The first script is the install script /export/config/config610/
installAIX61.ksh:
#!/bin/ksh ################################################################# # # # Install AIX 6.1 on a new system # # # # # # Update by : # # # ################################################################# export LANG=C SN=`basename $0` RP=`dirname $0` HN=`hostname -s` DAY=`date +%d%m` LOG=$RP/log/install_client.log REP_CONFIG=config610 SPOT=spot610 LPP_SOURCE=lpp_source610 BOSINST_DATA=bosinst_610 SCRIPTFB=scriptfb_610 CLIENT_NAME=nim_client61 mkdir $RP/log > /dev/null 2>&1 echo `date`" : Begin of "$SN if [ "$VERBOSE_LOGGING" = "high" ] then set -x fi echo "Launch NIM installation" echo "=======================" nim -o reset -a force=yes $CLIENT_NAME nim -Fo deallocate -a subclass=all $CLIENT_NAME for i in `lsnim -l $LPP_SOURCE | grep location | awk '{print $3}'` do rmnfsexp -d $i -B done nim -o bos_inst -a source=rte -a lpp_source=$LPP_SOURCE -a spot=$SPOT -a accept_licenses=yes -a fb_script=$SCRIPTFB -a bosinst_data=$BOSINST_DATA -a boot_client=no $CLIENT_NAME echo "\n" echo "Please, start client and configure IPL device with IP adress : " `host $CLIENT_NAME` FINISH=NOK TIME_BEF_ABORT=7200 while [ $FINISH != "OK" ] do sleep 60 TIME_BEF_ABORT=`expr $TIME_BEF_ABORT - 60` FINISH=`lsnim -a Cstate $CLIENT_NAME | grep -v $CLIENT_NAME | awk -F= '{if($2==" BOS installation has been enabled") { print "OK" } else { print "NOK" }}'` lsnim -a info done echo "\n" echo "Installation...." echo "================" FINISH=NOK TIME_BEF_ABORT=7200 while [ $FINISH != "OK" ] do sleep 60 TIME_BEF_ABORT=`expr $TIME_BEF_ABORT - 60` FINISH=`lsnim -a Cstate $CLIENT_NAME | grep -v $CLIENT_NAME | awk -F= '{if($2==" ready for a NIM operation") { print "OK" } else { print "NOK" }}'` lsnim -a info done echo "\n" echo "Waiting for reboot..." echo "================" FINISH=NOK TIME_BEF_ABORT=7200 while [ $FINISH != "OK" ] do sleep 60 TIME_BEF_ABORT=`expr $TIME_BEF_ABORT - 60` ping -c3 $CLIENT_NAME > /dev/null if [ $? -eq 0 ] then FINISH=OK fi echo $FINISH done sleep 30 for i in `df | grep "/export/lpp_source/lpp_source" | awk '{print $7}'` do mknfsexp -d $i -t rw done #rsh $CLIENT_NAME "mount -o soft nim:/export/config /mnt" #rsh $CLIENT_NAME "/mnt/$REP_CONFIG/customize.ksh" > $LOG cat /root/.ssh/known_hosts | grep -v $CLIENT_NAME > /tmp/known_hosts mv /tmp/known_hosts /root/.ssh/known_hosts cat /home/vpd/.ssh/known_hosts | grep -v $CLIENT_NAME > /tmp/known_hosts mv /tmp/known_hosts /home/vpd/.ssh/known_hosts nim -o showlog -a log_type=boot $CLIENT_NAME > $LOG echo "####################" echo "Logs are available on the NIM server in $LOG and on the client in /tmp/nim_customization.$DAY.log for customization scripts"
customize.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize AIX 6.1 after a new installation #@(#) For information this script is copied during installation #@(#) on the target machine in /etc/fb_<xxx> and executed #@(#) after the first boot #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# export LANG=C export SN=`basename $0` export HN=`hostname -s` export DAY=`date +%d-%m-%Y` export RP=`dirname $0` export LOG=/tmp/nim_customization.$DAY.log export NIM_SRV=nim61 SCRIPT_DIR=/mnt/config610 echo "#########################" echo `date`" : Begin of "$SN echo $HN if [ "$HN" = "nimsrv" ] then echo "Le script ne peut pas s'executer sur le serveur NIM" exit 1 fi mount -o soft $NIM_SRV:/export/config /mnt cd $SCRIPT_DIR for i in `ls $SCRIPT_DIR/../scripts_install | grep ksh | grep -v reboot` do echo $i $SCRIPT_DIR/../scripts_install/$i done $SCRIPT_DIR/../scripts_install/*reboot*.ksh echo `date`" : End of "$SN
All the follwing scripts (belonging to FB_script: first boot script) are located in /export/config/scripts_install/
All the config files are located in /export/config/scripts_install/install_files/
.env:
export LANG=C export SN=`basename $0` export HN=`hostname -s` export DAY=`date +%d-%m-%Y` export RP=`dirname $0` export DIR_CONFIG_BKP=/var/adm/config/etc export LOG=/tmp/nim_customization.$DAY.log export NIM_SRV=nim export NTP_SERVER1=ntp1.local.be export NTP_SERVER2=ntp2.local.be export AIXTOOLBOX=/export/lpp_source/aixtoolbox export AIXOTHERLPP=/export/lpp_source/otherlpp
S01config_TMOUT.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize TMOUT variable after a new installation #@(#) /etc/profile #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Set TMOUT variable" echo "==================" #Backup the default /etc/profile file cp /etc/profile /etc/profile.$$ cat /etc/profile | grep -v "^#" | grep "TMOUT=" if [ $? -ne 0 ] then echo export readonly TMOUT=2400 >> /etc/profile fi echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S02config_crontab.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize crontab after a new installation #@(#) /var/spool/cron/crontabs/root #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Delete crontab entries for SSA:" echo "==============================" cp -p /var/spool/cron/crontabs/root /var/spool/cron/crontabs/root.$$ grep -v ssa /var/spool/cron/crontabs/root | grep -v SSA > /tmp/cron.root echo "Add crontab entries for rotation of logs and backup system:" echo "==============================" cat /tmp/cron.root | grep -v "^#" | grep "logrotate" if [ $? -ne 0 ] then echo "0 8 * * 6 /usr/bin/logrotate /etc/logrotate.conf > /root/scripts/log/logrotate.log 2>&1" >> /tmp/cron.root fi echo "Add crontab entries for performance mesure" cat /tmp/cron.root | grep -v "^#" | grep "/root/scripts/bin/perf_nmon" if [ $? -ne 0 ] then echo "0 0 * * * /root/scripts/bin/perf_nmon > /dev/null 2>&1" >> /tmp/cron.root fi cp /tmp/cron.root /var/spool/cron/crontabs/root rm /tmp/cron.root echo "Restart Cron daemon:" echo "==============================" kill `ps -ef | grep cron | grep -v grep |awk '{print $2}'` > /dev/null 2>&1 echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S03config_tty.