#!/bin/sh # Do not edit this file. It is generated automatically. # $Copyright: Copyright (c) 2022 Veritas Technologies LLC. All rights reserved $ #!/bin/sh # Do not edit this file. It is generated automatically. ## $Source$ ##$Id$ # # XPG/4 platform startup script for vssatbin ############################# # GLOBAL variables. ############################# # These will be set by postinstall script if it is run. Or update it manually in case it is required. GEN_BROKER_DOMAIN_NAME_LIST= GEN_CLIENT_DOMAIN_NAME_LIST= GEN_BROKER_DATA_DIR=/usr/openv/var/global/vxss/eab/data GEN_EAT_DATA_DIR=/usr/openv/var/vxss/at GEN_EAT_HOME_DIR=/usr/openv/netbackup/sec/at GEN_EAT_CATALOG_DIR= GEN_EAT_USE_LIBPATH= GEN_EAT_BIN_DIR= GEN_EAT_LIB_DIR= GEN_PROFILE_BASE_DIR=/usr/openv/var/vxss/VRTSat/profiles GEN_PRODUCT_OPSCENTER= GEN_CONFIG_BIN_PATH=/usr/openv/netbackup/bin/nbgetconfig FIPS_CMD_OPTION= # CLIs that use both data dir. CLI_USE_BOTH_DATA_DIR_LIST="setuptrust removetrust showcred deletecred setloglevel setbrokerloglevel \ showcredinfo refreshtrust setmaxlogfilesize setmaxlogfiles showcredstore" # Only broker related cli. CLI_BROKER_LIST="addauthsequence addldapdomain addprpl changepasswd createpd deleteauthsequence \ deletepd deleteprpl listldapdomains listpd listpdprincipals pullbrokerattribs \ pushbrokerattribs removeldapdomain resetpasswd restorebroker setexpiryintervals setispbxexchflag \ setpd setpdr showbackuplist showbrokerhash showbrokermode showbrokertag showdomains \ showexpiryintervals showglobalplugininfo showispbxexchflag showpd showpdr showplugininfo \ showprpl updateplugin updateprpl setdomaindiscoveryinterval \ setglobalplugininfo showauthsequence showdomaindiscoveryinterval showallbrokerdomains" # Cli type can be CLI_BROKER, CLI_CLIENT, CLI_USE_BOTH_DATA_DIR. Default type is CLI_CLIENT. CLI_TYPE="CLI_CLIENT"; # EAT cli name (vssat or any name that consumer renames from vssat). EAT_CLI_NAME=`basename $0` export EAT_CLI_NAME # set "broker_dd" if "-j broker" is specified. # set "client_dd" if "-j client" is specified # else set "" OPT_J_FLAG=""; ############################# # FUNCTIONS. ############################# # Find CLI type and set to global variable CLI_TYPE. _find_cli_type() { cli_name=$1; #echo $cli_name; for cli_common in $CLI_USE_BOTH_DATA_DIR_LIST ; do if [ "$cli_name" = "$cli_common" ] ; then CLI_TYPE="CLI_USE_BOTH_DATA_DIR"; return; fi done; for cli_broker in $CLI_BROKER_LIST ; do if [ "$cli_name" = "$cli_broker" ] ; then CLI_TYPE="CLI_BROKER"; return; fi done; } ############################# # MAIN script start. ############################# # If Env variable EAT_HOME_DIR, EAT_DATA_DIR, BROKER_DATA_DIR are not set then use generated values. if [ -z "$EAT_HOME_DIR" ] ; then EAT_HOME_DIR=$GEN_EAT_HOME_DIR; export EAT_HOME_DIR fi if [ -z "$EAT_DATA_DIR" ] ; then EAT_DATA_DIR=$GEN_EAT_DATA_DIR; export EAT_DATA_DIR fi if [ -z "$EAT_CATALOG_DIR" ] ; then