Gitiles
Code Review Sign In
code.illumos.org / illumos-gate / 45916cd2fec6e79bca5dee0421bd39e3c2910d1e / . / usr / src / pkgdefs / common_files / i.nsswitch
blob: a14c96ba4e20c2589466a57f6119c30803aa0f1b [file] [log] [blame]
#!/bin/sh
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
# Copyright 2006 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
#ident "%Z%%M% %I% %E% SMI"
#
CLEANUP=/tmp/CLEANUP
write_ipnodes_message() {
echo '\nThe ipnodes policy has been changed to match the hosts' >> $1
echo 'policy. Please review the changes to the ipnodes policy' >> $1
echo 'in the /etc/nsswitch.conf file and refer to the Solaris' >> $1
echo 'Naming Administration Guide for more information' >> $1
echo 'about these changes.\n' >> $1
}
write_sed_script() {
cat > /tmp/sed.scr.$$ << EOF
/hosts:[ ]*nisplus[ ][ ]*dns/i\\
#You must also set up the /etc/resolv.conf file for DNS name\\
#server lookup. See resolv.conf(4).
EOF
}
write_ipnodes_sed_script() {
cat > /tmp/sed.scr.$$ << EOF
# original hosts entry
/^hosts:/p
# match ipnodes entry to hosts entry
s/^hosts: /ipnodes:/
# Add a commented out line for ipnodes in the example for adding DNS
# and update the comment found in nsswitch.conf, based on nsswitch.nisplus.
s/#Uncomment the following line/#Uncomment the following two lines/
/^#hosts:/p
s/^#hosts:/#ipnodes:/
# add ipnodes comment before ipnodes policy
/^ipnodes:/i\\
# Note that IPv4 addresses are searched for in all of the ipnodes databases\\
# before searching the hosts databases.
EOF
}
change_ipnodes_sed_script() {
cat > /tmp/sed.scr.$$ << EOF
# find ipnodes comment and delete
/^# Uncomment the following line and comment out the above to resolve/d
/^# both IPv4 and IPv6 addresses from the ipnodes databases. Note that/d
/^# IPv4 addresses are searched in all of the ipnodes databases before/d
/^# searching the hosts databases. Before turning this option on, consult/d
/^# the Network Administration Guide for more details on using IPv6./d
/^#ipnodes:/d
# Add a commented out line for ipnodes in the example for adding DNS
# and update the comment found in nsswitch.conf, based on nsswitch.nisplus.
s/#Uncomment the following line/#Uncomment the following two lines/
/^#hosts:/p
s/^#hosts:/#ipnodes:/
# add new ipnodes comment before ipnodes policy
/^ipnodes:/i\\
# Note that IPv4 addresses are searched for in all of the ipnodes databases\\
# before searching the hosts databases.
EOF
}
while read src dest
do
if [ ! -f $dest ] ; then
cp $src $dest
else
grep '/etc/nsswitch.nisplus' $dest > /dev/null 2>&1
if [ $? = 0 ] ; then
grep 'You must also set up the /etc/resolv.conf' \
$dest > /dev/null 2>&1
if [ $? != 0 ]; then
write_sed_script
sed -f /tmp/sed.scr.$$ $dest > /tmp/d.$$
cp /tmp/d.$$ $dest
rm -f /tmp/d.$$ /tmp/sed.scr.$$
fi
fi
grep 'nametoaddr_libs of' $dest > /dev/null 2>&1
if [ $? != 0 ]; then
cat $dest | \
sed -e 's/# "hosts:" and "services:" in this file are used only if the \/etc\/netconfig.*/# "hosts:" and "services:" in this file are used only if the/' \
-e 's/# file contains "switch.so" as a nametoaddr library for/# \/etc\/netconfig file has a "-" for nametoaddr_libs of/' > /tmp/d2.$$
cp /tmp/d2.$$ $dest
rm -f /tmp/d2.$$
fi
#
# If the file contains "xfn" in the "hosts:" line, omit it.
# The support for "xfn" has been removed
#
grep xfn $dest > /dev/null 2>&1
if [ $? = 0 ]; then
sed '/hosts:/s/xfn[ ]*//' $dest > /tmp/d.$$
cp /tmp/d.$$ $dest
rm -f /tmp/d.$$
fi
# If the file doesn't have a "printers" database entry, add
# an appropriate entry. Default to everything if we can't
# figure out what is appropriate.
grep printers: $dest > /dev/null 2>&1
if [ $? != 0 ]; then
PRINTERS="files nis ldap nisplus"
egrep '/etc/nsswitch\.(dns|files)' $dest >/dev/null 2>&1
if [ $? = 0 ] ; then
PRINTERS="files"
fi
grep '/etc/nsswitch.nis' $dest >/dev/null 2>&1
if [ $? = 0 ] ; then
PRINTERS="files nis"
fi
grep '/etc/nsswitch.ldap' $dest >/dev/null 2>&1
if [ $? = 0 ] ; then
PRINTERS="files ldap"
fi
grep '/etc/nsswitch.nisplus' $dest >/dev/null 2>&1
if [ $? = 0 ] ; then
PRINTERS="nisplus files"
