Alan Maguire wrote: > Glenn Faden wrote: >> Alan Maguire wrote: >>> hi Glenn >>> >>> Glenn Faden wrote: >>>> I've only done a very superficial code review but it seems like the >>>> support for /etc/nwam/ulp scripting has gone away. This feature was >>>> used by Trusted Extensions to execute some special bringup and >>>> commands, like associating the all-zones ifconfig property with the >>>> new interface, and setting a default label template based on the >>>> location and/or domain. Is the ulp bringup functionality still >>>> supported? If not, how do we do this in NWAM Phase 1? >>> The way to do this for phase 1 would be to >>> create an ENM (external network modifier). >>> An ENM can specify start/stop scripts or an >>> SMF FMRI to be activated given a set >>> of network conditions (or manually if required). >>> See the draft nwamcfg manpage for the ENM >>> properties that can be set: >>> >>> http://opensolaris.org/os/project/nwam/p1spec/manpages/nwamcfg_1m/ >>> >>> If, for example, you wanted to create an >>> ENM that does something once an IP >>> address is assigned (the equivalent time >>> to when a ULP is activated in phase 0), >>> you could create an ENM with the following >>> properties >>> >>> activation-mode = conditional-all >>> condition = "ip-address is-not 0.0.0.0" >>> start = /my/start/script >>> stop = /my/stop/script >>> >>> This can be done interactively or via >>> a command file (using nwamcfg's >>> "-f" subcommand). >>> >> >> Alan, >> >> Thanks for the info. It isn't clear from the man page whether any >> parameters or environment can be passed to the start/stop commands. >> Atthe vary least we would need the domain and the interface name. How >> is this supposed to work? >> > That's a good question. We don't support passing > of parameters to start/stop scripts at present. > One approach to determine which interface(s) > are active (in phase 1, depending on the policy, > multiple links and interfaces can be active > simultaneously) would be to use "nwamadm list" > to determine link/interface states. It displays > the states of the various configuration objects > nwamd manages, which include links and interfaces. > > See > > http://opensolaris.org/os/project/nwam/p1spec/manpages/nwamadm_1m/ > > for details on nwamadm usage. If a link or interface > is active, it's state will show "online".
This is not optimal in my opinion because the start/stop commands have to infer the conditions for which they are being invoked. It would be more straight-forward if that state were passed in somehow. Of course, the same problem exists with the current ULP scripts which have to figure out (using dladm or ifconfig) and buy reading /etc/resolv.conf, what the relevant interface and domain is. Please consider passing in these values as parameters to the start/stop commands. --Glenn