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Configuration of TTY (serial console) #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "\n" echo "Configuration TTY" echo "========================" mkdev -c tty -t'tty' -s'rs232' -p'sa0' -w'0' -a login=enable > /dev/null 2>&1 if [ $? -ne 0 ] then mkdev -c tty -t'tty' -s'vcon' -p'sa0' -w'0' -a login=enable > /dev/null 2>&1 fi echo "Enable login on TTY if still exist on the machine" echo "========================" chdev -l tty0 -a login=enable > /dev/null 2>&1 chdev -l vty0 -a login=enable -P > /dev/null 2>&1 echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S04config_inittab.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize inittab after a new installation /etc/inittab #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# INITTAB_TMP=/etc/inittab.$$ RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Customize inittab entries" echo "=========================" #Backup the default inittab file cp /etc/inittab $INITTAB_TMP cat $INITTAB_TMP | sed "s/^#/:/" > /etc/inittab #Delete entries for i in rcml mkatmpvc atmsvcd sniinst rcnfs piobe qdaemon writesrv uprintfd naudio do echo "Deleting $i from inittab" rmitab $i > /dev/null 2>&1 done echo "\n" echo "Services start by inittab:" echo "==========================" grep -v '^:' /etc/inittab | awk -F":" '{print $1}' | grep -v "^#" # Change the console start position to have faster access in case of trouble cat /etc/inittab | grep -v "cons:" > /tmp/inittab rm /tmp/inittab.new > /dev/null 2>&1 cat /tmp/inittab | while read i do echo $i | grep "rctcpip:" > /dev/null 2>&1 if [ $? -ne 0 ] then echo $i >> /tmp/inittab.new else echo $i >> /tmp/inittab.new echo "cons:0123456789:respawn:/usr/sbin/getty /dev/console" >> /tmp/inittab.new fi done mv /tmp/inittab.new /etc/inittab rm /tmp/inittab > /dev/null 2>&1 echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S05config_netsvc.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize netsvc to solve IP adress in IPV4 and IPV6 in local #@(#) and then with DNS /etc/netsvc.conf #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Configure /etc/netsvc.conf" echo "==========================" cat /etc/netsvc.conf | grep -v "^#" | egrep "hosts|=|local|bind" if [ $? -ne 0 ] then echo "hosts=local,bind4" >> /etc/netsvc.conf fi echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S06config_rctcpip.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize /etc/rc.tcpip to remove unused entries #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Customize rc.tcpip entries" echo "==========================" #Backup the default rc.tcpip file cp /etc/rc.tcpip /etc/rc.tcpip.$$ #Delete entries for i in sendmail snmpmibd dpid2 hostmibd aixmibd muxatmd do echo "Deleting $i from rc.tcpip" chrctcp -S -d $i done echo "\n" echo "List of services start by rc.tcpip:" echo "==========================" grep '^start' /etc/rc.tcpip | awk '{print $2}' echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S07config_resolv.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize /etc/resolv.conf (DNS) #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RESOLV_FILE=/etc/resolv.conf RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "configure resolv.conf" echo "=====================" #Backup the default /etc/resolv.conf file if [ -f $RESOLV_FILE ] then echo "file $RESOLV_FILE exist" else echo "nameserver 110.10.10.1" > $RESOLV_FILE echo "nameserver 110.10.10.2" >> $RESOLV_FILE echo "domain local.be" >> $RESOLV_FILE fi echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S08config_syslog.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize /etc/syslog.conf to report more logs #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# MESSAGES="/var/log/messages" SYSLOG="/var/log/syslog" AUTHLOG="/var/log/authlog" RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Customize syslog.conf" echo "=====================" #Backup the default syslog.conf file cp /etc/syslog.conf /etc/syslog.conf.$$ [ -d /var/log ] || mkdir -p /var/log [ -f $MESSAGES ] || touch $MESSAGES [ -f $SYSLOG ] || touch $SYSLOG [ -f $AUTHLOG ] || touch $AUTHLOG #Adding entries in syslog.conf cat /etc/syslog.conf | grep -v "^#" | grep "*.crit" if [ $? -ne 0 ] then echo "*.crit\t *" >> /etc/syslog.conf fi cat /etc/syslog.conf | grep -v "^#" | grep "*.err;kern.debug;daemon.notice" if [ $? -ne 0 ] then echo "*.err;kern.debug;daemon.notice\t $MESSAGES rotate time 7d files 8 compress" >> /etc/syslog.conf fi cat /etc/syslog.conf | grep -v "^#" | grep "mail.debug;*.info" if [ $? -ne 0 ] then echo "mail.debug;*.info\t $SYSLOG rotate size 1M files 5" >> /etc/syslog.conf fi cat /etc/syslog.conf | grep -v "^#" | grep "auth,authpriv.debug" if [ $? -ne 0 ] then echo "auth,authpriv.debug\t $AUTHLOG rotate time 1d files 30 compress" >> /etc/syslog.conf fi #Modify /etc/rc.tcpip to add "-r" TEST=`cat /etc/rc.tcpip | grep -v "^#" | grep syslog | awk '{print $4}'` if [[ $TEST != "-r" ]] then sed 's/syslogd \"\$src_running\"/syslogd \"\$src_running\" \-r/g' /etc/rc.tcpip > /tmp/rc.tcpip cp /tmp/rc.tcpip /etc/rc.tcpip rm /tmp/rc.tcpip fi #Refresh service refresh -s syslogd echo "\n" echo "Syslog.conf entries:" echo "====================" grep -v '^#' /etc/syslog.conf echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S09config_telnet.