bogdan/zira-etc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

committing changes in /etc made by "-bash"

Browse Source 
Package changes:
This commit is contained in:
Bogdan Stoica
2023-11-17 20:09:52 +02:00
parent 0f42fc294d
commit 503948dc29
79 changed files with 0 additions and 12578 deletions
Download Patch File Download Diff File Expand all files Collapse all files

70
.etckeeper
View File

@@ -5045,22 +5045,6 @@ maybe chmod 0644 'oddjobd.conf'
maybe chmod 0755 'oddjobd.conf.d'
maybe chmod 0644 'oddjobd.conf.d/oddjobd-introspection.conf'
maybe chmod 0644 'oddjobd.conf.d/oddjobd-mkhomedir.conf'
maybe chmod 0755 'one-context.d'
maybe chmod 0755 'one-context.d/loc-05-grow-rootfs'
maybe chmod 0755 'one-context.d/loc-09-timezone'
maybe chmod 0755 'one-context.d/loc-10-network'
maybe chmod 0755 'one-context.d/loc-10-network-pci'
maybe chmod 0755 'one-context.d/loc-11-dns'
maybe chmod 0755 'one-context.d/loc-14-mount-swap'
maybe chmod 0755 'one-context.d/loc-16-gen-env'
maybe chmod 0755 'one-context.d/loc-20-set-username-password'
maybe chmod 0755 'one-context.d/loc-22-ssh_public_key'
maybe chmod 0755 'one-context.d/loc-30-console'
maybe chmod 0755 'one-context.d/loc-35-securetty'
maybe chmod 0755 'one-context.d/net-15-hostname'
maybe chmod 0755 'one-context.d/net-97-start-script'
maybe chmod 0755 'one-context.d/net-98-execute-scripts'
maybe chmod 0755 'one-context.d/net-99-report-ready'
maybe chgrp 'opendkim' 'opendkim'
maybe chmod 0755 'opendkim'
maybe chmod 0644 'opendkim.conf'
@@ -5150,7 +5134,6 @@ maybe chmod 0755 'pam.d/system-auth-ac'
maybe chmod 0644 'pam.d/system-auth.i360bak'
maybe chmod 0644 'pam.d/systemd-user'
maybe chmod 0644 'pam.d/vlock'
maybe chmod 0644 'pam.d/vmtoolsd'
maybe chmod 0644 'pam.d/vsftpd'
maybe chmod 0644 'papersize'
maybe chmod 0644 'passwd'
@@ -5631,7 +5614,6 @@ maybe chmod 0755 'rc.d/init.d'
maybe chmod 0644 'rc.d/init.d/README'
maybe chmod 0755 'rc.d/init.d/bestcrypt'
maybe chmod 0644 'rc.d/init.d/functions'
maybe chmod 0755 'rc.d/init.d/network'
maybe chmod 0755 'rc.d/init.d/rundeckd'
maybe chmod 0755 'rc.d/init.d/vpn-gazduire'
maybe chmod 0755 'rc.d/rc.local'
@@ -6088,36 +6070,10 @@ maybe chmod 0644 'sysconfig/named'
maybe chmod 0644 'sysconfig/network'
maybe chmod 0755 'sysconfig/network-scripts'
maybe chmod 0644 'sysconfig/network-scripts/ifcfg-eth0'
maybe chmod 0644 'sysconfig/network-scripts/ifcfg-lo'
maybe chmod 0755 'sysconfig/network-scripts/ifdown'
maybe chmod 0755 'sysconfig/network-scripts/ifdown-Team'
maybe chmod 0755 'sysconfig/network-scripts/ifdown-TeamPort'
maybe chmod 0755 'sysconfig/network-scripts/ifdown-bnep'
maybe chmod 0755 'sysconfig/network-scripts/ifdown-eth'
maybe chmod 0755 'sysconfig/network-scripts/ifdown-ippp'
maybe chmod 0755 'sysconfig/network-scripts/ifdown-ipv6'
maybe chmod 0755 'sysconfig/network-scripts/ifdown-post'
maybe chmod 0755 'sysconfig/network-scripts/ifdown-routes'
maybe chmod 0755 'sysconfig/network-scripts/ifdown-sit'
maybe chmod 0755 'sysconfig/network-scripts/ifdown-tunnel'
maybe chmod 0755 'sysconfig/network-scripts/ifup'
maybe chmod 0755 'sysconfig/network-scripts/ifup-Team'
maybe chmod 0755 'sysconfig/network-scripts/ifup-TeamPort'
maybe chmod 0755 'sysconfig/network-scripts/ifup-aliases'
maybe chmod 0755 'sysconfig/network-scripts/ifup-bnep'
maybe chmod 0755 'sysconfig/network-scripts/ifup-eth'
maybe chmod 0755 'sysconfig/network-scripts/ifup-ippp'
maybe chmod 0755 'sysconfig/network-scripts/ifup-ipv6'
maybe chmod 0755 'sysconfig/network-scripts/ifup-plip'
maybe chmod 0755 'sysconfig/network-scripts/ifup-plusb'
maybe chmod 0755 'sysconfig/network-scripts/ifup-post'
maybe chmod 0755 'sysconfig/network-scripts/ifup-routes'
maybe chmod 0755 'sysconfig/network-scripts/ifup-sit'
maybe chmod 0755 'sysconfig/network-scripts/ifup-tunnel'
maybe chmod 0755 'sysconfig/network-scripts/ifup-wireless'
maybe chmod 0755 'sysconfig/network-scripts/init.ipv6-global'
maybe chmod 0644 'sysconfig/network-scripts/network-functions'
maybe chmod 0644 'sysconfig/network-scripts/network-functions-ipv6'
maybe chmod 0644 'sysconfig/network-scripts/route-eth0'
maybe chmod 0600 'sysconfig/nftables.conf'
maybe chmod 0644 'sysconfig/node_exporter'
@@ -6189,7 +6145,6 @@ maybe chmod 0755 'systemd/system/sysinit.target.wants'
maybe chmod 0755 'systemd/system/timers.target.wants'
maybe chmod 0644 'systemd/system/var-lib-snapd-snap-core18-1885.mount'
maybe chmod 0644 'systemd/system/var-lib-snapd-snap-snapd-9279.mount'
maybe chmod 0755 'systemd/system/vmtoolsd.service.requires'
maybe chmod 0755 'systemd/user'
maybe chmod 0644 'systemd/user.conf'
maybe chmod 0755 'systemd/user/sockets.target.wants'
@@ -6216,8 +6171,6 @@ maybe chmod 0444 'udev/hwdb.bin'
maybe chmod 0755 'udev/hwdb.d'
maybe chmod 0755 'udev/rules.d'
maybe chmod 0644 'udev/rules.d/70-snap.snapd.rules'
maybe chmod 0644 'udev/rules.d/75-cd-aliases-generator.rules'
maybe chmod 0644 'udev/rules.d/75-persistent-net-generator.rules'
maybe chmod 0644 'udev/rules.d/90-bcrypt-device-permissions.rules'
maybe chmod 0644 'udev/udev.conf'
maybe chmod 0755 'unbound'
@@ -6227,29 +6180,6 @@ maybe chmod 0644 'updatedb.conf'
maybe chmod 0644 'vconsole.conf'
maybe chmod 0644 'vimrc'
maybe chmod 0644 'virc'
maybe chmod 0755 'vmware-tools'
maybe chmod 0755 'vmware-tools/poweroff-vm-default'
maybe chmod 0755 'vmware-tools/poweron-vm-default'
maybe chmod 0755 'vmware-tools/resume-vm-default'
maybe chmod 0755 'vmware-tools/scripts'
maybe chmod 0755 'vmware-tools/scripts/vmware'
maybe chmod 0755 'vmware-tools/scripts/vmware/network'
maybe chmod 0755 'vmware-tools/statechange.subr'
maybe chmod 0755 'vmware-tools/suspend-vm-default'
maybe chmod 0644 'vmware-tools/tools.conf.example'
maybe chmod 0755 'vmware-tools/vgauth'
maybe chmod 0644 'vmware-tools/vgauth.conf'
maybe chmod 0755 'vmware-tools/vgauth/schemas'
maybe chmod 0644 'vmware-tools/vgauth/schemas/XMLSchema-hasFacetAndProperty.xsd'
maybe chmod 0644 'vmware-tools/vgauth/schemas/XMLSchema-instance.xsd'
maybe chmod 0644 'vmware-tools/vgauth/schemas/XMLSchema.dtd'
maybe chmod 0644 'vmware-tools/vgauth/schemas/XMLSchema.xsd'
maybe chmod 0644 'vmware-tools/vgauth/schemas/catalog.xml'
maybe chmod 0644 'vmware-tools/vgauth/schemas/datatypes.dtd'
maybe chmod 0644 'vmware-tools/vgauth/schemas/saml-schema-assertion-2.0.xsd'
maybe chmod 0644 'vmware-tools/vgauth/schemas/xenc-schema.xsd'
maybe chmod 0644 'vmware-tools/vgauth/schemas/xml.xsd'
maybe chmod 0644 'vmware-tools/vgauth/schemas/xmldsig-core-schema.xsd'
maybe chmod 0755 'vpnc'
maybe chmod 0600 'vpnc/default.conf'
maybe chmod 0644 'vpnc/vpnc-0.5.3-27.svn550.fc24.src.rpm'

1
alternatives/ifdown
View File

@@ -1 +0,0 @@
/etc/sysconfig/network-scripts/ifdown

1
alternatives/ifup
View File

@@ -1 +0,0 @@
/etc/sysconfig/network-scripts/ifup

99
one-context.d/loc-05-grow-rootfs
View File

@@ -1,99 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
set -e
GROW_ROOTFS=${GROW_ROOTFS:-YES}
GROW_ROOTFS=${GROW_ROOTFS^^}
if [ "${GROW_ROOTFS}" != 'YES' ]; then
echo 'Skipped root filesystem growing.' >&2
exit 0
fi
# FreeBSD
if [ -x /etc/rc.d/growfs ]; then
/etc/rc.d/growfs onestart
exit $?
fi
MOUNT_LINE=$(cat /etc/mtab | grep ' / ' | grep -v '^rootfs')
DEVICE=$(echo "$MOUNT_LINE" | cut -d' ' -f1)
FSTYPE=$(echo "$MOUNT_LINE" | cut -d' ' -f3)
GROWPART=$(which growpart)
if [ $? -ne 0 ]; then
echo "growpart command is missing"
exit 1
fi
if [ $(lvdisplay ${DEVICE} 2>/dev/null | wc -l) -eq 0 ]; then
DEVICE=$(findmnt -ln -o SOURCE /)
DISK=$(echo "$DEVICE" | sed 's/[0-9]*$//')
PARTITION=$(echo "$DEVICE" | sed "s|^$DISK||")
LVM="no"
fi
if [ "${LVM}" != "no" ]; then
if [ -f /etc/debian_version ]; then
DEVICE=$(mount | grep ' / ' | grep -v '^rootfs'|cut -d' ' -f1)
fi
PVRESIZE=$(which pvresize)
LVEXTEND=$(which lvextend)
DISK=$(pvdisplay |grep "PV Name"|awk '{print $3}'|sed 's/.$//')
PARTITION=$(pvdisplay |grep "PV Name"|awk '{print $3}'| sed "s|^${DISK}||")
PV=$(pvdisplay |grep "PV Name"|awk '{print $3}')
LV=$(lvdisplay ${DEVICE} |grep "LV Path"|awk '{print $3}')
# when PV is on MSDOS logical partition, detect the umbrella
# extended partition and grow it first
TABLE=$(parted -s ${DISK} print 2>/dev/null | grep 'Partition Table:' | awk '{print $3}')
if [ "${TABLE}" = 'msdos' ] && [ ${PARTITION} -gt 4 ]; then
PARTITION="$(parted -s ${DISK} print | grep 'extended' | awk '{print $1}') $PARTITION"
fi
fi
if [ -n "$DEBUG" ]; then
echo DEVICE: ${DEVICE}
echo FSTYPE: ${FSTYPE}
echo DISK: ${DISK}
echo PARTITION: ${PARTITION}
fi
(
for PART in ${PARTITION}; do
${GROWPART} ${DISK} ${PART}
done
if [ "${LVM}" != "no" ]; then
${PVRESIZE} ${PV}
${LVEXTEND} -l +100%FREE ${LV}
fi
) || : # don't fail, partition can be already extended by dracut
case "${FSTYPE}" in
ext2|ext3|ext4)
resize2fs ${DEVICE}
;;
xfs)
xfs_growfs /
;;
btrfs)
btrfs filesystem resize max /
;;
esac

38
one-context.d/loc-09-timezone
View File

@@ -1,38 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
if [ -z "${TIMEZONE}" ]; then
exit 0
fi
if ! timedatectl set-timezone "${TIMEZONE}" 2>/dev/null; then
_tz_base='/usr/share/zoneinfo/'
_tz_dest=$(readlink -f "${_tz_base}${TIMEZONE}" 2>/dev/null)
# if timezone file path is resolvable file and
# real path is inside the timezone directory
if [ -n "${_tz_dest}" ] &&
[ -f "${_tz_dest}" ] &&
[[ "${_tz_dest}" =~ ^${_tz_base} ]];
then
ln -sf "${_tz_dest}" /etc/localtime
else
echo "ERROR: Invalid timezone '${TIMEZONE}'" >&2
exit 1
fi
fi

320
one-context.d/loc-10-network
View File

@@ -1,320 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
COMMAND=${1}
# Gets IP address from a given MAC
mac2ip() {
mac=$1
let ip_a=0x`echo $mac | cut -d: -f 3`
let ip_b=0x`echo $mac | cut -d: -f 4`
let ip_c=0x`echo $mac | cut -d: -f 5`
let ip_d=0x`echo $mac | cut -d: -f 6`
ip="$ip_a.$ip_b.$ip_c.$ip_d"
echo $ip
}
# Gets the network part of an IP
get_network() {
network=$(get_iface_var "NETWORK")
if [ -z "$network" ]; then
IFS=. read -r i1 i2 i3 i4 <<< "$IP"
IFS=. read -r m1 m2 m3 m4 <<< "$(get_mask)"
network=$(printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))")
fi
echo $network
}
# Gets the network mask
get_mask() {
mask=$(get_iface_var "MASK")
if [ -z "$mask" ]; then
mask="255.255.255.0"
fi
echo $mask
}
# Gets device MTU
get_mtu() {
mtu=$(get_iface_var "MTU")
echo $mtu
}
is_gateway() {
if [ -z "$GATEWAY_IFACE_NUM" ]; then
true
else
[ "$IFACE_NUM" = "$GATEWAY_IFACE_NUM" ]
fi
}
# Gets the network gateway
get_gateway() {
if is_gateway; then
gateway=$(get_iface_var "GATEWAY")
echo $gateway
fi
}
# Gets the network gateway6
get_gateway6() {
if is_gateway; then
get_iface_var "GATEWAY6"
fi
}
get_ip() {
ip=$(get_iface_var "IP")
echo $ip
}
get_iface_var() {
var_name="${UPCASE_DEV}_$1"
var=$(eval "echo \"\${$var_name}\"")
echo $var
}
gen_iface_conf() {
cat <<EOT
NETMASK=$MASK
IPADDR=$IP
EOT
if [ -n "$GATEWAY" ]; then
if [ "$CONFIG_PATH" = "/etc/sysconfig/network" ]; then
echo "default $GATEWAY - $DEV ${METRIC:+metric ${METRIC}}" \
>> "${CONFIG_PATH}/ifroute-${DEV}"
else
echo "default via $GATEWAY dev $DEV ${METRIC:+metric ${METRIC}}" \
>> "${CONFIG_PATH}/route-${DEV}"
fi
fi
if [ -n "$MTU" ]; then
echo "MTU=$MTU"
fi
}
gen_alias_conf() {
cat <<EOT
IPADDR${ALIAS_NUM}="${IP}"
NETMASK${ALIAS_NUM}="${MASK}"
EOT
}
gen_alias6_conf() {
if [ "$CONFIG_PATH" = "/etc/sysconfig/network" ]; then
echo "IPADDR_A6A${ALIAS_NUM}=$IP6/${IP6_PREFIX_LENGTH:-64}"
else
IPV6ADDR_SECONDARIES="${IPV6ADDR_SECONDARIES} ${IP6}/${IP6_PREFIX_LENGTH:-64}"
fi
if [ -n "$IP6_ULA" ]; then
if [ "$CONFIG_PATH" = "/etc/sysconfig/network" ]; then
echo "IPADDR_A6B${ALIAS_NUM}=$IP6_ULA/64"
else
IPV6ADDR_SECONDARIES="${IPV6ADDR_SECONDARIES} ${IP6_ULA}/64"
fi
fi
}
gen_iface6_conf() {
if [ "$CONFIG_PATH" = "/etc/sysconfig/network" ]; then
echo "IPADDR_6A=$IP6/${IP6_PREFIX_LENGTH:-64}"
cat <<EOT >> /etc/sysconfig/network/ifsysctl-$DEV
net.ipv6.conf.\$SYSCTL_IF.autoconf = 0
net.ipv6.conf.\$SYSCTL_IF.accept_ra = 0
EOT
else
cat <<EOT
IPV6INIT=yes
IPV6ADDR=$IP6/${IP6_PREFIX_LENGTH:-64}
IPV6_AUTOCONF=no
EOT
fi
if [ -n "$IP6_ULA" ]; then
if [ "$CONFIG_PATH" = "/etc/sysconfig/network" ]; then
echo "IPADDR_6B=$IP6_ULA/64"
else
IPV6ADDR_SECONDARIES="${IPV6ADDR_SECONDARIES} ${IP6_ULA}/64"
fi
fi
if [ -n "$GATEWAY6" ]; then
if [ "$CONFIG_PATH" = "/etc/sysconfig/network" ]; then
echo "default $GATEWAY6 - $DEV" >> /etc/sysconfig/network/ifroute-$DEV
else
echo "IPV6_DEFAULTGW=$GATEWAY6"
fi
fi
if [ -n "$MTU" ]; then
echo "IPV6_MTU=$MTU"
fi
}
get_interface_mac()
{
ip link show | awk '/^[0-9]+: [A-Za-z0-9@]+:/ { device=$2; gsub(/:/, "",device); split(device,dev,"@")} /link\/ether/ { print dev[1] " " $2 }'
}
get_context_interfaces()
{
env | grep -E "^ETH[0-9]+_MAC=" | sed 's/_.*$//' | sort
}
get_interface_alias()
{
env | grep -E "^ETH${INDEX}_ALIAS[0-9]+_MAC=" | cut -d '_' -f 2 | sort
}
get_dev()
{
list="$1"
mac="$2"
echo "$list" | grep "$mac" | cut -d' ' -f1 | tail -n1
}
gen_network_configuration()
{
if [ -d /etc/sysconfig/network-scripts ]; then
CONFIG_PATH=/etc/sysconfig/network-scripts
elif [ -d /etc/sysconfig/network ]; then
CONFIG_PATH=/etc/sysconfig/network
fi
INTERFACE_MAC=$(get_interface_mac)
CONTEXT_INTERFACES=$(get_context_interfaces)
GATEWAY_IFACE_NUM=$(echo "$GATEWAY_IFACE" | sed 's/^ETH//')
for interface in $CONTEXT_INTERFACES; do
UPCASE_DEV=$interface
MAC=$(get_iface_var "MAC")
DEV=$(get_dev "$INTERFACE_MAC" "$MAC")
IFACE_NUM=$(echo "$UPCASE_DEV" | sed 's/^ETH//')
IP=$(get_ip)
NETWORK=$(get_network)
MASK=$(get_mask)
MTU=$(get_mtu)
GATEWAY=$(get_gateway)
METRIC=$(get_iface_var "METRIC")
IP6=$(get_iface_var "IP6")
[[ -z $IP6 ]] && IP6=$(get_iface_var "IPV6")
IP6_PREFIX_LENGTH=$(get_iface_var "IP6_PREFIX_LENGTH")
IP6_ULA=$(get_iface_var "IP6_ULA")
GATEWAY6=$(get_gateway6)
# cumulative variable
IPV6ADDR_SECONDARIES=''
[ -z "${IP}${IP6}" ] && continue
[ -z "${DEV}" ] && continue
(
rm -f /etc/sysconfig/network-scripts/route-$DEV
rm -f /etc/sysconfig/network/ifroute-$DEV
rm -f /etc/sysconfig/network/ifsysctl-$DEV
cat <<EOT
DEVICE=$DEV
BOOTPROTO=static
NM_CONTROLLED=no
TYPE=Ethernet
EOT
if [ "$CONFIG_PATH" = "/etc/sysconfig/network" ]; then
echo "STARTMODE=auto"
else
echo "ONBOOT=yes"
fi
[[ -n $IP ]] && gen_iface_conf
[[ -n $IP6 ]] && gen_iface6_conf
INDEX=${interface: -1}
ALIAS=$(get_interface_alias)
ALIAS_NUM=0
for nic_alias in $ALIAS; do
UPCASE_DEV="ETH${INDEX}_${nic_alias}"
IP=$(get_ip)
MASK=$(get_mask)
IP6=$(get_iface_var "IP6")
[[ -z $IP6 ]] && IP6=$(get_iface_var "IPV6")
IP6_PREFIX_LENGTH=$(get_iface_var "IP6_PREFIX_LENGTH")
IP6_ULA=$(get_iface_var "IP6_ULA")
EXTERNAL=$(get_iface_var "EXTERNAL")
EXTERNAL=${EXTERNAL^^}
DETACH=$(get_iface_var "DETACH")
if [ -z "${DETACH}" ]; then
if [ -z "${EXTERNAL}" ] || [ "$EXTERNAL" = "NO" ]; then
[ -n "${IP}" ] && gen_alias_conf
[ -n "${IP6}" ] && gen_alias6_conf
if [ -n "${IP}${IP6}" ]; then
ALIAS_NUM=$((ALIAS_NUM + 1))
fi
fi
fi
done
# on Red Hats, we need just a single configuration
# entry with all additional IPv6 addresses
if [ -n "${IPV6ADDR_SECONDARIES}" ]; then
echo "IPV6ADDR_SECONDARIES='${IPV6ADDR_SECONDARIES## }'"
fi
) > ${CONFIG_PATH}/ifcfg-${DEV}
ifup ${DEV}
done
}
configure_network()
{
gen_network_configuration
if [ "${COMMAND}" = 'reconfigure' ]; then
service network restart
fi
sleep 2
}
[ -z "$(env | cut -d= -f1 | grep -E '^ETH[0-9]+_IPV*6*')" ] && exit 0
configure_network

113
one-context.d/loc-10-network-pci
View File

@@ -1,113 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
get_iface_var()
{
var_name="${UPCASE_DEV}_$1"
var=$(eval "echo \"\${$var_name}\"")
echo $var
}
get_pci_interfaces()
{
env | grep -E "^PCI[0-9]+_MAC=" | sed 's/_.*$//' | sort
}
get_dev_from_pci()
{
DEV=$(find /sys/class/net/*/device -lname "*$1" 2>/dev/null | awk -F '/' '{print $5}')
if [ -z "$DEV" ]; then
echo "PCI Device $1 not found" >&2
return
fi
if [ `echo "$DEV" | wc -l` -gt 1 ]; then
echo "More than one PCI Device $1 found" >&2
return
fi
echo "$DEV"
}
PCI_INTERFACES=$(get_pci_interfaces)
for pci in $PCI_INTERFACES; do
UPCASE_DEV=$pci
IP=$(get_iface_var "IP")
MAC=$(get_iface_var "MAC")
MASK=$(get_iface_var "MASK")
MASK=${MASK:-255.255.255.0}
GATEWAY=$(get_iface_var "GATEWAY")
METRIC=$(get_iface_var "METRIC")
MTU=$(get_iface_var "MTU")
MTU=${MTU:-1500}
VLAN_ID=$(get_iface_var "VLAN_ID")
IP6=$(get_iface_var "IP6")
IP6_PREFIX_LENGTH=$(get_iface_var "IP6_PREFIX_LENGTH")
IP6_PREFIX_LENGTH=${IP6_PREFIX_LENGTH:-64}
IP6_ULA=$(get_iface_var "IP6_ULA")
GATEWAY6=$(get_iface_var "GATEWAY6")
ADDRESS=$(get_iface_var "ADDRESS")
[ -z "$ADDRESS" ] && continue
DEV=$(get_dev_from_pci "$ADDRESS")
[ -z "$DEV" ] && continue
# MAC
ip link set dev $DEV address $MAC
ip link set dev $DEV up
# MTU
if [ -n "$MTU" ]; then
ip link set dev $DEV mtu $MTU
fi
# VLAN (802.1Q)
if [ -n "$VLAN_ID" ]; then
ip link add link $DEV name $DEV.$VLAN_ID type vlan id $VLAN_ID
ip link set dev $DEV.$VLAN_ID up
DEV=$DEV.$VLAN_ID
fi
# IPv4
if [ -n "$IP" ]; then
ip address add $IP/$MASK dev $DEV
if [ -n "$GATEWAY" ]; then
ip route add default via $GATEWAY dev $DEV ${METRIC:+metric ${METRIC}}
fi
fi
# IPv6
if [ -n "$IP6" ]; then
ip -6 address add $IP6/$IP6_PREFIX_LENGTH dev $DEV
if [ -n "$IP6_ULA" ]; then
ip -6 address add $IP6_ULA/64 dev $DEV
fi
if [ -n "$GATEWAY6" ]; then
ip -6 route add default via $GATEWAY6 dev $DEV
fi
fi
done

63
one-context.d/loc-11-dns
View File

@@ -1,63 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
export DNS_VARIABLES="DNS $(env | sed 's/=.*$//' | grep -E '^ETH[0-9]+_DNS$' | sort)"
export SEARCH_VARIABLES="SEARCH_DOMAIN $(env | sed 's/=.*$//' | grep -E '^ETH[0-9]+_SEARCH_DOMAIN$' | sort)"
nameservers=$(
for var in ${DNS_VARIABLES}; do
value=$(eval "echo \"\${$var}\"")
if [ -n "$value" ]; then
echo "$value"
fi
done
)
searchdomains=$(
for var in ${SEARCH_VARIABLES}; do
value=$(eval "echo \"\${$var}\"")
if [ -n "$value" ]; then
echo "$value"
fi
done
)
[ -z "$nameservers" ] && exit 0
if [ -L /etc/resolv.conf ]; then
unlink /etc/resolv.conf
else
echo -n '' > /etc/resolv.conf
fi
for nameserver in $nameservers; do
echo nameserver $nameserver >> /etc/resolv.conf
done
if [ -f /etc/sysconfig/network/config ]; then
sed -i "/^NETCONFIG_DNS_STATIC_SERVERS=/ s/=.*$/=\"$nameservers\"/" /etc/sysconfig/network/config
fi
[ -z "$searchdomains" ] && exit 0
echo search $searchdomains >> /etc/resolv.conf
if [ -f /etc/sysconfig/network/config ]; then
sed -i "/^NETCONFIG_DNS_STATIC_SEARCHLIST=/ s/=.*$/=\"$searchdomains\"/" /etc/sysconfig/network/config
fi

30
one-context.d/loc-14-mount-swap
View File

@@ -1,30 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
activate_swaps_linux() {
SWAP_DRIVES=$(blkid -t TYPE="swap" -o device)
for SWAP in $SWAP_DRIVES ; do
if [ -z "$(swapon -s | grep $SWAP)" ]; then
swapon $SWAP
fi
done
}
if [ "$(uname -s)" = 'Linux' ]; then
activate_swaps_linux
fi

49
one-context.d/loc-16-gen-env
View File

@@ -1,49 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
ENV_FILE=/var/run/one-context/one_env
MOUNT_DIR=${MOUNT_DIR:-/mnt}
TOKENTXT=$(cat "${MOUNT_DIR}/token.txt")
if [ -n "$ONEGATE_TOKEN" ]; then
TOKENTXT="$ONEGATE_TOKEN"
fi
umask 0377
echo "export TOKENTXT=\"$TOKENTXT\"" > $ENV_FILE
echo "export VMID=\"$VMID\"" >> $ENV_FILE
echo "export ONEGATE_ENDPOINT=\"$ONEGATE_ENDPOINT\"" >> $ENV_FILE
function export_rc_vars
{
if [ -f $1 ] ; then
ONE_VARS=$(cat $1 | egrep -e '^[a-zA-Z\-\_0-9]*=' | sed 's/=.*$//')
. $1
for v in $ONE_VARS; do
echo "export $v=\"${!v}\"" >> $ENV_FILE
done
fi
}
export_rc_vars ${CONTEXT_FILE}
chown root:root $ENV_FILE
chmod 0400 $ENV_FILE

102
one-context.d/loc-20-set-username-password
View File

@@ -1,102 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
# defaults
USERNAME=${USERNAME:-root}
USERNAME_SUDO=${USERNAME_SUDO:-${GRANT_SUDO:-YES}}
USERNAME_SUDO=$(echo "${USERNAME_SUDO}" | tr '[:lower:]' '[:upper:]')
USERNAME_PASSWORD_RESET=${USERNAME_PASSWORD_RESET:-NO}
USERNAME_PASSWORD_RESET=$(echo "${USERNAME_PASSWORD_RESET}" | tr '[:lower:]' '[:upper:]')
_kernel="$(uname -s)"
case "${_kernel}" in
'FreeBSD')
USERNAME_SHELL=${USERNAME_SHELL:-/usr/local/bin/bash}
_sudoers_file='/usr/local/etc/sudoers.d/one-context'
;;
*)
USERNAME_SHELL=${USERNAME_SHELL:-/bin/bash}
_sudoers_file='/etc/sudoers.d/one-context'
;;
esac
# create user if missing
if ! getent passwd "${USERNAME}" > /dev/null 2>&1; then
if [ "${_kernel}" = 'FreeBSD' ]; then
pw user add "${USERNAME}" -m -s "${USERNAME_SHELL}" -w no
else
useradd -m "${USERNAME}" -p '*' -s "${USERNAME_SHELL}"
fi
fi
# enable sudo
if [ "${USERNAME_SUDO}" == "YES" ] && [ "${USERNAME}" != "root" ]; then
echo "${USERNAME} ALL=(ALL) NOPASSWD:ALL" >"${_sudoers_file}"
chmod 0440 "${_sudoers_file}"
elif [ -f "${_sudoers_file}" ]; then
unlink "${_sudoers_file}"
fi
# set password
if [ -n "${CRYPTED_PASSWORD_BASE64}" ]; then
CRYPTED_PASSWORD=$(echo $CRYPTED_PASSWORD_BASE64 | base64 -d)
if [ "${_kernel}" = 'FreeBSD' ]; then
echo "${CRYPTED_PASSWORD}" | pw user mod "${USERNAME}" -H 0
else
usermod -p "${CRYPTED_PASSWORD}" "${USERNAME}"
fi
elif [ -n "${PASSWORD_BASE64}" ]; then
PASSWORD=$(echo $PASSWORD_BASE64 | base64 -d)
if [ "${_kernel}" = 'FreeBSD' ]; then
echo $PASSWORD | pw user mod "${USERNAME}" -h 0
else
chpasswd <<< "${USERNAME}:${PASSWORD}"
fi
if [ $? -ne 0 ]; then
passwd "${USERNAME}" <<EOF
${PASSWORD}
${PASSWORD}
EOF
fi
elif [ -n "${CRYPTED_PASSWORD}" ]; then
if [ "${_kernel}" = 'FreeBSD' ]; then
echo $CRYPTED_PASSWORD | pw user mod "${USERNAME}" -H 0
else
usermod -p "${CRYPTED_PASSWORD}" "${USERNAME}"
fi
elif [ -n "${PASSWORD}" ]; then
if [ "${_kernel}" = 'FreeBSD' ]; then
echo $PASSWORD | pw user mod "${USERNAME}" -h 0
else
chpasswd <<< "${USERNAME}:${PASSWORD}"
fi
if [ $? -ne 0 ]; then
passwd "${USERNAME}" <<EOF
${PASSWORD}
${PASSWORD}
EOF
fi
elif [ "${USERNAME_PASSWORD_RESET}" = 'YES' ]; then
if [ "${_kernel}" = 'FreeBSD' ]; then
pw user mod "${USERNAME}" -w no
else
usermod -p '*' "${USERNAME}"
fi
fi

67
one-context.d/loc-22-ssh_public_key
View File

@@ -1,67 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
[ -z "${SSH_PUBLIC_KEY}${EC2_PUBLIC_KEY}" ] && exit 0
if [ -z "${USERNAME}" ]
then
USERNAME=root
fi
# Get user $HOME directory
USER_HOME=$(getent passwd "${USERNAME}" | awk -F':' '{print $6}')
if [ -n "${USER_HOME}" ]
then
AUTH_DIR="${USER_HOME}/.ssh"
else
# Fallback on root
AUTH_DIR="/root/.ssh"
fi
AUTH_FILE="$AUTH_DIR/authorized_keys"
function add_keys {
while read key; do
if ! grep -q -F "$key" $AUTH_FILE; then
echo "$key" >> $AUTH_FILE
fi
done
}
[ -z "${SSH_PUBLIC_KEY}${EC2_PUBLIC_KEY}" ] && exit 0
mkdir -m0700 -p $AUTH_DIR
[ ! -f $AUTH_FILE ] && touch $AUTH_FILE
if [ -n "$SSH_PUBLIC_KEY" ]; then
echo "$SSH_PUBLIC_KEY" | add_keys
fi
if [ -n "$EC2_PUBLIC_KEY" ]; then
echo "$EC2_PUBLIC_KEY" | add_keys
fi
chown "${USERNAME}": ${AUTH_DIR} ${AUTH_FILE}
chmod 600 $AUTH_FILE
# restore SELinux contexts
if which restorecon &>/dev/null; then
restorecon -R -v "${AUTH_DIR}"
fi

22
one-context.d/loc-30-console
View File

@@ -1,22 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
# Linux
for _dev_tty in $(find /dev -type c -name 'tty[0-9]*'); do
TERM=linux setterm -blank 0 -powerdown 0 >>"${_dev_tty}"
done

55
one-context.d/loc-35-securetty
View File

@@ -1,55 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
_pam_file="/etc/pam.d/login"
if [ ! -f "${_pam_file}" ]; then
exit 0
fi
_kernel="$(uname -s)"
if [ "${_kernel}" = 'FreeBSD' ]; then
SED_I="sed -i ''"
else
SED_I="sed -i''"
fi
### Defaults
# By default, disable pam_securetty in the containers.
# For virtualized machines, have the securetty enabled.
if grep -qia 'container=' /proc/1/environ 2>/dev/null; then
SECURETTY=${SECURETTY:-NO}
fi
SECURETTY=${SECURETTY:-YES}
SECURETTY=${SECURETTY^^}
###
_note='# one-contextd'
if [ "${SECURETTY}" = 'YES' ]; then
if grep -qE "^#.*pam_securetty.*${_note}" "${_pam_file}"; then
eval "${SED_I} -e 's/^#\([^#]*\)${_note}.*$/\1/' -e 's/[[:space:]]*$//' \"${_pam_file}\""
fi
elif [ "${SECURETTY}" = 'NO' ]; then
if grep -qE '^[^#]*pam_securetty' "${_pam_file}"; then
eval "${SED_I} -e 's/^\([^#]*pam_securetty.*\)$/#\1 ${_note}/' \"${_pam_file}\""
fi
fi

