernel/drv/aac.conf 213 kernel/drv/elxl.conf 214 kernel/drv/emlxs.conf 215 kernel/drv/fp.conf 216 kernel/drv/iscsi.conf 217 kernel/drv/md.conf 218 kernel/drv/mpt.conf 219 kernel/drv/mpt_sas.conf 220 kernel/drv/options.conf 221 kernel/drv/pmcs.conf 222 kernel/drv/qlc.conf 223 kernel/drv/ra.conf 224 kernel/drv/scsa2usb.conf 225 kernel/drv/scsi_vhci.conf 226 kernel/drv/sd.conf 227 kernel/drv/ssd.conf 228 platform/*/kernel/drv/*ppm.conf 229 platform/i86pc/kernel/drv/aha.conf 230 platform/i86pc/kernel/drv/asy.conf 231 platform/sun4u/boot.conf 232 " 233 234 # 235 # Third list: files extracted from generic.root but which belong in the global 236 # zone only: they are superfluous (and some even harmful) in nonglobal zones. 237 # 238 # (note: as /etc/init.d scripts are converted to smf(5) "Greenline" services, 239 # they (and their /etc/rc?.d hardlinks) should be removed from this list when 240 # they are added to smf_obsolete_rc_files, below) 241 # 242 superfluous_nonglobal_zone_files=" 243 dev/dsk 244 dev/fd 245 dev/pts 246 dev/rdsk 247 dev/rmt 248 dev/stderr 249 dev/stdin 250 dev/stdout 251 dev/swap 252 dev/term 253 dev/vt 254 devices 255 etc/dacf.conf 256 etc/dat 257 etc/default/metassist.xml 258 etc/default/power 259 etc/flash/postdeployment/svm.cleanup 260 etc/flash/predeployment/svm.save 261 etc/inet/ipqosconf.1.sample 262 etc/inet/ipqosconf.2.sample 263 etc/inet/ipqosconf.3.sample 264 etc/inet/sock2path 265 etc/init.d/devlinks 266 etc/init.d/dodatadm.udaplt 267 etc/init.d/drvconfig 268 etc/init.d/llc2 269 etc/init.d/ncakmod 270 etc/init.d/ncalogd 271 etc/init.d/pcmcia 272 etc/init.d/pppd 273 etc/init.d/wrsmcfg 274 etc/llc2 275 etc/lvm 276 etc/nca 277 etc/openwin 278 etc/ppp 279 etc/rc0.d/K34ncalogd 280 etc/rc0.d/K50pppd 281 etc/rc0.d/K52llc2 282 etc/rc1.d/K34ncalogd 283 etc/rc1.d/K50pppd 284 etc/rc1.d/K52llc2 285 etc/rc2.d/S40llc2 286 etc/rc2.d/S42ncakmod 287 etc/rc2.d/S47pppd 288 etc/rc2.d/S81dodatadm.udaplt 289 etc/rc2.d/S94ncalogd 290 etc/rcS.d/K34ncalogd 291 etc/rcS.d/K44wrsmcfg 292 etc/rcS.d/K50pppd 293 etc/rcS.d/K52llc2 294 etc/rcS.d/S29wrsmcfg 295 etc/rcm 296 etc/sock2path 297 etc/usb 298 etc/wrsm 299 etc/zones 300 kernel 301 lib/libmeta.so 302 lib/libmeta.so.1 303 lib/svc/method/devices-audio 304 lib/svc/method/fc-fabric 305 lib/svc/method/iscsi-initiator 306 lib/svc/method/ldoms-agents 307 lib/svc/method/npivconfig 308 lib/svc/method/sf880dr 309 lib/svc/method/svc-cvcd 310 lib/svc/method/svc-dcs 311 lib/svc/method/svc-drd 312 lib/svc/method/svc-dscp 313 lib/svc/method/svc-dumpadm 314 lib/svc/method/svc-fcoei 315 lib/svc/method/svc-fcoet 316 lib/svc/method/svc-intrd 317 lib/svc/method/svc-hal 318 lib/svc/method/svc-labeld 319 lib/svc/method/svc-mdmonitor 320 lib/svc/method/svc-metainit 321 lib/svc/method/svc-metasync 322 lib/svc/method/svc-oplhpd 323 lib/svc/method/svc-poold 324 lib/svc/method/svc-pools 325 lib/svc/method/svc-power 326 lib/svc/method/svc-resource-mgmt 327 lib/svc/method/svc-rmvolmgr 328 lib/svc/method/svc-scheduler 329 lib/svc/method/svc-sckmd 330 lib/svc/method/svc-stmf 331 lib/svc/method/svc-syseventd 332 lib/svc/method/svc-tnctl 333 lib/svc/method/svc-tnd 334 lib/svc/method/svc-vntsd 335 lib/svc/method/svc-zones 336 lib/svc/method/vtdaemon 337 platform/*/kernel 338 platform/SUNW,Sun-Fire-15000/lib/cvcd 339 platform/SUNW,Ultra-Enterprise-10000/lib/cvcd 340 platform/i86pc/biosint 341 platform/i86pc/multiboot 342 platform/sun4u/cprboot 343 platform/sun4u/lib/libwrsmconf.so 344 platform/sun4u/lib/libwrsmconf.so.1 345 platform/sun4u/lib/sparcv9/libwrsmconf.so 346 platform/sun4u/lib/sparcv9/libwrsmconf.so.1 347 platform/sun4u/sbin 348 platform/sun4u/wanboot 349 platform/sun4v/wanboot 350 sbin/metadb 351 sbin/metadevadm 352 sbin/metainit 353 sbin/metarecover 354 sbin/metastat 355 usr/include/sys/dcam 356 usr/lib/devfsadm/linkmod/SUNW_dcam1394_link.so 357 usr/lib/ldoms 358 usr/platform/SUNW,SPARC-Enterprise/lib/dscp.ppp.options 359 usr/platform/SUNW,SPARC-Enterprise/lib/libdscp.so 360 usr/platform/SUNW,SPARC-Enterprise/lib/libdscp.so.1 361 usr/platform/SUNW,SPARC-Enterprise/lib/llib-ldscp.ln 362 usr/platform/SUNW,SPARC-Enterprise/sbin/prtdscp 363 var/adm/pool 364 var/log/pool 365 var/svc/manifest/network/iscsi/iscsi-initiator.xml 366 var/svc/manifest/network/npiv_config.xml 367 var/svc/manifest/network/rpc/mdcomm.xml 368 var/svc/manifest/network/rpc/meta.xml 369 var/svc/manifest/network/rpc/metamed.xml 370 var/svc/manifest/network/rpc/metamh.xml 371 var/svc/manifest/network/tnctl.xml 372 var/svc/manifest/network/tnd.xml 373 var/svc/manifest/platform/i86pc/eeprom.xml 374 var/svc/manifest/platform/sun4u/dcs.xml 375 var/svc/manifest/platform/sun4u/dscp.xml 376 var/svc/manifest/platform/sun4u/efdaemon.xml 377 var/svc/manifest/platform/sun4u/oplhpd.xml 378 var/svc/manifest/platform/sun4u/sckmd.xml 379 var/svc/manifest/platform/sun4u/sf880drd.xml 380 var/svc/manifest/platform/sun4v 381 var/svc/manifest/system/cvc.xml 382 var/svc/manifest/system/device/devices-audio.xml 383 var/svc/manifest/system/device/devices-fc-fabric.xml 384 var/svc/manifest/system/dumpadm.xml 385 var/svc/manifest/system/fcoe_initiator.xml 386 var/svc/manifest/system/fcoe_target.xml 387 var/svc/manifest/system/filesystem/rmvolmgr.xml 388 var/svc/manifest/system/fmd.xml 389 var/svc/manifest/system/hal.xml 390 var/svc/manifest/system/intrd.xml 391 var/svc/manifest/system/labeld.xml 392 var/svc/manifest/system/mdmonitor.xml 393 var/svc/manifest/system/metainit.xml 394 var/svc/manifest/system/metasync.xml 395 var/svc/manifest/system/picl.xml 396 var/svc/manifest/system/poold.xml 397 var/svc/manifest/system/pools.xml 398 var/svc/manifest/system/power.xml 399 var/svc/manifest/system/resource-mgmt.xml 400 var/svc/manifest/system/scheduler.xml 401 var/svc/manifest/system/stmf.xml 402 var/svc/manifest/system/sysevent.xml 403 var/svc/manifest/system/vtdaemon.xml 404 var/svc/manifest/system/zones.xml 405 " 406 407 # 408 # Fourth list: files to be preserved, ie unconditionally restored to 409 # "child" versions 410 # 411 preserve_files=" 412 etc/hostid 413 kernel/misc/amd64/sysinit 414 kernel/misc/amd64/usbs49_fw 415 kernel/misc/sparcv9/usbs49_fw 416 kernel/misc/sysinit 417 kernel/misc/usbs49_fw 418 var/adm/aculog 419 var/adm/spellhist 420 var/adm/utmpx 421 var/adm/wtmpx 422 var/log/authlog 423 var/log/syslog 424 var/saf/zsmon/log 425 " 426 427 realmode_files=" 428 boot/solaris/bootenv.rc 429 boot/solaris/devicedb/master 430 " 431 432 # 433 # /usr/sadm/install/scripts/i.build class runs class client provided 434 # script. The files below are managed by build class and its build script. 435 # They are added /bfu.conflict/NEW and the acr.sh process runs the script 436 # as part of conflict resolution. 437 # 438 build_class_script_files=" 439 etc/mpapi.conf 440 etc/hba.conf 441 etc/ima.conf 442 " 443 444 fail() { 445 print "$*" >& 2 446 print "bfu aborting" >& 2 447 rm -f "$bfu_zone_list" 448 exit 1 449 } 450 451 filelist() { 452 files="$all_zones_files $preserve_files" 453 if [ $1 = "global" ]; then 454 files="$global_zone_only_files $files" 455 fi 456 find $files -depth -type f ! -name core -print 2>/dev/null | sort -u || { 457 # 458 # Force cpio to return non-zero by printing an error message 459 # to stdout that it won't be able to lstat(). 460 # 461 echo 'filelist: sort failed' 462 fail "sort failed" 463 } 464 } 465 466 realmode_filelist() { 467 find $realmode_files -depth -type f ! -name core -print 2>/dev/null | sort 468 } 469 470 smf_inetd_conversions=" 471 100134 472 100150 473 100155 474 100229 475 100230 476 100234 477 100242 478 100422 479 chargen 480 comsat 481 daytime 482 discard 483 echo 484 eklogin 485 exec 486 finger 487 ftp 488 gssd 489 klogin 490 krb5_prop 491 kshell 492 ktkt_warnd 493 login 494 metad 495 metamedd 496 metamhd 497 name 498 printer 499 rexd 500 rquotad 501 rstatd 502 rusersd 503 shell 504 smserverd 505 sprayd 506 sun-dr 507 talk 508 telnet 509 time 510 uucp 511 walld 512 " 513 514 enable_next_boot () { 515 if [ -x /tmp/bfubin/svccfg ]; then 516 svcadm disable -t $1 517 [ $? = 0 ] || echo "warning: unable to temporarily disable $1" 518 eval $BFUSVCCFG -s $1 setprop general/enabled = true 519 [ $? = 0 ] || echo "warning: unable to enable $1 for next boot" 520 fi 521 } 522 523 # 524 # If we're in the global zone, import the manifest for the specified service. 525 # Note that we will need to see whether we are in an smf root if we are using 526 # an alternate root. If so, import the service directly; otherwise, print the 527 # warning messages. 528 # 529 # $1: the path of the xml file (the related path to /var/svc/manifest) 530 # $2: the service name - specified only if the service is enabled after reboot. 531 # 532 smf_import_service() { 533 if [[ $zone = global && -f $rootprefix/var/svc/manifest/$1 ]]; then 534 if [[ -n $rootprefix && -x /usr/sbin/svccfg ]]; then 535 SVCCFG_REPOSITORY=$rootprefix/etc/svc/repository.db \ 536 /usr/sbin/svccfg import $rootprefix/var/svc/manifest/$1 537 elif [[ -n $rootprefix ]]; then 538 echo "Warning: This system does not have SMF, so I" 539 echo "cannot ensure the pre-import of $1. If it does" 540 echo "not work, reboot your alternate root to fix it." 541 elif [[ -x /tmp/bfubin/svccfg ]]; then 542 if [[ "${2}a" == a ]]; then 543 eval $BFUSVCCFG import /var/svc/manifest/$1 544 else 545 tmpfile=/tmp/`echo "$1" | tr / :`.$$ 546 sed -e "s/enabled='true'/enabled='false'/" \ 547 /var/svc/manifest/$1 > "$tmpfile" 548 eval $BFUSVCCFG import "$tmpfile" 549 # 550 # Make sure the service is enabled after reboot. 551 # 552 enable_next_boot $2 553 fi 554 fi 555 fi 556 } 557 558 smf_inetd_disable() { 559 inetconf=$rootprefix/etc/inet/inetd.conf 560 inettmp=/tmp/inetd.tmp.$$ 561 562 sed "$(for i in $smf_inetd_conversions; do 563 echo "s:^[ ]*$i[ /]:#SMFbfu# &:" 564 done)" $inetconf > $inettmp && ! cmp -s $inettmp $inetconf && 565 cp $inettmp $inetconf 566 567 rm -f -- $inettmp 568 } 569 570 smf_inetd_reenable() { 571 inetconf=$rootprefix/etc/inet/inetd.conf 572 inettmp=/tmp/inetd.tmp.$$ 573 574 sed 's/^#SMFbfu# //' $inetconf > $inettmp && cp $inettmp $inetconf 575 576 rm -f -- $inettmp 577 } 578 579 smf_tftp_reinstall() { 580 inetconf=$rootprefix/etc/inet/inetd.conf 581 inettmp=/tmp/inetd.tmp.$$ 582 583 if grep '^#SMFbfu# tftp' $inetconf >/dev/null ; then 584 # BFU previously commented out, put it back in place 585 sed 's/^#SMFbfu# tftp/tftp/' $inetconf > $inettmp && 586 cp $inettmp $inetconf 587 elif ! grep '^[# ]*tftp' $inetconf >/dev/null; then 588 # No entry, append to end 589 cat >>$inetconf <<EOF 590 # TFTPD - tftp server (primarily used for booting) 591 #tftp dgram udp6 wait root /usr/sbin/in.tftpd in.tftpd -s /tftpboot 592 EOF 593 fi 594 595 rm -f -- $inettmp 596 } 597 598 inetd_conf_svm_hack() { 599 # Since inetd.conf is updated by SUNWmdr's postinstall script, 600 # we will update the actual inetd.conf here to reflect the postinstall 601 # changes. 602 603 inetconf=$rootprefix/etc/inet/inetd.conf 604 inettmp=/tmp/inetd.tmp.$$ 605 inetnew=/tmp/inetd.new.$$ 606 607 # 608 # only change inetd.conf if the rpc.metad entry is out of date 609 # 610 611 if ! grep "^[# ]*100229/1-2" $inetconf > /dev/null ; then 612 613 # Grab existing rpc entries for rpc.metad 614 # and convert spaces to tabs within the rpc entry, as well as 615 # the transport method; 616 # or add a new entry in case there was none. 617 if grep "^[# ]*100229/1" $inetconf > /dev/null ; then 618 grep "^# METAD - SLVM metadb" $inetconf > $inettmp 619 grep "^[# ]*100229/1" $inetconf | \ 620 sed -e 's/[ ][ ]*/ /g' \ 621 -e 's?100229/1?100229/1-2?' >> $inettmp 622 else 623 echo '# METAD - SVM metadb Daemon' > $inettmp 624 echo "100229/1-2\ttli\trpc/tcp\twait\troot\t/usr/sbin/rpc.metad\trpc.metad" >> $inettmp 625 fi 626 627 grep -v '^# METAD - SLVM metadb' $inetconf | \ 628 grep -v '^[# ]*100229/1' > $inetnew 629 cat $inettmp >> $inetnew 630 631 if ! diff $inetnew $inetconf > /dev/null ; then 632 print "Updating inet.conf metad entry ... \c" 633 if cp $inetnew $inetconf ; then 634 print "done." 635 else 636 print "failed." 637 fi 638 fi 639 rm -f $inettmp $inetnew 640 fi 641 642 # 643 # only change inetd.conf if the rpc.mdcommd entry is out of date 644 # 645 646 if ! grep "^[# ]*100422/1" $inetconf > /dev/null ; then 647 648 # Grab existing rpc entries for rpc.mdcommd 649 # and convert spaces to tabs within the rpc entry, 650 # or add a new entry in case there was none. 651 if grep "^[# ]*100422/1" $inetconf > /dev/null ; then 652 grep "^# MDMN_COMMD - SVM Multi node" $inetconf > $inettmp 653 grep "^[# ]*100422/1" $inetconf | \ 654 sed -e 's/[ ][ ]*/ /g' >> $inettmp 655 else 656 echo '# MDMN_COMMD - SVM Multi node communication daemon' >$inettmp 657 echo '100422/1\ttli\trpc/tcp\twait\troot\t/usr/sbin/rpc.mdcommd\trpc.mdcommd' >> $inettmp 658 fi 659 660 grep -v '^# MDMN_COMMD - SVM Multi node' $inetconf | \ 661 grep -v '^[# ]*100422/1' > $inetnew 662 cat $inettmp >> $inetnew 663 664 if ! diff $inetnew $inetconf > /dev/null ; then 665 print "Updating inetd.conf rpc.mdcommd entry ... \c" 666 if cp $inetnew $inetconf; then 667 print "done." 668 else 669 print "failed." 670 fi 671 fi 672 673 rm -f $inettmp $inetnew 674 fi 675 } 676 677 upgrade_aggr_and_linkprop () { 678 # Since aggregation.conf and linkprop.conf are upgraded by 679 # SUNWcnetr's postinstall script, put the relevant portions of the 680 # postinstall script here, modified to rename the old files instead 681 # of removing them. 682 683 # 684 # Convert datalink configuration into a series of dladm(1M) commands 685 # and keep them in an upgrade script. This script will then be run 686 # in the network-physical service. 687 # 688 # Note that we cannot use the /var/svc/profile/upgrade script because 689 # that script is run in the manifest-import service which is too late 690 # for the datalink configuration. 691 # 692 UPGRADE_SCRIPT=/var/svc/profile/upgrade_datalink 693 694 AGGR_CONF=/etc/aggregation.conf 695 ORIG=$rootprefix$AGGR_CONF 696 if [[ ! -f $ORIG ]]; then 697 # Try the alternate location. 698 AGGR_CONF=/etc/dladm/aggregation.conf 699 ORIG=$rootprefix$AGGR_CONF 700 fi 701 702 if [[ -f $ORIG ]]; then 703 # Strip off comments, then each remaining line defines 704 # an aggregation the administrator configured on the old 705 # system. Each line corresponds to one dladm command 706 # that is appended to the upgrade script. 707 cat $ORIG | grep '^[^#]' | while read line; do 708 echo $line | while read aggr_index rest 709 do 710 policy=`echo $rest | /usr/bin/awk '{print $1}'` 711 nports=`echo $rest | /usr/bin/awk '{print $2}'` 712 ports=`echo $rest | /usr/bin/awk '{print $3}'` 713 mac=`echo $rest | /usr/bin/awk '{print $4}'` 714 lacp_mode=`echo $rest | /usr/bin/awk \ 715 '{print $5}'` 716 lacp_timer=`echo $rest | /usr/bin/awk \ 717 '{print $6}'` 718 dladm_string="dladm create-aggr -P $policy -l \ 719 $lacp_mode -T $lacp_timer" 720 # A fixed MAC address 721 if [[ $mac != "auto" ]]; then 722 dladm_string="$dladm_string -u $mac" 723 fi 724 i=1 725 while [ $i -le $nports ]; do 726 device=`echo $ports | cut -d, -f$i` 727 # Older aggregation.conf files have the 728 # format of device_name/port_number. 729 # We don't need the port number, so get 730 # rid of it if it is there. 731 device=`echo $device | cut -d/ -f1` 732 ((i = i + 1)) 733 dladm_string="$dladm_string -d \ 734 $device" 735 done 736 dladm_string="$dladm_string $aggr_index" 737 echo $dladm_string >> \ 738 $rootprefix$UPGRADE_SCRIPT 739 done 740 done 741 mv $ORIG $ORIG.bak 742 fi 743 744 # Upgrade linkprop.conf 745 ORIG=$rootprefix/etc/dladm/linkprop.conf 746 747 if [[ -f $ORIG ]]; then 748 # Strip off comments, then each remaining line lists 749 # properties the administrator configured for a 750 # particular interface. Each line includes several 751 # properties, but we can only set one property per 752 # dladm invocation. 753 cat $ORIG | grep '^[^#]' | while read line; do 754 echo $line | while read link rest 755 do 756 while [ -n "$rest" ]; do 757 linkprop=`echo $rest | cut -d";" -f1` 758 rest=`echo $rest | cut -d";" -f2-` 759 echo dladm set-linkprop -p $linkprop \ 760 $link >> $rootprefix$UPGRADE_SCRIPT 761 done 762 done 763 done 764 mv $ORIG $ORIG.bak 765 fi 766 } 767 768 upgrade_vlan () { 769 # Convert hostname.*** and zonecfg vlan configurations 770 UPGRADE_SCRIPT=/var/svc/profile/upgrade_datalink 771 772 for ifname in $host_ifs $zone_ifs 773 do 774 phys=`echo $ifname | sed "s/[0-9]*$//"` 775 devnum=`echo $ifname | sed "s/$phys//g"` 776 if [ "$phys$devnum" != $ifname -o \ 777 -n "`echo $devnum | tr -d '[0-9]'`" ]; then 778 echo "skipping invalid interface $ifname" 779 continue 780 fi 781 782 vid=`expr $devnum / 1000` 783 inst=`expr $devnum % 1000` 784 785 if [ "$vid" != "0" ]; then 786 echo dladm create-vlan -l $phys$inst -v $vid $ifname \ 787 >> $rootprefix$UPGRADE_SCRIPT 788 fi 789 done 790 } 791 792 # Update aac.conf for set legacy-name-enable properly 793 update_aac_conf() 794 { 795 conffile=$rootprefix/kernel/drv/aac.conf 796 childconffile=$rootprefix/bfu.child/kernel/drv/aac.conf 797 798 # Already using autoenumeration mode, return 799 egrep -s "legacy-name-enable" $childconffile && \ 800 grep "legacy-name-enable" $childconffile | egrep -s "no" && return 801 802 # Else enable legacy mode 803 sed -e 's/legacy-name-enable="no"/legacy-name-enable="yes"/g' \ 804 < $conffile > /tmp/aac.conf.$$ 805 mv -f /tmp/aac.conf.$$ $conffile 806 } 807 808 update_etc_inet_sock2path() 809 { 810 # 811 # The PF_PACKET module may need to be added to the configuration 812 # file socket sockets. 813 # 814 # When being added to the system, the socket itself will remain 815 # inactive until the next reboot when soconfig is run. When being 816 # removed, the kernel configuration stays active until the system 817 # is rebooted and the sockets will continue to work until it is 818 # unloaded from the kernel, after which applications will fail. 819 # 820 sockfile=$rootprefix/etc/inet/sock2path 821 xgrep=/usr/xpg4/bin/grep 822 823 ${ZCAT} ${cpiodir}/generic.usr$ZFIX | cpio -it 2>/dev/null | 824 ${xgrep} -q sockpfp 825 if [ $? -eq 1 ] ; then 826 ${xgrep} -v -E '^ 32 [14] 0 sockpfp' \ 827 ${sockfile} > /tmp/sock2path.tmp.$$ 828 cp /tmp/sock2path.tmp.$$ ${sockfile} 829 else 830 if ! ${xgrep} -q -E \ 831 '^ 31 [14] 0 sockpfp' ${sockfile}; then 832 echo '' >> ${sockfile} 833 echo ' 32 1 0 sockpfp' >> ${sockfile} 834 echo ' 32 4 0 sockpfp' >> ${sockfile} 835 fi 836 fi 837 } 838 839 # update x86 version mpt.conf for property tape 840 mpttapeprop='[ ]*tape[ ]*=[ ]*"sctp"[ ]*;' 841 update_mptconf_i386() 842 { 843 conffile=$rootprefix/kernel/drv/mpt.conf 844 test -f $conffile || return 845 egrep -s "$mpttapeprop" $conffile 846 if [ $? -ne 0 ] ; then 847 echo 'tape="sctp";' >> $conffile 848 fi 849 } 850 851 # update x86 etc/mach file after xVM_uppc is added, 852 # which makes xpv_psm a non-default psm module 853 update_etc_mach_i386() 854 { 855 etc_mach=$rootprefix/etc/mach 856 test -f $etc_mach || return 857 grep -w "xpv_psm" $etc_mach > /dev/null 2>&1 858 if [ $? -ne 0 ] ; then 859 echo 'xpv_psm' >> $etc_mach 860 fi 861 } 862 863 # check and update driver class for scsi-self-identifying 864 chk_update_drv_class() 865 { 866 867 drvclassfile=$rootprefix/etc/driver_classes 868 name2majorfile=$rootprefix/etc/name_to_major 869 drvname=$1 870 classentry="^$drvname[ ].*scsi-self-identifying" 871 872 [ -f $drvclassfile ] || return 873 [ -f $name2majorfile ] || return 874 875 grep -w $drvname $name2majorfile > /dev/null 2>&1 || return 876 877 egrep -s "$classentry" $drvclassfile 878 if [ $? -ne 0 ]; then 879 echo "$drvname scsi-self-identifying" >> $drvclassfile 880 fi 881 } 882 883 update_drvclass_i386() 884 { 885 chk_update_drv_class ahci 886 chk_update_drv_class si3124 887 chk_update_drv_class marvell88sx 888 chk_update_drv_class nv_sata 889 } 890 891 update_policy_conf() { 892 # update /etc/security/policy.conf with the default 893 # Solaris crypt(3c) policy. 894 895 dest=$rootprefix/etc/security/policy.conf 896 897 grep 'CRYPT_' $dest > /dev/null 2>&1 898 if [ $? = 1 ] ; then 899 print "Updating entries for crypt(3c), see policy.conf(4)" 900 cat >> $dest <<EOM 901 902 # crypt(3c) Algorithms Configuration 903 # 904 # CRYPT_ALGORITHMS_ALLOW specifies the algorithms that are allowed to 905 # be used for new passwords. This is enforced only in crypt_gensalt(3c). 906 # 907 CRYPT_ALGORITHMS_ALLOW=1,2a,md5 908 909 # To deprecate use of the traditional unix algorithm, uncomment below 910 # and change CRYPT_DEFAULT= to another algorithm. For example, 911 # CRYPT_DEFAULT=1 for BSD/Linux MD5. 912 # 913 #CRYPT_ALGORITHMS_DEPRECATE=__unix__ 914 915 # The Solaris default is the traditional UNIX algorithm. This is not 916 # listed in crypt.conf(4) since it is internal to libc. The reserved 917 # name __unix__ is used to refer to it. 918 # 919 CRYPT_DEFAULT=__unix__ 920 EOM 921 fi 922 grep PRIV_ $dest >/dev/null 2>&1 923 if [ $? = 1 ]; then 924 echo "Updating entries for privileges(5)," \ 925 "see policy.conf(4) for details." 926 cat >> $dest <<EOM 927 # 928 # These settings determine the default privileges users have. If not set, 929 # the default privileges are taken from the inherited set. 930 # There are two different settings; PRIV_DEFAULT determines the default 931 # set on login; PRIV_LIMIT defines the Limit set on login. 932 # Individual users can have privileges assigned or taken away through 933 # user_attr. Privileges can also be assigned to profiles in which case 934 # the users with those profiles can use those privileges through pfexec(1). 935 # For maximum future compatibility, the specifications should 936 # always include "basic" or "all"; privileges should then be removed using 937 # the negation. E.g., PRIV_LIMIT=all,!sys_linkdir takes away only the 938 # sys_linkdir privilege, regardless of future additional privileges. 939 # Similarly, PRIV_DEFAULT=basic,!file_link_any takes away only the 940 # file_link_any privilege from the basic privilege set; only that notation 941 # is immune from a future addition of currently unprivileged operations to 942 # the basic privilege set. 943 # NOTE: removing privileges from the the Limit set requires EXTREME care 944 # as any set-uid root program may suddenly fail because it lacks certain 945 # privilege(s). 946 # 947 #PRIV_DEFAULT=basic 948 #PRIV_LIMIT=all 949 EOM 950 fi 951 952 } 953 954 # 955 # Cleanup nfsmapid configuration before extracting 956 # root bits. Remove if they exist: 957 # nfsmapid entry in inetd.conf 958 # nfsmapid entry in /etc/net/ti*/services 959 # 960 # Going forward neither should exist, but no harm if services entry exists 961 # Going way backwards (pre-04/28/2004), inetd.conf must exist but will 962 # be a conflict that should be merged in 963 # 964 nfsmapid_cfg() { 965 inetdconf=$rootprefix/etc/inet/inetd.conf 966 tmpinetcf=/tmp/inetd.conf.$$ 967 cp -pf ${inetdconf} ${tmpinetcf} 968 cat /dev/null > ${inetdconf} 2>&1 969 sed -e "/^#[# ]*NFSv4/d" \ 970 -e "/^[# ]*100166\/1/d" \ 971 ${tmpinetcf} > ${inetdconf} 2>&1 972 rm -f ${tmpinetcf} 973 974 tmpservices=/tmp/services.$$ 975 976 services=$rootprefix/etc/net/ticotsord/services 977 cp -pf ${services} ${tmpservices} 978 cat /dev/null > ${services} 2>&1 979 sed -e "/^[# ]*nfsmapid/d" \ 980 ${tmpservices} > ${services} 2>&1 981 rm -f ${tmpservices} 982 983 services=$rootprefix/etc/net/ticots/services 984 cp -pf ${services} ${tmpservices} 985 cat /dev/null > ${services} 2>&1 986 sed -e "/^[# ]*nfsmapid/d" \ 987 ${tmpservices} > ${services} 2>&1 988 rm -f ${tmpservices} 989 990 services=$rootprefix/etc/net/ticlts/services 991 cp -pf ${services} ${tmpservices} 992 cat /dev/null > ${services} 2>&1 993 sed -e "/^[# ]*nfsmapid/d" \ 994 ${tmpservices} > ${services} 2>&1 995 rm -f ${tmpservices} 996 } 997 998 # 999 # Detect Boomer audio framework; used to emit a notice at the end of BFU 1000 # telling the user to run update_audio to complete the upgrade. 