1 #!/bin/sh 2 # 3 # CDDL HEADER START 4 # 5 # The contents of this file are subject to the terms of the 6 # Common Development and Distribution License (the "License"). 7 # You may not use this file except in compliance with the License. 8 # 9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10 # or http://www.opensolaris.org/os/licensing. 11 # See the License for the specific language governing permissions 12 # and limitations under the License. 13 # 14 # When distributing Covered Code, include this CDDL HEADER in each 15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16 # If applicable, add the following below this CDDL HEADER, with the 17 # fields enclosed by brackets "[]" replaced with your own identifying 18 # information: Portions Copyright [yyyy] [name of copyright owner] 19 # 20 # CDDL HEADER END 21 # 22 # 23 # Copyright 2008 Sun Microsystems, Inc. All rights reserved. 24 # Use is subject to license terms. 25 # 26 #ident "%Z%%M% %I% %E% SMI" 27 # 28 29 # 30 # NOTE: When a change is made to the source file for 31 # /etc/minor_perm, a corresponding change must be made to 32 # this class-action script. 33 # 34 # - If an existing entry in minor_perm is having its 35 # attributes e.g. permissions, ownership changed, 36 # add it to the list produced by make_chattr_list below. 37 # 38 # - If an existing entry must be deleted, add it to 39 # the list produced by make_delete_list below. 40 # 41 # - If a new entry must be added to the file, add it to the 42 # list produced by make_add_list. 43 # 44 # - If a new entry is being added to minor_perm, but there 45 # may already be devices of that name on the system (e.g. 46 # we used the system default permissions in a previous release), 47 # and those old devices now need to have their attributes changed, 48 # add it to the make_chattr_list AND the make_add_list lists 49 # 50 51 # 52 # If an entry in /etc/minor_perm needs to have its attributes 53 # changed, identify the entry in the list copied to /etc/chattr.$$ 54 # by this function. The fields are: 55 # 56 # <device>:<minor> <old_attrs> <new_attrs> <optional list of logical 57 # devices whose attributes 58 # will need to be changed> 59 # 60 # where an <attribute list> := <perm> <user> <group> 61 # 62 # NOTE: this list should also contain entries for nodes that previously 63 # were not in /etc/minor_perm (which means the default mode of 600, 64 # owner/group == root/sys), but now have an entry 65 # 66 67 make_chattr_list() 68 { 69 cat > /tmp/chattr.$$ << EOF 70 vol:volctl 0600 root sys 0666 root sys /dev/volctl 71 clone:llc1 0600 root sys 0666 root sys /dev/llc1 72 log:conslog 0620 root sys 0666 root sys /dev/conslog 73 sy:tty 0666 root sys 0666 root tty /dev/tty 74 icmp:icmp 0600 root sys 0666 root sys /dev/rawip 75 icmp6:icmp6 0600 root sys 0666 root sys /dev/rawip6 76 ip:ip 0660 root sys 0666 root sys /dev/ip 77 ip6:ip6 0660 root sys 0666 root sys /dev/ip6 78 rts:rts 0660 root sys 0666 root sys /dev/rts 79 keysock:keysock 0600 root sys 0666 root sys /dev/keysock 80 ipsecah:ipsecah 0600 root sys 0666 root sys /dev/ipsecah 81 ipsecesp:ipsecesp 0600 root sys 0666 root sys /dev/ipsecesp 82 spdsock:spdsock 0600 root sys 0666 root sys /dev/spdsock 83 sad:admin 0600 