164
one-context.d/net-15-hostname
View File

@@ -1,164 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
_kernel="$(uname -s)"
if [ "${_kernel}" = 'FreeBSD' ]; then
SED_I="sed -i ''"
else
SED_I="sed -i''"
fi
function set_hostname() {
local hostname=$1
if [ -d /run/systemd/system/ ] && hostnamectl status >/dev/null 2>/dev/null; then
hostnamectl set-hostname --static "${hostname}"
else
if [ -f /etc/sysconfig/network ]; then
eval "${SED_I} '/^HOSTNAME=.*$/d' /etc/sysconfig/network"
echo "HOSTNAME=${hostname}" >>/etc/sysconfig/network
elif [ "${_kernel}" = 'FreeBSD' ]; then
sysrc hostname="${hostname}"
else
echo "${hostname}" >/etc/hostname
fi
hostname "${hostname}"
fi
}
function set_domainname() {
domain=$1
eval "${SED_I} -e '/^domain .*/d' /etc/resolv.conf"
echo "domain ${domain}" >>/etc/resolv.conf
}
function get_first_ip() {
local ip
ip=${ip:-$(ip route get 1 2>/dev/null | grep 'src [0-9\.]\+' | head -1 | sed -e 's/^.*src \([0-9\.]*\).*$/\1/')}
ip=${ip:-$(ip -4 address show scope global up 2>/dev/null | awk '/inet / { gsub(/\/[^\/]+$/, "", $2); print $2; exit}')}
ip=${ip:-$(ifconfig 2>/dev/null | awk '/inet / { gsub(/\/[^\/]+$/, "", $2); print $2; exit}')}
ip=${ip:-$(hostname -I 2>/dev/null | cut -d' ' -f1)}
ip=${ip:-$(hostname -i 2>/dev/null)}
echo "${ip}"
}
function get_dns_name() {
text=$(LC_ALL=C host "$1" 2>/dev/null)
[ $? = 0 ] || exit 0
[[ $text == *"has no PTR record" ]] && exit 0
name=$(echo "$text" | awk '/(has address|name pointer)/ {print $(NF)}' | sed 's/\.$//')
echo $name
}
function update_hosts() {
ip=$1
name=$2
hostname=$3
if [ "x${hostname}" = "x${name}" ]; then
hosts="${name}"
else
hosts="${name} ${hostname}"
fi
note='# one-contextd'
entry="${ip} ${hosts} ${note}"
# update our old entry
if grep -qi "${note}" /etc/hosts; then
eval "${SED_I} -e \"s/^.*${note}\$/${entry}/\" /etc/hosts"
# update entry with same IP (but not localhost)
elif grep -E "^${ip}[[:space:]]" /etc/hosts | grep -qv localhost; then
eval "${SED_I} -e \"/localhost/! s/^${ip}[[:space:]].*\$/${entry}/\" /etc/hosts"
# update entry with same name
elif grep -qE "[[:space:]]${name}([[:space:]]|#|\$)" /etc/hosts; then
eval "${SED_I} -re \"s/^.*[[:space:]]${name}([[:space:]#].*|$)/${entry}/\" /etc/hosts"
# create new entry
elif [ -f /etc/hosts ]; then
# In FreeBSD, sed doesn't interpret \n. We put a real newline.
eval "${SED_I} -e \"1s/^/${entry}\"$'\\\\\n/' /etc/hosts"
else
echo "${entry}" >>/etc/hosts
fi
}
#####
first_ip=$(get_first_ip)
if [ -n "$SET_HOSTNAME" ]; then
name=$(echo "$SET_HOSTNAME" | \
sed -e 's/[^-a-zA-Z0-9\.]/-/g' -e 's/^-*//g' -e 's/-*$//g')
elif [ -n "$DNS_HOSTNAME" ]; then
name=$(get_dns_name "${first_ip}")
elif [ "${EC2_HOSTNAME}" = 'YES' ]; then
# try to quickly get hostname from the EC2 metadata server or
# create hostname based on the first IPv4 (format: "ip-1-2-3-4")
name=$(curl -sf -m 5 'http://169.254.169.254/latest/meta-data/local-hostname' 2>/dev/null)
if [ -z "${name}" ]; then
name="$(echo "${first_ip}" | grep -x '[0-9\.]\+' | tr . -)"
if [ -n "${name}" ]; then
name="ip-${name}"
fi
fi
fi
if [ -n "${name}" ]; then
# split host and domain names
hostname=${name%%.*}
domain=${name#*.}
if [ "x${domain}" = "x${hostname}" ]; then
domain=''
fi
# FreeBSD
if [ "${_kernel}" = 'FreeBSD' ]; then
set_hostname "${name}"
else
set_hostname "${hostname}"
fi
if [ -n "${domain}" ]; then
set_domainname "${domain}"
fi
if [ -n "${DNS_HOSTNAME}" ]; then
host_ip=$first_ip
else
# If selected hostname resolves on first IP,
# use first IP for local hostname in /etc/hosts.
# Otherwise use loopback IP.
name_ip=$(get_dns_name "${name}")
if [ "x${first_ip}" = "x${name_ip}" ]; then
host_ip=$first_ip
elif [ -f /etc/debian_version ]; then
host_ip='127.0.1.1'
else
host_ip='127.0.0.1'
fi
fi
if [ -n "${host_ip}" ]; then
update_hosts "${host_ip}" "${name}" "${hostname}"
fi
fi

40
one-context.d/net-97-start-script
View File

@@ -1,40 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
MOUNT_DIR=${MOUNT_DIR:-/mnt}
TMP_DIR=$(mktemp -d "/tmp/one-context.XXXXXX")
TMP_FILE="${TMP_DIR}/one-start-script"
START_SCRIPT_AVAILABLE=no
chmod 700 "${TMP_DIR}"
if [ -n "$START_SCRIPT_BASE64" ]; then
echo "${START_SCRIPT_BASE64}" | base64 -d > $TMP_FILE
START_SCRIPT_AVAILABLE=yes
elif [ -n "$START_SCRIPT" ]; then
echo "${START_SCRIPT}" > $TMP_FILE
START_SCRIPT_AVAILABLE=yes
fi
if [ "$START_SCRIPT_AVAILABLE" = "yes" ]; then
cd $MOUNT_DIR
chmod +x $TMP_FILE
$TMP_FILE
fi
rm -rf "${TMP_DIR}"

38
one-context.d/net-98-execute-scripts
View File

@@ -1,38 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
MOUNT_DIR=${MOUNT_DIR:-/mnt}
TMP_DIR=$(mktemp -d "/tmp/one-context.XXXXXX")
chmod 700 "${TMP_DIR}"
if [ -z "$INIT_SCRIPTS" ]; then
if [ -f "$MOUNT_DIR/init.sh" ]; then
INIT_SCRIPTS=init.sh
fi
fi
cd $MOUNT_DIR
for f in $INIT_SCRIPTS; do
cp "$f" "${TMP_DIR}/"
chmod +x $TMP_DIR/$f
$TMP_DIR/$f
done
rm -rf "${TMP_DIR}"

62
one-context.d/net-99-report-ready
View File

@@ -1,62 +0,0 @@
#!/usr/bin/env bash
# -------------------------------------------------------------------------- #
# Copyright 2002-2020, OpenNebula Project, OpenNebula Systems #
# #
# Licensed under the Apache License, Version 2.0 (the "License"); you may #
# not use this file except in compliance with the License. You may obtain #
# a copy of the License at #
# #
# http://www.apache.org/licenses/LICENSE-2.0 #
# #
# Unless required by applicable law or agreed to in writing, software #
# distributed under the License is distributed on an "AS IS" BASIS, #
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
# See the License for the specific language governing permissions and #
# limitations under the License. #
#--------------------------------------------------------------------------- #
ENV_FILE=${ENV_FILE:-/var/run/one-context/one_env}
if [ "$REPORT_READY" != "YES" ]; then
exit 0
fi
# $TOKENTXT is available only through the env. file
if [ -f "${ENV_FILE}" ]; then
. "${ENV_FILE}"
fi
###
if which curl >/dev/null 2>&1; then
curl -X "PUT" "${ONEGATE_ENDPOINT}/vm" \
--header "X-ONEGATE-TOKEN: $TOKENTXT" \
--header "X-ONEGATE-VMID: $VMID" \
--insecure \
-d "READY=YES"
if [ "$?" = "0" ]; then
exit 0
fi
fi
if which wget >/dev/null 2>&1; then
wget --method=PUT "${ONEGATE_ENDPOINT}/vm" \
--body-data="READY=YES" \
--header "X-ONEGATE-TOKEN: $TOKENTXT" \
--header "X-ONEGATE-VMID: $VMID" \
--no-check-certificate
if [ "$?" = "0" ]; then
exit 0
fi
fi
if which onegate >/dev/null 2>&1; then
onegate vm update --data "READY=YES"
if [ "$?" = "0" ]; then
exit 0
fi
fi

5
pam.d/vmtoolsd
View File

@@ -1,5 +0,0 @@
#%PAM-1.0
auth substack password-auth
auth include postlogin
account required pam_nologin.so
account include password-auth

268
rc.d/init.d/network
View File

@@ -1,268 +0,0 @@
#! /bin/bash
#
# network Bring up/down networking
#
# chkconfig: - 10 90
# description: Activates/Deactivates all network interfaces configured to \
# start at boot time.
#
### BEGIN INIT INFO
# Provides: $network
# Should-Start: iptables ip6tables NetworkManager-wait-online NetworkManager $network-pre
# Short-Description: Bring up/down networking
# Description: Bring up/down networking
### END INIT INFO
# Source function library.
. /etc/init.d/functions
if [ ! -f /etc/sysconfig/network ]; then
exit 6
fi
. /etc/sysconfig/network
if [ -f /etc/sysconfig/pcmcia ]; then
. /etc/sysconfig/pcmcia
fi
# Check that networking is up.
[ "${NETWORKING}" = "no" ] && exit 6
# if the ip configuration utility isn't around we can't function.
[ -x /sbin/ip ] || exit 1
CWD=$(pwd)
cd /etc/sysconfig/network-scripts
. ./network-functions
# find all the interfaces besides loopback.
# ignore aliases, alternative configurations, and editor backup files
interfaces=$(ls ifcfg-* | \
LC_ALL=C sed -e "$__sed_discard_ignored_files" \
-e '/\(ifcfg-lo$\|:\|ifcfg-.*-range\)/d' \
-e '{ s/^ifcfg-//g;s/[0-9]/ &/}' | \
LC_ALL=C sort -k 1,1 -k 2n | \
LC_ALL=C sed 's/ //')
rc=0
if ! [ -f /etc/sysconfig/disable-deprecation-warnings ]; then
net_log $"You are using 'network' service provided by 'network-scripts', which are now deprecated." warning network >&2
net_log $"'network-scripts' will be removed in one of the next major releases of RHEL." warning network >&2
net_log $"It is advised to switch to 'NetworkManager' instead for network management." warning network >&2
# This disables additional warnings during the boot process:
export DEPRECATION_WARNING_ISSUED='true'
fi
# See how we were called.
case "$1" in
start)
[ "$EUID" != "0" ] && exit 4
rc=0
# IPv6 hook (pre IPv4 start)
if [ -x /etc/sysconfig/network-scripts/init.ipv6-global ]; then
/etc/sysconfig/network-scripts/init.ipv6-global start pre
fi
apply_sysctl
#tell NM to reload its configuration
if [ "$(LANG=C nmcli -t --fields running general status 2>/dev/null)" = "running" ]; then
nmcli connection reload
fi
# bring up loopback interface
action $"Bringing up loopback interface: " ./ifup ifcfg-lo
case "$VLAN" in
yes)
if [ ! -d /proc/net/vlan ] && ! modprobe 8021q >/dev/null 2>&1 ; then
net_log $"No 802.1Q VLAN support available in kernel."
fi
;;
esac
vlaninterfaces=""
vpninterfaces=""
xdslinterfaces=""
bridgeinterfaces=""
# bring up all other interfaces configured to come up at boot time
for i in $interfaces; do
unset DEVICE TYPE SLAVE NM_CONTROLLED
eval $(LANG=C grep -F "DEVICE=" ifcfg-$i)
eval $(LANG=C grep -F "TYPE=" ifcfg-$i)
eval $(LANG=C grep -F "SLAVE=" ifcfg-$i)
eval $(LANG=C grep -F "NM_CONTROLLED=" ifcfg-$i)
if [ -z "$DEVICE" ] ; then DEVICE="$i"; fi
if [ "$SLAVE" = "yes" ] && ( ! is_nm_running || is_false $NM_CONTROLLED ) ; then
continue
fi
if [ "${DEVICE##cipcb}" != "$DEVICE" ] ; then
vpninterfaces="$vpninterfaces $i"
continue
fi
if [ "$TYPE" = "xDSL" -o "$TYPE" = "Modem" ]; then
xdslinterfaces="$xdslinterfaces $i"
continue
fi
if [ "$TYPE" = "Bridge" ]; then
bridgeinterfaces="$bridgeinterfaces $i"
continue
fi
if [ "$TYPE" = "IPSEC" ] || [ "$TYPE" = "IPIP" ] || [ "$TYPE" = "GRE" ]; then
vpninterfaces="$vpninterfaces $i"
continue
fi
if [ "${DEVICE%%.*}" != "$DEVICE" -o "${DEVICE##vlan}" != "$DEVICE" ] ; then
vlaninterfaces="$vlaninterfaces $i"
continue
fi
if ( . ./ifcfg-"$i" ; is_false "$ONBOOT" ) ; then
# this loads the module, to preserve ordering
is_available $i
continue
fi
action $"Bringing up interface $i: " ./ifup $i boot
[ $? -ne 0 ] && rc=1
done
# Bring up xDSL and VPN interfaces
for i in $vlaninterfaces $bridgeinterfaces $xdslinterfaces $vpninterfaces ; do
if ( . ./ifcfg-"$i" ; ! is_false "$ONBOOT" ) ; then
action $"Bringing up interface $i: " ./ifup $i boot
[ $? -ne 0 ] && rc=1
fi
done
# Add non interface-specific static-routes.
if [ -f /etc/sysconfig/static-routes ]; then
if [ -x /sbin/route ]; then
grep "^any" /etc/sysconfig/static-routes | while read ignore args ; do
/sbin/route add -$args
done
else
net_log $"Legacy static-route support not available: /sbin/route not found"
fi
fi
# IPv6 hook (post IPv4 start)
if [ -x /etc/sysconfig/network-scripts/init.ipv6-global ]; then
/etc/sysconfig/network-scripts/init.ipv6-global start post
fi
# Run this again to catch any interface-specific actions
apply_sysctl
touch /var/lock/subsys/network
[ -n "${NETWORKDELAY}" ] && /bin/sleep ${NETWORKDELAY}
;;
stop)
[ "$EUID" != "0" ] && exit 4
# Don't shut the network down if root or /usr is on NFS or a network
# block device.
if systemctl show --property=RequiredBy -- -.mount usr.mount | grep -q 'remote-fs.target' ; then
net_log $"rootfs or /usr is on network filesystem, leaving network up"
exit 1
fi
# Don't shut the network down when shutting down the system if configured
# as such in sysconfig
if is_false "$IFDOWN_ON_SHUTDOWN"; then
if systemctl is-system-running | grep -q 'stopping'; then
net_log $"system is shutting down, leaving interfaces up as requested" info
exit 0
fi
fi
vlaninterfaces=""
vpninterfaces=""
xdslinterfaces=""
bridgeinterfaces=""
remaining=""
rc=0
# get list of bonding, vpn, and xdsl interfaces
for i in $interfaces; do
unset DEVICE TYPE
eval $(LANG=C grep -F "DEVICE=" ifcfg-$i)
eval $(LANG=C grep -F "TYPE=" ifcfg-$i)
if [ -z "$DEVICE" ] ; then DEVICE="$i"; fi
if [ "${DEVICE##cipcb}" != "$DEVICE" ] ; then
vpninterfaces="$vpninterfaces $i"
continue
fi
if [ "$TYPE" = "IPSEC" ] || [ "$TYPE" = "IPIP" ] || [ "$TYPE" = "GRE" ]; then
vpninterfaces="$vpninterfaces $i"
continue
fi
if [ "$TYPE" = "Bridge" ]; then
bridgeinterfaces="$bridgeinterfaces $i"
continue
fi
if [ "$TYPE" = "xDSL" -o "$TYPE" = "Modem" ]; then
xdslinterfaces="$xdslinterfaces $i"
continue
fi
if [ "${DEVICE%%.*}" != "$DEVICE" -o "${DEVICE##vlan}" != "$DEVICE" ] ; then
vlaninterfaces="$vlaninterfaces $i"
continue
fi
remaining="$remaining $i"
done
for i in $vpninterfaces $xdslinterfaces $bridgeinterfaces $vlaninterfaces $remaining; do
unset DEVICE TYPE
(. ./ifcfg-$i
if [ -z "$DEVICE" ] ; then DEVICE="$i"; fi
if ! check_device_down $DEVICE; then
action $"Shutting down interface $i: " ./ifdown $i boot
[ $? -ne 0 ] && rc=1
fi
)
done
action $"Shutting down loopback interface: " ./ifdown ifcfg-lo
sysctl -w net.ipv4.ip_forward=0 > /dev/null 2>&1
# IPv6 hook (post IPv4 stop)
if [ -x /etc/sysconfig/network-scripts/init.ipv6-global ]; then
/etc/sysconfig/network-scripts/init.ipv6-global stop post
fi
rm -f /var/lock/subsys/network
;;
status)
echo $"Configured devices:"
echo lo $interfaces
echo $"Currently active devices:"
echo $(/sbin/ip -o link show up | awk -F ": " '{ print $2 }')
;;
restart|force-reload)
cd "$CWD"
$0 stop
$0 start
rc=$?
;;
*)
echo $"Usage: $0 {start|stop|status|restart|force-reload}"
exit 2
esac
exit $rc

1
rc.d/rc0.d/K90network
View File

@@ -1 +0,0 @@
../init.d/network

1
rc.d/rc1.d/K90network
View File

@@ -1 +0,0 @@
../init.d/network

1
rc.d/rc2.d/S10network
View File

@@ -1 +0,0 @@
../init.d/network

1
rc.d/rc3.d/S10network
View File

@@ -1 +0,0 @@
../init.d/network

1
rc.d/rc4.d/S10network
View File

@@ -1 +0,0 @@
../init.d/network

1
rc.d/rc5.d/S10network
View File

@@ -1 +0,0 @@
../init.d/network

1
rc.d/rc6.d/K90network
View File

@@ -1 +0,0 @@
../init.d/network

9
sysconfig/network-scripts/ifcfg-lo
View File

@@ -1,9 +0,0 @@
DEVICE=lo
IPADDR=127.0.0.1
NETMASK=255.0.0.0
NETWORK=127.0.0.0
# If you're having problems with gated making 127.0.0.0/8 a martian,
# you can change this to something else (255.255.255.255, for example)
BROADCAST=127.255.255.255
ONBOOT=yes
NAME=loopback

77
sysconfig/network-scripts/ifdown
View File

@@ -1,77 +0,0 @@
#!/bin/bash
unset WINDOW # defined by screen, conflicts with our usage
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. ./network-functions
[ -f ../network ] && . ../network
CONFIG=$1
[ -z "$CONFIG" ] && {
echo $"usage: ifdown <configuration>" >&2
exit 1
}
if ! [ -f /etc/sysconfig/disable-deprecation-warnings ] && ! is_true ${DEPRECATION_WARNING_ISSUED}; then
net_log $"You are using 'ifdown' script provided by 'network-scripts', which are now deprecated." warning ifdown >&2
net_log $"'network-scripts' will be removed in one of the next major releases of RHEL." warning ifdown >&2
net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifdown >&2
fi
need_config "${CONFIG}"
[ -f "$CONFIG" ] || {
echo $"usage: ifdown <configuration>" >&2
exit 1
}
if [ $UID != 0 ]; then
if [ -x /usr/sbin/usernetctl ]; then
source_config
if /usr/sbin/usernetctl ${CONFIG} report ; then
exec /usr/sbin/usernetctl ${CONFIG} down
fi
fi
echo $"Users cannot control this device." >&2
exit 1
fi
source_config
if [ -n "$IN_HOTPLUG" ] && [ "${HOTPLUG}" = "no" -o "${HOTPLUG}" = "NO" ]
then
exit 0
fi
if [ "$_use_nm" = "true" ]; then
if [ -n "$UUID" -a -z "$DEVICE" ]; then
DEVICE=$(nmcli -t --fields uuid,device con show --active | awk -F ':' "\$1 == \"$UUID\" { print \$2 }")
fi
if [ -n "$DEVICE" ] && ! is_nm_device_unmanaged "$DEVICE" ; then
if ! LC_ALL=C nmcli -t -f STATE,DEVICE dev status | grep -Eq "^(failed|disconnected|unmanaged|unavailable):$DEVICE$"; then
nmcli dev disconnect "$DEVICE"
exit $?
fi
exit 0
fi
fi
if [ -x /sbin/ifdown-pre-local ]; then
/sbin/ifdown-pre-local ${DEVICE}
fi
OTHERSCRIPT="/etc/sysconfig/network-scripts/ifdown-${DEVICETYPE}"
if [ ! -x ${OTHERSCRIPT} ]; then
OTHERSCRIPT="/etc/sysconfig/network-scripts/ifdown-${TYPE}"
fi
if [ ! -x ${OTHERSCRIPT} ]; then
OTHERSCRIPT="/etc/sysconfig/network-scripts/ifdown-eth"
fi
exec ${OTHERSCRIPT} ${CONFIG} $2

49
sysconfig/network-scripts/ifdown-bnep
View File

@@ -1,49 +0,0 @@
#! /bin/bash
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. ./network-functions
[ -f ../network ] && . ../network
CONFIG=${1}
source_config
# On hotplug events, just bring the virtual device up as if it's normal Ethernet
if [ -n "$IN_HOTPLUG" ]; then
exec /etc/sysconfig/network-scripts/ifdown-eth ${CONFIG} $2
fi
stop_panu()
{
kill -TERM $(cat /run/pand-${DEVICE}.pid)
}
stop_nap()
{
kill -TERM $(cat /run/pand-${DEVICE}.pid)
/usr/bin/pand -K
}
stop_gn()
{
:
}
case "$ROLE" in
PANU)
stop_panu
;;
NAP)
stop_nap
;;
GN)
stop_gn
;;
*)
echo Unknown BNEP mode :$ROLE
;;
esac

183
sysconfig/network-scripts/ifdown-eth
View File

@@ -1,183 +0,0 @@
#!/bin/bash
# Network Interface Configuration System
# Copyright (c) 1996-2009 Red Hat, Inc. all rights reserved.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License, version 2,
# as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. ./network-functions
[ -f ../network ] && . ../network
CONFIG=${1}
source_config
. /etc/sysconfig/network
# Check to make sure the device is actually up
check_device_down ${DEVICE} && [ "$BOOTPROTO" != "dhcp" -a "$BOOTPROTO" != "bootp" ] && [ -n "$VLAN" -a "$VLAN" != "yes" ] && exit 0
if [ -n "${TEAM_MASTER}" ] && [ ! "${DEVICETYPE}" = "TeamPort" ] && [ -x ./ifdown-TeamPort ]; then
./ifdown-TeamPort ${CONFIG} $2
fi
if [ "${SLAVE}" != "yes" -o -z "${MASTER}" ]; then
if [ -n "${HWADDR}" -a -z "${MACADDR}" ]; then
FOUNDMACADDR=$(get_hwaddr ${REALDEVICE})
if [ -n "${FOUNDMACADDR}" -a "${FOUNDMACADDR}" != "${HWADDR}" ]; then
NEWCONFIG=$(get_config_by_hwaddr ${FOUNDMACADDR})
if [ -n "${NEWCONFIG}" ]; then
eval $(LANG=C grep -F "DEVICE=" $NEWCONFIG)
else
net_log $"Device ${DEVICE} has MAC address ${FOUNDMACADDR}, instead of configured address ${HWADDR}. Ignoring."
exit 1
fi
if [ -n "${NEWCONFIG}" -a "${NEWCONFIG##*/}" != "${CONFIG##*/}" -a "${DEVICE}" = "${REALDEVICE}" ]; then
exec /sbin/ifdown ${NEWCONFIG}
else
net_log $"Device ${DEVICE} has MAC address ${FOUNDMACADDR}, instead of configured address ${HWADDR}. Ignoring."
exit 1
fi
fi
fi
fi
if is_bonding_device ${DEVICE} ; then
for device in $(LANG=C grep -l "^[[:space:]]*MASTER=['\"]\?${DEVICE}['\"]\?\([[:space:]#]\|$\)" /etc/sysconfig/network-scripts/ifcfg-*) ; do
is_ignored_file "$device" && continue
/sbin/ifdown ${device##*/}
done
for arg in $BONDING_OPTS ; do
key=${arg%%=*};
[[ "${key}" != "arp_ip_target" ]] && continue
value=${arg##*=};
if [ "${value:0:1}" != "" ]; then
OLDIFS=$IFS;
IFS=',';
for arp_ip in $value; do
if grep -q $arp_ip /sys/class/net/${DEVICE}/bonding/arp_ip_target; then
echo "-$arp_ip" > /sys/class/net/${DEVICE}/bonding/arp_ip_target
fi
done
IFS=$OLDIFS;
else
value=${value#+};
if grep -q $value /sys/class/net/${DEVICE}/bonding/arp_ip_target; then
echo "-$value" > /sys/class/net/${DEVICE}/bonding/arp_ip_target
fi
fi
done
fi
/etc/sysconfig/network-scripts/ifdown-ipv6 ${CONFIG}
retcode=0
for VER in "" 6 ; do
if [ -f "/run/dhclient$VER-${DEVICE}.pid" ]; then
dhcpid=$(cat /run/dhclient$VER-${DEVICE}.pid)
generate_lease_file_name $VER
if is_true "$DHCPRELEASE"; then
/sbin/dhclient -r -lf ${LEASEFILE} -pf /run/dhclient$VER-${DEVICE}.pid ${DEVICE} >/dev/null 2>&1
retcode=$?
else
kill $dhcpid >/dev/null 2>&1
retcode=$?
reason=STOP$VER interface=${DEVICE} /sbin/dhclient-script
fi
if [ -f "/run/dhclient$VER-${DEVICE}.pid" ]; then
rm -f /run/dhclient$VER-${DEVICE}.pid
kill $dhcpid >/dev/null 2>&1
fi
fi
done
# we can't just delete the configured address because that address
# may have been changed in the config file since the device was
# brought up. Flush all addresses associated with this
# instance instead.
if [ -d "/sys/class/net/${REALDEVICE}" ]; then
LABEL=
if [ "${REALDEVICE}" != "${DEVICE}" ]; then
LABEL="label ${DEVICE}"
fi
if [ "${REALDEVICE}" = "lo" ]; then
TIMEOUT=""
[ -x /usr/bin/timeout ] && TIMEOUT="/usr/bin/timeout --signal=SIGQUIT 4"
$TIMEOUT ip addr flush dev ${REALDEVICE} ${LABEL} scope global 2>/dev/null
$TIMEOUT ip addr flush dev ${REALDEVICE} ${LABEL} scope host 2>/dev/null
else
ip addr flush dev ${REALDEVICE} ${LABEL} scope global 2>/dev/null
ip -4 addr flush dev ${REALDEVICE} ${LABEL} scope host 2>/dev/null
fi
if [ "${SLAVE}" = "yes" -a -n "${MASTER}" ]; then
echo "-${DEVICE}" > /sys/class/net/${MASTER}/bonding/slaves 2>/dev/null
fi
if [ "${REALDEVICE}" = "${DEVICE}" ]; then
ip link set dev ${DEVICE} down 2>/dev/null
fi
fi
[ "$retcode" = "0" ] && retcode=$?
if [ -n "${BRIDGE}" ]; then
ip link set dev ${DEVICE} nomaster down
# Upon removing a device from a bridge,
# it's necessary to make radvd reload its config
[ -r /run/radvd/radvd.pid ] && kill -HUP $(cat /run/radvd/radvd.pid)
if [ -d /sys/class/net/${BRIDGE}/brif ] && [ $(ls -1 /sys/class/net/${BRIDGE}/brif | wc -l) -eq 0 ]; then
ip link del ${BRIDGE}
fi
fi
if [ "${TYPE}" = "Tap" ]; then
TUNMODE="mode tap"
[[ ${DEVICE} == tun* ]] && TUNMODE="mode tun"
ip tuntap del ${TUNMODE} dev ${DEVICE} >/dev/null
fi
if [ -n "${TEAM_CONFIG}" ] && [ ! "${DEVICETYPE}" = "Team" ] && [ -x ./ifdown-Team ]; then
./ifdown-Team ${CONFIG} $2
fi
# wait up to 5 seconds for device to actually come down...
waited=0
while ! check_device_down ${DEVICE} && [ "$waited" -lt 50 ] ; do
sleep 0.01
waited=$(($waited+1))
done
# don't leave an outdated key sitting around
if [ -n "${WIRELESS_ENC_KEY}" ] && [ -x /sbin/iwconfig ]; then
/sbin/iwconfig ${DEVICE} enc 0 >/dev/null 2>&1
fi
if [ "$retcode" = 0 ] ; then
/etc/sysconfig/network-scripts/ifdown-post $CONFIG
# do NOT use $? because ifdown should return whether or not
# the interface went down.
fi
if [ -n "$VLAN" ]; then
# 802.1q VLAN
if [ -f /proc/net/vlan/${DEVICE} ]; then
ip link delete ${DEVICE} type vlan
fi
fi
exit $retcode

34
sysconfig/network-scripts/ifdown-ippp
View File

@@ -1,34 +0,0 @@
#! /bin/sh
PATH=/sbin:/usr/sbin:/bin:/usr/bin
# Get global network configuration
[ -f /etc/sysconfig/network ] && . /etc/sysconfig/network
CONFIG=$1
. ./$CONFIG
# stopping ibod daemon for channel bundling
if [ -f /var/lock/subsys/ibod ] ; then
kill -9 $(pidof ibod) >/dev/null 2>&1
rm -f /var/lock/subsys/ibod
fi
# Shut down IPv6
/etc/sysconfig/network-scripts/ifdown-ipv6 $CONFIG
# shutdown isdn device
isdnctrl hangup $DEVICE >/dev/null 2>&1
sleep 1
ip link set dev $DEVICE down >/dev/null 2>&1
# delete isdn device
isdnctrl delif $DEVICE >/dev/null 2>&1
# kill ipppd daemon
if [ -f /run/ipppd.$DEVICE.pid ] ; then
pppdpid=$(cat /run/ipppd.$DEVICE.pid)
kill -9 $pppdpid > /dev/null 2>&1
rm -f /run/ipppd.$DEVICE.pid > /dev/null 2>&1
fi

139
sysconfig/network-scripts/ifdown-ipv6
View File

@@ -1,139 +0,0 @@
#!/bin/sh
#
# ifdown-ipv6
#
#
# Taken from:
# (P) & (C) 2000-2004 by Peter Bieringer <pb@bieringer.de>
#
# You will find more information on the initscripts-ipv6 homepage at
# http://www.deepspace6.net/projects/initscripts-ipv6.html
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
# Version 2005-09-22
#
# Note: if called as (like normally) by /etc/sysconfig/network-scripts/ifdown
# exit codes aren't handled by "ifdown"
#
# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1:
# DEVICE=<device>
# IPV6INIT=yes|no: controls IPv6 configuration for this interface
#
# Optional for 6to4 tunneling:
# IPV6TO4_RELAY=<IPv4 address>: IPv4 address of the remote 6to4 relay [default: 192.88.99.1]
# IPV6TO4_ROUTING="<device>-<suffix>/<prefix length> ...": information to setup internal interfaces
#
# Optional for 6to4 tunneling links to trigger radvd:
# IPV6_CONTROL_RADVD=yes|no: controls radvd triggering [optional]
# IPV6_RADVD_PIDFILE=<file>: PID file of radvd for sending signals, default is "/run/radvd/radvd.pid" [optional]
# IPV6_RADVD_TRIGGER_ACTION=startstop|reload|restart|SIGHUP: how to trigger radvd [optional, default is SIGHUP]
#
# Required version of radvd to use 6to4 prefix recalculation
# 0.6.2p3 or newer supporting option "Base6to4Interface"
# Required version of radvd to use dynamic ppp links
# 0.7.0 + fixes or newer
#
. /etc/sysconfig/network
cd /etc/sysconfig/network-scripts
. ./network-functions
CONFIG=$1
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
source_config
REALDEVICE=${DEVICE%%:*}
DEVICE=$REALDEVICE
[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1
. /etc/sysconfig/network-scripts/network-functions-ipv6
# IPv6 test, no module loaded, exit if system is not IPv6-ready
ipv6_test testonly || exit 0
# Test device status
ipv6_test_device_status $DEVICE
if [ $? != 0 -a $? != 11 ]; then
# device doesn't exist or other problem occurs
exit 1
fi
if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then
# Switch some sysctls to secure mode
/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=0 >/dev/null 2>&1
/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=0 >/dev/null 2>&1
/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_redirects=0 >/dev/null 2>&1
fi
/sbin/ip link set $DEVICE addrgenmode eui64 >/dev/null 2>&1
# Test status of tun6to4 device
ipv6_test_device_status tun6to4
if [ $? = 0 -o $? = 11 ]; then
# Device exists
valid6to4config="yes"
if [ -z "$IPV6TO4_RELAY" ]; then
IPV6TO4_RELAY="192.88.99.1"
fi
# Get IPv4 address from interface
if [ -n "$IPV6TO4_IPV4ADDR" ]; then
# Take special configured from config file (precedence 1)
ipv4addr="$IPV6TO4_IPV4ADDR"
# Get IPv4 address from interface first
ipv4addrlocal="$(ipv6_get_ipv4addr_of_device $DEVICE)"
if [ -z "$ipv4addrlocal" ]; then
# Take configured from config file
ipv4addrlocal="$IPADDR"
fi
else
# Get IPv4 address from interface first (has precedence 2)
ipv4addr="$(ipv6_get_ipv4addr_of_device $DEVICE)"
if [ -z "$ipv4addr" ]; then
# Take configured from config file (precedence 3)
ipv4addr="$IPADDR"
fi
ipv4addrlocal="$ipv4addr"
fi
# Get local IPv4 address of dedicated tunnel
ipv4addr6to4local="$(ipv6_get_ipv4addr_of_tunnel tun6to4 local)"
if [ -z "$ipv4addrlocal" -o -z "$ipv4addr6to4local" ]; then
# no IPv4 addresses given, 6to4 sure not configured
valid6to4config="no"
else
# Check against configured 6to4 tunnel to see if this interface was
# used before
if [ "$ipv4addrlocal" != "$ipv4addr6to4local" ]; then
# IPv4 address of interface does't match local tunnel address,
# interface was not used for current 6to4 setup
valid6to4config="no"
fi
fi
fi
# Shutdown of 6to4, if configured
if [ "$valid6to4config" = "yes" ]; then
if [ -n "$IPV6TO4_ROUTING" ]; then
# Delete routes to local networks
for devsuf in $IPV6TO4_ROUTING; do
dev="${devsuf%%-*}"
ipv6_cleanup_6to4_device $dev
done
fi
# Delete all configured 6to4 address
ipv6_cleanup_6to4_tunnels tun6to4
# Control running radvd
ipv6_trigger_radvd down "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE
fi
# Delete all current configured IPv6 addresses on this interface
ipv6_cleanup_device $DEVICE

1
sysconfig/network-scripts/ifdown-isdn
View File

@@ -1 +0,0 @@
ifdown-ippp

69
sysconfig/network-scripts/ifdown-post
View File

@@ -1,69 +0,0 @@
#!/bin/sh
# This should be called whenever an interface goes down, not just when
# it is brought down explicitly.
cd /etc/sysconfig/network-scripts
. ./network-functions
unset REALDEVICE
if [ "$1" = --realdevice ] ; then
REALDEVICE=$2
shift 2
fi
CONFIG=$1
source_config
[ -z "$REALDEVICE" ] && REALDEVICE=$DEVICE
/etc/sysconfig/network-scripts/ifdown-routes ${REALDEVICE} ${DEVNAME}
# Remove duplicate DNS entries and shift them,
# to have always correct condition below...
update_DNS_entries
if ! is_false "${PEERDNS}" || is_true "${RESOLV_MODS}" && \
[ "${DEVICETYPE}" = "ppp" -o "${DEVICETYPE}" = "ippp" -o -n "${DNS1}" \
-o "${BOOTPROTO}" = "bootp" -o "${BOOTPROTO}" = "dhcp" ] ; then
if [ -f /etc/resolv.conf.save ]; then
change_resolv_conf /etc/resolv.conf.save
rm -f /etc/resolv.conf.save
fi
if [ "${DEVICETYPE}" = "ppp" -o "${DEVICETYPE}" = "ippp" ]; then
if [ -f /etc/ppp/peers/$DEVICE ] ; then
rm -f /etc/ppp/peers/$DEVICE
fi
fi
fi
# Reset the default route if this interface had a special one
if ! check_default_route ; then
# ISDN device needs special handling dial on demand
if [ "${DEVICETYPE}" = "ippp" -o "${DEVICETYPE}" = "isdn" ] && \
[ "$DIALMODE" = "auto" ] ; then
if [ -z "$GATEWAY" ] ; then
/sbin/ip route add default ${METRIC:+metric} \
${WINDOW:+window $WINDOW} dev ${DEVICE}
else
/sbin/ip route add default ${METRIC:+metric} \
${WINDOW:+window $WINDOW} via ${GATEWAY}
fi
else
add_default_route ${DEVICE}
fi
fi
# Reset firewall zone (empty ZONE means default):
if [ "${REALDEVICE}" != "lo" ]; then
dbus-send --print-reply --system --dest=org.fedoraproject.FirewallD1 \
/org/fedoraproject/FirewallD1 \
org.fedoraproject.FirewallD1.zone.removeInterface \
string:"" string:"${DEVICE}" \
> /dev/null 2>&1
fi
if [ -x /sbin/ifdown-local ]; then
/sbin/ifdown-local ${DEVICE}
fi
exit 0

33
sysconfig/network-scripts/ifdown-routes
View File

@@ -1,33 +0,0 @@
#! /bin/bash
#
# Drops static routes which go through device $1
if [ -z "$1" ]; then
echo $"usage: ifdown-routes <net-device> [<nickname>]"
exit 1
fi
# The routes are actually dropped just by setting the link down, so nothing
# needs to be done
MATCH='^[[:space:]]*(\#.*)?$'
# Routing rules
FILES="/etc/sysconfig/network-scripts/rule-$1 /etc/sysconfig/network-scripts/rule6-$1"
if [ -n "$2" -a "$2" != "$1" ]; then
FILES="$FILES /etc/sysconfig/network-scripts/rule-$2 /etc/sysconfig/network-scripts/rule6-$2"
fi
for file in $FILES; do
if [ -f "$file" ]; then
proto=
if [ "$file" != "${file##*/rule6-}" ]; then
proto="-6"
fi
{ cat "$file" ; echo ; } | while read line; do
if [[ ! "$line" =~ $MATCH ]]; then
/sbin/ip $proto rule del $line
fi
done
fi
done

58
sysconfig/network-scripts/ifdown-sit
View File

@@ -1,58 +0,0 @@
#!/bin/bash
#
# ifdown-sit
#
#
# Taken from:
# (P) & (C) 2000-2003 by Peter Bieringer <pb@bieringer.de>
#
# You will find more information on the initscripts-ipv6 homepage at
# http://www.deepspace6.net/projects/initscripts-ipv6.html
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
# Version 2002-11-01
#
# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1:
# DEVICE=<device>
#
. /etc/sysconfig/network
cd /etc/sysconfig/network-scripts
. ./network-functions
CONFIG=$1
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
source_config
# IPv6 don't need aliases anymore, config is skipped
REALDEVICE=${DEVICE%%:*}
[ "$DEVICE" != "$REALDEVICE" ] && exit 0
[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1
. /etc/sysconfig/network-scripts/network-functions-ipv6
# Generic tunnel device sit0 is not supported here
if [ "$DEVICE" = "sit0" ]; then
net_log $"Device '$DEVICE' isn't supported here, use IPV6_AUTOTUNNEL setting and restart (IPv6) networking"
exit 1
fi
# IPv6 test, no module loaded, exit if system is not IPv6-ready
ipv6_test testonly || exit 0
# Test device status
ipv6_test_device_status $DEVICE
if [ $? != 0 -a $? != 11 ]; then
# device doesn't exist or other problem occurs
exit 0
fi
# Cleanup additional static routes
/etc/sysconfig/network-scripts/ifdown-routes ${REALDEVICE}
# Cleanup and shut down IPv6-in-IPv4 tunnel device
ipv6_del_tunnel_device $DEVICE