1001 # 1002 BOOMER_PRESENT_SYS=false 1003 BOOMER_PRESENT_BFU=false 1004 BOOMER_DRIVERS="audio" 1005 AUSTR_PRESENT_SYS=false 1006 AUSTR_PRESENT_BFU=false 1007 1008 check_boomer_sys() { 1009 typeset root=$1 1010 typeset n2m=$root/etc/name_to_major 1011 typeset drv 1012 1013 for drv in $BOOMER_DRIVERS; do 1014 if ! grep -w $drv $n2m > /dev/null 2>&1; then 1015 return 1 1016 fi 1017 done 1018 1019 return 0 1020 } 1021 1022 check_boomer_bfu() { 1023 $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | 1024 grep devices-audio.xml > /dev/null 2>&1 1025 } 1026 1027 check_austr_sys() { 1028 typeset root=$1 1029 typeset n2m=$root/etc/name_to_major 1030 typeset drv 1031 1032 if ! grep -w austr $n2m > /dev/null 2>&1; then 1033 return 1 1034 fi 1035 return 0 1036 } 1037 1038 check_austr_bfu() { 1039 $ZCAT $cpiodir/generic.kernel$ZFIX | cpio -it 2>/dev/null | 1040 grep austr > /dev/null 2>&1 1041 } 1042 1043 # 1044 # 1045 # Define global variables 1046 # 1047 CALL_DEVID_DESTROY="" 1048 # 1049 # List of SDS commands that must be deleted. 1050 # 1051 SDSCMDLIST=" 1052 growfs 1053 metaclear 1054 metadb 1055 metadetach 1056 metahs 1057 metainit 1058 metaoffline 1059 metaonline 1060 metaparam 1061 metarename 1062 metareplace 1063 metaroot 1064 metaset 1065 metastat 1066 metasync 1067 metattach 1068 rpc.metad 1069 rpc.metamhd 1070 " 1071 # 1072 # List of SDS configuration files that must be deleted. 1073 # 1074 SDSCONFIGLIST=" 1075 lock 1076 md.cf 1077 mddb.cf 1078 md.tab 1079 devpath 1080 md.ctlrmap 1081 " 1082 # 1083 # List of rc scripts that must be deleted. 1084 # 1085 RCLIST=" 1086 etc/init.d/SUNWmd.init 1087 etc/init.d/SUNWmd.sync 1088 etc/init.d/lvm.init 1089 etc/init.d/lvm.sync 1090 etc/rcS.d/S35SUNWmd.init 1091 etc/rcS.d/S35lvm.init 1092 etc/rc2.d/S95SUNWmd.sync 1093 etc/rc2.d/S95lvm.sync 1094 etc/rcS.d/S35slvm.init 1095 etc/rc2.d/S95slvm.sync 1096 etc/init.d/slvm.init 1097 etc/init.d/slvm.sync 1098 etc/init.d/init.mdlogd 1099 etc/rc3.d/S25mdlogd 1100 " 1101 # 1102 # List of flashprom-related files that must be deleted. 1103 # 1104 FLASHPROMLIST=" 1105 etc/rc2.d/S75flashprom 1106 etc/init.d/flashprom 1107 usr/platform/SUNW,Ultra-2/lib/flash-update.sh 1108 usr/platform/SUNW,Ultra-4/lib/flash-update.sh 1109 usr/platform/SUNW,Ultra-Enterprise/lib/flash-update.sh 1110 usr/platform/sun4u/doc/flashupdate.txt 1111 usr/platform/sun4u/lib/flash-update.sh 1112 usr/platform/sun4u/lib/prom/SUNW,Ultra-2 1113 usr/platform/sun4u/lib/prom/SUNW,Ultra-4 1114 usr/platform/sun4u/lib/prom/SUNW,Ultra-Enterprise 1115 " 1116 1117 # 1118 # delete the entries associated with bootlist from /etc/system 1119 # 1120 1121 delete_system_bootlist() { 1122 sed -e /"Begin MDD database info"/,/"End MDD database info"/d \ 1123 < ${SYSTEM_FILE} > /tmp/system.$$ 1124 cp /tmp/system.$$ ${SYSTEM_FILE} || \ 1125 echo "copy error: /tmp/system.$$ to ${SYSTEM_FILE}" 1126 } 1127 1128 # 1129 # Add entries in md.conf for bootlist 1130 # 1131 1132 fix_mdconf() { 1133 cp ${mdconf} /tmp/md.conf.$$ 1134 echo >> /tmp/md.conf.$$ 1135 echo "# Begin MDD database info (do not edit)" >> /tmp/md.conf.$$ 1136 sed -e 's/^set md://' -e 's/$/;/' ${SYSTEM_FILE} | \ 1137 grep mddb_bootlist >> /tmp/md.conf.$$ 1138 echo "# End MDD database info (do not edit)" >> /tmp/md.conf.$$ 1139 cp /tmp/md.conf.$$ ${mdconf} || \ 1140 echo "copy error: /tmp/md.conf.$$ to ${mdconf}" 1141 } 1142 1143 # 1144 # add_devid_destroy(filename) 1145 # returns contents in filename 1146 # md_devid_destroy property is required when upgrading 1147 # from pre SVM to SVM releases or when the device ID returned from 1148 # the driver changes. 1149 # It is specifically placed between 1150 # # Begin MDD database info and # End MDD database info because 1151 # on the subsequent reboot, this line will be removed automatically when 1152 # metadevadm is run in rc2.d. 1153 # 1154 add_devid_destroy() { 1155 cat $1 | awk '{ 1156 if ( $2 == "End" && $4 == "database") { 1157 print "md_devid_destroy=1;" 1158 } 1159 print $0 1160 }' >> /tmp/t$$ 1161 mv /tmp/t$$ $1 1162 } 1163 1164 # 1165 # Reads existing configuration values in /etc/rcap.conf and puts 1166 # them in repository upon reboot(via /var/svc/profile/upgrade). 1167 # 1168 migrate_rcap_conf() { 1169 RCAP_CONF="${rootprefix}/etc/rcap.conf" 1170 PROFILE_UPGRADE="${rootprefix}/var/svc/profile/upgrade" 1171 SVCCFG="/usr/sbin/svccfg" 1172 RCAP_FMRI="svc:/system/rcap:default" 1173 PG="config" 1174 1175 pressure=`awk '$1 == "RCAPD_MEMORY_CAP_ENFORCEMENT_PRESSURE" \ 1176 && NF == 3 {print $3}' $RCAP_CONF` 1177 1178 reconfig_int=`awk '$1 == "RCAPD_RECONFIGURATION_INTERVAL" \ 1179 && NF == 3 {print $3}' $RCAP_CONF` 1180 1181 walk_int=`awk '$1 == "RCAPD_PROC_WALK_INTERVAL" && \ 1182 NF == 3 {print $3}' $RCAP_CONF` 1183 1184 report_int=`awk '$1 == "RCAPD_REPORT_INTERVAL" && \ 1185 NF == 3 {print $3}' $RCAP_CONF` 1186 1187 rss_sample_int=`awk '$1 == "RCAPD_RSS_SAMPLE_INTERVAL" && \ 1188 NF == 3 {print $3}' $RCAP_CONF` 1189 1190 # Blindly update default configuration values with 1191 # pre-existing values 1192 # 1193 echo "# Migrating pre-existing rcap configuration" >> \ 1194 $PROFILE_UPGRADE 1195 1196 echo "$SVCCFG -s $RCAP_FMRI setprop ${PG}/pressure = " \ 1197 "$pressure" >> $PROFILE_UPGRADE 1198 1199 echo "$SVCCFG -s $RCAP_FMRI " \ 1200 "setprop ${PG}/reconfig_interval = $reconfig_int" >> \ 1201 $PROFILE_UPGRADE 1202 1203 echo "$SVCCFG -s $RCAP_FMRI " \ 1204 "setprop ${PG}/walk_interval = $walk_int" >> \ 1205 $PROFILE_UPGRADE 1206 1207 echo "$SVCCFG -s $RCAP_FMRI " \ 1208 "setprop ${PG}/report_interval = $report_int" >> \ 1209 $PROFILE_UPGRADE 1210 1211 echo "$SVCCFG -s $RCAP_FMRI " \ 1212 "setprop ${PG}/rss_sample_interval = $rss_sample_int" >> \ 1213 $PROFILE_UPGRADE 1214 1215 echo "/usr/sbin/svcadm refresh $RCAP_FMRI" >> \ 1216 $PROFILE_UPGRADE 1217 1218 echo "rm /etc/rcap.conf" >> \ 1219 $PROFILE_UPGRADE 1220 } 1221 1222 # 1223 # Migrate an existing extended accounting configuration from /etc/acctadm.conf 1224 # to the smf(5) repository upon reboot. Enable the instance if the 1225 # configuration differs from the default configuration. 1226 # 1227 migrate_acctadm_conf() 1228 { 1229 cat >> $rootprefix/var/svc/profile/upgrade <<\_EOF 1230 if [ -f /etc/acctadm.conf ]; then 1231 . /etc/acctadm.conf 1232 1233 fmri="svc:/system/extended-accounting:flow" 1234 eval $BFUSVCCFG -s $fmri setprop config/file = \ 1235 ${ACCTADM_FLOW_FILE:="none"} 1236 eval $BFUSVCCFG -s $fmri setprop config/tracked = \ 1237 ${ACCTADM_FLOW_TRACKED:="none"} 1238 eval $BFUSVCCFG -s $fmri setprop config/untracked = \ 1239 ${ACCTADM_FLOW_UNTRACKED:="extended"} 1240 if [ ${ACCTADM_FLOW_ENABLE:="no"} = "yes" ]; then 1241 eval $BFUSVCCFG -s $fmri setprop config/enabled = "true" 1242 else 1243 eval $BFUSVCCFG -s $fmri setprop config/enabled = "false" 1244 fi 1245 if [ $ACCTADM_FLOW_ENABLE = "yes" -o \ 1246 $ACCTADM_FLOW_FILE != "none" -o \ 1247 $ACCTADM_FLOW_TRACKED != "none" ]; then 1248 svcadm enable $fmri 1249 fi 1250 1251 fmri="svc:/system/extended-accounting:process" 1252 eval $BFUSVCCFG -s $fmri setprop config/file = \ 1253 ${ACCTADM_PROC_FILE:="none"} 1254 eval $BFUSVCCFG -s $fmri setprop config/tracked = \ 1255 ${ACCTADM_PROC_TRACKED:="none"} 1256 eval $BFUSVCCFG -s $fmri setprop config/untracked = \ 1257 ${ACCTADM_PROC_UNTRACKED:="extended"} 1258 if [ ${ACCTADM_PROC_ENABLE:="no"} = "yes" ]; then 1259 eval $BFUSVCCFG -s $fmri setprop config/enabled = "true" 1260 else 1261 eval $BFUSVCCFG -s $fmri setprop config/enabled = "false" 1262 fi 1263 if [ $ACCTADM_PROC_ENABLE = "yes" -o \ 1264 $ACCTADM_PROC_FILE != "none" -o \ 1265 $ACCTADM_PROC_TRACKED != "none" ]; then 1266 svcadm enable $fmri 1267 fi 1268 1269 fmri="svc:/system/extended-accounting:task" 1270 eval $BFUSVCCFG -s $fmri setprop config/file = \ 1271 ${ACCTADM_TASK_FILE:="none"} 1272 eval $BFUSVCCFG -s $fmri setprop config/tracked = \ 1273 ${ACCTADM_TASK_TRACKED:="none"} 1274 eval $BFUSVCCFG -s $fmri setprop config/untracked = \ 1275 ${ACCTADM_TASK_UNTRACKED:="extended"} 1276 if [ ${ACCTADM_TASK_ENABLE:="no"} = "yes" ]; then 1277 eval $BFUSVCCFG -s $fmri setprop config/enabled = "true" 1278 else 1279 eval $BFUSVCCFG -s $fmri setprop config/enabled = "false" 1280 fi 1281 if [ $ACCTADM_TASK_ENABLE = "yes" -o \ 1282 $ACCTADM_TASK_FILE != "none" -o \ 1283 $ACCTADM_TASK_TRACKED != "none" ]; then 1284 svcadm enable $fmri 1285 fi 1286 1287 fmri="svc:/system/extended-accounting:net" 1288 eval $BFUSVCCFG -s $fmri setprop config/file = \ 1289 ${ACCTADM_NET_FILE:="none"} 1290 eval $BFUSVCCFG -s $fmri setprop config/tracked = \ 1291 ${ACCTADM_NET_TRACKED:="none"} 1292 eval $BFUSVCCFG -s $fmri setprop config/untracked = \ 1293 ${ACCTADM_NET_UNTRACKED:="extended"} 1294 if [ ${ACCTADM_NET_ENABLE:="no"} = "yes" ]; then 1295 eval $BFUSVCCFG -s $fmri setprop config/enabled = "true" 1296 else 1297 eval $BFUSVCCFG -s $fmri setprop config/enabled = "false" 1298 fi 1299 if [ $ACCTADM_NET_ENABLE = "yes" -o \ 1300 $ACCTADM_NET_FILE != "none" -o \ 1301 $ACCTADM_NET_TRACKED != "none" ]; then 1302 svcadm enable $fmri 1303 fi 1304 1305 rm /etc/acctadm.conf 1306 fi 1307 _EOF 1308 } 1309 1310 # 1311 # smf(5) "Greenline" doesn't install the init.d or rc*.d scripts for 1312 # converted services. Clean up previous scripts for such services. 1313 # 1314 smf_obsolete_rc_files=" 1315 etc/init.d/ANNOUNCE 1316 etc/init.d/MOUNTFSYS 1317 etc/init.d/RMTMPFILES 1318 etc/init.d/acctadm 1319 etc/init.d/audit 1320 etc/init.d/autofs 1321 etc/init.d/boot.server 1322 etc/init.d/coreadm 1323 etc/init.d/cron 1324 etc/init.d/cryptosvc 1325 etc/init.d/cvc 1326 etc/init.d/devfsadm 1327 etc/init.d/dhcp 1328 etc/init.d/dhcpagent 1329 etc/init.d/domainname 1330 etc/init.d/efcode 1331 etc/init.d/inetd 1332 etc/init.d/inetinit 1333 etc/init.d/inetsvc 1334 etc/init.d/initboot 1335 etc/init.d/ipfboot 1336 etc/init.d/kdc 1337 etc/init.d/kdc.master 1338 etc/init.d/keymap 1339 etc/init.d/ldap.client 1340 etc/init.d/libc.mount 1341 etc/init.d/network 1342 etc/init.d/nfs.client 1343 etc/init.d/nodename 1344 etc/init.d/nscd 1345 etc/init.d/perf 1346 etc/init.d/picld 1347 etc/init.d/power 1348 etc/init.d/rcapd 1349 etc/init.d/rootusr 1350 etc/init.d/rpc 1351 etc/init.d/savecore 1352 etc/init.d/sckm 1353 etc/init.d/sf880dr 1354 etc/init.d/slpd 1355 etc/init.d/sshd 1356 etc/init.d/standardmounts 1357 etc/init.d/svm.init 1358 etc/init.d/svm.sync 1359 etc/init.d/sysid.net 1360 etc/init.d/sysid.sys 1361 etc/init.d/syslog 1362 etc/init.d/utmpd 1363 etc/init.d/volmgt 1364 etc/init.d/xntpd 1365 etc/init.d/zones 1366 etc/rc0.d/K00ANNOUNCE 1367 etc/rc0.d/K01zones 1368 etc/rc0.d/K03sshd 1369 etc/rc0.d/K05volmgt 1370 etc/rc0.d/K07snmpdx 1371 etc/rc0.d/K10rcapd 1372 etc/rc0.d/K21dhcp 1373 etc/rc0.d/K27boot.server 1374 etc/rc0.d/K28kdc 1375 etc/rc0.d/K28kdc.master 1376 etc/rc0.d/K28nfs.server 1377 etc/rc0.d/K32cryptosvc 1378 etc/rc0.d/K33audit 1379 etc/rc0.d/K33efcode 1380 etc/rc0.d/K34svm.sync 1381 etc/rc0.d/K36sendmail 1382 etc/rc0.d/K36utmpd 1383 etc/rc0.d/K37power 1384 etc/rc0.d/K40cron 1385 etc/rc0.d/K40inetd 1386 etc/rc0.d/K40nscd 1387 etc/rc0.d/K40sf880dr 1388 etc/rc0.d/K40slpd 1389 etc/rc0.d/K40syslog 1390 etc/rc0.d/K40xntpd 1391 etc/rc0.d/K41autofs 1392 etc/rc0.d/K41ldap.client 1393 etc/rc0.d/K41nfs.client 1394 etc/rc0.d/K41rpc 1395 etc/rc0.d/K42sckm 1396 etc/rc0.d/K43inet 1397 etc/rc0.d/K68picld 1398 etc/rc0.d/K83devfsadm 1399 etc/rc0.d/K90dhcpagent 1400 etc/rc1.d/K00ANNOUNCE 1401 etc/rc1.d/K01zones 1402 etc/rc1.d/K03sshd 1403 etc/rc1.d/K05volmgt 1404 etc/rc1.d/K07snmpdx 1405 etc/rc1.d/K10rcapd 1406 etc/rc1.d/K21dhcp 1407 etc/rc1.d/K27boot.server 1408 etc/rc1.d/K28kdc 1409 etc/rc1.d/K28kdc.master 1410 etc/rc1.d/K28nfs.server 1411 etc/rc1.d/K33audit 1412 etc/rc1.d/K33efcode 1413 etc/rc1.d/K34svm.sync 1414 etc/rc1.d/K36sendmail 1415 etc/rc1.d/K36utmpd 1416 etc/rc1.d/K37power 1417 etc/rc1.d/K40cron 1418 etc/rc1.d/K40inetd 1419 etc/rc1.d/K40nscd 1420 etc/rc1.d/K40sf880dr 1421 etc/rc1.d/K40slpd 1422 etc/rc1.d/K40syslog 1423 etc/rc1.d/K40xntpd 1424 etc/rc1.d/K41autofs 1425 etc/rc1.d/K41ldap.client 1426 etc/rc1.d/K41rpc 1427 etc/rc1.d/K42sckm 1428 etc/rc1.d/K43inet 1429 etc/rc1.d/K99libc.mount 1430 etc/rc1.d/S01MOUNTFSYS 1431 etc/rc2.d/K01zones 1432 etc/rc2.d/K03sshd 1433 etc/rc2.d/K05volmgt 1434 etc/rc2.d/K07snmpdx 1435 etc/rc2.d/K21dhcp 1436 etc/rc2.d/K27boot.server 1437 etc/rc2.d/K28kdc 1438 etc/rc2.d/K28kdc.master 1439 etc/rc2.d/K28nfs.server 1440 etc/rc2.d/S01MOUNTFSYS 1441 etc/rc2.d/S05RMTMPFILES 1442 etc/rc2.d/S21perf 1443 etc/rc2.d/S30sysid.net 1444 etc/rc2.d/S65ipfboot 1445 etc/rc2.d/S69domainname 1446 etc/rc2.d/S69inet 1447 etc/rc2.d/S70sckm 1448 etc/rc2.d/S71ldap.client 1449 etc/rc2.d/S71rpc 1450 etc/rc2.d/S71sysid.sys 1451 etc/rc2.d/S72inetsvc 1452 etc/rc2.d/S72slpd 1453 etc/rc2.d/S73nfs.client 1454 etc/rc2.d/S74autofs 1455 etc/rc2.d/S74syslog 1456 etc/rc2.d/S74xntpd 1457 etc/rc2.d/S75cron 1458 etc/rc2.d/S75savecore 1459 etc/rc2.d/S76nscd 1460 etc/rc2.d/S77inetd 1461 etc/rc2.d/S77sf880dr 1462 etc/rc2.d/S85power 1463 etc/rc2.d/S88sendmail 1464 etc/rc2.d/S88utmpd 1465 etc/rc2.d/S95svm.sync 1466 etc/rc2.d/S98efcode 1467 etc/rc2.d/S98libc.mount 1468 etc/rc2.d/S99audit 1469 etc/rc2.d/S99rcapd 1470 etc/rc3.d/S13kdc.master 1471 etc/rc3.d/S14kdc 1472 etc/rc3.d/S15nfs.server 1473 etc/rc3.d/S16boot.server 1474 etc/rc3.d/S34dhcp 1475 etc/rc3.d/S76snmpdx 1476 etc/rc3.d/S81volmgt 1477 etc/rc3.d/S89sshd 1478 etc/rc3.d/S99zones 1479 etc/rcS.d/K01zones 1480 etc/rcS.d/K03sshd 1481 etc/rcS.d/K05volmgt 1482 etc/rcS.d/K07snmpdx 1483 etc/rcS.d/K10rcapd 1484 etc/rcS.d/K21dhcp 1485 etc/rcS.d/K27boot.server 1486 etc/rcS.d/K28kdc 1487 etc/rcS.d/K28kdc.master 1488 etc/rcS.d/K28nfs.server 1489 etc/rcS.d/K33audit 1490 etc/rcS.d/K33efcode 1491 etc/rcS.d/K34svm.sync 1492 etc/rcS.d/K36sendmail 1493 etc/rcS.d/K36utmpd 1494 etc/rcS.d/K37power 1495 etc/rcS.d/K40cron 1496 etc/rcS.d/K40inetd 1497 etc/rcS.d/K40nscd 1498 etc/rcS.d/K40sf880dr 1499 etc/rcS.d/K40slpd 1500 etc/rcS.d/K40syslog 1501 etc/rcS.d/K40xntpd 1502 etc/rcS.d/K41autofs 1503 etc/rcS.d/K41ldap.client 1504 etc/rcS.d/K41rpc 1505 etc/rcS.d/K42sckm 1506 etc/rcS.d/K43inet 1507 etc/rcS.d/K99libc.mount 1508 etc/rcS.d/S10cvc 1509 etc/rcS.d/S28network.sh 1510 etc/rcS.d/S29nodename.sh 1511 etc/rcS.d/S30rootusr.sh 1512 etc/rcS.d/S33keymap.sh 1513 etc/rcS.d/S35svm.init 1514 etc/rcS.d/S40standardmounts.sh 1515 etc/rcS.d/S42coreadm 1516 etc/rcS.d/S45initboot 1517 etc/rcS.d/S50devfsadm 1518 etc/rcS.d/S72cryptosvc 1519 etc/rcS.d/S95picld 1520 " 1521 1522 # Obsolete smf manifests 1523 smf_obsolete_manifests=" 1524 var/svc/manifest/application/print/cleanup.xml 1525 var/svc/manifest/network/tftp.xml 1526 var/svc/manifest/network/lp.xml 1527 var/svc/manifest/system/filesystem/volfs.xml 1528 var/svc/manifest/network/pfil.xml 1529 var/svc/manifest/platform/sun4u/mpxio-upgrade.xml 1530 var/svc/manifest/network/tname.xml 1531 var/svc/manifest/network/aggregation.xml 1532 var/svc/manifest/network/datalink.xml 1533 var/svc/manifest/network/datalink-init.xml 1534 var/svc/manifest/network/iscsi_initiator.xml 1535 var/svc/manifest/network/fcoe_config.xml 1536 var/svc/manifest/network/rpc/ocfserv.xml 1537 " 1538 1539 # smf services whose manifests have been renamed 1540 smf_renamed_manifests=" 1541 var/svc/manifest/milestone/name-service.xml 1542 var/svc/manifest/system/filesystem/boot-archive.xml 1543 " 1544 1545 # Obsolete smf methods 1546 smf_obsolete_methods=" 1547 lib/svc/method/print-cleanup 1548 lib/svc/method/print-server 1549 lib/svc/method/svc-volfs 1550 lib/svc/method/pfil 1551 lib/svc/method/aggregation 1552 lib/svc/method/datalink 1553 lib/svc/method/datalink-init 1554 lib/svc/method/svc-kdc 1555 lib/svc/method/svc-kdc.master 1556 lib/svc/method/svc-kdc.slave 1557 lib/svc/share/krb_include.sh 1558 lib/svc/method/iscsid 1559 lib/svc/method/fcoeconfig 1560 " 1561 1562 smf_cleanup () { 1563 ( 1564 cd $root; 1565 print "Removing obsolete rc.d scripts ... \c" 1566 rm -f $smf_obsolete_rc_files 1567 print "done." 1568 ) 1569 } 1570 1571 smf_new_profiles () { 1572 [[ "$bfu_isa" = "sparc" ]] || return 0 1573 1574 [[ -x /tmp/bfubin/svccfg ]] || return 0 1575 1576 print "Clearing platform profile hash ..." 1577 1578 # platform_SUNW,Sun-Fire.xml (and other new and 1579 # corrected platforms) were delivered in Build 68. 1580 if [ ! -f \ 1581 $rootprefix/var/svc/profile/platform_SUNW,Sun-Fire.xml \ 1582 ]; then 1583 for pfx in " " "v"; do 1584 for plname in \ 1585 none \ 1586 SUNW_Sun_Fire_880 \ 1587 SUNW_Sun_Fire_V890 \ 1588 SUNW_Sun_Fire_15000 \ 1589 SUNW_UltraEnterprise_10000; do 1590 eval $BFUSVCCFG -f - <<EOF 1591 select smf/manifest 1592 delpg ${pfx}ar_svc_profile_platform_${plname}_xml 1593 exit 1594 EOF 1595 done 1596 done 1597 fi 1598 } 1599 1600 smf_handle_new_services () { 1601 # 1602 # Detect, prior to extraction the arrival of new, 1603 # default-enabled-in-profile services. If so, add a command 1604 # such that they are enabled. 1605 # 1606 if [ ! -f $rootprefix/var/svc/profile/system/sac.xml ]; then 1607 echo /usr/sbin/svcadm enable system/sac >> \ 1608 $rootprefix/var/svc/profile/upgrade 1609 fi 1610 if [[ $zone = global && 1611 ! -f $rootprefix/var/svc/manifest/system/intrd.xml ]]; then 1612 echo /usr/sbin/svcadm enable system/intrd >> \ 1613 $rootprefix/var/svc/profile/upgrade 1614 fi 1615 if [[ $zone = global && 1616 ! -f $rootprefix/var/svc/manifest/system/scheduler.xml ]]; then 1617 echo /usr/sbin/svcadm enable system/scheduler >> \ 1618 $rootprefix/var/svc/profile/upgrade 1619 fi 1620 if [[ $zone = global && 1621 ! -f $rootprefix/var/svc/manifest/system/hal.xml ]]; then 1622 echo /usr/sbin/svcadm enable system/hal >> \ 1623 $rootprefix/var/svc/profile/upgrade 1624 fi 1625 if [[ $zone = global && 1626 ! -f $rootprefix/var/svc/manifest/system/filesystem/rmvolmgr.xml ]]; then 1627 echo /usr/sbin/svcadm enable system/filesystem/rmvolmgr >> \ 1628 $rootprefix/var/svc/profile/upgrade 1629 fi 1630 if [[ $zone = global && 1631 ! -f $rootprefix/var/svc/manifest/network/ipsec/manual-key.xml && 1632 -f $rootprefix/etc/inet/secret/ipseckeys ]]; then 1633 smf_enable svc:/network/ipsec/manual-key:default 1634 fi 1635 if [[ $zone = global && 1636 ! -f $rootprefix/var/svc/manifest/network/ipsec/ike.xml && 1637 -f $rootprefix/etc/inet/ike/config ]]; then 1638 smf_enable svc:/network/ipsec/ike:default 1639 fi 1640 if [[ $zone = global && 1641 ! -f $rootprefix/var/svc/manifest/system/pools.xml && 1642 -f $rootprefix/etc/pooladm.conf ]]; then 1643 smf_enable svc:/system/pools:default 1644 fi 1645 if [[ $zone = global && $karch = sun4v && 1646 ! -f $rootprefix/var/svc/manifest/platforms/sun4v/ldoms-agents.xml ]]; then 1647 smf_enable svc:/ldoms/agents:default 1648 fi 1649 } 1650 1651 smf_copy_manifest() { 1652 mfstbase=`basename $1` 1653 mymfs=$rootprefix/var/svc/manifest/$2/$mfstbase 1654 if [[ ! -f $mymfs ]] || ! cmp -s $manifest_src/$1 $mymfs ; then 1655 cp $manifest_src/$1 $mymfs || 1656 echo "bfu: could not copy $manifest_src/$1" 1657 fi 1658 } 1659 1660 smf_copy_method() { 1661 cp $manifest_src/$1 $rootprefix/lib/svc/method || 1662 echo "bfu: could not copy $manifest_src/$1" 1663 } 1664 1665 smf_cleanup_initd() { 1666 rm -f $rootprefix/etc/rc?.d/[SK]??$1 1667 } 1668 1669 smf_delete_manifest() { 1670 ( 1671 mfst=$1 1672 cd $root 1673 [[ -f $mfst ]] || return; 1674 if [ -r /etc/svc/volatile/repository_door ]; then 1675 ENTITIES=`eval $BFUSVCCFG inventory $mfst` 1676 for fmri in $ENTITIES; do 1677 if [[ -n $root && $root != "/" ]]; then 1678 SVCCFG_REPOSITORY=$root/etc/svc/repository.db 1679 export SVCCFG_REPOSITORY 1680 fi 1681 eval $BFUSVCCFG delete -f $fmri >/dev/null 2>&1 1682 if [[ -n $root && $root != "/" ]]; then 1683 unset SVCCFG_REPOSITORY 1684 fi 1685 done 1686 fi 1687 rm $mfst 1688 ) 1689 } 1690 1691 smf_delete_methods() { 1692 ( 1693 cd $root; 1694 rm -f $smf_obsolete_methods 1695 ) 1696 } 1697 1698 smf_delete_renamed_manifests() { 1699 ( 1700 cd $root; 1701 rm -f $smf_renamed_manifests 1702 ) 1703 } 1704 1705 smf_cleanup_dlmgmtd() { 1706 ( 1707 # 1708 # Delete the service instance, then refresh all its dependents in the 1709 # cases of alternative root and zones. 1710 # 1711 smf_delete_manifest "var/svc/manifest/network/dlmgmt.xml" 1712 1713 if [[ -n $root && $root != "/" ]]; then 1714 export SVCCFG_REPOSITORY=$root/etc/svc/repository.db 1715 eval $BFUSVCCFG -s svc:/network/physical:nwam refresh 1716 eval $BFUSVCCFG -s svc:/network/physical:default refresh 1717 eval $BFUSVCCFG -s svc:/system/device/local:default refresh 1718 unset SVCCFG_REPOSITORY 1719 fi 1720 cd $root 1721 rm -f lib/svc/method/svc-dlmgmtd 1722 rm -f etc/.dlmgmt_door 1723 rm -f sbin/dlmgmtd 1724 ) 1725 } 1726 1727 smf_cleanup_vt() { 1728 ( 1729 smf_delete_manifest var/src/manifest/system/vtdaemon.xml 1730 cd $root 1731 rm -f lib/svc/method/vtdaemon 1732 1733 vt_conslogin_instances=`/tmp/bfubin/svcs -o FMRI | \ 1734 grep console-login:vt` 1735 for i in $vt_conslogin_instances; do 1736 eval $BFUSVCCFG delete -f $i 1737 done 1738 ) 1739 } 1740 1741 smf_cleanup_boomer() { 1742 ( 1743 smf_delete_manifest var/src/manifest/system/devices-audio.xml 1744 cd $root 1745 rm -f lib/svc/method/devices-audio 1746 1747 /tmp/bfubin/svccfg delete -f svc:/system/device/audio 1748 ) 1749 } 1750 1751 old_mfst_dir="var/svc/manifest.orig" 1752 new_mfst_dir="var/svc/manifest" 1753 1754 smf_enable() { 1755 echo "svcadm enable $*" >> $rootprefix/var/svc/profile/upgrade 1756 } 1757 1758 smf_check_repository() { 1759 repository=etc/svc/repository.db 1760 [[ -f $rootprefix/$repository ]] || return 1761 1762 print -n "$rootprefix/$repository: " >&2 1763 1764 sqlite="${SQLITEBIN-$GATE/public/bin/$bfu_isa/sqlite}" 1765 [[ -x $sqlite ]] || sqlite=/lib/svc/bin/sqlite 1766 if [[ ! -x $sqlite ]]; then 1767 echo "no sqlite binary: skipped integrity check" >&2 1768 return 1769 fi 1770 1771 rm -f /tmp/bfurepo.db; 1772 cp $rootprefix/$repository /tmp/bfurepo.db 1773 bad_errors=`echo "PRAGMA integrity_check;" | 1774 $sqlite /tmp/bfurepo.db 2>&1 | grep -v '^ok$'` 1775 if [[ $? -eq 0 ]]; then 1776 echo "integrity check failed:" >&2 1777 echo "$bad_errors" >&2 1778 echo >&2 1779 if [[ $force_override = no ]]; then 1780 cat >&2 <<EOF 1781 Reseed the repository (see http://greenline.eng/quickstart.shtml#newrep) 1782 before BFUing (or use the -f flag to force BFU to continue). Re-seeding 1783 will lose all smf(5) customizations. 1784 EOF 1785 echo >&2 1786 exit 2; 1787 else 1788 echo "driving on anyway" >&2 1789 fi 1790 else 1791 echo "passed integrity check" >&2; 1792 fi 1793 } 1794 1795 smf_bkbfu_warning() { 1796 print "" 1797 print "*************************************************************" 1798 print " WARNING: BFU'ing $1 backwards across 5090532." 1799 print " Fixes have been made but the services cannot be refreshed" 1800 print " on the $1's inactive repository. Next boot for the" 1801 print " $1 will probably result in maintenance mode due to" 1802 print " dependency cycles. If so, at the $1's console, run:" 1803 print "" 1804 print " /usr/sbin/svcadm refresh system/sysidtool:system" 1805 print " /usr/sbin/svcadm refresh system/sysidtool:net" 1806 print " /usr/sbin/svcadm clear milestone/single-user" 1807 print " /usr/sbin/svcadm clear system/sysidtool:system" 1808 print " /usr/sbin/svcadm clear system/sysidtool:net" 1809 print "" 1810 print " to resolve." 1811 print " To avoid these problems, reseed the zone's repository." 1812 print " See http://greenline.eng/quickstart.shtml#newrep ." 1813 print " Note: Re-seeding will lose all smf(5) customization." 1814 print "*************************************************************" 1815 print "" 1816 } 1817 1818 smf_is_sysconfig() { 1819 # 1820 # Return success if going to post-5090532, i.e. post-sysconfig bits 1821 # 1822 # By now, we're going to post-smf bits - so multi-user.xml must 1823 # exist (since it was introduced by first SMF putback). 1824 # 1825 # Function return status is return status of last command executed. 1826 # So, no need to check return status from grep below. 