#!/bin/sh auditd_xml_patchid=120472-02 ## x86 auditd.xml introduced in patch 120472-02 last_patch() { ## returns the number of patches installed at or above this rev. root_dir=${ROOTDIR:-$PKG_INSTALL_ROOT} ## parse id and rev pid=`echo $1 | cut -d\- -f1` prev=`echo $1 | cut -d\- -f2` patch_cnt=0 ## get all installed refernces to the installed patch base id installed_patches=`patchadd -p -R $root_dir -p | sed -n -e 's/Req.*//' -e 's/[a-zA-Z]*://g' -e 's/,//g' -e "/$pid/p"` for x in $installed_patches ; do base=`echo $x | cut -d\- -f1` rev=`echo $x | cut -d\- -f2` if [ $pid -eq $base ] && [ $rev -ge $prev ] ; then ## count all installed patches includeing this patch patch_cnt=`expr $patch_cnt + 1` fi done return $patch_cnt } imanifest() { repfile=$PKG_INSTALL_ROOT/etc/svc/repository.db export repfile # # If the repository does not yet exist, create it from the appropriate seed. If # for some reason the seeds do not exist, svccfg(1M) will create the repository # automatically. # if [ ! -f $repfile ]; then if [ -n "$SUNW_PKG_INSTALL_ZONENAME" -a \ "$SUNW_PKG_INSTALL_ZONENAME" != "global" ]; then [ -f $PKG_INSTALL_ROOT/lib/svc/seed/nonglobal.db ] && \ /usr/bin/cp $PKG_INSTALL_ROOT/lib/svc/seed/nonglobal.db \ $repfile else [ -f $PKG_INSTALL_ROOT/lib/svc/seed/global.db ] && \ /usr/bin/cp $PKG_INSTALL_ROOT/lib/svc/seed/global.db \ $repfile fi /usr/bin/chmod 0600 $repfile /usr/bin/chown root:sys $repfile fi if [ ! -r $PKG_INSTALL_ROOT/etc/svc/volatile/repository_door ]; then # # smf(5) is not presently running for the destination environment. # Since we presently cannot refresh without a running svc.startd(1M), we # cannot consistently handle dependent placement. Defer to next boot. # while read src dst; do /usr/bin/cp -p $src $dst done else # # Local package install. # while read src dst; do /usr/bin/cp -p $src $dst [ "$PKG_INSTALL_ROOT" = "" -o "$PKG_INSTALL_ROOT" = "/" ] && \ SVCCFG_CHECKHASH=1 /usr/sbin/svccfg import $dst done fi } rmanifest() { MFSTSCAN=/lib/svc/bin/mfstscan SVCCFG=/usr/sbin/svccfg SVCPROP=/usr/bin/svcprop while read mfst; do ENTITIES=`$SVCCFG inventory $mfst` for fmri in $ENTITIES; do $SVCCFG delete -f $fmri done # # Delete the manifest hash value. # pg_name=`$MFSTSCAN -t $mfst` if $SVCPROP -q -p $pg_name smf/manifest; then $SVCCFG -s smf/manifest delpg $pg_name fi ## patchrm will take care of this /usr/bin/rm $mfst done } while read src dst ; do delete_xml_file="false" fname=`basename $src` if [ -f $PKGSAV/rmmfst_$fname.${ACTIVE_PATCH} ] ; then delete_xml_file="true" rm $PKGSAV/rmmfst_$fname.${ACTIVE_PATCH} fi if echo $src | grep auditd.xml > /dev/null 2>&1 ; then last_patch $auditd_xml_patchid if [ "$?" = "0" ] ; then delete_xml_file="true" fi fi if [ "$delete_xml_file" = "true" ] ; then if [ "${ROOTDIR:-$PKG_INSTALL_ROOT}" = "/" \ -o -z "${ROOTDIR:-$PKG_INSTALL_ROOT}" ] ; then # xml file is being deleted echo $dst | rmanifest fi else ## revert to previous xml file (restored by patchrm) echo $src $dst | imanifest fi done exit 0