45
sysconfig/network-scripts/ifdown-tunnel
View File

@@ -1,45 +0,0 @@
#!/bin/bash
# Copyright (C) 1996-2006 Red Hat, Inc. all rights reserved.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License, version 2,
# as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
# Thanks to:
# - Razvan Corneliu C.R. Vilt <razvan.vilt@linux360.ro>
# - Aaron Hope <aaron.hope@unh.edu>
# - Sean Millichamp <sean@enertronllc.com>
# for providing the scripts this one is based on
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. ./network-functions
[ -f ../network ] && . ../network
CONFIG=$1
need_config "$CONFIG"
source_config
# Generic tunnel devices are not supported here
if [ "$DEVICE" = gre0 -o "$DEVICE" = tunl0 -o "$DEVICE" = ip6tnl0 ]; then
net_log $"Device '$DEVICE' isn't supported as a valid GRE device name."
exit 1
fi
check_device_down "$DEVICE" && exit 0
/sbin/ip link set dev "$DEVICE" down
/sbin/ip tunnel del "$DEVICE"
exec /etc/sysconfig/network-scripts/ifdown-post "$CONFIG"

170
sysconfig/network-scripts/ifup
View File

@@ -1,170 +0,0 @@
#!/bin/bash
# Network Interface Configuration System
# Copyright (c) 1996-2009 Red Hat, Inc. all rights reserved.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License, version 2,
# as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
unset WINDOW # defined by screen, conflicts with our usage
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. ./network-functions
[ -f ../network ] && . ../network
CONFIG=${1}
[ -z "${CONFIG}" ] && {
echo $"Usage: ifup <configuration>" >&2
exit 1
}
if ! [ -f /etc/sysconfig/disable-deprecation-warnings ] && ! is_true ${DEPRECATION_WARNING_ISSUED}; then
net_log $"You are using 'ifup' script provided by 'network-scripts', which are now deprecated." warning ifup >&2
net_log $"'network-scripts' will be removed in one of the next major releases of RHEL." warning ifup >&2
net_log $"It is advised to switch to 'NetworkManager' instead - it provides 'ifup/ifdown' scripts as well." warning ifup >&2
fi
need_config "${CONFIG}"
[ -f "${CONFIG}" ] || {
echo $"$0: configuration for ${1} not found." >&2
echo $"Usage: ifup <configuration>" >&2
exit 1
}
if [ ${UID} != 0 ]; then
if [ -x /usr/sbin/usernetctl ]; then
source_config
if /usr/sbin/usernetctl ${CONFIG} report ; then
exec /usr/sbin/usernetctl ${CONFIG} up
fi
fi
echo $"Users cannot control this device." >&2
exit 1
fi
source_config
if [ "foo$2" = "fooboot" ] && [ "${ONBOOT}" = "no" -o "${ONBOOT}" = "NO" ]
then
exit 0
fi
if [ -n "$IN_HOTPLUG" ] && [ "${HOTPLUG}" = "no" -o "${HOTPLUG}" = "NO" ]
then
exit 0
fi
if [ -n "$IN_HOTPLUG" -a "${TYPE}" = "Bridge" ];
then
exit 0
fi
if [ "$_use_nm" = "true" -a -n "$UUID" -a "$REALDEVICE" != "lo" ]; then
if [ "foo$2" = "fooboot" ] && [ "${TYPE}" = "Wireless" ]; then
exit 0
fi
[ -n "${DEVICE}" ] && is_nm_handling ${DEVICE} && exit 0
nmcli con up uuid "$UUID"
exit $?
fi
# Ethernet 802.1Q VLAN support
if [ "${VLAN}" = "yes" ] && [ "$ISALIAS" = "no" ] && [ -n "$DEVICE" ]; then
if [ -n "${VID}" ]; then
if test -z "$PHYSDEV"; then
net_log $"PHYSDEV should be set for device ${DEVICE}"
exit 1
fi
else
VID=""
MATCH='^.+\.[0-9]{1,4}$'
if [[ "${DEVICE}" =~ $MATCH ]]; then
VID=$(echo "${DEVICE}" | LC_ALL=C sed 's/^.*\.\([0-9]\+\)/\1/')
PHYSDEV=${DEVICE%.*}
fi
MATCH='^vlan[0-9]{1,4}?'
if [[ "${DEVICE}" =~ $MATCH ]]; then
VID=$(echo "${DEVICE}" | LC_ALL=C sed 's/^vlan0*//')
# PHYSDEV should be set in ifcfg-vlan* file
if test -z "$PHYSDEV"; then
net_log $"PHYSDEV should be set for device ${DEVICE}"
exit 1
fi
fi
fi
if [ -n "$VID" ]; then
if [ ! -d /proc/net/vlan ]; then
if ! modprobe 8021q >/dev/null 2>&1 ; then
net_log $"No 802.1Q VLAN support available in kernel for device ${DEVICE}"
exit 1
fi
fi
is_available_wait ${PHYSDEV} ${DEVTIMEOUT} || {
if [ "$?" = "1" ] ; then
net_log $"$alias device ${DEVICE} does not seem to be present, delaying initialization."
exit 1
else
exit 0
fi
}
# Link on Physical device needs to be up but no ip required
check_device_down ${PHYSDEV} && set_link_up ${PHYSDEV}
if [ ! -f /proc/net/vlan/${DEVICE} ]; then
if [ "${REORDER_HDR}" = "no" -o "${REORDER_HDR}" = "0" ]; then
FLAG_REORDER_HDR="reorder_hdr off"
fi
if [ "${GVRP}" = "yes" -o "${GVRP}" = "1" ]; then
FLAG_GVRP="gvrp on"
fi
ip link add dev ${DEVICE} link ${PHYSDEV} type vlan id ${VID} ${FLAG_REORDER_HDR} ${FLAG_GVRP} || {
(/usr/bin/logger -p daemon.info -t ifup \
$"ERROR: could not add vlan ${VID} as ${DEVICE} on dev ${PHYSDEV}" &) &
net_log $"ERROR: could not add vlan ${VID} as ${DEVICE} on dev ${PHYSDEV}"
exit 1
}
[ -n "${VLAN_EGRESS_PRIORITY_MAP}" ] && ip link set dev ${DEVICE} type vlan egress ${VLAN_EGRESS_PRIORITY_MAP}
fi
fi
/usr/lib/systemd/systemd-sysctl \
--prefix "/proc/sys/net/ipv4/conf/${DEVICE}" \
--prefix "/proc/sys/net/ipv6/conf/${DEVICE}"
fi
if [ "${BOOTPROTO}" = "bootp" -o "${BOOTPROTO}" = "dhcp" ]; then
DYNCONFIG=true
fi
if [ -x /sbin/ifup-pre-local ]; then
/sbin/ifup-pre-local ${CONFIG} $2
fi
OTHERSCRIPT="/etc/sysconfig/network-scripts/ifup-${DEVICETYPE}"
if [ ! -x ${OTHERSCRIPT} ]; then
OTHERSCRIPT="/etc/sysconfig/network-scripts/ifup-${TYPE}"
fi
if [ ! -x ${OTHERSCRIPT} ]; then
OTHERSCRIPT="/etc/sysconfig/network-scripts/ifup-eth"
fi
exec ${OTHERSCRIPT} ${CONFIG} $2

371
sysconfig/network-scripts/ifup-aliases
View File

@@ -1,371 +0,0 @@
#!/bin/bash
#
# configures aliases of device $1
#
# This script goes out of its way to arrive at the configuration of ip
# aliases described in the ifcfg-$DEV:* and ifcfg-$DEV-range* files from
# whatever existing configuration it may be given: existing aliases not
# specified in the configuration will be removed, netmasks and broadcast
# addrs will be updated on existing aliases, and new aliases will be setup.
#
# range specification files:
#
# One can specify ranges of alised ipaddress using ifcfg-$DEV-range* files.
# Specify multiple ranges using multiple files, such as ifcfg-eth0-range0 and
# ifcfg-eth0-range1, etc. In these files, the following configuration variables
# specify the range:
#
# IPADDR_START -- ipaddr to start range at. eg "192.168.30.1"
# IPADDR_END -- ipaddr to end range at. eg "192.168.30.254"
# CLONENUM_START -- interface clone number to start using for this range. eg "0"
#
# The above example values create the interfaces eth0:0 through eth0:253 using
# ipaddrs 192.168.30.1 through 192.168.30.254, inclusive.
#
# Other configuration variables such as NETMASK and BROADCAST may be specified
# in the range file and will apply to all of the ipaddresses in the range. Range
# files also inherit configuration from the ifcfg-$DEV file just like normal.
#
# Note that IPADDR_START and IPADR_END are required to be in the same class-c
# block. I.e. IPADDR_START=192.168.30.1 and IPADDR_END=192.168.31.255 is
# not valid.
#
# speed with large sets of interfaces:
#
# Considerable effort was spent making this script fast. It can efficiently
# handle a thousand ip aliases on one interface.
#
# With large sets of ipaddresses the NO_ALIASROUTING=yes configuration is
# highly recommended. (This can be specified in ifcfg-$DEV and inherited.) This
# prevents this script from setting up routing details for the virtual
# interfaces, which I don't think is needed, because outgoing traffic can use the
# main interface. However, make your own conclusions on what you need.
#
# My test setup of four class C address blocks on a P166 took 25 seconds of
# which 16 seconds of this was spent in the ifcconfig calls. Without the
# NO_ALIASROUTING=yes config an additional 12 seconds is spent in route calls.
#
# notes on internals:
#
# This script uses the bash "eval" command to lookup shell variables with names
# which are generated from other shell variables. This allows us to, in effect,
# create hashes using the shell variable namesspace by just including the hash
# key in the name of the variable.
#
# This script originally written by: David Harris <dharris@drh.net>
# Principal Engineer, DRH Internet
# June 30, 1999
#
# modified by: Bill Nottingham <notting@redhat.com>
TEXTDOMAIN=initscripts
TEXTDOMAINDIR=/etc/locale
device=$1
if [ "$device" = "" ]; then
echo $"usage: ifup-aliases <net-device> [<parent-config>]\n"
exit 1
fi
PARENTCONFIG=${2:-ifcfg-$device}
parent_device=$device
cd /etc/sysconfig/network-scripts
. ./network-functions
# Grab the current configuration of any running aliases, place device info
# into variables of the form:
# rdev_<index>_addr = <ip address>
# rdev_<index>_pb = <prefix>_<broadcast>
# rdevip_<ipaddress> = <index>
# Example:
# rdev_0_addr=192.168.1.1
# rdev_0_pb=24_192.16.1.255
# rdevip_192_168_1_1=0
#
# A list of all the devices is created in rdev_LIST.
eval $( ip addr show $device label $device:* | \
awk 'BEGIN { COUNT=0;LAST_DEV="" } /inet / {
# Split IP address into address/prefix
split($2,IPADDR,"/");
# Create A_B_C_D IP address form
IP_ADDR=IPADDR[1];
gsub(/\./,"_",IP_ADDR);
# Split device into device:index
split($NF,DEV,":");
# Update last device
LAST_DEV=LAST_DEV " " DEV[2];
printf("rdev_%s_addr=%s\nrdevip_%s=%s\nrdev_%s_pb=%s_%s\nrdev_LIST=\"%s\"\n",
DEV[2],IPADDR[1],IP_ADDR,DEV[2],DEV[2],IPADDR[2],$4,LAST_DEV);
} END {
if(LAST_DEV == "") print "no_devices_are_up=yes"
}' );
#
# Store configuration of the parent device and network
#
# read from the /etc/sysconfig/network
eval ` (
. /etc/sysconfig/network;
echo network_GATEWAY=$GATEWAY\;;
echo network_GATEWAYDEV=$GATEWAYDEV\;;
) `
# read defaults from the parent config file
[ -f $PARENTCONFIG ] || {
net_log $"Missing config file $PARENTCONFIG."
exit 1
}
eval ` (
. ./$PARENTCONFIG;
echo default_PREFIX=$PREFIX\;;
echo default_NETMASK=$NETMASK\;;
echo default_BROADCAST=$BROADCAST\;;
echo default_GATEWAY=$GATEWAY\;;
echo default_NO_ALIASROUTING=$NO_ALIASROUTING\;;
echo default_ARPCHECK=$ARPCHECK\;;
echo default_ARPUPDATE=$ARPUPDATE\;;
) `
[ -z "$default_GATEWAY" ] && default_GATEWAY=$network_GATEWAY
function ini_env ()
{
DEVICE=""
IPADDR=""
IPV6ADDR=""
PREFIX=$default_PREFIX
NETMASK=$default_NETMASK
BROADCAST=$default_BROADCAST
GATEWAY=$default_GATEWAY
NO_ALIASROUTING=$default_NO_ALIASROUTING
ONPARENT=""
ARPCHECK=$default_ARPCHECK
ARPUPDATE=$default_ARPUPDATE
}
function is_default_gateway ()
{
LC_ALL=C /sbin/ip route ls default scope global \
| awk '$3 == "'"$1"'" { found = 1; } END { exit found == 0; }'
}
#
# Read the alias configuration files and enable each aliased
# device using new_interface()
#
function new_interface ()
{
ipa=$IPADDR; ipb=${ipa#*.}; ipc=${ipb#*.};
IPGLOP="${ipa%%.*}_${ipb%%.*}_${ipc%%.*}_${ipc#*.}";
DEVNUM=${DEVICE#*:}
MATCH='^[0-9A-Za-z_]*$'
if (LC_ALL=C; [[ ! "$DEVNUM" =~ $MATCH ]]); then
net_log $"error in $FILE: invalid alias number"
return 1
fi
eval "
ipseen=\$ipseen_${IPGLOP}; devseen=\$devseen_${DEVNUM};
ipseen_${IPGLOP}=$FILE; devseen_${DEVNUM}=$FILE;
";
if [ -n "$ipseen" ]; then
net_log $"error in $FILE: already seen ipaddr $IPADDR in $ipseen"
return 1
fi
if [ -n "$devseen" ]; then
net_log $"error in $FILE: already seen device $parent_device:$DEVNUM in $devseen"
return 1
fi
if [ -z "$DEVICE" -o -z "$IPADDR" ]; then
if [ -n "$IPV6ADDR" -a -n "$DEVICE" ] && ! is_false "$IPV6INIT"; then
/etc/sysconfig/network-scripts/ifup-ipv6 ${DEVICE}
return $?
fi
net_log $"error in $FILE: didn't specify device or ipaddr"
return 1
fi
if [ -z "$NETMASK" -a -z "$PREFIX" ]; then
net_log $"error iN $FILE: didn't specify netmask or prefix"
fi
if [ -z "$PREFIX" ]; then
eval $(/bin/ipcalc --prefix ${IPADDR} ${NETMASK})
fi
if [ -z "$BROADCAST" -o "$BROADCAST" = "$default_BROADCAST" ]; then
eval $(/bin/ipcalc --broadcast ${IPADDR}/${PREFIX})
fi
if [ "$no_devices_are_up" = "yes" ]; then
setup_this=yes
else
setup_this=""
eval "
rdev_addr=\$rdev_${DEVNUM}_addr;
rdev_pb=\$rdev_${DEVNUM}_pb;
rdev_mark=\$rdev_${DEVNUM}_mark;
rdevip=\$rdevip_${IPGLOP};
";
if [ -n "$rdev_addr" ]; then
if [ "$rdev_addr" = "${IPADDR}" ]; then
newmark=keep
if [ "$rdev_pb" != "${PREFIX}_${BROADCAST}" ]; then
setup_this=freshen
else
setup_this=no
fi
else
if [ "$rdev_mark" != "remove" ]; then
/sbin/ip addr flush dev $parent_device label $parent_device:${DEVNUM}
fi
newmark=remove
setup_this=yes
fi
if [ -n "$rdev_mark" -a "$rdev_mark" != "$newmark" ]; then
net_log $"error in ifcfg-${parent_device}: files"
return 1
fi
eval " rdev_${DEVNUM}_mark=\$newmark ";
else
setup_this=yes
fi
if [ -n "$rdevip" -a "$rdevip" != "${DEVNUM}" ]; then
eval " mark_remove=\$rdev_${rdevip}_mark ";
if [ -n "$mark_remove" -a "$mark_remove" != "remove" ]; then
net_log $"error in ifcfg-${parent_device}: files"
return 1
fi
if [ "$mark_remove" != "remove" ]; then
eval " rdev_${rdevip}_mark=remove ";
/sbin/ip addr flush dev $parent_device label $parent_device:$rdevip
fi
fi
fi
if [ "$setup_this" = "freshen" ] ; then
# we can do the freshen stuff right now
/sbin/ip addr change ${IPADDR}/${PREFIX} brd ${BROADCAST}
fi
if [ "$setup_this" = "yes" ] ; then
if [ "${parent_device}" != "lo" ] && [ "${ARPCHECK}" != "no" ] && \
is_available ${parent_device} && \
( grep -qswi "up" /sys/class/net/${parent_device}/operstate || grep -qswi "1" /sys/class/net/${parent_device}/carrier ) ; then
echo $"Determining if ip address ${IPADDR} is already in use for device ${parent_device}..."
ARPING=$(/sbin/arping -c 2 -w ${ARPING_WAIT:-3} -D -I ${parent_device} ${IPADDR})
if [ $? = 1 ]; then
ARPINGMAC=$(echo $ARPING | sed -ne 's/.*\[\(.*\)\].*/\1/p')
net_log $"Error, some other host ($ARPINGMAC) already uses address ${IPADDR}."
return 1
fi
fi
/sbin/ip addr add ${IPADDR}/${PREFIX} brd ${BROADCAST} \
dev ${parent_device} label ${DEVICE}
# update ARP cache of neighboring computers:
if ! is_false "${ARPUPDATE}" && [ "${REALDEVICE}" != "lo" ]; then
/sbin/arping -q -A -c 1 -w ${ARPING_UPDATE_WAIT:-3} -I ${parent_device} ${IPADDR}
( sleep 2;
/sbin/arping -q -U -c 1 -w ${ARPING_UPDATE_WAIT:-3} -I ${parent_device} ${IPADDR} ) > /dev/null 2>&1 < /dev/null &
fi
! is_false "$IPV6INIT" && \
/etc/sysconfig/network-scripts/ifup-ipv6 ${DEVICE}
if [ "$NO_ALIASROUTING" != yes ]; then
GATEWAYDEV=$network_GATEWAYDEV;
if [ -n "${GATEWAY}" -a \
\( -z "${GATEWAYDEV}" -o "${GATEWAYDEV}" = "${DEVICE}" \) ]; then
# set up default gateway, if it isn't already there
if ! is_default_gateway "$GATEWAY"; then
ip route replace default ${METRIC:+metric $METRIC} via ${GATEWAY} dev ${DEVICE}
fi
fi
/etc/sysconfig/network-scripts/ifup-routes ${DEVICE} ${NAME}
ifuplocal_queue="$ifuplocal_queue $DEVICE"
fi
fi
}
if [ "$BASH_VERSINFO" ]; then
shopt -s nullglob
else
allow_null_glob_expansion=foo
fi
for FILE in ifcfg-${parent_device}:* ; do
is_ignored_file "$FILE" && continue
ini_env
. ./$FILE
[ -z "$DEVICE" ] && DEVICE=${FILE##ifcfg-}
[ "$ONPARENT" != "no" -a "$ONPARENT" != "NO" ] && new_interface
unset DEVICE
done
for FILE in ifcfg-${parent_device}-range* ; do
is_ignored_file "$FILE" && continue
ini_env
. ./$FILE
ipaddr_prefix=${IPADDR_START%.*}
ipaddr_startnum=${IPADDR_START##*.}
ipaddr_endnum=${IPADDR_END##*.}
if [ "${IPADDR_START%.*}" != "${IPADDR_END%.*}" ]; then
net_log $"error in $FILE: IPADDR_START and IPADDR_END don't agree"
continue
fi
if [ $ipaddr_startnum -gt $ipaddr_endnum ]; then
net_log $"error in $FILE: IPADDR_START greater than IPADDR_END"
continue
fi
ipaddr_num=$ipaddr_startnum
ipaddr_clonenum=$CLONENUM_START
while [ $ipaddr_num -le $ipaddr_endnum ]; do
IPADDR="$ipaddr_prefix.$ipaddr_num"
DEVICE="$parent_device:$ipaddr_clonenum"
IPV6INIT="no"
[ "$ONPARENT" != "no" -a "$ONPARENT" != "NO" ] && new_interface
ipaddr_num=$(($ipaddr_num+1))
ipaddr_clonenum=$(($ipaddr_clonenum+1))
done
done
#
# Remove any devices that should not be around
#
for DEVNUM in $rdev_LIST ; do
eval " rdev_mark=\$rdev_${DEVNUM}_mark "
if [ -z "$rdev_mark" ]; then
/sbin/ip addr flush dev $parent_device label $parent_device:${DEVNUM}
fi
done
if [ -x /sbin/ifup-local ]; then
for DEVICE in $ifuplocal_queue ; do
/sbin/ifup-local ${DEVICE}
done
fi

55
sysconfig/network-scripts/ifup-bnep
View File

@@ -1,55 +0,0 @@
#! /bin/bash
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. ./network-functions
[ -f ../network ] && . ../network
CONFIG=${1}
source_config
# On hotplug events, just bring the virtual device up as if it's normal Ethernet
if [ -n "$IN_HOTPLUG" ]; then
exec sh -x /etc/sysconfig/network-scripts/ifup-eth ${CONFIG} $2
fi
start_panu()
{
PANDARGS="--persist --pidfile=/run/pand-${DEVICE}.pid --ethernet=${DEVICE} --autozap"
[ "${CACHE}" != "no" -a "${CACHE}" != "NO" ] && PANDARGS="${PANDARGS} --cache"
if [ "${REMOTEBDADDR}" = "" ]; then
PANDARGS="${PANDARGS} --search"
else
PANDARGS="${PANDARGS} --connect ${REMOTEBDADDR}"
fi
/usr/bin/pand ${PANDARGS}
}
start_nap()
{
:
}
start_gn()
{
:
}
case "$ROLE" in
PANU)
start_panu
;;
NAP)
start_nap
;;
GN)
start_gn
;;
*)
echo Unknown BNEP mode :$ROLE
;;
esac

383
sysconfig/network-scripts/ifup-eth
View File

@@ -1,383 +0,0 @@
#!/bin/bash
# Network Interface Configuration System
# Copyright (c) 1996-2014 Red Hat, Inc. all rights reserved.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License, version 2,
# as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. ./network-functions
[ -f ../network ] && . ../network
CONFIG=${1}
need_config "${CONFIG}"
source_config
if [ "${BOOTPROTO}" = "bootp" -o "${BOOTPROTO}" = "dhcp" ]; then
DYNCONFIG=true
fi
# load the module associated with that device
# /sbin/modprobe ${REALDEVICE}
is_available ${REALDEVICE}
# bail out, if the MAC does not fit
if [ -n "${HWADDR}" ]; then
FOUNDMACADDR=$(get_hwaddr ${REALDEVICE})
if [ "${FOUNDMACADDR}" != "${HWADDR}" -a "${FOUNDMACADDR}" != "${MACADDR}" ]; then
net_log $"Device ${DEVICE} has different MAC address than expected, ignoring."
exit 1
fi
fi
# If the device is a bridge, create it
if [ "${TYPE}" = "Bridge" ]; then
bridge_opts=""
[ -n "${DELAY}" ] && bridge_opts+="forward_delay ${DELAY} "
if is_true "${STP}"; then
bridge_opts+="stp_state 1 "
elif is_false "${STP}"; then
bridge_opts+="stp_state 0 "
fi
[ -n "${PRIO}" ] && bridge_opts+="priority ${PRIO} "
[ -n "${AGEING}" ] && bridge_opts+="ageing_time ${AGEING} "
if [ ! -d /sys/class/net/${DEVICE}/bridge ]; then
ip link add ${DEVICE} type bridge $bridge_opts || exit 1
elif [ -n "${bridge_opts}" ]; then
ip link set dev ${DEVICE} type bridge $bridge_opts || exit 1
fi
unset bridge_opts
# add the bits to setup driver parameters here
for arg in $BRIDGING_OPTS ; do
key=${arg%%=*};
value=${arg##*=};
if [ "${key}" != "multicast_router" -a "${key}" != "hash_max" -a "${key}" != "multicast_snooping" ]; then
echo $value > /sys/class/net/${DEVICE}/bridge/$key
fi
done
# set LINKDELAY (used as timeout when calling check_link_down())
# to at least (${DELAY} * 2) + 7 if STP is enabled. This is the
# minimum time required for /sys/class/net/$REALDEVICE/carrier to
# become 1 after "set_link_up $DEVICE" is called.
if is_true "${STP}"; then
if [ -n "${DELAY}" ]; then
forward_delay="${DELAY}"
else
# If the ${DELAY} value is not set by the user, then we need to obtain
# the forward_delay value from kernel first, and convert it to seconds.
# Otherwise STP might not correctly complete the startup before trying
# to obtain an IP address from DHCP.
forward_delay="$(cat /sys/devices/virtual/net/${DEVICE}/bridge/forward_delay)"
forward_delay="$(convert2sec ${forward_delay} centi)"
fi
forward_delay=$(bc -q <<< "${forward_delay} * 2 + 7")
# It's possible we are comparing floating point numbers here, therefore
# we are using 'bc' for comparison. The [ ] and [[ ]] do not work.
(( $(bc -l <<< "${LINKDELAY:-0} < ${forward_delay}") )) && LINKDELAY=${forward_delay}
unset forward_delay
fi
fi
# Create tap device.
if [ "${TYPE}" = "Tap" ]; then
[ -n "${OWNER}" ] && OWNER="user ${OWNER}"
TUNMODE="mode tap"
[[ ${DEVICE} == tun* ]] && TUNMODE="mode tun"
ip tuntap add ${TUNMODE} ${OWNER} dev ${DEVICE} > /dev/null
fi
# Team master initialization.
if [ -n "${TEAM_CONFIG}" ] && [ ! "${DEVICETYPE}" = "Team" ] && [ -x ./ifup-Team ]; then
./ifup-Team ${CONFIG} $2
fi
if [ -z "${REALDEVICE}" ]; then
net_log $"Device name does not seem to be present."
exit 1
fi
# now check the real state
is_available_wait ${REALDEVICE} ${DEVTIMEOUT} || {
if [ -n "$alias" ]; then
net_log $"$alias device ${DEVICE} does not seem to be present, delaying initialization."
else
net_log $"Device ${DEVICE} does not seem to be present, delaying initialization."
fi
exit 1
}
# this isn't the same as the MAC in the configuration filename. It is
# available as a configuration option in the config file, forcing the kernel
# to think an ethernet card has a different MAC address than it really has.
if [ -n "${MACADDR}" ]; then
ip link set dev ${DEVICE} address ${MACADDR}
fi
if [ -n "${MTU}" ]; then
ip link set dev ${DEVICE} mtu ${MTU}
fi
# is the device wireless? If so, configure wireless device specifics
is_wireless_device ${DEVICE} && . ./ifup-wireless
# Team slave device?
if [ -n "${TEAM_MASTER}" ] && [ ! "${DEVICETYPE}" = "TeamPort" ] && [ -x ./ifup-TeamPort ]; then
./ifup-TeamPort ${CONFIG} $2
ethtool_set
exit 0
fi
# slave device?
if [ "${SLAVE}" = yes -a "${ISALIAS}" = no -a "${MASTER}" != "" ]; then
install_bonding_driver ${MASTER}
grep -wq "${DEVICE}" /sys/class/net/${MASTER}/bonding/slaves 2>/dev/null || {
/sbin/ip link set dev ${DEVICE} down
echo "+${DEVICE}" > /sys/class/net/${MASTER}/bonding/slaves 2>/dev/null
}
ethtool_set
exit 0
fi
# Bonding initialization. For DHCP, we need to enslave the devices early,
# so it can actually get an IP.
if [ "$ISALIAS" = no ] && is_bonding_device ${DEVICE} ; then
install_bonding_driver ${DEVICE}
set_link_up ${DEVICE}
for device in $(LANG=C grep -l "^[[:space:]]*MASTER=['\"]\?${DEVICE}['\"]\?\([[:space:]#]\|$\)" /etc/sysconfig/network-scripts/ifcfg-*) ; do
is_ignored_file "$device" && continue
/sbin/ifup ${device##*/} || net_log "Unable to start slave device ${device##*/} for master ${DEVICE}." warning
done
[ -n "${LINKDELAY}" ] && /bin/sleep ${LINKDELAY}
# add the bits to setup the needed post enslavement parameters
for arg in $BONDING_OPTS ; do
key=${arg%%=*};
value=${arg##*=};
if [ "${key}" = "primary" ]; then
echo $value > /sys/class/net/${DEVICE}/bonding/$key
fi
done
fi
# If the device is part of a bridge, add the device to the bridge
if [ -n "${BRIDGE}" ]; then
if [ ! -d /sys/class/net/${BRIDGE}/bridge ]; then
ip link add ${BRIDGE} type bridge 2>/dev/null
fi
/sbin/ip addr flush dev ${DEVICE} 2>/dev/null
set_link_up ${DEVICE}
ethtool_set
[ -n "${LINKDELAY}" ] && /bin/sleep ${LINKDELAY}
ip link set dev ${DEVICE} master ${BRIDGE}
# add the bits to setup driver parameters here
for arg in $BRIDGING_OPTS ; do
key=${arg%%=*};
value=${arg##*=};
echo $value > /sys/class/net/${DEVICE}/brport/$key
done
# Upon adding a device to a bridge,
# it's necessary to make radvd reload its config
[ -r /run/radvd/radvd.pid ] && kill -HUP $(cat /run/radvd/radvd.pid)
exit 0
fi
if [ -n "${DYNCONFIG}" ] && [ -x /sbin/dhclient ]; then
if is_true "${PERSISTENT_DHCLIENT}"; then
ONESHOT="";
else
ONESHOT="-1";
fi;
generate_config_file_name
generate_lease_file_name
# Initialize the dhclient args and obtain the hostname options if needed:
DHCLIENTARGS="${DHCLIENTARGS} ${ONESHOT} -q ${DHCLIENTCONF} -lf ${LEASEFILE} -pf /run/dhclient-${DEVICE}.pid"
set_hostname_options DHCLIENTARGS
echo
echo -n $"Determining IP information for ${DEVICE}..."
if ! is_true "${PERSISTENT_DHCLIENT}" && check_link_down ${DEVICE}; then
echo $" failed; no link present. Check cable?"
exit 1
fi
ethtool_set
if /sbin/dhclient ${DHCLIENTARGS} ${DEVICE} ; then
echo $" done."
dhcpipv4="good"
else
echo $" failed."
if is_true "${IPV4_FAILURE_FATAL}"; then
exit 1
fi
if is_false "$IPV6INIT" || ! is_true "$DHCPV6C"; then
exit 1
fi
net_log "Unable to obtain IPv4 DHCP address ${DEVICE}." warning
fi
# end dynamic device configuration
else
if [ -z "${IPADDR}" -a -z "${IPADDR0}" -a -z "${IPADDR1}" -a -z "${IPADDR2}" ]; then
# enable device without IP, useful for e.g. PPPoE
set_link_up ${REALDEVICE}
ethtool_set
[ -n "${LINKDELAY}" ] && /bin/sleep ${LINKDELAY}
else
expand_config
[ -n "${ARP}" ] && \
ip link set dev ${REALDEVICE} $(toggle_value arp $ARP)
if ! set_link_up ${REALDEVICE} ; then
net_log $"Failed to bring up ${DEVICE}."
exit 1
fi
ethtool_set
[ -n "${LINKDELAY}" ] && /bin/sleep ${LINKDELAY}
if [ "${DEVICE}" = "lo" ]; then
SCOPE="scope host"
else
SCOPE=${SCOPE:-}
fi
if [ -n "$SRCADDR" ]; then
SRC="src $SRCADDR"
else
SRC=
fi
# set IP address(es)
for idx in {0..256} ; do
if [ -z "${ipaddr[$idx]}" ]; then
break
fi
if ! LC_ALL=C ip addr ls ${REALDEVICE} | LC_ALL=C grep -q "${ipaddr[$idx]}/${prefix[$idx]}" ; then
if [ "${REALDEVICE}" != "lo" ] && [ "${arpcheck[$idx]}" != "no" ] ; then
ARPING=$(/sbin/arping -c 2 -w ${ARPING_WAIT:-3} -D -I ${REALDEVICE} ${ipaddr[$idx]})
if [ $? = 1 ]; then
ARPINGMAC=$(echo $ARPING | sed -ne 's/.*\[\(.*\)\].*/\1/p')
net_log $"Error, some other host ($ARPINGMAC) already uses address ${ipaddr[$idx]}."
exit 1
fi
fi
if ! ip addr add ${ipaddr[$idx]}/${prefix[$idx]} \
brd ${broadcast[$idx]:-+} dev ${REALDEVICE} ${SCOPE} label ${DEVICE}; then
net_log $"Error adding address ${ipaddr[$idx]} for ${DEVICE}."
fi
fi
if [ -n "$SRCADDR" ]; then
sysctl -w "net.ipv4.conf.${SYSCTLDEVICE}.arp_filter=1" >/dev/null 2>&1
fi
# update ARP cache of neighboring computers
if ! is_false "${arpupdate[$idx]}" && [ "${REALDEVICE}" != "lo" ]; then
/sbin/arping -q -A -c 1 -w ${ARPING_UPDATE_WAIT:-3} -I ${REALDEVICE} ${ipaddr[$idx]}
( sleep 2;
/sbin/arping -q -U -c 1 -w ${ARPING_UPDATE_WAIT:-3} -I ${REALDEVICE} ${ipaddr[$idx]} ) > /dev/null 2>&1 < /dev/null &
fi
# set lifetime of address to forever
ip addr change ${ipaddr[$idx]}/${prefix[$idx]} dev ${REALDEVICE} valid_lft forever preferred_lft forever
done
# Set a default route.
if [ "${DEFROUTE}" != "no" ] && [ -z "${GATEWAYDEV}" -o "${GATEWAYDEV}" = "${REALDEVICE}" ]; then
# set up default gateway. replace if one already exists
if [ -n "${GATEWAY}" ] && [ "$(ipcalc --network ${GATEWAY} ${netmask[0]} 2>/dev/null)" = "NETWORK=${NETWORK}" ]; then
ip route replace default ${METRIC:+metric $METRIC} \
${EXTRA_ROUTE_OPTS} \
via ${GATEWAY} ${WINDOW:+window $WINDOW} ${SRC} \
${GATEWAYDEV:+dev $GATEWAYDEV} ||
net_log $"Error adding default gateway ${GATEWAY} for ${DEVICE}."
elif [ "${GATEWAYDEV}" = "${DEVICE}" ]; then
ip route replace default ${METRIC:+metric $METRIC} \
${EXTRA_ROUTE_OPTS} \
${SRC} ${WINDOW:+window $WINDOW} dev ${REALDEVICE} ||
net_log $"Error adding default gateway for ${REALDEVICE}."
fi
fi
fi
fi
# Add Zeroconf route.
if [ -z "${NOZEROCONF}" -a "${ISALIAS}" = "no" -a "${REALDEVICE}" != "lo" ]; then
ip route add 169.254.0.0/16 dev ${REALDEVICE} metric $((1000 + $(cat /sys/class/net/${REALDEVICE}/ifindex))) scope link
fi
if [ "${TYPE}" = "Bridge" ]; then
for arg in $BRIDGING_OPTS ; do
key=${arg%%=*};
value=${arg##*=};
if [ "${key}" = "multicast_router" -o "${key}" = "hash_max" -o "${key}" = "multicast_snooping" ]; then
echo $value > /sys/class/net/${DEVICE}/bridge/$key
fi
done
fi
# IPv6 initialisation?
/etc/sysconfig/network-scripts/ifup-ipv6 ${CONFIG}
if is_true "${DHCPV6C}" && [ -x /sbin/dhclient ]; then
# Assign interface into a firewalld zone so we can
# obtain the IPv6 via DHCPv6 (empty ZONE means default):
if [ "${REALDEVICE}" != "lo" ]; then
dbus-send --print-reply --system --dest=org.fedoraproject.FirewallD1 \
/org/fedoraproject/FirewallD1 \
org.fedoraproject.FirewallD1.zone.changeZoneOfInterface \
string:"${ZONE}" string:"${DEVICE}" \
> /dev/null 2>&1
fi
generate_config_file_name 6
generate_lease_file_name 6
echo
echo -n $"Determining IPv6 information for ${DEVICE}..."
# Initialize the dhclient args for IPv6 and obtain the hostname options if needed:
DHCLIENTARGS="-6 -1 ${DHCPV6C_OPTIONS} ${DHCLIENTCONF} -lf ${LEASEFILE} -pf /run/dhclient6-${DEVICE}.pid ${DEVICE}"
set_hostname_options DHCLIENTARGS
if /sbin/dhclient $DHCLIENTARGS; then
echo $" done."
else
echo $" failed."
if [ "${dhcpipv4}" = "good" -o -n "${IPADDR}" ]; then
net_log "Unable to obtain IPv6 DHCP address ${DEVICE}." warning
else
exit 1
fi
fi
fi
exec /etc/sysconfig/network-scripts/ifup-post ${CONFIG} ${2}

