blob: b7388b1c1a3804027b2825663c69388bf1d2a5d3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
|
#!/bin/sh
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
# Copyright 2007 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
#pragma ident "%Z%%M% %I% %E% SMI"
#
# This program is invoked to do the actual file transfer
# associated with an invocation of the setflabel(3TSOL) function.
#
# It executes in the global zone with the user's identity and
# basic privileges plus the file_dac_search privilege. This
# script should not not assume that stdio is available or that
# any particular environment variables are set. In particular,
# the DISPLAY variable will not normally be pre-set.
#
# Authorization checks and zone limit privilege checks
# are done before calling this script. Auditing is done
# upon return.
#
##############################################################
#
# Calling sequence:
#
# $1 is the global zone real pathname of the source file
#
# $2 is the global zone real destination pathname
#
# Exit status:
#
# 0 on success
# 1 on error
#
##############################################################
#
# This script can be customized or replaced to perform
# additional processing such as tranquility checks, dirty
# word filtering, copying instead of moving, etc.
#
# By default it does a check to determine if the source file
# is in use by calling fuser(1). However, this check
# does not work for filesystems that were automounted in
# non-global zones.
#
# Perform a simple tranquility check
#
inuse=`/usr/sbin/fuser $1 2>&1 | /usr/bin/cut -d ":" -f2`
if [ $inuse ]; then
#
# file is in use
#
exit 1
else
#
# Perform an inter-zone move of the data
/usr/bin/mv $1 $2
exit $?
fi
|