EAT_CATALOG_DIR=$GEN_EAT_CATALOG_DIR; export EAT_CATALOG_DIR fi if [ -z "$EAT_USE_LIBPATH" ] ; then EAT_USE_LIBPATH=$GEN_EAT_USE_LIBPATH; export EAT_USE_LIBPATH fi if [ -z "$BROKER_DATA_DIR" ] ; then BROKER_DATA_DIR=$GEN_BROKER_DATA_DIR; export BROKER_DATA_DIR fi if [ -z "$BROKER_DOMAIN_NAME_LIST" ]; then BROKER_DOMAIN_NAME_LIST=$GEN_BROKER_DOMAIN_NAME_LIST export BROKER_DOMAIN_NAME_LIST fi if [ -z "${CLIENT_DOMAIN_NAME_LIST}" ]; then CLIENT_DOMAIN_NAME_LIST=$GEN_CLIENT_DOMAIN_NAME_LIST; export CLIENT_DOMAIN_NAME_LIST fi if [ -z "${EAT_PROFILE_BASE_DIR}" ]; then if [ -n "${GEN_PROFILE_BASE_DIR}" ]; then EAT_PROFILE_BASE_DIR=$GEN_PROFILE_BASE_DIR export EAT_PROFILE_BASE_DIR fi fi if [ -z "$DO_NOT_VALIDAT_BROKER" ]; then DO_NOT_VALIDAT_BROKER=$GEN_PRODUCT_OPSCENTER fi if [ -f "$GEN_CONFIG_BIN_PATH" ]; then ENABLE_FIPS=`$GEN_CONFIG_BIN_PATH NB_FIPS_MODE | head -1 | cut -f2 -d"=" | tr "[:lower:]" "[:upper:]"` if [ "${ENABLE_FIPS}" = " 1" ] || [ "${ENABLE_FIPS}" = " ENABLE" ] ; then FIPS_CMD_OPTION="-F" fi fi export EAT_HOME_DIR EAT_DATA_DIR BROKER_DATA_DIR BROKER_DATA_DIR EAT_CATALOG_DIR EAT_USE_LIBPATH EAT_PROFILE_BASE_DIR # Save the AT cli (like - setuptrust, authenticate, etc) and shift the input arguments. AT_CLI=$1 if [ $# -gt 0 ]; then shift; fi # Find and set CLI type - BROKER/CLIENT/COMMON. _find_cli_type "${AT_CLI}" #echo $CLI_TYPE; # if "-j broker" is specified, BROKER_DATA_DIR must be specified, else throw error. found=0; for opt in "$@" ; do #echo $opt if [ "$found" = "1" ]; then if [ "$opt" = "broker" ]; then OPT_J_FLAG=broker_dd; elif [ "$opt" = "client" ]; then OPT_J_FLAG=client_dd; else echo "Error: Please specify sub option after -j option."; exit 1; fi break; fi if [ "$opt" = "-j" ] ; then found=1; fi done if [ $found = 1 -a "$OPT_J_FLAG" = "" ]; then echo "Error: Please specify sub option after -j option."; exit 1; fi if [ "$OPT_J_FLAG" = "broker_dd" -a "$BROKER_DATA_DIR" = "" ] ; then echo "Error: environment variable BROKER_DATA_DIR is not set. "; echo " If -j option is specified then BROKER_DATA_DIR must be set."; exit 1; fi if [ "$DO_NOT_VALIDAT_BROKER" = "1" ]; then set -- "$@" '-dontValidateBroker'; fi # determine the runtime location of the AT package # source the location file (in case of non-standard installation location) PKGNAME=VRTSat VRTSAT_LOCFILE=/etc/vx/vss/${PKGNAME}.loc unset INSTALLDIR if [ -z "$EAT_HOME_DIR" -a -f "$VRTSAT_LOCFILE" ] ; then echo "warning: environment variable EAT_HOME_DIR is not set, will attempt to use the shared AT instead." if [ -f "$VRTSAT_LOCFILE" -a -r "$VRTSAT_LOCFILE" ] ; then if [ -f "/usr/bin/sed" -a -x "/usr/bin/sed" ] ; then INSTALLDIR=`/usr/bin/sed -e '/ProductInstallDir/{s/.*ProductInstallDir[ \t]*=[ \t]*//;p;d;}' -e 'd' $VRTSAT_LOCFILE` elif [ -f "/usr/bin/sed" -a -x "/usr/bin/sed" ] ; then INSTALLDIR=`/usr/bin/sed -e '/ProductInstallDir/{s/.