1#!/bin/sh 2# 3# CDDL HEADER START 4# 5# The contents of this file are subject to the terms of the 6# Common Development and Distribution License (the "License"). 7# You may not use this file except in compliance with the License. 8# 9# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE 10# or http://www.opensolaris.org/os/licensing. 11# See the License for the specific language governing permissions 12# and limitations under the License. 13# 14# When distributing Covered Code, include this CDDL HEADER in each 15# file and include the License file at usr/src/OPENSOLARIS.LICENSE. 16# If applicable, add the following below this CDDL HEADER, with the 17# fields enclosed by brackets "[]" replaced with your own identifying 18# information: Portions Copyright [yyyy] [name of copyright owner] 19# 20# CDDL HEADER END 21# 22# Copyright 2010 Sun Microsystems, Inc. All rights reserved. 23# Use is subject to license terms. 24# 25 26DT_CHANGED=0 27 28LOG_FMRI=svc:/system/system-log 29CMSD_FMRI=svc:/network/rpc/cde-calendar-manager 30BIND_FMRI=svc:/network/rpc/bind 31XSERVER_FMRI=svc:/application/x11/x11-server 32SENDMAIL_FMRI=svc:/network/smtp:sendmail 33PRINTSERVER_FMRI=svc:/application/print/server 34RFC1179_FMRI=svc:/application/print/rfc1179 35CUPSSERVER_FMRI=svc:/application/cups/scheduler 36CUPSRFC1179_FMRI=svc:/application/cups/in-lpd 37IPPLISTENER_FMRI=svc:/application/print/ipp-listener 38TTDB_FMRI=svc:/network/rpc/cde-ttdbserver 39DTLOGIN_FMRI=svc:/application/graphical-login/cde-login 40WEBCONSOLE_FMRI=svc:/system/webconsole 41SMCWBEM_FMRI=svc:/application/management/wbem 42 43usage() 44{ 45 prog=`basename $0` 46 echo "$prog: usage: $prog [ open | limited ]" >&2 47 exit 2 48} 49 50# 51# set_property fmri group property value 52# 53# sets the specified property in the specified property-group, creating 54# the group and or property if necessary. 55# 56set_property() 57{ 58 fmri=$1 59 group=$2 60 prop=$3 61 val=$4 62 63 if svcprop -qp $group $fmri; then :; else 64 if svccfg -s $fmri addpg $group application; then :; else 65 echo "Failed to create property group \"$group\" \c" 66 echo "for $fmri." 67 exit 1 68 fi 69 fi 70 71 if svccfg -s $fmri setprop $group/$prop = boolean: $val; then :; else 72 echo "Failed to set property $group/$prop for $fmri" 73 exit 1 74 fi 75} 76 77set_system_log() 78{ 79 svcprop -q $LOG_FMRI || return 80 if [ "$1" = "local" ]; then 81 val=false 82 else 83 val=true 84 fi 85 86 set_property $LOG_FMRI config log_from_remote $val 87 svcadm refresh $LOG_FMRI 88} 89 90set_cmsd() 91{ 92 svcprop -q $CMSD_FMRI:default || return 93 if [ "$1" = "local" ]; then 94 proto="ticlts" 95 else 96 proto="udp" 97 fi 98 99 inetadm -m $CMSD_FMRI:default proto=$proto 100 svcadm refresh $CMSD_FMRI:default 101} 102 103set_rpcbind() 104{ 105 svcprop -q $BIND_FMRI || return 106 if [ "$1" = "local" ]; then 107 val=true 108 else 109 val=false 110 fi 111 112 set_property $BIND_FMRI config local_only $val 113 svcadm refresh $BIND_FMRI 114} 115 116set_xserver() { 117 svcprop -q $XSERVER_FMRI || return 118 if [ "$1" = "local" ]; then 119 val=false 120 else 121 val=true 122 fi 123 124 set_property $XSERVER_FMRI options tcp_listen $val 125 # don't need refresh since x11-server is not an actual service 126} 127 128set_sendmail() 129{ 130 svcprop -q $SENDMAIL_FMRI || return 131 if [ "$1" = "local" ]; then 132 val=true 133 else 134 val=false 135 fi 136 137 set_property $SENDMAIL_FMRI config local_only $val 138 svcadm refresh $SENDMAIL_FMRI 139} 140 141set_ttdbserver() 142{ 143 svcprop -q $TTDB_FMRI:tcp || return 144 if [ "$1" = "local" ]; then 145 val=ticotsord 146 else 147 val=tcp 148 fi 149 inetadm -m $TTDB_FMRI:tcp proto="$val" 150 svcadm refresh $TTDB_FMRI:tcp 151} 152 153set_dtlogin() 154{ 155 svcprop -q $DTLOGIN_FMRI || return 156 157 eval args=`svcprop -p dtlogin/args $DTLOGIN_FMRI` 158 159 if echo $args | egrep -s udpPort 160 then 161 old_port=`echo $args | 162 sed 's/.*-udpPort [ ]*\([0-9][0-9]*\).*/\1/'` 163 new_args=`echo $args | 164 sed 's/\(.*\)-udpPort [0-9][0-9]*\(.*\)/\1\2/'` 165 else 166 old_port=-1 167 new_args=$args 168 fi 169 170 if [ "$1" = "local" ]; then 171 args="$new_args -udpPort 0" 172 DT_CHANGED=1 173 else 174 # remove '-udpPort 0' argument. Leave intact if port != 0. 