#!/bin/ksh93 # IBM_PROLOG_BEGIN_TAG # This is an automatically generated prolog. # # 61haes_r720 src/43haes/lib/ksh93/hacmp/KLIB_HACMP_get_group_attributes.sh 1.8 # # Licensed Materials - Property of IBM # # COPYRIGHT International Business Machines Corp. 2011,2015 # All Rights Reserved # # US Government Users Restricted Rights - Use, duplication or # disclosure restricted by GSA ADP Schedule Contract with IBM Corp. # # IBM_PROLOG_END_TAG # @(#)14 1.8 src/43haes/lib/ksh93/hacmp/KLIB_HACMP_get_group_attributes.sh, hacmp.assist, 61haes_r720, 1525A_hacmp720 6/1/15 13:53:40 #============================================================================ # # Name: KLIB_HACMP_get_group_attributes # # Description: This is the main, FPATH function that is invoked by clmgr # to collect user group information. The lsgroup utility is # invoked to extract the necessary data. # # Inputs: See the "devDoc()" function at the bottom of this file. # # Outputs: The properties hash is populated. The only other outputs are # any error messages that might be needed. # # Returns: Zero if no errors are detected. Otherwise, an appropriate # non-zero value is returned. Refer to the "RETURN" section # of the "devDoc()" function at the bottom of this file for # the standard return code values/meanings for clmgr. # #============================================================================ function KLIB_HACMP_get_group_attributes { trap 'on_exit_get_group' EXIT LINENO=2 . $HALIBROOT/log_entry "$0()" "$CL" : version=1.8, src/43haes/lib/ksh93/hacmp/KLIB_HACMP_get_group_attributes.sh, hacmp.assist, 61haes_r720, 1525A_hacmp720 : INPUTS: $* typeset groups=${1//\"/} # Get the "properties" associative array reference, and initialize it if [[ -z $2 ]] || [[ -n $CLMGR_LOGGING && $2 == "|" ]]; then groups= typeset -n properties=$1 else typeset -n properties=$2 fi [[ $CLMGR_LOGGING == 'med' ]] && set +x # Only trace param values #=================================== : Declare and initialize variables #=================================== for k in ${!properties[*]}; do unset properties[$k]; done typeset GROUPS= group= typeset -i INDEX=0 rc=$RC_SUCCESS typeset key= typeset -i matches=0 typeset -u attr= uc_key= typeset -A queries typeset -i i=0 #=================================================== : Check for any specified attribute=value pairs. : If any are found, use those to query the output. #=================================================== while (( $# > 0 )); do value="$1" if [[ $value == *=* ]]; then attr=${value%%=*} # "attr" makes this uppercase queries[$attr]="${value#*=}" if [[ $attr == "REGISTRY" ]]; then typeset -u registryUC=${queries[$attr]} case $registryUC in LD*) queries[$attr]="LDAP" ;; LO*) queries[$attr]="files" ;; F*) queries[$attr]="files" ;; *) dspmsg -s $CLMGR_SET $CLMGR_MSGS 110 '\nERROR: invalid value specified for "%1$s": "%2$s".\n' REGISTRY "${queries[$attr]}" 1>&2 dspmsg -s $CLMGR_SET $CLMGR_MSGS 3 'Valid values: %1$s\n\n' "files, LDAP" 1>&2 rc=$RC_INCORRECT_INPUT ;; esac fi fi shift done #======================================= : Make sure we have something to query #======================================= if [[ -n $groups ]]; then [[ $groups != *,* ]] && unset INDEX for group in ${groups//,/ }; do CL=$LINENO KLIB_HACMP_is_known_group "$group" 2>/dev/null if (( $? != RC_SUCCESS )); then dspmsg -s $CLMGR_SET $CLMGR_MSGS 102 '\nERROR: "%1$s" does not appear to exist!\n\n' "$group" 1>&2 dspmsg -s $CLMGR_SET $CLMGR_MSGS 161 "Available Groups:\n\n" 1>&2 typeset available CL=$LINENO KLIB_HACMP_list_groups available for (( i=0; i<${#available[*]}; i++ )); do if [[ ${available[$i]} != *([[:space:]]) ]]; then print -u2 "\t${available[$i]}" fi done print -u2 "" rc=$RC_NOT_FOUND else GROUPS="$GROUPS $group" fi done elif (( CLMGR_VERBOSE || ${#queries[*]} > 0 )); then typeset available CL=$LINENO KLIB_HACMP_list_groups available for (( i=0; i<${#available[*]}; i++ )); do name=${available[$i]} name=${name##+([[:space:]])} name=${name%%+([[:space:]])} name=${name/ \(/@\(} GROUPS="$GROUPS $name" done else dspmsg -s $CLMGR_SET $CLMGR_MSGS 100 "\nERROR: a name/label must be provided.