384
sysconfig/network-scripts/ifup-ippp
View File

@@ -1,384 +0,0 @@
#! /bin/bash
#
# ifup-ippp
#
# This script is normally called from the ifup script when it detects an ippp device.
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. ./network-functions
# Get global network configuration
[ -f /etc/sysconfig/network ] && . /etc/sysconfig/network
GATEWAY=""
# set device
CONFIG=$1
[ -f "${CONFIG}" ] || CONFIG=ifcfg-${1}
source_config
if [ "${2}" = "boot" -a "${ONBOOT}" = "no" ]; then
exit
fi
if [ ! -f /var/lock/subsys/isdn ] && [ -x /etc/init.d/isdn ] ; then
/etc/init.d/isdn start
fi
# check that ipppd is available for syncppp
if [ "$ENCAP" = "syncppp" ]; then
if [ ! -x /sbin/ipppd ] && [ ! -x /usr/sbin/ipppd ] ; then
/usr/bin/logger -p daemon.info -t ifup-ippp "ipppd does not exist or is not executable"
exit 1
fi
fi
# check that isdnctrl is available
if [ ! -x /sbin/isdnctrl ] && [ ! -x /usr/sbin/isdnctrl ] ; then
/usr/bin/logger -p daemon.info -t ifup-ippp "isdnctrl does not exist or is not executable"
exit 1
fi
# check all ISDN devices
if ! isdnctrl list all >/dev/null 2>&1 ; then
/usr/bin/logger -p daemon.info -t ifup-ippp "cannot list ISDN devices"
exit 1
fi
# check if device already is configured
isdnctrl list $DEVICE >/dev/null 2>&1 && exit 0
function log_echo()
{
/usr/bin/logger -p daemon.info -t ifup-ippp $"$*"
}
function log_isdnctrl()
{
/usr/bin/logger -p daemon.info -t ifup-ippp isdnctrl $*
isdnctrl $* >/dev/null 2>&1 || exit 1
}
function create_option_file()
{
umask 066
echo "$1" > /etc/ppp/ioption-secret-$DEVICE
umask 022
}
function start_ibod()
{
# don't start ibod, if it's running
[ -f /var/lock/subsys/ibod ] && return
device=$1
if [ -f /etc/isdn/ibod.cf ] && [ -x /usr/sbin/ibod ] ; then
ibod $device &
pid=$(pidof ibod)
[ -n "$pid" ] && touch /var/lock/subsys/ibod
fi
}
function addprovider()
{
options=
if [ -z "$PHONE_OUT" ]; then
log_echo "Error: $1: no outgoing phone number set"
return 1
fi
# set the encapsulation mode
[ -z "$ENCAP" ] && ENCAP="syncppp"
# set the dial mode
[ -z "$DIALMODE" ] && DIALMODE="off"
[ "$AUTH" = "none" -o "$AUTH" = "noauth" -o -z "$AUTH" ] && AUTH="-pap -chap"
# set layer-2/3 protocol
[ -z "$L2_PROT" ] && L2_PROT="hdlc"
[ -z "$L3_PROT" ] && L3_PROT="trans"
# check local/remote IP
[ -z "$IPADDR" ] && IPADDR="0.0.0.0"
[ -z "$GATEWAY" ] && GATEWAY="0.0.0.0"
# set default route
[ "$DEFROUTE" = "yes" ] && options="$options defaultroute deldefaultroute"
# set authentication
_auth=$(echo "$AUTH" | sed 's/[a-z -]*//g')
if [ -n "$_auth" ]; then
if [ -z "$USER" -a "$DIALIN" != "on" ]; then
log_echo " Error: $1 (syncppp) user is not set"
return 1
fi
if [ "$DIALIN" != "on" ]; then
# we should hide the user name, so i add user name to option file.
if [ "$AUTH" = "-pap +chap" ]; then
create_option_file "name \"$USER\""
else
create_option_file "user \"$USER\""
fi
options="$options file /etc/ppp/ioption-secret-$DEVICE"
fi
# authentication options:
# +pap and/or +chap does not work correct by dialout - remove
# them if it's configured as dialout
[ "$DIALIN" = "on" ] || AUTH=$(echo "$AUTH" | sed 's/+[a-z]*//g')
fi
# add ISDN device
log_isdnctrl addif $DEVICE
# set local MSN
[ -z "$MSN" ] || log_isdnctrl eaz $DEVICE $MSN
# set dialout numbers
if echo $COUNTRYCODE | grep ":" >/dev/null 2>&1 ; then
COUNTRYCODE="$(echo $COUNTRYCODE | cut -f 2 -d ':')"
[ "$COUNTRYCODE" = "0" ] && COUNTRYCODE=
else
COUNTRYCODE=
fi
for i in $PHONE_OUT; do
log_isdnctrl addphone $DEVICE out $COUNTRYCODE$PREFIX$AREACODE$i
done
for i in $PHONE_IN; do
log_isdnctrl addphone $DEVICE in $i
done
# set layer-2/3 protocol
log_isdnctrl l2_prot $DEVICE $L2_PROT
log_isdnctrl l3_prot $DEVICE $L3_PROT
# set encapsulation
log_isdnctrl encap $DEVICE $ENCAP
# set dialmode
log_isdnctrl dialmode $DEVICE $DIALMODE
[ -n "$SECURE" ] && log_isdnctrl secure $DEVICE $SECURE
[ -n "$HUPTIMEOUT" ] && log_isdnctrl huptimeout $DEVICE $HUPTIMEOUT
[ -n "$CHARGEHUP" ] && log_isdnctrl chargehup $DEVICE $CHARGEHUP
[ -n "$CHARGEINT" ] && log_isdnctrl chargeint $DEVICE $CHARGEINT
[ -n "$IHUP" ] && log_isdnctrl ihup $DEVICE $IHUP
# set the number of dial atempts for each number
[ -n "$DIALMAX" ] && log_isdnctrl dialmax $DEVICE $DIALMAX
# set callback
if [ "$CALLBACK" = "out" -o "$CALLBACK" = "in" ] ; then
log_isdnctrl callback $DEVICE $CALLBACK
else
log_isdnctrl callback $DEVICE off
fi
[ -n "$CBDELAY" ] && log_isdnctrl cbdelay $DEVICE $CBDELAY
[ -n "$CBHUP" ] && log_isdnctrl cbhup $DEVICE $CBHUP
options="$options ipparam $DEVNAME"
[ "$ENCAP" = "syncppp" ] && log_isdnctrl pppbind $DEVICE
if [ "$IPADDR" = "0.0.0.0" ]; then
options="$options ipcp-accept-local"
else
if [ "$DIALIN" != "on" ]; then
options="$options noipdefault"
fi
fi
# Add device
options="$options /dev/$DEVICE"
# set channel bundling
if [ "$BUNDLING" = "yes" -o "$BUNDLING" = "on" ] && [ -n "$SLAVE_DEVICE" ]; then
[ -z "$SLAVE_MSN" ] && SLAVE_MSN="$MSN"
[ -z "$SLAVE_PHONE_OUT" ] && SLAVE_PHONE_OUT="$PHONE_OUT"
[ -z "$SLAVE_PHONE_IN" ] && SLAVE_PHONE_IN="$PHONE_IN"
[ -z "$SLAVE_HUPTIMEOUT" ] && SLAVE_HUPTIMEOUT="$HUPTIMEOUT"
[ -z "$SLAVE_CHARGEHUP" ] && SLAVE_CHARGEHUP="$CHARGEHUP"
[ -z "$SLAVE_CHARGEINT" ] && SLAVE_CHARGEINT="$CHARGEINT"
[ -z "$SLAVE_CBHUP" ] && SLAVE_CBHUP="$CBHUP"
[ -z "$SLAVE_IHUP" ] && SLAVE_IHUP="$IHUP"
[ -z "$SLAVE_DIALMAX" ] && SLAVE_DIALMAX="$DIALMAX"
[ -z "$SLAVE_CALLBACK" ] && SLAVE_CALLBACK="$CALLBACK"
[ -z "$SLAVE_CBDELAY" ] && SLAVE_CBDELAY="$CBDELAY"
if [ "$DIALIN" != "on" ] ; then
[ -z "$SLAVE_DIALMODE" ] && SLAVE_DIALMODE="auto"
else
# Master should not dial by default on incoming MPPP
[ -z "$SLAVE_DIALMODE" ] && SLAVE_DIALMODE="$DIALMODE"
fi
slave=$SLAVE_DEVICE
options="$options /dev/$slave +mp"
# Create slave and set options
log_isdnctrl addslave $DEVICE $slave
[ -z $SLAVE_MSN ] || log_isdnctrl eaz $slave $SLAVE_MSN
# set phone number
for i in $SLAVE_PHONE_OUT; do
log_isdnctrl addphone $slave out $COUNTRYCODE$PREFIX$AREACODE$i
done
for i in $SLAVE_PHONE_IN; do
log_isdnctrl addphone $slave in $i
done
# set layer-2/3 protocol
log_isdnctrl l2_prot $slave $L2_PROT
log_isdnctrl l3_prot $slave $L3_PROT
# set encapsulation
log_isdnctrl encap $slave $ENCAP
# set dial mode
log_isdnctrl dialmode $slave $SLAVE_DIALMODE
[ -n "$SECURE" ] && log_isdnctrl secure $slave $SECURE
[ -n "$SLAVE_HUPTIMEOUT" ] && log_isdnctrl huptimeout $slave $SLAVE_HUPTIMEOUT
[ -n "$SLAVE_CHARGEHUP" ] && log_isdnctrl chargehup $slave $SLAVE_CHARGEHUP
[ -n "$SLAVE_CHARGEINT" ] && log_isdnctrl chargeint $slave $SLAVE_CHARGEINT
[ -n "$SLAVE_IHUP" ] && log_isdnctrl ihup $slave $SLAVE_IHUP
[ -n "$SLAVE_DIALMAX" ] && log_isdnctrl dialmax $slave $SLAVE_DIALMAX
# set callback
[ -n "$SLAVE_CBHUP" ] && log_isdnctrl cbhup $slave $SLAVE_CBHUP
[ -n "$SLAVE_CALLBACK" ] || SLAVE_CALLBACK="off"
log_isdnctrl callback $slave $SLAVE_CALLBACK
[ -n "$SLAVE_CBDELAY" ] && log_isdnctrl cbdelay $DEVICE $SLAVE_CBDELAY
# options for master device
[ -n "$SLAVE_DELAY" ] && log_isdnctrl sdelay $DEVICE $SLAVE_DELAY
[ -n "$SLAVE_TRIGGER" ] && log_isdnctrl trigger $DEVICE $SLAVE_TRIGGER
fi
if [ "$GATEWAY" = "0.0.0.0" ]; then
if [ "$DIALIN" != "on" ]; then
options="$options ipcp-accept-remote"
fi
options="$IPADDR:$GATEWAY $options"
else
options="$options $IPADDR:$GATEWAY"
fi
# Van Jacobson style TCP/IP header compression and
# VJ connection-ID compression
[ "$VJ" = "off" ] && options="$options -vj"
[ "$VJCCOMP" = "off" ] && options="$options -vjccomp"
# Address/Control compression, protocol field compression,
[ "$AC" = "off" ] && options="$options -ac"
[ "$PC" = "off" ] && options="$options -pc"
# BSD-Compression scheme
if [ "$BSDCOMP" = "on" ] ; then
options="$options bsdcomp 9,9"
else
options="$options -bsdcomp"
fi
# Stac compression
if [ "$LZS" = "on" ] ; then
# supports LZS check mode 3 and 4
[ -n "$LZS_MODE" ] || LZS_MODE="4"
[ "$LZS_MODE" = "3" ] && options="$options lzs 1"
[ "$LZS_MODE" = "4" ] && options="$options lzs 1:4"
fi
# Set max receive and max transmit units
[ -n "$MRU" ] && options="$options mru $MRU"
[ -n "$MTU" ] && options="$options mtu $MTU"
# set CBCP protocoll
if [ "$CBCP" = "on" ] ; then
if [ -n "$CBCP_MSN" ] ; then
# User managed callback
options="$options callback $CBCP_MSN"
else
# admin managed callback, it's enabled by default
options="$options callback 6"
fi
else
# Disable CBCP
options="$options -callback-cbcp"
fi
# set CCP protocoll
[ "$CCP" = "off" ] && options="$options noccp"
# set host name
[ -n "$ISDN_HOSTNAME" ] && options="$options remotename $ISDN_HOSTNAME"
# Set authentication
for i in $AUTH ; do
options="$options $i"
done
# add ppp options
for i in $PPPOPTIONS ; do
options="$options $i"
done
# check dns entry
if [ -z "$DNS1" -a -z "$DNS2" ]; then
options="$options ms-get-dns"
else
[ -n "$DNS1" ] && options="$options ms-dns $DNS1"
[ -n "$DNS2" ] && options="$options ms-dns $DNS2"
fi
# set debug
[ "$DEBUG" = "yes" ] && options="-d $options"
# set netmask, if available
[ -n "$NETMASK" ] && {
val=$(ipcalc --prefix $IPADDR $NETMASK)
pfx=${val##PREFIX=}
}
# activate ISDN device
/usr/bin/logger -p daemon.info -t ifup-ippp "ip addr add $IPADDR peer $GATEWAY${pfx:/$pfx} dev $DEVICE"
ip addr add $IPADDR peer $GATEWAY${pfx:/$pfx} dev $DEVICE
set_link_up $DEVICE
if [ "$ENCAP" = "syncppp" ]; then
# start ipppd daemon
/usr/bin/logger -p daemon.info -t ifup-ippp "ipppd $options $netmask"
ipppd $options $netmask >/dev/null 2>&1
# start ibod daemon
if [ "$DIALIN" != "on" ]; then
[ "$BUNDLING" = "yes" -o "$BUNDLING" = "on" ] && [ -n "$SLAVE_DEVICE" ] && start_ibod $DEVICE
fi
fi
# set default gateway for dial on demand
if [ "$DIALMODE" = "auto" ] ; then
echo 1 > /proc/sys/net/ipv4/ip_dynaddr
if [ "$DEFROUTE" = "yes" ] ; then
if [ "$GATEWAY" = "0.0.0.0" ]; then
ip route replace default ${METRIC:+metric $METRIC} dev ${DEVICE} >/dev/null 2>&1
else
ip route replace default ${METRIC:+metric $METRIC} via ${GATEWAY} dev ${DEVICE} >/dev/null 2>&1
fi
fi
fi
# Setup IPv6
if ! is_false "$IPV6INIT" && ! [[ -z "$IPV6ADDR" ]]; then
# Native IPv6 use of device configured, check of encapsulation required
if [ "$ENCAP" = "syncppp" ]; then
echo $"Warning: ipppd (kernel 2.4.x and below) doesn't support IPv6 using encapsulation 'syncppp'"
elif [ "$ENCAP" = "rawip" ]; then
echo $"Warning: link doesn't support IPv6 using encapsulation 'rawip'"
fi
fi
/etc/sysconfig/network-scripts/ifup-ipv6 $CONFIG
}
addprovider || exit 1
exit 0

316
sysconfig/network-scripts/ifup-ipv6
View File

@@ -1,316 +0,0 @@
#!/bin/bash
#
# ifup-ipv6
#
#
# Taken from:
# (P) & (C) 2000-2006 by Peter Bieringer <pb@bieringer.de>
#
# You will find more information on the initscripts-ipv6 homepage at
# http://www.deepspace6.net/projects/initscripts-ipv6.html
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
# Version: 2006-07-20
#
# Note: if called (like normally) by /etc/sysconfig/network-scripts/ifup
# exit codes aren't handled by "ifup"
#
# Uses following information from "/etc/sysconfig/network":
# IPV6_DEFAULTDEV=<device>: controls default route (optional)
# IPV6_DEFAULTGW=<address>: controls default route (optional)
#
# Uses following information from "/etc/sysconfig/network-scripts/ifcfg-$1":
# IPV6INIT=yes|no: controls IPv6 configuration for this interface
# IPV6ADDR=<IPv6 address>[/<prefix length>]: specify primary static IPv6 address
# IPV6ADDR_SECONDARIES="<IPv6 address>[/<prefix length>] ..." (optional)
# IPV6_ROUTER=yes|no: controls IPv6 autoconfiguration (no: multi-homed interface without routing)
# IPV6_AUTOCONF=yes|no: controls IPv6 autoconfiguration
# defaults:
# IPV6FORWARDING=yes: IPV6_AUTOCONF=no, IPV6_ROUTER=yes
# IPV6FORWARDING=no: IPV6_AUTOCONF=yes
# IPV6_MTU=<MTU for IPv6>: controls IPv6 MTU for this link (optional)
# IPV6_PRIVACY="rfc3041": control IPv6 privacy (optional)
# This script only supports "rfc3041" (if kernel supports it)
#
# Optional for 6to4 tunneling (hardwired name of tunnel device is "tun6to4"):
# IPV6TO4INIT=yes|no: controls 6to4 tunneling setup
# IPV6TO4_RELAY=<IPv4 address>: IPv4 address of the remote 6to4 relay (default: 192.88.99.1)
# IPV6TO4_MTU=<MTU for IPv6>: controls IPv6 MTU for the 6to4 link (optional, default is MTU of interface - 20)
# IPV6TO4_IPV4ADDR=<IPv4 address>: overwrite local IPv4 address (optional)
# IPV6TO4_ROUTING="<device>-<suffix>/<prefix length> ...": information to setup additional interfaces
# Example: IPV6TO4_ROUTING="eth0-:f101::1/64 eth1-:f102::1/64"
#
# Optional for 6to4 tunneling to trigger radvd:
# IPV6_CONTROL_RADVD=yes|no: controls radvd triggering (optional)
# IPV6_RADVD_PIDFILE=<file>: PID file of radvd for sending signals, default is "/run/radvd/radvd.pid" (optional)
# IPV6_RADVD_TRIGGER_ACTION=startstop|reload|restart|SIGHUP: how to trigger radvd (optional, default is SIGHUP)
#
# Required version of radvd to use 6to4 prefix recalculation
# 0.6.2p3 or newer supporting option "Base6to4Interface"
# Required version of radvd to use dynamic ppp links
# 0.7.0 + fixes or newer
#
. /etc/sysconfig/network
cd /etc/sysconfig/network-scripts
. ./network-functions
CONFIG=$1
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
source_config
REALDEVICE=${DEVICE%%:*}
DEVICE=$REALDEVICE
# Test whether IPv6 configuration is disabled for this interface
is_false "$IPV6INIT" && exit 0
[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1
. /etc/sysconfig/network-scripts/network-functions-ipv6
# IPv6 test, module loaded, exit if system is not IPv6-ready
ipv6_test || exit 1
# Test device status
ipv6_test_device_status $DEVICE
if [ $? != 0 -a $? != 11 ]; then
# device doesn't exist or other problem occurs
exit 1
fi
# Setup IPv6 address on specified interface
if [ -n "$IPV6ADDR" ]; then
ipv6_add_addr_on_device $DEVICE $IPV6ADDR || exit 1
fi
# Get current global IPv6 forwarding
ipv6_global_forwarding_current="$(/sbin/sysctl -e -n net.ipv6.conf.all.forwarding)"
# Set some proc switches depending on defines
if [ "$IPV6FORWARDING" = "yes" ]; then
# Global forwarding should be enabled
# Check, if global IPv6 forwarding was already set by global script
if [ $ipv6_global_forwarding_current -ne 1 ]; then
net_log $"Global IPv6 forwarding is enabled in configuration, but not currently enabled in kernel"
net_log $"Please restart network with '/sbin/service network restart'"
fi
ipv6_local_forwarding=1
ipv6_local_auto=0
ipv6_local_accept_ra=0
if [ "$IPV6_ROUTER" = "no" ]; then
ipv6_local_forwarding=0
fi
if [ "$IPV6_AUTOCONF" = "yes" ]; then
ipv6_local_auto=1
ipv6_local_accept_ra=2
fi
else
# Global forwarding should be disabled
# Check, if global IPv6 forwarding was already set by global script
if [ $ipv6_global_forwarding_current -ne 0 ]; then
net_log $"Global IPv6 forwarding is disabled in configuration, but not currently disabled in kernel"
net_log $"Please restart network with '/sbin/service network restart'"
fi
ipv6_local_forwarding=0
ipv6_local_auto=1
ipv6_local_accept_ra=1
if [ "$IPV6_AUTOCONF" = "no" ]; then
ipv6_local_auto=0
if [ ! "$IPV6_FORCE_ACCEPT_RA" = "yes" ]; then
ipv6_local_accept_ra=0
fi
fi
fi
if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then
/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.forwarding=$ipv6_local_forwarding >/dev/null 2>&1
/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_ra=$ipv6_local_accept_ra >/dev/null 2>&1
/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.accept_redirects=$ipv6_local_auto >/dev/null 2>&1
/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.autoconf=$ipv6_local_auto >/dev/null 2>&1
fi
# Set IPv6 MTU, if given
if [ -n "$IPV6_MTU" ]; then
ipv6_set_mtu $DEVICE $IPV6_MTU
fi
# Setup additional IPv6 addresses from list, if given
if [ -n "$IPV6ADDR_SECONDARIES" ]; then
for ipv6addr in $IPV6ADDR_SECONDARIES; do
ipv6_add_addr_on_device $DEVICE $ipv6addr
done
fi
# Enable IPv6 RFC3041 privacy extensions if desired
if [ "$IPV6_PRIVACY" = "rfc3041" ]; then
if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then
/sbin/sysctl -e -w net.ipv6.conf.$SYSCTLDEVICE.use_tempaddr=2 >/dev/null 2>&1
if [ $? -ne 0 ]; then
net_log $"Cannot enable IPv6 privacy method '$IPV6_PRIVACY', not supported by kernel"
fi
fi
fi
# Setup default IPv6 route, check are done by function
if [ -n "$IPV6_DEFAULTDEV" -o -n "$IPV6_DEFAULTGW" ]; then
ipv6_set_default_route "$IPV6_DEFAULTGW" "$IPV6_DEFAULTDEV" "$DEVICE"
fi
# Setup additional static IPv6 routes on specified interface, if given
if [ -f /etc/sysconfig/static-routes-ipv6 ]; then
LC_ALL=C grep -w "^$DEVICE" /etc/sysconfig/static-routes-ipv6 | while read device args; do
ipv6_add_route $args $DEVICE
done
fi
# Setup of 6to4, if configured
if [ "$IPV6TO4INIT" = "yes" ]; then
valid6to4config="yes"
# Test device status of 6to4 tunnel
ipv6_test_device_status tun6to4
if [ $? = 0 ]; then
# device is already up
net_log $"Device 'tun6to4' (from '$DEVICE') is already up, shutdown first"
exit 1
fi
# Get IPv4 address for global 6to4 prefix calculation
if [ -n "$IPV6TO4_IPV4ADDR" ]; then
# Take special configured from config file (precedence 1)
ipv4addr="$IPV6TO4_IPV4ADDR"
# Get local IPv4 address from interface
ipv4addrlocal="$(ipv6_get_ipv4addr_of_device $DEVICE)"
if [ -z "$ipv4addrlocal" ]; then
# Take configured from config file
ipv4addrlocal="$IPADDR"
fi
else
# Get IPv4 address from interface first (has precedence 2)
ipv4addr="$(ipv6_get_ipv4addr_of_device $DEVICE)"
if [ -z "$ipv4addr" ]; then
# Take configured from config file (precedence 3)
ipv4addr="$IPADDR"
fi
ipv4addrlocal="$ipv4addr"
fi
if [ -n "$ipv4addr" ]; then
if ! ipv6_test_ipv4_addr_global_usable $ipv4addr; then
net_log $"Given IPv4 address '$ipv4addr' is not globally usable" info
valid6to4config="no"
fi
if [ -z "$IPV6TO4_RELAY" ]; then
IPV6TO4_RELAY="192.88.99.1"
fi
# Check/generate relay address
ipv6to4_relay="$(ipv6_create_6to4_relay_address $IPV6TO4_RELAY)"
if [ $? -ne 0 ]; then
valid6to4config="no"
fi
else
net_log $"IPv6to4 configuration needs an IPv4 address on related interface or otherwise specified" info
valid6to4config="no"
fi
# Setup 6to4 tunnel (hardwired name is "tun6to4"), if config is valid
if [ "$valid6to4config" = "yes" ]; then
# Get MTU of master device
ipv4mtu="$(/sbin/ip link show dev $DEVICE | awk '/\<mtu\>/ { print $5 }')"
if [ -n "$ipv4mtu" ]; then
# IPv6 tunnel MTU is IPv4 MTU minus 20 for IPv4 header
tunnelmtu=$(($ipv4mtu-20))
fi
if [ -n "$IPV6TO4_MTU" ]; then
if [ $IPV6TO4_MTU -gt $tunnelmtu ]; then
net_log $"Warning: configured MTU '$IPV6TO4_MTU' for 6to4 exceeds maximum limit of '$tunnelmtu', ignored" warning
else
tunnelmtu=$IPV6TO4_MTU
fi
fi
ipv6_add_6to4_tunnel tun6to4 $ipv4addr "" $tunnelmtu $ipv4addrlocal || exit 1
# Add route to for compatible addresses (removed later again)
ipv6_add_route "::/96" "::" tun6to4
# Add default route, if device matches
if [ "$IPV6_DEFAULTDEV" = "tun6to4" ]; then
if [ -n "$IPV6_DEFAULTGW" ]; then
net_log $"Warning: interface 'tun6to4' does not support 'IPV6_DEFAULTGW', ignored" warning
fi
ipv6_set_default_route $ipv6to4_relay tun6to4
fi
# Add static routes
if [ -f /etc/sysconfig/static-routes-ipv6 ]; then
LC_ALL=C grep -w "^tun6to4" /etc/sysconfig/static-routes-ipv6 | while read device network gateway; do
if [ -z "$network" ]; then
continue
fi
if [ -z "$gateway" ]; then
gateway="$ipv6to4_relay"
fi
ipv6_add_route $network $gateway tun6to4
done
fi
# Setup additional static IPv6 routes (newer config style)
if [ -f "/etc/sysconfig/network-scripts/route6-tun6to4" ]; then
sed -ne 's/#.*//' -e '/[^[:space:]]/p' /etc/sysconfig/network-scripts/route6-tun6to4 | while read line; do
if echo "$line" | LC_ALL=C grep -vq 'via'; then
# Add gateway if missing
line="$line via $ipv6to4_relay"
fi
/sbin/ip -6 route add $line
done
fi
# Cleanup autmatically generated autotunnel (not needed for 6to4)
/sbin/ip -6 route del ::/96 dev tun6to4
/sbin/ip -6 addr del "::$ipv4addrlocal/128" dev tun6to4
if [ "$IPV6_CONTROL_RADVD" = "yes" ]; then
# RADVD is in use, so forwarding of IPv6 packets should be enabled, display warning
if [ $ipv6_global_forwarding_current -ne 1 ]; then
net_log $"Using 6to4 and RADVD IPv6 forwarding usually should be enabled, but it isn't" warning
fi
if [ -n "$IPV6TO4_ROUTING" ]; then
ipv6to4prefix="$(ipv6_create_6to4_prefix $ipv4addr)"
if [ -n "$ipv6to4prefix" ]; then
# Add route to local networks
for devsuf in $IPV6TO4_ROUTING; do
dev="${devsuf%%-*}"
suf="$(echo $devsuf | awk -F- '{ print $2 }')"
ipv6_add_addr_on_device ${dev} ${ipv6to4prefix}${suf}
done
else
net_log $"Error occurred while calculating the IPv6to4 prefix"
fi
else
net_log $"radvd control enabled, but config is not complete"
fi
# Control running radvd
ipv6_trigger_radvd up "$IPV6_RADVD_TRIGGER_ACTION" $IPV6_RADVD_PIDFILE
fi
else
net_log $"6to4 configuration is not valid"
exit 1
fi
fi
#wait for all global IPv6 addresses to leave the "tentative" state
ipv6_wait_tentative $DEVICE

1
sysconfig/network-scripts/ifup-isdn
View File

@@ -1 +0,0 @@
ifup-ippp

27
sysconfig/network-scripts/ifup-plip
View File

@@ -1,27 +0,0 @@
#!/bin/sh
cd /etc/sysconfig/network-scripts
. ./network-functions
CONFIG=$1
source_config
if [ "foo$2" = "fooboot" -a "${ONBOOT}" = "no" ]; then
exit
fi
[ -z "$PREFIX" ] && eval $(/bin/ipcalc --prefix ${IPADDR} ${NETMASK})
ip addr add ${IPADDR} peer ${REMIP}/${PREFIX} dev ${DEVICE}
set_link_up ${DEVICE}
ip route add ${NETWORK} dev ${DEVICE}
. /etc/sysconfig/network
if [ "${GATEWAY}" != "" ]; then
if [ "${GATEWAYDEV}" = "" -o "${GATEWAYDEV}" = "${DEVICE}" ]; then
# set up default gateway
ip route replace default ${METRIC:+metric $METRIC} via ${GATEWAY}
fi
fi
/etc/sysconfig/network-scripts/ifup-post $1

43
sysconfig/network-scripts/ifup-plusb
View File

@@ -1,43 +0,0 @@
#!/bin/sh
#
# /etc/sysconfig/network-scripts/ifup-plusb
#
# the plusb network driver is a USB host-host cable based on the Prolific
# chip. It works a lot like the plip driver.
#
# To get the plusb module to load automatically at boot, you will need to
# add the following lines to /etc/conf.modules:
#
# alias plusb0 plusb
#
cd /etc/sysconfig/network-scripts
. ./network-functions
CONFIG=$1
source_config
if [ "foo$2" = "fooboot" -a "${ONBOOT}" = "no" ]
then
exit
fi
[ -z "$PREFIX" ] && eval $(/bin/ipcalc --prefix ${IPADDR} ${NETMASK})
if [ ${BROADCAST} != "" ] ; then
ip addr add ${IPADDR} peer ${REMIP}/${PREFIX} broadcast ${BROADCAST} dev ${DEVICE}
else
ip addr add ${IPADDR} peer ${REMIP}/${PREFIX} dev ${DEVICE}
fi
set_link_up ${DEVICE}
. /etc/sysconfig/network
if [ "${GATEWAY}" != "" ]; then
if [ "${GATEWAYDEV}" = "" -o "${GATEWAYDEV}" = "${DEVICE}" ]; then
# set up default gateway
ip route replace default ${METRIC:+metric $METRIC} via ${GATEWAY}
fi
fi
/etc/sysconfig/network-scripts/ifup-post $1

148
sysconfig/network-scripts/ifup-post
View File

@@ -1,148 +0,0 @@
#!/bin/bash
# Source the general functions for is_true() and is_false():
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. ./network-functions
[ -f ../network ] && . ../network
unset REALDEVICE
if [ "$1" = --realdevice ] ; then
REALDEVICE=$2
shift 2
fi
CONFIG=$1
source_config
[ -z "$REALDEVICE" ] && REALDEVICE=$DEVICE
if is_false "$ISALIAS"; then
/etc/sysconfig/network-scripts/ifup-aliases ${DEVICE} ${CONFIG}
fi
if ! is_true "$NOROUTESET"; then
/etc/sysconfig/network-scripts/ifup-routes ${REALDEVICE} ${DEVNAME}
fi
if ! is_false "${PEERDNS}" || is_true "${RESOLV_MODS}"; then
# Obtain the DNS entries when using PPP if necessary:
[ -n "${MS_DNS1}" ] && DNS1="${MS_DNS1}"
[ -n "${MS_DNS2}" ] && DNS2="${MS_DNS2}"
# Remove duplicate DNS entries and shift them, if necessary:
update_DNS_entries
# Determine what regexp we should use (for testing below):
if [ -n "${DNS3}" ]; then
grep_regexp="[^#]?nameserver[[:space:]]+${DNS1}[^#]?nameserver[[:space:]]+${DNS2}[^#]?nameserver[[:space:]]+${DNS3}"
elif [ -n "${DNS2}" ]; then
grep_regexp="[^#]?nameserver[[:space:]]+${DNS1}[^#]?nameserver[[:space:]]+${DNS2}"
elif [ -n "${DNS1}" ]; then
grep_regexp="[^#]?nameserver[[:space:]]+${DNS1}"
else
# No DNS entries used at all ->> match everything.
grep_regexp=".*"
fi
# Test if the search field needs updating, or
# if the nameserver entries order should be updated:
if [ -n "${DOMAIN}" ] && ! grep -q "^search.*${DOMAIN}.*$" /etc/resolv.conf ||
! tr --delete '\n' < /etc/resolv.conf | grep -E -q "${grep_regexp}"; then
if tmp_file=$(mktemp); then
search_str=''
while read line; do
case ${line} in
# Skip nameserver entries when at least one DNS option was given
# (at this stage we know that we have to update all the nameserver
# enries anyway -- see below), or copy them if we are changing just
# the 'search' field in /etc/resolv.conf:
nameserver*)
if [[ "${grep_regexp}" != ".*" ]]; then
continue
else
echo "${line}" >> "${tmp_file}"
fi
;;
domain* | search*)
if [ -n "${DOMAIN}" ]; then
read search value < <(echo ${line})
search_str+=" ${value}"
else
echo "${line}" >> "${tmp_file}"
fi
;;
# Keep the rest of the /etc/resolv.conf as it was:
*)
echo "${line}" >> "${tmp_file}"
;;
esac
done < /etc/resolv.conf
# Insert the domain into 'search' field:
if [ -n "${DOMAIN}" ]; then
echo "search ${DOMAIN}${search_str}" >> "${tmp_file}"
fi
# Add the requested nameserver entries:
[ -n "${DNS1}" ] && echo "nameserver ${DNS1}" >> "${tmp_file}"
[ -n "${DNS2}" ] && echo "nameserver ${DNS2}" >> "${tmp_file}"
[ -n "${DNS3}" ] && echo "nameserver ${DNS3}" >> "${tmp_file}"
# Backup resolv.conf only if it doesn't exist already:
! [ -f /etc/resolv.conf.save ] && cp -af /etc/resolv.conf /etc/resolv.conf.save
# Maintain permissions, but set umask in case it doesn't exist:
umask_old=$(umask)
umask 022
# Update the resolv.conf:
change_resolv_conf "${tmp_file}"
rm -f "${tmp_file}"
umask ${umask_old}
unset tmp_file search_str umask_old
else
net_log $"/etc/resolv.conf was not updated: failed to create temporary file" 'err' 'ifup-post'
fi
fi
unset grep_regexp
fi
# don't set hostname on ppp/slip connections
if [ "$2" = "boot" -a \
"${DEVICE}" != lo -a \
"${DEVICETYPE}" != "ppp" -a \
"${DEVICETYPE}" != "slip" ]; then
if need_hostname; then
IPADDR=$(LANG=C ip -o -4 addr ls dev ${DEVICE} | awk '{ print $4 ; exit }')
eval $(/bin/ipcalc --silent --hostname ${IPADDR} ; echo "status=$?")
if [ "$status" = "0" ]; then
set_hostname $HOSTNAME
fi
fi
fi
# Set firewall ZONE for this device (empty ZONE means default):
if [ "${REALDEVICE}" != "lo" ]; then
dbus-send --print-reply --system --dest=org.fedoraproject.FirewallD1 \
/org/fedoraproject/FirewallD1 \
org.fedoraproject.FirewallD1.zone.changeZoneOfInterface \
string:"${ZONE}" string:"${DEVICE}" \
> /dev/null 2>&1
fi
if [ -x /sbin/ifup-local ]; then
/sbin/ifup-local ${DEVICE}
fi
exit 0

88
sysconfig/network-scripts/ifup-routes
View File

@@ -1,88 +0,0 @@
#! /bin/bash
#
# adds static routes which go through device $1
. /etc/sysconfig/network-scripts/network-functions
if [ -z "$1" ]; then
echo $"usage: ifup-routes <net-device> [<nickname>]"
exit 1
fi
MATCH='^[[:space:]]*(\#.*)?$'
handle_file () {
. $1
routenum=0
while [ "x$(eval echo '$'ADDRESS$routenum)x" != "xx" ]; do
eval $(ipcalc -p $(eval echo '$'ADDRESS$routenum) $(eval echo '$'NETMASK$routenum))
line="$(eval echo '$'ADDRESS$routenum)/$PREFIX"
if [ "x$(eval echo '$'GATEWAY$routenum)x" != "xx" ]; then
line="$line via $(eval echo '$'GATEWAY$routenum)"
fi
line="$line dev $2"
/sbin/ip route add $line || {
net_log $"Failed to add route ${line}, using ip route replace instead." warning
/sbin/ip route replace $line
}
routenum=$(($routenum+1))
done
}
handle_ip_file() {
local f t type= file=$1 proto="-4"
f=${file##*/}
t=${f%%-*}
type=${t%%6}
if [ "$type" != "$t" ]; then
proto="-6"
fi
{ cat "$file" ; echo ; } | while read line; do
if [[ ! "$line" =~ $MATCH ]]; then
/sbin/ip $proto $type add $line
if [ $? != 0 ] && [ "$type" == "route" ] ; then
net_log $"Failed to add route ${line}, using ip route replace instead." warning
/sbin/ip $proto route replace $line
fi
fi
done
}
FILES="/etc/sysconfig/network-scripts/route-$1 /etc/sysconfig/network-scripts/route6-$1"
if [ -n "$2" -a "$2" != "$1" ]; then
FILES="$FILES /etc/sysconfig/network-scripts/route-$2 /etc/sysconfig/network-scripts/route6-$2"
fi
for file in $FILES; do
if [ -f "$file" ]; then
if grep -Eq '^[[:space:]]*ADDRESS[0-9]+=' $file ; then
# new format
handle_file $file ${1%:*}
else
# older format
handle_ip_file $file
fi
fi
done
# Red Hat network configuration format
NICK=${2:-$1}
CONFIG="/etc/sysconfig/network-scripts/$NICK.route"
[ -f $CONFIG ] && handle_file $CONFIG $1
# Routing rules
FILES="/etc/sysconfig/network-scripts/rule-$1 /etc/sysconfig/network-scripts/rule6-$1"
if [ -n "$2" -a "$2" != "$1" ]; then
FILES="$FILES /etc/sysconfig/network-scripts/rule-$2 /etc/sysconfig/network-scripts/rule6-$2"
fi
for file in $FILES; do
if [ -f "$file" ]; then
handle_ip_file $file
fi
done