1827 1828 grep sysconfig $rootprefix/var/svc/manifest/milestone/multi-user.xml \ 1829 >/dev/null 2>&1 1830 } 1831 1832 smf_bkbfu_past_sysconfig() { 1833 # 1834 # Check if bfu'ing back from post-5090532 to pre-5090532 bits. 1835 # 1836 if [[ -f $rootprefix/var/svc/manifest/milestone/sysconfig.xml ]] && 1837 ! smf_is_sysconfig ; then 1838 return 0 1839 fi 1840 return 1 1841 } 1842 1843 smf_bkbfu_repair_sysconfig() { 1844 # 1845 # Perform the necessary corrections when bfu'ing backwards 1846 # from post-5090532 to pre-5090532 bits. 1847 # 1848 # Get the pre-5090532 non-ON manifests, and issue minimal fixes 1849 # to the repository, to enable re-boot. 1850 # 1851 smf_copy_manifest pre-5090532/sysidtool.xml system 1852 if [[ $zone = global && $karch = i86pc ]]; then 1853 smf_copy_manifest pre-5090532/kdmconfig.xml platform/i86pc 1854 fi 1855 # 1856 # Now, remove sysidtool:{system, net}'s dependency on 1857 # single-user and filesystem-local. 1858 # 1859 # If $rootprefix is not empty, this could be the global zone, 1860 # with an alternate root BFU, or a non-global zone. For either 1861 # case, the repository to be updated is not the live one: use 1862 # SVCCFG_REPOSITORY to point to the repository to be updated. 1863 # 1864 # Note that in the alternate-root case, doing this seems better 1865 # than forcing the user to re-seed, or to dis-allow it. The 1866 # issue of svccfg and the repository not matching seems remote, 1867 # given that from initial SMF integration (on10_64) to on10_74, 1868 # there was no mismatch. In the remote possibility that there is a 1869 # mis-match (in the future) causing these calls to be suspect, 1870 # the user is already being advised, via the warning message, to 1871 # reseed the repository in case of trouble. If a mis-match is ever 1872 # introduced, code such as this would have to be fixed, so this 1873 # aspect of the warning is useful only during the interim period. 1874 # 1875 # NOTE that this is not an issue for non-global zones' 1876 # repositories - they couldn't be out-of-sync with 1877 # /tmp/bfubin/svccfg. 1878 # 1879 if [[ -n $rootprefix ]]; then 1880 export SVCCFG_REPOSITORY=$rootprefix/etc/svc/repository.db 1881 if [[ $zone = global ]]; then 1882 smf_bkbfu_warning "alternate root" 1883 else 1884 smf_bkbfu_warning "zone" 1885 fi 1886 fi 1887 # 1888 # Using the newer "-s" option to svccfg in the following is OK 1889 # since its introduction preceded 5090532 (and this routine wouldn't 1890 # be called unless the machine is running post-5090532 bits). 1891 # 1892 eval $BFUSVCCFG -s system/sysidtool:net delpg single-user 1893 eval $BFUSVCCFG -s system/sysidtool:system delpg single-user 1894 eval $BFUSVCCFG -s system/sysidtool:net delpg filesystem_local 1895 eval $BFUSVCCFG -s system/sysidtool:system delpg filesystem_local 1896 1897 # 1898 # On a live system, issue the refresh; For alternate root or non-global 1899 # zone, the user was asked to issue the refreshes and "clear"s in the 1900 # message above after a post-bfu reboot. 1901 # 1902 if [[ -z $rootprefix ]]; then 1903 /tmp/bfubin/svcadm refresh system/sysidtool:system \ 1904 system/sysidtool:net 1905 fi 1906 1907 # 1908 # Now, reset SVCCFG_REPOSITORY, if it was set 1909 # 1910 [[ -n $rootprefix ]] && unset SVCCFG_REPOSITORY 1911 1912 # 1913 # Remove the sysconfig.xml manifest when going back. So backward 1914 # bfu check continues to work, and all manifests are correct. 1915 # 1916 cat >> $rootprefix/var/svc/profile/upgrade <<-EOF 1917 rm -f /var/svc/manifest/milestone/sysconfig.xml 1918 EOF 1919 } 1920 1921 # 1922 # Return true if $file exists in $archive. $file may also be a pattern. 1923 # 1924 archive_file_exists() 1925 { 1926 archive=$1 1927 file=$2 1928 1929 $ZCAT $cpiodir/${archive}${ZFIX} | cpio -it 2>/dev/null | \ 1930 egrep -s "$file" 1931 } 1932 1933 # 1934 # extract one or more files from an archive into a temporary directory 1935 # provided by the caller. The caller is responsible for checking to 1936 # to see whether the desired file or files were extracted 1937 # 1938 # $1 - archive 1939 # $2 - temporary dir 1940 # remaining args: file(s) to be extracted. 1941 # 1942 archive_file_peek() { 1943 compressed_archive=`pwd`/$1 1944 tdir=$2 1945 shift 1946 shift 1947 if [ ! -d $tdir ] ; then 1948 return 1949 fi 1950 (cd $tdir; $ZCAT $compressed_archive | cpio -idmucB $* 2>&1 ) 1951 } 1952 1953 # 1954 # If we're no longer delivering the eeprom service, remove it from the system, 1955 # as eeprom -I is removed as well. 1956 # 1957 smf_fix_i86pc_profile () { 1958 mfst="var/svc/manifest/platform/i86pc/eeprom.xml" 1959 profile="var/svc/profile/platform_i86pc.xml" 1960 1961 if [ ! "$karch" = "i86pc" ]; then 1962 return 1963 fi 1964 1965 if ! archive_file_exists generic.root "^$profile"; then 1966 rm -f $rootprefix/$profile 1967 rm -f $rootprefix/var/svc/profile/platform.xml 1968 fi 1969 1970 if [ ! -f $rootprefix/$mfst ]; then 1971 return 1972 fi 1973 1974 if archive_file_exists generic.root "^$mfst"; then 1975 return 1976 fi 1977 1978 rm -f $rootprefix/$mfst 1979 1980 # 1981 # we must disable via svccfg directly, as manifest-import runs after 1982 # this service tries to run 1983 # 1984 [[ -n "$rootprefix" ]] && 1985 export SVCCFG_REPOSITORY=$rootprefix/etc/svc/repository.db 1986 eval $BFUSVCCFG delete -f platform/i86pc/eeprom 1987 [[ -n "$rootprefix" ]] && unset SVCCFG_REPOSITORY 1988 } 1989 1990 # 1991 # If the new system doesn't support the templates DTD extensions 1992 # (due to backwards bfu), the global.xml manifest should be deleted. 1993 # 1994 smf_bkbfu_templates() { 1995 mfst="var/svc/manifest/system/svc/global.xml" 1996 1997 grep "pg_pattern" \ 1998 $rootprefix/usr/share/lib/xml/dtd/service_bundle.dtd.1> \ 1999 /dev/null 2>&1 2000 if [ $? -eq 1 ]; then 2001 rm -f $rootprefix/$mfst 2002 fi 2003 2004 } 2005 2006 smf_apply_conf () { 2007 # 2008 # Go thru the original manifests and move any that were unchanged 2009 # (or are not system-provided) back to their proper location. This 2010 # will avoid superfluous re-import on reboot, as the inode and mtime 2011 # are both part of the hash. 2012 # 2013 if [ -d $rootprefix/$old_mfst_dir ]; then 2014 for f in `cd $rootprefix/$old_mfst_dir ; find . -type f` 2015 do 2016 old=$rootprefix/$old_mfst_dir/$f 2017 new=$rootprefix/$new_mfst_dir/$f 2018 if [ ! -f $new ]; then 2019 mkdir -m 0755 -p `dirname $new` 2020 mv $old $new 2021 continue 2022 fi 2023 cmp -s $old $new && mv $old $new 2024 done 2025 rm -rf $rootprefix/$old_mfst_dir 2026 fi 2027 2028 if [ -f $rootprefix/etc/init.d/inetd ]; then 2029 # 2030 # BFUing to non-SMF system -- undo our previous changes, 2031 # run an old hack, and skip the remainder of this function. 2032 # 2033 smf_inetd_reenable 2034 smf_tftp_reinstall 2035 2036 # Update inetd.conf only if we find rpc.metad file. 2037 [ -f $usr/sbin/rpc.metad ] && 2038 inetd_conf_svm_hack 2039 2040 return 2041 fi 2042 2043 # 2044 # At this point, the archive in question is a SMF version. If 2045 # the smf(5) repository does not yet exist, create it by copying 2046 # the appropriate seed repository. Since updating of non-global 2047 # zones only occurs when the live system is bfu'ed, the 2048 # appropriate seed is guaranteed to exist under the /lib 2049 # directory. 2050 # 2051 repository=$rootprefix/etc/svc/repository.db 2052 if [ ! -f $repository ]; then 2053 print "Initializing service configuration repository ..." 2054 if [ $zone = global ]; then 2055 cp $rootprefix/lib/svc/seed/global.db $repository 2056 else 2057 cp /lib/svc/seed/nonglobal.db $repository 2058 fi 2059 chmod 0600 $repository 2060 chown root:sys $repository 2061 fi 2062 2063 print "Removing obsolete smf services ..." 2064 for f in $smf_obsolete_manifests; do 2065 smf_delete_manifest $f 2066 done 2067 smf_delete_methods 2068 smf_delete_renamed_manifests 2069 2070 if [[ $dlmgmtd_status = cleanup ]]; then 2071 smf_cleanup_dlmgmtd 2072 fi 2073 2074 # 2075 # When doing backwards BFU, if the target does not contain 2076 # vtdaemon manifest, delete it and delete all the additional 2077 # console-login service instances which were used to provide 2078 # additional console sessions. 2079 # 2080 if ((! $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | \ 2081 grep vtdaemon.xml > /dev/null 2>&1) && [ $zone = global ]); then 2082 smf_cleanup_vt 2083 fi 2084 2085 # 2086 # Remove the Boomer audio service when BFUing to legacy audio bits 2087 # 2088 if ! check_boomer_bfu && [ $zone = global ]; then 2089 smf_cleanup_boomer 2090 fi 2091 2092 print "Disabling unneeded inetd.conf entries ..." 2093 smf_inetd_disable 2094 smf_tftp_reinstall 2095 2096 print "Connecting platform and name service profiles ..." 2097 2098 rm -f $rootprefix/var/svc/profile/name_service.xml 2099 2100 grep ldap $rootprefix/etc/nsswitch.conf >/dev/null 2>&1 2101 is_ldap=$? 2102 grep nis $rootprefix/etc/nsswitch.conf >/dev/null 2>&1 2103 is_nis=$? 2104 2105 if [ $is_ldap = 0 ]; then 2106 ns_profile=ns_ldap.xml 2107 elif [ $is_nis = 0 ]; then 2108 ns_profile=ns_nis.xml 2109 else 2110 ns_profile=ns_files.xml 2111 fi 2112 2113 ln -s $ns_profile $rootprefix/var/svc/profile/name_service.xml 2114 2115 rm -f $rootprefix/var/svc/profile/inetd_services.xml 2116 ln -s inetd_upgrade.xml $rootprefix/var/svc/profile/inetd_services.xml 2117 2118 print "Marking converted services as enabled ..." 2119 2120 [ -f $rootprefix/etc/resolv.conf ] && smf_enable network/dns/client 2121 [ -f $rootprefix/etc/inet/dhcpsvc.conf ] && \ 2122 smf_enable network/dhcp-server 2123 2124 # Not concerned about enabling/disabling rcap but will migrate 2125 # configuration parameters if rcap.conf exists 2126 # 2127 if [ -f $rootprefix/etc/rcap.conf ]; then 2128 migrate_rcap_conf 2129 fi 2130 2131 migrate_acctadm_conf 2132 2133 if [ $zone = global ]; then 2134 if [ -f $rootprefix/etc/dfs/dfstab ] && 2135 grep '^[ ]*[^# ]' $rootprefix/etc/dfs/dfstab \ 2136 > /dev/null; then 2137 smf_enable network/nfs/server 2138 fi 2139 else 2140 echo "/usr/sbin/svcadm disable network/nfs/server" >> \ 2141 $rootprefix/var/svc/profile/upgrade 2142 fi 2143 2144 [ -f $rootprefix/etc/inet/ntp.conf ] && smf_enable network/ntp 2145 2146 2147 domainname=`cat $rootprefix/etc/defaultdomain 2>/dev/null` 2148 if [ ! -z "$domainname" -a -d $rootprefix/var/yp/$domainname ]; then 2149 smf_enable network/nis/server 2150 2151 # Determining whether we're a NIS master requires 2152 # looking through the maps. 2153 cat >>$rootprefix/var/svc/profile/upgrade <<\_EOF 2154 # Determine whether we are a YP master. 2155 domain=`/usr/bin/domainname` 2156 hostname=`uname -n | cut -d. -f1 | tr '[A-Z]' '[a-z]'` 2157 2158 if [ -x /usr/sbin/makedbm ]; then 2159 if [ -f /var/yp/NISLDAPmapping ]; then 2160 master=`/usr/sbin/makedbm -u /var/yp/\$domain/LDAP_passwd.byname | grep YP_MASTER_NAME | nawk '{ print $2 }'` 2161 else 2162 master=`/usr/sbin/makedbm -u /var/yp/\$domain/passwd.byname | grep YP_MASTER_NAME | nawk '{ print $2 }'` 2163 fi 2164 fi 2165 2166 # If we are the master server, enable appropriate services. 2167 if [ "$master" = "$hostname" -a "$YP_SERVER" = "TRUE" ]; then 2168 /usr/sbin/svcadm enable network/nis/xfr 2169 /usr/sbin/svcadm enable network/nis/passwd 2170 2171 if [ ! -f /var/yp/NISLDAPmapping ]; then 2172 [ -f /var/yp/updaters ] && \ 2173 /usr/svc/svcadm enable network/nis/update 2174 fi 2175 fi 2176 _EOF 2177 fi 2178 2179 # Check if mddbs don't exist on the image. If so, disable SVM services. 2180 MDDB_STATUS=1 2181 if [ -f $rootprefix/kernel/drv/md.conf ]; then 2182 sed -e 's/#.*$//' $rootprefix/kernel/drv/md.conf | \ 2183 egrep '^[ ]*mddb_bootlist' >/dev/null 2>&1 2184 MDDB_STATUS=$? 2185 fi 2186 2187 if [ $MDDB_STATUS -ne 0 ]; then 2188 for svc in metainit mdmonitor; do 2189 echo "/usr/sbin/svcadm disable system/$svc:default" >> \ 2190 $rootprefix/var/svc/profile/upgrade 2191 done 2192 2193 for svc in meta mdcomm metamed metamh; do 2194 echo "/usr/sbin/svcadm disable network/rpc/$svc:default" \ 2195 >> $rootprefix/var/svc/profile/upgrade 2196 done 2197 fi 2198 2199 # Workaround inetd's handling of "tcp6/udp6" when no IPv6 interfaces 2200 # are configured. 2201 for svc in meta mdcomm metamed metamh; do 2202 echo "/usr/sbin/inetadm -m network/rpc/$svc:default proto=tcp" \ 2203 ">/dev/null 2>&1" >> $rootprefix/var/svc/profile/upgrade 2204 done 2205 2206 manifest_src=${MANIFEST_SRC-$GATE/public/smf} 2207 [[ -d $manifest_src ]] || 2208 manifest_src=${GATE}/public/smf 2209 [[ -d $manifest_src ]] || manifest_src=/net/greenline.eng/meta0/smf 2210 2211 if smf_bkbfu_past_sysconfig ; then 2212 echo "BFU'ing backwards across 5090532! Now repairing..." 2213 smf_bkbfu_repair_sysconfig 2214 fi 2215 2216 # 2217 # If bfu'ing milestone/sysconfig bits or onwards, update the 2218 # corresponding non-ON manifests - sysidtool and kdmconfig. 2219 # 2220 sysidmfst=$rootprefix/var/svc/manifest/system/sysidtool.xml 2221 kdmmfst=$rootprefix/var/svc/manifest/platform/i86pc/kdmconfig.xml 2222 if smf_is_sysconfig ; then 2223 if [[ ! -f $sysidmfst ]]; then 2224 # 2225 # if WOS build on machine is pre-greenline, and 2226 # we're bfu'ing to the sysconfig bits. 2227 # 2228 smf_copy_manifest post-5090532/sysidtool.xml system 2229 if [[ $zone = global ]]; then 2230 smf_copy_method sysidtool-net 2231 smf_copy_method sysidtool-system 2232 fi 2233 echo "Converted system/sysidtool (post-5090532)" 2234 else 2235 # 2236 # If sysidtool.xml already exists, update it 2237 # if necessary. Future updates of sysidtool.xml 2238 # must occur in the dir: $manifest_src/post-5090532 2239 # 2240 smf_copy_manifest post-5090532/sysidtool.xml system 2241 fi 2242 if [[ $zone = global && $karch = i86pc ]]; then 2243 if [[ ! -f $kdmmfst ]]; then 2244 # 2245 # if WOS build on machine is pre-greenline, and 2246 # we're bfu'ing to the sysconfig bits. 2247 # 2248 smf_copy_manifest post-5090532/kdmconfig.xml \ 2249 platform/i86pc 2250 smf_copy_method svc-kdmconfig 2251 smf_cleanup_initd kdmconfig 2252 echo "Converted platform/i86pc/kdmconfig" 2253 echo "(post-5090532)" 2254 else 2255 # 2256 # If kdmconfig.xml already exists, update 2257 # it if necessary. Future updates of 2258 # kdmconfig.xml must occur in the dir: 2259 # $manifest_src/post-5090532 2260 # 2261 smf_copy_manifest post-5090532/kdmconfig.xml \ 2262 platform/i86pc 2263 fi 2264 fi 2265 else 2266 if [[ ! -f $sysidmfst ]]; then 2267 smf_copy_manifest pre-5090532/sysidtool.xml system 2268 if [[ $zone = global ]]; then 2269 smf_copy_method sysidtool-net 2270 smf_copy_method sysidtool-system 2271 fi 2272 echo "Converted system/sysidtool" 2273 fi 2274 if [[ $zone = global && $karch = i86pc && ! -f $kdmmfst ]]; 2275 then 2276 smf_copy_manifest pre-5090532/kdmconfig.xml \ 2277 platform/i86pc 2278 smf_copy_method svc-kdmconfig 2279 smf_cleanup_initd kdmconfig 2280 echo "Converted platform/i86pc/kdmconfig" 2281 fi 2282 fi 2283 2284 # If we've still got the old dtlogin manifest delivered by earlier 2285 # versions of bfu, delete it, as it was broken and should have 2286 # never been delivered. A new version delivered by the CDE 2287 # consolidation should be left alone. 2288 if [[ -f $rootprefix/var/svc/manifest/application/dtlogin.xml && 2289 `grep -c GLXXX \ 2290 $rootprefix/var/svc/manifest/application/dtlogin.xml` -gt 0 && 2291 -x /tmp/bfubin/svccfg ]]; then 2292 2293 # Delete the obsolete manifest. 2294 rm -f $rootprefix/var/svc/manifest/application/dtlogin.xml 2295 2296 # Delete the service from repository, then use dtconfig -e to 2297 # revert to whatever the WOS bits are using if dtlogin was 2298 # enabled. 2299 cat >> $rootprefix/var/svc/profile/upgrade <<-EOFA 2300 if /usr/bin/svcprop -q application/cde-login; then 2301 if [ \`/usr/bin/svcprop -p general/enabled \ 2302 application/cde-login:default\` = "true" ]; then 2303 do_dtconfig=1; 2304 else 2305 do_dtconfig=0; 2306 fi 2307 2308 /usr/sbin/svccfg delete -f application/cde-login 2309 type instance_refresh 2>&1 > /dev/null 2310 if [ \$? = 0 ]; then 2311 instance_refresh system/console-login 2312 else 2313 /usr/sbin/svcadm refresh system/console-login 2314 fi 2315 2316 if [ \$do_dtconfig -eq 1 -a -x /usr/dt/bin/dtconfig ]; then 2317 /usr/dt/bin/dtconfig -e 2318 fi 2319 fi 2320 EOFA 2321 fi 2322 2323 2324 # Enable the inetd-upgrade service to convert any changes to inetd.conf 2325 smf_enable network/inetd-upgrade 2326 2327 # If global zone, and bfu'ing from smf, and the inetd-upgrade 2328 # service has an obsolete dependency, then add a clear of inetd 2329 # and inetd-upgrade to the upgrade file as either may drop into 2330 # maintenance due to a dependency loop resulting from the new 2331 # inetd manifest 2332 if [[ $zone = global && -x /tmp/bfubin/svccfg ]]; then 2333 /tmp/bfubin/svcprop -q -p network/entities network/inetd-upgrade 2334 if [[ $? = 0 ]]; then 2335 echo "/usr/sbin/svcadm clear network/inetd" >> \ 2336 $rootprefix/var/svc/profile/upgrade 2337 echo "/usr/sbin/svcadm clear network/inetd-upgrade" >> \ 2338 $rootprefix/var/svc/profile/upgrade 2339 fi 2340 fi 2341 2342 # 2343 # Import the name-service-cache service. This is to get the service 2344 # (with correct dependencies) in the repository before reboot. 2345 # 2346 smf_import_service system/name-service-cache.xml 2347 2348 # 2349 # Import the datalink-management service. 2350 # 2351 smf_import_service network/dlmgmt.xml \ 2352 svc:/network/datalink-management:default 2353 2354 # 2355 # Import the ldap/client service. This is to get the service 2356 # (with correct dependencies) in the repository before reboot. 2357 # 2358 smf_import_service network/ldap/client.xml 2359 2360 # Enable new NFS status and nlockmgr services if client is enabled 2361 cat >> $rootprefix/var/svc/profile/upgrade <<-EOF 2362 cl="svc:/network/nfs/client:default" 2363 if [ \`/usr/bin/svcprop -p general/enabled \$cl\` = "true" ]; then 2364 /usr/sbin/svcadm enable svc:/network/nfs/status:default 2365 /usr/sbin/svcadm enable svc:/network/nfs/nlockmgr:default 2366 fi 2367 2368 EOF 2369 2370 kpmani="$rootprefix/var/svc/manifest/network/security/krb5_prop.xml" 2371 if grep svc-kdc.slave $kpmani > /dev/null 2>&1; then 2372 cat >> $rootprefix/var/svc/profile/upgrade <<EOF 2373 # We are deleting and reimporting kpropd's manifest, because we 2374 # need to change the restarter. 2375 kpfmri="svc:/network/security/krb5_prop" 2376 kkfmri="svc:/network/security/krb5kdc:default" 2377 lkpmani="/var/svc/manifest/network/security/krb5_prop.xml" 2378 restarter=\`svcprop -c -p general/restarter \$kpfmri 2>&1\` 2379 case \$restarter in 2380 *network/inetd:default) 2381 kken=\`svcprop -c -p general/enabled \$kkfmri\` 2382 eval $BFUSVCCFG delete -f \$kpfmri 2383 eval $BFUSVCCFG import \$lkpmani 2384 # Enable kpropd if krb5kdc is enabled, since 2385 # krb5kdc would have run kpropd 2386 if [ \$kken = "true" ]; then 2387 svcadm enable \$kpfmri 2388 fi 2389 ;; 2390 esac 2391 EOF 2392 fi 2393 2394 # Enable print server if there are local queues 2395 queues=`echo $rootprefix/etc/lp/printers/*/configuration` 2396 if [ "$queues" != "$rootprefix/etc/lp/printers/*/configuration" ]; then 2397 smf_enable application/print/server 2398 fi 2399 2400 # Enable rarpd and bootparamd if they would have been running pre-SMF 2401 if [ -d $rootprefix/tftpboot ] || [ -d $rootprefix/rplboot ]; then 2402 smf_enable network/rarp 2403 smf_enable network/rpc/bootparams 2404 fi 2405 2406 touch $rootprefix/var/svc/profile/.upgrade_prophist 2407 2408 cat >> $rootprefix/var/svc/profile/upgrade <<EOF 2409 # We are deleting and reimporting dcs's manifest, because we 2410 # need to change the restarter. 2411 dcsfmri="svc:/platform/sun4u/dcs:default" 2412 dcsmani="/var/svc/manifest/platform/sun4u/dcs.xml" 2413 restarter=\`svcprop -c -p general/restarter \$dcsfmri 2>&1\` 2414 case \$restarter in 2415 *network/inetd:default) 2416 en=\`svcprop -c -p general/enabled \$dcsfmri\` 2417 eval $BFUSVCCFG delete -f \$dcsfmri 2418 eval $BFUSVCCFG import \$dcsmani 2419 if [ \$en = "true" ]; then 2420 svcadm enable \$dcsfmri 2421 fi 2422 ;; 2423 esac 2424 EOF 2425 2426 smf_fix_i86pc_profile 2427 2428 smf_bkbfu_templates 2429 } 2430 2431 tx_check_update() { 2432 # 2433 # If a lbl_edition file is found it's a likely sign that old unbundled 2434 # Trusted Extensions packages are installed and TX is active. Update 2435 # etc/system if needed, to complete enabling of the bundled TX. 2436 # 2437 LMOD1=$rootprefix/kernel/sys/lbl_edition 2438 LMOD2=$rootprefix/kernel/sys/amd64/lbl_edition 2439 LMOD3=$rootprefix/kernel/sys/sparcv9/lbl_edition 2440 2441 grep "^set sys_labeling=" $rootprefix/bfu.child/etc/system > \ 2442 /dev/null 2>&1 2443 if [ $? -eq 0 ]; then 2444 return 2445 fi 2446 2447 if [ -f $LMOD1 -o -f $LMOD2 -o -f $LMOD3 ]; then 2448 echo "set sys_labeling=1" >> $rootprefix/bfu.child/etc/system 2449 if [ $? -ne 0 ]; then 2450 echo "cannot set sys_labeling in $rootprefix/bfu.child/etc/system" 2451 return 2452 fi 2453 2454 rm -f $LMOD1 $LMOD2 $LMOD3 2455 fi 2456 } 2457 2458 tx_check_bkbfu() { 2459 # 2460 # Emit a warning message if bfu'ing a Trusted Extensions-enabled system 2461 # backwards to pre TX-merge bits. In this case, unbundled packages must 2462 # be reinstalled to complete restoration of old TX bits. 2463 # 2464 bsmconv=$rootprefix/etc/security/bsmconv 2465 2466 # This check is only needed in global zone 2467 if [[ $zone != global ]]; then 2468 return 2469 fi 2470 2471 # No warning needed if TX is not currently enabled 2472 grep "^set sys_labeling=" $rootprefix/bfu.child/etc/system > \ 2473 /dev/null 2>&1 2474 if [ $? -ne 0 ]; then 2475 return 2476 fi 2477 2478 if [ ! -f $bsmconv ]; then 2479 return 2480 fi 2481 grep " -x /usr/bin/plabel " $bsmconv > /dev/null 2>&1 2482 if [ $? != 0 ]; then 2483 return 2484 fi 2485 2486 print "" 2487 print "*************************************************************" 2488 print " WARNING: BFU'ing TX backwards across 6533113." 2489 print " Must re-install unbundled TX packages to remain Trusted." 2490 print "*************************************************************" 2491 print "" 2492 } 2493 2494 # 2495 # The directboot putback moved the console property from 2496 # /boot/solaris/bootenv.rc to /boot/grub/menu.lst. It should be kept in both. 2497 # 2498 cleanup_eeprom_console() 2499 { 2500 bootenvrc="$root/boot/solaris/bootenv.rc" 2501 menu_console=`eeprom console 2>/dev/null | \ 2502 grep -v 'data not available' | cut -d= -f2-` 2503 bootenv_console=`grep '^setprop[ ]\{1,\}console\>' $bootenvrc` 2504 if [ -n "$menu_console" ] && [ -z "$bootenv_console" ]; then 2505 echo "setprop console '$menu_console'" >> $bootenvrc 2506 fi 2507 } 2508 2509 EXTRACT_LOG=/tmp/bfu-extract-log.$$ 2510 2511 rm -f $EXTRACT_LOG 2512 2513 extraction_error() { 2514 echo error $* >> $EXTRACT_LOG 2515 } 2516 2517 # 2518 # Make a local copy of bfu in /tmp and execute that instead. 2519 # This makes us immune to loss of networking and/or changes 2520 # to the original copy that might occur during execution. 2521 # 2522 cd . 2523 abspath=`[[ $0 = /* ]] && print $0 || print $PWD/$0` 2524 if [[ $abspath != /tmp/* ]]; then 2525 localpath=/tmp/bfu.$$ 2526 print "Copying $abspath to $localpath" 2527 cp $abspath $localpath 2528 chmod +x $localpath 2529 print "Executing $localpath $*\n" 2530 exec $localpath $* 2531 fi 2532 2533 export PATH=/usr/bin:/usr/sbin:/sbin 2534 2535 usage() { 2536 echo "Usage:" 2537 echo " bfu [-fh] <archive_dir> [root-dir]" 2538 echo "\tUpdate a single machine by loading archives on root-dir." 2539 echo "\troot-dir defaults to / (a live bfu).\n" 2540 echo " bfu -c [-fh] <archive_dir> <exec-dir>" 2541 echo "\tUpdate all diskless clients by loading archives on each client" 2542 echo "\tthat mounts exec-dir as /usr. <exec-dir> must start with" 2543 echo "\t/export/exec and each client's root must be in /export/root.