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize telnet after a new installation #@(#) /etc/security/login.cfg #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Set telnet banner" echo "=================" cat /etc/security/login.cfg| grep -v "^*" | egrep "herald" | grep "login" if [ $? -ne 0 ] then sed -e '/default:/a\ herald = "login:"' /etc/security/login.cfg > /tmp/login.cfg cp /tmp/login.cfg /etc/security/login.cfg rm /tmp/login.cfg fi echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S10config_filesystems.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Add new filesystems if they dont exists #@(#) /etc/filesystems #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# HOME_ROOT=/root SCRIPT_PATH=/root/scripts MKSYSB=/mksysb HOME_ITM=/opt/IBM/ITM SOFTWARE=/software HOME_ECC=/usr/ecc RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "\n" echo "Creating FS /root /opt/IBM/ITM /mksysb /software" echo "========================" if [ `lsvg rootvg | grep SIZE | awk '{print $6}'` -lt 16 ] then NB_LP=2 else NB_LP=1 fi COPIES_LV=`lslv hd5 | grep COPIES | awk '{ print $2 }'` FS_TYPE=`lsfs -a | grep hd4 | awk '{ print $4 }'` if [[ "$COPIES_LV" -gt 1 ]] then mklv -t $FS_TYPE -c2 -y rootlv rootvg $NB_LP else mklv -t $FS_TYPE -y rootlv rootvg $NB_LP fi crfs -v $FS_TYPE -d rootlv -m $HOME_ROOT -Ayes mount $HOME_ROOT mkdir -p $SCRIPT_PATH/bin mkdir -p $SCRIPT_PATH/log if [[ "$COPIES_LV" -gt 1 ]] then mklv -t $FS_TYPE -c2 -y mksysblv rootvg $NB_LP else mklv -t $FS_TYPE -y mksysblv rootvg $NB_LP fi crfs -v $FS_TYPE -d mksysblv -m $MKSYSB -Ayes mount $MKSYSB mklv -t $FS_TYPE -y softlv rootvg 1 crfs -v $FS_TYPE -d softlv -m $SOFTWARE -Ayes mount $SOFTWARE if [[ "$COPIES_LV" -gt 1 ]] then mklv -t $FS_TYPE -c2 -y itmlv rootvg $NB_LP else mklv -t $FS_TYPE -y itmlv rootvg $NB_LP fi crfs -v $FS_TYPE -d itmlv -m $HOME_ITM"1" -Ayes mount $HOME_ITM"1" chfs -a size=512M $HOME_ITM"1" # migrate data from directory /opt/IBM/ITM to filesystem /opt/IBM/ITM mv $HOME_ITM/* $HOME_ITM"1" > /dev/null 2>&1 umount $HOME_ITM"1" rm -r $HOME_ITM"1" chfs -m $HOME_ITM $HOME_ITM"1" mount $HOME_ITM if [[ "$COPIES_LV" -gt 1 ]] then mklv -t $FS_TYPE -c2 -y ecclv rootvg $NB_LP else mklv -t $FS_TYPE -y ecclv rootvg $NB_LP fi crfs -v $FS_TYPE -d ecclv -m $HOME_ECC -Ayes mount $HOME_ECC chfs -a size=640M $HOME_ECC chfs -a size=256M $HOME_ROOT chfs -a size=512M $SCRIPT_PATH chfs -a size=512M $SOFTWARE chfs -a size=3G $MKSYSB chfs -a size=128M / chfs -a size=512M /opt chfs -a size=512M /tmp chfs -a size=512M /var chfs -a size=512M /home echo "Creating CDROM FS" echo "========================" if [ ! -d /cdrom ] then mkdir /cdrom fi lsdev -Cc cdrom -Sa if [ $? -eq 0 ] then grep "cdrom" /etc/filesystems if [ $? -eq 1 ] then /usr/sbin/crfs -v cdrfs -d /dev/cd0 -m /cdrom -p ro fi fi echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S11config_user.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Create user Garde and delete root access #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# HOME_ROOT=/root RP=`dirname $0` NUM=`echo $$` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Delete root rlogin" echo "==================" chuser home=$HOME_ROOT fsize=-1 rlogin=false root cp $HOME_ROOT/.profile $HOME_ROOT/.profile.$$ > /dev/null 2>&1 cp $RP/install_files/profileroot $HOME_ROOT/.profile chown root:system $HOME_ROOT/.profile chmod 644 $HOME_ROOT/.profile cat /etc/security/.profile | grep -v "^#" | grep "TMOUT=" if [ $? -ne 0 ] then echo "export readonly TMOUT=2400" >> /etc/security/.profile fi pwdck -y ALL grpck -y ALL echo "\n" echo "Create user garde" echo "=================" mkuser -a garde echo "\n" echo "Message d'accueil" echo "=================" cp /etc/motd $DIR_CONFIG_BKP/motd.$NUM cp $RP/install_files/motd /etc/motd chmod 444 /etc/motd chown sys:sys /etc/motd echo "\n" echo "Modifications /etc/profile" echo "=================" count=1 cp /etc/profile $DIR_CONFIG_BKP/profile.$NUM cat $RP/install_files/etcprofile | while read i do if [[ $i = "" ]] then count=1 else cat /etc/profile | grep -v "^#" | grep "$i" > /dev/null if [ $? -ne 0 ] then if [[ $count = "1" ]] then echo "" >> /etc/profile count=0 fi echo $i >> /etc/profile echo $i add fi fi done # this script don't erase the garde account if it's not the last created cat /etc/security/passwd | grep ":" | tail -1 | grep -v "garde:" if [ $? -eq 1 ] then cp /etc/security/passwd $DIR_CONFIG_BKP/passwd.$NUM cat /dev/null > /etc/security/passwd cat $DIR_CONFIG_BKP/passwd.$NUM | while read LINE do echo $LINE | grep -v "garde:" > /dev/null 2>&1 if [ $? -ne 0 ] then exit 0 else echo $LINE | grep -v ":" > /dev/null 2>&1 if [ $? -ne 0 ] then echo "$LINE" >> /etc/security/passwd else echo "\t$LINE" >> /etc/security/passwd fi fi done fi # Do not add more line here echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S12config_garde.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Add password for garde user #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Add entries in /etc/security/passwd" echo "==================" echo "garde:" >> /etc/security/passwd echo "\tpassword = 7cJlYifXxZtmc" >> /etc/security/passwd echo "\tlastupdate = 1195603287" >> /etc/security/passwd echo "\tflags =" >> /etc/security/passwd echo >> /etc/security/passwd echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S13config_scriptsroot.