175 if [ $old_port -eq 0 ]; then 176 args="$new_args" 177 DT_CHANGED=1 178 fi 179 fi 180 181 svccfg -s $DTLOGIN_FMRI setprop dtlogin/args = "\"$args\"" 182 svcadm refresh $DTLOGIN_FMRI 183} 184 185set_webconsole() { 186 svcprop -q $WEBCONSOLE_FMRI:console || return 187 if [ "$1" = "local" ]; then 188 val=false 189 else 190 val=true 191 fi 192 193 set_property $WEBCONSOLE_FMRI options tcp_listen $val 194 svcadm refresh $WEBCONSOLE_FMRI 195} 196 197set_smcwbem() { 198 svcprop -q $SMCWBEM_FMRI:default || return 199 if [ "$1" = "local" ]; then 200 val=false 201 else 202 val=true 203 fi 204 205 set_property $SMCWBEM_FMRI options tcp_listen $val 206 svcadm refresh $SMCWBEM_FMRI 207} 208 209set_printing() { 210 use_cups=`svcprop -C -p general/active $CUPSSERVER_FMRI:default \ 211 2>/dev/null` 212 213 case "$1" in 214 "open") 215 cups_options="--remote-admin --remote-printers" 216 cups_options="$cups_options --share-printers --remote-any" 217 svc_operation="enable" 218 ;; 219 "local") 220 cups_options="--no-remote-admin --no-remote-printers" 221 cups_options="$cups_options --no-share-printers --no-remote-any" 222 svc_operation="disable" 223 ;; 224 esac 225 226 case "$use_cups" in 227 "true") 228 if [ -x /usr/sbin/cupsctl ] ; then 229 # only run cupsctl with elevated privilege to avoid 230 # being prompted for a password 231 [ `/usr/bin/id -u` = 0 ] && 232 /usr/sbin/cupsctl $cups_options 233 fi 234 svcadm $svc_operation $CUPSRFC1179_FMRI 235 ;; 236 *) 237 if [ "`svcprop -p restarter/state $PRINTSERVER_FMRI:default`" \ 238 != "disabled" ] ; then 239 svcadm $svc_operation $RFC1179_FMRI:default 240 svcadm $svc_operation $IPPLISTENER_FMRI:default 241 fi 242 ;; 243 esac 244} 245 246if [ $# -ne 1 ]; then 247 usage 248fi 249 250case $1 in 251 "open") 252 profile=generic_open.xml 253 keyword="open" 254 ;; 255 "limited") 256 profile=generic_limited_net.xml 257 keyword="local" 258 ;; 259 *) 260 usage 261 ;; 262esac 263 264if [ ! -f /etc/svc/profile/$profile ]; then 265 echo "/etc/svc/profile/$profile nonexistent. Exiting." 266 exit 1 267fi 268 269# 270# set services 271# 272set_system_log $keyword 273set_cmsd $keyword 274set_rpcbind $keyword 275set_xserver $keyword 276set_sendmail $keyword 277set_ttdbserver $keyword 278set_dtlogin $keyword 279set_webconsole $keyword 280set_smcwbem $keyword 281set_printing $keyword 282 283# 284# put the new profile into place, and apply it 285# 286# Create a hash entry so that manifest_import is aware of the 287# profile being applied and does not reapply the profile on reboot. 288# 289ln -sf ./$profile /etc/svc/profile/generic.xml 290svccfg delhash /etc/svc/profile/generic.xml > /dev/null 2>&1 291SVCCFG_CHECKHASH="TRUE" svccfg apply /etc/svc/profile/generic.xml 292 293# 294# generic_open may not start inetd services on upgraded systems 295# 296if [ $profile = "generic_open.xml" ] 297then 298 svccfg apply /etc/svc/profile/inetd_generic.xml 299fi 300 301# 302# Make the services aware of the new property values 303# 304if [ "`svcprop -p restarter/state $LOG_FMRI:default`" = "online" ] 305then 306 # need restart since refresh won't reread properties 307 echo "restarting syslogd" 308 svcadm restart $LOG_FMRI:default 309fi 310 311if [ "`svcprop -p restarter/state $SENDMAIL_FMRI`" = "online" ] 312then 313 # need restart since refresh won't pick up new command-line 314 echo "restarting sendmail" 315 svcadm restart $SENDMAIL_FMRI 316fi 317 318if [ "`svcprop -p restarter/state $SMCWBEM_FMRI:default`" = "online" ] 319then 320 # need restart since refresh won't pick up new command-line 321 echo "restarting wbem" 322 svcadm restart $SMCWBEM_FMRI:default 323fi 324 325if [ $DT_CHANGED -eq 1 ]; then 326 if [ "`svcprop -p restarter/state $DTLOGIN_FMRI:default`" = "online" ] 327 then 328 r="y" 329 if tty -s ; then 330 printf \ 331 "dtlogin needs to be restarted. Restart now? [Y] " 332 read r 333 fi 334 if [ "$r" = "" -o "$r" = "y" -o "$r" = "Y" ]; then 335 # Make sure we survive killing dtlogin... 336 trap "" 15 337 svcadm restart $DTLOGIN_FMRI 338 echo "restarting dtlogin" 339 else 340 printf "dtlogin not restarted. " 341 printf "Restart it to put it in ${keyword}-mode.\n" 342 fi 343 fi 344fi 345