\n" 2544 echo "\t-f force bfu to continue even if it doesn't seem safe" 2545 fail "\t-h|-help print this usage message and exit\n" 2546 } 2547 2548 diskless=no 2549 force_override=no 2550 while [ $# -gt 0 ]; do 2551 case $1 in 2552 -c) diskless=yes;; 2553 -f) force_override=yes;; 2554 -h|-help) usage;; 2555 *) break;; 2556 esac 2557 shift 2558 done 2559 2560 # Variables for x86 platforms 2561 boot_is_pcfs=no 2562 have_realmode=no 2563 is_pcfs_boot=no 2564 new_dladm=no 2565 2566 # Set when moving to either directboot or multiboot 2567 multi_or_direct=no 2568 2569 # 2570 # Shows which type of archives we have, which type of system we are 2571 # running on (before the bfu), and what the failsafe archives are 2572 # (again, before the bfu). failsafe_type is only needed on diskful 2573 # bfu's, so it's not set in the diskless case. 2574 # Possible values: unknown, dca, multiboot, directboot, xpv 2575 # 2576 archive_type=unknown 2577 system_type=unknown 2578 failsafe_type=unknown 2579 2580 test $# -ge 1 || usage 2581 2582 if [ -x /usr/bin/ppriv ]; then 2583 # We prefer to use ppriv, as it is a more accurate test, and also 2584 # has the benefit of preventing use from within a nonglobal zone. 2585 ppriv $$ | grep -w "E: all" > /dev/null 2>&1 || \ 2586 fail "bfu requires all privileges" 2587 else 2588 # Fall back to old id check if system does not yet have ppriv. 2589 uid=`id | nawk '{print $1}'` 2590 [ "$uid" = "uid=0(root)" ] || \ 2591 fail "You must be super-user to run this script." 2592 fi 2593 2594 bfu_isa=`uname -p` 2595 target_isa=$bfu_isa 2596 karch=`uname -m` 2597 plat=`uname -i` 2598 2599 cpiodir=$1 2600 2601 if [ "$cpiodir" = again ]; then 2602 cpiodir=`nawk '/^bfu.ed from / { print $3; exit }' /etc/motd` 2603 fi 2604 2605 [[ "$cpiodir" = */* ]] || cpiodir=$ARCHIVE/archives/$target_isa/$1 2606 2607 [[ "$cpiodir" = /* ]] || fail "archive-dir must be an absolute path" 2608 2609 cd $cpiodir 2610 case `echo generic.root*` in 2611 generic.root) ZFIX=""; ZCAT="cat";; 2612 generic.root.gz) ZFIX=".gz"; ZCAT="gzip -d -c";; 2613 generic.root.Z) ZFIX=".Z"; ZCAT="zcat";; 2614 *) fail "generic.root missing or in unknown compression format";; 2615 esac 2616 2617 # 2618 # Determine what kind of archives we're installing, using the following rules: 2619 # 2620 # 1. If i86xpv archives exist, the archives are xpv 2621 # 2. If strap.com is present, the archives are pre-multiboot 2622 # 3. If symdef is present, the archives are directboot 2623 # 4. Otherwise, the archives are multiboot 2624 # 2625 if [ $target_isa = i386 ]; then 2626 if [ -f $cpiodir/i86xpv.root$ZFIX ]; then 2627 archive_type=xpv 2628 multi_or_direct=yes 2629 elif [ -f $cpiodir/i86pc.boot$ZFIX ] && \ 2630 archive_file_exists i86pc.boot "strap.com"; then 2631 archive_type=dca 2632 elif [ -f $cpiodir/i86pc.root$ZFIX ] && \ 2633 archive_file_exists i86pc.boot symdef; then 2634 archive_type=directboot 2635 multi_or_direct=yes 2636 else 2637 archive_type=multiboot 2638 multi_or_direct=yes 2639 fi 2640 fi 2641 2642 if [ $diskless = no ]; then 2643 root=${2:-/} 2644 [[ "$root" = /* ]] || fail "root-dir must be an absolute path" 2645 usrroot=$root 2646 usr=${usrroot%/}/usr 2647 rootlist=$root 2648 2649 [[ -f $root/etc/system ]] || \ 2650 fail "$root/etc/system not found; nonglobal zone target not allowed" 2651 2652 rootfstype=`df -n $root | awk '{print $3}'` 2653 2654 if [ "$rootfstype" = "zfs" ]; then 2655 archive_has_zfs_root_support=no 2656 mkdir /tmp/zfschk.$$ 2657 archive_file_peek generic.lib /tmp/zfschk.$$ \ 2658 "lib/svc/share/fs_include.sh" 2659 if [ -f /tmp/zfschk.$$/lib/svc/share/fs_include.sh ] ; then 2660 if grep '^readswapdev' \ 2661 /tmp/zfschk.$$/lib/svc/share/fs_include.sh \ 2662 >/dev/null 2>&1 ; then 2663 archive_has_zfs_root_support=yes 2664 fi 2665 fi 2666 rm -fr /tmp/zfschk.$$ 2667 2668 if [ "$archive_has_zfs_root_support" = "no" ] ; then 2669 fail "Cannot bfu a system with zfs root to an archive with no zfs root support" 2670 fi 2671 fi 2672 2673 # Make sure we extract the sun4u-us3 libc_psr.so.1 2674 if [ -d $root/platform/sun4u -a \ 2675 ! -d $root/platform/sun4u-us3 ] 2676 then 2677 mkdir $root/platform/sun4u-us3 2678 chmod 755 $root/platform/sun4u-us3 2679 chown root $root/platform/sun4u-us3 2680 chgrp sys $root/platform/sun4u-us3 2681 fi 2682 2683 if [ $target_isa = i386 ]; then 2684 if [ $archive_type = xpv ]; then 2685 # 2686 # On i386, we want to apply the archives for both 2687 # platforms (i86pc and i86xpv) if they exist. We 2688 # force the platform to i86xpv so that both will be 2689 # applied. 2690 # 2691 karch=i86pc 2692 plat=i86xpv 2693 fi 2694 if [ ! -d $root/platform/i86hvm ]; then 2695 mkdir $root/platform/i86hvm 2696 fi 2697 fi 2698 2699 if [ $karch != $plat -a -f ${cpiodir}/${plat}.usr$ZFIX ]; then 2700 usrarchs="$karch $plat" 2701 else 2702 usrarchs="$karch" 2703 fi 2704 if [ $karch != $plat -a -f ${cpiodir}/${plat}.root$ZFIX ]; then 2705 rootarchs="$karch $plat" 2706 else 2707 rootarchs="$karch" 2708 fi 2709 2710 if [ -h ${root}/platform/${plat} ]; then 2711 rm -f ${root}/platform/${plat} 2712 fi 2713 if [ -h ${usr}/platform/${plat} ]; then 2714 rm -f ${usr}/platform/${plat} 2715 fi 2716 2717 if [ $plat != $karch -a -f ${cpiodir}/${plat}.root$ZFIX \ 2718 -a -f ${cpiodir}/${plat}.usr$ZFIX ] 2719 then 2720 cd $cpiodir 2721 # 2722 # Look through all the archives we build and match 2723 # the names of built archives with the names of 2724 # directories installed on this machine. We assume 2725 # here that we can get the names of all architectures 2726 # by pattern matching the names of .root archives - so 2727 # if we ever had a case where we had only a .usr archive 2728 # we wouldn't find that archive. 2729 # 2730 for i in *.root* 2731 do 2732 platname=${i%.root*} 2733 if [ -z "${platname}" -o ${platname} = $karch -o \ 2734 $platname = generic -o ${platname} = $plat ]; then 2735 continue; 2736 fi 2737 if [ -d ${root}/platform/${platname} -o \ 2738 -h ${root}/platform/${platname} ]; then 2739 rootarchs="${rootarchs} ${platname}" 2740 fi 2741 if [ -d ${usr}/platform/${platname} -o \ 2742 -h ${usr}/platform/${platname} ]; then 2743 usrarchs="${usrarchs} ${platname}" 2744 fi 2745 if [ -h ${root}/platform/${platname} ]; then 2746 rm -f ${root}/platform/${platname} 2747 fi 2748 if [ -h ${usr}/platform/${platname} ]; then 2749 rm -f ${usr}/platform/${platname} 2750 fi 2751 done 2752 fi 2753 if [ "$rootfstype" = "ufs" ] ; then 2754 rootslice=`df -k $root | nawk 'NR > 1 { print $1 }' | \ 2755 sed s/dsk/rdsk/` 2756 fi 2757 2758 print "Loading $cpiodir on $root" 2759 else 2760 usrroot=$2 2761 usr=$2/usr 2762 [[ "$usr" = /export/exec/* ]] || fail "exec-dir $usrroot sounds bogus" 2763 case $2 in 2764 *sparc*) 2765 target_isa=sparc ;; 2766 *i386*) 2767 target_isa=i386 ;; 2768 esac 2769 cd $cpiodir 2770 test -f generic.root$ZFIX || fail "$cpiodir/generic.root$ZFIX missing" 2771 allarchs=$(echo $(ls *.root$ZFIX | grep -v generic.root$ZFIX | \ 2772 sed -e 's/.root.*//')) 2773 2774 if [ $target_isa = i386 -a $archive_type = xpv ]; then 2775 # 2776 # On i386, we want to apply the archives for both platforms 2777 # (i86pc and i86xpv) if they exist. We force the platform 2778 # to i86xpv so that both will be applied. 2779 # 2780 karch=i86pc 2781 plat=i86xpv 2782 else 2783 # XXX Pick karch as last available root arch 2784 karch=${allarchs##* } 2785 # XXX Pick plat as first available root arch 2786 plat=${allarchs%% *} 2787 fi 2788 2789 rootlist="" 2790 for root in /export/root/* 2791 do 2792 test -f $root/etc/vfstab && 2793 egrep -s $usrroot $root/etc/vfstab && 2794 rootlist="$rootlist $root" 2795 done 2796 test -n "$rootlist" || fail "no clients to upgrade" 2797 print "Loading $cpiodir usr archives on:\n\t$usr\n" 2798 print "Loading $cpiodir root archives on:" 2799 for root in $rootlist 2800 do 2801 print "\t$root" 2802 done 2803 fi 2804 2805 if grep '^[ ]*zfsroot:' $root/etc/system >/dev/null && \ 2806 archive_file_exists i86pc.boot boot/grub/zfs_stage1_5; then 2807 echo "Cannot BFU a system with the mountroot version"\ 2808 "of zfs boot support." 2809 echo "For information on how to transition this system to the new" 2810 echo "zfs boot support, see:" 2811 echo "http://www.opensolaris.org/os/community/zfs/boot/zfsboot-manual/mntroot-transition/" 2812 fail "" 2813 fi 2814 2815 nss_lib="$usr/lib/mps/libnss3.so" 2816 nss_lib64="$usr/lib/mps/64/libnss3.so" 2817 valid_rpath="\$ORIGIN:/usr/lib/mps/secv1:/usr/lib/mps" 2818 rpath_msg="R(UN)?PATH from file ${nss_lib}\)" 2819 if [ ! -x /usr/bin/ldd ]; then 2820 if [ "$force_override" = yes ]; then 2821 echo "/usr/bin/ldd is missing but -f is set; continuing." 2822 else 2823 echo "/usr/bin/ldd is missing." 2824 fail "Install the SUNWtoo package." 2825 fi 2826 fi 2827 nss_rpath=`ldd -s $nss_lib | egrep "$rpath_msg" | head -1 | cut -d'=' -f2 | \ 2828 awk '{print $1}'` 2829 update_script="${GATE}/public/bin/update_nsspkgs" 2830 if [ $valid_rpath != "$nss_rpath" ]; then 2831 if [ "$force_override" = yes ]; then 2832 echo "$nss_lib is not valid but -f is set; continuing." 2833 else 2834 echo "$nss_lib is not valid." 2835 fail "Run $update_script to update the SUNWtls package." 2836 fi 2837 fi 2838 if [ $target_isa = i386 -a ! -f $nss_lib64 ]; then 2839 echo "$nss_lib64 does not exist." 2840 fail "Run $update_script to update the NSS packages." 2841 fi 2842 2843 update_script="${GATE}/public/bin/migrate_bind9" 2844 if [[ ! -f $usr/lib/dns/libdns.so ]] && ! $ZCAT $cpiodir/generic.usr$ZFIX | \ 2845 cpio -it 2>/dev/null | egrep -s '^usr/sbin/ndc' ; then 2846 if [ "$force_override" = yes ]; then 2847 echo "BIND 9 has not been installed, but -f is set; continuing." 2848 else 2849 echo "BIND 8 has been removed from ON; BIND 9 is available from SFW." 2850 fail "Run $update_script to migrate to BIND 9." 2851 fi 2852 fi 2853 2854 update_script="${GATE}/public/bin/update_ce" 2855 if ifconfig -a | egrep '^ce' >/dev/null 2>/dev/null; then 2856 # CE version 1.148 or later is required 2857 cever=`modinfo | grep 'CE Ethernet' | sed 's/.*v1\.//' | tr -d ')' | \ 2858 nawk '{ if ($1 < 148) print "BAD"; else print $1 }'` 2859 if [ "$cever" = "BAD" ]; then 2860 fail "You must run $update_script to upgrade your ce driver." 2861 fi 2862 fi 2863 2864 update_script="${GATE}/public/bin/update_dbus" 2865 if [ ! -x $usr/lib/dbus-daemon ]; then 2866 fail "Run $update_script to update D-Bus." 2867 fi 2868 2869 # 2870 # We need biosdev if we're moving from pre-multiboot to multiboot or directboot 2871 # kernels. If we already have an i86xpv kernel, then we must already be a 2872 # directboot kernel, and can therefore skip the check. 2873 # 2874 if [ $target_isa = i386 ] && [ $multi_or_direct = yes ] && \ 2875 [ $diskless = no ] && [ ! -d /platform/i86xpv/ ]; then 2876 prtconf -v | grep biosdev >/dev/null 2>&1 2877 if [ $? -ne 0 ] && [ ! -f $rootprefix/platform/i86pc/multiboot ]; then 2878 echo "biosdev cannot be run on this machine." 2879 echo "Transitioning from classic to multiboot requires a" 2880 echo "bootconf which is compatible with biosdev." 2881 echo "bfu to onnv_12 first, then to a build with multiboot." 2882 fail "" 2883 fi 2884 fi 2885 2886 # 2887 # Check whether the archives have a datalink-management services; this is 2888 # later used to determine whether we need to upgrade the existing datalink 2889 # configuration and if the datalink-management service needs to be removed. 2890 # 2891 if archive_file_exists generic.sbin "sbin/dlmgmtd"; then 2892 dlmgmtd_exists=true 2893 else 2894 dlmgmtd_exists=false 2895 fi 2896 # 2897 # Set the value of dlmgmtd_status based on the existence of the 2898 # /sbin/dlmgmtd file 2899 # 2900 dlmgmtd_status=none 2901 if [[ -f $root/sbin/dlmgmtd ]] && ! $dlmgmtd_exists ; then 2902 dlmgmtd_status=cleanup 2903 elif [[ ! -f $root/sbin/dlmgmtd ]] && $dlmgmtd_exists ; then 2904 dlmgmtd_status=new 2905 fi 2906 2907 # 2908 # Check whether the archives have an etc/dladm directory; this is 2909 # later used to determine if aggregation.conf needs to be moved. 2910 # 2911 if $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | \ 2912 grep etc/dladm > /dev/null 2>&1 ; then 2913 new_dladm=yes 2914 fi 2915 2916 # 2917 # The Clearview IP Tunneling project changes the format of the 2918 # /etc/dladm/datalink.conf file. The conversion is done in the 2919 # dlmgmtd daemon, so there is no backwards conversion when bfu'ing 2920 # backwards. The solution is to have bfu save the old file away when 2921 # bfu'ing across this project, and restore it when bfu'ing back. 2922 # 2923 datalink_file=$root/etc/dladm/datalink.conf 2924 datalink_backup=$root/etc/dladm/datalink.conf.bfusave 2925 datalink_action=none 2926 if [[ -f $datalink_file ]]; then 2927 iptun_exists=false 2928 if archive_file_exists generic.kernel "kernel/drv/iptun.conf"; then 2929 iptun_exists=true 2930 fi 2931 if [[ ! -f $root/kernel/drv/iptun.conf ]] && $iptun_exists; then 2932 datalink_action=save 2933 elif [[ -f $root/kernel/drv/iptun.conf ]] && ! $iptun_exists; then 2934 datalink_action=restore 2935 fi 2936 fi 2937 2938 # 2939 # Check whether the build is boot-archive or ufsboot sparc 2940 # boot based on the existence of a generic.boot archive 2941 # 2942 newboot_sparc=no 2943 if [ $target_isa = sparc -a -f $cpiodir/generic.boot$ZFIX ]; then 2944 newboot_sparc=yes 2945 fi 2946 2947 time_ref=/tmp/bfu.time_ref.$$ 2948 rm -f $time_ref 2949 touch $time_ref || fail "$time_ref: Unable to create time reference." 2950 time_ref_seconds=$SECONDS 2951 2952 print "\nCreating bfu execution environment ..." 2953 2954 # 2955 # Save off a few critical libraries and commands, so that bfu will 2956 # continue to function properly even in the face of major 2957 # kernel/library/command incompatibilities during a live upgrade. 2958 # 2959 bfucmd=" 2960 /usr/bin/awk 2961 /usr/bin/cat 2962 /usr/bin/chgrp 2963 /usr/bin/chmod 2964 /usr/bin/chown 2965 /usr/bin/cmp 2966 /usr/bin/cp 2967 /usr/bin/cpio 2968 /usr/bin/csh 2969 /usr/bin/cut 2970 /usr/bin/date 2971 /usr/bin/dd 2972 /usr/bin/df 2973 /usr/bin/diff 2974 /usr/bin/du 2975 /usr/bin/echo 2976 /usr/bin/ed 2977 /usr/bin/egrep 2978 /usr/bin/env 2979 /usr/bin/ex 2980 /usr/bin/expr 2981 /usr/bin/false 2982 /usr/bin/fgrep 2983 /usr/bin/file 2984 /usr/bin/find 2985 /usr/bin/gettext 2986 /usr/bin/grep 2987 /usr/bin/head 2988 /usr/bin/id 2989 /usr/bin/ksh 2990 /usr/bin/ksh93 2991 /usr/bin/line 2992 /usr/bin/ln 2993 /usr/bin/ls 2994 /usr/bin/mkdir 2995 /usr/bin/mktemp 2996 /usr/bin/more 2997 /usr/bin/mv 2998 /usr/bin/nawk 2999 /usr/bin/pgrep 3000 /usr/bin/pkginfo 3001 /usr/bin/pkill 3002 /usr/bin/printf 3003 /usr/bin/ps 3004 /usr/bin/ptree 3005 /usr/bin/rm 3006 /usr/bin/rmdir 3007 /usr/bin/sed 3008 /usr/bin/sh 3009 /usr/bin/sort 3010 /usr/bin/strings 3011 /usr/bin/stty 3012 /usr/bin/su 3013 /usr/bin/tail 3014 /usr/bin/tee 3015 /usr/bin/touch 3016 /usr/bin/tr 3017 /usr/bin/true 3018 /usr/bin/truss 3019 /usr/bin/tty 3020 /usr/bin/uname 3021 /usr/bin/uniq 3022 /usr/bin/uptime 3023 /usr/bin/vi 3024 /usr/bin/w 3025 /usr/bin/wc 3026 /usr/bin/xargs 3027 /usr/bin/zcat 3028 /usr/sbin/add_drv 3029 /usr/sbin/chroot 3030 /usr/sbin/halt 3031 /usr/sbin/lockfs 3032 /usr/sbin/lofiadm 3033 /usr/sbin/mkfile 3034 /usr/sbin/mkfs 3035 /usr/sbin/mknod 3036 /usr/sbin/mount 3037 /usr/sbin/newfs 3038 /usr/sbin/pkgrm 3039 /usr/sbin/prtconf 3040 /usr/sbin/reboot 3041 /usr/sbin/rem_drv 3042 /usr/sbin/sync 3043 /usr/sbin/tar 3044 /usr/sbin/uadmin 3045 /usr/sbin/umount 3046 /usr/sbin/update_drv 3047 /usr/sbin/wall 3048 /usr/sbin/zonecfg 3049 ${FASTFS-$GATE/public/bin/$bfu_isa/fastfs} 3050 ${GZIPBIN-$GATE/public/bin/$bfu_isa/gzip} 3051 " 3052 # 3053 # Scripts needed by BFU. These must be modified to use the interpreters in 3054 # /tmp/bfubin. The interpreters in /usr/bin may not be compatible with the 3055 # libraries in the archives being extracted. 3056 # 3057 bfuscr=" 3058 ${ACR-${GATE}/public/bin/acr} 3059 " 3060 3061 # 3062 # Tools which may be either scripts or ELF binaries, 3063 # so we need to check them before adding to either $bfucmd or $bfuscr. 3064 # This does not handle compiled shell scripts yet. 3065 # 3066 bfuchameleons=" 3067 /usr/bin/basename 3068 /usr/bin/bg 3069 /usr/bin/cd 3070 /usr/bin/cksum 3071 /usr/bin/cmp 3072 /usr/bin/comm 3073 /usr/bin/command 3074 /usr/bin/dirname 3075 /usr/bin/cut 3076 /usr/bin/fc 3077 /usr/bin/fg 3078 /usr/bin/getopts 3079 /usr/bin/hash 3080 /usr/bin/jobs 3081 /usr/bin/join 3082 /usr/bin/kill 3083 /usr/bin/logname 3084 /usr/bin/paste 3085 /usr/bin/print 3086 /usr/bin/read 3087 /usr/bin/rev 3088 /usr/bin/sleep 3089 /usr/bin/sum 3090 /usr/bin/tee 3091 /usr/bin/test 3092 /usr/bin/type 3093 /usr/bin/ulimit 3094 /usr/bin/umask 3095 /usr/bin/unalias 3096 /usr/bin/uniq 3097 /usr/bin/wait 3098 /usr/bin/wc 3099 " 3100 3101 for chameleon in ${bfuchameleons} ; do 3102 if [[ "$(file "${chameleon}")" == *ELF* ]] ; then 3103 bfucmd="${bfucmd} ${chameleon}" 3104 else 3105 bfuscr="${bfuscr} ${chameleon}" 3106 fi 3107 done 3108 3109 rm -rf /tmp/bfubin 3110 mkdir /tmp/bfubin 3111 set $bfucmd 3112 isalist=`isalist` 3113 while [ $# -gt 0 ] 3114 do 3115 dir=${1%/*} 3116 cmd=${1##*/} 3117 cd $dir 3118 isacmd=`(find $isalist -name $cmd 2>/dev/null; echo $cmd) | head -1` 3119 cp $dir/$isacmd /tmp/bfubin || fail "cannot copy $dir/$isacmd" 3120 shift 3121 done 3122 3123 # 3124 # Optional commands. We warn, but do not abort, if we are crossing a 3125 # feature boundary (where a command is not present in the parent). 3126 # Clauses requiring these commands must explicitly test for their 3127 # presence in /tmp/bfubin. 3128 # 3129 bfuoptcmd=" 3130 /sbin/biosdev 3131 /sbin/bootadm 3132 /sbin/installgrub 3133 /usr/sbin/fdisk 3134 /usr/sbin/metastat 3135 /usr/bin/mkisofs 3136 /usr/sbin/svcadm 3137 /usr/sbin/svccfg 3138 /usr/bin/svcprop 3139 /usr/bin/svcs 3140 " 3141 3142 set $bfuoptcmd 3143 isalist=`isalist` 3144 while [ $# -gt 0 ] 3145 do 3146 dir=${1%/*} 3147 cmd=${1##*/} 3148 cd $dir 3149 isacmd=`(find $isalist -name $cmd 2>/dev/null; echo $cmd) | head -1` 3150 cp $dir/$isacmd /tmp/bfubin 2>/dev/null 3151 shift 3152 done 3153 3154 3155 # 3156 # set up installgrub and friends if transitioning to multiboot or directboot 3157 # do this now so ldd can determine library dependencies 3158 # 3159 # We split the binaries into two groups: the type where we want to make any 3160 # effort to get the newest version (like symdef and bootadm), and the type 3161 # where any old version will do (like installgrub and biosdev). 3162 # 3163 # If we're bfu'ing across the directboot/multiboot boundary, we need the new 3164 # bootadm and symdef to properly handle menu.lst changes. If the system is 3165 # directboot, we can use the local copies. If the system is multiboot but 3166 # the archives are directboot, we extract the binaries early. Otherwise, 3167 # we're not crossing the boundary, and which one we use doesn't matter. 3168 # 3169 # NB - if bootadm or symdef is ever changed to require a new library, the 3170 # early extraction will blow up horribly. 3171 # 3172 # For testing purposes, a user can set DIRECTBOOT_BIN_DIR in the environment, 3173 # and we'll use that instead. 3174 # 3175 MULTIBOOT_BIN_DIR=${MULTIBOOT_BIN_DIR:=${GATE}/public/multiboot} 3176 have_new_bootadm=unknown 3177 3178 if [ -f "$root/platform/i86xpv/kernel/unix" ]; then 3179 root_is_xpv=yes 3180 root_is_directboot=yes 3181 elif [ -x "$root/boot/solaris/bin/symdef" ] && \ 3182 "$root"/boot/solaris/bin/symdef "$root/platform/i86pc/kernel/unix" \ 3183 dboot_image; then 3184 root_is_xpv=no 3185 root_is_directboot=yes 3186 else 3187 root_is_xpv=no 3188 root_is_directboot=no 3189 fi 3190 3191 # 3192 # A comma-separated list of the command and the archive it's in 3193 # 3194 multiboot_new_cmds=" 3195 sbin/bootadm,generic.sbin 3196 boot/solaris/bin/symdef,i86pc.boot 3197 " 3198 3199 if [ $multi_or_direct = yes ]; then 3200 for line in $multiboot_new_cmds 3201 do 3202 cmd=${line%,*} 3203 file=${cmd##*/} 3204 archive=${line#*,} 3205 if [ -n "$DIRECTBOOT_BIN_DIR" ] && \ 3206 [ -f $DIRECTBOOT_BIN_DIR/$file ]; then 3207 cp $DIRECTBOOT_BIN_DIR/$file /tmp/bfubin/ 3208 else 3209 if [[ $root_is_xpv = yes || 3210 $root_is_directboot = yes && 3211 $archive_type = multiboot ]]; then 3212 cp $root/$cmd /tmp/bfubin/ 3213 have_new_bootadm=yes 3214 elif [ $archive_type = directboot ] || \ 3215 [ $archive_type = xpv ]; then 3216 DBOOT_TMPDIR=/tmp/dboot.$$ 3217 trap "rm -rf $DBOOT_TMPDIR" EXIT 3218 OLD_PWD=$(pwd) 3219 rm -rf $DBOOT_TMPDIR 3220 mkdir $DBOOT_TMPDIR 3221 cd $DBOOT_TMPDIR 3222 $ZCAT $cpiodir/${archive}$ZFIX | \ 3223 cpio -id "$cmd" 2>/dev/null 3224 if [ -x $cmd ]; then 3225 cp $cmd /tmp/bfubin/ 3226 have_new_bootadm=yes 3227 fi 3228 cd $OLD_PWD 3229 rm -rf $DBOOT_TMPDIR 3230 trap - EXIT 3231 fi 3232 fi 3233 3234 # 3235 # If all else fails, grab the local version 3236 # 3237 if [ ! -x /tmp/bfubin/$file ]; then 3238 [ -x /$cmd ] && cp /$cmd /tmp/bfubin 3239 fi 3240 done 3241 if [ $archive_type = directboot ] && [ $root_is_directboot = yes ]; then 3242 cleanup_eeprom_console 3243 fi 3244 fi 3245 3246 multiboot_cmds=" 3247 /sbin/biosdev 3248 /sbin/installgrub 3249 " 3250 copying_mboot_cmds=no 3251 if [ $multi_or_direct = yes ]; then 3252 for cmd in $multiboot_cmds 3253 do 3254 file=`basename $cmd` 3255 if [ -f $cmd ]; then 3256 cp $cmd /tmp/bfubin 3257 elif [ -n "$DIRECTBOOT_BIN_DIR" ] && 3258 [ -d $DIRECTBOOT_BIN_DIR ] && 3259 [ -x $DIRECTBOOT_BIN_DIR/$file ]; then 3260 cp $DIRECTBOOT_BIN_DIR/$file /tmp/bfubin/ 3261 else 3262 if [ ! -d $MULTIBOOT_BIN_DIR ]; then 3263 echo "$MULTIBOOT_BIN_DIR: not found" 3264 elif [ ! -f $MULTIBOOT_BIN_DIR/$file ]; then 3265 echo "$MULTIBOOT_BIN_DIR/$file: not found" 3266 fi 3267 if [ $copying_mboot_cmds = no ]; then 3268 echo "installing files from $MULTIBOOT_BIN_DIR" 3269 copying_mboot_cmds=yes 3270 fi 3271 cp $MULTIBOOT_BIN_DIR/$file /tmp/bfubin 3272 fi 3273 3274 done 3275 fi 3276 3277 # 3278 # If available, use ldd to determine which libraries bfu depends on. 3279 # Otherwise, just make an educated guess. 3280 # 3281 if [ -x /usr/bin/ldd ]; then 3282 bfulib="`ldd /tmp/bfubin/* | nawk '$3 ~ /lib/ { print $3 }' | sort -u`" 3283 else 3284 bfulib=" 3285 /lib/libc.so.1 3286 /lib/libm.so.2 3287 /lib/libdoor.so.1 3288 /lib/libm.so.2 3289 /lib/libmd.so.1 3290 /lib/libmd5.so.1 3291 /lib/libnvpair.so.1 3292 /lib/libscf.so.1 3293 /lib/libuutil.so.1 3294 /usr/lib/libbsm.so.1 3295 /usr/lib/libc2.so 3296 /usr/lib/libdl.so.1 3297 /usr/lib/libelf.so.1 3298 /usr/lib/libkstat.so.1 3299 /usr/lib/libmapmalloc.so.1 3300 /usr/lib/libmp.so.1 3301 /usr/lib/libnsl.so.1 3302 /usr/lib/libpam.so.1 3303 /usr/lib/libsec.so.1 3304 /usr/lib/libsocket.so.1 3305 /usr/lib/libtecla.so.1 3306 " 3307 fi 3308 3309 # add dlopen()'ed stuff 3310 bfulib=" 3311 $bfulib 3312 /lib/ld.so.1 3313 /usr/lib/nss_* 3314 " 3315 3316 # add svccfg dtd rules 3317 bfulib=" 3318 $bfulib 3319 /usr/share/lib/xml/dtd/service_bundle.dtd.1 3320 " 3321 3322 BFUSVCCFG="SVCCFG_DTD=/tmp/bfulib/service_bundle.dtd.1 /tmp/bfubin/svccfg" 3323 3324 # add libc_psr.so.1, if available and not empty 3325 if [ -s /platform/`uname -i`/lib/libc_psr.so.1 ]; then 3326 bfulib=" 3327 $bfulib 3328 /platform/`uname -i`/lib/libc_psr.so.1 3329 " 3330 fi 3331 3332 rm -rf /tmp/bfulib /tmp/bl 3333 mkdir /tmp/bfulib /tmp/bl 3334 3335 # 3336 # Create 64 bit directory structure and determine 64 bit arch name. 3337 # 3338 if [ -h /usr/lib/64 ] 3339 then 3340 link=`ls -dl /usr/lib/64 | awk '{print $NF}'` 3341 ln -s $link /tmp/bfulib/64 3342 ln -s $link /tmp/bl/64 3343 mkdir /tmp/bfulib/$link /tmp/bl/$link 3344 bfulib="$bfulib /usr/lib/64/nss_*" 3345 # 3346 # Copy libraries to proper directories 3347 # 3348 for lib in $bfulib 3349 do 3350 case $lib in 3351 */64/* | */$link/*) 3352 cp $lib /tmp/bfulib/64;; 3353 *) 3354 cp $lib /tmp/bfulib;; 3355 esac 3356 done 3357 # 3358 # Private 64 bit runtime linker. 