1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
|
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
# Copyright 2007 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
# ident "%Z%%M% %I% %E% SMI"
#
#
# Clear sysidtool which may have gone into maintenance due to a dependency
# cycle with milestone/single-user, when upgrading to a system that
# introduces milestone/sysconfig.
#
cat >> $BASEDIR/var/svc/profile/upgrade <<\_CLRSYSID
/usr/sbin/svcadm clear svc:/system/sysidtool:net
/usr/sbin/svcadm clear svc:/system/sysidtool:system
_CLRSYSID
if [ -f $BASEDIR/etc/inet/ipnodes.hostsmerge ]; then
rm -f $BASEDIR/etc/inet/ipnodes.hostsmerge
fi
if [ -h $BASEDIR/var/mail.ABCsavedXYZ ] ; then
rmdir $BASEDIR/var/mail/:saved >/dev/null 2>&1
if [ $? = 0 ] ; then
rmdir $BASEDIR/var/mail >/dev/null 2>&1
if [ $? = 0 ] ; then
mv $BASEDIR/var/mail.ABCsavedXYZ $BASEDIR/var/mail
fi
fi
rm -fr $BASEDIR/var/mail.ABCsavedXYZ
fi
if [ -h $BASEDIR/var/news.ABCsavedXYZ ] ; then
rmdir $BASEDIR/var/news >/dev/null 2>&1
if [ $? = 0 ] ; then
mv $BASEDIR/var/news.ABCsavedXYZ $BASEDIR/var/news
fi
rm -fr $BASEDIR/var/news.ABCsavedXYZ
fi
PMTAB=$BASEDIR/etc/saf/tcp/_pmtab
if [ -f $PMTAB ] ; then
sed -e 's/\\x00020ACE......../\\x00020ACE00000000/' \
-e 's/\\x00020203......../\\x0002020300000000/' $PMTAB >/tmp/t.$$
cp /tmp/t.$$ $PMTAB
fi
AUTH_ATTR=$BASEDIR/etc/security/auth_attr
if [ -f $AUTH_ATTR ] ; then
sed '/^solaris\.\*/d' $AUTH_ATTR > /tmp/a.$$
cp /tmp/a.$$ $AUTH_ATTR
rm -f /tmp/a.$$
fi
INITTAB=$BASEDIR/etc/inittab
if [ -f $INITTAB -a -n "$SUNW_PKG_INSTALL_ZONENAME" -a \
"$SUNW_PKG_INSTALL_ZONENAME" != "global" ]; then
sed -e '/^ap:/d' -e '/^sp:/d' $INITTAB > /tmp/i.$$
cp /tmp/i.$$ $INITTAB
rm -f /tmp/i.$$
fi
VFSTAB=$BASEDIR/etc/vfstab
if [ -f $VFSTAB -a -n "$SUNW_PKG_INSTALL_ZONENAME" -a \
"$SUNW_PKG_INSTALL_ZONENAME" != "global" ]; then
sed '/^\/devices[ ]/d' $VFSTAB > /tmp/v.$$
cp /tmp/v.$$ $VFSTAB
rm -f /tmp/v.$$
fi
#
# Get rid of obsolete BIND 8 server instance
#
cat >> $BASEDIR/var/svc/profile/upgrade <<\_DEL_BIND8
obs_se=/usr/sbin/in.named
cur_se=`svcprop -p start/exec svc:/network/dns/server 2>/dev/null`
if [ "$obs_se" = "$cur_se" ]; then
svcadm disable -s svc:/network/dns/server:default
svccfg delete svc:/network/dns/server:default
# If this was the only instance, delete the service also
svcs network/dns/server >/dev/null 2>&1 || \
svccfg delete svc:/network/dns/server
fi
_DEL_BIND8
#
# Remove stale GLD services
#
SVCCFG_REPOSITORY=$PKG_INSTALL_ROOT/etc/svc/repository.db
export SVCCFG_REPOSITORY
if [ -x /usr/sbin/svcadm -a -x /usr/sbin/svccfg -a \
-f $PKG_INSTALL_ROOT/var/svc/manifest/network/datalink.xml ]; then
if [ -r $PKG_INSTALL_ROOT/etc/svc/volatile/repository_door ]; then
#
# Local package install. Need to disable the services first
# before deleting.
#
svcadm disable -s svc:/network/aggregation >/dev/null 2>&1
svcadm disable -s svc:/network/datalink-init >/dev/null 2>&1
svcadm disable -s svc:/network/datalink >/dev/null 2>&1
fi
svccfg delete svc:/network/aggregation >/dev/null 2>&1
svccfg delete svc:/network/datalink-init >/dev/null 2>&1
svccfg delete svc:/network/datalink >/dev/null 2>&1
fi
#
# svc:/network/rpc/keyserv is expected to be off on systems that don't
# set domainname. On systems that do define a default domain, leave the
# setting as previously set.
#
cat >> $BASEDIR/var/svc/profile/upgrade <<\_CSVC_UPGRADE_2
if [ ! -f /etc/defaultdomain ]; then
svcadm disable network/rpc/keyserv
fi
_CSVC_UPGRADE_2
if [ "$UPDATE" != yes ]; then
#
# On initial install, default to ns_files.xml. The installer will
# customize, if appropriate.
#
ln -s ns_files.xml $BASEDIR/var/svc/profile/name_service.xml
elif [ ! -r $BASEDIR/var/svc/profile/name_service.xml ] || \
[ ! -L $BASEDIR/var/svc/profile/name_service.xml ]; then
#
# Associate name service profile, if none present.
#
grep ldap $BASEDIR/etc/nsswitch.conf >/dev/null 2>&1
is_ldap=$?