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize scripts #@(#) copy files from /export/config/scripts_install/root_scripts/bin to /root/scripts/bin #@(#) add entries in root crontab #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# HOME_ROOT=/root SCRIPT_PATH=/root/scripts RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Mise en place des scripts de customisation" echo "==================" cp -Rp $RP/root/scripts/bin/* $SCRIPT_PATH/bin chmod 755 $SCRIPT_PATH/bin/* cat /var/spool/cron/crontabs/root | grep -v "^#" | grep "chkcore" if [ $? -ne 0 ] then echo "# " >>/var/spool/cron/crontabs/root echo "# crontab -echeck exploitation" >>/var/spool/cron/crontabs/root echo "# " >>/var/spool/cron/crontabs/root echo "0,15,30,45 * * * * /root/scripts/bin/chkcore now mail > /root/scripts/log/chkcore.log 2>&1" >>/var/spool/cron/crontabs/root echo "0 8 * * 1-5 /root/scripts/bin/chkcore daily mail > /root/scripts/log/chkcore.log 2>&1" >>/var/spool/cron/crontabs/root echo "0 0 * * * /root/scripts/bin/config_vg_disk_vm > /root/scripts/log/config_vg_disk_vm.log 2>&1" >>/var/spool/cron/crontabs/root fi cat /var/spool/cron/crontabs/root | grep -v "^#" | grep "chkfree" if [ $? -ne 0 ] then echo "0,15,30,45 * * * * /root/scripts/bin/chkfree mail > /root/scripts/log/chkfree1.log 2>&1" >>/var/spool/cron/crontabs/root fi chdev -l sys0 -a iostat=true > /dev/null echo "\n" tar xvf $RP/install_files/ksh_func.tar echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S14config_pkg.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Add additionnal filesets and RPM #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# PATH_RPM=/mnt1/rpm #/export/lpp_source/aixtoolbox/rpm VERSION=$$ RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Install additionnal packages" echo "========================" mkdir /mnt1 mount -o soft $NIM_SRV:$AIXTOOLBOX /mnt1 cp /etc/sudoers /etc/sudoers.$VERSION > /dev/null 2>&1 cp /etc/logrotate.conf /etc/logrotate.conf.$VERSION > /dev/null 2>&1 OPENSSL=`ls -t /mnt1/rpm | grep ssl | egrep -v "devel|doc" | sort | tail -1` for i in nmon logrotate lsof-4.78-1.aix5.3.ppc.rpm bash less-382 bzip2 sudo zip unzip popt rsync-2.6.2 $OPENSSL do rpm -U $PATH_RPM/$i* done umount /mnt1 rm -r /mnt1 if [ -f /etc/sudoers.$VERSION ] then mv /etc/sudoers /etc/sudoers.samples mv /etc/sudoers.$VERSION /etc/sudoers fi chmod 0440 /etc/sudoers* if [ -f /etc/logrotate.conf.$VERSION ] then mv /etc/logrotate.conf /etc/logrotate.conf.samples mv /etc/logrotate.conf.$VERSION /etc/logrotate.conf fi cat /etc/logrotate.conf | grep -v "^#" | grep "/var/adm/wtmp" if [ $? -ne 0 ] then echo "" >> /etc/logrotate.conf echo "/var/adm/wtmp {" >> /etc/logrotate.conf echo "copytruncate" >> /etc/logrotate.conf echo "rotate 50" >> /etc/logrotate.conf echo "weekly" >> /etc/logrotate.conf echo "}" >> /etc/logrotate.conf fi cat /etc/logrotate.conf | grep -v "^#" | grep "/var/adm/sulog" if [ $? -ne 0 ] then echo "" >> /etc/logrotate.conf echo "/var/adm/sulog {" >> /etc/logrotate.conf echo "copytruncate" >> /etc/logrotate.conf echo "rotate 50" >> /etc/logrotate.conf echo "weekly" >> /etc/logrotate.conf echo "}" >> /etc/logrotate.conf fi cat /etc/logrotate.conf | grep -v "^#" | grep "/var/log/syslog" if [ $? -ne 0 ] then echo "" >> /etc/logrotate.conf echo "/var/log/syslog {" >> /etc/logrotate.conf echo "copytruncate" >> /etc/logrotate.conf echo "rotate 15" >> /etc/logrotate.conf echo "weekly" >> /etc/logrotate.conf echo "}" >> /etc/logrotate.conf fi cat /etc/logrotate.conf | grep -v "^#" | grep "/var/adm/cron/log" if [ $? -ne 0 ] then echo "" >> /etc/logrotate.conf echo "/var/adm/cron/log {" >> /etc/logrotate.conf echo "copytruncate" >> /etc/logrotate.conf echo "rotate 15" >> /etc/logrotate.conf echo "weekly" >> /etc/logrotate.conf echo "}" >> /etc/logrotate.conf fi cat /etc/logrotate.conf | grep -v "^#" | grep "/root/scripts/log/TCheckFree.ksh.log" if [ $? -ne 0 ] then echo "" >> /etc/logrotate.conf echo "/root/scripts/log/TCheckFree.ksh.log {" >> /etc/logrotate.conf echo "copytruncate" >> /etc/logrotate.conf echo "rotate 15" >> /etc/logrotate.conf echo "weekly" >> /etc/logrotate.conf echo "}" >> /etc/logrotate.conf fi echo "========================" echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S16config_tsm.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Installation of TSM #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Install TSM" echo "========================" HOSTNAME=`uname -n` TSM_SOURCE_DIR=/mnt1/tsm DSM_OPT=/usr/tivoli/tsm/client/ba/bin/dsm.opt DSM_SYS=/usr/tivoli/tsm/client/ba/bin/dsm.sys LINK_DSM_OPT=/usr/bin/dsm.opt LINK_DSM_OPT_NEW=/usr/bin/dsmos.opt LINK_DSM_SYS=/usr/bin/dsm.sys INCL_EXCL=/etc/tsmos.list mkdir /mnt1 mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1 ########################################################## # installation des filesets ########################################################## # mise a jour si possible lslpp -l | grep "tivoli.tsm.client.ba" >/dev/null if [ $? -eq 0 ] then install_all_updates -d $TSM_SOURCE_DIR -rc -Y fi # installation des composants si necessaire, ou manquants installp -agXY -d $TSM_SOURCE_DIR xlC.rte xlC.aix50.rte tivoli.tsm.client.api.64bit tivoli.tsm.client.ba.32bit.base tivoli.tsm.client.ba.32bit.common tivoli.tsm.client.ba.32bit.web tivoli.tsm.client.ba.32bit.image ########################################################## # custonmisation des dsm.opt et dsm.sys ########################################################## if [ -f $DSM_OPT ] then echo "file $DSM_OPT exist" else echo SErvername ${HOSTNAME}os > $DSM_OPT fi ln -s $DSM_OPT $LINK_DSM_OPT ln -s $DSM_OPT $LINK_DSM_OPT_NEW ln -s /usr/tivoli /opt/tivoli if [ -f $DSM_SYS ] then echo "file $DSM_SYS exist" else echo SErvername ${HOSTNAME}os > $DSM_SYS echo COMMmethod TCPip >> $DSM_SYS echo TCPPort 1500 >> $DSM_SYS echo TCPServeraddress tsmprod >> $DSM_SYS echo NODENAME ${HOSTNAME} >> $DSM_SYS echo PASSWORDACCESS generate >> $DSM_SYS echo COMPRESSION no >> $DSM_SYS # echo INCLEXCL $INCL_EXCL >> $DSM_SYS echo schedlogname /var/log/dsmsched.log >> $DSM_SYS echo errorlogname /var/log/dsmerror.log >> $DSM_SYS echo schedlogretention 10 >> $DSM_SYS echo errorlogretention 60 >> $DSM_SYS echo WEBPorts 1582 1583 >> $DSM_SYS echo resourceutilization 3 >> $DSM_SYS fi ln -s $DSM_SYS $LINK_DSM_SYS #cat /etc/hosts | grep -v "^#" | grep serverstk #if [ $? -ne 0 ] # then # echo 10.10.16.65 serverstk >> /etc/hosts #fi touch /var/log/tsmos.log if [ -f $INCL_EXCL ] then echo "file $INCL_EXCL exist" else echo include /var/.../\* futil > $INCL_EXCL echo include /etc/.../* important >> $INCL_EXCL echo exclude.fs /software >> $INCL_EXCL echo exclude /.../core >> $INCL_EXCL echo exclude /.../core.