1 #!/sbin/sh
2 #
3 # CDDL HEADER START
4 #
5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
8 #
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
13 #
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
19 #
20 # CDDL HEADER END
21 #
22 #
23 # Copyright 2009 Sun Microsystems, Inc. All rights reserved.
24 # Use is subject to license terms.
25 #
26 # This is the second phase of TCP/IP configuration. The first part is
27 # run by the svc:/network/physical service and includes configuring the
28 # interfaces and setting the machine's hostname. The svc:/network/initial
29 # service does all configuration that can be done before name services are
30 # started, bar configuring IP routing (this is carried out by the
31 # svc:/network/routing-setup service). The final part, run by the
32 # svc:/network/service service, does all configuration that may require
33 # name services. This includes a final re-configuration of the
34 # interfaces.
35 #
36
37 . /lib/svc/share/smf_include.sh
38
39 #
40 # In a shared-IP zone we need this service to be up, but all of the work
41 # it tries to do is irrelevant (and will actually lead to the service
42 # failing if we try to do it), so just bail out.
43 # In the global zone and exclusive-IP zones we proceed.
44 #
45 smf_configure_ip || exit $SMF_EXIT_OK
46
47 # Configure IPv6 Default Address Selection.
48 if [ -f /etc/inet/ipaddrsel.conf ]; then
49 /usr/sbin/ipaddrsel -f /etc/inet/ipaddrsel.conf
50 fi
51
52 #
53 # Set the RFC 1948 entropy, regardless of if I'm using it or not. If present,
54 # use the encrypted root password as a source of entropy. Otherwise,
55 # just use the pre-set (and hopefully difficult to guess) entropy that
56 # tcp used when it loaded.
57 #
58 encr=`/usr/bin/awk -F: '/^root:/ {print $2}' /etc/shadow`
59 [ -z "$encr" ] || /usr/sbin/ndd -set /dev/tcp tcp_1948_phrase $encr
60 unset encr
61
62 # Set the SDP system Policy. This needs to happen after basic
63 # networking is up but before any networking services that might
64 # want to use SDP are enabled
65 if [ -f /usr/sbin/sdpadm -a -f /etc/sdp.conf ]; then
66 . /etc/sdp.conf
67 if [ "$sysenable" = "1" ]; then
68 /usr/sbin/sdpadm enable
69 fi
70 fi
71
72 #
73 # Set TCP ISS generation. By default the ISS generation is
74 # time + random()-delta. This might not be strong enough for some users.
75 # See /etc/default/inetinit for settings and further info on TCP_STRONG_ISS.
76 # If not set, use TCP's internal default setting.
77 #
78 [ -f /etc/default/inetinit ] && . /etc/default/inetinit
79 if [ $TCP_STRONG_ISS ]; then
80 /usr/sbin/ndd -set /dev/tcp tcp_strong_iss $TCP_STRONG_ISS
81 fi
82
83 # Clear exit status.
84 exit $SMF_EXIT_OK