Home | History | Annotate | Download | only in kmf
      1 #!/usr/bin/ksh -p
      2 #
      3 # CDDL HEADER START
      4 #
      5 # The contents of this file are subject to the terms of the
      6 # Common Development and Distribution License (the "License").
      7 # You may not use this file except in compliance with the License.
      8 #
      9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
     10 # or http://www.opensolaris.org/os/licensing.
     11 # See the License for the specific language governing permissions
     12 # and limitations under the License.
     13 #
     14 # When distributing Covered Code, include this CDDL HEADER in each
     15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
     16 # If applicable, add the following below this CDDL HEADER, with the
     17 # fields enclosed by brackets "[]" replaced with your own identifying
     18 # information: Portions Copyright [yyyy] [name of copyright owner]
     19 #
     20 # CDDL HEADER END
     21 #
     22 
     23 #
     24 # Copyright 2009 Sun Microsystems, Inc.  All rights reserved.
     25 # Use is subject to license terms.
     26 #
     27 # ident	"@(#)configure.ksh	1.3	09/09/03 SMI"
     28 #
     29 
     30 echo $STF_EXECUTE_MODES | grep "tpm" > /dev/dull 2>&1
     31 if [[ $? -eq 0 ]]; then
     32 	print "Checking that all required packages are installed for TPM..."
     33 	for pkg in SUNWtpm SUNWtss SUNWtss-root; do
     34 		/usr/bin/pkginfo -q $pkg > /dev/null 2>&1
     35 		if [[ $? -ne 0 ]]; then
     36 			print -u2 "Missing package $pkg, please see README."
     37 			exit 1
     38 		fi
     39 	done
     40 
     41 	print "Checking that the 'tcsd' service is running..."
     42 	if [[ $(/usr/bin/svcprop -p restarter/state tcsd) != "online" ]]; then
     43 		/usr/sbin/svcadm enable -s tcsd
     44 		if [[ $? -ne 0 ]]; then
     45 			print -u2 "Can't start 'tcsd', please see README."
     46 			exit 1
     47 		fi
     48 	fi
     49 
     50 	print "Checking that the TPM device is owned and working..."
     51 	/usr/bin/tpmadm status | grep "TPM is NOT owned" > /dev/null 2>&1
     52 	if [[ $? -eq 0 ]]; then
     53 		$EXPECT $STF_SUITE/tests/pktool/lib/tpmadm_init.exp \
     54 		    pw=$TPM_OWNER_SECRET
     55 		if [[ $? -ne 0 ]]; then
     56 			print -u2 "Can't take ownership of TPM, see README."
     57 			exit 1
     58 		fi
     59 	fi
     60 
     61 	print "Checking that the PCKS#11 TPM token is installed..."
     62 	/usr/sbin/cryptoadm list -p | grep "pkcs11_tpm" > /dev/null 2>&1
     63 	if [[ $? -ne 0 ]]; then
     64 		/usr/sbin/cryptoadm install \
     65 		    provider=/usr/lib/security/\$ISA/pkcs11_tpm.so
     66 		if [[ $? -ne 0 ]]; then
     67 			print -u2 "Can't install the TPM token, see README."
     68 			exit 1
     69 		fi
     70 	fi
     71 
     72 	for mode in $STF_EXECUTE_MODES; do
     73 		if [[ $mode == tpm* ]]; then
     74 			cat > $1.$mode <<-EOF
     75 			export TPM_ENABLED=true
     76 			EOF
     77 			if [[ $? -ne 0 ]]; then
     78 				print -u2 "Can't write to config file: $1.$mode"
     79 				exit 1
     80 			fi
     81 		fi
     82 	done
     83 fi
     84 
     85 exit 0
     86