root sys 0666 root sys /dev/sad/admin 84 fssnap:ctl 0600 root sys 0666 root sys /dev/fssnapctl 85 fssnap:* 0600 root sys 0640 root sys /dev/fssnap/* 86 clone:dnet 0600 root sys 0666 root sys /dev/dnet 87 dnet:* 0600 root sys 0666 root sys /dev/dnet* 88 clone:elxl 0600 root sys 0666 root sys /dev/elxl 89 elxl:* 0600 root sys 0666 root sys /dev/elxl* 90 clone:iprb 0600 root sys 0666 root sys /dev/iprb 91 iprb:* 0600 root sys 0666 root sys /dev/iprb* 92 clone:pcelx 0600 root sys 0666 root sys /dev/pcelx 93 pcelx:* 0600 root sys 0666 root sys /dev/pcelx* 94 clone:spwr 0600 root sys 0666 root sys /dev/spwr 95 spwr:* 0600 root sys 0666 root sys /dev/spwr* 96 cpc:* 0600 root sys 0666 root sys /devices/pseudo/cpc* 97 ipf:* 0600 root sys 0666 root sys /dev/ipf 98 pfil:* 0600 root sys 0666 root sys /dev/pfil 99 scsi_vhci:devctl 0600 root sys 0666 root sys /devices/scsi_vhci:devctl 100 fbt:fbt 0600 root sys 0644 root sys /dev/dtrace/provider/fbt 101 lockstat:* 0600 root sys 0644 root sys /dev/dtrace/provider/lockstat 102 profile:profile 0600 root sys 0644 root sys /dev/dtrace/provider/profile 103 sdt:sdt 0600 root sys 0644 root sys /dev/dtrace/provider/sdt 104 systrace:systrace 0600 root sys 0644 root sys /dev/dtrace/provider/systrace 105 clone:bge 0600 root sys 0666 root sys /dev/bge 106 clone:igb 0600 root sys 0666 root sys /dev/igb 107 clone:ixgbe 0600 root sys 0666 root sys /dev/ixgbe 108 clone:rge 0600 root sys 0666 root sys /dev/rge 109 clone:xge 0600 root sys 0666 root sys /dev/xge 110 clone:nge 0600 root sys 0666 root sys /dev/nge 111 clone:chxge 0600 root sys 0666 root sys /dev/chxge 112 clone:pcn 0600 root sys 0666 root sys /dev/pcn 113 clone:rtls 0600 root sys 0666 root sys /dev/rtls 114 clone:ath 0600 root sys 0666 root sys /dev/ath 115 clone:ipw 0600 root sys 0666 root sys /dev/ipw 116 clone:iwi 0600 root sys 0666 root sys /dev/iwi 117 clone:iwk 0600 root sys 0666 root sys /dev/iwk 118 clone:pcwl 0600 root sys 0666 root sys /dev/pcwl 119 clone:pcan 0600 root sys 0666 root sys /dev/pcan 120 clone:ral 0600 root sys 0666 root sys /dev/ral 121 clone:rtw 0600 root sys 0666 root sys /dev/rtw 122 clone:ural 0600 root sys 0666 root sys /dev/ural 123 clone:wpi 0600 root sys 0666 root sys /dev/wpi 124 clone:afe 0600 root sys 0666 root sys /dev/afe 125 clone:dmfe 0600 root sys 0666 root sys /dev/dmfe 126 clone:mxfe 0600 root sys 0666 root sys /dev/mxfe 127 bge:* 0600 root sys 0666 root sys /dev/bge* 128 igb:* 0600 root sys 0666 root sys /dev/igb* 129 ixgbe:* 0600 root sys 0666 root sys /dev/ixgbe* 130 rge:* 0600 root sys 0666 root sys /dev/rge* 131 xge:* 0600 root sys 0666 root sys /dev/xge* 132 nge:* 0600 root sys 0666 root sys /dev/nge* 133 e1000g:* 0666 root root 0666 root sys /dev/e1000g* 134 chxge:* 0600 root sys 0666 root sys /dev/chxge* 135 pcn:* 0600 root sys 0666 root sys /dev/pcn* 136 rtls:* 0600 root sys 0666 root sys /dev/rtls* 137 ath:* 0600 root sys 0666 root sys /dev/ath* 138 ipw:* 0600 root sys 0666 root sys /dev/ipw* 139 iwi:* 0600 root sys 0666 root sys /dev/iwi* 140 iwk:* 0600 root sys 0666 root sys /dev/iwk* 141 pcwl:* 0600 root sys 0666 root sys /dev/pcwl* 142 pcan:* 0600 root sys 0666 root sys /dev/pcan* 143 ral:* 0600 root sys 0666 root sys /dev/ral* 