fi
echo "printers: user ${PRINTERS}" >>$dest
else
#
# If the file contains "xfn" in the "printers:" line,
# omit it. The support for "xfn" has been removed
#
grep xfn $dest > /dev/null 2>&1
if [ $? = 0 ]; then
sed '/printers:/s/xfn[ ]*//' $dest > /tmp/d.$$
cp /tmp/d.$$ $dest
rm -f /tmp/d.$$
fi
fi
#
# If not there, add "ipnodes:" databases for unified host
# addresses. In all cases except the simple "hosts: files" one,
# add an ipnodes policy that matches the "hosts" policy and a
# comment regarding the search order of the "ipnodes" and
# "hosts" databases. All of this is followed by a blank line.
#
grep -s 'ipnodes:' $dest > /dev/null 2>&1
if [ $? != 0 ] ; then
grep -s '^hosts:[ ]*files[ ]*$' $dest \
> /dev/null 2>&1
if [ $? = 0 ]; then
sed '/^hosts:/p;s/^hosts.*/ipnodes: files/' \
$dest > /tmp/d.$$
if [ $? = 0 ]; then
cp /tmp/d.$$ $dest
fi
else
write_ipnodes_sed_script
sed -f /tmp/sed.scr.$$ $dest > /tmp/d.$$
if [ $? = 0 ]; then
cp /tmp/d.$$ $dest
fi
rm -f /tmp/sed.scr.$$
fi
rm -f /tmp/d.$$
else
#
# The ipnodes policy is there (post S8), we just need
# to update the ipnodes policy to match the hosts
# policy.
#
grep -s '^hosts:[ ]*files[ ]*$' $dest \
> /dev/null 2>&1
if [ $? != 0 ]; then
#
# find ipnodes entry, delete it and replace it
# with one matching the hosts policy. Do this
# only if it's not been changed.
#
grep -s '^ipnodes:[ ]*files[ ]*$' \
$dest > /dev/null 2>&1
if [ $? = 0 ]; then
sed -e '/^ipnodes:[ ]*files*$/d' \
-e '/^hosts:/p' \
-e 's/^hosts: /ipnodes:/' $dest \
> /tmp/d.$$
if [ $? = 0 ]; then
cp /tmp/d.$$ $dest
fi
if [ "$UPDATE" = yes ]; then
write_ipnodes_message $CLEANUP
fi
rm -f /tmp/d.$$
fi
#
# Now clean up the comments, if they haven't
# already been cleaned.
#
grep -s '^# Note that IPv4 addresses' \
$dest > /dev/null 2>&1
if [ $? != 0 ]; then
change_ipnodes_sed_script
sed -f /tmp/sed.scr.$$ $dest > /tmp/d.$$
if [ $? = 0 ]; then
cp /tmp/d.$$ $dest
fi
rm -f /tmp/sed.scr.$$ /tmp/d.$$
fi
fi
fi
#role-based access control databases
# Solaris 8 Beta refresh had audit_user, exec_attr and
# user_attr entries for dns, files, nis, nis+ and ldap.
# Remove them if they are present
sed -e '/^# role-based access control/d'\
-e '/^exec_attr:/d' \
-e '/^user_attr:/d' \
-e '/^# audit/d' \
-e '/^audit_user:/d' \
$dest > /tmp/d.$$
cp /tmp/d.$$ $dest
rm -f /tmp/d.$$
# If the file doesn't have user attr database entries, add
# appropriate entries. Default to everything if we can't
# figure out what is appropriate.
for DB in auth_attr prof_attr
do
grep $DB: $dest > /dev/null 2>&1
if [ $? != 0 ]; then
ATTR="files nis nisplus ldap"
egrep '/etc/nsswitch\.(dns|files)' $dest >\
/dev/null 2>&1
if [ $? = 0 ] ; then
ATTR="files"
fi
grep '/etc/nsswitch.nis' $dest >/dev/null 2>&1
if [ $? = 0 ] ; then
ATTR="files nis"
fi
grep '/etc/nsswitch.nisplus' $dest >/dev/null \
2>&1
if [ $? = 0 ] ; then
ATTR="files nisplus"
fi
echo "${DB}: ${ATTR}" >> $dest
grep '/etc/nsswitch.ldap' $dest >/dev/null \
2>&1
if [ $? = 0 ] ; then
ATTR="files ldap"
fi
echo "${DB}: ${ATTR}" >> $dest
fi
done
# If the file doesn't have a "project" database entry, add
# an appropriate entry. Default to "files" if we can't
# figure out what is appropriate.
grep project: $dest > /dev/null 2>&1
if [ $? != 0 ]; then
PROJECT="files"
egrep '/etc/nsswitch\.(dns|files)' $dest >/dev/null 2>&1
if [ $? = 0 ] ; then
PROJECT="files"
fi
grep '/etc/nsswitch.nis' $dest >/dev/null 2>&1
if [ $? = 0 ] ; then
PROJECT="files nis"
fi
grep '/etc/nsswitch.ldap' $dest >/dev/null 2>&1
if [ $? = 0 ] ; then
PROJECT="files ldap"
fi
echo "project: ${PROJECT}" >>$dest
fi
# sendmailvars bites the dust in S10
sed -e '/^sendmailvars:/d' $dest > /tmp/d.$$
cp /tmp/d.$$ $dest
rm -f /tmp/d.$$
# If the file doesn't have Trusted Extensions networking
# database (TNdb) entries, add appropriate entries. Default
# to everything if we can't figure out what is appropriate.
for DB in tnrhtp tnrhdb
do
grep $DB: $dest > /dev/null 2>&1
if [ $? != 0 ]; then
ATTR="files ldap"
egrep '/etc/nsswitch\.(dns|files)' $dest >\
/dev/null 2>&1
if [ $? = 0 ] ; then
ATTR="files"
fi
grep '/etc/nsswitch.ldap' $dest >/dev/null \
2>&1
if [ $? = 0 ] ; then
ATTR="files ldap"
fi
echo "${DB}: ${ATTR}" >> $dest
fi
done
fi
done
exit 0