1 files changed, 211 insertions, 0 deletions
diff --git a/usr/src/cmd/svc/milestone/smartdc-config b/usr/src/cmd/svc/milestone/smartdc-config
new file mode 100755
index 0000000000..510c93add6
--- /dev/null
+++ b/usr/src/cmd/svc/milestone/smartdc-config
@@ -0,0 +1,211 @@
+#!/bin/bash
+#
+# CDDL HEADER START
+#
+# The contents of this file are subject to the terms of the
+# Common Development and Distribution License (the "License").
+# You may not use this file except in compliance with the License.
+#
+# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
+# or http://www.opensolaris.org/os/licensing.
+# See the License for the specific language governing permissions
+# and limitations under the License.
+#
+# When distributing Covered Code, include this CDDL HEADER in each
+# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
+# If applicable, add the following below this CDDL HEADER, with the
+# fields enclosed by brackets "[]" replaced with your own identifying
+# information: Portions Copyright [yyyy] [name of copyright owner]
+#
+# CDDL HEADER END
+#
+# Copyright 2019 Joyent, Inc.
+#
+
+#
+# Despite its "smartdc/config" name, this service is used both for SmartOS and
+# Triton. It has two jobs:
+#
+# During an initial setup, this runs through the initial (possibly interactive)
+# configuration.
+#
+# During normal operation, it does some miscellaneous configuration based on
+# /usbkey/config (which, under Triton, will have already been updated from the
+# USB key by svc:/system/filesystem/smartdc:default).
+#
+
+set -o errexit
+set -o xtrace
+
+. /lib/svc/share/smf_include.sh
+. /lib/sdc/config.sh
+
+export PATH="/usr/sbin:/sbin:/usr/bin"
+
+set_root_password() {
+    enc_password=$1
+
+    sed -e "s|^root:[^\:]*:|root:${enc_password}:|" /etc/shadow > /etc/shadow.new \
+      && chmod 400 /etc/shadow.new \
+      && mv /etc/shadow.new /etc/shadow
+}
+
+case "$1" in
+'start')
+
+    # If we're a headnode, see if we have to do interactive configuration.
+    if /bin/bootparams | grep "^headnode=true" > /dev/null 2>&1; then
+        USB_PATH=/mnt/`svcprop -p "joyentfs/usb_mountpoint" svc:/system/filesystem/smartdc:default`
+
+        # Check for config and run interactive if it doesn't exist.
+        if [[ ! -f ${USB_PATH}/config ]]; then
+            if /bin/bootparams | grep "^noimport=true" >/dev/null 2>&1; then
+                # Skipping interactive config, bypass rest of script.
+                exit $SMF_EXIT_OK
+            fi
+
+            /smartdc/lib/sdc-on-tty -d /dev/console \
+                ${USB_PATH}/scripts/prompt-config.sh "${USB_PATH}"
+
+            # If user quit from interactive configuration then we're done.
+            [[ ! -f ${USB_PATH}/config ]] && exit $SMF_EXIT_OK
+        fi
+    elif /bin/bootparams | grep "^smartos=true" > /dev/null 2>&1; then
+        USB_PATH=/`svcprop -p "joyentfs/usb_copy_path" svc:/system/filesystem/smartdc:default`
+
+        # Check for config and run interactive if it doesn't exist.
+        if [[ ! -f ${USB_PATH}/config ]]; then
+            if /bin/bootparams | grep "^noimport=true" >/dev/null 2>&1; then
+                # Skipping interactive config, bypass rest of script.
+                exit $SMF_EXIT_OK
+            fi
+
+            /smartdc/lib/sdc-on-tty -d /dev/console \
+                /smartdc/lib/smartos_prompt_config.sh "${USB_PATH}"
+
+            # If user quit from interactive configuration then we're done.
+            [[ ! -f ${USB_PATH}/config ]] && exit $SMF_EXIT_OK
+        fi
+    fi
+
+    # This puts config vars in CONFIG_
+    load_sdc_config
+    load_sdc_sysinfo
+
+    # Write the info about this datacenter to /.dcinfo so we can use in the GZ
+    echo "SDC_DATACENTER_NAME='${CONFIG_datacenter_name}'" > /.dcinfo
+
+    if [[ -n "${SYSINFO_Bootparam_smartos}" && -f /usbkey/shadow ]]; then
+        echo "setting root password from /usbkey/shadow"
+    # Boot parameter takes precidence over config
+    elif [[ -n "${SYSINFO_Bootparam_root_shadow}" ]]; then
+        set_root_password "${SYSINFO_Bootparam_root_shadow}"
+        echo "Set root password boot parameters."