144 rtw:* 0600 root sys 0666 root sys /dev/rtw* 145 ural:* 0600 root sys 0666 root sys /dev/ural* 146 wpi:* 0600 root sys 0666 root sys /dev/wpi* 147 afe:* 0600 root sys 0666 root sys /dev/afe* 148 dmfe:* 0600 root sys 0666 root sys /dev/dmfe* 149 mxfe:* 0600 root sys 0666 root sys /dev/mxfe* 150 balloon:* 0600 root sys 0444 root sys /dev/xen/balloon 151 domcaps:* 0600 root sys 0444 root sys /dev/xen/domcaps 152 evtchn:* 0600 root sys 0666 root sys /dev/xen/evtchn 153 privcmd:* 0600 root sys 0666 root sys /dev/xen/privcmd 154 xenbus:* 0600 root sys 0666 root sys /dev/xen/xenbus 155 EOF 156 } 157 158 # 159 # If an entry in /etc/minor_perm needs to be deleted, identify 160 # the entry in the list copied to /etc/delete.$$ by this function. 161 # The fields are: 162 # 163 # <device>:<minor> <optional list of logical devices to be deleted> 164 # 165 166 make_delete_list() 167 { 168 cat > /tmp/delete.$$ << EOF 169 rip:rawip 170 consfb:consfb 171 clone:el 172 clone:elx 173 clone:sle 174 clone:sie 175 clone:sp 176 clone:ip 177 clone:icmp 178 clone:udp 179 clone:tcp 180 clone:rts 181 clone:arp 182 clone:ipsecah 183 clone:ipsecesp 184 clone:keysock 185 clone:smc 186 clone:tr 187 clone:sbpro 188 elx:* 189 sbpro:* 190 win:* 191 cmtp:* 192 profile:profile 193 asy:[a-z] 194 asy:[a-z],cu 195 i2o_bs:* 196 EOF 197 } 198 199 # 200 # If an entry needs to be added to /etc/minor_perm, add the first 201 # field of the entry to the list created by this function. The 202 # remainder of the entry will be extracted from the /etc/minor_perm 203 # in the package being installed, so it is not necessary to supply 204 # it here. 205 # 206 207 make_add_list() 208 { 209 cat > /tmp/add.$$ << EOF 210 vol:volctl 211 clone:llc1 212 tnf:tnfctl 213 tnf:tnfmap 214 st:* 215 pm:* 216 devinfo:devinfo 217 openeepr:openprom 218 wc:* 219 ip:ip 220 ip6:ip6 221 icmp:icmp 222 icmp6:icmp6 223 udp:udp 224 udp6:udp6 225 tcp:tcp 226 tcp6:tcp6 227 rts:rts 228 arp:arp 229 poll:* 230 pool:pool 231 pool:poolctl 232 cpc:shared 233 sysmsg:msglog 234 sysmsg:sysmsg 235 ipsecah:ipsecah 236 ipsecesp:ipsecesp 237 keysock:keysock 238 spdsock:spdsock 239 devinfo:devinfo,ro 240 lofi:* 241 lofi:ctl 242 sgen:* 243 fssnap:* 244 fssnap:ctl 245 rsm:* 246 random:* 247 mm:allkmem 248 clone:dnet 249 dnet:* 250 clone:elxl 251 elxl:* 252 clone:ibd 253 ibd:* 254 clone:iprb 255 iprb:* 256 clone:pcelx 257 pcelx:* 258 clone:spwr 259 spwr:* 260 sysevent:* 261 ramdisk:* 262 ramdisk:ctl 263 cryptoadm:cryptoadm 264 crypto:crypto 265 dtrace:* 266 fasttrap:fasttrap 267 ipf:* 268 pfil:* 269 bl:* 270 sctp:* 271 sctp6:* 272 vni:* 273 cpuid:self 274 clone:bge 275 clone:igb 276 clone:ixgbe 277 clone:rge 278 clone:xge 279 clone:nge 280 clone:e1000g 281 clone:chxge 282 clone:pcn 283 clone:rtls 284 clone:ath 285 clone:ipw 286 clone:iwi 287 clone:iwk 288 clone:pcwl 289 clone:pcan 290 clone:ral 291 clone:rtw 292 clone:ural 293 clone:wpi 294 clone:afe 295 clone:dmfe 296 clone:mxfe 297 bge:* 298 igb:* 299 ixgbe:* 300 rge:* 301 xge:* 302 nge:* 303 e1000g:* 304 chxge:* 305 pcn:* 306 rtls:* 307 ath:* 308 ipw:* 309 iwi:* 310 iwk:* 311 pcwl:* 312 pcan:* 313 ral:* 314 rtw:* 315 ural:* 316 wpi:* 317 afe:* 318 dmfe:* 319 mxfe:* 320 bmc:bmc 321 dld:* 322 aggr:* 323 