\n\n" 1>&2 rc=$RC_MISSING_INPUT fi (( $rc != RC_SUCCESS )) && unset GROUPS #======================================================================= : If there are multiple groups, often the result of a verbose listing, : then dump all group data to a temporary file, for faster access. In : testing, this dropped the execution time of "clmgr -v query group" : from 24 seconds to 8 seconds. #======================================================================= if [[ $GROUPS == *+([[:space:]])* ]]; then print "$0()[$LINENO]($SECONDS): lsgroup -R files ALL > $TMPDIR/clmgr.KHgga.files.$$" >>$CLMGR_TMPLOG lsgroup -R files ALL > $TMPDIR/clmgr.KHgga.files.$$ print "$0()[$LINENO]($SECONDS): lsgroup (LOCAL) RC: $?" >>$CLMGR_TMPLOG print "$0()[$LINENO]($SECONDS): lsgroup -R LDAP ALL > $TMPDIR/clmgr.KHgga.ldap.$$" >>$CLMGR_TMPLOG lsgroup -R LDAP ALL > $TMPDIR/clmgr.KHgga.ldap.$$ 2>>$CLMGR_TMPLOG print "$0()[$LINENO]($SECONDS): lsgroup (LDAP) RC: $?" >>$CLMGR_TMPLOG fi #================================================================ : Populate the return hash with the retrieved attributes/values #================================================================ for group in $GROUPS; do typeset -i TYPE_SPECIFIED=0 typeset -u TYPE= TYPES= if [[ $group == *@* ]]; then TYPES=${group##*@} TYPES=${TYPES#\(} TYPES=${TYPES%\)} [[ -n $TYPES ]] && TYPE_SPECIFIED=1 || TYPES="FILES LDAP" group=${group%%@*} else #=============================================================== : Since no group type was specified, check all supported types #=============================================================== TYPES="FILES LDAP" fi typeset OUTPUT= FOUND= for TYPE in $TYPES; do OUTPUT= if [[ $TYPE == "LDAP" ]]; then if [[ -f $TMPDIR/clmgr.KHgga.ldap.$$ ]]; then print "$0()[$LINENO]($SECONDS): grep \"^$group \" $TMPDIR/clmgr.KHgga.ldap.$$" >>$CLMGR_TMPLOG OUTPUT=$(grep "^$group " $TMPDIR/clmgr.KHgga.ldap.$$) print "$0()[$LINENO]($SECONDS): grep RC: $cmd_rc" >>$CLMGR_TMPLOG if [[ -n $OUTPUT ]]; then cmd_rc=$RC_SUCCESS FOUND=$TYPE else continue fi fi elif [[ $TYPE == "FILES" ]]; then if [[ -f $TMPDIR/clmgr.KHgga.files.$$ ]]; then print "$0()[$LINENO]($SECONDS): grep \"^$group \" $TMPDIR/clmgr.KHgga.files.$$" >>$CLMGR_TMPLOG OUTPUT=$(grep "^$group " $TMPDIR/clmgr.KHgga.files.$$) print "$0()[$LINENO]($SECONDS): grep RC: $cmd_rc" >>$CLMGR_TMPLOG if [[ -n $OUTPUT ]]; then cmd_rc=$RC_SUCCESS FOUND=$TYPE else continue fi fi fi #================================================ : If the no data was found for this group, then : program execution will not reach this point. #================================================ properties[NAME$INDEX]=$group for PAIR in $OUTPUT; do [[ $PAIR != *=* ]] && continue case ${PAIR%%=*} in id) properties[ID$INDEX]=${PAIR##*=} ;; admin) properties[ADMINISTRATIVE$INDEX]=${PAIR##*=} ;; registry) properties[REGISTRY$INDEX]=${PAIR##*=} ;; users) properties[USERS$INDEX]=${PAIR##*=} ;; adms) properties[ADMINS$INDEX]=${PAIR##*=} ;; projects) properties[PROJECTS$INDEX]=${PAIR##*=} ;; efs_initialks_mode) properties[KEYSTORE_MODE$INDEX]=${PAIR##*=} ;; efs_keystore_algo) properties[KEYSTORE_ENCRYPTION$INDEX]=${PAIR##*=} ;; efs_keystore_access) properties[KEYSTORE_ACCESS$INDEX]=${PAIR##*=} ;; esac done #============================================================== : Even if there is no value for a given attribute, we want to : display a placeholder for it, so the customer always sees a : consistent, complete set of attributes. #============================================================== for key in ${_COLON_ATTR_ORDER[group]}; do if [[ -z ${properties[$key$INDEX]} ]]; then properties[$key$INDEX]="" fi done (( INDEX++ )) [[ $INDEX == *0 ]] && (( INDEX++ )) done # End of the "TYPES" loop if [[ -z $FOUND ]]; then dspmsg -s $CLMGR_SET $CLMGR_MSGS 471 '\nERROR: the specified group, "%1$s", could not be found.