3359 # 3360 cp /lib/64/ld.so.1 /tmp/bfulib/64/bf.1 3361 cp /lib/64/ld.so.1 /tmp/bl/64/bf.1 3362 else 3363 cp $bfulib /tmp/bfulib 3364 fi 3365 cp /lib/ld.so.1 /tmp/bfulib/bf.1 # bfu's private runtime linker 3366 cp /lib/ld.so.1 /tmp/bl/bf.1 3367 3368 ${BFULD-$GATE/public/bin/$bfu_isa/bfuld} /tmp/bfubin/* || fail "bfuld failed" 3369 3370 for x in $bfuscr 3371 do 3372 sed -e 's/\/usr\/bin\//\/tmp\/bfubin\//g' \ 3373 -e 's/\/bin\//\/tmp\/bfubin\//g' < $x > /tmp/bfubin/`basename $x` 3374 chmod +x /tmp/bfubin/`basename $x` 3375 done 3376 3377 # 3378 # scripts used together with multiboot 3379 # 3380 multiboot_scr=" 3381 /boot/solaris/bin/create_ramdisk 3382 /boot/solaris/bin/create_diskmap 3383 /boot/solaris/bin/root_archive 3384 " 3385 3386 if [ $multi_or_direct = yes ]; then 3387 for cmd in $multiboot_scr 3388 do 3389 file=`basename $cmd` 3390 if [ -f $cmd ]; then 3391 cp $cmd /tmp/bfubin 3392 else 3393 if [ ! -d $MULTIBOOT_BIN_DIR ]; then 3394 echo "$MULTIBOOT_BIN_DIR: not found" 3395 fail "" 3396 fi 3397 3398 if [ ! -f $MULTIBOOT_BIN_DIR/$file ]; then 3399 echo "$MULTIBOOT_BIN_DIR/$file: not found" 3400 fail "" 3401 fi 3402 echo "copying $file from $MULTIBOOT_BIN_DIR" 3403 cp $MULTIBOOT_BIN_DIR/$file /tmp/bfubin 3404 fi 3405 3406 # 3407 # We do two substitutions here to replace references to 3408 # both /usr/bin/ and /bin/ with /tmp/bfubin/ 3409 # 3410 mv /tmp/bfubin/${file} /tmp/bfubin/${file}- 3411 sed -e 's/\/usr\/bin\//\/tmp\/bfubin\//g' \ 3412 -e 's/\/bin\//\/tmp\/bfubin\//g' \ 3413 < /tmp/bfubin/${file}- > /tmp/bfubin/${file} 3414 chmod +x /tmp/bfubin/${file} 3415 done 3416 fi 3417 3418 # 3419 # For directboot archives, /boot/platform/i86pc/kernel/unix will be 3420 # overwritten, which could cause a mis-match with the failsafe 3421 # miniroot. Extract unix from the miniroot and save it off for now. 3422 # 3423 if [ $archive_type = directboot ] && [ $diskless = no ]; then 3424 if gunzip -c "$root/boot/x86.miniroot-safe" \ 3425 >/tmp/bfubin/miniroot-unzipped; then 3426 lofifile=/tmp/bfubin/miniroot-unzipped 3427 else 3428 # Shouldn't happen? See if someone already unzipped it. 3429 lofifile="$root/boot/x86.miniroot-safe" 3430 fi 3431 lofidev=`lofiadm -a $lofifile 2>/dev/null` 3432 if [ -n "$lofidev" ]; then 3433 mkdir /tmp/bfubin/mnt 3434 mount -r $lofidev /tmp/bfubin/mnt 3435 3436 unix=/tmp/bfubin/mnt/boot/platform/i86pc/kernel/unix 3437 if [ -f $unix ]; then 3438 cp $unix /tmp/bfubin/unix 3439 failsafe_type=directboot 3440 elif [ -f /tmp/bfubin/mnt/platform/i86pc/multiboot ] 3441 then 3442 failsafe_type=multiboot 3443 fi 3444 3445 umount /tmp/bfubin/mnt 3446 rmdir /tmp/bfubin/mnt 3447 lofiadm -d $lofidev 3448 fi 3449 rm -f /tmp/bfubin/miniroot-unzipped 3450 fi 3451 3452 revert_aggregation_conf() 3453 { 3454 aggrconf=$rootprefix/etc/aggregation.conf 3455 nawk ' 3456 /^[ \t]*#/ || /^[ \t]*$/ || $4 ~ "/0" { 3457 print; 3458 next; 3459 } 3460 3461 { 3462 OFS="\t"; 3463 gsub(/[^,]*/, "&/0", $4); 3464 print; 3465 }' $aggrconf > $aggrconf.bfutmp 3466 mv -f $aggrconf.bfutmp $aggrconf 3467 } 3468 3469 remove_initd_links() 3470 { 3471 # If we're delivering a new version of an existing /etc/init.d script, 3472 # remove all hard links to the existing file in /etc/rc?.d whose 3473 # names begin with [SK][0-9][0-9]. Additionally, in case an S or K 3474 # file was previously delivered as a symbolic link or the hard link 3475 # was broken, remove any file in /etc/rc?.d whose name is 3476 # [SK][0-9][0-9] followed by the basename of the file we're going 3477 # to update in /etc/init.d. 3478 3479 print "Removing init.d links ... \c" 3480 scripts=`$ZCAT $cpiodir/generic.root$ZFIX | 3481 cpio -it 2>/dev/null | grep '^etc/init\.d/'` 3482 if [ -n "$scripts" ]; then 3483 inodes=`ls -li $scripts 2>/dev/null | \ 3484 nawk '{ print "-inum " $1 " -o " }'` 3485 names=`ls -1 $scripts 2>/dev/null | \ 3486 nawk -F/ '{ print "-name [SK][0-9][0-9]" $NF }'` 3487 find etc/rc?.d \( $inodes $names \) -print | xargs rm -f 3488 fi 3489 print "done." 3490 } 3491 3492 # 3493 # Remove Wildcat (aka Sun Fire Link) 3494 # 3495 remove_eof_wildcat() 3496 { 3497 # Packages to remove 3498 typeset -r wildcat_pkgs='SUNWwrsa SUNWwrsd SUNWwrsu SUNWwrsm' 3499 typeset pkg 3500 3501 # 3502 # First, attempt to remove the packages cleanly if possible. 3503 # Use a custom "admin" file to specify that removal scripts 3504 # in the packages being removed should be run even if they 3505 # will run as root. 3506 # 3507 typeset -r admfile='/tmp/wcat_eof.$$' 3508 echo "action=nocheck" > $admfile 3509 3510 printf 'Removing Wildcat packages...' 3511 for pkg in $wildcat_pkgs 3512 do 3513 if pkginfo $pkgroot -q $pkg; then 3514 printf ' %s' $pkg 3515 pkgrm $pkgroot -n -a $admfile $pkg >/dev/null 2>&1 3516 fi 3517 done 3518 printf '\n' 3519 3520 # 3521 # In case that didn't work, do it manually. 3522 # 3523 printf 'Removing Wildcat from %s/var/sadm/install/contents...' \ 3524 $rootprefix 3525 for pkg in $wildcat_pkgs 3526 do 3527 printf ' %s' $pkg 3528 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3529 rm -rf $rootprefix/var/sadm/pkg/$pkg 3530 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3531 /tmp/contents.$$ 3532 cp /tmp/contents.$$ \ 3533 $rootprefix/var/sadm/install/contents 3534 rm /tmp/contents.$$ 3535 fi 3536 done 3537 printf '\n' 3538 3539 # 3540 # Cleanup any remaining Wildcat files, symlinks, and directories. 3541 # 3542 rm -f $usr/platform/sun4u/include/sys/wci_common.h 3543 rm -f $usr/platform/sun4u/include/sys/wci_regs.h 3544 rm -f $usr/platform/sun4u/include/sys/wci_offsets.h 3545 rm -f $usr/platform/sun4u/include/sys/wci_cmmu.h 3546 rm -f $usr/platform/sun4u/include/sys/wrsm.h 3547 rm -f $usr/platform/sun4u/include/sys/wrsm_common.h 3548 rm -f $usr/platform/sun4u/include/sys/wrsm_config.h 3549 rm -f $usr/platform/sun4u/include/sys/wrsm_types.h 3550 rm -f $usr/platform/sun4u/include/sys/wrsm_plat.h 3551 rm -f $usr/platform/sun4u/include/sys/wrsm_plugin.h 3552 rm -f $usr/platform/sun4u/include/sys/wrsmconf.h 3553 3554 rm -f $usr/platform/sun4u/lib/mdb/kvm/sparcv9/wrsm.so 3555 rm -f $usr/platform/sun4u/lib/mdb/kvm/sparcv9/wrsmd.so 3556 3557 rm -f $rootprefix/platform/SUNW,Sun-Fire-15000/kernel/misc/sparcv9/gptwo_wci 3558 3559 rm -f $rootprefix/platform/sun4u/kernel/kmdb/sparcv9/wrsm 3560 rm -f $rootprefix/platform/sun4u/kernel/kmdb/sparcv9/wrsmd 3561 3562 rm -f $admfile 3563 } 3564 3565 # 3566 # Remove ASET 3567 # 3568 remove_eof_aset() 3569 { 3570 # Packages to remove 3571 typeset -r aset_pkgs='SUNWast' 3572 typeset pkg 3573 3574 printf 'Removing ASET... ' 3575 3576 # 3577 # First, attempt to remove the packages cleanly if possible. 3578 # 3579 for pkg in $aset_pkgs 3580 do 3581 if pkginfo $pkgroot -q $pkg; then 3582 printf ' %s' $pkg 3583 pkgrm $pkgroot -n $pkg >/dev/null 2>&1 3584 fi 3585 done 3586 printf '\n' 3587 3588 # 3589 # In case that didn't work, do it manually. 3590 # Remove ASET from $rootprefix/var/sadm/install/contents 3591 # 3592 for pkg in $aset_pkgs 3593 do 3594 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3595 rm -rf $rootprefix/var/sadm/pkg/$pkg 3596 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3597 /tmp/contents.$$ 3598 cp /tmp/contents.$$ $rootprefix/var/sadm/install/contents.$$ 3599 rm /tmp/contents.$$ 3600 fi 3601 done 3602 3603 # 3604 # Cleanup any remaining ASET files, symlinks, and directories. 3605 # 3606 rm -rf $usr/aset 3607 } 3608 3609 # 3610 # Remove BIND 8 named server/tools packages 3611 # 3612 remove_eof_bind8() 3613 { 3614 # Packages to remove 3615 typeset -r bind8_pkg='SUNWinamd' 3616 typeset pkg 3617 3618 printf 'Removing BIND 8 named server/tools... ' 3619 3620 # 3621 # We cann't pkgrm SUNWinamd at this time as the BIND 9 binaries are 3622 # already in /usr/sbin. 3623 # Remove BIND 8 packages from $rootprefix/var/sadm/install/contents 3624 # 3625 for pkg in $bind8_pkgs 3626 do 3627 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3628 rm -rf $rootprefix/var/sadm/pkg/$pkg 3629 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3630 /tmp/contents.$$ 3631 cp /tmp/contents.$$ /var/sadm/install/contents.$$ 3632 rm /tmp/contents.$$ 3633 fi 3634 done 3635 3636 # 3637 # Cleanup any BIND 8 specific files, symlinks. 3638 # 3639 3640 # files and symlinks. 3641 rm -f $usr/sbin/named-xfer 3642 rm -f $usr/lib/nslookup.help 3643 rm -f $usr/sbin/dnskeygen 3644 rm -f $usr/sbin/named-bootconf 3645 rm -f $usr/sbin/nstest 3646 rm -rf $rootprefix/var/run/ndc.d 3647 printf 'done.\n' 3648 } 3649 3650 # 3651 # Remove the 5.6.1 version of perl. 3652 # 3653 remove_perl_561() 3654 { 3655 3656 # 3657 # Packages to remove. 3658 # 3659 typeset -r perl_pkgs='SUNWpl5m SUNWpl5p SUNWpl5u SUNWpl5v' 3660 3661 # 3662 # First, attempt to remove the packages cleanly if possible. 3663 # 3664 typeset pkg 3665 printf 'Removing perl 5.6.1 packages' 3666 for pkg in $perl_pkgs 3667 do 3668 if pkginfo $pkgroot -q $pkg; then 3669 printf ' %s' $pkg 3670 pkgrm $pkgroot -n $pkg >/dev/null 2>&1 3671 fi 3672 done 3673 printf '\n' 3674 3675 # 3676 # In case that didn't work, do it manually. 3677 # 3678 printf 'Removing perl 5.6.1 from %s/var/sadm/install/contents' \ 3679 $rootprefix 3680 for pkg in $PKGS 3681 do 3682 printf ' %s' $pkg 3683 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3684 rm -rf $rootprefix/var/sadm/pkg/$pkg 3685 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3686 /tmp/contents.$$ 3687 cp /tmp/contents.$$ /var/sadm/install/contents.$$ 3688 rm /tmp/contents.$$ 3689 fi 3690 done 3691 printf '\n' 3692 3693 # 3694 # Remove any remaining 5.6.1 files, 3695 # 3696 printf 'Removing perl 5.6.1 from %s/perl5\n' $usr 3697 3698 # Directories. 3699 rm -rf $usr/perl5/5.6.1 3700 rm -rf $usr/perl5/site_perl/5.6.1 3701 rm -rf $usr/perl5/vendor_perl/5.6.1 3702 } 3703 # 3704 # Remove FNS/XFN packages 3705 # 3706 remove_eof_fns() 3707 { 3708 # Packages to remove 3709 typeset -r fns_pkgs='SUNWfnx5x SUNWfnsx5 SUNWfnsx SUNWfns' 3710 typeset pkg 3711 3712 printf 'Removing FNS/XFN ... ' 3713 3714 # 3715 # First, attempt to remove the packages cleanly if possible. 3716 # 3717 for pkg in $fns_pkgs 3718 do 3719 if pkginfo $pkgroot -q $pkg; then 3720 printf ' %s' $pkg 3721 pkgrm $pkgroot -n $pkg >/dev/null 2>&1 3722 fi 3723 done 3724 printf '\n' 3725 3726 # 3727 # In case that didn't work, do it manually. 3728 # Remove FNS/XFN from $rootprefix/var/sadm/install/contents 3729 # 3730 for pkg in $fns_pkgs 3731 do 3732 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3733 rm -rf $rootprefix/var/sadm/pkg/$pkg 3734 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3735 /tmp/contents.$$ 3736 cp /tmp/contents.$$ $rootprefix/var/sadm/install/contents.$$ 3737 rm /tmp/contents.$$ 3738 fi 3739 done 3740 3741 # 3742 # Cleanup if any remaining FNS/XFN files, symlinks, and directories. 3743 # 3744 3745 # directories. 3746 rm -rf $rootprefix/etc/fn 3747 rm -rf $usr/include/xfn 3748 rm -rf $usr/lib/fn 3749 rm -rf $rootprefix/var/fn 3750 3751 # files and symlinks. 3752 rm -f $rootprefix/etc/fn.conf 3753 rm -f $usr/bin/fnattr 3754 rm -f $usr/bin/fnbind 3755 rm -f $usr/bin/fncreate_printer 3756 rm -f $usr/bin/fnlist 3757 rm -f $usr/bin/fnlookup 3758 rm -f $usr/bin/fnrename 3759 rm -f $usr/bin/fnsearch 3760 rm -f $usr/bin/fnunbind 3761 rm -f $usr/sbin/fncheck 3762 rm -f $usr/sbin/fncopy 3763 rm -f $usr/sbin/fncreate 3764 rm -f $usr/sbin/fncreate_fs 3765 rm -f $usr/sbin/fndestroy 3766 rm -f $usr/sbin/fnselect 3767 rm -f $usr/sbin/fnsypd 3768 rm -f $usr/lib/libfn_p.so 3769 rm -f $usr/lib/libfn_p.so.1 3770 rm -f $usr/lib/libfn_spf.so 3771 rm -f $usr/lib/libfn_spf.so.1 3772 rm -f $usr/lib/libxfn.so 3773 rm -f $usr/lib/libxfn.so.1 3774 rm -f $usr/lib/libxfn.so.2 3775 rm -f $usr/lib/sparcv9/libfn_p.so 3776 rm -f $usr/lib/sparcv9/libfn_p.so.1 3777 rm -f $usr/lib/sparcv9/libfn_spf.so 3778 rm -f $usr/lib/sparcv9/libfn_spf.so.1 3779 rm -f $usr/lib/sparcv9/libxfn.so 3780 rm -f $usr/lib/sparcv9/libxfn.so.1 3781 rm -f $usr/lib/sparcv9/libxfn.so.2 3782 } 3783 3784 remove_eof_face() { 3785 # Packages to remove 3786 typeset -r face_pkgs='SUNWfac' 3787 typeset pkg 3788 3789 printf 'Removing AT&T FACE... ' 3790 3791 # 3792 # First, attempt to remove the packages cleanly if possible. 3793 # 3794 for pkg in $face_pkgs 3795 do 3796 if pkginfo $pkgroot -q $pkg; then 3797 printf ' %s' $pkg 3798 pkgrm $pkgroot -n $pkg >/dev/null 2>&1 3799 fi 3800 done 3801 printf '\n' 3802 3803 # 3804 # In case that didn't work, do it manually. 3805 # Remove FACE from $rootprefix/var/sadm/install/contents 3806 # 3807 for pkg in $face_pkgs 3808 do 3809 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3810 rm -rf $rootprefix/var/sadm/pkg/$pkg 3811 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3812 /tmp/contents.$$ 3813 cp /tmp/contents.$$ $rootprefix/var/sadm/install/contents.$$ 3814 rm /tmp/contents.$$ 3815 fi 3816 done 3817 3818 # 3819 # Cleanup any remaining FACE files, symlinks, and directories. 3820 # 3821 rm -rf $usr/oasys 3822 rm -rf $usr/vmsys 3823 } 3824 3825 remove_eof_dmi() { 3826 # Packages to remove 3827 typeset -r dmi_pkgs='SUNWsadmi' 3828 typeset pkg 3829 3830 printf 'Removing DMI... ' 3831 3832 # 3833 # First, attempt to remove the packages cleanly if possible. 3834 # 3835 for pkg in $dmi_pkgs 3836 do 3837 if pkginfo $pkgroot -q $pkg; then 3838 printf ' %s' $pkg 3839 pkgrm $pkgroot -n $pkg >/dev/null 2>&1 3840 fi 3841 done 3842 printf '\n' 3843 3844 # 3845 # In case that didn't work, do it manually. 3846 # Remove DMI from $rootprefix/var/sadm/install/contents 3847 # 3848 for pkg in $dmi_pkgs 3849 do 3850 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3851 rm -rf $rootprefix/var/sadm/pkg/$pkg 3852 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3853 /tmp/contents.$$ 3854 cp /tmp/contents.$$ $rootprefix/var/sadm/install/contents.$$ 3855 rm /tmp/contents.$$ 3856 fi 3857 done 3858 3859 # 3860 # Cleanup any remaining DMI files, symlinks, and directories. 3861 # 3862 rm -rf $usr/lib/dmi 3863 rm -rf $rootprefix/var/dmi 3864 rm -rf $rootprefix/etc/dmi 3865 rm -f $usr/lib/libdmi.so 3866 rm -f $usr/lib/libdmici.so 3867 rm -f $usr/lib/libdmimi.so 3868 rm -f $usr/lib/libdmi.so.1 3869 rm -f $usr/lib/libdmici.so.1 3870 rm -f $usr/lib/libdmimi.so.1 3871 rm -f $usr/lib/sparcv9/libdmi.so 3872 rm -f $usr/lib/sparcv9/libdmici.so 3873 rm -f $usr/lib/sparcv9/libdmimi.so 3874 rm -f $usr/lib/sparcv9/libdmi.so.1 3875 rm -f $usr/lib/sparcv9/libdmici.so.1 3876 rm -f $usr/lib/sparcv9/libdmimi.so.1 3877 rm -f $usr/lib/amd64/libdmi.so 3878 rm -f $usr/lib/amd64/libdmici.so 3879 rm -f $usr/lib/amd64/libdmimi.so 3880 rm -f $usr/lib/amd64/libdmi.so.1 3881 rm -f $usr/lib/amd64/libdmici.so.1 3882 rm -f $usr/lib/amd64/libdmimi.so.1 3883 rm -f $usr/sbin/dmi_cmd 3884 rm -f $usr/sbin/dmiget 3885 rm -f $rootprefix/etc/init.d/init.dmi 3886 rm -f $rootprefix/etc/rc0.d/K07dmi 3887 rm -f $rootprefix/etc/rc1.d/K07dmi 3888 rm -f $rootprefix/etc/rc2.d/K07dmi 3889 rm -f $rootprefix/etc/rcS.d/K07dmi 3890 rm -f $rootprefix/etc/rc3.d/S77dmi 3891 } 3892 3893 # 3894 # Remove vold 3895 # 3896 remove_eof_vold() 3897 { 3898 printf 'Removing vold... ' 3899 3900 rm -rf $usr/lib/vold 3901 rm -rf $usr/lib/rmmount 3902 rm -f $usr/lib/fs/hsfs/ident_hsfs.so.1 3903 rm -f $usr/lib/fs/pcfs/ident_pcfs.so.1 3904 rm -f $usr/lib/fs/udfs/ident_udfs.so.1 3905 rm -f $usr/lib/fs/ufs/ident_ufs.so.1 3906 rm -f $usr/sbin/vold 3907 rm -f $usr/kernel/drv/vol 3908 rm -f $usr/kernel/drv/amd64/vol 3909 rm -f $usr/kernel/drv/sparcv9/vol 3910 rm -f $usr/include/rmmount.h 3911 rm -f $usr/include/vol.h 3912 rm -f $rootprefix/etc/vold.conf 3913 rm -f $rootprefix/etc/rmmount.conf 3914 3915 printf '\n' 3916 } 3917 3918 # 3919 # Remove the obsolete Mobile IP packages 3920 # 3921 remove_eof_mobileip() { 3922 typeset -r mip_pkgs='SUNWmipr SUNWmipu' 3923 typeset pkg 3924 3925 printf 'Removing Mobile IP... ' 3926 3927 for pkg in $mip_pkgs 3928 do 3929 if pkginfo $pkgroot -q $pkg; then 3930 printf ' %s' $pkg 3931 pkgrm $pkgroot -n $pkg >/dev/null 2>&1 3932 fi 3933 done 3934 3935 # In case that did not work, do it manually. 3936 if [[ -d $rootprefix/var/sadm/pkg/SUNWmipr ]]; then 3937 rm -f "$rootprefix/etc/inet/mipagent.conf-sample" 3938 rm -f "$rootprefix/etc/inet/mipagent.conf.fa-sample" 3939 rm -f "$rootprefix/etc/inet/mipagent.conf.ha-sample" 3940 rm -f "$rootprefix/etc/init.d/mipagent" 3941 rm -f "$rootprefix/etc/rc0.d/K06mipagent" 3942 rm -f "$rootprefix/etc/rc1.d/K06mipagent" 3943 rm -f "$rootprefix/etc/rc2.d/K06mipagent" 3944 rm -f "$rootprefix/etc/rc3.d/S80mipagent" 3945 rm -f "$rootprefix/etc/rcS.d/K06mipagent" 3946 rm -f "$rootprefix/etc/snmp/conf/mipagent.acl" 3947 rm -f "$rootprefix/etc/snmp/conf/mipagent.reg" 3948 fi 3949 if [[ -d $rootprefix/var/sadm/pkg/SUNWmipu ]]; then 3950 rm -f "$rootprefix/usr/lib/inet/mipagent" 3951 rm -f "$rootprefix/usr/sbin/mipagentconfig" 3952 rm -f "$rootprefix/usr/sbin/mipagentstat" 3953 fi 3954 printf '\n' 3955 } 3956 3957 # 3958 # Remove EOF Smartcard framework 3959 # 3960 remove_eof_smartcard() 3961 { 3962 # Packages to remove 3963 typeset -r smartcard_pkg='SUNWjcom SUNWkib SUNWocf SUNWocfd SUNWocfh 3964 SUNWocfr SUNWpamsc SUNWscmhdlr' 3965 typeset pkg 3966 3967 printf 'Removing EOF Smartcard... ' 3968 3969 for pkg in $smartcard_pkgs 3970 do 3971 if [ -d $rootprefix/var/sadm/pkg/$pkg ]; then 3972 rm -rf $rootprefix/var/sadm/pkg/$pkg 3973 grep -vw $pkg $rootprefix/var/sadm/install/contents > \ 3974 /tmp/contents.$$ 3975 cp /tmp/contents.$$ /var/sadm/install/contents.$$ 3976 rm /tmp/contents.$$ 3977 fi 3978 done 3979 3980 # 3981 # Remove smartcard headers, libraries, Old readers and the 3982 # parts delivered from other consolidations 3983 # that no longer work with the ON parts removed. 3984 # 3985 rm -rf $usr/lib/smartcard \ 3986 $usr/share/lib/smartcard \ 3987 $usr/include/smartcard.h \ 3988 $usr/include/smartcard \ 3989 $root/etc/smartcard \ 3990 $root/platform/sun4u/kernel/drv/sparcv9/scmi2c 3991 3992 printf 'done.\n' 3993 } 3994 3995 remove_properties() { 3996 3997 # 3998 # Remove obsolete smartii setprop from bootenv.rc 3999 # 4000 srcbootenvrc=$root/boot/solaris/bootenv.rc 4001 tmpbootenvrc=/tmp/tmp.bootenvrc.$$ 4002 4003 # Don't touch bootenv.rc unless it contains obsolete property 4004 egrep -s 'target-driver-for-smartii' $srcbootenvrc 2>/dev/null 4005 res=$? 4006 if [ -f $srcbootenvrc -a $res -eq 0 ]; then 4007 egrep -v "target-driver-for-smartii"\ 4008 $srcbootenvrc > $tmpbootenvrc 2>/dev/null 4009 cp $tmpbootenvrc $srcbootenvrc 4010 fi 4011 rm -f $tmpbootenvrc 4012 } 4013 4014 rbac_cleanup() 4015 { 4016 # This is a copy of the RBAC portions of the SUNWcsr postinstall 4017 # We need to ensure that the RBAC profiles are self-consistent 4018 # as refinements are made that add granularity to the profiles 4019 4020 print "Cleaning up old RBAC profiles... \c" 4021 auth_attr=$rootprefix/etc/security/auth_attr 4022 exec_attr=$rootprefix/etc/security/exec_attr 4023 4024 if [ -f $auth_attr ]; then 4025 sed '/^solaris\.\*/d' $auth_attr > /tmp/a.$$ 4026 cp /tmp/a.$$ $auth_attr 4027 rm -f /tmp/a.$$ 4028 fi 4029 4030 if [ -f $exec_attr ]; then 4031 sed -e '/^Network Security.*sbin\/ipsec.*/ D' \ 4032 -e '/^Network Security.*sbin\/ike.*/ D' \ 4033 -e '/^Network Security.*inet\/in\.iked.*/ D' \ 4034 -e '/^Network Security.*inet\/cert.*/ D' $exec_attr > /tmp/e.$$ 4035 cp /tmp/e.$$ $exec_attr 4036 rm -f /tmp/e.$$ 4037 fi 4038 print "\n" 4039 } 4040 4041 # Remove EOF NIS+ 4042 4043 remove_eof_nisplus() 4044 { 4045 # We don't attempt to remove packages like SUNWnisu, SUNWnisr as they contain 4046 # the binaries and libraries required for NIS and LDAP. 4047 # We do it manually. 4048 4049 print "Removing NIS+ from Solaris... \n" 4050 4051 # directories. 4052 rm -rf $usr/usr/lib/nis 4053 rm -rf $usr/usr/share/lib/locale/com/sun/dhcpmgr/client/SUNWnisplus 4054 rm -rf $root/var/nis 4055 4056 # files and symlinks. 4057 rm -f $root/etc/default/rpc.nisd 4058 rm -f $root/etc/nsswitch.nisplus 4059 rm -f $root/lib/nss_nisplus.so.1 4060 rm -f $root/lib/svc/method/nisplus 4061 rm -f $root/lib/sparcv9/nss_nisplus.so.1 4062 rm -f $root/lib/amd64/nss_nisplus.so.1 4063 rm -f $root/var/svc/profile/ns_nisplus.xml 4064 rm -f $root/var/svc/manifest/network/rpc/nisplus.xml 4065 rm -f $usr/bin/nisaddcred 4066 rm -f $usr/bin/niscat 4067 rm -f $usr/bin/nischgrp 4068 rm -f $usr/bin/nischmod 4069 rm -f $usr/bin/nischown 4070 rm -f $usr/bin/nischttl 4071 rm -f $usr/bin/nisdefaults 4072 rm -f $usr/bin/niserror 4073 rm -f $usr/bin/nisgrep 4074 rm -f $usr/bin/nisgrpadm 4075 rm -f $usr/bin/nisln 4076 rm -f $usr/bin/nisls 4077 rm -f $usr/bin/nismatch 4078 rm -f $usr/bin/nismkdir 4079 rm -f $usr/bin/nispasswd 4080 rm -f $usr/bin/nispath 4081 rm -f $usr/bin/nisprefadm 4082 rm -f $usr/bin/nisrm 4083 rm -f $usr/bin/nisrmdir 4084 rm -f $usr/bin/nistbladm 4085 rm -f $usr/bin/nistest 4086 rm -f $usr/include/rpcsvc/nis_tags.h 4087 rm -f $usr/include/rpcsvc/nis_cache.h 4088 rm -f $usr/include/rpcsvc/nis_cache.x 4089 rm -f $usr/include/rpcsvc/nispasswd.h 4090 rm -f $usr/include/rpcsvc/nispasswd.x 4091 rm -f $usr/include/rpcsvc/nis_callback.h 4092 rm -f $usr/include/rpcsvc/nis_callback.x 4093 rm -f $usr/lib/amd64/nss_nisplus.so.1 4094 rm -f $usr/lib/inet/dhcp/svc/ds_SUNWnisplus.so.0 4095 rm -f $usr/lib/inet/dhcp/svc/ds_SUNWnisplus.so.1 4096 rm -f $usr/lib/inet/dhcp/svc/ds_SUNWnisplus.so 4097 rm -f $usr/lib/nscd_nischeck 4098 rm -f $usr/lib/nss_nisplus.so.1 4099 rm -f $usr/lib/sparcv9/nss_nisplus.so.1 4100 rm -f $usr/sadm/admin/dhcpmgr/SUNWnisplus.jar 4101 rm -f $usr/sbin/nis_cachemgr 4102 rm -f $usr/sbin/nisbackup 4103 rm -f $usr/sbin/nisinit 4104 rm -f $usr/sbin/nisldapmaptest 4105 rm -f $usr/sbin/nislog 4106 rm -f $usr/sbin/nisrestore 4107 rm -f $usr/sbin/rpc.nisd 4108 rm -f $usr/sbin/rpc.nisd_resolv 4109 rm -f $usr/sbin/rpc.nispasswdd 4110 rm -f $usr/share/lib/locale/com/sun/dhcpmgr/client/SUNWnisplus/ResourceBundle.properties 4111 4112 } 4113 crypto_cleanup() 4114 { 4115 # This function will remove no longer needed cryptography 4116 # related packages. 4117 4118 print "SUNWcry, SUNWcryr, SUNWn2cpact.v removal cleanup...\n" 4119 4120 # This clean up of ipsecalgs is not directly related to the EOF 4121 # of SUNWcry and SUWNcryr, but due to mistakes in this file seen 4122 # in earlier builds. The following lines will have no effect on 4123 # most machines. 4124 4125 ipsecalgs=$rootprefix/etc/inet/ipsecalgs 4126 4127 cp $ipsecalgs ${ipsecalgs}.tmp 4128 4129 sed -e 's/_CBC|128\/32-128,8/_CBC|128\/32-448,8/' \ 4130 -e 's/AES_CBC|128|/AES_CBC|128\/128-256,64|/' \ 4131 $ipsecalgs > ${ipsecalgs}.tmp 4132 4133 mv -f ${ipsecalgs}.tmp $ipsecalgs 4134 4135 # Packages to remove. 4136 typeset -r crypt_pkgs='SUNWcry SUNWcryr SUNWn2cpact.v' 4137 typeset pkg 4138 4139 # 4140 # First, attempt to remove the packages cleanly if possible. 4141 # Use a custom "admin" file to specify that removal scripts 4142 # in the packages being removed should be run even if they 4143 # will run as root. 4144 4145 typeset -r admfile='/tmp/crypt_eof.$$' 4146 cat > $admfile <<- EOF 4147 mail= 4148 instance=overwrite 4149 partial=nocheck 4150 runlevel=nocheck 4151 idepend=nocheck 4152 rdepend=nocheck 4153 space=nocheck 4154 setuid=nocheck 4155 conflict=nocheck 4156 action=nocheck 4157 basedir=default 4158 EOF 4159 4160 printf ' Removing packages...' 