smbios:smbios 324 zfs:* 325 zfs:zfs 326 scsi_vhci:* 327 kssl:* 328 fbt:fbt 329 profile:profile 330 sdt:sdt 331 softmac:* 332 systrace:systrace 333 lx_ptm:lx_ptmajor 334 lx_systrace:* 335 physmem:* 336 asy:* 337 asy:*,cu 338 ucode:* 339 acpi_drv:* 340 smbsrv:* 341 vscan:* 342 nsmb:* 343 balloon:* 344 domcaps:* 345 evtchn:* 346 privcmd:* 347 xenbus:* 348 EOF 349 } 350 351 PATH="/sbin:/usr/sbin:/usr/bin:/usr/sadm/install/bin" 352 export PATH 353 354 # Internal routine to create a sed script which can be used to 355 # escape all shell globbing metacharacters in a path. 356 357 create_esc_sedscript() 358 { 359 cat > /tmp/esc.sed.$$ << EOF 360 s/\*/\\\\*/g 361 s/\?/\\\\?/g 362 s/\[/\\\\[/g 363 s/\]/\\\\]/g 364 EOF 365 } 366 367 # Internal routine to convert an entry in a /tmp/chwhatever.$$ file to 368 # an appropriately escaped pattern which can be used to grep into minor_perm. 369 370 entry2pattern() 371 { 372 # the first argument is the 'key' field from the change file. 373 # entries can contain shell globbing characters to match 374 # several devices - hence all the palaver below. 375 376 printf '%s' `echo "$1" | sed \ 377 -e 's/\*/\\\\*/g' -e 's/\?/\\\\?/g' \ 378 -e 's/\./\\\\./g' -e 's/\[/\\\\[/g' \ 379 -e 's/\]/\\\\]/g'` 380 shift 381 382 # the remaining optional arguments are tokens separated by white-space 383 384 if [ $# = 0 ] ; then 385 printf '[ \t]' 386 else 387 while [ -n "$1" ] 388 do 389 printf '[ \t][ \t]*%s' $1 390 shift 391 done 392 printf '[ \t]*$' 393 fi 394 } 395 396 while read src dest 397 do 398 if [ ! -f $dest ] ; then 399 cp $src $dest 400 else 401 rm -f /tmp/*.$$ 402 create_esc_sedscript 403 make_chattr_list 404 make_delete_list 405 make_add_list 406 407 # 408 # Process the list of devices whose attributes are to be 409 # changed. Find those that actually need to be 410 # applied to the file. For each change that needs 411 # to be applied, add an entry for it to the sed 412 # script that will eventually be applied to the 413 # currently-installed /etc/minor_perm file. Also, 414 # add an entry to the /tmp/chdevs.$$ file, which 415 # contains the list of logical names of devices 416 # whose permissions need to be changed. 417 # 418 419 cat /tmp/chattr.$$ | \ 420 while read key oldp oldu oldg newp newu newg chdevs 421 do 422 do_chdevs=no 423 424 # 425 # First determine whether the device entry 426 # is already in the file, but with the old 427 # permissions. If so, the entry needs to be 428 # modified and the devices in the chdevs list 429 # need to have their permissions and ownerships 430 # changed. 431 # 432 grepstr=`entry2pattern "${key}" $oldp $oldu $oldg` 433 if grep "$grepstr" $dest > /dev/null 2>&1; then 434 echo "s/${grepstr}/$key $newp $newu $newg/" \ 435 >> /tmp/sedscript.$$ 436 do_chdevs=yes 437 fi 438 439 # 440 # Now determine whether the device entry is 441 # in the file at all. If not, it is a new 442 # entry, but there may already be devices 443 # on the system whose permissions need to 444 # be changed. 445 # 446 grepstr=`entry2pattern "${key}"` 447 grep "${grepstr}" $dest > /dev/null 2>&1 448 if [ $? != 0 ] ; then 449 do_chdevs=yes 450 fi 451 452 if [ $do_chdevs = yes -a "$chdevs" != "" ] ; then 453 xchdevs=`echo "$chdevs" | \ 454 sed -f /tmp/esc.sed.