108
sysconfig/network-scripts/ifup-sit
View File

@@ -1,108 +0,0 @@
#!/bin/bash
#
# ifup-sit
#
#
# Taken from:
# (P) & (C) 2000-2003 by Peter Bieringer <pb@bieringer.de>
#
# You will find more information on the initscripts-ipv6 homepage at
# http://www.deepspace6.net/projects/initscripts-ipv6.html
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
# Version: 2003-09-08
#
# Uses following information from /etc/sysconfig/network:
# IPV6_DEFAULTDEV=<device>: controls default route (optional)
# IPV6_DEFAULTGW=<address>: controls default route (optional)
#
# Uses following information from /etc/sysconfig/network-scripts/ifcfg-$1:
# DEVICE=<device>
# IPV6INIT=yes|no: controls IPv6 configuration for this interface
# IPV6_MTU=<MTU for IPv6>: controls IPv6 MTU for this link (optional)
#
# For static tunnels
# IPV6TUNNELIPV4=<IPv4 address>: IPv4 address of remote tunnel endpoint
# IPV6TUNNELIPV4LOCAL=<IPv4 address>: (optional) local IPv4 address of tunnel
# IPV6ADDR=<IPv6 address>[/<prefix length>]: (optional) local IPv6 address of a numbered tunnel
# IPV6ADDR_SECONDARIES="<IPv6 address>[/<prefix length>] ..." (optional) additional local IPv6 addresses
#
. /etc/sysconfig/network
cd /etc/sysconfig/network-scripts
. ./network-functions
CONFIG=$1
[ -f "$CONFIG" ] || CONFIG=ifcfg-$CONFIG
source_config
# IPv6 don't need aliases anymore, config is skipped
REALDEVICE=${DEVICE%%:*}
[ "$DEVICE" != "$REALDEVICE" ] && exit 0
# Test whether IPv6 configuration is disabled for this interface
is_false "$IPV6INIT" && exit 0
[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1
. /etc/sysconfig/network-scripts/network-functions-ipv6
# IPv6 test, module loaded, exit if system is not IPv6-ready
ipv6_test || exit 1
# Generic tunnel device sit0 is not supported here
if [ "$DEVICE" = "sit0" ]; then
net_log $"Device '$DEVICE' isn't supported here, use IPV6_AUTOTUNNEL setting and restart (IPv6) networking"
exit 1
fi
if [ -z "$IPV6TUNNELIPV4" ]; then
net_log $"Missing remote IPv4 address of tunnel, configuration is not valid"
exit 1
fi
# Test device status
ipv6_test_device_status $DEVICE
if [ $? = 0 ]; then
# device is already up
net_log $"Device '$DEVICE' is already up, please shutdown first"
exit 1
fi
# Create tunnel
ipv6_add_tunnel_device $DEVICE $IPV6TUNNELIPV4 "" $IPV6TUNNELIPV4LOCAL || exit 1
# Set IPv6 MTU, if given
if [ -n "$IPV6_MTU" ]; then
ipv6_set_mtu $DEVICE $IPV6_MTU
fi
# Apply local IPv6 address, if given (numbered tunnel)
if [ -n "$IPV6ADDR" ]; then
ipv6_add_addr_on_device $DEVICE $IPV6ADDR
fi
# Setup additional IPv6 addresses from list, if given
if [ -n "$IPV6ADDR_SECONDARIES" ]; then
for ipv6addr in $IPV6ADDR_SECONDARIES; do
ipv6_add_addr_on_device $DEVICE $ipv6addr
done
fi
# Setup default IPv6 route, check are done by function
if [ -n "$IPV6_DEFAULTDEV" -o -n "$IPV6_DEFAULTGW" ]; then
ipv6_set_default_route "$IPV6_DEFAULTGW" "$IPV6_DEFAULTDEV" "$DEVICE"
fi
# Setup additional static IPv6 routes on specified interface, if given
if [ -f /etc/sysconfig/static-routes-ipv6 ]; then
LC_ALL=C grep -w "^$DEVICE" /etc/sysconfig/static-routes-ipv6 | while read device ipv6route args; do
ipv6_add_route $ipv6route :: $DEVICE
done
fi
# Setup static routes
/etc/sysconfig/network-scripts/ifup-routes ${REALDEVICE}

99
sysconfig/network-scripts/ifup-tunnel
View File

@@ -1,99 +0,0 @@
#!/bin/bash
# Copyright (C) 1996-2009 Red Hat, Inc. all rights reserved.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License, version 2,
# as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
# Thanks to:
# - Razvan Corneliu C.R. Vilt <razvan.vilt@linux360.ro>
# - Aaron Hope <aaron.hope@unh.edu>
# - Sean Millichamp <sean@enertronllc.com>
# for providing the scripts this one is based on
. /etc/init.d/functions
cd /etc/sysconfig/network-scripts
. ./network-functions
CONFIG=$1
need_config "$CONFIG"
source_config
if [ "$PEER_OUTER_IPADDR" = "$PEER_INNER_IPADDR" ]; then
# Specifying PEER_INNER_IPADDR would automatically add a route to the peer
# through the tunnel, redirecting tunnel packets back to the tunnel and
# creating a dead loop.
unset PEER_INNER_IPADDR
fi
case "$TYPE" in
GRE)
MODE=gre
proto=-4
/sbin/modprobe ip_gre
;;
GRE6)
MODE=ip6gre
proto=-6
/sbin/modprobe ip6_gre
;;
IPIP)
MODE=ipip
proto=-4
/sbin/modprobe ipip
;;
IPIP6|EXTERNAL)
MODE=ipip6
proto=-6
/sbin/modprobe ip6_tunnel
;;
*)
net_log $"Invalid tunnel type $TYPE"
exit 1
;;
esac
# Generic tunnel devices are not supported here
if [ "$DEVICE" = gre0 -o "$DEVICE" = tunl0 -o "$DEVICE" = ip6tnl0 ]; then
net_log $"Device '$DEVICE' isn't supported as a valid GRE device name."
exit 1
fi
# Create the tunnel
# The outer addresses are those of the underlying (public) network.
if [ "$TYPE" = 'EXTERNAL' ]; then
/sbin/ip link add "$DEVICE" type ip6tnl external
else
/sbin/ip $proto tunnel add "$DEVICE" mode "$MODE" \
${MY_OUTER_IPADDR:+local "$MY_OUTER_IPADDR"} \
${PEER_OUTER_IPADDR:+remote "$PEER_OUTER_IPADDR"} \
${KEY:+key "$KEY"} ${TTL:+ttl "$TTL"}
fi
if [ -n "$MTU" ]; then
/sbin/ip link set "$DEVICE" mtu "$MTU"
fi
# The inner address are used mainly for communication between a gateway
# and a private network. When the peer is configured with an inner address
# contained in the peer's private network or identical to it's public address,
# it need not be specified.
/sbin/ip addr add "$MY_INNER_IPADDR" dev "$DEVICE" \
${PEER_INNER_IPADDR:+peer "$PEER_INNER_IPADDR"}
set_link_up "${DEVICE}"
# IPv6 initialisation?
/etc/sysconfig/network-scripts/ifup-ipv6 ${CONFIG}
exec /etc/sysconfig/network-scripts/ifup-post "$CONFIG" "$2"

62
sysconfig/network-scripts/ifup-wireless
View File

@@ -1,62 +0,0 @@
#!/bin/bash
# Network Interface Configuration System
# Copyright (c) 1996-2009 Red Hat, Inc. all rights reserved.
#
# Based on PCMCIA wireless script by (David Hinds/Jean Tourrilhes)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License, version 2,
# as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
#
# Configure wireless network device options. See iw(8) for more info.
# Valid variables:
# MODE: Ad-Hoc, Managed, etc.
# ESSID: Name of the wireless network
# FREQ: Frequency to operate on. See CHANNEL
# KEY: Encryption key for WEP.
# Only meant to be called from ifup.
cd /etc/sysconfig/network-scripts
. ./network-functions
IW=${IW:-iw}
[ "$KEY" ] && KEYS="key d:0:$KEY"
shopt -s nocasematch
case "$MODE" in
managed)
if [ "$ESSID" ]; then
$IW dev "$DEVICE" set type managed
$IW dev "$DEVICE" connect -w "$ESSID" $FREQ $KEYS
fi
;;
ad-hoc)
if [ -n "$ESSID" -a -n "$FREQ" ]; then
$IW dev "$DEVICE" set type ibss
$IW dev "$DEVICE" ibss join "$ESSID" "$FREQ" $KEYS
fi
;;
monitor)
if [ "$FREQ" ]; then
$IW dev "$DEVICE" set type monitor
$IW dev "$DEVICE" set freq "$FREQ"
fi
;;
esac
if [ -n "$WOWLAN" ] ; then
PHYDEVICE=$(phy_wireless_device $DEVICE)
iw phy $PHYDEVICE wowlan enable ${WOWLAN}
fi

164
sysconfig/network-scripts/init.ipv6-global
View File

@@ -1,164 +0,0 @@
#!/bin/bash
#
# init.ipv6-global
#
#
# Taken from: init.ipv6-global
# (P) & (C) 2001-2005 by Peter Bieringer <pb@bieringer.de>
#
# You will find more information on the initscripts-ipv6 homepage at
# http://www.deepspace6.net/projects/initscripts-ipv6.html
#
# RHL integration assistance by Pekka Savola <pekkas@netcore.fi>
#
# Version: 2005-01-04
#
# Calling parameters:
# $1: action (currently supported: start|stop|showsysctl)
# $2: position for start|stop (currently supported: pre|post)
#
# Called by hooks from /etc/[rc.d/]init.d/network
#
# Uses following information from /etc/sysconfig/network:
# IPV6FORWARDING=yes|no: controls global IPv6 forwarding (default: no)
# IPV6_AUTOCONF=yes|no: controls global automatic IPv6 configuration
# (default: yes if IPV6FORWARDING=no, no if IPV6FORWARDING=yes)
# IPV6_AUTOTUNNEL=yes|no: controls automatic IPv6 tunneling (default: no)
# IPV6_DEFAULTGW=<ipv6address[%interface]> [optional]
# IPV6_DEFAULTDEV=<interface> [optional]
#
. /etc/sysconfig/network
cd /etc/sysconfig/network-scripts
. ./network-functions
# Get action and hook position
ACTION="$1"
POSITION="$2"
[ -f /etc/sysconfig/network-scripts/network-functions-ipv6 ] || exit 1
. /etc/sysconfig/network-scripts/network-functions-ipv6
# Initialize IPv6, depending on caller option
case $ACTION in
start)
case $POSITION in
pre)
# IPv6 test, module loaded, exit if system is not IPv6-ready
ipv6_test || exit 1
if [ "$IPV6FORWARDING" = "yes" ]; then
ipv6_global_forwarding=1
ipv6_global_auto=0
else
ipv6_global_forwarding=0
if [ "$IPV6_AUTOCONF" = "no" ]; then
ipv6_global_auto=0
else
ipv6_global_auto=1
fi
fi
if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then
# Reset IPv6 sysctl switches for "all", "default" and still existing devices
for i in /proc/sys/net/ipv6/conf/* ; do
interface=${i##*/}
sinterface=${interface/.//}
# Host/Router behaviour for the interface
/sbin/sysctl -e -w net.ipv6.conf.$sinterface.forwarding=$ipv6_global_forwarding >/dev/null 2>&1
# Autoconfiguration and redirect handling for Hosts
/sbin/sysctl -e -w net.ipv6.conf.$sinterface.accept_ra=$ipv6_global_auto >/dev/null 2>&1
/sbin/sysctl -e -w net.ipv6.conf.$sinterface.accept_redirects=$ipv6_global_auto >/dev/null 2>&1
done
fi
;;
post)
# IPv6 test, module loaded, exit if system is not IPv6-ready
ipv6_test || exit 1
if [ "$IPV6_AUTOTUNNEL" = "yes" ]; then
ipv6_enable_autotunnel
# autotunnel interface doesn't require a MTU setup
fi
## Add some routes which should never appear on the wire
# Unreachable IPv4-only addresses, normally blocked by source address selection
/sbin/ip route add unreach ::ffff:0.0.0.0/96
# Unreachable IPv4-mapped addresses
/sbin/ip route add unreach ::0.0.0.0/96
# Unreachable 6to4: IPv4 multicast, reserved, limited broadcast
/sbin/ip route add unreach 2002:e000::/19
# Unreachable 6to4: IPv4 loopback
/sbin/ip route add unreach 2002:7f00::/24
# Unreachable 6to4: IPv4 private (RFC 1918)
/sbin/ip route add unreach 2002:0a00::/24
/sbin/ip route add unreach 2002:ac10::/28
/sbin/ip route add unreach 2002:c0a8::/32
# Unreachable 6to4: IPv4 private (APIPA / DHCP link-local)
/sbin/ip route add unreach 2002:a9fe::/32
# Unreachable IPv6: 6bone test addresses
/sbin/ip route add unreach 3ffe:ffff::/32
# Set default route for autotunnel, if specified
if [ "$IPV6_DEFAULTDEV" = "sit0" -a "$IPV6_AUTOTUNNEL" = "yes" ]; then
if [ -n "$IPV6_DEFAULTGW" ]; then
ipv6_set_default_route $IPV6_DEFAULTGW $IPV6_DEFAULTDEV sit0
elif [ -n "$IPV6_DEFAULTDEV" ]; then
ipv6_set_default_route "" $IPV6_DEFAULTDEV sit0
fi
fi
;;
*)
echo "Usage: $0 $1 {pre|post}"
;;
esac
;;
stop)
case $POSITION in
pre)
;;
post)
# IPv6 test, no module loaded, exit if system is not IPv6-ready
ipv6_test testonly || exit 0
if [ ! "$IPV6_SET_SYSCTLS" = "no" ]; then
for i in /proc/sys/net/ipv6/conf/* ; do
interface=${i##*/}
sinterface=${interface/.//}
# Assume Host behaviour
/sbin/sysctl -e -w net.ipv6.conf.$sinterface.forwarding=0 >/dev/null 2>&1
# Disable autoconfiguration and redirects
/sbin/sysctl -e -w net.ipv6.conf.$sinterface.accept_ra=0 >/dev/null 2>&1
/sbin/sysctl -e -w net.ipv6.conf.$sinterface.accept_redirects=0 >/dev/null 2>&1
done
fi
# Cleanup still existing tunnel devices
ipv6_cleanup_tunnel_devices
# Shut down generic tunnel interface now
if ipv6_test_device_status sit0 ; then
/sbin/ip link set sit0 down
fi
;;
*)
echo "Usage: $0 $1 {pre|post}"
;;
esac
;;
*)
echo $"Usage: $0 {start|stop|reload|restart|showsysctl}"
exit 1
;;
esac

737
sysconfig/network-scripts/network-functions
View File

@@ -1,737 +0,0 @@
# -*-Shell-script-*-
#
# This file is not a stand-alone shell script; it provides functions
# to network scripts that source it.
# Set up a default search path.
PATH="/sbin:/usr/sbin:/bin:/usr/bin"
export PATH
# We need to initialize the $HOSTNAME variable by ourselves now:
# (It was previously done for RHEL-6 branch, but got lost in time.)
HOSTNAME="$(hostname)"
[ -z "$__sed_discard_ignored_files" ] && . /etc/init.d/functions
get_hwaddr ()
{
if [ -f /sys/class/net/${1}/address ]; then
tr '[a-z]' '[A-Z]' < /sys/class/net/${1}/address
elif [ -d "/sys/class/net/${1}" ]; then
LC_ALL= LANG= ip -o link show ${1} 2>/dev/null | \
awk '{ print toupper(gensub(/.*link\/[^ ]* ([[:alnum:]:]*).*/,
"\\1", 1)); }'
fi
}
get_config_by_device ()
{
LANG=C grep -l "^[[:space:]]*DEVICE=['\"]\?${1}['\"]\?\([[:space:]#]\|$\)" \
/etc/sysconfig/network-scripts/ifcfg-* \
| LC_ALL=C sed -e "$__sed_discard_ignored_files"
}
get_config_by_hwaddr ()
{
LANG=C grep -il "^[[:space:]]*HWADDR=['\"]\?${1}['\"]\?\([[:space:]#]\|$\)" /etc/sysconfig/network-scripts/ifcfg-* \
| LC_ALL=C sed -e "$__sed_discard_ignored_files"
}
get_config_by_subchannel ()
{
LANG=C grep -E -i -l \
"^[[:space:]]*SUBCHANNELS=['\"]?([0-9]\.[0-9]\.[a-f0-9]+,){0,2}${1}(,[0-9]\.[0-9]\.[a-f0-9]+){0,2}['\"]?([[:space:]]+#|[[:space:]]*$)" \
/etc/sysconfig/network-scripts/ifcfg-* \
| LC_ALL=C sed -e "$__sed_discard_ignored_files"
}
get_config_by_name ()
{
LANG=C grep -E -i -l "^[[:space:]]*NAME=\"(Auto |System )?${1}\"" \
/etc/sysconfig/network-scripts/ifcfg-* \
| LC_ALL=C sed -e "$__sed_discard_ignored_files"
}
get_device_by_hwaddr ()
{
LANG=C ip -o link | awk -F ': ' -vIGNORECASE=1 '!/link\/ieee802\.11/ && /'"$1"'/ { print $2 }'
}
get_uuid_by_config ()
{
dbus-send --system --print-reply --dest=com.redhat.ifcfgrh1 /com/redhat/ifcfgrh1 com.redhat.ifcfgrh1.GetIfcfgDetails string:"/etc/sysconfig/network-scripts/$1" 2>/dev/null | awk -F '"' '/string / { print $2 }'
}
generate_lease_file_name ()
{
local ver=$1
LEASEFILE="/var/lib/dhclient/dhclient$ver-${DEVICE}.leases"
if [ -f $LEASEFILE ]; then
return
fi
LEASEFILE="/var/lib/dhclient/dhclient$ver-${UUID}-${DEVICE}.lease"
}
generate_config_file_name ()
{
local ver=$1
if [ -s /etc/dhcp/dhclient$ver-${DEVICE}.conf ]; then
DHCLIENTCONF="-cf /etc/dhcp/dhclient$ver-${DEVICE}.conf";
elif [ -s /etc/dhclient$ver-${DEVICE}.conf ]; then
DHCLIENTCONF="-cf /etc/dhclient$ver-${DEVICE}.conf";
else
DHCLIENTCONF='';
fi
}
need_config ()
{
local nconfig
CONFIG="ifcfg-${1}"
[ -f "${CONFIG}" ] && return
CONFIG="${1##*/}"
[ -f "${CONFIG}" ] && return
nconfig=$(get_config_by_name "${1}")
if [ -n "$nconfig" ] && [ -f "$nconfig" ]; then
CONFIG=${nconfig##*/}
return
fi
local addr=$(get_hwaddr ${1})
if [ -n "$addr" ]; then
nconfig=$(get_config_by_hwaddr ${addr})
if [ -n "$nconfig" ] ; then
CONFIG=${nconfig##*/}
[ -f "${CONFIG}" ] && return
fi
fi
nconfig=$(get_config_by_device ${1})
if [ -n "$nconfig" ] && [ -f "$nconfig" ]; then
CONFIG=${nconfig##*/}
return
fi
}
source_config ()
{
CONFIG=${CONFIG##*/}
DEVNAME=${CONFIG##ifcfg-}
. /etc/sysconfig/network-scripts/$CONFIG
[ -r "keys-$DEVNAME" ] && . /etc/sysconfig/network-scripts/keys-$DEVNAME
case "$TYPE" in
Ethernet)
DEVICETYPE="eth"
;;
CIPE)
DEVICETYPE="cipcb"
;;
IPSEC)
DEVICETYPE="ipsec"
;;
Modem)
DEVICETYPE="ppp"
;;
xDSL)
DEVICETYPE="ppp"
;;
ISDN)
DEVICETYPE="ippp"
;;
Wireless)
DEVICETYPE="eth"
;;
"Token Ring")
DEVICETYPE="eth"
;;
CTC)
DEVICETYPE="ctc"
;;
GRE | GRE6 | IPIP | IPIP6)
DEVICETYPE="tunnel"
;;
SIT | sit)
DEVICETYPE="sit"
;;
InfiniBand | infiniband)
DEVICETYPE="ib"
;;
OVS*)
DEVICETYPE="ovs"
;;
Bridge)
DEVICETYPE="eth"
;;
esac
if [ -n "$HWADDR" ]; then
HWADDR=$(tr '[a-z]' '[A-Z]' <<<"$HWADDR")
fi
if [ -n "$MACADDR" ]; then
MACADDR=$(tr '[a-z]' '[A-Z]' <<<"$MACADDR")
fi
[ -z "$DEVICE" -a -n "$HWADDR" ] && DEVICE=$(get_device_by_hwaddr $HWADDR)
[ -z "$DEVICETYPE" ] && DEVICETYPE=$(echo ${DEVICE} | sed "s/[0-9]*$//")
[ -z "$REALDEVICE" -a -n "$PARENTDEVICE" ] && REALDEVICE=$PARENTDEVICE
[ -z "$REALDEVICE" ] && REALDEVICE=${DEVICE%%:*}
[ -z "$SYSCTLDEVICE" ] && SYSCTLDEVICE=${REALDEVICE/.//}
if [ "${DEVICE}" != "${REALDEVICE}" ]; then
ISALIAS=yes
else
ISALIAS=no
fi
if is_nm_running && [ "$REALDEVICE" != "lo" ] ; then
nm_con_load "$CONFIG"
if ! is_false $NM_CONTROLLED; then
UUID=$(get_uuid_by_config $CONFIG)
[ -n "$UUID" ] && _use_nm=true
fi
fi
}
nm_con_load () {
dbus-send --system --print-reply \
--dest=org.freedesktop.NetworkManager \
/org/freedesktop/NetworkManager/Settings \
org.freedesktop.NetworkManager.Settings.LoadConnections \
array:string:"/etc/sysconfig/network-scripts/${1}" >/dev/null 2>&1
}
ethtool_set()
{
oldifs=$IFS;
IFS=';';
if [ -n "${ETHTOOL_DELAY}" ]; then
# Convert microseconds to seconds:
local ETHTOOL_DELAY_SEC=$(convert2sec ${ETHTOOL_DELAY} micro)
sleep ${ETHTOOL_DELAY_SEC}
fi
for opts in $ETHTOOL_OPTS ; do
IFS=$oldifs;
if [[ "${opts}" =~ [[:space:]]*- ]]; then
/sbin/ethtool $opts
else
/sbin/ethtool -s ${REALDEVICE} $opts
fi
IFS=';';
done
IFS=$oldifs;
}
expand_config ()
{
local i=0 val
for idx in '' {0..255} ; do
ipaddr[$i]=$(eval echo '$'IPADDR$idx)
if [ -z "${ipaddr[$i]}" ]; then
[ "$idx" ] && [ $idx -ge 2 ] && break
continue
fi
prefix[$i]=$(eval echo '$'PREFIX$idx)
netmask[$i]=$(eval echo '$'NETMASK$idx)
broadcast[$i]=$(eval echo '$'BROADCAST$idx)
arpcheck[$i]=$(eval echo '$'ARPCHECK$idx)
arpupdate[$i]=$(eval echo '$'ARPUPDATE$idx)
if [ "${prefix[$i]}x" != "x" ]; then
val=$(/bin/ipcalc --netmask "${ipaddr[$i]}/${prefix[$i]}")
netmask[$i]=${val##NETMASK=}
fi
if [ "${netmask[$i]}x" = "x" ]; then
val=$(/bin/ipcalc --netmask "${ipaddr[$i]}")
netmask[$i]=${val##NETMASK=}
fi
if [ "${prefix[$i]}x" = "x" ]; then
val=$(/bin/ipcalc --prefix ${ipaddr[$i]} ${netmask[$i]})
prefix[$i]=${val##PREFIX=}
fi
if [ "${broadcast[$i]}x" = "x" ]; then
val=$(/bin/ipcalc --broadcast ${ipaddr[$i]} ${netmask[$i]})
broadcast[$i]=${val##BROADCAST=}
fi
if [ "${arpcheck[$i]}x" != "x" ]; then
arpcheck[$i]=${arpcheck[$i]##ARPCHECK=}
arpcheck[$i]=${arpcheck[$i],,*}
fi
if [ "${arpupdate[$i]}x" != "x" ]; then
arpupdate[$i]=${arpupdate[$i]##ARPUPDATE=}
arpupdate[$i]=${arpupdate[$i],,*}
fi
i=$((i+1))
done
[ -n "$DHCP_HOSTNAME" ] && DHCP_HOSTNAME=${DHCP_HOSTNAME%%.*}
if [ -z "${NETWORK}" ]; then
eval $(/bin/ipcalc --network ${ipaddr[0]} ${netmask[0]})
fi
}
toggle_value ()
{
if [ "$2" = "yes" -o "$2" = "YES" ] ; then
echo "$1 on"
elif [ "$2" = "no" -o "$2" = "NO" ] ; then
echo "$1 off"
else
echo ''
fi
}
is_nm_running ()
{
dbus-send --system --print-reply \
--dest=org.freedesktop.DBus \
/org/freedesktop/DBus \
org.freedesktop.DBus.GetNameOwner \
string:"org.freedesktop.NetworkManager" >/dev/null 2>&1
}
is_nm_active ()
{
LANG=C nmcli -t --fields device,state dev status 2>/dev/null | grep -q "^${1}:connected$"
}
is_nm_handling ()
{
LANG=C nmcli -t --fields device,state dev status 2>/dev/null | grep -q "^\(${1}:connected\)\|\(${1}:connecting.*\)$"
}
is_nm_device_unmanaged ()
{
LANG=C nmcli -t --fields GENERAL dev show "${1}" 2>/dev/null | awk -F ':' '/GENERAL.STATE/ { if ($2 == "unmanaged") exit 0 ; else exit 1; }'
}
# Sets $alias to the device module if $? != 0
is_available ()
{
[ -z "$1" ] && return 1
[ -d "/sys/class/net/$1" ] && return 0
[ -n "$BONDING_OPTS" ] && install_bonding_driver $1
alias=$(modprobe -c | awk \
'BEGIN { alias = ""; }
$1 == "alias" && $2 == "'"$1"'" { alias = $3; }
$1 == "install" { install[$2] = $3; }
END {
cmd = install[alias];
print alias;
if (alias == "" || alias == "off" || cmd == "/bin/true" || cmd == ":")
exit 1;
exit 0;
}
')
[ $? -eq 0 ] || return 2
modprobe $1 > /dev/null 2>&1 || {
return 1
}
if [ -n "$HWADDR" ]; then
local curdev=$(get_device_by_hwaddr "$HWADDR")
if [ -z "$curdev" ]; then
return 1
fi
fi
if [ ${alias} = "bonding" ]; then
install_bonding_driver $1
fi
[ -d "/sys/class/net/$1" ] && return 0 || return 1
}
is_available_wait ()
{
[ -z "$1" ] && return 1
local retry=${2##*[!0-9]*}
is_available $1 && return 0
ret=$?
while [ 0"$retry" -gt 0 ]; do
sleep 1
[ -d "/sys/class/net/$1" ] && return 0
retry=$(($retry -1))
done
return $ret
}
is_hostname_set ()
{
case "${HOSTNAME}" in
'(none)' | 'localhost' | 'localhost.localdomain')
# Hostname NOT set:
return 1
;;
*)
# Hostname IS set:
return 0
;;
esac
}
need_hostname ()
{
# Should we avoid obtaining hostname from DHCP? (user override)
is_true "${NO_DHCP_HOSTNAME}" && return 1
if is_hostname_set; then
# Hostname is already set, we do not need to acquire it:
return 1
else
# Hostname is NOT set, we need to acquire it:
return 0
fi
}
set_hostname_options ()
{
# User explicitly requires to *not* send DHCP_HOSTNAME, DHCP_FQDN or HOSTNAME:
is_false "${DHCP_SEND_HOSTNAME}" && return
if [[ -n "${DHCP_HOSTNAME}" && -n "${DHCP_FQDN}" ]]; then
net_log $"Both 'DHCP_HOSTNAME=${DHCP_HOSTNAME}' and 'DHCP_FQDN=${DHCP_FQDN}' are configured... Using DHCP_FQDN." warning
fi
local hostname_options=''
# DHCP_FQDN takes precedence before DHCP_HOSTNAME -- as it does in NetworkManager,
# and DHCP_HOSTNAME takes precedence before HOSTNAME:
if [[ -n "${DHCP_FQDN}" ]]; then
hostname_options="-F ${DHCP_FQDN}"
elif [[ -n "${DHCP_HOSTNAME}" ]]; then
hostname_options="-H ${DHCP_HOSTNAME}"
elif is_hostname_set; then
# We need to truncate the hostname in case it is the FQDN:
hostname_options="-H ${HOSTNAME%%.*}"
else
# Nothing to send to the DHCP server:
# ['(none)', 'localhost' or 'localhost.localdomain' are not valid]
return
fi
# Append the hostname options to the content of passed variable name:
eval "$1='${!1} ${hostname_options}'"
return
}
set_hostname ()
{
hostname $1
if ! grep search /etc/resolv.conf >/dev/null 2>&1; then
domain=$(echo $1 | sed 's/^[^\.]*\.//')
if [ -n "$domain" ]; then
rsctmp=$(mktemp /tmp/XXXXXX);
cat /etc/resolv.conf > $rsctmp
echo "search $domain" >> $rsctmp
# Backup resolv.conf only if it doesn't exist already:
! [ -f /etc/resolv.conf.save ] && cp -af /etc/resolv.conf /etc/resolv.conf.save
change_resolv_conf $rsctmp
/bin/rm -f $rsctmp
fi
fi
}
check_device_down ()
{
[ ! -d /sys/class/net/$1 ] && return 0
if LC_ALL=C ip -o link show dev $1 2>/dev/null | grep -q ",UP" ; then
return 1
else
return 0
fi
}
set_link_up ()
{
if [ "$LINKSTATUS" != down ]; then
ip link set dev $1 up >/dev/null 2>&1
fi
}
check_link_down ()
{
if ! LC_ALL=C ip link show dev $1 2>/dev/null| grep -q ",UP" ; then
set_link_up $1
fi
timeout=0
delay=10
[ -n "$LINKDELAY" ] && delay=$(($LINKDELAY * 2))
while [ $timeout -le $delay ]; do
[ "$(cat /sys/class/net/$REALDEVICE/carrier 2>/dev/null)" != "0" ] && return 1
sleep 0.5
timeout=$((timeout+1))
done
return 0
}
check_default_route ()
{
LC_ALL=C ip route list match 0.0.0.0/0 | grep -q default
}
find_gateway_dev ()
{
. /etc/sysconfig/network
if [ -n "${GATEWAY}" -a "${GATEWAY}" != "none" ] ; then
dev=$(LC_ALL=C /sbin/ip route get to "${GATEWAY}" 2>/dev/null | \
sed -n 's/.* dev \([[:alnum:]]*\) .*/\1/p')
if [ -n "$dev" ]; then
GATEWAYDEV="$dev"
fi
fi
}
# After the device $1 goes away, restore the standard default route; typically
# used for ppp with DEFROUTE temporarily replacing the "standard" default
# route.
# FIXME: This function doesn't support some newer features (GATEWAY in ifcfg,
# $WINDOW, $METRIC)
add_default_route ()
{
. /etc/sysconfig/network
check_default_route && return 0
find_gateway_dev
if [ "$GATEWAYDEV" != "" -a -n "${GATEWAY}" -a \
"${GATEWAY}" != "none" ]; then
if ! check_device_down $1; then
if [ "$GATEWAY" = "0.0.0.0" ]; then
/sbin/ip route add default dev ${GATEWAYDEV}
else
/sbin/ip route add default via ${GATEWAY}
fi
fi
elif [ -f /etc/default-routes ]; then
while read spec; do
/sbin/ip route add $spec
done < /etc/default-routes
rm -f /etc/default-routes
fi
}
is_wireless_device ()
{
[ -x /usr/sbin/iw ] || return 1
LC_ALL=C /usr/sbin/iw dev $1 info > /dev/null 2>&1 && return 0
return 1
}
phy_wireless_device ()
{
cat /sys/class/net/$1/phy80211/name
}
bond_master_exists ()
{
local bond_name
[ -z "${1}" ] && return 1
[ ! -f /sys/class/net/bonding_masters ] && return 1
for bond_name in $(< /sys/class/net/bonding_masters); do
[ "${bond_name}" == "${1}" ] && return 0
done
return 1
}
install_bonding_driver ()
{
local fn="install_bonding_driver"
if ! bond_master_exists ${1}; then
modprobe bonding || return 1
echo "+$1" > /sys/class/net/bonding_masters 2>/dev/null
fi
(
# Set config here
need_config "$1"
source_config
if [ -f /sys/class/net/${DEVICE}/bonding/slaves ] && [ $(wc -l < /sys/class/net/${DEVICE}/bonding/slaves) -eq 0 ]; then
/sbin/ip link set dev ${DEVICE} down
# parse options and put them to arrays
for arg in $BONDING_OPTS ; do
bopts_keys[${#bopts_keys[*]}]=${arg%%=*}
bopts_vals[${#bopts_vals[*]}]=${arg##*=}
done
# add the bits to setup driver parameters here
# first set mode, miimon
for (( idx=0; idx < ${#bopts_keys[*]}; idx++ )) ; do
key=${bopts_keys[$idx]}
value=${bopts_vals[$idx]}
if [ "${key}" = "mode" ] ; then
echo "${value}" > /sys/class/net/${DEVICE}/bonding/$key || {
net_log $"Failed to set value '$value' [mode] to ${DEVICE} bonding device" err $fn
}
bopts_keys[$idx]=""
fi
if [ "${key}" = "miimon" ] ; then
echo "${value}" > /sys/class/net/${DEVICE}/bonding/$key || {
net_log $"Failed to set value '$value' [miimon] to ${DEVICE} bonding device" err $fn
}
bopts_keys[$idx]=""
fi
done
# set all other remaining options
for (( idx=0; idx < ${#bopts_keys[*]}; idx++ )) ; do
key=${bopts_keys[$idx]}
value=${bopts_vals[$idx]}
# option already set; take next
[[ -z "$key" ]] && continue
if [ "${key}" = "arp_ip_target" -a "${value:0:1}" != "+" ]; then
OLDIFS=$IFS;
IFS=',';
for arp_ip in $value; do
if ! grep -q $arp_ip /sys/class/net/${DEVICE}/bonding/$key; then
echo +$arp_ip > /sys/class/net/${DEVICE}/bonding/$key || {
net_log $"Failed to set '$arp_ip' value [arp_ip_target] to ${DEVICE} bonding device" err $fn
}
fi
done
IFS=$OLDIFS;
elif [ "${key}" = "arp_ip_target" ]; then
if ! grep -q ${value#+} /sys/class/net/${DEVICE}/bonding/$key; then
echo "$value" > /sys/class/net/${DEVICE}/bonding/$key || {
net_log $"Failed to set '$value' value [arp_ip_target] to ${DEVICE} bonding device" err $fn
}
fi
elif [ "${key}" != "primary" ]; then
echo $value > /sys/class/net/${DEVICE}/bonding/$key || {
net_log $"Failed to set '$value' value [$key] to ${DEVICE} bonding device" err $fn
}
fi
done
fi
)
return 0
}
is_bonding_device ()
{
[ -f "/sys/class/net/$1/bonding/slaves" ]
}
# Invoke this when /etc/resolv.conf has changed:
change_resolv_conf ()
{
s=$(/bin/grep '^[\ \ ]*option' /etc/resolv.conf 2>/dev/null)
if [ $# -gt 1 ]; then
if [ "x$s" != "x" ]; then
s="$s"$'\n'
fi
n_args=$#
while [ $n_args -gt 0 ]; do
case "$s" in
*$1*)
shift
n_args=$(($n_args-1))
continue
;;
esac
s="$s$1"
shift
if [ $# -gt 0 ]; then
s="$s"$'\n'
fi
n_args=$(($n_args-1))
done
elif [ $# -eq 1 ]; then
if [ "x$s" != "x" ]; then
s="$s"$'\n'$(/bin/grep -vF "$s" $1)
else
s=$(cat $1)
fi
fi
(echo "$s" > /etc/resolv.conf) >/dev/null 2>&1;
r=$?
if [ $r -eq 0 ]; then
[ -x /sbin/restorecon ] && /sbin/restorecon /etc/resolv.conf >/dev/null 2>&1 # reset the correct context
/usr/bin/logger -p local7.notice -t "NET" -i "$0 : updated /etc/resolv.conf"
[ -e /run/nscd/socket ] && /usr/sbin/nscd -i hosts # invalidate cache
fi
return $r
}
# Logging function
#
# Usage: net_log <message> <err|warning|info> <optional file/function name>
#
# Default level is 'err'.
net_log()
{
local message="$1"
local level="$2"
local name="$3"
[ -z "$message" ] && return 1
[ -z "$level" ] && level=err
[ -z "$name" ] && name=$0
case $level in
'debug')
local txt_level=$"DEBUG "
;;
'err')
local txt_level=$"ERROR "
;;
'warning')
local txt_level=$"WARN "
;;
'info')
local txt_level=$"INFO "
;;
esac
echo "$txt_level: [$name] $message"
if [ -x /usr/bin/logger ]; then
/usr/bin/logger -p daemon.$level -t "$name" "$message"
fi
return 0
}
update_DNS_entries()
{
# Remove duplicate values from DNS options if any:
if [ -n "${DNS3}" ] && [[ "${DNS3}" == "${DNS2}" || "${DNS3}" == "${DNS1}" ]]; then
unset DNS3
fi
if [ -n "${DNS2}" ] && [[ "${DNS2}" == "${DNS1}" ]]; then
unset DNS2
fi
# Shift the DNS options if necessary:
if [ -z "${DNS1}" ] && [ -n "${DNS2}" ]; then
DNS1="${DNS2}"
unset DNS2
fi
if [ -z "${DNS2}" ] && [ -n "${DNS3}" ]; then
DNS2="${DNS3}"
unset DNS3
fi
# We need to check DNS1 again in case only DNS3 was set at all:
if [ -z "${DNS1}" ] && [ -n "${DNS2}" ]; then
DNS1="${DNS2}"
unset DNS2
fi
}