*ProductInstallDir[ \t]*=[ \t]*//;p;d;}' -e 'd' $VRTSAT_LOCFILE` else INSTALLDIR=`sed -e '/ProductInstallDir/{s/.*ProductInstallDir[ \t]*=[ \t]*//;p;d;}' -e 'd' $VRTSAT_LOCFILE` fi fi # The ProductInstallDir variable points to the installation root VRTSAT_HOME=${INSTALLDIR-/opt/${PKGNAME}} else if [ -z "$EAT_HOME_DIR" ] ; then echo "error: environment variable EAT_HOME_DIR is not set, unable to run AT CLI." exit 1 else VRTSAT_HOME=$EAT_HOME_DIR fi fi # 64 bit clients are one directory deeper with 64 bit directory names if [ -z "$EAT_HOME_DIR" ] ; then VRTSAT_64DIR_NAME=/64 if [ "$VRTSAT_64DIR_NAME" != "" ] ; then VRTSAT_64DIR_NAME="/$VRTSAT_64DIR_NAME"; fi else VRTSAT_64DIR_NAME= fi if [ "$GEN_EAT_BIN_DIR" != "" ] ; then VRTSAT_BINDIR="$GEN_EAT_BIN_DIR" else VRTSAT_BINDIR="$VRTSAT_HOME/bin$VRTSAT_64DIR_NAME" fi if [ "$GEN_EAT_LIB_DIR" != "" ] ; then VRTSAT_LIBDIR="$GEN_EAT_LIB_DIR"; else VRTSAT_LIBDIR="$VRTSAT_HOME/lib$VRTSAT_64DIR_NAME"; fi OSNAME=`/usr/bin/uname` UNIX_VSSAT=vssatbin EXEC_CMD= if [ "$OSNAME" = "Linux" ] ; then EXEC_CMD= fi # Get the user ID if [ "$OSNAME" = "SunOS" ] ; then USER_ID=`/usr/xpg4/bin/id -u` else USER_ID=`id -u` fi # Depend on CLI-type, it would use client or broker data dir or both data dir. ret1=0 case "$CLI_TYPE" in CLI_USE_BOTH_DATA_DIR ) #echo "Use both data dir"; # ET:1679029 # showcred and deletecred should not be run on broker data dir for localhost domain type. run_on_bdd=1; if [ "$AT_CLI" = "showcred" -o "$AT_CLI" = "deletecred" ]; then # Extract the domain type. found=0; localhost_domain_type=""; for arg in "$@" ; do if [ "$found" = "1" ] ; then if [ "$arg" != "" ] ; then localhost_domain_type=`echo $arg | cut -d : -f 1` fi break; fi if [ "$arg" = "-d" -o "$arg" = "--domain" ]; then found=1; fi done if [ "$localhost_domain_type" = "localhost" ]; then run_on_bdd=0; fi fi # ET:1676562 # If the user is non-root, CLI run on HOME dir by default, # even though EAT_HOME_DIR is pointing to broker data dir. # As same output is prompted twice, it is not nessesary to run on broker. # Use broker data dir. If it is set. if [ "$run_on_bdd" = "1" -a "$BROKER_DATA_DIR" != "" -a "$OPT_J_FLAG" != "client_dd" -a "$USER_ID" = "0" ] ; then old_eat_data_dir=$EAT_DATA_DIR EAT_DATA_DIR=$BROKER_DATA_DIR export EAT_DATA_DIR if [ "$EAT_DATA_DIR" != "" ]; then echo "Using data dir: $EAT_DATA_DIR"; fi $EXEC_CMD "$VRTSAT_BINDIR/$UNIX_VSSAT" "$AT_CLI" "$@" $FIPS_CMD_OPTION ret1=$? # if CLI returns code is INVALID_USAGE=1 UNRECOGNIZED_TOKENS=2 and MISSING_OPTION=5, exit from here. if [ "$ret1" = "1" -o "$ret1" = "2" -o "$ret1" = "5" ]; then exit $ret1; fi # If user specify to run on broker data dir only, then exit from here. if [ "$OPT_J_FLAG" = "broker_dd" ]; then exit $ret1; fi EAT_DATA_DIR=$EAT_PROFILE_BASE_DIR export EAT_DATA_DIR if [ "$EAT_DATA_DIR" != "" ]; then echo "Using data dir: $EAT_DATA_DIR"; fi $EXEC_CMD "$VRTSAT_BINDIR/$UNIX_VSSAT" "$AT_CLI" "$@" $FIPS_CMD_OPTION