$$` 455 for m in $xchdevs ; do 456 echo "$m" $oldp $oldu $oldg \ 457 $newp $newu $newg >> /tmp/chdevs.$$ 458 done 459 fi 460 done 461 462 # sort the "change attributes" list 463 if [ -s /tmp/chdevs.$$ ] ; then 464 sort -u /tmp/chdevs.$$ > /tmp/tmp.$$ 465 mv /tmp/tmp.$$ /tmp/chdevs.$$ 466 fi 467 468 # 469 # Process the list of devices to be deleted. 470 # Find those that actually need to be deleted 471 # from the file. For each entry to be deleted, 472 # add an entry for it to the sed script that will 473 # eventually be applied to the currently-installed 474 # /etc/minor_perm file. Also, add an entry to the 475 # /tmp/deldevs.$$ file, which contains the list of 476 # logical names of devices to be deleted. 477 # 478 479 cat /tmp/delete.$$ | while read key deldevs 480 do 481 grepstr=`entry2pattern "${key}"` 482 if grep "$grepstr" $dest > /dev/null 2>&1; then 483 echo "/${grepstr}/d" >> /tmp/sedscript.$$ 484 if [ "$deldevs" != "" ] ; then 485 xdeldevs=`echo "$deldevs" | \ 486 sed -f /tmp/esc.sed.$$` 487 for m in $xdeldevs ; do 488 echo "$m" >> /tmp/deldevs.$$ 489 done 490 fi 491 fi 492 done 493 if [ -s /tmp/deldevs.$$ ] ; then 494 sort -u /tmp/deldevs.$$ > /tmp/tmp.$$ 495 mv /tmp/tmp.$$ /tmp/deldevs.$$ 496 fi 497 498 # 499 # Apply the sed script possibly built above to the 500 # currently-installed /etc/minor_perm file. 501 # 502 503 if [ -s /tmp/sedscript.$$ ] ; then 504 sed -f /tmp/sedscript.$$ $dest > /tmp/tmp.$$ 505 cp /tmp/tmp.$$ $dest 506 fi 507 508 # For all entries in minor_perm whose attributes had 509 # to be corrected, correct the relevant attributes of the 510 # already-existing devices that correspond to those 511 # entries. 512 # 513 if [ -s /tmp/chdevs.$$ -a "$PKG_INSTALL_ROOT" != "" -a \ 514 "$PKG_INSTALL_ROOT" != "/" ] ; then 515 cat /tmp/chdevs.$$ |\ 516 while read device oldp oldu oldg newp newu newg 517 do 518 # 519 # Note that we take pains -only- to change 520 # the permission/ownership of devices that 521 # have kept their original permissions. 522 # 523 for dev in $PKG_INSTALL_ROOT/$device; do 524 find $dev -follow -perm $oldp -exec \ 525 chmod $newp $dev \; >/dev/null 2>&1 526 find $dev -follow -user $oldu -exec \ 527 chown $newu $dev \; >/dev/null 2>&1 528 find $dev -follow -group $oldg -exec \ 529 chgrp $newg $dev \; >/dev/null 2>&1 530 done 531 done 532 fi 533 534 # 535 # For all entries in minor_perm that were deleted, 536 # remove the /dev entries that point to device nodes 537 # that correspond to those entries. 538 # 539 if [ -s /tmp/deldevs.$$ -a "$PKG_INSTALL_ROOT" != "" -a \ 540 "$PKG_INSTALL_ROOT" != "/" ] ; then 541 cat /tmp/deldevs.$$ | while read device 542 do 543 rm -f $PKG_INSTALL_ROOT/$device 544 done 545 fi 546 547 cat /tmp/add.$$ | while read key 548 do 549 grepstr=`entry2pattern "${key}"` 550 grep "$grepstr" $dest > /dev/null 2>&1 551 if [ $? != 0 ] ; then 552 grep "$grepstr" $src >> $dest 553 fi 554 done 555 556 rm -f /tmp/*.$$ 557 fi 558 done 559 560 exit 0 561
Terms of Use |
Privacy |
Trademarks |
Copyright Policy |
Site Guidelines |
Help
Your use of this web site or any of its content or software indicates your agreement to be bound by these Terms of Use.
Copyright © 1995-2008 Sun Microsystems, Inc.