1086
sysconfig/network-scripts/network-functions-ipv6
View File

File diff suppressed because it is too large Load Diff

1
systemd/system/multi-user.target.wants/one-context-local.service
View File

@@ -1 +0,0 @@
/usr/lib/systemd/system/one-context-local.service

1
systemd/system/multi-user.target.wants/one-context.service
View File

@@ -1 +0,0 @@
/usr/lib/systemd/system/one-context.service

1
systemd/system/multi-user.target.wants/vmtoolsd.service
View File

@@ -1 +0,0 @@
/usr/lib/systemd/system/vmtoolsd.service

1
systemd/system/vmtoolsd.service.requires/vgauthd.service
View File

@@ -1 +0,0 @@
/usr/lib/systemd/system/vgauthd.service

0
udev/rules.d/75-cd-aliases-generator.rules
View File

0
udev/rules.d/75-persistent-net-generator.rules
View File

134
vmware-tools/poweroff-vm-default
View File

@@ -1,134 +0,0 @@
#!/bin/sh
##########################################################
# Copyright (C) 2010-2016 VMware, Inc. All rights reserved.
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published
# by the Free Software Foundation version 2.1 and no later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public
# License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
##########################################################
##########################################################################
# DO NOT modify this file directly as it will be overwritten the next
# time the VMware Tools are installed.
##########################################################################
#
# statechange.sh
#
# This script is a refactored version of the legacy power scripts (e.g.,
# poweron-vm-default). It expects to be installed in their places --
# in other words, `basename "$0"` might be poweron-vm-default.
#
# Handy reference/shorthand used in this doc/scripts:
# TOOLS_CONFDIR ::= Depends on platform and installation settings. Likely
# "/etc/vmware-tools" or
# "/Library/Application Support/VMware Tools"
# powerOp ::= One of "poweron-vm", "poweroff-vm", "suspend-vm", and
# "resume-vm".
# vmwScriptDir ::= $TOOLS_CONFDIR/scripts/vmware
# userScriptDir ::= $TOOLS_CONFDIR/scripts/${powerOp}-default.d
#
# End users may install scripts of their own under $userScriptDir. They
# are executed in alphabetical order with "$powerOp" as the only argument.
#
# NB: This directory layout remains to preserve backwards compatibility. End
# users are free to write a single script which uses its only parameter
# (${powerOp}) as a discriminator, and then install symlinks to it in each
# of the ${powerOp}-default.d directories.
#
# On power-on and resume, VMware's scripts execute before the end user's. On
# suspend and power-off, the end user's execute before VMware's. (This way,
# VMware stops services only after the user's scripts have finished their
# work, and conversely restores the same services before the user's scripts
# attempt to use them.)
#
# Should any script exit non-zero, only its value will be saved to exitCode.
# (Any further non-zero exits will have no effect on exitCode.) This script
# exits with $exitCode.
#
# XXX Consider using the available/enabled pattern for VMware's scripts.
#
# XXX This should be staged as a single executable whereby the desired
# power operation is passed in as a parameter. (I.e., one would run
# "/path/to/statechange.sh suspend-vm" rather than having to install
# statechange.sh as suspend-vm-default.)
#
echo `date` ": Executing '$0'"
# See above.
TOOLS_CONFDIR=`dirname "$0"`
export TOOLS_CONFDIR
# Pull in subroutines like Panic.
. "$TOOLS_CONFDIR"/statechange.subr
#
# RunScripts --
#
# Executes scripts installed under $scriptDir.
#
# Side effects:
# exitCode may be incremented.
#
RunScripts() {
scriptDir="$1"
if [ -d "$scriptDir" ]; then
for scriptFile in "$scriptDir"/*; do
if [ -x "$scriptFile" ]; then
"$scriptFile" $powerOp
exitCode=`expr $exitCode \| $?`
fi
done
fi
}
#
# main --
#
# Entry point. See comments at top of file for details.
#
# Results:
# Exits with $exitCode.
#
main() {
# This is sanity checked in the case/esac bit below.
powerOp=`basename "$0" | sed 's,-default,,'`
exitCode=0
vmwScriptDir="$TOOLS_CONFDIR/scripts/vmware"
userScriptDir="$TOOLS_CONFDIR/scripts/${powerOp}-default.d"
case "$powerOp" in
poweron-vm|resume-vm)
RunScripts "$vmwScriptDir"
RunScripts "$userScriptDir"
;;
poweroff-vm|suspend-vm)
RunScripts "$userScriptDir"
RunScripts "$vmwScriptDir"
;;
*)
Panic "Invalid argument: $powerOp"
;;
esac
return $exitCode
}
main

134
vmware-tools/poweron-vm-default
View File

@@ -1,134 +0,0 @@
#!/bin/sh
##########################################################
# Copyright (C) 2010-2016 VMware, Inc. All rights reserved.
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published
# by the Free Software Foundation version 2.1 and no later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public
# License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
##########################################################
##########################################################################
# DO NOT modify this file directly as it will be overwritten the next
# time the VMware Tools are installed.
##########################################################################
#
# statechange.sh
#
# This script is a refactored version of the legacy power scripts (e.g.,
# poweron-vm-default). It expects to be installed in their places --
# in other words, `basename "$0"` might be poweron-vm-default.
#
# Handy reference/shorthand used in this doc/scripts:
# TOOLS_CONFDIR ::= Depends on platform and installation settings. Likely
# "/etc/vmware-tools" or
# "/Library/Application Support/VMware Tools"
# powerOp ::= One of "poweron-vm", "poweroff-vm", "suspend-vm", and
# "resume-vm".
# vmwScriptDir ::= $TOOLS_CONFDIR/scripts/vmware
# userScriptDir ::= $TOOLS_CONFDIR/scripts/${powerOp}-default.d
#
# End users may install scripts of their own under $userScriptDir. They
# are executed in alphabetical order with "$powerOp" as the only argument.
#
# NB: This directory layout remains to preserve backwards compatibility. End
# users are free to write a single script which uses its only parameter
# (${powerOp}) as a discriminator, and then install symlinks to it in each
# of the ${powerOp}-default.d directories.
#
# On power-on and resume, VMware's scripts execute before the end user's. On
# suspend and power-off, the end user's execute before VMware's. (This way,
# VMware stops services only after the user's scripts have finished their
# work, and conversely restores the same services before the user's scripts
# attempt to use them.)
#
# Should any script exit non-zero, only its value will be saved to exitCode.
# (Any further non-zero exits will have no effect on exitCode.) This script
# exits with $exitCode.
#
# XXX Consider using the available/enabled pattern for VMware's scripts.
#
# XXX This should be staged as a single executable whereby the desired
# power operation is passed in as a parameter. (I.e., one would run
# "/path/to/statechange.sh suspend-vm" rather than having to install
# statechange.sh as suspend-vm-default.)
#
echo `date` ": Executing '$0'"
# See above.
TOOLS_CONFDIR=`dirname "$0"`
export TOOLS_CONFDIR
# Pull in subroutines like Panic.
. "$TOOLS_CONFDIR"/statechange.subr
#
# RunScripts --
#
# Executes scripts installed under $scriptDir.
#
# Side effects:
# exitCode may be incremented.
#
RunScripts() {
scriptDir="$1"
if [ -d "$scriptDir" ]; then
for scriptFile in "$scriptDir"/*; do
if [ -x "$scriptFile" ]; then
"$scriptFile" $powerOp
exitCode=`expr $exitCode \| $?`
fi
done
fi
}
#
# main --
#
# Entry point. See comments at top of file for details.
#
# Results:
# Exits with $exitCode.
#
main() {
# This is sanity checked in the case/esac bit below.
powerOp=`basename "$0" | sed 's,-default,,'`
exitCode=0
vmwScriptDir="$TOOLS_CONFDIR/scripts/vmware"
userScriptDir="$TOOLS_CONFDIR/scripts/${powerOp}-default.d"
case "$powerOp" in
poweron-vm|resume-vm)
RunScripts "$vmwScriptDir"
RunScripts "$userScriptDir"
;;
poweroff-vm|suspend-vm)
RunScripts "$userScriptDir"
RunScripts "$vmwScriptDir"
;;
*)
Panic "Invalid argument: $powerOp"
;;
esac
return $exitCode
}
main

134
vmware-tools/resume-vm-default
View File

@@ -1,134 +0,0 @@
#!/bin/sh
##########################################################
# Copyright (C) 2010-2016 VMware, Inc. All rights reserved.
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published
# by the Free Software Foundation version 2.1 and no later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public
# License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
##########################################################
##########################################################################
# DO NOT modify this file directly as it will be overwritten the next
# time the VMware Tools are installed.
##########################################################################
#
# statechange.sh
#
# This script is a refactored version of the legacy power scripts (e.g.,
# poweron-vm-default). It expects to be installed in their places --
# in other words, `basename "$0"` might be poweron-vm-default.
#
# Handy reference/shorthand used in this doc/scripts:
# TOOLS_CONFDIR ::= Depends on platform and installation settings. Likely
# "/etc/vmware-tools" or
# "/Library/Application Support/VMware Tools"
# powerOp ::= One of "poweron-vm", "poweroff-vm", "suspend-vm", and
# "resume-vm".
# vmwScriptDir ::= $TOOLS_CONFDIR/scripts/vmware
# userScriptDir ::= $TOOLS_CONFDIR/scripts/${powerOp}-default.d
#
# End users may install scripts of their own under $userScriptDir. They
# are executed in alphabetical order with "$powerOp" as the only argument.
#
# NB: This directory layout remains to preserve backwards compatibility. End
# users are free to write a single script which uses its only parameter
# (${powerOp}) as a discriminator, and then install symlinks to it in each
# of the ${powerOp}-default.d directories.
#
# On power-on and resume, VMware's scripts execute before the end user's. On
# suspend and power-off, the end user's execute before VMware's. (This way,
# VMware stops services only after the user's scripts have finished their
# work, and conversely restores the same services before the user's scripts
# attempt to use them.)
#
# Should any script exit non-zero, only its value will be saved to exitCode.
# (Any further non-zero exits will have no effect on exitCode.) This script
# exits with $exitCode.
#
# XXX Consider using the available/enabled pattern for VMware's scripts.
#
# XXX This should be staged as a single executable whereby the desired
# power operation is passed in as a parameter. (I.e., one would run
# "/path/to/statechange.sh suspend-vm" rather than having to install
# statechange.sh as suspend-vm-default.)
#
echo `date` ": Executing '$0'"
# See above.
TOOLS_CONFDIR=`dirname "$0"`
export TOOLS_CONFDIR
# Pull in subroutines like Panic.
. "$TOOLS_CONFDIR"/statechange.subr
#
# RunScripts --
#
# Executes scripts installed under $scriptDir.
#
# Side effects:
# exitCode may be incremented.
#
RunScripts() {
scriptDir="$1"
if [ -d "$scriptDir" ]; then
for scriptFile in "$scriptDir"/*; do
if [ -x "$scriptFile" ]; then
"$scriptFile" $powerOp
exitCode=`expr $exitCode \| $?`
fi
done
fi
}
#
# main --
#
# Entry point. See comments at top of file for details.
#
# Results:
# Exits with $exitCode.
#
main() {
# This is sanity checked in the case/esac bit below.
powerOp=`basename "$0" | sed 's,-default,,'`
exitCode=0
vmwScriptDir="$TOOLS_CONFDIR/scripts/vmware"
userScriptDir="$TOOLS_CONFDIR/scripts/${powerOp}-default.d"
case "$powerOp" in
poweron-vm|resume-vm)
RunScripts "$vmwScriptDir"
RunScripts "$userScriptDir"
;;
poweroff-vm|suspend-vm)
RunScripts "$userScriptDir"
RunScripts "$vmwScriptDir"
;;
*)
Panic "Invalid argument: $powerOp"
;;
esac
return $exitCode
}
main

696
vmware-tools/scripts/vmware/network
View File

@@ -1,696 +0,0 @@
#!/bin/sh -x
##########################################################
# Copyright (C) 2001-2018, 2021 VMware, Inc. All rights reserved.
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published
# by the Free Software Foundation version 2.1 and no later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public
# License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
##########################################################
#
# network (Linux)
#
# Using a combination of a system networking script, ifconfig, ifup, ifdown
# and the ip command, attempt to release and renew DHCP leases upon receipt
# of suspend and resume events, respectively.
#
SOURCE=$0
logdir=/var/log
logbase=$logdir/vmware-network
logfile=$logbase.log
# Defines logging mode enabled (1) or disabled (0)
logmode=1
# Defines whether to rotate logs (1) or not (0)
logrotate=1
#
# Get log file path
#
get_logfile() {
file=`vmware-toolbox-cmd config get logging network.data | \
sed -e 's/.*= *//' -e 's/ *$//'`
if [ -n "${file##*"UNSET"*}" ]; then
logfile=$file
logdir=`dirname $logfile`
logbase=`echo $logfile | sed 's/\..*$//'`
fi
}
#
# Get Network logging config
#
get_logconfig() {
handler=`vmware-toolbox-cmd config get logging network.handler | \
sed -e 's/.*= *//' -e 's/ *$//'`
case $handler in
"file")
get_logfile
;;
"file+")
get_logfile
logrotate=0
;;
"vmx"|"std")
logrotate=0
;;
"syslog")
logfile=/var/log/syslog
logdir=`dirname $logfile`
logrotate=0
;;
*)
;;
esac
}
#
# Rotate any logs
#
rotate_logfile() {
if [ $logrotate -eq 1 ]; then
max=`vmware-toolbox-cmd config get logging network.maxOldLogFiles | \
sed -e 's/.*= *//' -e 's/ *$//'`
if [ -z "${max##*"UNSET"*}" -o `expr "$max" : '[0-9]\+$'` -eq 0 ]; then
max=9
fi
max=`expr $max - 1`
for s in `seq $max -1 1`; do
d=`expr $s + 1`
mv -f $logbase.$s.log $logbase.$d.log
done
mv -f $logbase.log $logbase.1.log
fi
}
#
# Logging api
#
log() {
if [ $logmode -eq 1 ]; then
if [ "$handler" = "vmx" ]; then
`vmtoolsd --cmd "log $*"`
elif [ "$handler" = "std" ]; then
echo `date` ": $*"
elif [ -w $logdir ]; then
space=`df -k $logdir | awk 'NR == 2 { print $4 }'`
if [ $space -gt 1024 ]; then
echo `date` ": $*" >> $logfile
else
`vmtoolsd --cmd "log WARNING: [$SOURCE] Logging disabled. No space left in $logdir"`
logmode=0
fi
else
`vmtoolsd --cmd "log WARNING: [$SOURCE] Logging disabled. $logdir is not writable"`
logmode=0
fi
fi
}
get_logconfig
rotate_logfile
log "Executing '$0 $*'"
. `dirname "$0"`/../../statechange.subr
#
# find_networking_script --
#
# Searches common Linux distro init/rc paths to find a singular network
# services script.
#
# Result:
# Returns a valid networking script path on success or "error" on failure.
#
# Side effects:
# None.
#
find_networking_script() {
local script="error"
for dir in "/etc/init.d" "/sbin/init.d" "/etc" "/etc/rc.d" ; do
if [ -d "$dir/rc0.d" ] &&
[ -d "$dir/rc1.d" ] &&
[ -d "$dir/rc2.d" ] &&
[ -d "$dir/rc3.d" ] &&
[ -d "$dir/rc4.d" ] &&
[ -d "$dir/rc5.d" ] &&
[ -d "$dir/rc6.d" ]; then
# Now find the appropriate networking script.
if [ -d "$dir/init.d" ]; then
if [ -x "$dir/init.d/network" ]; then
script="$dir/init.d/network"
elif [ -x "$dir/init.d/networking" ]; then
script="$dir/init.d/networking"
fi
else
if [ -x "$dir/network" ]; then
script="$dir/network"
elif [ -x "$dir/networking" ]; then
script="$dir/networking"
fi
fi
fi
done
log "$script"
}
#
# exec_networking_script --
#
# Execute the networking script to bring network interfaces up or down
# based on the given input action argument.
#
exec_networking_script()
{
local script=$1
local action=$2
# Using SysV "service" if it exists, otherwise fall back to run the
# script directly
service=`which service 2>/dev/null`
if [ $? = 0 -a -n "$service" ]; then
serviceName=`basename "$script"`
"$service" "$serviceName" "$action"
else
"$script" "$action"
fi
return $?
}
#
# exec_systemctl_service --
#
# Handle linux distributions that use systemd to replace the legacy
# system V startup scripts. The previous network script searching
# approach is no longer viable in these systems. Invoke the systemctl
# command to control the network service instead.
#
exec_systemctl_service()
{
local rc=1
local action=$1
local ctlcmd=$(which systemctl 2>/dev/null)
local service
[ -z "$ctlcmd" ] && return $rc
for svc in systemd-networkd network; do
if ! $ctlcmd status $svc | grep -iq 'not-found'; then
service=$svc && break
fi
done
[ -z "$service" ] && return $rc
$ctlcmd $action $service; rc=$?
# When use the systemd-networkd service to shut down interfaces, interface
# address and state remain unchanged. Need to use ip command to change its
# address and state.
if [ $rc = 0 -a $service = 'systemd-networkd' -a $action = 'stop' ]; then
config_network_intfs $action; rc=$?
fi
return $rc
}
#
# del_intf_ip --
#
# Use the ip command to remove all the addresses of an interface.
#
del_intf_ip()
{
local nic=$1
$ip_cmd addr flush dev $nic
return $?
}
#
# ip_intf_ops --
#
# Use the ip command to change the state of an interface to up or down.
#
ip_intf_ops()
{
local rc=1
local nic=$1
local ops=$2
[ -z "$ip_cmd" ] && return $rc
$ip_cmd link set $nic $ops; rc=$?
# Remove interface addresses when taking an interface down.
if [ $rc = 0 -a $ops = down ]; then
del_intf_ip $nic; rc=$?
fi
return $rc
}
#
# intf_ops --
#
# Execute the specified command (ifup or ifdown) if available, otherwise use
# the ip command as fallback. If ifup or ifdown fails, run the ip command to
# retry the intended operation.
#
intf_ops()
{
local rc=0
local cmd=$1
local ops=$2
local nic=$3
local tmp
if [ ! -z "$cmd" ]; then
tmp=$($cmd $nic 2>&1); rc=$?
# Some systems still return a successful status even the command fails
# because the interface is not configured in the configuration file. So
# have to examine the command output to determine the actual status.
if [ $rc = 0 ]; then
echo $tmp | egrep -iq 'not configured|ignoring unknown' && rc=1
fi
fi
# If ifup/ifdown fails, try the ip fallback.
if [ -z "$cmd" -o $rc != 0 ]; then
ip_intf_ops $nic $ops; rc=$?
fi
return $rc
}
#
# exec_intf_ops --
#
# Perform an operation to bring an individual interface up or down.
#
exec_intf_ops()
{
local rc=0
local action=$1
local nic=$2
case $action in
start)
intf_ops "$ifup_cmd" up $nic; rc=$?
;;
stop)
intf_ops "$ifdown_cmd" down $nic; rc=$?
;;
*)
Panic "Illegal interface action: $action"
;;
esac
return $rc
}
#
# config_network_intfs --
#
# For Linux systems not supporting networking scripts to bring interfaces
# up or down, provide a way to change the interface state individually.
#
config_network_intfs()
{
local rc=0
local action=$1
if [ -f "$activeList" ]; then
while read nic; do
exec_intf_ops $action $nic
rc=$(expr $rc \| $?)
done < $activeList
fi
return $rc
}
#
# run_network_script --
#
# Finds out how to run the system's script used to control networking, and
# runs it with the given argument (which should be one of the usual SysV
# init script arguments). If it does not work, tries the other alternatives.
# So far, our alternatives are (a) systemctl (b) network script (c) perform
# an individual interface state change.
#
run_network_script()
{
local action=$1
local rc=0
local script
while true; do
exec_systemctl_service $action
[ $? != 0 ] || break
script=`find_networking_script`
if [ $script != "error" ]; then
exec_networking_script $script $action
[ $? != 0 ] || break
fi
# Since all the other alternatives fail, need to manually change
# individual interface state.
config_network_intfs $action; rc=$?
break
done
return $rc
}
#
# save_active_NIC_list --
#
# Records a list of every active NIC to /var/run/vmware-active-nics.
#
# XXX What's the story on aliases? Should they still be included, or will
# they be recreated automatically upon resume?
#
# Results:
# $activeList has, one per line, a list of all active NICs.
#
# Side effects:
# None.
#
save_active_NIC_list()
{
local intf_out
>$activeList
# Find out all the non-loopback up interfaces. Use ip if available
# otherwise fall back to the ifconfig command.
# ifconfig is buggy on some platforms and truncates long
# network names
if [ -n "$ip_cmd" ]; then
for nic in $($ip_cmd link show up | egrep '\bUP\b' | awk -F: '{print $2}'); do
$ip_cmd link show ${nic%@*} | grep -iq 'link/ether' && echo ${nic%@*} >> $activeList
done
else
for nic in $($ifconfig_cmd | sed -n 's/^\([^: \t]*\).*$/\1/p'); do
intf_out=$($ifconfig_cmd $nic)
echo $intf_out | grep -iq loopback && continue
echo $intf_out | egrep -q '\bUP\b' && echo $nic >> $activeList
done
fi
}
#
# rescue_NIC --
#
# For each NIC recorded in $activeList that is not currently "up", run
# "ifup $nic" or "ip link set $nic up" to bring the interface up.
#
# Results:
# All downed NICs should be active.
#
rescue_NIC()
{
local rc=0
local intf_out
if [ -f "$activeList" ]; then
while read nic; do
if [ -n "$ip_cmd" ]; then
intf_out=$($ip_cmd link show $nic up)
else
intf_out=$($ifconfig_cmd $nic)
fi
if echo $intf_out | grep -q 'UP'; then
log "[rescue_nic] $nic is already active."
else
log "[rescue_nic] activating $nic ..."
# Our best effort to activate interfaces, use ifup if available
# otherwise use the ip command as fallback.
intf_ops "$ifup_cmd" up $nic
rc=$(expr $rc \| $?)
fi
done < $activeList
rm -f $activeList
fi
return $rc
}
#
# TranquilizeNetworkManager --
#
# Put the NetworkManager daemon to sleep (maybe).
#
# See http://projects.gnome.org/NetworkManager/developers/spec.html .
#
# Results:
# Sleep(true) request is sent to the NetworkManager D-Bus interface.
#
# Side effects:
# None.
#
TranquilizeNetworkManager()
{
# `which' may be a bit noisy, so we'll shush it.
dbusSend=`which dbus-send 2>/dev/null`
rc=$?
if [ $rc -ne 0 ]; then
return $rc
fi
# Check NetworkManager state before disabling it.
nm_state=`$dbusSend --system --print-reply \
--dest=org.freedesktop.NetworkManager \
/org/freedesktop/NetworkManager \
org.freedesktop.DBus.Properties.Get \
string:'org.freedesktop.NetworkManager' \
string:'State' \
| awk '/variant/ {print $3;}'`
if [ -z "$nm_state" ]; then
return 1
fi
# NetworkManager API 0.7/0.8 0.9
# NM_STATE_ASLEEP 1 10
# NM_STATE_DISCONNECTED 4 20
case $nm_state in
1|4|10|20)
# Nothing needs to be done.
return 0
;;
esac
# NetworkManager 0.8.0 and above
$dbusSend --system --print-reply \
--dest=org.freedesktop.NetworkManager \
/org/freedesktop/NetworkManager \
org.freedesktop.NetworkManager.Enable boolean:false
rc=$?
if [ $rc -eq 0 ]; then
return $rc
fi
# NetworkManager 0.7.0
$dbusSend --system --print-reply \
--dest=org.freedesktop.NetworkManager \
/org/freedesktop/NetworkManager \
org.freedesktop.NetworkManager.Sleep boolean:true
rc=$?
if [ $rc -eq 0 ]; then
return $rc
fi
# NetworkManager 0.6
$dbusSend --system --print-reply \
--dest=org.freedesktop.NetworkManager \
/org/freedesktop/NetworkManager \
org.freedesktop.NetworkManager.sleep
rc=$?
return $rc
}
#
# WakeNetworkManager --
#
# Wake the NetworkManager daemon (maybe).
#
# See http://projects.gnome.org/NetworkManager/developers/spec.html .
#
# Results:
# Sleep(false)request is sent to the NetworkManager D-Bus interface.
#
# Side effects:
# None.
#
WakeNetworkManager()
{
# `which' may be a bit noisy, so we'll shush it.
dbusSend=`which dbus-send 2>/dev/null`
rc=$?
if [ $rc = 0 ]; then
# NetworkManager 0.8.0
$dbusSend --system --print-reply \
--dest=org.freedesktop.NetworkManager \
/org/freedesktop/NetworkManager \
org.freedesktop.NetworkManager.Enable boolean:true
rc=$?
if [ $rc = 0 ]; then
return $rc
fi
# NetworkManager 0.7.0
$dbusSend --system --print-reply \
--dest=org.freedesktop.NetworkManager \
/org/freedesktop/NetworkManager \
org.freedesktop.NetworkManager.Sleep boolean:false
rc=$?
if [ $rc = 0 ]; then
return $rc
fi
# NetworkManager 0.6
$dbusSend --system --print-reply \
--dest=org.freedesktop.NetworkManager \
/org/freedesktop/NetworkManager \
org.freedesktop.NetworkManager.wake
rc=$?
fi
return $rc
}
#
# sanity_check --
#
# Check if the script has all the commands it needs to carry out the
# request. So far, it requires either ip or ifconfig command to read
# interface configuration. Ifup is not checked here. It is checked at
# the place where we need to do individual interface state change.
#
sanity_check()
{
ip_cmd=$(which ip 2>/dev/null)
ifconfig_cmd=$(which ifconfig 2>/dev/null)
ifup_cmd=$(which ifup 2>/dev/null)
ifdown_cmd=$(which ifdown 2>/dev/null)
[ -z "$ifconfig_cmd" -a -z "$ip_cmd" ] && \
Panic "ip and ifconfig not in search path."
}
#
# main --
#
# Main entry point. Perform some sanity checking, then map state change
# events to relevant networking operations.
#
# Results:
# See comment at top of file.
#
main() {
exitCode=0
activeList=/var/run/vmware-active-nics
case "$1" in
poweron-vm)
rm -f $activeList
;;
suspend-vm)
TranquilizeNetworkManager
exitCode=$?
if [ $exitCode != 0 ]; then
sanity_check suspend-vm
save_active_NIC_list
run_network_script stop
exitCode=$?
fi
;;
resume-vm)
WakeNetworkManager
exitCode=$?
if [ $exitCode != 0 ]; then
sanity_check resume-vm
# According to hfu, "/etc/init.d/networking restart" on Debian 5.0
# may bring down ethernet interfaces tagged as "allow-hotplug" without
# bringing them back up.
#
# This is especially a problem when reverting to a live, running
# VM snapshot where an active NIC list hadn't yet been generated,
# resulting in sudden loss of an otherwise operational NIC.
#
# So, if the active list doesn't exist, assume we're coming back to
# a live snapshot and capture the current active list now for
# rescue later.
if [ ! -s $activeList ]; then
save_active_NIC_list
fi
# We shall use start not restart here. Otherwise we may not be able
# to bring back active list on distros like sles11sp2
# -- PR 816791
run_network_script start
rescue_NIC
exitCode=$?
fi
;;
*)
log "No argument supplied."
;;
esac
return $exitCode
}
main "$@"
log "Finished '$0 $*'"

47
vmware-tools/statechange.subr
View File

@@ -1,47 +0,0 @@
#!/bin/sh
##########################################################
# Copyright (C) 2010-2016 VMware, Inc. All rights reserved.
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published
# by the Free Software Foundation version 2.1 and no later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public
# License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
##########################################################
##########################################################################
# DO NOT modify this file directly as it will be overwritten the next
# time the VMware Tools are installed.
##########################################################################
#
# Panic --
#
# Write a formatted error message to stderr and exit.
#
# Results:
# Stderr is spammed, program exits with exit code 1.
#
# Side effects:
# None.
#
Panic() {
fmt="`date '+%b %d %H:%M:%S'` `basename \"$0\"`"
if [ -n "$1" ]; then
fmt="${fmt}: $1"
shift
fi
printf >&2 "${fmt}\n" "$@"
exit 1
}

134
vmware-tools/suspend-vm-default
View File

@@ -1,134 +0,0 @@
#!/bin/sh
##########################################################
# Copyright (C) 2010-2016 VMware, Inc. All rights reserved.
#
# This program is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published
# by the Free Software Foundation version 2.1 and no later version.
#
# This program is distributed in the hope that it will be useful, but
# WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
# or FITNESS FOR A PARTICULAR PURPOSE. See the Lesser GNU General Public
# License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
##########################################################
##########################################################################
# DO NOT modify this file directly as it will be overwritten the next
# time the VMware Tools are installed.
##########################################################################
#
# statechange.sh
#
# This script is a refactored version of the legacy power scripts (e.g.,
# poweron-vm-default). It expects to be installed in their places --
# in other words, `basename "$0"` might be poweron-vm-default.
#
# Handy reference/shorthand used in this doc/scripts:
# TOOLS_CONFDIR ::= Depends on platform and installation settings. Likely
# "/etc/vmware-tools" or
# "/Library/Application Support/VMware Tools"
# powerOp ::= One of "poweron-vm", "poweroff-vm", "suspend-vm", and
# "resume-vm".
# vmwScriptDir ::= $TOOLS_CONFDIR/scripts/vmware
# userScriptDir ::= $TOOLS_CONFDIR/scripts/${powerOp}-default.d
#
# End users may install scripts of their own under $userScriptDir. They
# are executed in alphabetical order with "$powerOp" as the only argument.
#
# NB: This directory layout remains to preserve backwards compatibility. End
# users are free to write a single script which uses its only parameter
# (${powerOp}) as a discriminator, and then install symlinks to it in each
# of the ${powerOp}-default.d directories.
#
# On power-on and resume, VMware's scripts execute before the end user's. On
# suspend and power-off, the end user's execute before VMware's. (This way,
# VMware stops services only after the user's scripts have finished their
# work, and conversely restores the same services before the user's scripts
# attempt to use them.)
#
# Should any script exit non-zero, only its value will be saved to exitCode.
# (Any further non-zero exits will have no effect on exitCode.) This script
# exits with $exitCode.
#
# XXX Consider using the available/enabled pattern for VMware's scripts.
#
# XXX This should be staged as a single executable whereby the desired
# power operation is passed in as a parameter. (I.e., one would run
# "/path/to/statechange.sh suspend-vm" rather than having to install
# statechange.sh as suspend-vm-default.)
#
echo `date` ": Executing '$0'"
# See above.
TOOLS_CONFDIR=`dirname "$0"`
export TOOLS_CONFDIR
# Pull in subroutines like Panic.
. "$TOOLS_CONFDIR"/statechange.subr
#
# RunScripts --
#
# Executes scripts installed under $scriptDir.
#
# Side effects:
# exitCode may be incremented.
#
RunScripts() {
scriptDir="$1"
if [ -d "$scriptDir" ]; then
for scriptFile in "$scriptDir"/*; do
if [ -x "$scriptFile" ]; then
"$scriptFile" $powerOp
exitCode=`expr $exitCode \| $?`
fi
done
fi
}
#
# main --
#
# Entry point. See comments at top of file for details.
#
# Results:
# Exits with $exitCode.
#
main() {
# This is sanity checked in the case/esac bit below.
powerOp=`basename "$0" | sed 's,-default,,'`
exitCode=0
vmwScriptDir="$TOOLS_CONFDIR/scripts/vmware"
userScriptDir="$TOOLS_CONFDIR/scripts/${powerOp}-default.d"
case "$powerOp" in
poweron-vm|resume-vm)
RunScripts "$vmwScriptDir"
RunScripts "$userScriptDir"
;;
poweroff-vm|suspend-vm)
RunScripts "$userScriptDir"
RunScripts "$vmwScriptDir"
;;
*)
Panic "Invalid argument: $powerOp"
;;
esac
return $exitCode
}
main