ret2=$? if [ "$ret1" = "0" ]; then ret1=$ret2 fi EAT_DATA_DIR=$old_eat_data_dir export EAT_DATA_DIR fi ;; CLI_BROKER ) #echo "Use broker data dir"; if [ "$BROKER_DATA_DIR" != "" -a "$OPT_J_FLAG" != "client_dd" ] ; then EAT_DATA_DIR=$BROKER_DATA_DIR export EAT_DATA_DIR; fi ;; * ) # If the user specify "-j ", set the data dir according and run the cli. no need for any further check. if [ "$AT_CLI" = "authenticate" ] ; then EAT_DATA_DIR=$EAT_PROFILE_BASE_DIR export EAT_DATA_DIR; fi if [ "$BROKER_DATA_DIR" != "" -a "$OPT_J_FLAG" = "broker_dd" ] ; then EAT_DATA_DIR=$BROKER_DATA_DIR export EAT_DATA_DIR; fi # authenticate CLI framework. # For authenticate CLI, use broker data dir if the domain name is in the user specified broker name list # and use client data dir if the domain name is in the client domain name list. # If the user specified "-j " it has higher precidence. if [ "$BROKER_DATA_DIR" != "" -a "$AT_CLI" = "authenticate" -a "$OPT_J_FLAG" != "broker_dd" -a "$OPT_J_FLAG" != "client_dd" ] ; then # Now find out the domain name. found=0; if [ "$BROKER_DOMAIN_NAME_LIST" != "" -o "$CLIENT_DOMAIN_NAME_LIST" != "" ]; then for arg in "$@" ; do if [ "$found" = "1" ] ; then if [ "$arg" != "" ] ; then DOMAIN_NAME=`echo $arg | cut -d : -f 2 | cut -d @ -f 1` if [ "$arg" = "$DOMAIN_NAME" ]; then DOMAIN_NAME=""; fi fi break; fi if [ "$arg" = "-d" -o "$arg" = "--domain" ]; then found=1; fi done fi # If the domain name is for broker ,use broker data dir. found=0; if [ "$BROKER_DOMAIN_NAME_LIST" != "" -a "$DOMAIN_NAME" != "" ] ; then for bd_name in $BROKER_DOMAIN_NAME_LIST ; do if [ "$bd_name" = "$DOMAIN_NAME" ]; then found=1; if [ "$BROKER_DATA_DIR" != "" ]; then EAT_DATA_DIR=$BROKER_DATA_DIR; export EAT_DATA_DIR else echo "Error: The domain name is for broker and BROKER_DATA_DIR is empty." echo " Please provide BROKER_DATA_DIR." exit 1; fi break; fi done fi # If domain name is for client, use EAT_DATA_DIR. if [ "$found" != "1" ]; then if [ "$CLIENT_DOMAIN_NAME_LIST" != "" -a "$DOMAIN_NAME" != "" ] ; then for cd_name in $CLIENT_DOMAIN_NAME_LIST ; do if [ "$cd_name" = "$DOMAIN_NAME" ]; then found=1; break; fi done fi fi # If the domain name is neither in broker nor client domain name list and BROKER_DATA_DIR is set, # then ask the user which data dir to use. # Comment off if you need user input. #if [ "$found" != "1" ]; then #if [ "$BROKER_DOMAIN_NAME_LIST" != "" ] ; then # echo "Do you want to authenticate using broker data dir? If yes press 'Y'" # read use_bdd # if [ "$use_bdd" = "Y" -o "$use_bdd" = "y" ]; then # EAT_DATA_DIR=$BROKER_DATA_DIR; # export EAT_DATA_DIR # fi #fi #fi fi ;; esac # Run the CLI ret2=0; if [ "$EAT_DATA_DIR" != "" -a "$BROKER_DATA_DIR" != "" ]; then echo "Using data dir: $EAT_DATA_DIR"; fi $EXEC_CMD "$VRTSAT_BINDIR/$UNIX_VSSAT" "$AT_CLI" "$@" $FIPS_CMD_OPTION ret2=$? if [ "$ret1" != "0" ]; then exit $ret1; else exit $ret2; fi # END for script.