4161 for pkg in $crypt_pkgs 4162 do 4163 if pkginfo $pkgroot -q $pkg; then 4164 printf ' %s' $pkg 4165 pkgrm $pkgroot -n -a $admfile $pkg >/dev/null 2>&1 4166 fi 4167 done 4168 printf '\n' 4169 4170 # SUNWcry/SUNWcryr contents go away, if pkgrm didn't take 4171 # care of them. 4172 # The userland modules, kernel modules and OpenSSL filter libs 4173 rm -f $rootprefix/usr/lib/security/pkcs11_softtoken_extra.so.1 4174 rm -f $rootprefix/usr/lib/security/pkcs11_softtoken_extra.so 4175 rm -f $rootprefix/usr/lib/security/sparcv9/pkcs11_softtoken_extra.so.1 4176 rm -f $rootprefix/usr/lib/security/sparcv9/pkcs11_softtoken_extra.so 4177 rm -f $rootprefix/usr/lib/security/amd64/pkcs11_softtoken_extra.so.1 4178 rm -f $rootprefix/usr/lib/security/amd64/pkcs11_softtoken_extra.so 4179 4180 rm -f $rootprefix/kernel/crypto/aes256 4181 rm -f $rootprefix/kernel/crypto/sparcv9/aes256 4182 rm -f $rootprefix/kernel/crypto/amd64/aes256 4183 rm -f $rootprefix/platform/SUNW,A70/kernel/crypto/sparcv9/aes256 4184 rm -f $rootprefix/platform/SUNW,Netra-CP3010/kernel/crypto/sparcv9/aes256 4185 rm -f $rootprefix/platform/SUNW,Netra-T12/kernel/crypto/sparcv9/aes256 4186 rm -f $rootprefix/platform/SUNW,Netra-T4/kernel/crypto/sparcv9/aes256 4187 rm -f $rootprefix/platform/SUNW,SPARC-Enterprise/kernel/crypto/sparcv9/aes256 4188 rm -f $rootprefix/platform/SUNW,Sun-Blade-1000/kernel/crypto/sparcv9/aes256 4189 rm -f $rootprefix/platform/SUNW,Sun-Blade-1500/kernel/crypto/sparcv9/aes256 4190 rm -f $rootprefix/platform/SUNW,Sun-Blade-2500/kernel/crypto/sparcv9/aes256 4191 rm -f $rootprefix/platform/SUNW,Sun-Fire-15000/kernel/crypto/sparcv9/aes256 4192 rm -f $rootprefix/platform/SUNW,Sun-Fire-280R/kernel/crypto/sparcv9/aes256 4193 rm -f $rootprefix/platform/SUNW,Sun-Fire-480R/kernel/crypto/sparcv9/aes256 4194 rm -f $rootprefix/platform/SUNW,Sun-Fire-880/kernel/crypto/sparcv9/aes256 4195 rm -f $rootprefix/platform/SUNW,Sun-Fire-V215/kernel/crypto/sparcv9/aes256 4196 rm -f $rootprefix/platform/SUNW,Sun-Fire-V240/kernel/crypto/sparcv9/aes256 4197 rm -f $rootprefix/platform/SUNW,Sun-Fire-V250/kernel/crypto/sparcv9/aes256 4198 rm -f $rootprefix/platform/SUNW,Sun-Fire-V440/kernel/crypto/sparcv9/aes256 4199 rm -f $rootprefix/platform/SUNW,Sun-Fire-V445/kernel/crypto/sparcv9/aes256 4200 rm -f $rootprefix/platform/SUNW,Sun-Fire/kernel/crypto/sparcv9/aes256 4201 rm -f $rootprefix/platform/sun4u-us3/kernel/crypto/sparcv9/aes256 4202 rm -f $rootprefix/kernel/crypto/arcfour2048 4203 rm -f $rootprefix/kernel/crypto/sparcv9/arcfour2048 4204 rm -f $rootprefix/kernel/crypto/amd64/arcfour2048 4205 rm -f $rootprefix/platform/sun4u/kernel/crypto/sparcv9/arcfour2048 4206 rm -f $rootprefix/kernel/crypto/blowfish448 4207 rm -f $rootprefix/kernel/crypto/sparcv9/blowfish448 4208 rm -f $rootprefix/kernel/crypto/amd64/blowfish448 4209 rm -f $rootprefix/usr/sfw/lib/libssl_extra.so.0.9.8 4210 rm -f $rootprefix/usr/sfw/lib/libcrypto_extra.so.0.9.8 4211 4212 # SUNWn2cpact.v contents go away, if pkgrm didn't take 4213 # care of them 4214 rm -f $rootprefix/platform/sun4v/kernel/drv/sparcv9/n2cp.esa 4215 4216 # Remove old limited use certificates 4217 rm -f $rootprefix/etc/crypto/certs/SUNW_SunOS_5.11_Limited 4218 rm -f $rootprefix/etc/crypto/certs/SUNWosnetCFLimited 4219 rm -f $rootprefix/etc/crypto/certs/SUNWosnetLimited 4220 4221 print "\n" 4222 } 4223 4224 # 4225 # Remove old fips-140 entry from kcf.conf if it is found 4226 # 4227 cleanup_kcf_fips140() 4228 { 4229 4230 kcfconf=$rootprefix/etc/crypto/kcf.conf 4231 kcfconftmp=/tmp/kcfconf.tmp.$$ 4232 4233 if grep '^fips-140:' $kcfconf >/dev/null ; then 4234 grep -v '^fips-140:' $kcfconf > $kcfconftmp 4235 print "Removing obsolete fips-140 entry from kcf.conf" 4236 cp $kcfconftmp $kcfconf 4237 rm -f $kcfconftmp 4238 fi 4239 } 4240 4241 # 4242 # Add metaslot configuration to pkcs11.conf if it doesn't already exist 4243 # 4244 enable_crypto_metaslot() 4245 { 4246 pkcs11conf=$rootprefix/etc/crypto/pkcs11.conf 4247 egrep '^metaslot' ${pkcs11conf} > /dev/null 2>& 1 4248 if [ $? != 0 ] ; then 4249 print "Adding cryptographic framework's meta slot feature" 4250 cp $pkcs11conf ${pkcs11conf}.tmp 4251 export metaslot_config=\ 4252 "metaslot:metaslot_status=enabled;metaslot_auto_key_migrate=enabled;"\ 4253 "metaslot_token=Sun Software PKCS#11 softtoken;"\ 4254 "metaslot_slot=Sun Crypto Softtoken" 4255 nawk '/^# End SUNWcsr/ \ 4256 { print ENVIRON["metaslot_config"] } \ 4257 { print } \ 4258 ' ${pkcs11conf} > ${pkcs11conf}.tmp 4259 mv -f ${pkcs11conf}.tmp $pkcs11conf 4260 print "\n" 4261 fi 4262 } 4263 4264 cleanup_kerberos_mechanisms() 4265 { 4266 # 4267 # This checks to see if the old 'gl' and 'do' directories 4268 # for the Kerberos GSS-API mechanisms can be deleted. 4269 # If the mechanism exists in /usr/lib/gss, then the old 4270 # subdirs may be deleted. 4271 # 4272 print "Cleaning up old Kerberos GSS-API mechanisms...\c" 4273 4274 kerneldir=kernel/misc/kgss 4275 kerneldir_sparc=kernel/misc/kgss/sparcv9 4276 4277 newmech=no; 4278 if [ -f $usr/lib/gss/mech_krb5.so.1 ]; then 4279 # 4280 # There is a mech in the "new" location, so 4281 # the old stuff can be deleted. 4282 # 4283 if [ -d $usr/lib/gss/gl ]; then 4284 rm -rf $usr/lib/gss/gl 4285 fi 4286 if [ -d $usr/lib/gss/do ]; then 4287 rm -rf $usr/lib/gss/do 4288 fi 4289 newmech=yes; 4290 fi 4291 if [ -f $usr/lib/sparcv9/gss/mech_krb5.so.1 ]; then 4292 if [ -d $usr/lib/sparcv9/gss/gl ]; then 4293 rm -rf $usr/lib/sparcv9/gss/gl 4294 fi 4295 if [ -d $usr/lib/sparcv9/gss/do ]; then 4296 rm -rf $usr/lib/sparcv9/gss/do 4297 fi 4298 fi 4299 # 4300 # Cleanup kernel mechanisms from default location 4301 # 4302 if [ -f $rootprefix/$kerneldir/kmech_krb5 ]; then 4303 if [ -f $rootprefix/$kerneldir/gl_kmech_krb5 ]; then 4304 rm -f $rootprefix/$kerneldir/gl_kmech_krb5 4305 fi 4306 if [ -f $rootprefix/$kerneldir/do_kmech_krb5 ]; then 4307 rm -f $rootprefix/$kerneldir/do_kmech_krb5 4308 fi 4309 fi 4310 # 4311 # For SPARC, cleanup from 2 locations. 4312 # 4313 # 1. /kernel/misc/kgss/sparcv9 4314 # 4315 if [ -f $rootprefix/$kerneldir_sparc/kmech_krb5 ]; then 4316 if [ -f $rootprefix/$kerneldir_sparc/gl_kmech_krb5 ]; then 4317 rm -f $rootprefix/$kerneldir_sparc/gl_kmech_krb5 4318 fi 4319 if [ -f $rootprefix/$kerneldir_sparc/do_kmech_krb5 ]; then 4320 rm -f $rootprefix/$kerneldir_sparc/do_kmech_krb5 4321 fi 4322 fi 4323 # 4324 # 2. /platform/sun4u/kernel/misc/kgss/sparcv9 4325 # 4326 kerneldir_sparc=platform/$karch/$kerneldir_sparc 4327 if [ -f $rootprefix/$kerneldir_sparc/kmech_krb5 ]; then 4328 if [ -f $rootprefix/$kerneldir_sparc/gl_kmech_krb5 ]; then 4329 rm -f $rootprefix/$kerneldir_sparc/gl_kmech_krb5 4330 fi 4331 if [ -f $rootprefix/$kerneldir_sparc/do_kmech_krb5 ]; then 4332 rm -f $rootprefix/$kerneldir_sparc/do_kmech_krb5 4333 fi 4334 fi 4335 # 4336 # Make sure the GSS mechanism configuration file is correct 4337 # 4338 if [ "$newmech" = "yes" ]; then 4339 gssmechconf=$rootprefix/etc/gss/mech 4340 4341 sed -e 's/gl\/mech_krb5\.so/mech_krb5\.so/' \ 4342 -e 's/do\/mech_krb5\.so/mech_krb5\.so/' \ 4343 -e 's/gl_kmech_krb5/kmech_krb5/' \ 4344 -e 's/do_kmech_krb5/kmech_krb5/'\ 4345 $gssmechconf > ${gssmechconf}.tmp 4346 4347 if [ $? -eq 0 ]; then 4348 mv -f ${gssmechconf}.tmp $gssmechconf 4349 else 4350 echo "WARNING: update of $gssmechconf failed." 4351 return 1 4352 fi 4353 fi 4354 print "\n" 4355 } 4356 4357 mpxiodisableno='^[ ]*mpxio-disable[ ]*=[ ]*"no"[ ]*;' 4358 mpxiodisableyes='^[ ]*mpxio-disable[ ]*=[ ]*"yes"[ ]*;' 4359 4360 fix_up_perms() 4361 { 4362 # 4363 # fix up audit permissions 4364 # 4365 chmod 644 $root/etc/security/audit_control 4366 chmod 644 $root/etc/security/audit_user 4367 4368 # 4369 # fix up /etc/inet config file permissions 4370 # 4371 INETFILES="hosts networks netmasks protocols services \ 4372 inetd.conf ipaddrsel.conf sock2path ipsecalgs" 4373 for file in ${INETFILES}; do 4374 chmod 644 $root/etc/inet/$file 4375 done 4376 } 4377 4378 # 4379 # disable mpxio on fp(7D) ports using fp.conf 4380 # 4381 disable_mpxio_using_fpconf() 4382 { 4383 conffile=$rootprefix/kernel/drv/fp.conf 4384 test -f $conffile || return 4385 egrep -s "$mpxiodisableyes" $conffile && return 4386 4387 print "To preserve device names, disabled mpxio on fp(7D) ports by" 4388 4389 if egrep -s "$mpxiodisableno" $conffile; then 4390 tmpfile=/tmp/fp.conf.$$ 4391 sed "s/$mpxiodisableno/mpxio-disable=\"yes\";/" $conffile \ 4392 > $tmpfile 4393 cp $tmpfile $conffile 4394 rm -f $tmpfile 4395 print "changing the value of mpxio-disable to \"yes\" in" \ 4396 "$conffile" 4397 else 4398 echo 'mpxio-disable="yes";' >> $conffile 4399 print "adding mpxio-disable=\"yes\" entry to $conffile" 4400 fi 4401 } 4402 4403 # 4404 # enable mpxio in scsi_vhci 4405 # 4406 enable_mpxio_using_scsivhciconf() 4407 { 4408 # 4409 # depending on whether the bfu restored the child's or parent's version 4410 # of scsi_vhci.conf file, we may already have the file with the change 4411 # we need in place. So make the change only if necessary. 4412 # 4413 4414 conffile=$rootprefix/kernel/drv/scsi_vhci.conf 4415 egrep -s "$mpxiodisableno" $conffile && return 4416 4417 print "To preserve device names, restored your current mpxio" \ 4418 "configuration by" 4419 4420 if egrep -s "$mpxiodisableyes" $conffile; then 4421 tmpfile=/tmp/scsi_vhci.conf.$$ 4422 sed "s/$mpxiodisableyes/mpxio-disable=\"no\";/" $conffile \ 4423 > $tmpfile 4424 cp $tmpfile $conffile 4425 rm -f $tmpfile 4426 print "changing the value of mpxio-disable to \"no\" in" \ 4427 "$conffile" 4428 else 4429 echo 'mpxio-disable="no";' >> $conffile 4430 print "adding mpxio-disable=\"no\" entry to $conffile" 4431 fi 4432 } 4433 4434 # 4435 # restore the pre-bfu MPxIO on/off setting to the post-bfued configuration 4436 # 4437 fixup_mpxio() 4438 { 4439 conffile=$rootprefix/kernel/drv/scsi_vhci.conf 4440 parentconffile=$rootprefix/bfu.parent/kernel/drv/scsi_vhci.conf 4441 childconffile=$rootprefix/bfu.child/kernel/drv/scsi_vhci.conf 4442 ancestorconffile=$rootprefix/bfu.ancestor/kernel/drv/scsi_vhci.conf 4443 4444 # if scsi_vhci.conf doesn't exist return 4445 test -f $conffile || return 4446 4447 # 4448 # Determine the mpxio setting in the child. If the system was bfued 4449 # before and running with mpxio on by deafult bits, can't rely on the 4450 # mpxio-disable entry in the child's scsi_vhci.conf file as it may 4451 # contain stale left over entries. 4452 # 4453 mpxio_child=1 4454 if [ -f $ancestorconffile ]; then 4455 if egrep -s "$mpxiodisableyes" $ancestorconffile; then 4456 # 4457 # prior to the bfu the system was running with 4458 # mpxio off by default bits. 4459 # 4460 mpxio_child=0 4461 egrep -s "$mpxiodisableno" $childconffile && \ 4462 mpxio_child=1 4463 fi 4464 else 4465 egrep -s "$mpxiodisableyes" $childconffile && mpxio_child=0 4466 fi 4467 4468 if egrep -s "$mpxiodisableyes" $parentconffile; then 4469 # these bits require explicit enabling of mpxio at in scsi_vhci 4470 if [ $mpxio_child -eq 1 ]; then 4471 egrep -s "$mpxiodisableyes" \ 4472 $rootprefix/kernel/drv/fp.conf || \ 4473 enable_mpxio_using_scsivhciconf 4474 fi 4475 else 4476 # 4477 # these bits have mpxio enabled by default in scsi_vhci. 4478 # if mpxio is disabled in the child, disable mpxio on all 4479 # fp(7D) ports using fp.conf. 4480 # 4481 [ $mpxio_child -eq 0 ] && disable_mpxio_using_fpconf 4482 fi 4483 } 4484 4485 fixup_isa_bfu() 4486 { 4487 aliasfile=$rootprefix/etc/driver_aliases 4488 parentalias=$rootprefix/bfu.parent/etc/driver_aliases 4489 pathtoinst=$rootprefix/etc/path_to_inst 4490 tmppath=/tmp/path_to_inst 4491 isaalias="pciclass,060100" 4492 4493 if [ $target_isa != i386 ]; then 4494 return; 4495 fi 4496 egrep -s "\"\/isa[\"\/]" $pathtoinst && child_pseudo_isa=1 4497 egrep -s "\"$isaalias\"" $parentalias || parent_pseudo_isa=1 4498 if [ "$child_pseudo_isa" != "$parent_pseudo_isa" ]; then 4499 sed -e '/\/isa[\"\/@]/d' <$pathtoinst >$tmppath 4500 mv $tmppath $pathtoinst 4501 fi 4502 4503 # bfu forwards, just return 4504 [[ "$parent_pseudo_isa" != 1 ]] && return 4505 4506 # remove the pciclass,060100 entry for isa when going backwards 4507 egrep -s "\"$isaalias\"" $aliasfile || return 4508 /tmp/bfubin/update_drv -b $root -d -i "$isaalias" isa >/dev/null 2>&1 4509 } 4510 4511 # 4512 # Check to see if root in $1 has a mounted boot, and that 4513 # it's mounted at the right place for bfu to handle it. 4514 # 4515 # Returns 0 (true) if bfu can handle the upgrade; fails if not 4516 # 4517 4518 boot_is_upgradeable() 4519 { 4520 ROOT=$1 4521 if [ "$ROOT" = "/" ] ; then ROOT=""; fi 4522 4523 BOOTPARTDEV="$(grep -s -v '^#' ${ROOT}/etc/vfstab | \ 4524 grep "[ ]/boot[ ]*pcfs[ ]" | \ 4525 awk '{print $1}')" 4526 4527 # find out if, and where, boot is mounted 4528 4529 if [ -n "$BOOTPARTDEV" ] ; then 4530 if [ -n "$ROOT" ] ; then 4531 4532 BOOTMNT=$(mount | grep "$BOOTPARTDEV" | \ 4533 awk '{print $1}') 4534 else 4535 BOOTMNT="/boot" 4536 fi 4537 if [ "$BOOTMNT" != ${ROOT}/boot ] ; then 4538 cat << BOOTMOUNTERR 4539 4540 ${ROOT} refers to an x86 boot partition, but it's not mounted 4541 at ${ROOT}/boot. 4542 4543 BOOTMOUNTERR 4544 fail "Mount ${ROOT}s bootpart at ${ROOT}/boot.\n\n" 4545 fi 4546 fi 4547 4548 return 0 4549 } 4550 4551 # update the realmode boot programs at $1 (root) 4552 # from classic boot psm/stand/bootblks/ufs/i386/installboot.sh 4553 4554 install_boot_i386() 4555 { 4556 PBOOT=$1 4557 BOOTBLK=$2 4558 DEVICE=$3 4559 if [ ! -f $PBOOT ]; then 4560 echo "$PBOOT: File not found" 4561 return 1 4562 fi 4563 if [ ! -f $BOOTBLK ]; then 4564 echo "$BOOTBLK: File not found" 4565 return 1 4566 fi 4567 if [ ! -c $DEVICE ]; then 4568 echo "$DEVICE: Not a character device" 4569 return 1 4570 fi 4571 if [ ! -w $DEVICE ]; then 4572 echo "$DEVICE: Not writeable" 4573 return 1 4574 fi 4575 4576 # pboot at block 0, label at blocks 1 and 2, bootblk from block 3 on 4577 dd if=$PBOOT of=$DEVICE bs=1b count=1 conv=sync >/dev/null 2>&1 4578 4579 dd if=$BOOTBLK of=$DEVICE bs=1b oseek=3 conv=sync >/dev/null 2>&1 4580 4581 return 0 4582 } 4583 4584 update_realmode_booters() 4585 { 4586 ROOT=$1 4587 4588 TMPDIR=/tmp/rmupdate.$$ 4589 trap "rm -rf $TMPDIR" EXIT 4590 4591 # go get new versions of boot files into TMPDIR 4592 4593 OLD_PWD=$(pwd) 4594 mkdir $TMPDIR 4595 cd $TMPDIR 4596 4597 # i86pc.boot archive 4598 REQFILES="boot/mdboot boot/strap.com" 4599 $ZCAT $cpiodir/i86pc.boot$ZFIX | cpio -id $REQFILES 2>/dev/null 4600 mv $REQFILES $TMPDIR 4601 4602 # i86pc.usr archive 4603 REQFILES="usr/platform/i86pc/lib/fs/ufs/pboot" 4604 REQFILES="$REQFILES usr/platform/i86pc/lib/fs/ufs/bootblk" 4605 $ZCAT $cpiodir/i86pc.usr$ZFIX | cpio -id $REQFILES 2>/dev/null 4606 mv $REQFILES $TMPDIR 4607 4608 cd $OLD_PWD 4609 4610 grep -s -v '^#' ${ROOT}/etc/vfstab | \ 4611 grep "[ ]/boot[ ]*pcfs[ ]" >/dev/null 4612 4613 if [ $? -eq 0 ] ; then 4614 echo 'Updating /boot on x86 boot partition.' 4615 4616 REQFILES="mdboot strap.com" 4617 for f in ${REQFILES}; do 4618 if [ ! -f ${TMPDIR}/$f ]; then 4619 fail "Missing $f, aborting." 4620 fi 4621 done 4622 4623 MDBOOT=${TMPDIR}/mdboot 4624 STRAP=${TMPDIR}/strap.com 4625 4626 LUBIN=/usr/lib/lu 4627 TMP_FDFILE1=${TMPDIR}/fdfile1.$$ 4628 LOGFILE=${TMPDIR}/mkfs.log.$$ 4629 DDCOPY=${TMPDIR}/.dd_x86_boot_copy 4630 4631 DISKID="$(grep -s -v '^#' ${ROOT}/etc/vfstab | \ 4632 grep "[ ]/boot[ ]*pcfs[ ]" |\ 4633 awk '{print $1}' | sed -e 's:p0\:boot::g')" 4634 4635 DISKID="$(basename ${DISKID})" 4636 4637 # Obtain the disk table; it will look something like the following: 4638 # 4639 # * Id Act Bhead Bsect Bcyl Ehead Esect Ecyl Rsect Numsect 4640 # 130 128 27 28 0 242 9 553 1728 8897472 4641 # 4642 # Delete all blank lines, and all lines that begin with *, 4643 # leaving only actual fdisk entries that we can scan 4644 # looking for the X86BOOT partition 4645 4646 fdisk -W - /dev/rdsk/${DISKID}p0 | \ 4647 grep -v '^*' | grep -v '^$' > ${TMP_FDFILE1} 4648 4649 num=1 4650 4651 while read id act bhead bcyl ehead ecyl rsect numsect 4652 do 4653 # Ignore entry if not X86 /boot partition 4654 # ID '190' is the X86BOOT partition (see man fdisk(1M)) 4655 4656 if [ $id -ne "190" ] ; then 4657 num=$(expr $num + 1) 4658 continue 4659 fi 4660 4661 # Found X86 boot partition - save contents to $DDCOPY 4662 BOOTPART=/dev/rdsk/${DISKID}p${num} 4663 echo "Boot device is <${BOOTPART}>" 4664 4665 ERRMSG="$(dd if=${BOOTPART} of=${DDCOPY} 2>&1)" 4666 if [ $? -ne 0 ] ; then 4667 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4668 fail "Unable to save copy of <${BOOTPART}>." 4669 fi 4670 4671 # mount copy of old /boot partition 4672 LOBOOTDEV=$(lofiadm -a ${DDCOPY} 2>&1) 4673 if [ $? -ne 0 ] ; then 4674 [ -n "${LOBOOTDEV}" ] && echo "${LOBOOTDEV}" 4675 fail "Unable to make lo-device <${DDCOPY}>" 4676 fi 4677 SOURCE_BOOT_DEV="${TMPDIR}/tmpbootdev.$$" 4678 mkdir ${SOURCE_BOOT_DEV} 4679 ERRMSG=$(mount -F pcfs ${LOBOOTDEV} \ 4680 ${SOURCE_BOOT_DEV}) 4681 if [ $? -ne 0 ] ; then 4682 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4683 fail "Unable to mount lo-device <${LOBOOTDEV}>." 4684 fi 4685 4686 # recreate existing boot partition with updated 4687 # boot files 4688 4689 # umount ${ROOT}'s /boot if mounted 4690 4691 BOOTMOUNTPT=$(mount | grep ${DISKID}p0:boot 2>&1 | \ 4692 awk '{print $1;}') 4693 4694 if [ -n "${BOOTMOUNTPT}" ] ; then 4695 echo "unmounting /dev/dsk/${DISKID}p0:boot" 4696 ERRMSG=$(umount \ 4697 /dev/dsk/${DISKID}p0:boot 2>&1) 4698 if [ $? -ne 0 ] ; then 4699 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4700 fail "Unable to umount X86 boot device." 4701 fi 4702 fi 4703 4704 echo "Making new pcfs file system on ${DISKID}" 4705 4706 echo y | /usr/lib/fs/pcfs/mkfs -F pcfs \ 4707 -o S,s,B=$MDBOOT,b=BOOT,i=$STRAP \ 4708 /dev/rdsk/${DISKID}p0:boot >> ${LOGFILE} 2>&1 4709 if [ $? -ne 0 ] ; then 4710 echo "Unable to make pcfs:" 4711 cat ${LOGFILE} 4712 fail "" 4713 fi 4714 4715 echo "Copying x86 boot partition contents back\c" 4716 echo " to new /boot fs." 4717 4718 OLD_PWD=$(pwd) 4719 4720 echo "Remounting freshened /boot partition" 4721 4722 if [ -z "${BOOTMOUNTPT}" ] ; then 4723 # boot ptn wasn't mounted 4724 BOOTMOUNT="/tmp/bootpart" 4725 mkdir ${BOOTMOUNT} 4726 else 4727 BOOTMOUNT=${BOOTMOUNTPT} 4728 fi 4729 4730 ERRMSG=$(mount -F pcfs \ 4731 /dev/dsk/${DISKID}p0:boot ${BOOTMOUNT} 2>&1) 4732 4733 if [ $? -ne 0 ] ; then 4734 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4735 fail "Unable to mount X86 boot device." 4736 fi 4737 4738 # copy old /boot contents 4739 cd ${SOURCE_BOOT_DEV} 4740 find . -mount \! -type s -print | \ 4741 cpio -pcdum ${BOOTMOUNT} 2>&1 | \ 4742 ${LUBIN}/lustripcpioerr 4743 4744 if [ $? -ne 0 ] ; then 4745 fail "Unable to copy boot partition contents." 4746 fi 4747 4748 cd ${OLD_PWD} 4749 4750 # unmount and rm our boot mount, if we created it 4751 if [ -z "${BOOTMOUNTPT}" ] ; then 4752 ERRMSG=$(umount ${BOOTMOUNT} 2>&1) 4753 if [ $? -ne 0 ] ; then 4754 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4755 fail "Unable to umount <$BOOTMOUNT>." 4756 fi 4757 rm -rf ${BOOTMOUNT} 4758 fi 4759 4760 # unmount, un-lofi, and rm SOURCE_BOOT_DEV 4761 4762 ERRMSG=$(umount ${SOURCE_BOOT_DEV} 2>&1) 4763 if [ $? -ne 0 ] ; then 4764 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4765 fail "Cannot umount lo-device <${LOBOOTDEV}>." 4766 fi 4767 4768 ERRMSG=$(lofiadm -d ${DDCOPY} 2>&1) 4769 if [ $? -ne 0 ] ; then 4770 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 4771 fail "Cannot remove lo-device <${LOBOOTDEV}>." 4772 fi 4773 4774 rm -rf ${SOURCE_BOOT_DEV} 4775 4776 done < ${TMP_FDFILE1} 4777 rm ${TMP_FDFILE1} ${LOGFILE} ${DDCOPY} 4778 4779 else 4780 4781 # non boot-partition: use installboot to get pboot and bootblk 4782 echo "Updating /boot on Solaris partition." 4783 4784 if [ -z "${ROOT}" ] ; then SEARCH="/"; else SEARCH="${ROOT}"; fi 4785 4786 ROOTRAWDEV=$(mount | grep "^${SEARCH} on " | \ 4787 awk '{print $3}' | sed 's;/dsk;/rdsk;') 4788 4789 if [ -z "${ROOTRAWDEV}" ] ; then 4790 [ -n "${ROOTRAWDEV}" && echo "${ROOTRAWDEV}" ] 4791 fail "${SEARCH} must be a mounted filesystem" 4792 fi 4793 4794 echo "Updating Solaris partition ${ROOTRAWDEV} with installboot" 4795 REQFILES="pboot bootblk" 4796 for f in ${REQFILES}; do 4797 if [ ! -f ${TMPDIR}/$f ]; then 4798 fail "Missing $f, aborting." 4799 fi 4800 done 4801 PBOOT=${TMPDIR}/pboot 4802 BOOTBLK=${TMPDIR}/bootblk 4803 install_boot_i386 $PBOOT $BOOTBLK ${ROOTRAWDEV} 4804 if [ $? -ne 0 ] ; then 4805 fail "Unable to installboot to <${ROOTRAWDEV}>." 4806 fi 4807 fi 4808 } 4809 4810 # 4811 print "Verifying archives ..." 4812 4813 for a in generic $allarchs $rootarchs 4814 do 4815 test -r $cpiodir/$a.root$ZFIX || 4816 fail "bfu archive $cpiodir/$a.root$ZFIX missing" 4817 done 4818 4819 if [ ! -r $cpiodir/generic.lib$ZFIX -o ! -r $cpiodir/generic.kernel$ZFIX -o \ 4820 ! -r $cpiodir/generic.sbin$ZFIX ]; then 4821 old_style_archives="true" 4822 $ZCAT $cpiodir/generic.root$ZFIX | cpio -it 2>/dev/null | \ 4823 egrep -s '^etc/zones' && \ 4824 fail "bfu archive $cpiodir/generic.{kernel,lib,sbin}$ZFIX" \ 4825 "missing;\npossible mkbfu version mismatch: pre-zones" \ 4826 "style archives with zones files." 4827 fi 4828 4829 for a in generic $allarchs $usrarchs 4830 do 4831 test -r $cpiodir/$a.usr$ZFIX || 4832 fail "bfu archive $cpiodir/$a.usr$ZFIX missing" 4833 done 4834 4835 for root in $rootlist 4836 do 4837 cd $root || fail "Cannot cd $root" 4838 prologue=${root%/}/bfu.prologue 4839 if [ -f $prologue ]; then 4840 print "Executing $prologue" 4841 $prologue || fail "$prologue failed with code $?" 4842 fi 4843 done 4844 4845 print "Performing basic sanity checks ..." 4846 4847 for dir in $usr $rootlist 4848 do 4849 test -d $dir || fail "$dir does not exist" 4850 test -w $dir || fail "$dir is not writable" 4851 cd $dir || fail "Cannot cd $dir" 4852 done 4853 4854 RM_32BIT_KERNEL=0; 4855 if [ "$karch" = "sun4u" ] && 4856 ($ZCAT $cpiodir/sun4u.root$ZFIX | cpio -itv 2>&1 | 4857 grep "^l.*platform/sun4u/kernel/unix -> sparcv9/unix$" > /dev/null); 4858 then 4859 RM_32BIT_KERNEL=1; 4860 if [ "$force_override" = "no" ] && 4861 (prtconf -F 2>&1 | egrep '(cgthree|bwtwo)' > /dev/null); 4862 then 4863 print "\n\nERROR: You are upgrading to a 64-bit-only OS. " \ 4864 "Your frame buffer does not have a 64-bit driver and " \ 4865 "will not work after reboot. To proceed you must run " \ 4866 "bfu with the -f flag."; 4867 exit; 4868 fi; 4869 fi; 4870 4871 if [ $plat = "SUNW,Ultra-1" ] && [ ! -f $cpiodir/SUNW,Ultra-1.root$ZFIX ] && 4872 [ "$force_override" = "no" ]; 4873 then 4874 print "\nERROR: These archives do not have Ultra-1 platform support." \ 4875 "\nProceeding with this BFU may render this machine unbootable." \ 4876 "\nTo proceed anyway, you must run bfu with the -f flag.\n"; 4877 exit; 4878 fi; 4879 4880 for root in $rootlist 4881 do 4882 rootprefix=${root%/} 4883 smf_check_repository 4884 done 4885 4886 MINIMUM_OS_REV=10 4887 4888 # 4889 # Perform additional sanity checks if we are upgrading the live system. 4890 # 4891 if [ "$rootlist" = "/" ] 4892 then 4893 # 4894 # Disallow from older releases 4895 # 4896 os_rev=`uname -r | sed -e s/5.//` 4897 if [ $os_rev -lt $MINIMUM_OS_REV -a "$force_override" = "no" ]; then 4898 fail "Cannot bfu from pre-Solaris $MINIMUM_OS_REV" 4899 fi 4900 if [ ! -x /usr/sbin/svcadm ]; then 4901 fail "This version of bfu cannot run on pre-Greenline " \ 4902 "(s10_64) systems" 4903 fi 4904 4905 # 4906 # Filesystem space checks 4907 # 4908 set $root 4 $usr 6 4909 while [ $# -gt 0 ] 4910 do 4911 test "`df -b $1 | tail -1 | nawk '{ print $2 }'`" -ge ${2}000 || 4912 fail "Less than $2 MB free on $1 -- bfu not safe." 4913 shift 2 4914 done 4915 # 4916 # Disable kernel module unloading 4917 # 4918 print "Disabling kernel module unloading ... \c" 4919 test -x /usr/bin/adb || fail "/usr/bin/adb not found: bfu not safe." 4920 echo "moddebug/W20000" | adb -kw /dev/ksyms /dev/mem | grep moddebug 4921 # 4922 # Load modules and drivers here not to reload them when you access 4923 # /devices or its subdirectories later. 4924 # 4925 nawk '$1 !~ /^#|^$/ {print $1}' /etc/name_to_major | \ 4926 sed -e 's/#.*$//' | while read driver 4927 do 4928 modload -p drv/${driver} >/dev/null 2>&1 4929 done 4930 ls $cpiodir >>/dev/null # loads elfexec and networking 4931 4932 # exec/intpexec and sys/kaio are needed by lofi 4933 modload -p exec/intpexec >/dev/null 2>&1 4934 modload -p sys/kaio >/dev/null 2>&1 4935 4936 # umount /lib/libc.so.1 if necessary 4937 if [ -n "`mount | grep '^/lib/libc.so.1'`" ] 4938 then 4939 print "Unmounting /lib/libc.so.1 ..." 4940 umount /lib/libc.so.1 4941 fi 4942 4943 PLAT=`/usr/bin/uname -i` 4944 ARCH=`/usr/bin/uname -m` 4945 # umount /platform/$PLAT/lib/libc_psr.so.1 if necessary 4946 if [ -n "`mount | grep "^/platform/$PLAT/lib/libc_psr.so.1"`" ] 4947 then 4948 print "Unmounting /platform/$PLAT/lib/libc_psr.so.1 ..." 4949 umount /platform/$PLAT/lib/libc_psr.so.1 4950 else 4951 # umount /platform/$ARCH/lib/libc_psr.so.1 if necessary 4952 if [ -n "`mount | grep "^/platform/$ARCH/lib/libc_psr.so.1"`" ] 4953 then 4954 print "Unmounting /platform/$ARCH/lib/libc_psr.so.1 ..." 