510
vmware-tools/tools.conf.example
View File

@@ -1,510 +0,0 @@
# Copyright (c) 2019-2022 VMware, Inc. All rights reserved.
# "CAUTION: tools.conf is highly syntax sensitive file. Use extreme caution
# while editing it. If modified, it is automatically re-loaded by
# VMware Tools services every 5 seconds."
#
# Lines must not end with trailing white space.
[unsetenvironment]
# Defines environment variables to be removed from the service reading
# the configuration file. Supported formats are:
#
# 1. <variableName>=
# 2. <serviceName>.<variableName>=
#
# Where <serviceName> refers to the 'vmsvc' and 'vmusr',
# <variableName> refers to the name of the environment
# variable to be removed. '=' sign after <variableName>
# is mandatory to maintain the configuration file syntax.
# However, anything after '=' is ignored.
#
# Case-sensitive behavior is defined by the operating system.
#
# Note: unsetenvironment group is processed before setenvironment group.
# As the service environment is setup at start up time, any changes
# in this group require service to be restarted in order to take effect.
#
# Unsetting PATH for all services:
# PATH=
#
# Unsetting PATH for vmsvc only:
# vmsvc.PATH=
#
# Unsetting PATH for vmusr only:
# vmusr.PATH=
[setenvironment]
# Defines environment variables to be set for the service reading
# the configuration file. Supported formats are:
#
# 1. <variableName>=<variableValue>
# 2. <serviceName>.<variableName>=<variableValue>
#
# Where <serviceName> refers to the 'vmsvc' and 'vmusr',
# <variableName> refers to the name of the environment
# variable to be set, and <variableValue> refers to the
# value to be assigned to the environment variable.
#
# Case-sensitive behavior is defined by the operating system.
#
# Note: setenvironment group is processed after unsetenvironment group.
# As the service environment is setup at start up time, any changes
# in this group require service to be restarted in order to take effect.
#
# Setting TMPDIR for all services:
# TMPDIR=/vmware/temp
#
# Setting TMPDIR for vmsvc only:
# vmsvc.TMPDIR=/vmware/vmsvc/temp
#
# Setting TMPDIR for vmusr only:
# vmusr.TMPDIR=/vmware/vmusr/temp
[logging]
# set to false to disable logging
#log = true
# Log destinations for various services
# By default, logs go to
# %windir%/temp/vmware-<servicename>.log
# for Windows, and
# /var/log/vmware-<servicename>-<username>.log
# for Linux, MacOS and Solaris.
# Possible values for handler are:
# file: logs to a file. Set *.data to the file name
# file+: same as 'file', but appends to the file
# All file paths used in *.data value need to be in Unix
# format (forward slashes) and in utf-8, for all operating
# systems.
# vmx: logs to the host (ESXi, Workstation, Fusion)
# std: Logs to stdout for level >= 'message',
# and to stderr for more severe than 'message'.
# syslog: logs to syslog
# outputdebugstring: uses OutputDebugString (Windows only)
# If handler is 'syslog' and the OS is Linux, the facility
# can be set with <domain>.facility. The facility value can be one of
# 'local0'..'local7', 'daemon' or 'user'. The default is 'user'.
#vmtoolsd.facility = user
# possible values for level are:
# debug, info, message, warning, critical, error
# Note that "debug" level logs generate huge amounts of logs and may also
# include sensitive data required for diagnosis. Therefore, this level should
# be used only for the duration of diagnosis of an issue and reverted back to
# default setting post diagnosis.
# Enable tools service logging to a file.
#vmtoolsd.level = debug
#vmtoolsd.handler = file
#vmtoolsd.data = c:/tmp/vmtoolsd-${USER}.log
# Enable 'vmsvc' service logging to a file.
#vmsvc.level = debug
#vmsvc.handler = file
#vmsvc.data = c:/tmp/vmsvc.log
# Enable VMwareResolutionSet.exe logging to a file.
# Comment this for Linux guest, sometimes vmusr logs are not generated due
# to this being uncommented
#vmresset.level = debug
#vmresset.handler = file+
#vmresset.data = c:/tmp/vmresset.log
# Enable new "vmusr" service logging to a file.
#vmusr.level = debug
#vmusr.handler = file
#vmusr.data = c:/tmp/vmusr.${USER}.log
# Set the following configuration if you want to collect the logs for
# vmware-toolbox-cmd utility
#toolboxcmd.level = debug
#toolboxcmd.handler = file
#toolboxcmd.data = c:/tmp/vmtoolboxcmd-${USER}.log
# With no explicit logging configuration for deployPkg, its default log path in
# Linux is /var/log/vmware-imc/toolsDeployPkg.log, and in Windows is
# %WINDIR%/Temp/vmware-imc/toolsDeployPkg.log
# Set the following configuration if you want to redirect the deployPkg log to
# any existing location other than the default.
#deployPkg.level = debug
#deployPkg.handler = file
#deployPkg.data = c:/tmp/toolsDeployPkg-${USER}.log
# Redirecting the deployPkg log to the vmx log file. Please note that
# "log = true" and the vmsvc log handler setting to vmx are also neccessary
# if you want to redirect the deployPkg log to vmx.
#log = true
#vmsvc.level = debug
#vmsvc.handler = vmx
#deployPkg.level = debug
#deployPkg.handler = vmx
# Enable old VMwareUser/vmware-user logging to file.
#log.file = c:/tmp/vmtools.log
# Enable "hgfsServer" request handling logging to the appropriate service file.
#hgfsServer.level = debug
# Enable "hgfs" manager and transport logging to the appropriate service file.
#hgfsd.level = debug
#vmbackup.level = debug
#vmbackup.handler = vmx
#vmvss.level = debug
#vmvss.handler = vmx
# Default 4096, 0=> disable log caching
#maxCacheEntries=4096
# Set the following configurations for modifying network script logging file.
# Only for Linux, Mac OS X, Solaris, and FreeBSD
#network.handler = file
#network.data = /tmp/network.log
#network.maxOldLogFiles = 9
# Redirect network script logs to vmx
#network.handler = vmx
[powerops]
# Custom scripts for power operations
# This can be an absolute path, or a path relative to the tools
# install path (/etc/vmware-tools/ for Linux).
# For more information on configuring and querying custom scripts with
# VMware Tools, see the "Use Custom VMware Tools Scripts" section of the
# "VMware Tools Configuration Utility User's Guide".
# Runs when the virtual machine is being powered on rather than resumed.
# Also runs after virtual machine restarts.
# The default script has no effect on networking for the virtual machine.
#poweron-script=poweron-vm-default
# Runs when the virtual machine is being powered off or reset.
# The default script has no effect on networking for the virtual machine.
#poweroff-script=poweroff-vm-default
# Runs when the virtual machine is resumed after it was suspended.
# On Windows guest operating systems, if the virtual machine is configured to
# use DHCP, the default script renews the IP address of the virtual machine.
# On Linux, Mac OS X, Solaris, and FreeBSD guest operating systems,
# this script starts networking for the virtual machine.
#resume-script=resume-vm-default
# Runs when the virtual machine is being suspended.
# On Windows guest operating systems, if the virtual machine is configured
# to use DHCP, the default script releases the IP address of the virtual
# machine.
# On Linux, Mac OS X, Solaris, and FreeBSD, this script stops networking for
# the virtual machine.
#suspend-script=suspend-vm-default
[guestinfo]
# Set to true to disable the perf monitor.
#disable-perf-mon=false
# Set to true to disable DiskInfo.
#disable-query-diskinfo=false
# User-defined poll interval in seconds. Set to 0 to disable polling.
#poll-interval=30
# User-defined stats interval in seconds. Set to 0 to disable stats collection.
#stats-interval=20
# Whether stat results should be written to the log.
#enable-stat-logging=false
# Set a comma separated list of network interface names that can be the
# primary ones. These will be sorted to the top. Interface names can use
# wildcards like '*' and '?'. Default is no value.
#primary-nics=
# Set a comma separated list of network interface names that have low priority
# (so they will be sorted to the end). Interface names can use wildcards like
# '*' and '?'. Default is no value.
#low-priority-nics=
# Set a comma separated list of network interface names that shall be ignored.
# Interface names can use wildcards like '*' and '?'.
# Default for Linux and all non-Windows:
#exclude-nics=veth*,docker*,virbr*
# Default for Windows:
#exclude-nics=vEthernet*
# max umber of IPv4 routes to gather.
#max-ipv4-routes=100
# max umber of IPv6 routes to gather.
#max-ipv6-routes=100
# whether to include reserved space in diskInfo space metrics on Linux
#diskinfo-include-reserved=false
[globalconf]
# The GlobalConf feature provides an ability for the vSphere administrators
# to distribute a 'VMware Tools Configuration File' (tools.conf) via the
# GuestStore for multiple VMs at scale.
# Defines the configuration to enable/disable the GlobalConf module.
# Set to true to enable the module.
# Set to false to disable the module. Default false.
#enabled=false
# Defines a custom GlobalConf poll interval (in seconds).
# Default 3600 seconds. Minimum 1800 seconds.
#poll-interval=3600
# Defines the global configuration resource in GuestStore.
# Windows guests
#resource=/vmware/configurations/vmtools/windows/tools.conf
#
# Linux guests
#resource=/vmware/configurations/vmtools/linux/tools.conf
[componentmgr]
# This plugin manages the known and enabled components add/remove status.
# The plugin polls at regular interval and triggers action add/remove for
# all the known and enabled components in the componentMgr plugin.
# Default and minimum polling interval in seconds (0 => polling disabled)
#poll-interval=180
# Comma separated list of components managed by the plugin. If not specified,
# default value is all, which means all components are enabled by default.
# A special value of none means no component, which is equivalent to disabling
# the plugin completely. Value is parsed left to right and parsing stops at
# first occurrence of all or none or end of line.
#included=all
[appinfo]
# This plugin collects info about running applications in guest OS.
# Set to true to disable the appinfo plugin.
#disabled=false
# User-defined poll interval in seconds. Set to 0 to disable the plugin.
#poll-interval=21600
# For Windows guest, set to true to use WMI for getting the application
# version info, otherwise native Win32 API is used.
#useWMI=false
# Whether to remove the duplicate applications information in the
# guestinfo variable.
#remove-duplicates=true
[containerinfo]
# This plugin collects info about running containers in guest OS.
# User-defined poll interval in seconds. Set to 0 to disable the plugin.
#poll-interval=21600
# Maximum number of containers to be retrieved per namespace.
#max-containers=256
# Whether to remove the duplicate containers information in the
# guestinfo variable.
#remove-duplicates=true
# Unix socket to use to communicate with the docker daemon.
#docker-unix-socket=/var/run/docker.sock
# The unix socket to connect to communicate with containerd grpc server
# for retrieving the list of running containers.
#containerd-unix-socket=/run/containerd/containerd.sock
# List of namespaces to be queried for the running containers.
# The value for this key is a comman separated list.
#allowed-namespaces=moby,k8s.io,default
[servicediscovery]
# This plugin provides admins with additional info for better VM management.
# Set to true to disable the servicediscovery plugin.
#disabled=false
[unity]
#
# Unity is available for Windows only.
#
# Set to true to override system decisions about whether unity should be available.
#forceEnable=false
# Override the desktop background color when in Unity mode.
#desktop.backgroundColor=
# The socket type can be 'ipsocket' or 'vsocket':
#pbrpc.socketType
[resolutionKMS]
# Default is true if tools finds an xf86-video-vmware driver with
# version >= 13.2.0. If you don't have X installed, set this to true manually.
# This only affects tools for Linux.
#enable=true
[guestosinfo]
# Override the short OS name sent by tools.
#short-name=
# Override the long OS name sent by tools.
#long-name=
[vmbackup]
# enableSyncDriver is Linux only.
#enableSyncDriver=true
# enableVSS is Windows only.
#enableVSS=true
# vss.disableAppQuiescing is Windows only.
# This setting can be used to force file system quiescing on Windows systems
# having problems with application quiescing.
# See https://kb.vmware.com/s/article/2146204
#vss.disableAppQuiescing=false
# Linux:
# The value of excludedFileSystems is a comma-separated list of glob-style
# patterns specifying the file system mount points to be excluded from
# quiescing operation. The patterns may use '*' (wildcard) to represent
# any string of characters and '?' (joker) to represent any single character.
# The characters represented by the patterns '*' and '?' may include any
# characters, including '/'.
#
# Windows:
# The value of excludedFileSystems is a comma-separated list of mount points
# specifying the volumes to be excluded from quiesced snapshots.
# Each mount point must be a full path separated and ended with "\\".
# For example, to exclude volumes with drive letter 'E' or mount point
# "F:\mount\", use:
# excludedFileSystems=E:\\,F:\\mount\\
# This setting is ignored when application quiescing is used.
#excludedFileSystems=
# execScripts specifies whether to execute scripts as part of the quiescing
# operation. Scripts are executed from the scripts directory along with the
# legacy scripts.
#
# Scripts directory:
# Linux: /etc/vmware-tools/backupScripts.d
# Windows: <Install-Path>\backupScripts.d
#
# Legacy scripts:
# Linux: /usr/sbin/pre-freeze-script and /usr/sbin/post-thaw-script
# Windows: C:\windows\pre-freeze-script.bat and C:\windows\post-thaw-script.bat
#
# On each quiescing operation, scripts are invoked before quiescing and
# either after a quiescing failure or after thawing.
# The first argument passed to each script is
# "freeze", when invoked before quiescing;
# "freezefail", when invoked after a quiescing failure; or
# "thaw", when invoked after thawing.
# When invoked before quiescing, scripts from the directory are invoked in
# alphabetically ascending order; when invoked following a quiescing failure
# or thawing, they are invoked in the reverse order. Any subdirectories are
# ignored.
# Note that the legacy pre-freeze-script is invoked only before quiescing as
# the first script and post-thaw-script is invoked after a quiescing failure
# as well as after thawing as the last script.
#execScripts=true
# Additional argument to be passed to scripts
#scriptArg=
[guestoperations]
# to disable all guest ops
#disabled=false
# Whether to use vgauth for guest op authentication
#useVGAuth=true
[autoupgrade]
# The "allow-upgrade" option controls whether automatic upgrades (or reinstalls)
# are allowed.
#allow-upgrade=true
# The autoupgrade plugin is only available for Windows.
# The "allow-add-feature" and "allow-remove-feature" control whether adding
# or removing a feature will be allowed.
# The allow-msi-transforms option controls whether TRANSFORMS property is
# allowed.
#allow-add-feature=true
#allow-remove-feature=true
#allow-msi-transforms=false
[deployPkg]
# to disable guest customization
#enable-customization=false
# This "wait-cloudinit-timeout" option controls how long does guest
# customization wait for cloud-init execution done when it detects cloud-init
# is available in guest.
# Guest customization will continue executing as soon as it detects cloud-init
# execution done within this option's value in seconds.
# If cloud-init is still running beyond this option's value in seconds, guest
# customization will continue executing regardless cloud-init execution status.
# Minimum valid value is 0 second, set to 0 to disable waiting.
# Maximum valid value is 1800 seconds (30 minutes).
# Default value is 30 seconds.
#wait-cloudinit-timeout=30
[cbhelper]
# The carbonblack helper plugin is only available for Windows.
# User-defined poll interval in seconds. Set to 0 to disable polling.
#poll-interval=60
[gueststoreupgrade]
# The guestStoreUpgrade plugin is only available for Windows.
# The policy value is one of the settings listed below.
# off = no VMware Tools upgrade from GuestStore. Feature is
# disabled.
# manual = (Default) VMware Tools upgrade from GuestStore is
# manually started.
# powercycle = VMware Tools upgrade from GuestStore on system
# power on.
#policy=manual
# Time interval for periodically checking available VMware Tools package
# version in the GuestStore.
# User-defined poll interval in seconds. Set to 0 to disable polling.
# Minimum valid value is 900 seconds (15 minutes)
# Default value is 3600 seconds (60 minutes)
#poll-interval=3600
# VMware Tools package version metadata key to specify a VMware Tools
# package version in the GuestStore.
# User-defined key for VMware Tools package version.
# Default value is "vmtools" which points to the latest version of
# VMware Tools package in the GuestStore.
#vmtools-version-key=vmtools
[devicehelper]
# The deviceHelper plugin is only available for Windows.
# Set to true to disable the deviceHelper plugin.
#disabled=false

5
vmware-tools/vgauth.conf
View File

@@ -1,5 +0,0 @@
[service]
samlSchemaDir = /etc/vmware-tools/vgauth/schemas
[localization]
msgCatalog = /usr/share/open-vm-tools

142
vmware-tools/vgauth/schemas/XMLSchema-hasFacetAndProperty.xsd
View File

@@ -1,142 +0,0 @@
<?xml version='1.0'?>
<!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSCHEMA 200102//EN" "XMLSchema.dtd" [
<!ENTITY % s ''>
<!ENTITY % p ''>
<!-- keep this XML 1.0 correct -->
<!ATTLIST schema xmlns:hfp CDATA #IMPLIED
xmlns:xhtml CDATA #IMPLIED
xmlns:xsi CDATA #IMPLIED
xsi:schemaLocation CDATA #IMPLIED>
<!ELEMENT xhtml:p ANY>
<!ELEMENT xhtml:em ANY>
]>
<schema xmlns="http://www.w3.org/2001/XMLSchema" targetNamespace="http://www.w3.org/2001/XMLSchema-hasFacetAndProperty" xmlns:hfp="http://www.w3.org/2001/XMLSchema-hasFacetAndProperty" xmlns:xhtml="http://www.w3.org/1999/xhtml"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.w3.org/1999/xhtml http://www.w3.org/1999/xhtml.xsd">
<annotation>
<documentation>
<xhtml:p> This schema defines 2 elements for use in the
appinfo portion section of (potentially) all builtin datatypes in the schema
for XML Schema Part 2: Datatypes. </xhtml:p>
<xhtml:p> One intended use of
this appinfo is in the generation of the HTML version of the XML Schema Part 2:
Datatypes specification itself. All portions of the HTML text which describe
the facets and/or properties of each datatype is generated by an XSLT
transformation which keys off of this appinfo. </xhtml:p>
<xhtml:p> Schema
processors may have another use for this appinfo (although one certainly not
required in any way by the specification). The information may be useful in
dynamically building validation modules/classes and/or user-interfaces for
schema creation. </xhtml:p>
</documentation>
</annotation>
<element name="hasFacet">
<annotation>
<documentation>
<xhtml:p>
hasFacet is used to signal that the contraining facet
given in the name attribute is applicable to a primitive
datatype (and all types derived from it).
</xhtml:p>
<xhtml:p>
Note: this element will only appear in the appinfo of
primitive types or built-in types derived by "list".
</xhtml:p>
<xhtml:p>
A schema processor (or the XSLT which generates the
HTML version of the XML Schema Part 2: Datatypes
specification) which reads a derived simpleType
definition should walk up the base type chain until
it reaches the primitive type at the top of the chain
and "push" all facets found their down to all derived
types in the chain.
</xhtml:p>
</documentation>
</annotation>
<complexType>
<attribute name="name" use="required">
<simpleType>
<annotation>
<documentation>
<xhtml:p>
This datatype names all existing contraining facets.
</xhtml:p>
<xhtml:p>
Question: should each of the enumerations below be
given a documentation annotation, which would contain
the text to be used in the definition of the facet
in the XML Schema Part 2: Datatypes specification?
Might be nice to try to collect all of that information
together here.
</xhtml:p>
</documentation>
</annotation>
<restriction base="NMTOKEN">
<enumeration value="length"/>
<enumeration value="minLength"/>
<enumeration value="maxLength"/>
<enumeration value="pattern"/>
<enumeration value="enumeration"/>
<enumeration value="maxInclusive"/>
<enumeration value="maxExclusive"/>
<enumeration value="minInclusive"/>
<enumeration value="minExclusive"/>
<enumeration value="totalDigits"/>
<enumeration value="fractionDigits"/>
<enumeration value="whiteSpace"/>
<enumeration value="maxScale"/>
<enumeration value="minScale"/>
</restriction>
</simpleType>
</attribute>
</complexType>
</element>
<element name="hasProperty">
<annotation>
<documentation>
<xhtml:p> hasProperty is used to signal that the property
given in the name attribute has the value given in the value attribute for the
datatype in which it occurs (and all types derived from it, which do not
override the value of the property). </xhtml:p>
<xhtml:p> Note: this element
may appear in the appinfo of primitive and built-in derived types. </xhtml:p>
<xhtml:p> A schema processor (or the XSLT which generates the HTML version of
the XML Schema Part 2: Datatypes specification) which reads a simpleType
definition should gather the information from any occurances of hasProperty in
that simpleType definition, and then walk up the base type chain gathering
information from any occurances of hasProperty (unless a value was given to the
name in a dervied type) until either it reaches the primitive type at the top
of the chain or it has gathered values for all existing properties. </xhtml:p>
</documentation>
</annotation>
<complexType>
<attribute name="name" use="required">
<simpleType>
<annotation>
<documentation>
<xhtml:p> This datatype names all existing fundamental
facets, otherwise known as properties (with the exception of
<xhtml:em>equality</xhtml:em>, a property which has no
<xhtml:em>value</xhtml:em>). </xhtml:p>
<xhtml:p> Question: should each of
the enumerations below be given a documentation annotation, which would contain
the text to be used in the definition of the properties in the XML Schema Part
2: Datatypes specification? Might be nice to try to collect all of that
information together here. </xhtml:p>
</documentation>
</annotation>
<restriction base="NMTOKEN">
<enumeration value="ordered"/>
<enumeration value="bounded"/>
<enumeration value="cardinality"/>
<enumeration value="numeric"/>
</restriction>
</simpleType>
</attribute>
<attribute name="value" type="normalizedString" use="required"/>
</complexType>
</element>
</schema>

37
vmware-tools/vgauth/schemas/XMLSchema-instance.xsd
View File

@@ -1,37 +0,0 @@
<?xml version='1.0'?>
<!DOCTYPE xs:schema SYSTEM "XMLSchema.dtd" [
<!ELEMENT p ANY>
<!ELEMENT a ANY>
<!ATTLIST a href CDATA #IMPLIED>
<!ELEMENT hr ANY>
<!ELEMENT h1 ANY>
<!ELEMENT br ANY>
]>
<xs:schema targetNamespace="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns="http://www.w3.org/1999/xhtml">
<xs:annotation>
<xs:documentation>
<h1>XML Schema instance namespace</h1>
<p>See <a href="http://www.w3.org/TR/xmlschema-1/">the XML Schema
Recommendation</a> for an introduction</p>
<hr />
$Date: 2001/03/16 20:25:57 $<br />
$Id: XMLSchema-instance.xsd,v 1.4 2001/03/16 20:25:57 ht Exp $
</xs:documentation>
</xs:annotation>
<xs:annotation>
<xs:documentation><p>This schema should never be used as such:
<a href="http://www.w3.org/TR/xmlschema-1/#no-xsi">the XML
Schema Recommendation</a> forbids the declaration of
attributes in this namespace</p>
</xs:documentation>
</xs:annotation>
<xs:attribute name="nil"/>
<xs:attribute name="type"/>
<xs:attribute name="schemaLocation"/>
<xs:attribute name="noNamespaceSchemaLocation"/>
</xs:schema>

402
vmware-tools/vgauth/schemas/XMLSchema.dtd
View File

@@ -1,402 +0,0 @@
<!-- DTD for XML Schemas: Part 1: Structures
Public Identifier: "-//W3C//DTD XMLSCHEMA 200102//EN"
Official Location: http://www.w3.org/2001/XMLSchema.dtd -->
<!-- $Id: XMLSchema.dtd,v 1.31 2001/10/24 15:50:16 ht Exp $ -->
<!-- Note this DTD is NOT normative, or even definitive. --> <!--d-->
<!-- prose copy in the structures REC is the definitive version --> <!--d-->
<!-- (which shouldn't differ from this one except for this --> <!--d-->
<!-- comment and entity expansions, but just in case) --> <!--d-->
<!-- With the exception of cases with multiple namespace
prefixes for the XML Schema namespace, any XML document which is
not valid per this DTD given redefinitions in its internal subset of the
'p' and 's' parameter entities below appropriate to its namespace
declaration of the XML Schema namespace is almost certainly not
a valid schema. -->
<!-- The simpleType element and its constituent parts
are defined in XML Schema: Part 2: Datatypes -->
<!ENTITY % xs-datatypes PUBLIC 'datatypes' 'datatypes.dtd' >
<!ENTITY % p 'xs:'> <!-- can be overriden in the internal subset of a
schema document to establish a different
namespace prefix -->
<!ENTITY % s ':xs'> <!-- if %p is defined (e.g. as foo:) then you must
also define %s as the suffix for the appropriate
namespace declaration (e.g. :foo) -->
<!ENTITY % nds 'xmlns%s;'>
<!-- Define all the element names, with optional prefix -->
<!ENTITY % schema "%p;schema">
<!ENTITY % complexType "%p;complexType">
<!ENTITY % complexContent "%p;complexContent">
<!ENTITY % simpleContent "%p;simpleContent">
<!ENTITY % extension "%p;extension">
<!ENTITY % element "%p;element">
<!ENTITY % unique "%p;unique">
<!ENTITY % key "%p;key">
<!ENTITY % keyref "%p;keyref">
<!ENTITY % selector "%p;selector">
<!ENTITY % field "%p;field">
<!ENTITY % group "%p;group">
<!ENTITY % all "%p;all">
<!ENTITY % choice "%p;choice">
<!ENTITY % sequence "%p;sequence">
<!ENTITY % any "%p;any">
<!ENTITY % anyAttribute "%p;anyAttribute">
<!ENTITY % attribute "%p;attribute">
<!ENTITY % attributeGroup "%p;attributeGroup">
<!ENTITY % include "%p;include">
<!ENTITY % import "%p;import">
<!ENTITY % redefine "%p;redefine">
<!ENTITY % notation "%p;notation">
<!-- annotation elements -->
<!ENTITY % annotation "%p;annotation">
<!ENTITY % appinfo "%p;appinfo">
<!ENTITY % documentation "%p;documentation">
<!-- Customisation entities for the ATTLIST of each element type.
Define one of these if your schema takes advantage of the
anyAttribute='##other' in the schema for schemas -->
<!ENTITY % schemaAttrs ''>
<!ENTITY % complexTypeAttrs ''>
<!ENTITY % complexContentAttrs ''>
<!ENTITY % simpleContentAttrs ''>
<!ENTITY % extensionAttrs ''>
<!ENTITY % elementAttrs ''>
<!ENTITY % groupAttrs ''>
<!ENTITY % allAttrs ''>
<!ENTITY % choiceAttrs ''>
<!ENTITY % sequenceAttrs ''>
<!ENTITY % anyAttrs ''>
<!ENTITY % anyAttributeAttrs ''>
<!ENTITY % attributeAttrs ''>
<!ENTITY % attributeGroupAttrs ''>
<!ENTITY % uniqueAttrs ''>
<!ENTITY % keyAttrs ''>
<!ENTITY % keyrefAttrs ''>
<!ENTITY % selectorAttrs ''>
<!ENTITY % fieldAttrs ''>
<!ENTITY % includeAttrs ''>
<!ENTITY % importAttrs ''>
<!ENTITY % redefineAttrs ''>
<!ENTITY % notationAttrs ''>
<!ENTITY % annotationAttrs ''>
<!ENTITY % appinfoAttrs ''>
<!ENTITY % documentationAttrs ''>
<!ENTITY % complexDerivationSet "CDATA">
<!-- #all or space-separated list drawn from derivationChoice -->
<!ENTITY % blockSet "CDATA">
<!-- #all or space-separated list drawn from
derivationChoice + 'substitution' -->
<!ENTITY % mgs '%all; | %choice; | %sequence;'>
<!ENTITY % cs '%choice; | %sequence;'>
<!ENTITY % formValues '(qualified|unqualified)'>
<!ENTITY % attrDecls '((%attribute;| %attributeGroup;)*,(%anyAttribute;)?)'>
<!ENTITY % particleAndAttrs '((%mgs; | %group;)?, %attrDecls;)'>
<!-- This is used in part2 -->
<!ENTITY % restriction1 '((%mgs; | %group;)?)'>
%xs-datatypes;
<!-- the duplication below is to produce an unambiguous content model
which allows annotation everywhere -->
<!ELEMENT %schema; ((%include; | %import; | %redefine; | %annotation;)*,
((%simpleType; | %complexType;
| %element; | %attribute;
| %attributeGroup; | %group;
| %notation; ),
(%annotation;)*)* )>
<!ATTLIST %schema;
targetNamespace %URIref; #IMPLIED
version CDATA #IMPLIED
%nds; %URIref; #FIXED 'http://www.w3.org/2001/XMLSchema'
xmlns CDATA #IMPLIED
finalDefault %complexDerivationSet; ''
blockDefault %blockSet; ''
id ID #IMPLIED
elementFormDefault %formValues; 'unqualified'
attributeFormDefault %formValues; 'unqualified'
xml:lang CDATA #IMPLIED
%schemaAttrs;>
<!-- Note the xmlns declaration is NOT in the Schema for Schemas,
because at the Infoset level where schemas operate,
xmlns(:prefix) is NOT an attribute! -->
<!-- The declaration of xmlns is a convenience for schema authors -->
<!-- The id attribute here and below is for use in external references
from non-schemas using simple fragment identifiers.
It is NOT used for schema-to-schema reference, internal or
external. -->
<!-- a type is a named content type specification which allows attribute
declarations-->
<!-- -->
<!ELEMENT %complexType; ((%annotation;)?,
(%simpleContent;|%complexContent;|
%particleAndAttrs;))>
<!ATTLIST %complexType;
name %NCName; #IMPLIED
id ID #IMPLIED
abstract %boolean; #IMPLIED
final %complexDerivationSet; #IMPLIED
block %complexDerivationSet; #IMPLIED
mixed (true|false) 'false'
%complexTypeAttrs;>
<!-- particleAndAttrs is shorthand for a root type -->
<!-- mixed is disallowed if simpleContent, overriden if complexContent
has one too. -->
<!-- If anyAttribute appears in one or more referenced attributeGroups
and/or explicitly, the intersection of the permissions is used -->
<!ELEMENT %complexContent; ((%annotation;)?, (%restriction;|%extension;))>
<!ATTLIST %complexContent;
mixed (true|false) #IMPLIED
id ID #IMPLIED
%complexContentAttrs;>
<!-- restriction should use the branch defined above, not the simple
one from part2; extension should use the full model -->
<!ELEMENT %simpleContent; ((%annotation;)?, (%restriction;|%extension;))>
<!ATTLIST %simpleContent;
id ID #IMPLIED
%simpleContentAttrs;>
<!-- restriction should use the simple branch from part2, not the
one defined above; extension should have no particle -->
<!ELEMENT %extension; ((%annotation;)?, (%particleAndAttrs;))>
<!ATTLIST %extension;
base %QName; #REQUIRED
id ID #IMPLIED
%extensionAttrs;>
<!-- an element is declared by either:
a name and a type (either nested or referenced via the type attribute)
or a ref to an existing element declaration -->
<!ELEMENT %element; ((%annotation;)?, (%complexType;| %simpleType;)?,
(%unique; | %key; | %keyref;)*)>
<!-- simpleType or complexType only if no type|ref attribute -->
<!-- ref not allowed at top level -->
<!ATTLIST %element;
name %NCName; #IMPLIED
id ID #IMPLIED
ref %QName; #IMPLIED
type %QName; #IMPLIED
minOccurs %nonNegativeInteger; #IMPLIED
maxOccurs CDATA #IMPLIED
nillable %boolean; #IMPLIED
substitutionGroup %QName; #IMPLIED
abstract %boolean; #IMPLIED
final %complexDerivationSet; #IMPLIED
block %blockSet; #IMPLIED
default CDATA #IMPLIED
fixed CDATA #IMPLIED
form %formValues; #IMPLIED
%elementAttrs;>
<!-- type and ref are mutually exclusive.
name and ref are mutually exclusive, one is required -->
<!-- In the absence of type AND ref, type defaults to type of
substitutionGroup, if any, else the ur-type, i.e. unconstrained -->
<!-- default and fixed are mutually exclusive -->
<!ELEMENT %group; ((%annotation;)?,(%mgs;)?)>
<!ATTLIST %group;
name %NCName; #IMPLIED
ref %QName; #IMPLIED
minOccurs %nonNegativeInteger; #IMPLIED
maxOccurs CDATA #IMPLIED
id ID #IMPLIED
%groupAttrs;>
<!ELEMENT %all; ((%annotation;)?, (%element;)*)>
<!ATTLIST %all;
minOccurs (1) #IMPLIED
maxOccurs (1) #IMPLIED
id ID #IMPLIED
%allAttrs;>
<!ELEMENT %choice; ((%annotation;)?, (%element;| %group;| %cs; | %any;)*)>
<!ATTLIST %choice;
minOccurs %nonNegativeInteger; #IMPLIED
maxOccurs CDATA #IMPLIED
id ID #IMPLIED
%choiceAttrs;>
<!ELEMENT %sequence; ((%annotation;)?, (%element;| %group;| %cs; | %any;)*)>
<!ATTLIST %sequence;
minOccurs %nonNegativeInteger; #IMPLIED
maxOccurs CDATA #IMPLIED
id ID #IMPLIED
%sequenceAttrs;>
<!-- an anonymous grouping in a model, or
a top-level named group definition, or a reference to same -->
<!-- Note that if order is 'all', group is not allowed inside.
If order is 'all' THIS group must be alone (or referenced alone) at
the top level of a content model -->
<!-- If order is 'all', minOccurs==maxOccurs==1 on element/any inside -->
<!-- Should allow minOccurs=0 inside order='all' . . . -->
<!ELEMENT %any; (%annotation;)?>
<!ATTLIST %any;
namespace CDATA '##any'
processContents (skip|lax|strict) 'strict'
minOccurs %nonNegativeInteger; '1'
maxOccurs CDATA '1'
id ID #IMPLIED
%anyAttrs;>
<!-- namespace is interpreted as follows:
##any - - any non-conflicting WFXML at all
##other - - any non-conflicting WFXML from namespace other
than targetNamespace
##local - - any unqualified non-conflicting WFXML/attribute
one or - - any non-conflicting WFXML from
more URI the listed namespaces
references
##targetNamespace ##local may appear in the above list,
with the obvious meaning -->
<!ELEMENT %anyAttribute; (%annotation;)?>
<!ATTLIST %anyAttribute;
namespace CDATA '##any'
processContents (skip|lax|strict) 'strict'
id ID #IMPLIED
%anyAttributeAttrs;>
<!-- namespace is interpreted as for 'any' above -->
<!-- simpleType only if no type|ref attribute -->
<!-- ref not allowed at top level, name iff at top level -->
<!ELEMENT %attribute; ((%annotation;)?, (%simpleType;)?)>
<!ATTLIST %attribute;
name %NCName; #IMPLIED
id ID #IMPLIED
ref %QName; #IMPLIED
type %QName; #IMPLIED
use (prohibited|optional|required) #IMPLIED
default CDATA #IMPLIED
fixed CDATA #IMPLIED
form %formValues; #IMPLIED
%attributeAttrs;>
<!-- type and ref are mutually exclusive.
name and ref are mutually exclusive, one is required -->
<!-- default for use is optional when nested, none otherwise -->
<!-- default and fixed are mutually exclusive -->
<!-- type attr and simpleType content are mutually exclusive -->
<!-- an attributeGroup is a named collection of attribute decls, or a
reference thereto -->
<!ELEMENT %attributeGroup; ((%annotation;)?,
(%attribute; | %attributeGroup;)*,
(%anyAttribute;)?) >
<!ATTLIST %attributeGroup;
name %NCName; #IMPLIED
id ID #IMPLIED
ref %QName; #IMPLIED
%attributeGroupAttrs;>
<!-- ref iff no content, no name. ref iff not top level -->
<!-- better reference mechanisms -->
<!ELEMENT %unique; ((%annotation;)?, %selector;, (%field;)+)>
<!ATTLIST %unique;
name %NCName; #REQUIRED
id ID #IMPLIED
%uniqueAttrs;>
<!ELEMENT %key; ((%annotation;)?, %selector;, (%field;)+)>
<!ATTLIST %key;
name %NCName; #REQUIRED
id ID #IMPLIED
%keyAttrs;>
<!ELEMENT %keyref; ((%annotation;)?, %selector;, (%field;)+)>
<!ATTLIST %keyref;
name %NCName; #REQUIRED
refer %QName; #REQUIRED
id ID #IMPLIED
%keyrefAttrs;>
<!ELEMENT %selector; ((%annotation;)?)>
<!ATTLIST %selector;
xpath %XPathExpr; #REQUIRED
id ID #IMPLIED
%selectorAttrs;>
<!ELEMENT %field; ((%annotation;)?)>
<!ATTLIST %field;
xpath %XPathExpr; #REQUIRED
id ID #IMPLIED
%fieldAttrs;>
<!-- Schema combination mechanisms -->
<!ELEMENT %include; (%annotation;)?>
<!ATTLIST %include;
schemaLocation %URIref; #REQUIRED
id ID #IMPLIED
%includeAttrs;>
<!ELEMENT %import; (%annotation;)?>
<!ATTLIST %import;
namespace %URIref; #IMPLIED
schemaLocation %URIref; #IMPLIED
id ID #IMPLIED
%importAttrs;>
<!ELEMENT %redefine; (%annotation; | %simpleType; | %complexType; |
%attributeGroup; | %group;)*>
<!ATTLIST %redefine;
schemaLocation %URIref; #REQUIRED
id ID #IMPLIED
%redefineAttrs;>
<!ELEMENT %notation; (%annotation;)?>
<!ATTLIST %notation;
name %NCName; #REQUIRED
id ID #IMPLIED
public CDATA #REQUIRED
system %URIref; #IMPLIED
%notationAttrs;>
<!-- Annotation is either application information or documentation -->
<!-- By having these here they are available for datatypes as well
as all the structures elements -->
<!ELEMENT %annotation; (%appinfo; | %documentation;)*>
<!ATTLIST %annotation; %annotationAttrs;>
<!-- User must define annotation elements in internal subset for this
to work -->
<!ELEMENT %appinfo; ANY> <!-- too restrictive -->
<!ATTLIST %appinfo;
source %URIref; #IMPLIED
id ID #IMPLIED
%appinfoAttrs;>
<!ELEMENT %documentation; ANY> <!-- too restrictive -->
<!ATTLIST %documentation;
source %URIref; #IMPLIED
id ID #IMPLIED
xml:lang CDATA #IMPLIED
%documentationAttrs;>
<!NOTATION XMLSchemaStructures PUBLIC
'structures' 'http://www.w3.org/2001/XMLSchema.xsd' >
<!NOTATION XML PUBLIC
'REC-xml-1998-0210' 'http://www.w3.org/TR/1998/REC-xml-19980210' >

2424
vmware-tools/vgauth/schemas/XMLSchema.xsd
View File

File diff suppressed because it is too large Load Diff

6
vmware-tools/vgauth/schemas/catalog.xml
View File

@@ -1,6 +0,0 @@
<?xml version="1.0"?>
<!DOCTYPE catalog PUBLIC "-//OASIS//DTD Entity Resolution XML Catalog V1.0//EN" "http://www.oasis-open.org/committees/entity/release/1.0/catalog.dtd">
<catalog xmlns="urn:oasis:names:tc:entity:xmlns:xml:catalog">
<uri name="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd" uri="xmldsig-core-schema.xsd"/>
<uri name="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd" uri="xenc-schema.xsd"/>
</catalog>