* >> $INCL_EXCL fi mkitab tsmos:2:once:"/usr/tivoli/tsm/client/ba/bin/dsmc sched -optfile=$LINK_DSM_OPT > /dev/null 2>&1 # TSM scheduler" # Keep the next line for future automatic registration on TSM server #dsmadmc -id=admin -password=1mdppstk -optfile=$LINK_DSM_OPT "register NODE ${HOSTNAME} sTSMpn2c CONTACT='acsls failover' DOMAIN=UNIX_COLL_DOM COMPRESSION=NO AUTOFSRENAME=NO ARCHDELETE=NO BACKDELETE=NO FORCEPWRESET=NO TYPE=CLIENT KEEPMP=NO MAXNUMMP=2 URL=http://client.host.name:1581 USERID=NONE PASSEXP=9999" umount /mnt1 rm -r /mnt1 echo "========================" echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S17config_tz-ntp.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize time zone after a new installation #@(#) And Time Server synchronization #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "\n" echo "Changing TZ" echo "========================" if [ `uname -a | awk '{print $4}'` -lt 6 ] then chtz 'NFT-1DFT,M3.5.0,M10.5.0' else chtz 'Europe/Brussels' fi echo "\n" echo "Initalization of /etc/ntp.conf" echo "========================" cp /etc/ntp.conf $DIR_CONFIG_BKP/ntp.conf.$$ > /dev/null 2>&1 cat /etc/ntp.conf | grep -v "^#" | grep server if [ $? -ne 0 ] then echo "server $NTP_SERVER1 prefer" >> /etc/ntp.conf echo "server $NTP_SERVER2 prefer" >> /etc/ntp.conf fi cat /etc/ntp.conf | grep -v "^#" | grep driftfile if [ $? -ne 0 ] then echo "driftfile /etc/ntp.drift" >> /etc/ntp.conf fi cat /etc/ntp.conf | grep -v "^#" | grep tracefile if [ $? -ne 0 ] then echo "tracefile /etc/ntp.trace" >> /etc/ntp.conf fi cp -p /var/spool/cron/crontabs/root /tmp/cron.root cat /var/spool/cron/crontabs/root | grep -v "^#" | grep "/root/scripts/bin/ntpsync" if [ $? -ne 0 ] then echo "5 5 * * 6 /root/scripts/bin/ntpsync > /root/scripts/log/ntpsync.log 2>&1" >> /tmp/cron.root fi cp /tmp/cron.root /var/spool/cron/crontabs/root rm /tmp/cron.root kill `ps -ef | grep cron | grep -v grep |awk '{print $2}'` > /dev/null 2>&1 chrctcp -S -a xntpd echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S18config_aio.ksh:
#!/bin/ksh #@(#) ################################################################# #@(#) Activation des asynchronous IO #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Activation aio0" echo "==================" if [ `uname -a | awk '{print $4}'` -lt 6 ] then chdev -l aio0 -a autoconfig='available' -P mkdev -l aio0 fi echo "========================" echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S20config_openssh.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize openssh after a new installation #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` OSLEVEL=`oslevel | cut -f1-2 -d.` SSH_CONF_FILE=/etc/ssh/sshd_config SSH_CONF_FILE_SMP=$RP/install_files/sshd_config VERSION_EXIST=2 . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "install openssh" echo "===============" mkdir /mnt1 mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1 cp $SSH_CONF_FILE $DIR_CONFIG_BKP/sshd_config.$$ > /dev/null 2>&1 mkdir /usr/local/etc > /dev/null 2>&1 chfs -a size=+512M /usr installp -agXY -d /mnt1/openssh/aix$OSLEVEL/latest/ openssh.base openssh.license openssh.man.en_US cat $SSH_CONF_FILE | grep -v "^#" | grep "Port 22" if [ $? -ne 0 ] then cat /dev/null > /tmp/sshd_config cat $SSH_CONF_FILE | while read i do echo $i >> /tmp/sshd_config echo $i | grep "Port 22" > /dev/null if [ $? -eq 0 ] then echo "Port 22" >> /tmp/sshd_config fi done mv /tmp/sshd_config $SSH_CONF_FILE fi cat $SSH_CONF_FILE | grep -v "^#" | grep "Protocol 2" if [ $? -ne 0 ] then cat /dev/null > /tmp/sshd_config cat $SSH_CONF_FILE | while read i do echo $i >> /tmp/sshd_config echo $i | grep "Protocol 2" > /dev/null if [ $? -eq 0 ] then echo "Protocol 2" >> /tmp/sshd_config fi done mv /tmp/sshd_config $SSH_CONF_FILE fi cat $SSH_CONF_FILE | grep -v "^#" | grep "X11Forwarding no" if [ $? -ne 0 ] then cat /dev/null > /tmp/sshd_config cat $SSH_CONF_FILE | while read i do echo $i >> /tmp/sshd_config echo $i | grep "X11Forwarding " > /dev/null if [ $? -eq 0 ] then echo "X11Forwarding yes" >> /tmp/sshd_config fi done mv /tmp/sshd_config $SSH_CONF_FILE fi cat $SSH_CONF_FILE | grep -v "^#" | grep "X11UseLocalhost yes" if [ $? -ne 0 ] then cat /dev/null > /tmp/sshd_config cat $SSH_CONF_FILE | while read i do echo $i >> /tmp/sshd_config echo $i | grep "X11UseLocalhost yes" > /dev/null if [ $? -eq 0 ] then echo "X11UseLocalhost yes" >> /tmp/sshd_config fi done mv /tmp/sshd_config $SSH_CONF_FILE fi cat $SSH_CONF_FILE | egrep -v "PermitRootLogin||yes" | egrep -v "PermitRootLogin||no" > /tmp/sshd_config1 cat $SSH_CONF_FILE | grep "PermitRootLogin" > /tmp/sshd_config2 cat /dev/null > /tmp/sshd_config cat /tmp/sshd_config1 | while read i do echo $i >> /tmp/sshd_config echo $i | grep LoginGraceTime > /dev/null if [ $? -eq 0 ] then grep "^#" /tmp/sshd_config2 | grep -v "without-password" >> /tmp/sshd_config cat /tmp/sshd_config2 | grep -v "^#" | grep "PermitRootLogin" | tail -1 | while read j do if [ "$j" != "" ] then echo $j >> /tmp/sshd_config fi done grep -v "^#" /tmp/sshd_config | grep PermitRootLogin > /dev/null if [ $? -ne 0 ] then echo "PermitRootLogin no" >> /tmp/sshd_config fi fi echo $i | grep "PasswordAuthentication" | grep "PermitEmptyPasswords" > /dev/null if [ $? -eq 0 ] then grep "^#" /tmp/sshd_config2 | grep "without-password" >> /tmp/sshd_config fi done mv /tmp/sshd_config $SSH_CONF_FILE rm /tmp/sshd* > /dev/null 2>&1 NOB=`ls $SSH_CONF_FILE.