ia64/xen-unstable

view tools/security/updategrub.sh @ 6552:a9873d384da4

Merge.
author adsharma@los-vmm.sc.intel.com
date Thu Aug 25 12:24:48 2005 -0700 (2005-08-25)
parents 112d44270733 fa0754a9f64f
children dfaf788ab18c
line source
1 #!/bin/sh
2 # *
3 # * updategrub
4 # *
5 # * Copyright (C) 2005 IBM Corporation
6 # *
7 # * Authors:
8 # * Stefan Berger <stefanb@us.ibm.com>
9 # *
10 # * This program is free software; you can redistribute it and/or
11 # * modify it under the terms of the GNU General Public License as
12 # * published by the Free Software Foundation, version 2 of the
13 # * License.
14 # *
15 # *
16 #
18 if [ -z "$runbash" ]; then
19 runbash="1"
20 export runbash
21 exec sh -c "bash $0 $*"
22 exit
23 fi
26 # Show usage of this program
27 usage ()
28 {
29 echo "Usage: $0 <policy name> <root of xen repository>"
30 echo ""
31 echo "<policy name> : The name of the policy, i.e. xen_null"
32 echo "<root of xen repository> : The root of the XEN repositrory."
33 echo ""
34 }
36 # This function sets the global variable 'linux'
37 # to the name of the linux kernel that was compiled
38 # For now a pattern should do the trick
39 getLinuxVersion ()
40 {
41 path=$1
42 linux=""
43 for f in $path/linux-*-xen0 ; do
44 versionfile=$f/include/linux/version.h
45 if [ -r $versionfile ]; then
46 lnx=`cat $versionfile | \
47 grep UTS_RELEASE | \
48 awk '{ \
49 len=length($3); \
50 print substr($3,2,len-2) }'`
51 fi
52 if [ "$lnx" != "" ]; then
53 linux="[./0-9a-zA-z]*$lnx"
54 return;
55 fi
56 done
58 #Last resort.
59 linux="vmlinuz-2.[45678].[0-9]*[.0-9]*-xen0$"
60 }
62 #Return where the grub.conf file is.
63 #I only know of one place it can be.
64 findGrubConf()
65 {
66 grubconf="/boot/grub/grub.conf"
67 if [ -w $grubconf ]; then
68 return 1
69 fi
70 return 0
71 }
74 #Update the grub configuration file.
75 #Search for existing entries and replace the current
76 #policy entry with the policy passed to this script
77 #
78 #Arguments passed to this function
79 # 1st : the grub configuration file
80 # 2nd : the binary policy file name
81 # 3rd : the name or pattern of the linux kernel name to match
82 #
83 # The algorithm here is based on pattern matching
84 # and is working correctly if
85 # - under a title a line beginning with 'kernel' is found
86 # whose following item ends with "xen.gz"
87 # Example: kernel /xen.gz dom0_mem=....
88 # - a module line matching the 3rd parameter is found
89 #
90 updateGrub ()
91 {
92 grubconf=$1
93 policyfile=$2
94 linux=$3
96 tmpfile="/tmp/new_grub.conf"
98 cat $grubconf | \
99 awk -vpolicy=$policyfile \
100 -vlinux=$linux '{ \
101 if ( $1 == "title" ) { \
102 kernelfound = 0; \
103 if ( policymaycome == 1 ){ \
104 printf ("\tmodule %s%s\n", path, policy); \
105 } \
106 policymaycome = 0; \
107 } \
108 else if ( $1 == "kernel" ) { \
109 if ( match($2,"xen.gz$") ) { \
110 path=substr($2,1,RSTART-1); \
111 kernelfound = 1; \
112 } \
113 } \
114 else if ( $1 == "module" && \
115 kernelfound == 1 && \
116 match($2,linux) ) { \
117 policymaycome = 1; \
118 } \
119 else if ( $1 == "module" && \
120 kernelfound == 1 && \
121 policymaycome == 1 && \
122 match($2,"[0-9a-zA-Z]*.bin$") ) { \
123 printf ("\tmodule %s%s\n", path, policy); \
124 policymaycome = 0; \
125 kernelfound = 0; \
126 dontprint = 1; \
127 } \
128 else if ( $1 == "" && \
129 kernelfound == 1 && \
130 policymaycome == 1) { \
131 dontprint = 1; \
132 } \
133 if (dontprint == 0) { \
134 printf ("%s\n", $0); \
135 } \
136 dontprint = 0; \
137 } END { \
138 if ( policymaycome == 1 ) { \
139 printf ("\tmodule %s%s\n", path, policy); \
140 } \
141 }' > $tmpfile
142 if [ ! -r $tmpfile ]; then
143 echo "Could not create temporary file! Aborting."
144 exit -1
145 fi
146 mv -f $tmpfile $grubconf
147 }
149 if [ "$1" == "" -o "$2" == "" ]; then
150 usage
151 exit -1
152 fi
154 if [ "$1" == "-?" ]; then
155 usage
156 exit 0
157 fi
159 policy=$1
160 policyfile=$policy.bin
162 getLinuxVersion $2
164 findGrubConf
165 ERR=$?
166 if [ $ERR -eq 0 ]; then
167 echo "Could not find grub.conf. Aborting."
168 exit -1
169 fi
171 updateGrub $grubconf $policyfile $linux