\n\n' "$group" 1>&2 rc=$RC_NOT_FOUND fi done # End of "GROUPS" loop #========================================================== : If any searches/filters were specified, handle them now #========================================================== if (( $rc == RC_SUCCESS && ${#queries[*]} > 0 )); then CL=$LINENO search_properties queries properties rc=$? fi (( $rc == RC_SUCCESS )) && CL=$LINENO prune_indexes properties log_return_msg "$rc" "$0()" "$LINENO" return $? } # End of "KLIB_HACMP_get_group_attributes()" function on_exit_get_group { rm -f $TMPDIR/clmgr.KHgga.files.$$ rm -f $TMPDIR/clmgr.KHgga.ldap.$$ } #============================================================================ # # Name: devDoc # # Description: This is a never-to-be-called, wrapper function that all the # clmgr FPATH functions implement in order to hide embedded # syntax from trace logging. This information is implemented # in POD format, and can be viewed in a number of ways using # POD tools. Some viewing suggestions for this function's POD- # formatted information are: # # perldoc # pod2text -c # pod2text -c --code # pod2html # # However, the more important use for this information is that # it is parsed by clmgr to display the syntax for this file's # operation. The information in the "SYNOPSIS" section is used # for this purpose. This feature was originally implemented # using the man page information. However, in a code review it # was pointed out that this approach had to be changed because # customers do not have to install the man pages! Therefore, a # built-in dependency on man page information would break the # automatic help feature of clmgr. So the SYNPOSIS section must # be used instead. # # IMPORTANT: As a result of this, it is imperative that the # information in this SYNOPSIS be kept in sync # with the man page information, which is owned # by the IDD team. # # Inputs: None. # # Outputs: None. # # Returns: n/a (not intended to be invoked) # #============================================================================ function devDoc { : <<'=cut' >/dev/null 2>&1 =head1 NAME KLIB_HACMP_get_group_attributes =head1 VERSION Version Number: 1.8 Last Extracted: 6/16/15 17:51:04 Last Changed: 6/1/15 13:53:40 Path, Component, Release(, Level): src/43haes/lib/ksh93/hacmp/KLIB_HACMP_get_group_attributes.sh, hacmp.assist, 61haes_r720, 1525A_hacmp720 =head1 SYNOPSIS clmgr query group [,,...] clmgr -v query group NOTE: the alias for "group" is "gp". =head1 DESCRIPTION Retrieves the information for one or more user groups. =head1 ARGUMENTS 1. group [REQUIRED] [string] The label of one or more groups (comma or space separated) that are to be queried. 2. properties [REQUIRED] [hash ref] An associative array within which data about the queried objects can be returned to the caller. =head1 RETURN 0: no errors were detected; the operation appears to have been successful 1: a general error has occurred 2: a specified resource does not exist, or could not be found 3: some required input was missing 4: some detected input was incorrect in some way 5: a required dependency does not exist 6: a specified search failed to match any data =head1 COPYRIGHT COPYRIGHT International Business Machines Corp. 2011.2015 All Rights Reserved =cut } # End of "devDoc()" #============================================================================== # The following, comment block attempts to enforce coding standards when this # file is edited via emacs or vim. This block _must_ appear at the very end # of the file, or the editor will not find it, and it will be ignored. #============================================================================== # Local Variables: # indent-tabs-mode: nil # tab-width: 4 # End: #============================================================================== # vim: tabstop=4 shiftwidth=4 expandtab #==============================================================================