grep nisplus $BASEDIR/etc/nsswitch.conf >/dev/null 2>&1
is_nisplus=$?
grep nis $BASEDIR/etc/nsswitch.conf >/dev/null 2>&1
is_nis=$?
if [ $is_ldap = 0 ]; then
ns_profile=ns_ldap.xml
elif [ $is_nisplus = 0 ]; then
ns_profile=ns_nisplus.xml
elif [ $is_nis = 0 ]; then
ns_profile=ns_nis.xml
else
ns_profile=ns_files.xml
fi
# Remove stale copy of name_service.xml, if it is not a symlink.
if [ ! -L $BASEDIR/var/svc/profile/name_service.xml ]; then
/usr/bin/rm -f $BASEDIR/var/svc/profile/name_service.xml
fi
ln -s $ns_profile $BASEDIR/var/svc/profile/name_service.xml
grep dns $BASEDIR/etc/nsswitch.conf >/dev/null 2>&1
if [ $? = 0 ]; then
echo "/usr/sbin/svcadm enable network/dns/client" >> \
$BASEDIR/var/svc/profile/upgrade
fi
fi
#
# Associate correct inetd services profile.
#
rm -f $BASEDIR/var/svc/profile/inetd_services.xml
if [ "$UPDATE" = yes ]; then
ln -s inetd_upgrade.xml $BASEDIR/var/svc/profile/inetd_services.xml
# Ensure inetd-upgrade is run post-upgrade
echo "/usr/sbin/svcadm enable network/inetd-upgrade" >> \
$BASEDIR/var/svc/profile/upgrade
else
ln -s inetd_generic.xml $BASEDIR/var/svc/profile/inetd_services.xml
fi
#
# /etc/svc/repository.db was previously packaged but it is now generated
# from one of the seed repositories and then updated by svccfg(1M).
# Therefore, removef(1M) is used to remove the packaging database entry
# although the repository itself is preserved.
#
/usr/sbin/removef $PKGINST /etc/svc/repository.db >/dev/null 2>&1
/usr/sbin/removef -f $PKGINST >/dev/null 2>&1
# Solaris audit's internal "enable/disable" state is maintained by
# c2audit; if c2audit accepts the auditconfig query, then auditing is
# enabled. If that is the case, then SMF should always enable auditd
# in the global zone and also in a non-global zone if perzone auditing
# is in use.
cat >> $BASEDIR/var/svc/profile/upgrade <<\_ENABLE_AUDIT
/usr/sbin/auditconfig -getcond 2> /dev/null
if [ $? -eq 0 ]; then
if [ `/sbin/zonename` = global ]; then
/usr/sbin/svcadm enable system/auditd
else
echo `/usr/sbin/auditconfig -getpolicy` | grep perzone > /dev/null
if [ $? -eq 0 ]; then
/usr/sbin/svcadm enable system/auditd
fi
fi
fi
_ENABLE_AUDIT
PROFILEDIR=$BASEDIR/var/svc/profile
GENERICXML=${PROFILEDIR}/generic.xml
if [ -f $BASEDIR/var/SUNWcsr-apply-limited-net ]; then
UPGRADEFILE=${PROFILEDIR}/upgrade
ln -sf ./generic_limited_net.xml ${GENERICXML}
cat >> ${UPGRADEFILE} <<\_ENABLE_LIMITED_NET
#
# apply the generic_limit_net profile selected at install
# time, and set the accompanying properties since they can't
# be readily set in the profile as of yet.
#
apply_limited_net()
{
/usr/sbin/netservices limited
}
# apply_limited_net as last action of this upgrade script
trap apply_limited_net 0
_ENABLE_LIMITED_NET
rm -f $BASEDIR/var/SUNWcsr-apply-limited-net
else
#
# This is not an initial (zone-)install: we are upgrading.
#
# If we have a previous version of generic.xml, keep that.
# Otherwise (upgrade from pre-SMF filesystem) take the default
# action, i.e., sym-link to ./generic_open.xml
#
if [ -h $GENERICXML.ABCsavedXYZ -o -f $GENERICXML.ABCsavedXYZ ]; then
mv $GENERICXML.ABCsavedXYZ $GENERICXML
elif [ ! -h $GENERICXML -a ! -f $GENERICXML ]; then
ln -s ./generic_open.xml $GENERICXML
fi
fi
#delete old mpxio-upgrade service and import new mpxio-upgrade service
OLD_MPXIO_SERVICE="svc:/platform/sun4u/mpxio-upgrade"
OLD_MPXIO_XML=$PKG_INSTALL_ROOT/var/svc/manifest/platform/sun4u/mpxio-upgrade.xml
NEW_MPXIO_XML=$PKG_INSTALL_ROOT/var/svc/manifest/system/device/mpxio-upgrade.xml
if [ "$UPDATE" = yes ]; then
if [ -x /usr/sbin/svcadm -a -x /usr/sbin/svccfg -a \
-f $OLD_MPXIO_XML ]; then
svccfg delete $OLD_MPXIO_SERVICE:default > /dev/null 2>&1
svccfg delete $OLD_MPXIO_SERVICE > /dev/null 2>&1
rm $OLD_MPXIO_XML
if [ -f $NEW_MPXIO_XML ]; then
svccfg import $NEW_MPXIO_XML
fi
fi
fi
exit 0
|