* | wc -l | awk '{print $1}'` while [[ "$NOB" -ge $VERSION_EXIST ]] do FILE=`ls -rt $SSH_CONF_FILE.* | head -1` if [ -f $FILE ] then rm -f $FILE > /dev/null 2>&1 fi let NOB=NOB-1 done umount /mnt1 rm -r /mnt1 stopsrc -s sshd;startsrc -s sshd echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S21config_mksysb.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Add script to do an automatic backup system on /mksysb #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Add crontab entries for mksysb:" echo "==============================" cp -p /var/spool/cron/crontabs/root /var/spool/cron/crontabs/root.$$ cat /var/spool/cron/crontabs/root > /tmp/cron.root cat /tmp/cron.root | grep -v "^#" | grep "fullbackup" if [ $? -ne 0 ] then echo "5 1 10,20 * * /root/scripts/bin/fullbackup local >/dev/null 2>&1" >> /tmp/cron.root fi cp /tmp/cron.root /var/spool/cron/crontabs/root #rm /tmp/cron.root echo "Restart Cron daemon:" echo "==============================" kill `ps -ef | grep cron | grep -v grep |awk '{print $2}'` > /dev/null 2>&1 echo "\n" echo "Create an exclusion file" echo "==================" if [ -f /etc/exclude.rootvg ] then echo "file /etc/exclude.rootvg exist" else cp -p $RP/install_files/exclude.rootvg /etc/exclude.rootvg fi echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S22config_ecc.ksh:
#!/bin/ksh #@(#) ################################################################# #@(#) Customize ecc after a new installation #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Customize ecc after a new installation" echo "========================" cp -p $RP/install_files/eccmad /etc/rc.d/init.d cd /etc/rc.d/rc2.d ln -s ../init.d/eccmad S95eccmad ln -s ../init.d/eccmad K01eccmad echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S25config_core.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Change core path #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Changing core path" echo "========================" mkdir -p /var/core/old chmod -R 777 /var/core #syscorepath -p /var/core chcore -p on -l /var/core -n on echo "\n" echo "Changing dump device" echo "========================" sysdumpdev -l | grep primary | grep hd6 > /dev/null if [ $? -ne 0 ] then mklv -tsysdump -ylg_dumplv rootvg 15 sysdumpdev -K sysdumpdev -Pp /dev/lg_dumplv fi echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S26config_ent.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) changement de la vitesse des cartes reseau #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo " changement de la vitesse des cartes reseau" echo "========================" for i in `lsdev -C | grep ent | awk '{print $1}'` do chdev -l $i -a media_speed=100_Full_Duplex -P done echo "========================" echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S27config_rc-d.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Suppression de la ligne kill dans /etc/rc.d/rc #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo " Suppression de la ligne kill dans /etc/rc.d/rc" echo "========================" grep -v "^#" /etc/rc.d/rc | grep stop | grep echo if [ $? -ne 0 ] then mv /etc/rc.d/rc /etc/rc.d/rc.old sed '/stop/s/^/ echo #/g' /etc/rc.d/rc.old > /etc/rc.d/rc chmod 544 /etc/rc.d/rc fi echo "========================" echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S48config_sendmail.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize /etc/mail/sendmail.cf #@(#) add DSsmtp.local.be #@(#) add DMlocal.be #@(#) ver 1.0 19-12-2007 #@(#) ################################################################# SENDMAIL_FILE=/etc/mail/sendmail.cf SENDMAIL_FILE_TMP=/tmp/sendmail.cf RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Change /etc/mail/sendmail.cf" echo "==================" cp $SENDMAIL_FILE $SENDMAIL_FILE.$$ grep "DSsmtp.local.be" $SENDMAIL_FILE if [ $? -ne 0 ] then cat $SENDMAIL_FILE | sed "s/^DS/DSsmtp.local.be/" > $SENDMAIL_FILE_TMP mv $SENDMAIL_FILE_TMP $SENDMAIL_FILE fi grep "DMlocal.be" $SENDMAIL_FILE if [ $? -ne 0 ] then cat $SENDMAIL_FILE | sed "s/^DM/DMsmtp.local.be/" > $SENDMAIL_FILE_TMP mv $SENDMAIL_FILE_TMP $SENDMAIL_FILE fi echo "configuration mail" echo "==================" cat /etc/aliases | grep -v "^#" | grep g-asw-monitoring if [ $? -ne 0 ] then echo "prod: g-asw-monitoring@local.be" >> /etc/aliases echo "root: g-asw-monitoring@local.be" >> /etc/aliases fi chmod 755 /var/spool chmod 750 /var/spool/mqueue newaliases echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S49config_softadd.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Install additionnal AIX software #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# OSLEVEL=`oslevel | cut -f1-3 -d.` OS=`echo $OSLEVEL | sed -e 's/[.]//g'` REMOTE_DIR=/export/lpp_source/lpp_source$OS LOCAL_DIR=/mnt1 RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Install additionnal software" echo "==================" mkdir /mnt1 mount -o soft $NIM_SRV:$REMOTE_DIR $LOCAL_DIR install_all_updates -d $LOCAL_DIR -rc -Y # installation des composants si necessaire, ou manquants installp -agXY -d $LOCAL_DIR X11.base X11.adt X11.apps.clients X11.apps.config Java14.license Java14_64.license Java14_64.sdk Java14_64.ext bos.acct bos.adt.debug bos.adt.lib bos.adt.libm bos.adt.samples bos.adt.prof bos.adt.syscalls bos.aixpert bos.alt_disk_install bos.data bos.content_list bos.man.en_US.cmds bos.perf bos.suma perl.man.en_US rpm.rte rsct.basic.rte rsct.compat.basic.rte ldap.client ldap.max_crypto_client gskta.rte install_all_updates -d $LOCAL_DIR -rc -Y umount /mnt1 mount -o soft $NIM_SRV:$AIXOTHERLPP $LOCAL_DIR # installation des composants si necessaire, ou manquants installp -agXY -d $LOCAL_DIR/java Java14.license Java14_64.license Java14_64.sdk Java14_64.ext install_all_updates -d $LOCAL_DIR/java -rc -Y cp /etc/environment /etc/environment.