4955 umount /platform/$ARCH/lib/libc_psr.so.1 4956 fi 4957 fi 4958 4959 # umount /platform/$PLAT/lib/sparcv9/libc_psr.so.1 if necessary 4960 if [ -n "`mount | grep "^/platform/$PLAT/lib/sparcv9/libc_psr.so.1"`" ] 4961 then 4962 print "Unmounting /platform/$PLAT/lib/sparcv9/libc_psr.so.1 ..." 4963 umount /platform/$PLAT/lib/sparcv9/libc_psr.so.1 4964 else 4965 # umount /platform/$ARCH/lib/sparcv9/libc_psr.so.1 if necessary 4966 if [ -n "`mount | grep \ 4967 "^/platform/$ARCH/lib/sparcv9/libc_psr.so.1"`" ] 4968 then 4969 print "Unmounting \c" 4970 print "/platform/$ARCH/lib/sparcv9/libc_psr.so.1 ..." 4971 umount /platform/$ARCH/lib/sparcv9/libc_psr.so.1 4972 fi 4973 fi 4974 4975 # umount /platform/sun4u-us3/lib/libc_psr.so.1 if necessary 4976 if [ -n "`mount | grep '^/platform/sun4u-us3/lib/libc_psr.so.1'`" ] 4977 then 4978 print "Unmounting /platform/sun4u-us3/lib/libc_psr.so.1 ..." 4979 umount /platform/sun4u-us3/lib/libc_psr.so.1 4980 fi 4981 4982 # umount /platform/sun4u-us3/lib/sparcv9/libc_psr.so.1 if necessary 4983 if [ -n "`mount | grep '^/platform/sun4u-us3/lib/sparcv9/libc_psr.so.1'`" ] 4984 then 4985 print "Unmounting /platform/sun4u-us3/lib/sparcv9/libc_psr.so.1 ..." 4986 umount /platform/sun4u-us3/lib/sparcv9/libc_psr.so.1 4987 fi 4988 4989 # 4990 # The libpiclsbl.so.1 library has been moved from 4991 # /usr/platform/SUNW,Sun-Fire-T200/lib/... to 4992 # /usr/platform/sun4v/lib/... . Other sun4v platforms create 4993 # symbolic link to T200's libpiclsbl.so.1. Therefore check 4994 # if library is present in T200's directory and then remove 4995 # it and the symbolic links. 4996 if [ -a \ 4997 $usr/platform/SUNW,Sun-Fire-T200/lib/picl/plugins/libpiclsbl.so.1 ] 4998 then 4999 print "Removing libpiclsbl.so library ..." 5000 find $usr/platform -name libpiclsbl\* -exec rm {} \; 5001 fi 5002 5003 if [ -x /usr/sbin/zoneadm ]; then 5004 # 5005 # Stop any running zones: the init script will print a 5006 # message if needed. 5007 # 5008 if [ -x /etc/init.d/zones ]; then 5009 /etc/init.d/zones stop 5010 elif [ -x /lib/svc/method/svc-zones ]; then 5011 # 5012 # We need all zones to be down before proceeding. 5013 # We can't accomplish this by just disabling the 5014 # zones service, since it might already be disabled. 5015 # So we pretend to be SMF, and invoke the stop method. 5016 # 5017 # When zones are someday independently managed as 5018 # service instances, this will need to be revised. 5019 # 5020 export SMF_FMRI="svc:/system/zones:default" 5021 /lib/svc/method/svc-zones stop 5022 unset SMF_FMRI 5023 fi 5024 5025 [ -z `zoneadm list | grep -v global` ] || \ 5026 fail "zone(s) failed to halt" 5027 # 5028 # Determine the installed zones, which we will want to do 5029 # after we're done with the global zone. This is done now 5030 # rather than later in case bfu'ing the global zone causes 5031 # the zone configuration to become unreadable (e.g., via a 5032 # DTD flag day). 5033 # 5034 bfu_zone_list=$root/.bfu_zone_list 5035 rm -f $bfu_zone_list 5036 5037 zoneadm list -pi | nawk -F: '{ 5038 if ($3 == "installed" && 5039 ($6 == "native" || $6 == "" || $6 == "sn1")) { 5040 printf "%s %s\n", $2, $4 5041 } 5042 }' > $bfu_zone_list 5043 fi 5044 5045 # 5046 # save vlans associated with zones to be upgraded 5047 # to the new dladm based format 5048 # 5049 flowadm_status="old" 5050 if [[ ! -f $root/sbin/flowadm ]] && \ 5051 archive_file_exists generic.sbin "sbin/flowadm"; then 5052 flowadm_status="new" 5053 5054 for iftype in hostname hostname6 dhcp 5055 do 5056 interface_names="`echo /etc/$iftype.*[0-9] 2>/dev/null`" 5057 if [ "$interface_names" != "/etc/iftype.*[0-9]" ]; then 5058 ORIGIFS="$IFS" 5059 IFS="$IFS." 5060 set -- $interface_names 5061 IFS="$ORIGIFS" 5062 while [ $# -ge 2 ]; do 5063 shift 5064 if [ $# -gt 1 -a \ 5065 "$2" != "/etc/$iftype" ]; then 5066 while [ $# -gt 1 -a \ 5067 "$1" != "/etc/$iftype" ]; do 5068 shift 5069 done 5070 else 5071 host_ifs="$host_ifs $1" 5072 shift 5073 fi 5074 done 5075 fi 5076 done 5077 5078 zones=`zoneadm list -c | grep -v global` 5079 for zone in $zones 5080 do 5081 zonecfg -z $zone info ip-type | grep exclusive \ 5082 >/dev/null 5083 if [ $? -eq 0 ]; then 5084 zif=`zonecfg -z $zone info net | \ 5085 grep physical | nawk '{print $2}'` 5086 zone_ifs="$zone_ifs $zif" 5087 fi 5088 done 5089 fi 5090 # 5091 # Stop sendmail so that mail doesn't bounce during the interval 5092 # where /etc/mail/aliases is (effectively) empty. 5093 # 5094 # (note that unlike other services here, /etc/init.d/sendmail 5095 # remains post-smf(5) because it is a public interface.) 5096 # 5097 if [ -r /etc/svc/volatile/repository_door ]; then 5098 print "Disabling sendmail temporarily ..." 5099 svcadm disable -t network/smtp 5100 else 5101 print "Killing sendmail ..." 5102 /etc/init.d/sendmail stop 5103 fi 5104 5105 print "Disabling remote logins ..." 5106 echo "bfu in progress -- remote logins disabled" >/etc/nologin 5107 5108 # 5109 # Stop syslogd so it doesn't interfere with saving preserved files. 5110 # 5111 if [ -f /etc/init.d/syslog ]; then 5112 print "Killing syslogd ..." 5113 /etc/init.d/syslog stop 5114 elif [ -r /etc/svc/volatile/repository_door ]; then 5115 print "Disabling syslog temporarily ..." 5116 svcadm disable -t system/system-log 5117 fi 5118 5119 # 5120 # Stop apache so it doesn't get upset when the entire world changes 5121 # out from underneath it. 5122 # 5123 if [ -f /etc/init.d/apache ]; then 5124 print "Killing httpd ..." 5125 /etc/init.d/apache stop 5126 elif [ -r /etc/svc/volatile/repository_door ]; then 5127 print "Disabling httpd temporarily ..." 5128 svcadm disable -t network/http 5129 fi 5130 5131 # 5132 # Kill off fmd so it doesn't get upset when the entire world changes 5133 # out from underneath it. 5134 # 5135 if [ -f /etc/init.d/savecore ]; then 5136 print "Killing fmd ..." 5137 pkill -x fmd 5138 elif [ -r /etc/svc/volatile/repository_door ]; then 5139 print "Disabling fmd temporarily ..." 5140 svcadm disable -t system/fmd 5141 fi 5142 5143 # 5144 # Stop nscd so it doesn't interfere with stuff. 5145 # 5146 if [ -x /etc/init.d/nscd ]; then 5147 print "Killing nscd ..." 5148 /etc/init.d/nscd stop 5149 elif [ -r /etc/svc/volatile/repository_door ]; then 5150 print "Disabling nscd temporarily ..." 5151 svcadm disable -t system/name-service-cache:default 5152 fi 5153 5154 if grep -v "^#" $rootprefix/etc/vfstab | grep boot | \ 5155 grep "[ ]pcfs[ ]" >/dev/null 2>&1 5156 then 5157 boot_is_pcfs=yes 5158 fi 5159 5160 smf_new_profiles 5161 5162 else 5163 # 5164 # Check ${root}/etc/motd for SunOS value to get `uname -r` 5165 # 5166 os_rev=`head -1 ${root}/etc/motd | sed -e 's/^.*SunOS //' | \ 5167 awk '{print $1}' | sed -e s/5.//` 5168 if [ $os_rev -lt $MINIMUM_OS_REV -a "$force_override" = "no" ]; then 5169 fail "Cannot bfu from pre-Solaris $MINIMUM_OS_REV" 5170 fi 5171 if [ ! -x /usr/sbin/svcadm ]; then 5172 fail "This version of bfu cannot run on pre-Greenline " \ 5173 "(s10_64) systems" 5174 fi 5175 fi 5176 5177 export PATH=/tmp/bfubin:$PATH 5178 export LD_LIBRARY_PATH=/tmp/bfulib 5179 5180 if [ -h /tmp/bfulib/64 ] 5181 then 5182 ldlib64="LD_LIBRARY_PATH_64=/tmp/bfulib/64" 5183 export LD_LIBRARY_PATH_64=/tmp/bfulib/64 5184 fi 5185 5186 # turn off auxiliary filters, since they can cause objects to be loaded 5187 # from outside of the protected environment. 5188 export LD_NOAUXFLTR=1 5189 5190 # 5191 # Since we've turned off auxiliary filters, libc_psr will normally not 5192 # be loaded at all. But libc_psr was overriding broken code in libc 5193 # for over a week before the fix for 6324631, so we need to explicitly 5194 # LD_PRELOAD it to allow users to bfu from the broken libc. This can be 5195 # removed once there are no sun4u machines bfued to Nevada bits between 5196 # 9/7/2005 and 9/15/2005. 5197 # 5198 if [ -f /tmp/bfulib/libc_psr.so.1 ]; then 5199 export LD_PRELOAD_32=/tmp/bfulib/libc_psr.so.1 5200 fi 5201 5202 print "Turning on delayed i/o ..." 5203 fastfs -f $rootlist $usr 5204 fastfs $rootlist $usr 5205 5206 # 5207 # The "| tee -a $EXTRACT_LOG" following do_extraction() is not pulled into the 5208 # function itself because it interferes with the cpio exit status detection. 5209 # pcfs boot is an exception, since its cpio exit status is expected to be bad, 5210 # so a heuristic must be employed to infer whether or not any errors occurred. 5211 # 5212 do_extraction() { 5213 compressed_archive=$1 5214 shift 5215 $ZCAT $compressed_archive | cpio -idmucB $* 2>&1 \ 5216 || extraction_error "extracting archive $1" 5217 } 5218 5219 do_pcfs_boot_extraction() { 5220 PCFS_BOOT_LOG=/tmp/bfu-pcfs-boot-log.$$ 5221 $ZCAT $1 | cpio -idmucB 2>&1 | grep -v "error.s" | \ 5222 grep -v "cpio: Cannot chown()" | \ 5223 grep -v "cpio: Error during chown()" | tee $PCFS_BOOT_LOG 5224 cat $PCFS_BOOT_LOG >> $EXTRACT_LOG 5225 egrep -s -v blocks $PCFS_BOOT_LOG 5226 if [ $? -eq 0 ]; then 5227 extraction_error "extracting archive $1 ... see $PCFS_BOOT_LOG" 5228 else 5229 rm -f $PCFS_BOOT_LOG 5230 fi 5231 } 5232 5233 # 5234 # Usage: extract_archives (root|usr|lib|sbin|kernel) arch-list 5235 # 5236 extract_archives() { 5237 base=$1 5238 shift 5239 test $base = usr && cd $usrroot || cd $root 5240 for archive in $* 5241 do 5242 print "Extracting $archive.$base$ZFIX ... \c" \ 5243 | tee -a $EXTRACT_LOG 5244 test -h platform/$archive && rm platform/$archive 5245 if [ $base = root ]; then 5246 exclude="-f dev/fd home proc etc/mnttab" 5247 5248 # 5249 # We don't want to overwrite the sharetab if 5250 # it is a mount-point. We assume it is a 5251 # mount-point if it is not writable. 5252 # 5253 if [ -f etc/dfs/sharetab ]; then 5254 if [ ! -w etc/dfs/sharetab ]; then 5255 exclude="$exclude etc/dfs/sharetab" 5256 fi 5257 fi 5258 5259 [ -d system/contract ] && 5260 exclude="$exclude system/contract" 5261 [ -d system/object ] && 5262 exclude="$exclude system/object" 5263 [ -f etc/svc/repository.db ] && 5264 exclude="$exclude etc/svc/repository.db" 5265 [ -e etc/repository_door ] && 5266 exclude="$exclude etc/repository_door" 5267 [ -f etc/svc/volatile ] && 5268 exclude="$exclude etc/svc/volatile" 5269 do_extraction $cpiodir/$archive.$base$ZFIX $exclude | 5270 tee -a $EXTRACT_LOG 5271 elif [ $base = usr ]; then 5272 do_extraction $cpiodir/$archive.$base$ZFIX \ 5273 -f "usr/openwin" | tee -a $EXTRACT_LOG 5274 else 5275 do_extraction $cpiodir/$archive.$base$ZFIX \ 5276 | tee -a $EXTRACT_LOG 5277 fi 5278 done 5279 cd $root 5280 } 5281 5282 extract_boot_archives() { 5283 base=$1 5284 shift 5285 cd $root 5286 for archive in $* 5287 do 5288 if [ ! -f $cpiodir/$archive.$base$ZFIX ]; then 5289 continue 5290 fi 5291 print "Extracting $archive.$base$ZFIX ... \c" \ 5292 | tee -a $EXTRACT_LOG 5293 if [ $boot_is_pcfs = yes ]; then 5294 do_pcfs_boot_extraction $cpiodir/$archive.$base$ZFIX 5295 else 5296 do_extraction $cpiodir/$archive.$base$ZFIX | \ 5297 tee -a $EXTRACT_LOG 5298 fi 5299 $ZCAT $cpiodir/$archive.$base$ZFIX | cpio -it 2>&1 | \ 5300 grep "boot/solaris/devicedb/master" >/dev/null 2>&1 5301 if [ "$?" = "0" ]; then 5302 have_realmode=yes 5303 fi 5304 done 5305 cd $root 5306 } 5307 5308 # 5309 # Classic boot pboot and bootblk compatibility with old archives 5310 # 5311 setup_pboot() 5312 { 5313 NEWPBOOTDIR=$GATE/public/pboot 5314 NEWPBOOT=${NEWPBOOTDIR}/pboot 5315 NEWBOOTBLK=${NEWPBOOTDIR}/bootblk 5316 PBOOTDIR=$usr/platform/$karch/lib/fs/ufs 5317 PBOOT=${PBOOTDIR}/pboot 5318 BOOTBLK=${PBOOTDIR}/bootblk 5319 5320 # they should already be there, but... 5321 if [ -f $NEWPBOOT -a ! -f $PBOOT ]; then 5322 print "Installing pboot from $NEWPBOOTDIR" 5323 cp $NEWPBOOT $PBOOT 5324 fi 5325 if [ -f $NEWBOOTBLK -a ! -f $BOOTBLK ]; then 5326 print "Installing bootblk from $NEWPBOOTDIR" 5327 cp $NEWBOOTBLK $BOOTBLK 5328 fi 5329 5330 if [ -f $NEWPBOOT -a -f $PBOOT ]; then 5331 LATEST=`ls -Lt $PBOOT $NEWPBOOT | head -1` 5332 if [ "$LATEST" = "$NEWPBOOT" ]; then 5333 print "Updating pboot from $NEWPBOOT" 5334 cp $NEWPBOOT $PBOOT 5335 fi 5336 fi 5337 if [ -f $NEWBOOTBLK -a -f $BOOTBLK ]; then 5338 LATEST=`ls -Lt $BOOTBLK $NEWBOOTBLK | head -1` 5339 if [ "$LATEST" = "$NEWBOOTBLK" ]; then 5340 print "Updating bootblk from $NEWBOOTBLK" 5341 cp $NEWBOOTBLK $BOOTBLK 5342 fi 5343 fi 5344 # 5345 # This function will never be called when upgrading a zfs root, 5346 # so it's safe to assume a value for rootslice here. 5347 # 5348 if [[ "$rootslice" = /dev/rdsk/* ]]; then 5349 print "Installing boot block." 5350 ( cd $PBOOTDIR ; 5351 install_boot_i386 ./pboot ./bootblk ${rootslice%??}s2 ) 5352 fi 5353 # 5354 # Since /platform/i86pc/boot/solaris/boot.bin is moved 5355 # to /boot/solaris, remove the old one if it really 5356 # exists. 5357 # 5358 OLDBOOTDIR=${root}/platform/i86pc/boot/solaris 5359 OLDBOOTBIN=${OLDBOOTDIR}/boot.bin 5360 if [ ! -h ${OLDBOOTDIR} -a -f ${OLDBOOTBIN} ] ; 5361 then 5362 print "Removing old boot.bin." 5363 rm -rf ${OLDBOOTBIN} 5364 fi 5365 } 5366 5367 # 5368 # Multiboot support 5369 # 5370 5371 saved_boot_files=" 5372 solaris/bootenv.rc 5373 solaris/devicedb/master 5374 " 5375 5376 # 5377 # transition from multiboot to dca 5378 # 5379 check_multi_to_dca_boot() 5380 { 5381 bootdev=`grep p0:boot $rootprefix/etc/vfstab | \ 5382 grep pcfs | nawk '{print $1}'` 5383 if [ "$bootdev" != "" ]; then 5384 is_pcfs_boot=yes 5385 fi 5386 5387 if [ $is_pcfs_boot = yes ]; then 5388 df -h | grep stubboot >/dev/null 2>&1 5389 if [ $? -eq 0 ]; then 5390 5391 # save configurable files from /boot 5392 # before remounting /stubboot. 5393 # files are relative to /boot. 5394 for file in $saved_boot_files 5395 do 5396 dir="`dirname $rootprefix/stubboot/$file`" 5397 mkdir -p $dir 5398 cp $rootprefix/boot/$file $dir 5399 done 5400 5401 echo "unmount $bootdev at $rootprefix/stubboot" 5402 ERRMSG=$(umount $bootdev 2>&1) 5403 if [ $? -ne 0 ] ; then 5404 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 5405 fail "Unable to umount $bootdev on $rootprefix/stubboot." 5406 fi 5407 5408 # adjust vfstab 5409 sed -e "s/[ ]\/stubboot[ ]/ \/boot /" \ 5410 <$rootprefix/etc/vfstab >$rootprefix/etc/vfstab+ 5411 mv $rootprefix/etc/vfstab $rootprefix/etc/vfstab- 5412 mv $rootprefix/etc/vfstab+ $rootprefix/etc/vfstab 5413 5414 ERRMSG=$(mount -F pcfs $bootdev $rootprefix/boot 2>&1) 5415 if [ $? -ne 0 ] ; then 5416 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 5417 fail "Unable to mount $bootdev on $rootprefix/boot." 5418 fi 5419 fi 5420 fi 5421 } 5422 5423 check_dca_to_multiboot() 5424 { 5425 bootdev=`grep p0:boot $rootprefix/etc/vfstab | \ 5426 grep pcfs | nawk '{print $1}'` 5427 if [ "$bootdev" != "" ]; then 5428 is_pcfs_boot=yes 5429 fi 5430 if [ $system_type != dca ]; then 5431 return 5432 fi 5433 5434 # ensure bootpath is in $rootprefix/boot/solaris/bootenv.rc 5435 # It's ok to put a meta device path in there 5436 bootenvrc=$rootprefix/boot/solaris/bootenv.rc 5437 grep "^setprop[ ]*bootpath[ ]" $bootenvrc > /dev/null 5438 if [ $? != 0 ]; then 5439 rootdev=`grep -v "^#" $rootprefix/etc/vfstab | \ 5440 grep "[ ]/[ ]" | nawk '{print $1}'` 5441 bootpath=`ls -l $rootdev | nawk '{ print $NF }' |\ 5442 sed "s#../../devices##"` 5443 echo "setprop bootpath '$bootpath'" >> $bootenvrc 5444 fi 5445 5446 rm -f $rootprefix/boot/mdboot 5447 } 5448 5449 # 5450 # Figure out the boot architecture of the current system: 5451 # 1. If an i86xpv kernel exists, it's a xpv system 5452 # 2. If dboot_image is in unix, it's a dboot system 5453 # 3. Otherwise, if multiboot is present, it's a multiboot system 5454 # 4. Otherwise, it's a pre-multiboot system 5455 # 5456 # This is called before we lay down the new archives. 5457 # 5458 check_system_type() 5459 { 5460 if [ -f $root/platform/i86xpv/kernel/unix ]; then 5461 system_type=xpv 5462 elif [ -x $root/boot/solaris/bin/symdef ] && \ 5463 $root/boot/solaris/bin/symdef $root/platform/i86pc/kernel/unix \ 5464 dboot_image; then 5465 system_type=directboot 5466 elif [ -x $root/platform/i86pc/multiboot ]; then 5467 system_type=multiboot 5468 else 5469 system_type=dca 5470 fi 5471 } 5472 5473 # 5474 # Detect SVM root and return the list of raw devices under the mirror 5475 # 5476 get_rootdev_list() 5477 { 5478 if [ -f $rootprefix/etc/lu/GRUB_slice ]; then 5479 dev=`grep '^PHYS_SLICE' $rootprefix/etc/lu/GRUB_slice | 5480 cut -d= -f2` 5481 if [ "$rootfstype" = "zfs" ]; then 5482 fstyp -a "$dev" | grep 'path: ' | grep -v phys_path: | 5483 cut -d"'" -f2 | sed 's+/dsk/+/rdsk/+' 5484 else 5485 echo "$dev" 5486 fi 5487 return 5488 elif [ "$rootfstype" = "zfs" ]; then 5489 rootpool=`df -k ${rootprefix:-/} | tail +2 | cut -d/ -f1` 5490 rootdevlist=`LC_ALL=C zpool iostat -v "$rootpool" | tail +5 | 5491 egrep -v "mirror|spare|replacing" | 5492 sed -n -e '/--/q' -e p | awk '{print $1}'` 5493 else 5494 metadev=`grep -v "^#" $rootprefix/etc/vfstab | \ 5495 grep "[ ]/[ ]" | nawk '{print $2}'` 5496 if [[ $metadev = /dev/rdsk/* ]]; then 5497 rootdevlist=`basename "$metadev"` 5498 elif [[ $metadev = /dev/md/rdsk/* ]]; then 5499 metavol=`basename "$metadev"` 5500 rootdevlist=`metastat -p $metavol |\ 5501 grep -v "^$metavol[ ]" | nawk '{print $4}'` 5502 fi 5503 fi 5504 for rootdev in $rootdevlist 5505 do 5506 echo /dev/rdsk/`basename $rootdev` 5507 done 5508 } 5509 5510 # 5511 # Done once per transition from classic (dca) to multi boot 5512 # 5513 setup_stubboot() 5514 { 5515 bootdev=`grep -v "^#" $rootprefix/etc/vfstab | grep pcfs | \ 5516 grep "[ ]/boot[ ]"` 5517 if [[ -n $bootdev ]] ; then 5518 5519 bootdev=`echo "$bootdev" | nawk '{print $1}'` 5520 rbootdev=`echo "$bootdev" | sed -e "s/dev\/dsk/dev\/rdsk/"` 5521 5522 # Remount boot partition as /stubboot, set up new /boot 5523 mkdir -p $rootprefix/stubboot 5524 5525 ERRMSG=$(umount $bootdev 2>&1) 5526 if [ $? -ne 0 ] ; then 5527 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 5528 fail "Unable to umount $bootdev." 5529 fi 5530 ERRMSG=$(mount -F pcfs $bootdev $rootprefix/stubboot 2>&1) 5531 if [ $? -ne 0 ] ; then 5532 [ -n "${ERRMSG}" ] && echo "${ERRMSG}" 5533 fail "Unable to mount $bootdev on $rootprefix/stubboot." 5534 fi 5535 5536 mkdir -p $rootprefix/boot 5537 cp -r $rootprefix/stubboot/* $rootprefix/boot 5538 5539 # adjust /etc/vfstab 5540 sed <$rootprefix/etc/vfstab \ 5541 -e "s/[ ]\/boot[ ]/ \/stubboot /" | \ 5542 sed -n >$rootprefix/etc/vfstab+ ' 5543 /p0:boot/ { 5544 s/[ ]no/ yes/ 5545 } 5546 p 5547 ' 5548 5549 mv $rootprefix/etc/vfstab $rootprefix/etc/vfstab- 5550 mv $rootprefix/etc/vfstab+ $rootprefix/etc/vfstab 5551 fi 5552 } 5553 5554 # 5555 # multiboot: install grub on the boot slice 5556 # 5557 install_grub() 5558 { 5559 STAGE1=$rootprefix/boot/grub/stage1 5560 STAGE2=$rootprefix/boot/grub/stage2 5561 5562 if [ -x $rootprefix/boot/solaris/bin/update_grub ]; then 5563 /tmp/bfubin/ksh $rootprefix/boot/solaris/bin/update_grub \ 5564 -R $root 5565 elif [ $is_pcfs_boot = no ]; then 5566 get_rootdev_list | while read rootdev 5567 do 5568 print "Install grub on $rootdev" 5569 PATH=/tmp/bfubin /tmp/bfubin/installgrub \ 5570 $STAGE1 $STAGE2 $rootdev 5571 done 5572 else 5573 # copy /boot grub & solaris to /stubboot 5574 cp -r $rootprefix/boot/grub $rootprefix/stubboot/grub 5575 cp -r $rootprefix/boot/solaris $rootprefix/stubboot/solaris 5576 5577 # Adjust grub paths relative to pcfs filesystem 5578 rm -rf $rootprefix/stubboot/boot 5579 mkdir -p $rootprefix/stubboot/boot 5580 mv $rootprefix/stubboot/grub $rootprefix/stubboot/boot 5581 mv $rootprefix/stubboot/solaris $rootprefix/stubboot/boot 5582 5583 # 5584 # Run installgrub after copying stubboot to avoid overwriting 5585 # /stubboot/boot/grub/stage2, which must stay untouched. 5586 # 5587 bootdev=`grep -v "^#" $rootprefix/etc/vfstab | grep pcfs | \ 5588 grep "[ ]/stubboot[ ]" | nawk '{print $1}'` 5589 rbootdev=`echo "$bootdev" | sed -e "s/dev\/dsk/dev\/rdsk/"` 5590 if [ "$rbootdev" != "" ]; then 5591 print "Install grub on $rbootdev" 5592 PATH=/tmp/bfubin /tmp/bfubin/installgrub $STAGE1 $STAGE2 $rbootdev 5593 fi 5594 fi 5595 } 5596 5597 # 5598 # We check for several possibilites of a bootenv.rc line: 5599 # 5600 # 1. setprop name 'value' 5601 # 2. setprop name "value" 5602 # 3. setprop name value 5603 # 5604 parse_bootenv_line() 5605 { 5606 line=$1 5607 value=`echo $line | grep "'" | cut -d\' -f2` 5608 if [ -z "$value" ]; then 5609 value=`echo $line | grep "\"" | cut -d\" -f2` 5610 if [ -z "$value" ]; then 5611 value=`echo $line | cut -d' ' -f3-` 5612 fi 5613 fi 5614 echo $value 5615 } 5616 5617 update_bootenv() 5618 { 5619 bootenvrc=$rootprefix/boot/solaris/bootenv.rc 5620 bootenvrc_updated=0 5621 5622 # Note: the big space below is actually a space and tab 5623 boot_file=`grep '^setprop[ ]\{1,\}boot-file\>' $bootenvrc` 5624 if [ -n "$boot_file" ]; then 5625 file=`parse_bootenv_line "$boot_file"` 5626 if [ -n "$file" ]; then 5627 PATH=/tmp/bfubin /tmp/bfubin/bootadm set-menu kernel="$file" 5628 bootenvrc_updated=1 5629 fi 5630 fi 5631 5632 console=`grep '^setprop[ ]\{1,\}console\>' $bootenvrc` 5633 if [ -z "$console" ]; then 5634 console=`grep '^setprop[ ]\{1,\}input-device\>' \ 5635 $bootenvrc` 5636 fi 5637 if [ -n "$console" ]; then 5638 cons=`parse_bootenv_line "$console"` 5639 fi 5640 boot_args=`grep '^setprop[ ]\{1,\}boot-args\>' $bootenvrc` 5641 if [ -n "boot_args" ]; then 5642 args=`parse_bootenv_line "$boot_args"` 5643 fi 5644 if [ -n "$cons" ] && [ -n "$args" ]; then 5645 # If args starts with a -B, remove it and add a comma instead 5646 if echo $args | grep '^-B ' >/dev/null; then 5647 new_args=`echo $args | sed 's/^-B //'` 5648 args_line="-B console=$cons,$new_args" 5649 else 5650 args_line="-B console=$cons $args" 5651 fi 5652 elif [ -n "$cons" ]; then 5653 args_line="-B console=$cons" 5654 elif [ -n "$args" ]; then 5655 args_line="$args" 5656 else 5657 args_line="" 5658 fi 5659 if [ -n "$args_line" ]; then 5660 PATH=/tmp/bfubin /tmp/bfubin/bootadm set-menu args="$args_line" 5661 bootenvrc_updated=1 5662 fi 5663 5664 if [ $bootenvrc_updated = 1 ]; then 5665 egrep -v '^setprop[ ]+(boot-file|boot-args)[ ]' $bootenvrc > ${bootenvrc}.new 5666 [ -s ${bootenvrc}.new ] && mv ${bootenvrc}.new $bootenvrc 5667 fi 5668 } 5669 5670 get_biosdisk() 5671 { 5672 rootdev=$1 5673 rootphys=`ls -l $rootdev | nawk '{ print $NF }' | \ 5674 sed -e "s/\.\.\/\.\.\/devices//" -e "s/:[abcdefgh],raw//"` 5675 rbootdev=`echo "$rootdev" | sed -e "s/s[0-7]/p0/"` 5676 5677 # 5678 # Use biosdev to get the bios disk number 5679 # 5680 biosdisk=`biosdev | grep $rootphys | \ 5681 nawk '{print $1}' | sed -e "s/0x8//"` 5682 } 5683 5684 # 5685 # multiboot: set up initial grub menu 5686 # 5687 update_grub_menu() 5688 { 5689 MENU=$rootprefix/boot/grub/menu.lst 5690 5691 grubhd=$1 5692 5693 if [ $archive_type = multiboot ]; then 5694 BOOT_PROG="kernel /platform/i86pc/multiboot" 5695 BOOT_ARCHIVE="module /platform/i86pc/boot_archive" 5696 else 5697 # 5698 # directboot archives 5699 # 5700 BOOT_PROG="kernel\$ /platform/i86pc/kernel/\$ISADIR/unix" 5701 BOOT_ARCHIVE="module\$ /platform/i86pc/\$ISADIR/boot_archive" 5702 fi 5703 5704 # 5705 # The failsafe archives may be different than the boot archives 5706 # 5707 if [ -x /boot/platform/i86pc/kernel/unix ]; then 5708 BOOT_FAILSAFE_FILE="/boot/platform/i86pc/kernel/unix" 5709 BOOT_FAILSAFE_SUFFIX="" 5710 else 5711 BOOT_FAILSAFE_FILE="/boot/multiboot" 5712 BOOT_FAILSAFE_SUFFIX="kernel/unix" 5713 fi 5714 5715 # 5716 # Append some useful entries to the existing menu 5717 # 5718 echo "Update GRUB menu $MENU with entries for $grubhd" 5719 5720 grep ^default $MENU > /dev/null 5721 [ $? = 0 ] || echo "default=0" >> $MENU 5722 grep ^timeout $MENU > /dev/null 5723 [ $? = 0 ] || echo "timeout=10" >> $MENU 5724 5725 echo "#serial --unit=0 --speed=9600" >> $MENU 5726 echo "#terminal serial" >> $MENU 5727 echo "#splashimage=$grubhd/boot/grub/splash.xpm.gz" >> $MENU 5728 echo "title Solaris" >> $MENU 5729 echo " root $grubhd" >> $MENU 5730 echo " ${BOOT_PROG}" >> $MENU 5731 echo " ${BOOT_ARCHIVE}" >> $MENU 5732 5733 echo "GRUB menu entry 'Solaris' boots to eeprom(1m) settings" 5734 5735 if [ -f ${rootprefix}/$BOOT_FAILSAFE_FILE ] && 5736 [ -f ${rootprefix}/boot/x86.miniroot-safe ] ; then 5737 5738 TTY=`grep "^setprop input-device" \ 5739 ${rootprefix}/boot/solaris/bootenv.rc | cut -f 2 -d \'` 5740 if [ -z "${TTY}" ] ; then 5741 TTY=`grep "^setprop console" \ 5742 ${rootprefix}/boot/solaris/bootenv.rc | \ 5743 cut -f 2 -d \'` 5744 fi 5745 5746 if [ "${TTY}" = "ttya" ] || [ "${TTY}" = "ttyb" ] ; then 5747 FS_CONSOLE="-B console=${TTY}" 5748 fi 5749 5750 cat >>$MENU <<EOF 5751 title Solaris failsafe 5752 root $grubhd 5753 kernel $BOOT_FAILSAFE_FILE $BOOT_FAILSAFE_SUFFIX $FS_CONSOLE -s 5754 module /boot/x86.miniroot-safe 5755 EOF 5756 fi 5757 } 5758 5759 bootadm_f_flag="" 5760 5761 install_failsafe() 5762 { 5763 if [ "$root" != "/" ] || \ 5764 [ -f /boot/x86.miniroot-safe ] || \ 5765 [ ! -x ${GATE}/public/bin/update_failsafe ]; then 5766 # 5767 # Either we're not bfu'ing /, or the failsafe archives were 5768 # already installed, or update_failsafe is not available. 