+    elif [[ -n "${CONFIG_root_shadow}" ]]; then
+        set_root_password "${CONFIG_root_shadow}"
+        echo "Set root password from config."
+    else
+        echo "No root shadow entry in the config, cannot set."
+    fi
+
+    # Set authorized_keys for root
+    if [[ -n "${CONFIG_root_authorized_keys_file}" ]] \
+        && [[ -n "${CONFIG_config_inc_dir}" ]] \
+        && [[ -d "${CONFIG_config_inc_dir}" ]] \
+        && [[ -f "${CONFIG_config_inc_dir}/${CONFIG_root_authorized_keys_file}" ]]; then
+
+        mkdir -p /root/.ssh
+        cp "${CONFIG_config_inc_dir}/${CONFIG_root_authorized_keys_file}" /root/.ssh/authorized_keys
+        chmod 0600 /root/.ssh/authorized_keys
+        chmod 0700 /root/.ssh
+    fi
+
+    if [[ -n "${CONFIG_ntp_conf_file}" ]] \
+        && [[ -n "${CONFIG_config_inc_dir}" ]] \
+        && [[ -d "${CONFIG_config_inc_dir}" ]] \
+        && [[ -f "${CONFIG_config_inc_dir}/${CONFIG_ntp_conf_file}" ]]; then
+        #
+        # We were given a valid NTP configuration file, so use it without
+        # modification:
+        #
+        cp "${CONFIG_config_inc_dir}/${CONFIG_ntp_conf_file}" \
+          /etc/inet/ntp.conf
+        echo "Copied NTP configuration."
+    else
+        #
+        # If we have an admin network defined, allow time service from this
+        # network:
+        #
+        ntp_aflag=
+        if [[ -n ${CONFIG_admin_network} && -n ${CONFIG_admin_netmask} ]]; then
+            if [[ "${CONFIG_admin_network}" != "..." ]]; then
+                ntp_aflag="-a ${CONFIG_admin_network}/${CONFIG_admin_netmask}"
+            fi
+        fi
+
+        #
+        # If we were given a list of servers, use it:
+        #
+        ntp_hosts="${CONFIG_ntp_hosts}"
+        if [[ -z "${ntp_hosts}" ]]; then
+            #
+            # Otherwise, use the default SmartOS vendor pool from the NTP
+            # Pool Project:
+            #
+            ntp_hosts='0.smartos.pool.ntp.org'
+        fi
+
+        #
+        # Generate NTP configuration:
+        #
+        if ! /smartdc/lib/ntp_config -f /etc/inet/ntp.conf \
+          -s "${ntp_hosts}" ${ntp_aflag}; then
+            echo "FATAL: could not configure NTP" >&2
+            exit ${SMF_EXIT_ERR_CONFIG}
+        fi
+        echo "Generated NTP configuration."
+    fi
+
+    # set the keymap. For dvorak for instance
+    if [[ -n ${CONFIG_default_keymap} ]]; then
+        /usr/bin/loadkeys ${CONFIG_default_keymap}
+    fi
+
+    #
+    # In SmartOS, disabling SMT via the boot option is a pain, so we support a
+    # config option in /usbkey/config, the official mechanism for permanent
+    # configuration.  We'd like to do this earlier but we have to wait for
+    # /usbkey to be mounted first. This does imply we've potentially handed out
+    # "too many" interrupts for the set of CPUs remaining online.
+    #
+    if [[ -n $(/bin/bootparams | grep '^smartos=true') ]]; then
+        if [[ "$CONFIG_smt_enabled" = "false" ]]; then
+            psradm -aS || exit $SMF_EXIT_ERR_FATAL
+        fi
+    fi
+
+    # Enable virtual terminals to support interactive installation
+    vtdaemon="svc:/system/vtdaemon"
+    svccfg -s ${vtdaemon} setprop options/hotkeys=true
+    svcadm refresh ${vtdaemon}
+    svcadm enable ${vtdaemon}
+    svcadm enable svc:/system/console-login:vt2
+    svcadm enable svc:/system/console-login:vt3
+    svcadm enable svc:/system/console-login:vt4
+    svcadm enable svc:/system/console-login:vt5
+    svcadm enable svc:/system/console-login:vt6
+
+    # force update of sysinfo (and dump to stdout so we have in the log)
+    sysinfo -f
+
+    ;;
+
+'stop')
+    ;;
+
+*)
+    echo "Usage: $0 { start | stop }"
+    exit $SMF_EXIT_ERR_FATAL
+    ;;
+esac
+exit $SMF_EXIT_OK