Created
May 16, 2012 21:44
-
-
Save ryanschwartz/2714203 to your computer and use it in GitHub Desktop.
SMF script to allow global zone user/group modification
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/bash | |
| case "$1" in | |
| 'start') | |
| if [[ -n $(/bin/bootparams | grep '^smartos=true') ]]; then | |
| if [[ -z $(/usr/sbin/mount -p | grep 'passwd') ]]; then | |
| if [[ /etc/passwd -ot /usbkey/passwd ]]; then | |
| cp /usbkey/passwd /etc/passwd | |
| else | |
| cp /etc/passwd /usbkey/passwd | |
| fi | |
| touch /etc/passwd /usbkey/passwd | |
| mount -F lofs /usbkey/passwd /etc/passwd | |
| fi | |
| if [[ -z $(/usr/sbin/mount -p | grep 'group') ]]; then | |
| if [[ /etc/group -ot /usbkey/group ]]; then | |
| cp /usbkey/group /etc/group | |
| else | |
| cp /etc/group /usbkey/group | |
| fi | |
| touch /etc/group /usbkey/group | |
| mount -F lofs /usbkey/group /etc/group | |
| fi | |
| if [[ -z $(/usr/sbin/mount -p | grep 'shadow') ]]; then | |
| if [[ /etc/shadow -ot /usbkey/shadow ]]; then | |
| cp /usbkey/shadow /etc/shadow | |
| else | |
| cp /etc/shadow /usbkey/shadow | |
| fi | |
| touch /etc/shadow /usbkey/shadow | |
| mount -F lofs /usbkey/shadow /etc/shadow | |
| fi | |
| fi | |
| ;; | |
| 'stop') | |
| if [[ -n $(/usr/sbin/mount -p | grep 'group') ]]; then umount /etc/group; touch /etc/group; fi | |
| if [[ -n $(/usr/sbin/mount -p | grep 'passwd') ]]; then umount /etc/passwd; touch /etc/passwd; fi | |
| if [[ -n $(/usr/sbin/mount -p | grep 'shadow') ]]; then umount /etc/shadow; touch /etc/shadow; fi | |
| ;; | |
| *) | |
| echo "Usage: $0 { start | stop }" | |
| exit 1 | |
| ;; | |
| esac |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?xml version='1.0'?> | |
| <!DOCTYPE service_bundle SYSTEM '/usr/share/lib/xml/dtd/service_bundle.dtd.1'> | |
| <service_bundle type='manifest' name='export'> | |
| <service name='site/mount_usbkey_userfiles' type='service' version='0'> | |
| <create_default_instance enabled='true'/> | |
| <single_instance/> | |
| <dependency name='filesystem' grouping='require_all' restart_on='error' type='service'> | |
| <service_fmri value='svc:/system/filesystem/local'/> | |
| </dependency> | |
| <method_context/> | |
| <exec_method name='start' type='method' exec='/opt/custom/smf/mount_usbkey_userfiles.sh start' timeout_seconds='60'/> | |
| <exec_method name='stop' type='method' exec='/opt/custom/smf/mount_usbkey_userfiles.sh stop' timeout_seconds='60'/> | |
| <property_group name='startd' type='framework'> | |
| <propval name='duration' type='astring' value='transient'/> | |
| <propval name='ignore_error' type='astring' value='core,signal'/> | |
| </property_group> | |
| <property_group name='application' type='application'/> | |
| <stability value='Evolving'/> | |
| <template> | |
| <common_name> | |
| <loctext xml:lang='C'>Mount /etc/passwd, /etc/shadow, and /etc/group from /usbkey</loctext> | |
| </common_name> | |
| </template> | |
| </service> | |
| </service_bundle> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This SMF manifest and script attempts to try and keep things in sync between your global zone and your /usbkey files.
When installing software in the global zone of a SmartOS host, simply 'svcadm disable mount_usbkey_userfiles', then install your software/change passwords/whatever. Then 'svcadm enable mount_usbkey_userfiles' to bring the system back into 'normal' working mode.