5769 # If the old failsafe archives were multiboot, clear out the 5770 # directboot kernel. 5771 # 5772 if [ $failsafe_type = multiboot ]; then 5773 rm -f $rootprefix/boot/platform/i86pc/kernel/unix 5774 elif [ $failsafe_type = directboot ]; then 5775 cp /tmp/bfubin/unix \ 5776 $rootprefix/boot/platform/i86pc/kernel/unix 5777 fi 5778 else 5779 echo "Updating failsafe archives" 5780 ${GATE}/public/bin/update_failsafe 5781 5782 # Force bootadm to update the failsafe entry 5783 bootadm_f_flag="-f" 5784 fi 5785 } 5786 5787 # 5788 # setup_grub_menu is only called when upgrading from a system 5789 # with a dca boot. This cannot happen on systems with zfs root, 5790 # so this function need not take care of the case where the root 5791 # file system type is zfs 5792 # 5793 setup_grub_menu() 5794 { 5795 MENU=$rootprefix/boot/grub/menu.lst 5796 5797 get_rootdev_list | while read rootdev 5798 do 5799 rootphys=`ls -l $rootdev | nawk '{print $NF}' | \ 5800 sed -e "s/\.\.\/\.\.\/devices//"` 5801 gslice=`echo "$rootphys" | cut -f 2 -d : | sed s/,raw//` 5802 rootphys=`echo "$rootphys" | sed -e "s/:[abcdefgh],raw//"` 5803 rbootdev=`echo "$rootdev" | sed -e "s/s[0-7]/p0/"` 5804 5805 # 5806 # Wallow through fdisk to get the active partition number 5807 # Partition numbering is zero-based 5808 # 5809 part=0 5810 fdisk -W - $rbootdev | grep -v '^*' | grep -v '^$' | \ 5811 while read id act bhead bcyl ehead ecyl rsect numsect 5812 do 5813 # Find solaris partition, either older 130 or 191 5814 if [ $id -eq "191" -o $id -eq "130" ] ; then 5815 break 5816 fi 5817 part=`expr "$part" + 1` 5818 done 5819 5820 get_biosdisk $rootdev 5821 grubhd="(hd${biosdisk},${part},${gslice})" 5822 5823 # 5824 # update the grub menu if it doesn't exist or 5825 # doesn't have usable boot entries 5826 # 5827 if [ -f $MENU ]; then 5828 grep -v "^#" $MENU | grep $grubhd >/dev/null 2>&1 5829 if [ $? -eq 1 ]; then 5830 update_grub_menu $grubhd 5831 fi 5832 else 5833 update_grub_menu $grubhd 5834 fi 5835 done 5836 } 5837 5838 # 5839 # Build the multiboot boot archive 5840 # 5841 build_boot_archive() 5842 { 5843 # 5844 # We should be able to run bootadm here but that's a 5845 # little more complicated than one would think 5846 #bootadm_args=${rootprefix:+-R $rootprefix} 5847 #PATH=/tmp/bfubin /tmp/bfubin/bootadm update $bootadm_args 5848 5849 cr_args=${rootprefix:+ -R $rootprefix} 5850 LD_LIBRARY_PATH=/tmp/bfulib PATH=/tmp/bfubin \ 5851 /tmp/bfubin/ksh $rootprefix/boot/solaris/bin/create_ramdisk $cr_args 5852 5853 # 5854 # Disable the boot-archive service on the first boot 5855 # to silence complaints about new files 5856 # svccfg -s system/boot-archive setprop start/exec = true 5857 5858 mkdir -p $rootprefix/bfu.conflicts/lib/svc/method 5859 cp $rootprefix/lib/svc/method/boot-archive \ 5860 $rootprefix/bfu.conflicts/lib/svc/method/boot-archive 5861 cat >$rootprefix/lib/svc/method/boot-archive <<"EOF" 5862 #!/sbin/sh 5863 exit 0 5864 EOF 5865 5866 cat >$rootprefix/etc/rc2.d/S99postbfu <<EOF 5867 #!/bin/sh 5868 # 5869 case "\$1" in 5870 'start') 5871 cp /bfu.conflicts/lib/svc/method/boot-archive /lib/svc/method/boot-archive 5872 chmod +x /lib/svc/method/boot-archive 5873 rm -f /etc/rc2.d/S99postbfu 5874 ;; 5875 *) 5876 echo "usage: \$0 start" 5877 exit 1 5878 ;; 5879 esac 5880 exit 0 5881 EOF 5882 5883 chmod +x $rootprefix/etc/rc2.d/S99postbfu 5884 chmod +x $rootprefix/lib/svc/method/boot-archive 5885 chmod +x $rootprefix/bfu.conflicts/lib/svc/method/boot-archive 5886 } 5887 5888 # 5889 # Install failsafe archive on a sparc machine if not present. 5890 # Use a well-known server for the archive if we need it. 5891 # 5892 install_sparc_failsafe() 5893 { 5894 # check if failsafe already installed 5895 if [ -f $rootprefix/platform/$karch/failsafe ]; then 5896 return 5897 fi 5898 if [ -z "$FAILSAFE_SERVER" ]; then 5899 FAILSAFE_SERVER="netinstall.sfbay" 5900 fi 5901 if [ -z "$FAILSAFE_IMAGE" ]; then 5902 FAILSAFE_IMAGE="export/nv/s/latest" 5903 fi 5904 fs_wos_image="/net/${FAILSAFE_SERVER}/${FAILSAFE_IMAGE}" 5905 fs_archive="${fs_wos_image}/boot/sparc.miniroot" 5906 if [ ! -d $fs_wos_image ] || [ ! -f $fs_archive ]; then 5907 # XXX Remove this fallback to a known good archive once real 5908 # XXX images with boot archives become available. 5909 fs_wos_image="/net/netinstall.sfbay/export/setje/nbs-latest" 5910 fs_archive="${fs_wos_image}/boot/sparc.miniroot" 5911 fi 5912 if [ -d $fs_wos_image ] || [ ! -f $fs_archive ]; then 5913 echo "Installing failsafe archive from $fs_wos_image" 5914 cp $fs_archive $rootprefix/platform/$karch/failsafe 5915 fi 5916 } 5917 5918 disable_boot_service() 5919 { 5920 svccfg -s system/boot-archive setprop start/exec = true 5921 cat >$rootprefix/lib/svc/method/boot-archive <<EOF 5922 #!/sbin/sh 5923 . /lib/svc/share/smf_include.sh 5924 . /lib/svc/share/fs_include.sh 5925 exit 0 5926 EOF 5927 } 5928 5929 dir_is_inherited() { 5930 dir=$1 5931 set -- `zonecfg -z $zone info inherit-pkg-dir dir=/$dir` 5932 [ "$3" = "/$dir" ] && return 0 || return 1 5933 } 5934 5935 check_boot_env() 5936 { 5937 if [ $multi_or_direct = yes ]; then 5938 if [ $archive_type != $system_type ]; then 5939 install_failsafe 5940 [ $system_type = dca ] && setup_grub_menu 5941 5942 if [ $have_new_bootadm = yes ] || 5943 ( [ -x /tmp/bfubin/symdef ] && 5944 [ -x /tmp/bfubin/bootadm ] && 5945 /tmp/bfubin/symdef /tmp/bfubin/bootadm \ 5946 dboot_or_multiboot ); then 5947 if [[ -z $rootprefix ]]; then 5948 PATH=/tmp/bfubin /tmp/bfubin/bootadm \ 5949 -m upgrade $bootadm_f_flag 5950 else 5951 PATH=/tmp/bfubin /tmp/bfubin/bootadm \ 5952 -m upgrade -R $rootprefix \ 5953 $bootadm_f_flag 5954 fi 5955 install_grub 5956 [ $archive_type = directboot ] && update_bootenv 5957 else 5958 install_grub 5959 cat >&2 <<EOF 5960 5961 WARNING: Cannot find new bootadm. If bfu'ing across the multiboot/directboot 5962 boundary, you will need to manually change menu.lst. See 5963 http://www.sun.com/msg/SUNOS-8000-CF for details. 5964 5965 EOF 5966 fi 5967 5968 # 5969 # If we're going backwards, we need to remove the 5970 # symdef binary. 5971 # 5972 if [ -f $rootprefix/boot/solaris/bin/symdef ] && \ 5973 [ $archive_type = multiboot ] 5974 then 5975 rm -f $rootprefix/boot/solaris/bin/symdef \ 5976 $rootprefix/boot/solaris/bin/update_grub 5977 fi 5978 elif [ $failsafe_type = multiboot ]; then 5979 rm -f $rootprefix/boot/platform/i86pc/kernel/unix 5980 elif [ $failsafe_type = directboot ]; then 5981 cp /tmp/bfubin/unix \ 5982 $rootprefix/boot/platform/i86pc/kernel/unix 5983 fi 5984 build_boot_archive 5985 else 5986 disable_boot_service 5987 fi 5988 } 5989 5990 mondo_loop() { 5991 typeset pkgroot 5992 typeset pkg 5993 root=$1 5994 zone=$2 5995 if [ $zone != global ]; then 5996 usrroot=$root 5997 fi 5998 5999 # If the archives being installed contain i86pc.boot, 6000 # check to see if it contains strap.com, one of the 6001 # four possibly-required booters. If i86pc.boot does, 6002 # try to upgrade the realmode booters from the current 6003 # archive set. 6004 # 6005 # Don't bother doing the upgrade for diskless bfu, as the boot 6006 # will be done with floppy or PXE, which must match the build 6007 # anyway (floppy must match or add_install_client must be 6008 # rerun), and in any event we can't touch the boot bits 6009 # for diskless boot from here. Also don't do this for 6010 # any zone but 'global'. 6011 6012 cd $root || fail "Cannot cd $root" 6013 rootprefix=${root%/} 6014 pkgroot=${rootprefix:+-R $rootprefix} 6015 6016 if [ "$karch" = "i86pc" -a "$diskless" = "no" -a "$zone" = "global" ] 6017 then 6018 remove_properties 6019 check_system_type 6020 if boot_is_upgradeable $root && \ 6021 [ $archive_type = dca ]; then 6022 check_multi_to_dca_boot 6023 print "\nUpdating realmode boot loaders\n" 6024 update_realmode_booters $root 6025 setup_pboot 6026 fi 6027 if [ $multi_or_direct = yes ]; then 6028 check_dca_to_multiboot 6029 if [ $is_pcfs_boot = yes ]; then 6030 setup_stubboot 6031 fi 6032 fi 6033 fi 6034 6035 # before we save away driver_aliases, remove any obsolete entries 6036 if [ $target_isa = i386 ]; then 6037 # need to remove old pci5853,1 entry for xpv. The correct 6038 # entry going forward is pci5853,1.1 which is now in 6039 # uts/intel/os/driver_aliases 6040 grep '\"pci5853,1\"' $root/etc/driver_aliases > /dev/null 2>&1 6041 if [ "$?" -eq 0 ]; then 6042 /tmp/bfubin/update_drv -b $root -d -i '"pci5853,1"' xpv > /dev/null 2>&1 6043 fi 6044 fi 6045 6046 SECONDS=0 # time each iteration 6047 6048 print "\nSaving configuration files in $rootprefix/bfu.child ... \c" 6049 cd $root 6050 rm -rf bfu.default bfu.restore # historical 6051 rm -rf bfu.child bfu.conflicts 6052 mkdir bfu.child bfu.conflicts 6053 filelist $zone | cpio -pdmu bfu.child || \ 6054 fail 'failed to save config files' 6055 test -f etc/motd && mv etc/motd etc/motd.old 6056 6057 # 6058 # If the var/sadm/system/admin/INST_RELEASE file still exists, 6059 # this system has never been bfu'd before. Therefore, the 6060 # information in var/sadm/install/contents is still valid and 6061 # can be used to determine whether files have been modified 6062 # since installation (the bfu.ancestors directory serves this 6063 # purpose for systems that have already been bfu'd.) 6064 # 6065 if [ -f var/sadm/system/admin/INST_RELEASE ] ; then 6066 firstbfu=yes 6067 else 6068 firstbfu=no 6069 fi 6070 6071 # 6072 # bfu'ed systems are not upgradeable; prevent suninstall from 6073 # even *presenting* the upgrade option by removing INST_RELEASE. 6074 # 6075 rm -f var/sadm/system/admin/INST_RELEASE 6076 6077 # 6078 # Hacks to work around minor annoyances and make life more pleasant. 6079 # Part 1 of 2: pre-archive-extraction stuff 6080 # 6081 6082 # 6083 # Do not remove remove_initd_links, since this makes sure things 6084 # work properly when init scripts are shuffled around. 6085 # 6086 remove_initd_links 6087 6088 # 6089 # Remove rc.d scripts and things made superfluous by smf. 6090 # Backwards BFUs will resurrect them from the archives. 6091 # 6092 smf_cleanup 6093 6094 # 6095 # New, enabled-by-default services need to be checked for, such 6096 # that their enabled status is not flipped by BFU after their 6097 # initial arrival. 6098 # 6099 smf_handle_new_services 6100 6101 # 6102 # Handle unbundled TX conversion if needed 6103 # 6104 tx_check_update 6105 6106 # Reflect SUNWcsr's pre-install change, ensures 6107 # the i.hosts action script works during 'acr' 6108 if [[ -f $rootprefix/etc/inet/ipnodes && \ 6109 ! -h $rootprefix/etc/inet/ipnodes ]]; then 6110 rm -f $rootprefix/etc/inet/ipnodes.hostsmerge 6111 cp -p $rootprefix/etc/inet/ipnodes \ 6112 $rootprefix/etc/inet/ipnodes.hostsmerge 6113 fi 6114 6115 # 6116 # Remove obsolete disassembler module 6117 # 6118 if [ $target_isa = sparc ]; then 6119 rm -rf $usr/lib/mdb/disasm/* 6120 rm -f $root/kernel/kmdb/sparcv9/sparc 6121 fi 6122 6123 # 6124 # Remove obsolete Sun-Fire-880 (daktari) FMA Fault Tree directory 6125 # and file. Backwards BFUs will resurrect them from the archives. 6126 # 6127 if [ $target_isa = sparc ]; then 6128 rm -rf $usr/platform/SUNW,Sun-Fire-880/lib/fm 6129 fi 6130 6131 # 6132 # Remove old ndpd header (moved to /usr/include per 6509782) 6133 # 6134 rm -f $usr/include/protocols/ndpd.h 6135 6136 # 6137 # Remove old FMA dictionary files 6138 # 6139 rm -f $usr/lib/fm/FMD.dict 6140 rm -f $usr/lib/fm/SUN4U.dict 6141 rm -f $usr/lib/fm/SUNOS.dict 6142 6143 # Remove unused SMF dictionary 6144 rm -f $root/usr/lib/fm/dict/SMF.dict 6145 rm -f $root/usr/lib/locale/C/LC_MESSAGES/SMF.mo 6146 6147 # 6148 # Remove old FMA .eft files and directories 6149 # 6150 rm -f $usr/platform/sun4u/lib/fm/eft/pci-sun4u.eft 6151 rm -rf $usr/platform/SUNW,Serverblade1/lib/fm 6152 rm -rf $usr/platform/SUNW,Sun-Fire/lib/fm 6153 rm -rf $usr/platform/SUNW,Sun-Fire-15000/lib/fm 6154 6155 # 6156 # Remove old FMA LDOMS files 6157 # 6158 rm -f $usr/platform/sun4v/lib/fm/fmd/libldom.so.1 6159 rm -f $usr/platform/sun4v/lib/fm/fmd/libldom.so 6160 rm -f $usr/platform/sun4v/lib/fm/fmd/llib-lldom 6161 rm -f $usr/platform/sun4v/lib/fm/fmd/llib-lldom.ln 6162 rm -f $usr/platform/sun4v/lib/fm/fmd/sparcv9/libldom.so.1 6163 rm -f $usr/platform/sun4v/lib/fm/fmd/sparcv9/libldom.so 6164 rm -f $usr/platform/sun4v/lib/fm/fmd/sparcv9/llib-lldom.ln 6165 6166 # 6167 # Remove old topology data 6168 # 6169 rm -rf $usr/lib/fm/topo 6170 rm -f $usr/platform/*/lib/fm/topo/hc-topology.xml 6171 rm -f $usr/platform/SUNW,Sun-Fire-T200/lib/fm/topo/maps/Sun-Blade-T6300-hc-topology.xml 6172 6173 # 6174 # Remove old prtopo and obsoleted include file. 6175 # 6176 rm -f $usr/include/fm/libtopo_enum.h 6177 rm -f $usr/lib/fm/prtopo 6178 6179 # 6180 # Remove fm driver 6181 # 6182 rm -f $root/kernel/drv/fm 6183 rm -f $root/kernel/drv/fm.conf 6184 rm -f $root/kernel/drv/amd64/fm 6185 rm -f $root/kernel/drv/sparcv9/fm 6186 6187 # 6188 # Remove old AMD cpu module, to be replaced by extended cpu.generic 6189 # with AMD-specific support layered on top as a model-specific module. 6190 # Also remove the corresponding mdb and kmdb support. Backwards BFU 6191 # will reintroduce these files. 6192 rm -f $root/platform/i86pc/kernel/cpu/cpu.AuthenticAMD.15 6193 rm -f $root/platform/i86pc/kernel/cpu/amd64/cpu.AuthenticAMD.15 6194 rm -f $root/usr/platform/i86pc/lib/mdb/kvm/cpu.AuthenticAMD.15.so 6195 rm -f $root/usr/platform/i86pc/lib/mdb/kvm/amd64/cpu.AuthenticAMD.15.so 6196 rm -f $root/usr/platform/i86pc/lib/mdb/kvm/cpu.generic.so 6197 rm -f $root/usr/platform/i86pc/lib/mdb/kvm/amd64/cpu.generic.so 6198 rm -f $root/usr/platform/i86pc/lib/mdb/kvm/cpu_ms.AuthenticAMD.15.so 6199 rm -f $root/usr/platform/i86pc/lib/mdb/kvm/amd64/cpu_ms.AuthenticAMD.15.so 6200 rm -f $root/usr/lib/mdb/kvm/cpu.generic.so 6201 rm -f $root/usr/lib/mdb/kvm/amd64/cpu.generic.so 6202 rm -f $root/usr/lib/mdb/kvm/cpu_ms.AuthenticAMD.15.so 6203 rm -f $root/usr/lib/mdb/kvm/amd64/cpu_ms.AuthenticAMD.15.so 6204 6205 # Remove pcbe drivers for AMD 6206 # 6207 # old: need to remove going forwards: 6208 # 6209 rm -f $root/usr/kernel/pcbe/pcbe.AuthenticAMD.15 6210 rm -f $root/usr/kernel/pcbe/pcbe.AuthenticAMD.16 6211 rm -f $root/usr/kernel/pcbe/amd64/pcbe.AuthenticAMD.15 6212 rm -f $root/usr/kernel/pcbe/amd64/pcbe.AuthenticAMD.16 6213 # 6214 # new: need to remove going backwards: 6215 # 6216 rm -f $root/usr/kernel/pcbe/pcbe.AuthenticAMD 6217 rm -f $root/usr/kernel/pcbe/amd64/pcbe.AuthenticAMD 6218 6219 # Remove cpu.generic from i86xpv platform 6220 rm -f $root/platform/i86xpv/kernel/cpu/cpu.generic 6221 rm -f $root/platform/i86xpv/kernel/cpu/amd64/cpu.generic 6222 6223 # 6224 # Remove obsolete buildmnttab script. Backwards BFUs will 6225 # resurrect it by extracting it from the archives. 6226 # 6227 rm -f $root/etc/init.d/buildmnttab 6228 rm -f $root/etc/rcS.d/S70buildmnttab.sh 6229 6230 # 6231 # Break-up of inetsvc, inetinit & network -- remove both the old 6232 # and new init scripts. The correct ones will be extracted from 6233 # the archives whether bfu'ing backwards or forwards. 6234 # 6235 # old: need to remove going forwards: 6236 # 6237 rm -f $root/etc/rc0.d/K42inetsvc 6238 rm -f $root/etc/rc1.d/K42inetsvc 6239 rm -f $root/etc/rcS.d/K42inetsvc 6240 rm -f $root/etc/rcS.d/S29network.sh 6241 # 6242 # new: need to remove going backwards: 6243 # 6244 rm -f $root/etc/init.d/domainname 6245 rm -f $root/etc/init.d/inetd 6246 rm -f $root/etc/init.d/named 6247 rm -f $root/etc/init.d/nodename 6248 rm -f $root/etc/rc0.d/K40inetd 6249 rm -f $root/etc/rc0.d/K42named 6250 rm -f $root/etc/rc1.d/K40inetd 6251 rm -f $root/etc/rc1.d/K42named 6252 rm -f $root/etc/rc2.d/S69domainname 6253 rm -f $root/etc/rc2.d/S72named 6254 rm -f $root/etc/rc2.d/S77inetd 6255 rm -f $root/etc/rcS.d/K40inetd 6256 rm -f $root/etc/rcS.d/K42named 6257 rm -f $root/etc/rcS.d/S28network.sh 6258 rm -f $root/etc/rcS.d/S29nodename.sh 6259 6260 # 6261 # Remove Zones init scripts: they will be extracted properly 6262 # going forwards; after going backwards, they will be gone, 6263 # thus preventing scary warnings on subsequent bfu's. 6264 # 6265 rm -f $root/etc/init.d/zones 6266 rm -f $root/etc/rc0.d/K01zones 6267 rm -f $root/etc/rc1.d/K01zones 6268 rm -f $root/etc/rc2.d/K01zones 6269 rm -f $root/etc/rc3.d/S99zones 6270 rm -f $root/etc/rcS.d/K01zones 6271 6272 # 6273 # Remove <inet>6 STREAMS modules; these no longer exist (and 6274 # should never have existed in the first place). 6275 # 6276 rm -f $root/kernel/strmod/icmp6 \ 6277 $root/kernel/strmod/ip6 \ 6278 $root/kernel/strmod/tcp6 \ 6279 $root/kernel/strmod/udp6 6280 6281 rm -f $root/kernel/strmod/sparcv9/icmp6 \ 6282 $root/kernel/strmod/sparcv9/ip6 \ 6283 $root/kernel/strmod/sparcv9/tcp6 \ 6284 $root/kernel/strmod/sparcv9/udp6 6285 6286 # 6287 # Remove old ZFS binaries (back when it was three modules) 6288 # 6289 find $root/kernel/drv -name zpool 2> /dev/null | xargs rm -f 6290 rm -f $root/kernel/drv/zpool.conf 6291 rm -f $root/kernel/drv/zpool.cache 6292 6293 find $root/kernel/drv -name zvol 2> /dev/null | xargs rm -f 6294 rm -f $root/kernel/drv/zvol.conf 6295 rm -rf $root/kernel/devname 6296 rm -f $usr/include/sys/fs/sdev_node.h 6297 6298 # 6299 # Remove /usr/lib/old_libthread since support for it has 6300 # been removed from the kernel in Solaris 10. If this is 6301 # a backwards BFU, it will all be extracted again by cpio. 6302 rm -rf $usr/lib/old_libthread 6303 6304 # Remove libconfig 6305 rm -f $usr/lib/drv/config_md.so.1 6306 rm -f $usr/include/config_md.h 6307 # remove libssd 6308 rm -f $usr/lib/libssd.a 6309 rm -f $usr/lib/libssd.so 6310 rm -f $usr/lib/libssd.so.1 6311 # remove libap 6312 rm -f $usr/lib/libap_dmd.a 6313 rm -f $usr/lib/libap_dmd.so.1 6314 # remove libintpos 6315 rm -f $usr/lib/libintpos.a 6316 rm -f $usr/lib/libintpos.so.1 6317 6318 # Remove obsolete abi subdirectories 6319 if [ -d $usr/platform/*/lib/abi ]; then 6320 rm -rf $usr/platform/*/lib/abi 6321 fi 6322 rm -rf $usr/lib/gss/abi 6323 rm -rf $usr/lib/krb5/abi 6324 rm -rf $usr/xpg4/lib/abi 6325 rm -rf $usr/ucblib/abi 6326 6327 # 6328 # Remove old stuff related to libthread now that libthread has 6329 # been folded into libc and libthread_db has been renamed libc_db. 6330 # In addition, all the apptrace's tracing libraries (i.e., abi_*.so*), 6331 # spec2map and spec2trace are no longer needed, should be removed. 6332 rm -f \ 6333 $usr/lib/mdb/proc/libthread.so \ 6334 $usr/lib/mdb/proc/sparcv9/libthread.so \ 6335 $usr/lib/abi/spec2map \ 6336 $usr/lib/abi/spec2trace \ 6337 $usr/lib/abi/abi_*.so* \ 6338 $usr/lib/abi/sparcv9/abi_*.so* 6339 6340 # 6341 # Remove the old symlink /lib => usr/lib, if necessary. 6342 # /lib is now a real directory in the root filesystem. 6343 # Remove all of the old static libraries and commands now 6344 # that we no longer build them. If this is a backwards 6345 # BFU, all this will all be extracted again by cpio. 6346 rm $root/lib 2>/dev/null 6347 rm -rf $usr/lib/pics 6348 rm -rf $usr/sbin/static 6349 rm -f \ 6350 $usr/ccs/lib/libcurses.a \ 6351 $usr/ccs/lib/libform.a \ 6352 $usr/ccs/lib/libgen.a \ 6353 $usr/ccs/lib/libl.a \ 6354 $usr/ccs/lib/libmalloc.a \ 6355 $usr/ccs/lib/libmenu.a \ 6356 $usr/ccs/lib/libpanel.a \ 6357 $usr/ccs/lib/libtermcap.a \ 6358 $usr/ccs/lib/libtermlib.a \ 6359 $usr/ccs/lib/liby.a \ 6360 $usr/lib/lib300.a \ 6361 $usr/lib/lib300s.a \ 6362 $usr/lib/lib4014.a \ 6363 $usr/lib/lib450.a \ 6364 $usr/lib/libTL.a \ 6365 $usr/lib/libadm.a \ 6366 $usr/lib/libadt_jni.a \ 6367 $usr/lib/libbsdmalloc.a \ 6368 $usr/lib/libbsm.a \ 6369 $usr/lib/libc.a \ 6370 $usr/lib/libc2.a \ 6371 $usr/lib/libc2stubs.a \ 6372 $usr/lib/libcmd.a \ 6373 $usr/lib/libcrypt.a \ 6374 $usr/lib/libcrypt_d.a \ 6375 $usr/lib/libcrypt_i.a \ 6376 $usr/lib/libcurses.a \ 6377 $usr/lib/libdevid.a \ 6378 $usr/lib/libdevinfo.a \ 6379 $usr/lib/libdhcpagent.a \ 6380 $usr/lib/libdhcputil.a \ 6381 $usr/lib/libdl_stubs.a \ 6382 $usr/lib/libefi.a \ 6383 $usr/lib/libelf.a \ 6384 $usr/lib/libform.a \ 6385 $usr/lib/libgen.a \ 6386 $usr/lib/libgenIO.a \ 6387 $usr/lib/libike.a \ 6388 $usr/lib/libinetcfg.a \ 6389 $usr/lib/libinetutil.a \ 6390 $usr/lib/libintl.a \ 6391 $usr/lib/libkstat.a \ 6392 $usr/lib/libl.a \ 6393 $usr/lib/libldfeature.a \ 6394 $usr/lib/libmail.a \ 6395 $usr/lib/libmalloc.a \ 6396 $usr/lib/libmapmalloc.a \ 6397 $usr/lib/libmenu.a \ 6398 $usr/lib/libmeta.a \ 6399 $usr/lib/libmp.a \ 6400 $usr/lib/libnisdb.a \ 6401 $usr/lib/libnls.a \ 6402 $usr/lib/libnsl.a \ 6403 $usr/lib/libnss_compat.a \ 6404 $usr/lib/libnss_dns.a \ 6405 $usr/lib/libnss_files.a \ 6406 $usr/lib/libnss_nis.a \ 6407 $usr/lib/libnss_nisplus.a \ 6408 $usr/lib/libp/libc.a \ 6409 $usr/lib/libpam.a \ 6410 $usr/lib/libpanel.a \ 6411 $usr/lib/libplot.a \ 6412 $usr/lib/librac.a \ 6413 $usr/lib/libresolv.a \ 6414 $usr/lib/librpcsvc.a \ 6415 $usr/lib/libsec.a \ 6416 $usr/lib/libsendfile.a \ 6417 $usr/lib/libsocket.a \ 6418 $usr/lib/libstraddr.a \ 6419 $usr/lib/libtermcap.a \ 6420 $usr/lib/libtermlib.a \ 6421 $usr/lib/libuuid.a \ 6422 $usr/lib/libvolmgt.a \ 6423 $usr/lib/libvt0.a \ 6424 $usr/lib/libw.a \ 6425 $usr/lib/liby.a \ 6426 $usr/lib/null.a \ 6427 $usr/lib/sparcv9/libadt_jni.a \ 6428 $usr/lib/sparcv9/libinetutil.a \ 6429 $usr/lib/sparcv9/libldfeature.a \ 6430 $usr/lib/sparcv9/libsendfile.a \ 6431 $usr/platform/sun4u/lib/libwrsmconf.a \ 6432 $usr/ucblib/libcurses.a \ 6433 $usr/ucblib/libdbm.a \ 6434 $usr/ucblib/libtermcap.a \ 6435 $usr/ucblib/libucb.a 6436 6437 # 6438 # Remove other obsolete files, too 6439 rm -f \ 6440 $usr/include/table.h \ 6441 $usr/include/libgenIO.h \ 6442 $usr/include/sys/kd.h \ 6443 $usr/lib/llib-lTL \ 6444 $usr/lib/llib-lTL.ln 6445 6446 # 6447 # libc_psr.so.1 and libmd5_psr.so.1 have been moved 6448 # from /usr/platform/*/lib to /platform/*/lib. 6449 # Remove the old files and their containing directories 6450 rm -f $usr/platform/*/lib/libc_psr.so.1 6451 rm -f $usr/platform/*/lib/sparcv9/libc_psr.so.1 6452 rm -f $usr/platform/*/lib/libmd5_psr.so.1 6453 rm -f $usr/platform/*/lib/sparcv9/libmd5_psr.so.1 6454 rmdir $usr/platform/*/lib/sparcv9 2>/dev/null 6455 rmdir $usr/platform/*/lib 2>/dev/null 6456 6457 # 6458 # libmd5_psr.so.1 and symlinks to it have been replaced 6459 # by libmd_psr.so.1 and thus need to be removed 6460 rm -f $root/platform/*/lib/libmd5_psr.so.1 6461 rm -f $root/platform/*/lib/sparcv9/libmd5_psr.so.1 6462 6463 # 6464 # Remove obsolete profile libc symlinks 6465 rm -f $usr/lib/libp/libc.so 6466 rm -f $usr/lib/libp/sparcv9/libc.so 6467 6468 # 6469 # Remove Legacy DR files, now obsolete due to NGDR Phase II putback 6470 # 6471 STARFIRE_PLAT=platform/SUNW,Ultra-Enterprise-10000 6472 rm -f \ 6473 $root/$STARFIRE_PLAT/kernel/drv/dr \ 6474 $root/$STARFIRE_PLAT/kernel/drv/dr.conf \ 6475 $root/$STARFIRE_PLAT/kernel/misc/drmach \ 6476 $root/$STARFIRE_PLAT/kernel/drv/sparcv9/dr \ 6477 $root/$STARFIRE_PLAT/kernel/misc/sparcv9/drmach \ 6478 $root/$STARFIRE_PLAT/lib/dr_daemon \ 6479 $usr/platform/sun4u/include/sys/dr.h \ 6480 $usr/platform/sun4u/include/sys/sfdr.h 6481 <