$$ sed -e "s/java14\//java14_64\//g" /etc/environment > /tmp/environment.tmp mv /tmp/environment.tmp /etc/environment umount /mnt1 rm -r /mnt1 echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S50config_tivoli.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize tivoli after a new installation #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# ITM_SOURCE_DIR=/mnt1/itm RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "\n" echo "Installing Tivoli Client" echo "========================" mkdir /mnt1 mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1 installp -agXY -d $ITM_SOURCE_DIR itm.base.rte itm.cec.agent itm.premium.rte umount /mnt1 rm -r /mnt1 echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S51config_fc.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Changement des parametres des cartes FC #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo " changement de parametres des cartes FC" echo "========================" for i in `lsdev -Cc disk | grep hdiskpower | awk '{print $1}'` do rmdev -l $i done for i in `lsdev -C | grep fcs | awk '{print $1}'` do rmdev -l $i -R chdev -l $i -a init_link=pt2pt if [ $? -ne 0 ] then chdev -l $i -a init_link=pt2pt -P fi done for i in `lsdev -C | grep fscsi | awk '{print $1}'` do chdev -l $i -a dyntrk=yes -a fc_err_recov=fast_fail if [ $? -ne 0 ] then chdev -l $i -a dyntrk=yes -a fc_err_recov=fast_fail -P fi done echo "========================" echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S52config_disk_vios.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Change priority access to VIOS server in case of 2 VIOS #@(#) Affect high priority to 2nd VIOS and lower to first #@(#) Required for automatic path recover #@(#) chpath -l hdisk${disk} -p vscsi0 -a priority=1 #@(#) chpath -l hdisk${disk} -p vscsi1 -a priority=2 #@(#) chdev -l hdisk${disk} -a hcheck_interval=30 -P #@(#) #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Change disk path priority" echo "=========================" cat /dev/null > /tmp/vscsi.txt cat /dev/null > /tmp/vscsi1.txt cat /dev/null > /tmp/vscsi_prio.txt cat /dev/null > /tmp/vscsi_priority.txt lsdev -Cc adapter | grep Avail | grep vscsi | awk '{print $1}' | while read i do lscfg -vpl $i | grep Client >> /tmp/vscsi1.txt done cat /tmp/vscsi1.txt | while read i do echo $i | awk '{print $1}' >> /tmp/vscsi.txt echo $i | awk '{print $2}' | cut -f 3 -d- | cut -b3 >> /tmp/vscsi_prio.txt done cat /tmp/vscsi.txt cat /tmp/vscsi_prio.txt while [[ `tail -1 /tmp/vscsi_prio.txt` -ne "" ]] do tail -1 /tmp/vscsi_prio.txt >> /tmp/vscsi_priority.txt cat /tmp/vscsi_prio.txt | grep -v `tail -1 /tmp/vscsi_prio.txt` > /tmp/vscsi_prio.txt done while [[ `tail -1 /tmp/vscsi.txt` != "" ]] do for i in `lspv | awk '{print $1}'` do echo $i `tail -1 /tmp/vscsi.txt` `tail -1 /tmp/vscsi_priority.txt` chpath -l $i -p `tail -1 /tmp/vscsi.txt` -a priority=`tail -1 /tmp/vscsi_priority.txt` done cat /tmp/vscsi.txt | grep -v `tail -1 /tmp/vscsi.txt` > /tmp/vscsi.txt cat /tmp/vscsi_priority.txt | grep -v `tail -1 /tmp/vscsi_priority.txt` > /tmp/vscsi_priority.txt done for i in `lspv | awk '{print $1}'` do chdev -l $i -a hcheck_interval=30 -P done echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S90config_director.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize IBM Director after a new installation #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "installation des composants agent IBM DIrector 5.2" echo "==================" mkdir /mnt1 mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1 installp -agXY -d /mnt1/director/5.20.2/director/agent/aix/FILES/ sysmgt.pegasus.cimserver sysmgt.pegasus.osbaseproviders sysmgt.pegasus.smisproviders IBM.Director.Agent Director.Agent.ext Director.CimCore Director.CimExtension Director.DirectorCimCore ColSrvDirExt umount /mnt1 rm -r /mnt1 echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S91config_inventory.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Create user vpd to load inventory from all machines #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# SCRIPT_PATH=/home/scripts RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Create user vpd" echo "=================" mkuser id=900 fsize='-1' vpd mkdir /home/vpd/.ssh cp $RP/install_files/id_dsa.pub.vpd /home/vpd/.ssh/authorized_keys chown -R vpd.staff /home/vpd/.ssh chmod -R 700 /home/vpd/.ssh chmod -R 400 /home/vpd/.ssh/authorized_keys pwdck -y ALL echo "vpd ALL = (root) NOPASSWD: /usr/sbin/bootinfo -r,/usr/sbin/bootinfo -b,/usr/sbin/bootinfo -K,/usr/bin/bootlist -m normal -o,/usr/bin/cat /var/spool/cron/crontabs/root,/usr/sbin/xntpdc -c peers" >> /etc/sudoers cp $RP/root/scripts/bin/aixinv.sh $SCRIPT_PATH/bin echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S92config_rsf.old:
#!/bin/ksh ################################################################# # # # Customize ftp after a new installation # # # # # # Update by : # # # ################################################################# export LANG=C SN=`basename $0` HN=`hostname -s` DAY=`date +%d%m` HOST=`uname -n` RP=`dirname $0` . $RP/.env echo `date`" : Begin of "$SN if [ "$VERBOSE_LOGGING" = "high" ] then set -x fi echo "\n" mkdir /mnt1 mount -o soft nim:/export/lpp_source/otherlpp /mnt1 ########################################################## # installation des filesets ########################################################## # mise a jour si possible lslpp -l | grep "rsf.rsflite" >/dev/null if [ $? -eq 0 ] then install_all_updates -d $RSF_SOURCE_DIR -rc -Y fi # installation des composants si necessaire, ou manquants installp -agXY -d $RSF_SOURCE_DIR rsf.extended rsf.rsflite /usr/bin/sm_rsf chg_config -n 'cluster' -S 'h' -r '$RSF_MASTER' -f 'MONTHLY' -s opname='Hotline' -s opphone='003242497777' -s connadr='003242497502' -s opmail='root' -s remote='remote' -s scarsite="local $HOST" umount /mnt1 rm -r /mnt1 echo "\n" echo `date`" : Begin of "$SN
