8354 sync regcomp(3C) with upstream (fix make catalog)
[unleashed/tickless.git] / usr / src / cmd / tsol / demo / clonebylabel.sh
blobffbb89018fdf34aed28ab238b23f5a30af29a1ed
1 #!/bin/sh
3 # CDDL HEADER START
5 # The contents of this file are subject to the terms of the
6 # Common Development and Distribution License (the "License").
7 # You may not use this file except in compliance with the License.
9 # You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
10 # or http://www.opensolaris.org/os/licensing.
11 # See the License for the specific language governing permissions
12 # and limitations under the License.
14 # When distributing Covered Code, include this CDDL HEADER in each
15 # file and include the License file at usr/src/OPENSOLARIS.LICENSE.
16 # If applicable, add the following below this CDDL HEADER, with the
17 # fields enclosed by brackets "[]" replaced with your own identifying
18 # information: Portions Copyright [yyyy] [name of copyright owner]
20 # CDDL HEADER END
22 # Copyright 2007 Sun Microsystems, Inc. All rights reserved.
23 # Use is subject to license terms.
25 #ident "%Z%%M% %I% %E% SMI"
27 # clonebylabel
29 # This script installs zones by cloning a zfs snapshot.
30 # For each sensitivity label dominated by the clearance
31 # a zone is installed if necessary. If the zone name is
32 # not already defined in tnzonecfg, the user is prompted
33 # to provide a unique zone name.
35 # $1 is the label upper bound (clearance)
37 # $2 is the zone snaphot to clone for a new zone
39 ZONECFG=/etc/security/tsol/tnzonecfg
40 clearance=$1
41 image=$2
44 # Configure a zone
47 configure()
49 config=/tmp/zfg.$$
50 echo "create -F -t SUNWtsoldef" > $config
51 echo "set zonepath=/zone/$zonename" >> $config
52 echo "commit" >> $config
53 /usr/sbin/zonecfg -z $zonename -f $config
54 rm $config
58 # Clone a zone
61 clone()
63 echo Cloning $zonename from $image ...
64 found=`zoneadm -z $zonename list -p 2>/dev/null`
65 if [ $found ]; then
66 true
67 else
68 echo "$zonename is being configured."
69 configure
71 /usr/sbin/zfs clone $image zone/$zonename
72 /usr/sbin/zoneadm -z $zonename attach -F
76 # Create missing zones for each label dominated by clearance
79 for label in `lslabels -h "$clearance"`; do
80 zonename=`/bin/grep $label: $ZONECFG | cut -d ":" -f1`
81 if [ $zonename ]; then
82 state=`zoneadm -z $zonename list -p 2>/dev/null | cut -d ":" -f3`
83 if [ $state ]; then
84 if [ $state != configured ]; then
85 echo $zonename is already installed.
86 continue
88 fi
89 else
90 zonelabel=`hextoalabel $label`
91 echo Enter zone name for $zonelabel
92 echo or RETURN to skip this label:
93 read zonename
94 if [ $zonename ]; then
95 nz=`/bin/grep "^$zonename:" $ZONECFG | cut -d ":" -f1`
96 if [ $nz ]; then
97 echo $zonename is already used for another label.
98 else
99 echo "$zonename:$label:0::" >> $ZONECFG
101 else
102 echo Skipping zone for $zonelabel
103 continue
106 clone
107 done