203
vmware-tools/vgauth/schemas/datatypes.dtd
View File

@@ -1,203 +0,0 @@
<!--
DTD for XML Schemas: Part 2: Datatypes
$Id: datatypes.dtd,v 1.23 2001/03/16 17:36:30 ht Exp $
Note this DTD is NOT normative, or even definitive. - - the
prose copy in the datatypes REC is the definitive version
(which shouldn't differ from this one except for this comment
and entity expansions, but just in case)
-->
<!--
This DTD cannot be used on its own, it is intended
only for incorporation in XMLSchema.dtd, q.v.
-->
<!-- Define all the element names, with optional prefix -->
<!ENTITY % simpleType "%p;simpleType">
<!ENTITY % restriction "%p;restriction">
<!ENTITY % list "%p;list">
<!ENTITY % union "%p;union">
<!ENTITY % maxExclusive "%p;maxExclusive">
<!ENTITY % minExclusive "%p;minExclusive">
<!ENTITY % maxInclusive "%p;maxInclusive">
<!ENTITY % minInclusive "%p;minInclusive">
<!ENTITY % totalDigits "%p;totalDigits">
<!ENTITY % fractionDigits "%p;fractionDigits">
<!ENTITY % length "%p;length">
<!ENTITY % minLength "%p;minLength">
<!ENTITY % maxLength "%p;maxLength">
<!ENTITY % enumeration "%p;enumeration">
<!ENTITY % whiteSpace "%p;whiteSpace">
<!ENTITY % pattern "%p;pattern">
<!--
Customisation entities for the ATTLIST of each element
type. Define one of these if your schema takes advantage
of the anyAttribute='##other' in the schema for schemas
-->
<!ENTITY % simpleTypeAttrs "">
<!ENTITY % restrictionAttrs "">
<!ENTITY % listAttrs "">
<!ENTITY % unionAttrs "">
<!ENTITY % maxExclusiveAttrs "">
<!ENTITY % minExclusiveAttrs "">
<!ENTITY % maxInclusiveAttrs "">
<!ENTITY % minInclusiveAttrs "">
<!ENTITY % totalDigitsAttrs "">
<!ENTITY % fractionDigitsAttrs "">
<!ENTITY % lengthAttrs "">
<!ENTITY % minLengthAttrs "">
<!ENTITY % maxLengthAttrs "">
<!ENTITY % enumerationAttrs "">
<!ENTITY % whiteSpaceAttrs "">
<!ENTITY % patternAttrs "">
<!-- Define some entities for informative use as attribute
types -->
<!ENTITY % URIref "CDATA">
<!ENTITY % XPathExpr "CDATA">
<!ENTITY % QName "NMTOKEN">
<!ENTITY % QNames "NMTOKENS">
<!ENTITY % NCName "NMTOKEN">
<!ENTITY % nonNegativeInteger "NMTOKEN">
<!ENTITY % boolean "(true|false)">
<!ENTITY % simpleDerivationSet "CDATA">
<!--
#all or space-separated list drawn from derivationChoice
-->
<!--
Note that the use of 'facet' below is less restrictive
than is really intended: There should in fact be no
more than one of each of minInclusive, minExclusive,
maxInclusive, maxExclusive, totalDigits, fractionDigits,
length, maxLength, minLength within datatype,
and the min- and max- variants of Inclusive and Exclusive
are mutually exclusive. On the other hand, pattern and
enumeration may repeat.
-->
<!ENTITY % minBound "(%minInclusive; | %minExclusive;)">
<!ENTITY % maxBound "(%maxInclusive; | %maxExclusive;)">
<!ENTITY % bounds "%minBound; | %maxBound;">
<!ENTITY % numeric "%totalDigits; | %fractionDigits;">
<!ENTITY % ordered "%bounds; | %numeric;">
<!ENTITY % unordered
"%pattern; | %enumeration; | %whiteSpace; | %length; |
%maxLength; | %minLength;">
<!ENTITY % facet "%ordered; | %unordered;">
<!ENTITY % facetAttr
"value CDATA #REQUIRED
id ID #IMPLIED">
<!ENTITY % fixedAttr "fixed %boolean; #IMPLIED">
<!ENTITY % facetModel "(%annotation;)?">
<!ELEMENT %simpleType;
((%annotation;)?, (%restriction; | %list; | %union;))>
<!ATTLIST %simpleType;
name %NCName; #IMPLIED
final %simpleDerivationSet; #IMPLIED
id ID #IMPLIED
%simpleTypeAttrs;>
<!-- name is required at top level -->
<!ELEMENT %restriction; ((%annotation;)?,
(%restriction1; |
((%simpleType;)?,(%facet;)*)),
(%attrDecls;))>
<!ATTLIST %restriction;
base %QName; #IMPLIED
id ID #IMPLIED
%restrictionAttrs;>
<!--
base and simpleType child are mutually exclusive,
one is required.
restriction is shared between simpleType and
simpleContent and complexContent (in XMLSchema.xsd).
restriction1 is for the latter cases, when this
is restricting a complex type, as is attrDecls.
-->
<!ELEMENT %list; ((%annotation;)?,(%simpleType;)?)>
<!ATTLIST %list;
itemType %QName; #IMPLIED
id ID #IMPLIED
%listAttrs;>
<!--
itemType and simpleType child are mutually exclusive,
one is required
-->
<!ELEMENT %union; ((%annotation;)?,(%simpleType;)*)>
<!ATTLIST %union;
id ID #IMPLIED
memberTypes %QNames; #IMPLIED
%unionAttrs;>
<!--
At least one item in memberTypes or one simpleType
child is required
-->
<!ELEMENT %maxExclusive; %facetModel;>
<!ATTLIST %maxExclusive;
%facetAttr;
%fixedAttr;
%maxExclusiveAttrs;>
<!ELEMENT %minExclusive; %facetModel;>
<!ATTLIST %minExclusive;
%facetAttr;
%fixedAttr;
%minExclusiveAttrs;>
<!ELEMENT %maxInclusive; %facetModel;>
<!ATTLIST %maxInclusive;
%facetAttr;
%fixedAttr;
%maxInclusiveAttrs;>
<!ELEMENT %minInclusive; %facetModel;>
<!ATTLIST %minInclusive;
%facetAttr;
%fixedAttr;
%minInclusiveAttrs;>
<!ELEMENT %totalDigits; %facetModel;>
<!ATTLIST %totalDigits;
%facetAttr;
%fixedAttr;
%totalDigitsAttrs;>
<!ELEMENT %fractionDigits; %facetModel;>
<!ATTLIST %fractionDigits;
%facetAttr;
%fixedAttr;
%fractionDigitsAttrs;>
<!ELEMENT %length; %facetModel;>
<!ATTLIST %length;
%facetAttr;
%fixedAttr;
%lengthAttrs;>
<!ELEMENT %minLength; %facetModel;>
<!ATTLIST %minLength;
%facetAttr;
%fixedAttr;
%minLengthAttrs;>
<!ELEMENT %maxLength; %facetModel;>
<!ATTLIST %maxLength;
%facetAttr;
%fixedAttr;
%maxLengthAttrs;>
<!-- This one can be repeated -->
<!ELEMENT %enumeration; %facetModel;>
<!ATTLIST %enumeration;
%facetAttr;
%enumerationAttrs;>
<!ELEMENT %whiteSpace; %facetModel;>
<!ATTLIST %whiteSpace;
%facetAttr;
%fixedAttr;
%whiteSpaceAttrs;>
<!-- This one can be repeated -->
<!ELEMENT %pattern; %facetModel;>
<!ATTLIST %pattern;
%facetAttr;
%patternAttrs;>

283
vmware-tools/vgauth/schemas/saml-schema-assertion-2.0.xsd
View File

@@ -1,283 +0,0 @@
<?xml version="1.0" encoding="US-ASCII"?>
<schema
targetNamespace="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns="http://www.w3.org/2001/XMLSchema"
xmlns:saml="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
elementFormDefault="unqualified"
attributeFormDefault="unqualified"
blockDefault="substitution"
version="2.0">
<import namespace="http://www.w3.org/2000/09/xmldsig#"
schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
<import namespace="http://www.w3.org/2001/04/xmlenc#"
schemaLocation="http://www.w3.org/TR/2002/REC-xmlenc-core-20021210/xenc-schema.xsd"/>
<annotation>
<documentation>
Document identifier: saml-schema-assertion-2.0
Location: http://docs.oasis-open.org/security/saml/v2.0/
Revision history:
V1.0 (November, 2002):
Initial Standard Schema.
V1.1 (September, 2003):
Updates within the same V1.0 namespace.
V2.0 (March, 2005):
New assertion schema for SAML V2.0 namespace.
</documentation>
</annotation>
<attributeGroup name="IDNameQualifiers">
<attribute name="NameQualifier" type="string" use="optional"/>
<attribute name="SPNameQualifier" type="string" use="optional"/>
</attributeGroup>
<element name="BaseID" type="saml:BaseIDAbstractType"/>
<complexType name="BaseIDAbstractType" abstract="true">
<attributeGroup ref="saml:IDNameQualifiers"/>
</complexType>
<element name="NameID" type="saml:NameIDType"/>
<complexType name="NameIDType">
<simpleContent>
<extension base="string">
<attributeGroup ref="saml:IDNameQualifiers"/>
<attribute name="Format" type="anyURI" use="optional"/>
<attribute name="SPProvidedID" type="string" use="optional"/>
</extension>
</simpleContent>
</complexType>
<complexType name="EncryptedElementType">
<sequence>
<element ref="xenc:EncryptedData"/>
<element ref="xenc:EncryptedKey" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
</complexType>
<element name="EncryptedID" type="saml:EncryptedElementType"/>
<element name="Issuer" type="saml:NameIDType"/>
<element name="AssertionIDRef" type="NCName"/>
<element name="AssertionURIRef" type="anyURI"/>
<element name="Assertion" type="saml:AssertionType"/>
<complexType name="AssertionType">
<sequence>
<element ref="saml:Issuer"/>
<element ref="ds:Signature" minOccurs="0"/>
<element ref="saml:Subject" minOccurs="0"/>
<element ref="saml:Conditions" minOccurs="0"/>
<element ref="saml:Advice" minOccurs="0"/>
<choice minOccurs="0" maxOccurs="unbounded">
<element ref="saml:Statement"/>
<element ref="saml:AuthnStatement"/>
<element ref="saml:AuthzDecisionStatement"/>
<element ref="saml:AttributeStatement"/>
</choice>
</sequence>
<attribute name="Version" type="string" use="required"/>
<attribute name="ID" type="ID" use="required"/>
<attribute name="IssueInstant" type="dateTime" use="required"/>
</complexType>
<element name="Subject" type="saml:SubjectType"/>
<complexType name="SubjectType">
<choice>
<sequence>
<choice>
<element ref="saml:BaseID"/>
<element ref="saml:NameID"/>
<element ref="saml:EncryptedID"/>
</choice>
<element ref="saml:SubjectConfirmation" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<element ref="saml:SubjectConfirmation" maxOccurs="unbounded"/>
</choice>
</complexType>
<element name="SubjectConfirmation" type="saml:SubjectConfirmationType"/>
<complexType name="SubjectConfirmationType">
<sequence>
<choice minOccurs="0">
<element ref="saml:BaseID"/>
<element ref="saml:NameID"/>
<element ref="saml:EncryptedID"/>
</choice>
<element ref="saml:SubjectConfirmationData" minOccurs="0"/>
</sequence>
<attribute name="Method" type="anyURI" use="required"/>
</complexType>
<element name="SubjectConfirmationData" type="saml:SubjectConfirmationDataType"/>
<complexType name="SubjectConfirmationDataType" mixed="true">
<complexContent>
<restriction base="anyType">
<sequence>
<any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="NotBefore" type="dateTime" use="optional"/>
<attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
<attribute name="Recipient" type="anyURI" use="optional"/>
<attribute name="InResponseTo" type="NCName" use="optional"/>
<attribute name="Address" type="string" use="optional"/>
<anyAttribute namespace="##other" processContents="lax"/>
</restriction>
</complexContent>
</complexType>
<complexType name="KeyInfoConfirmationDataType" mixed="false">
<complexContent>
<restriction base="saml:SubjectConfirmationDataType">
<sequence>
<element ref="ds:KeyInfo" maxOccurs="unbounded"/>
</sequence>
</restriction>
</complexContent>
</complexType>
<element name="Conditions" type="saml:ConditionsType"/>
<complexType name="ConditionsType">
<choice minOccurs="0" maxOccurs="unbounded">
<element ref="saml:Condition"/>
<element ref="saml:AudienceRestriction"/>
<element ref="saml:OneTimeUse"/>
<element ref="saml:ProxyRestriction"/>
</choice>
<attribute name="NotBefore" type="dateTime" use="optional"/>
<attribute name="NotOnOrAfter" type="dateTime" use="optional"/>
</complexType>
<element name="Condition" type="saml:ConditionAbstractType"/>
<complexType name="ConditionAbstractType" abstract="true"/>
<element name="AudienceRestriction" type="saml:AudienceRestrictionType"/>
<complexType name="AudienceRestrictionType">
<complexContent>
<extension base="saml:ConditionAbstractType">
<sequence>
<element ref="saml:Audience" maxOccurs="unbounded"/>
</sequence>
</extension>
</complexContent>
</complexType>
<element name="Audience" type="anyURI"/>
<element name="OneTimeUse" type="saml:OneTimeUseType" />
<complexType name="OneTimeUseType">
<complexContent>
<extension base="saml:ConditionAbstractType"/>
</complexContent>
</complexType>
<element name="ProxyRestriction" type="saml:ProxyRestrictionType"/>
<complexType name="ProxyRestrictionType">
<complexContent>
<extension base="saml:ConditionAbstractType">
<sequence>
<element ref="saml:Audience" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="Count" type="nonNegativeInteger" use="optional"/>
</extension>
</complexContent>
</complexType>
<element name="Advice" type="saml:AdviceType"/>
<complexType name="AdviceType">
<choice minOccurs="0" maxOccurs="unbounded">
<element ref="saml:AssertionIDRef"/>
<element ref="saml:AssertionURIRef"/>
<element ref="saml:Assertion"/>
<element ref="saml:EncryptedAssertion"/>
<any namespace="##other" processContents="lax"/>
</choice>
</complexType>
<element name="EncryptedAssertion" type="saml:EncryptedElementType"/>
<element name="Statement" type="saml:StatementAbstractType"/>
<complexType name="StatementAbstractType" abstract="true"/>
<element name="AuthnStatement" type="saml:AuthnStatementType"/>
<complexType name="AuthnStatementType">
<complexContent>
<extension base="saml:StatementAbstractType">
<sequence>
<element ref="saml:SubjectLocality" minOccurs="0"/>
<element ref="saml:AuthnContext"/>
</sequence>
<attribute name="AuthnInstant" type="dateTime" use="required"/>
<attribute name="SessionIndex" type="string" use="optional"/>
<attribute name="SessionNotOnOrAfter" type="dateTime" use="optional"/>
</extension>
</complexContent>
</complexType>
<element name="SubjectLocality" type="saml:SubjectLocalityType"/>
<complexType name="SubjectLocalityType">
<attribute name="Address" type="string" use="optional"/>
<attribute name="DNSName" type="string" use="optional"/>
</complexType>
<element name="AuthnContext" type="saml:AuthnContextType"/>
<complexType name="AuthnContextType">
<sequence>
<choice>
<sequence>
<element ref="saml:AuthnContextClassRef"/>
<choice minOccurs="0">
<element ref="saml:AuthnContextDecl"/>
<element ref="saml:AuthnContextDeclRef"/>
</choice>
</sequence>
<choice>
<element ref="saml:AuthnContextDecl"/>
<element ref="saml:AuthnContextDeclRef"/>
</choice>
</choice>
<element ref="saml:AuthenticatingAuthority" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
</complexType>
<element name="AuthnContextClassRef" type="anyURI"/>
<element name="AuthnContextDeclRef" type="anyURI"/>
<element name="AuthnContextDecl" type="anyType"/>
<element name="AuthenticatingAuthority" type="anyURI"/>
<element name="AuthzDecisionStatement" type="saml:AuthzDecisionStatementType"/>
<complexType name="AuthzDecisionStatementType">
<complexContent>
<extension base="saml:StatementAbstractType">
<sequence>
<element ref="saml:Action" maxOccurs="unbounded"/>
<element ref="saml:Evidence" minOccurs="0"/>
</sequence>
<attribute name="Resource" type="anyURI" use="required"/>
<attribute name="Decision" type="saml:DecisionType" use="required"/>
</extension>
</complexContent>
</complexType>
<simpleType name="DecisionType">
<restriction base="string">
<enumeration value="Permit"/>
<enumeration value="Deny"/>
<enumeration value="Indeterminate"/>
</restriction>
</simpleType>
<element name="Action" type="saml:ActionType"/>
<complexType name="ActionType">
<simpleContent>
<extension base="string">
<attribute name="Namespace" type="anyURI" use="required"/>
</extension>
</simpleContent>
</complexType>
<element name="Evidence" type="saml:EvidenceType"/>
<complexType name="EvidenceType">
<choice maxOccurs="unbounded">
<element ref="saml:AssertionIDRef"/>
<element ref="saml:AssertionURIRef"/>
<element ref="saml:Assertion"/>
<element ref="saml:EncryptedAssertion"/>
</choice>
</complexType>
<element name="AttributeStatement" type="saml:AttributeStatementType"/>
<complexType name="AttributeStatementType">
<complexContent>
<extension base="saml:StatementAbstractType">
<choice maxOccurs="unbounded">
<element ref="saml:Attribute"/>
<element ref="saml:EncryptedAttribute"/>
</choice>
</extension>
</complexContent>
</complexType>
<element name="Attribute" type="saml:AttributeType"/>
<complexType name="AttributeType">
<sequence>
<element ref="saml:AttributeValue" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="Name" type="string" use="required"/>
<attribute name="NameFormat" type="anyURI" use="optional"/>
<attribute name="FriendlyName" type="string" use="optional"/>
<anyAttribute namespace="##other" processContents="lax"/>
</complexType>
<element name="AttributeValue" type="anyType" nillable="true"/>
<element name="EncryptedAttribute" type="saml:EncryptedElementType"/>
</schema>

135
vmware-tools/vgauth/schemas/xenc-schema.xsd
View File

@@ -1,135 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "XMLSchema.dtd" [
<!ATTLIST schema
xmlns:xenc CDATA #FIXED 'http://www.w3.org/2001/04/xmlenc#'
xmlns:ds CDATA #FIXED 'http://www.w3.org/2000/09/xmldsig#'>
<!ENTITY xenc 'http://www.w3.org/2001/04/xmlenc#'>
<!ENTITY % p ''>
<!ENTITY % s ''>
]>
<schema xmlns="http://www.w3.org/2001/XMLSchema" version="1.0" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.w3.org/2001/04/xmlenc#" elementFormDefault="qualified">
<import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/2002/REC-xmldsig-core-20020212/xmldsig-core-schema.xsd"/>
<complexType name="EncryptedType" abstract="true">
<sequence>
<element name="EncryptionMethod" type="xenc:EncryptionMethodType" minOccurs="0"/>
<element ref="ds:KeyInfo" minOccurs="0"/>
<element ref="xenc:CipherData"/>
<element ref="xenc:EncryptionProperties" minOccurs="0"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
<attribute name="Type" type="anyURI" use="optional"/>
<attribute name="MimeType" type="string" use="optional"/>
<attribute name="Encoding" type="anyURI" use="optional"/>
</complexType>
<complexType name="EncryptionMethodType" mixed="true">
<sequence>
<element name="KeySize" minOccurs="0" type="xenc:KeySizeType"/>
<element name="OAEPparams" minOccurs="0" type="base64Binary"/>
<any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="Algorithm" type="anyURI" use="required"/>
</complexType>
<simpleType name="KeySizeType">
<restriction base="integer"/>
</simpleType>
<element name="CipherData" type="xenc:CipherDataType"/>
<complexType name="CipherDataType">
<choice>
<element name="CipherValue" type="base64Binary"/>
<element ref="xenc:CipherReference"/>
</choice>
</complexType>
<element name="CipherReference" type="xenc:CipherReferenceType"/>
<complexType name="CipherReferenceType">
<choice>
<element name="Transforms" type="xenc:TransformsType" minOccurs="0"/>
</choice>
<attribute name="URI" type="anyURI" use="required"/>
</complexType>
<complexType name="TransformsType">
<sequence>
<element ref="ds:Transform" maxOccurs="unbounded"/>
</sequence>
</complexType>
<element name="EncryptedData" type="xenc:EncryptedDataType"/>
<complexType name="EncryptedDataType">
<complexContent>
<extension base="xenc:EncryptedType">
</extension>
</complexContent>
</complexType>
<!-- Children of ds:KeyInfo -->
<element name="EncryptedKey" type="xenc:EncryptedKeyType"/>
<complexType name="EncryptedKeyType">
<complexContent>
<extension base="xenc:EncryptedType">
<sequence>
<element ref="xenc:ReferenceList" minOccurs="0"/>
<element name="CarriedKeyName" type="string" minOccurs="0"/>
</sequence>
<attribute name="Recipient" type="string" use="optional"/>
</extension>
</complexContent>
</complexType>
<element name="AgreementMethod" type="xenc:AgreementMethodType"/>
<complexType name="AgreementMethodType" mixed="true">
<sequence>
<element name="KA-Nonce" minOccurs="0" type="base64Binary"/>
<!-- <element ref="ds:DigestMethod" minOccurs="0"/> -->
<any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
<element name="OriginatorKeyInfo" minOccurs="0" type="ds:KeyInfoType"/>
<element name="RecipientKeyInfo" minOccurs="0" type="ds:KeyInfoType"/>
</sequence>
<attribute name="Algorithm" type="anyURI" use="required"/>
</complexType>
<!-- End Children of ds:KeyInfo -->
<element name="ReferenceList">
<complexType>
<choice minOccurs="1" maxOccurs="unbounded">
<element name="DataReference" type="xenc:ReferenceType"/>
<element name="KeyReference" type="xenc:ReferenceType"/>
</choice>
</complexType>
</element>
<complexType name="ReferenceType">
<sequence>
<any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="URI" type="anyURI" use="required"/>
</complexType>
<element name="EncryptionProperties" type="xenc:EncryptionPropertiesType"/>
<complexType name="EncryptionPropertiesType">
<sequence>
<element ref="xenc:EncryptionProperty" maxOccurs="unbounded"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
<element name="EncryptionProperty" type="xenc:EncryptionPropertyType"/>
<complexType name="EncryptionPropertyType" mixed="true">
<choice maxOccurs="unbounded">
<any namespace="##other" processContents="lax"/>
</choice>
<attribute name="Target" type="anyURI" use="optional"/>
<attribute name="Id" type="ID" use="optional"/>
<anyAttribute namespace="http://www.w3.org/XML/1998/namespace"/>
</complexType>
</schema>

287
vmware-tools/vgauth/schemas/xml.xsd
View File

@@ -1,287 +0,0 @@
<?xml version='1.0'?>
<?xml-stylesheet href="../2008/09/xsd.xsl" type="text/xsl"?>
<xs:schema targetNamespace="http://www.w3.org/XML/1998/namespace"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns ="http://www.w3.org/1999/xhtml"
xml:lang="en">
<xs:annotation>
<xs:documentation>
<div>
<h1>About the XML namespace</h1>
<div class="bodytext">
<p>
This schema document describes the XML namespace, in a form
suitable for import by other schema documents.
</p>
<p>
See <a href="http://www.w3.org/XML/1998/namespace.html">
http://www.w3.org/XML/1998/namespace.html</a> and
<a href="http://www.w3.org/TR/REC-xml">
http://www.w3.org/TR/REC-xml</a> for information
about this namespace.
</p>
<p>
Note that local names in this namespace are intended to be
defined only by the World Wide Web Consortium or its subgroups.
The names currently defined in this namespace are listed below.
They should not be used with conflicting semantics by any Working
Group, specification, or document instance.
</p>
<p>
See further below in this document for more information about <a
href="#usage">how to refer to this schema document from your own
XSD schema documents</a> and about <a href="#nsversioning">the
namespace-versioning policy governing this schema document</a>.
</p>
</div>
</div>
</xs:documentation>
</xs:annotation>
<xs:attribute name="lang">
<xs:annotation>
<xs:documentation>
<div>
<h3>lang (as an attribute name)</h3>
<p>
denotes an attribute whose value
is a language code for the natural language of the content of
any element; its value is inherited. This name is reserved
by virtue of its definition in the XML specification.</p>
</div>
<div>
<h4>Notes</h4>
<p>
Attempting to install the relevant ISO 2- and 3-letter
codes as the enumerated possible values is probably never
going to be a realistic possibility.
</p>
<p>
See BCP 47 at <a href="http://www.rfc-editor.org/rfc/bcp/bcp47.txt">
http://www.rfc-editor.org/rfc/bcp/bcp47.txt</a>
and the IANA language subtag registry at
<a href="http://www.iana.org/assignments/language-subtag-registry">
http://www.iana.org/assignments/language-subtag-registry</a>
for further information.
</p>
<p>
The union allows for the 'un-declaration' of xml:lang with
the empty string.
</p>
</div>
</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:union memberTypes="xs:language">
<xs:simpleType>
<xs:restriction base="xs:string">
<xs:enumeration value=""/>
</xs:restriction>
</xs:simpleType>
</xs:union>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="space">
<xs:annotation>
<xs:documentation>
<div>
<h3>space (as an attribute name)</h3>
<p>
denotes an attribute whose
value is a keyword indicating what whitespace processing
discipline is intended for the content of the element; its
value is inherited. This name is reserved by virtue of its
definition in the XML specification.</p>
</div>
</xs:documentation>
</xs:annotation>
<xs:simpleType>
<xs:restriction base="xs:NCName">
<xs:enumeration value="default"/>
<xs:enumeration value="preserve"/>
</xs:restriction>
</xs:simpleType>
</xs:attribute>
<xs:attribute name="base" type="xs:anyURI"> <xs:annotation>
<xs:documentation>
<div>
<h3>base (as an attribute name)</h3>
<p>
denotes an attribute whose value
provides a URI to be used as the base for interpreting any
relative URIs in the scope of the element on which it
appears; its value is inherited. This name is reserved
by virtue of its definition in the XML Base specification.</p>
<p>
See <a
href="http://www.w3.org/TR/xmlbase/">http://www.w3.org/TR/xmlbase/</a>
for information about this attribute.
</p>
</div>
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attribute name="id" type="xs:ID">
<xs:annotation>
<xs:documentation>
<div>
<h3>id (as an attribute name)</h3>
<p>
denotes an attribute whose value
should be interpreted as if declared to be of type ID.
This name is reserved by virtue of its definition in the
xml:id specification.</p>
<p>
See <a
href="http://www.w3.org/TR/xml-id/">http://www.w3.org/TR/xml-id/</a>
for information about this attribute.
</p>
</div>
</xs:documentation>
</xs:annotation>
</xs:attribute>
<xs:attributeGroup name="specialAttrs">
<xs:attribute ref="xml:base"/>
<xs:attribute ref="xml:lang"/>
<xs:attribute ref="xml:space"/>
<xs:attribute ref="xml:id"/>
</xs:attributeGroup>
<xs:annotation>
<xs:documentation>
<div>
<h3>Father (in any context at all)</h3>
<div class="bodytext">
<p>
denotes Jon Bosak, the chair of
the original XML Working Group. This name is reserved by
the following decision of the W3C XML Plenary and
XML Coordination groups:
</p>
<blockquote>
<p>
In appreciation for his vision, leadership and
dedication the W3C XML Plenary on this 10th day of
February, 2000, reserves for Jon Bosak in perpetuity
the XML name "xml:Father".
</p>
</blockquote>
</div>
</div>
</xs:documentation>
</xs:annotation>
<xs:annotation>
<xs:documentation>
<div xml:id="usage" id="usage">
<h2><a name="usage">About this schema document</a></h2>
<div class="bodytext">
<p>
This schema defines attributes and an attribute group suitable
for use by schemas wishing to allow <code>xml:base</code>,
<code>xml:lang</code>, <code>xml:space</code> or
<code>xml:id</code> attributes on elements they define.
</p>
<p>
To enable this, such a schema must import this schema for
the XML namespace, e.g. as follows:
</p>
<pre>
&lt;schema . . .>
. . .
&lt;import namespace="http://www.w3.org/XML/1998/namespace"
schemaLocation="http://www.w3.org/2001/xml.xsd"/>
</pre>
<p>
or
</p>
<pre>
&lt;import namespace="http://www.w3.org/XML/1998/namespace"
schemaLocation="http://www.w3.org/2009/01/xml.xsd"/>
</pre>
<p>
Subsequently, qualified reference to any of the attributes or the
group defined below will have the desired effect, e.g.
</p>
<pre>
&lt;type . . .>
. . .
&lt;attributeGroup ref="xml:specialAttrs"/>
</pre>
<p>
will define a type which will schema-validate an instance element
with any of those attributes.
</p>
</div>
</div>
</xs:documentation>
</xs:annotation>
<xs:annotation>
<xs:documentation>
<div id="nsversioning" xml:id="nsversioning">
<h2><a name="nsversioning">Versioning policy for this schema document</a></h2>
<div class="bodytext">
<p>
In keeping with the XML Schema WG's standard versioning
policy, this schema document will persist at
<a href="http://www.w3.org/2009/01/xml.xsd">
http://www.w3.org/2009/01/xml.xsd</a>.
</p>
<p>
At the date of issue it can also be found at
<a href="http://www.w3.org/2001/xml.xsd">
http://www.w3.org/2001/xml.xsd</a>.
</p>
<p>
The schema document at that URI may however change in the future,
in order to remain compatible with the latest version of XML
Schema itself, or with the XML namespace itself. In other words,
if the XML Schema or XML namespaces change, the version of this
document at <a href="http://www.w3.org/2001/xml.xsd">
http://www.w3.org/2001/xml.xsd
</a>
will change accordingly; the version at
<a href="http://www.w3.org/2009/01/xml.xsd">
http://www.w3.org/2009/01/xml.xsd
</a>
will not change.
</p>
<p>
Previous dated (and unchanging) versions of this schema
document are at:
</p>
<ul>
<li><a href="http://www.w3.org/2009/01/xml.xsd">
http://www.w3.org/2009/01/xml.xsd</a></li>
<li><a href="http://www.w3.org/2007/08/xml.xsd">
http://www.w3.org/2007/08/xml.xsd</a></li>
<li><a href="http://www.w3.org/2004/10/xml.xsd">
http://www.w3.org/2004/10/xml.xsd</a></li>
<li><a href="http://www.w3.org/2001/03/xml.xsd">
http://www.w3.org/2001/03/xml.xsd</a></li>
</ul>
</div>
</div>
</xs:documentation>
</xs:annotation>
</xs:schema>

308
vmware-tools/vgauth/schemas/xmldsig-core-schema.xsd
View File

@@ -1,308 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE schema PUBLIC "-//W3C//DTD XMLSchema 200102//EN" "XMLSchema.dtd" [
<!ATTLIST schema
xmlns:ds CDATA #FIXED "http://www.w3.org/2000/09/xmldsig#">
<!ENTITY dsig 'http://www.w3.org/2000/09/xmldsig#'>
<!ENTITY % p ''>
<!ENTITY % s ''>
]>
<!-- Schema for XML Signatures
http://www.w3.org/2000/09/xmldsig#
$Revision: 1.1 $ on $Date: 2002/02/08 20:32:26 $ by $Author: reagle $
Copyright 2001 The Internet Society and W3C (Massachusetts Institute
of Technology, Institut National de Recherche en Informatique et en
Automatique, Keio University). All Rights Reserved.
http://www.w3.org/Consortium/Legal/
This document is governed by the W3C Software License [1] as described
in the FAQ [2].
[1] http://www.w3.org/Consortium/Legal/copyright-software-19980720
[2] http://www.w3.org/Consortium/Legal/IPR-FAQ-20000620.html#DTD
-->
<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" targetNamespace="http://www.w3.org/2000/09/xmldsig#" version="0.1" elementFormDefault="qualified">
<!-- Basic Types Defined for Signatures -->
<simpleType name="CryptoBinary">
<restriction base="base64Binary">
</restriction>
</simpleType>
<!-- Start Signature -->
<element name="Signature" type="ds:SignatureType"/>
<complexType name="SignatureType">
<sequence>
<element ref="ds:SignedInfo"/>
<element ref="ds:SignatureValue"/>
<element ref="ds:KeyInfo" minOccurs="0"/>
<element ref="ds:Object" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
<element name="SignatureValue" type="ds:SignatureValueType"/>
<complexType name="SignatureValueType">
<simpleContent>
<extension base="base64Binary">
<attribute name="Id" type="ID" use="optional"/>
</extension>
</simpleContent>
</complexType>
<!-- Start SignedInfo -->
<element name="SignedInfo" type="ds:SignedInfoType"/>
<complexType name="SignedInfoType">
<sequence>
<element ref="ds:CanonicalizationMethod"/>
<element ref="ds:SignatureMethod"/>
<element ref="ds:Reference" maxOccurs="unbounded"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
<element name="CanonicalizationMethod" type="ds:CanonicalizationMethodType"/>
<complexType name="CanonicalizationMethodType" mixed="true">
<sequence>
<any namespace="##any" minOccurs="0" maxOccurs="unbounded"/>
<!-- (0,unbounded) elements from (1,1) namespace -->
</sequence>
<attribute name="Algorithm" type="anyURI" use="required"/>
</complexType>
<element name="SignatureMethod" type="ds:SignatureMethodType"/>
<complexType name="SignatureMethodType" mixed="true">
<sequence>
<element name="HMACOutputLength" minOccurs="0" type="ds:HMACOutputLengthType"/>
<any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
<!-- (0,unbounded) elements from (1,1) external namespace -->
</sequence>
<attribute name="Algorithm" type="anyURI" use="required"/>
</complexType>
<!-- Start Reference -->
<element name="Reference" type="ds:ReferenceType"/>
<complexType name="ReferenceType">
<sequence>
<element ref="ds:Transforms" minOccurs="0"/>
<element ref="ds:DigestMethod"/>
<element ref="ds:DigestValue"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
<attribute name="URI" type="anyURI" use="optional"/>
<attribute name="Type" type="anyURI" use="optional"/>
</complexType>
<element name="Transforms" type="ds:TransformsType"/>
<complexType name="TransformsType">
<sequence>
<element ref="ds:Transform" maxOccurs="unbounded"/>
</sequence>
</complexType>
<element name="Transform" type="ds:TransformType"/>
<complexType name="TransformType" mixed="true">
<choice minOccurs="0" maxOccurs="unbounded">
<any namespace="##other" processContents="lax"/>
<!-- (1,1) elements from (0,unbounded) namespaces -->
<element name="XPath" type="string"/>
</choice>
<attribute name="Algorithm" type="anyURI" use="required"/>
</complexType>
<!-- End Reference -->
<element name="DigestMethod" type="ds:DigestMethodType"/>
<complexType name="DigestMethodType" mixed="true">
<sequence>
<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<attribute name="Algorithm" type="anyURI" use="required"/>
</complexType>
<element name="DigestValue" type="ds:DigestValueType"/>
<simpleType name="DigestValueType">
<restriction base="base64Binary"/>
</simpleType>
<!-- End SignedInfo -->
<!-- Start KeyInfo -->
<element name="KeyInfo" type="ds:KeyInfoType"/>
<complexType name="KeyInfoType" mixed="true">
<choice maxOccurs="unbounded">
<element ref="ds:KeyName"/>
<element ref="ds:KeyValue"/>
<element ref="ds:RetrievalMethod"/>
<element ref="ds:X509Data"/>
<element ref="ds:PGPData"/>
<element ref="ds:SPKIData"/>
<element ref="ds:MgmtData"/>
<any processContents="lax" namespace="##other"/>
<!-- (1,1) elements from (0,unbounded) namespaces -->
</choice>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
<element name="KeyName" type="string"/>
<element name="MgmtData" type="string"/>
<element name="KeyValue" type="ds:KeyValueType"/>
<complexType name="KeyValueType" mixed="true">
<choice>
<element ref="ds:DSAKeyValue"/>
<element ref="ds:RSAKeyValue"/>
<any namespace="##other" processContents="lax"/>
</choice>
</complexType>
<element name="RetrievalMethod" type="ds:RetrievalMethodType"/>
<complexType name="RetrievalMethodType">
<sequence>
<element ref="ds:Transforms" minOccurs="0"/>
</sequence>
<attribute name="URI" type="anyURI"/>
<attribute name="Type" type="anyURI" use="optional"/>
</complexType>
<!-- Start X509Data -->
<element name="X509Data" type="ds:X509DataType"/>
<complexType name="X509DataType">
<sequence maxOccurs="unbounded">
<choice>
<element name="X509IssuerSerial" type="ds:X509IssuerSerialType"/>
<element name="X509SKI" type="base64Binary"/>
<element name="X509SubjectName" type="string"/>
<element name="X509Certificate" type="base64Binary"/>
<element name="X509CRL" type="base64Binary"/>
<any namespace="##other" processContents="lax"/>
</choice>
</sequence>
</complexType>
<complexType name="X509IssuerSerialType">
<sequence>
<element name="X509IssuerName" type="string"/>
<element name="X509SerialNumber" type="integer"/>
</sequence>
</complexType>
<!-- End X509Data -->
<!-- Begin PGPData -->
<element name="PGPData" type="ds:PGPDataType"/>
<complexType name="PGPDataType">
<choice>
<sequence>
<element name="PGPKeyID" type="base64Binary"/>
<element name="PGPKeyPacket" type="base64Binary" minOccurs="0"/>
<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
<sequence>
<element name="PGPKeyPacket" type="base64Binary"/>
<any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
</sequence>
</choice>
</complexType>
<!-- End PGPData -->
<!-- Begin SPKIData -->
<element name="SPKIData" type="ds:SPKIDataType"/>
<complexType name="SPKIDataType">
<sequence maxOccurs="unbounded">
<element name="SPKISexp" type="base64Binary"/>
<any namespace="##other" processContents="lax" minOccurs="0"/>
</sequence>
</complexType>
<!-- End SPKIData -->
<!-- End KeyInfo -->
<!-- Start Object (Manifest, SignatureProperty) -->
<element name="Object" type="ds:ObjectType"/>
<complexType name="ObjectType" mixed="true">
<sequence minOccurs="0" maxOccurs="unbounded">
<any namespace="##any" processContents="lax"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
<attribute name="MimeType" type="string" use="optional"/> <!-- add a grep facet -->
<attribute name="Encoding" type="anyURI" use="optional"/>
</complexType>
<element name="Manifest" type="ds:ManifestType"/>
<complexType name="ManifestType">
<sequence>
<element ref="ds:Reference" maxOccurs="unbounded"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
<element name="SignatureProperties" type="ds:SignaturePropertiesType"/>
<complexType name="SignaturePropertiesType">
<sequence>
<element ref="ds:SignatureProperty" maxOccurs="unbounded"/>
</sequence>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
<element name="SignatureProperty" type="ds:SignaturePropertyType"/>
<complexType name="SignaturePropertyType" mixed="true">
<choice maxOccurs="unbounded">
<any namespace="##other" processContents="lax"/>
<!-- (1,1) elements from (1,unbounded) namespaces -->
</choice>
<attribute name="Target" type="anyURI" use="required"/>
<attribute name="Id" type="ID" use="optional"/>
</complexType>
<!-- End Object (Manifest, SignatureProperty) -->
<!-- Start Algorithm Parameters -->
<simpleType name="HMACOutputLengthType">
<restriction base="integer"/>
</simpleType>
<!-- Start KeyValue Element-types -->
<element name="DSAKeyValue" type="ds:DSAKeyValueType"/>
<complexType name="DSAKeyValueType">
<sequence>
<sequence minOccurs="0">
<element name="P" type="ds:CryptoBinary"/>
<element name="Q" type="ds:CryptoBinary"/>
</sequence>
<element name="G" type="ds:CryptoBinary" minOccurs="0"/>
<element name="Y" type="ds:CryptoBinary"/>
<element name="J" type="ds:CryptoBinary" minOccurs="0"/>
<sequence minOccurs="0">
<element name="Seed" type="ds:CryptoBinary"/>
<element name="PgenCounter" type="ds:CryptoBinary"/>
</sequence>
</sequence>
</complexType>
<element name="RSAKeyValue" type="ds:RSAKeyValueType"/>
<complexType name="RSAKeyValueType">
<sequence>
<element name="Modulus" type="ds:CryptoBinary"/>
<element name="Exponent" type="ds:CryptoBinary"/>
</sequence>
</complexType>
<!-- End KeyValue Element-types -->
<!-- End Signature -->
</schema>