big-one New usr/src/test/smf-tests/tests/svc.startd/context/add

   1 #! /usr/bin/ksh -p
   2 #
   3 # CDDL HEADER START
   4 #
   5 # The contents of this file are subject to the terms of the
   6 # Common Development and Distribution License (the "License").
   7 # You may not use this file except in compliance with the License.
   8 #
   9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
  10 # or http://www.opensolaris.org/os/licensing.
  11 # See the License for the specific language governing permissions
  12 # and limitations under the License.
  13 #
  14 # When distributing Covered Code, include this CDDL HEADER in each
  15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
  16 # If applicable, add the following below this CDDL HEADER, with the
  17 # fields enclosed by brackets "[]" replaced with your own identifying
  18 # information: Portions Copyright [yyyy] [name of copyright owner]
  19 #
  20 # CDDL HEADER END
  21 #
  22 
  23 #
  24 # Copyright 2008 Sun Microsystems, Inc.  All rights reserved.
  25 # Use is subject to license terms.
  26 #
  27 
  28 CTX_GENT=$(getent group $ctx_group)
  29 if [ -z "$CTX_GENT" ]; then
  30         echo "Adding group $ctx_group"
  31         groupadd $ctx_group
  32         if [ $? -ne 0 ]; then
  33                 print -- "--DIAG: could not add group $ctx_group"
  34                 exit 1
  35         fi
  36 else
  37         echo "Group $ctx_group already present"
  38 fi
  39 
  40 CTX_UENT=$(getent passwd $ctx_user)
  41 if [ -z "$CTX_UENT" ]; then
  42         echo "Adding user $ctx_user"
  43         useradd -g $ctx_group -d $(pwd) $ctx_user
  44         if [ $? -ne 0 ]; then
  45                 print -- "--DIAG: Could not add user $ctx_user"
  46                 groupdel $ctx_group
  47                 exit 1
  48         fi
  49 else
  50         echo "User $ctx_user already present"
  51 fi
  52 
  53 echo "blanking $ctx_user's password"
  54 passwd -r files -d $ctx_user >/dev/null
  55 
  56 CTX_UENT=$(getent passwd $ctx_lockeduser)
  57 if [ -z "$CTX_UENT" ]; then
  58         echo "Adding locked account $ctx_lockeduser"
  59         useradd -g $ctx_group -d $(pwd) $ctx_lockeduser
  60 else
  61         echo "User $ctx_user is already installed"
  62 fi
  63 
  64 echo "Locking $ctx_lockeduser"
  65 passwd -r files -l $ctx_lockeduser >/dev/null
  66 
  67 # Add the execution profile "Test Context Profile" which has the properties
  68 # of uid=$ctx_user;gid=$ctx_group
  69 grep "$ctx_profilename" /etc/security/exec_attr >/dev/null 2>&1
  70 if [ $? -ne 0 ]; then
  71         echo "adding: '$ctx_profilename' to exec_attr"
  72         if [ "`/bin/zonename`" == "global" ]; then
  73                 echo "$ctx_profilename:suser:cmd:::$service_app:uid=$ctx_user;gid=$ctx_group;privs=basic,file_dac_write,file_dac_search;limitprivs=all" >> /etc/security/exec_attr
  74         else
  75                 echo "$ctx_profilename:suser:cmd:::$service_app:uid=$ctx_user;gid=$ctx_group;privs=basic,file_dac_write,file_dac_search;limitprivs=zone" >> /etc/security/exec_attr
  76         fi
  77 fi
  78 
  79 grep "$ctx_profilename" /etc/security/prof_attr >/dev/null 2>&1
  80 if [ $? -ne 0 ]; then
  81         echo "adding '$ctx_profilename' to prof_attr"
  82         echo "$ctx_profilename:::Testing Profile:auths=solaris.*" >> /etc/security/prof_attr
  83 fi
  84 
  85 # add the project 'ctxproj' to the projects
  86 proj=$(getent project $ctx_project)
  87 if [ -z "$proj" ]; then
  88         echo "adding $ctx_project to /etc/projects"
  89         projadd -U $ctx_user $ctx_project
  90         if [ $? -ne 0 ]; then
  91                 echo "Failed to create project $ctx_project"
  92                 exit 1
  93         fi
  94         # manual fricking modification for project.pool attribute
  95         # why isn't this command line supported?
  96         sed "s/^$ctx_project:.*/&project.pool=$ctx_default_resourcepool/" \
  97                 /etc/project > /etc/project.new && \
  98         cp /etc/project /etc/project.old && \
  99         cp /etc/project.new /etc/project && \
 100         rm /etc/project.old
 101 fi
 102 
 103 # add in the default project
 104 grep $ctx_user /etc/user_attr >/dev/null 2>&1
 105 if [ $? -ne 0 ]; then
 106         echo "Adding $ctx_user informarion to /etc/user_attr"
 107         echo "$ctx_user::::project=$ctx_project" >> /etc/user_attr
 108         if [ $? -ne 0 ]; then
 109                 echo "Failed to add $ctx_user into /etc/user_attr"
 110                 exit 1
 111         fi
 112 fi
 113 
 114 zone=`/bin/zonename`
 115 if [ "$zone" != "global" ]
 116 then
 117         exit 0
 118 fi
 119 
 120 # resource pool stuff (probably needs work)
 121 pooladm 2>/dev/null >/dev/null
 122 if [ $? -ne 0 ]; then
 123         echo "Enabling resource pools"
 124         touch resourcepools
 125         pooladm -e
 126 fi
 127 
 128 echo "Creating test pool $ctx_resourcepool"
 129 poolcfg -c "create pool $ctx_resourcepool" -d
 130 if [ $? -ne 0 ]; then
 131         echo "Could not create resource pool $ctx_resourcepool"
 132         [ -f resourcepools ] && {
 133                 rm -f resourcepools
 134                 pooladm -d
 135         }
 136 fi
 137 
 138 echo "Creating test pool $ctx_default_resourcepool"
 139 poolcfg -c "create pool $ctx_default_resourcepool" -d
 140 if [ $? -ne 0 ]; then
 141         echo "Could not create resource pool $ctx_default_resourcepool"
 142         [ -f resourcepools ] && {
 143                 rm -f resourcepools
 144                 poolcfg -c "destroy pool $ctx_resourcepool" -d
 145                 pooladm -d
 146         }
 147 fi
 148 
 149 exit 0