S95config_ftp.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize ftp after a new installation #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Set FTP banner" echo "========================" dspcat -g /usr/lib/nls/msg/en_US/ftpd.cat > /tmp/ftpd.msg sed "s/FTP server (%s) ready./FTP server ready./" /tmp/ftpd.msg > /tmp/ftpd.$$ gencat /tmp/ftpd.cat /tmp/ftpd.$$ cp -p /tmp/ftpd.cat /usr/lib/nls/msg/en_US/ftpd.cat rm /tmp/ftpd.cat /tmp/ftpd.msg /tmp/ftpd.$$ echo "\n" echo "FTP banner:" echo "===========" dspcat -g /usr/lib/nls/msg/en_US/ftpd.cat echo "\n" echo "Disable FTP users" echo "=================" cp /etc/ftpusers /etc/ftpusers.$$ > /dev/null 2>&1 echo "root\ndaemon\nbin\nadm\nuucp\nguest\nnobody\nlpd\nnuucp\nimnadm" > /etc/ftpusers cat /etc/ftpusers echo "\n" echo "Adding Log for FTPD" echo "===================" sed "s/\/usr\/sbin\/ftpd ftpd/\/usr\/sbin\/ftpd ftpd -l/g" /etc/inetd.conf > /tmp/inetd.conf cp /tmp/inetd.conf /etc/inetd.conf rm /tmp/inetd.conf refresh -s inetd echo "\n" echo `date`" : Begin of "$SN } main 2>&1 | tee -a $LOG
S96config_inetd.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize inetd after a new installation #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Customize inetd.conf entries" echo "============================" #Backup the default inetd.conf file cp /etc/inetd.conf /etc/inetd.conf.$$ #Delete tcp entries for i in telnet shell kshell login klogin exec daytime time do echo "Deleting $i from inetd.conf" chsubserver -d -p tcp -v $i -r inetd done #Delete udp entries for i in ntalk daytime time do echo "Deleting $i from inetd.conf" chsubserver -d -p udp -v $i -r inetd done echo "\n" echo "Services start by inetd:" echo "========================" grep -v '^#' /etc/inetd.conf | awk '{print $1}' echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S97config_tcpwrapper.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Customize tcp_wrapper after a new installation #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "install and config tcpwrapper" echo "=============================" mkdir /mnt1 mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1 installp -agXY -d /mnt1/tcpwrapper/ freeware.tcp_wrappers sed "s/\/usr\/sbin\/ftpd/\/usr\/local\/bin\/tcpd/" /etc/inetd.conf > /tmp/inetd.conf cp /tmp/inetd.conf /etc/inetd.conf rm /tmp/inetd.conf if [ -f /etc/hosts.deny ] then echo "ALL : ALL" > /etc/hosts.deny.samples else echo "ALL : ALL" > /etc/hosts.deny fi chown root:security /etc/hosts.deny chmod 600 /etc/hosts.deny if [ -f /etc/hosts.allow ] then echo "#ALL : 10.10.60.0/255.255.252.0" > /etc/hosts.allow.samples echo "ALL : ALL" >> /etc/hosts.allow.samples else echo "#ALL : 10.10.60.0/255.255.252.0" > /etc/hosts.allow echo "#sshd : 10.10.60.0/255.255.252.0, 10.10.61.0/255.255.252.0, 10.10.28.0/255.255.255.0" > /etc/hosts.allow echo "#ftpd : 10.10.60.0/255.255.252.0, 10.10.61.0/255.255.252.0, 10.10.28.0/255.255.255.0" > /etc/hosts.allow echo "ALL : ALL" >> /etc/hosts.allow fi umount /mnt1 rm -r /mnt1 refresh -s inetd echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S98config_ldap.ksh:
#!/bin/ksh #set -x #@(#) ################################################################# #@(#) Configure client LDAP auth after a new installation #@(#) ver 1.0 27-06-2007 #@(#) ################################################################# export JAVA_HOME=`ls /usr/java*/jre/bin/java | grep -v 64 | tail -1 | cut -f1-4 -d"/"` LDAP_CFG=/etc/security/ldap/ldap.cfg RP=`dirname $0` . $RP/.env main () { echo "#########################" echo `date`" : Begin of "$SN echo "Install TSM" echo "========================" ulimit -d unlimited echo "Creation DB SSL client...\n" gsk7cmd -keydb -create -db /etc/ldap/ldapkeys.kdb -pw 71pwdlocal -type cms -stash echo "Copie des certificats SSL depuis le server NIM\n" if [ -e $RP/install_files/ldap/*.crt ] then cp $RP/install_files/ldap/*.crt /etc/ldap/ fi echo "Ajout des certificats SSL de ldap01 et ldap02 dans la DB...\n" /usr/bin/gsk7capicmd -cert -add -db /etc/ldap/ldapkeys.kdb -pw 71pwdlocal -label ldap-ca1 -file /etc/ldap/ca-localnrs01.crt /usr/bin/gsk7capicmd -cert -add -db /etc/ldap/ldapkeys.kdb -pw 71pwdlocal -label ldap-ca2 -file /etc/ldap/ca-localnrs02.crt echo "Autorisation du LDAP + SSL pour l'authentification AIX\n" cp $LDAP_CFG /tmp/ldap.cfg cat $LDAP_CFG | grep -v "^#" | grep "useSSL" if [ $? -ne 0 ] then echo "useSSL:yes" >> /tmp/ldap.cfg fi cat $LDAP_CFG | grep -v "^#" | grep "ldapsslkeyf" if [ $? -ne 0 ] then echo "ldapsslkeyf:/etc/ldap/ldapkeys.kdb" >> /tmp/ldap.cfg fi cat $LDAP_CFG | grep -v "^#" | grep "ldapsslkeypwd" if [ $? -ne 0 ] then echo "ldapsslkeypwd:71pwdlocal" >> /tmp/ldap.cfg fi cat $LDAP_CFG | grep -v "^#" | grep "ldapsslport" if [ $? -ne 0 ] then echo "ldapsslport:636" >> /tmp/ldap.cfg fi mv /tmp/ldap.cfg $LDAP_CFG echo "Autorisation des utilisateurs a s'authentifier en LDAP par défaut (user default:)" #chuser SYSTEM=LDAP registry=LDAP ADM_P06727 # replace first occurancy of compat after the 215th line if needed cat /etc/security/user | grep -v "^*" | grep "SYSTEM =" | grep LDAP > /dev/null 2>&1 if [ $? -ne 0 ] then cp /etc/security/user /etc/security/user.orig sed -e '215,/compat/s//compat or LDAP/' /etc/security/user.orig > /etc/security/user fi echo "Add entrie in crontab to create home directory" cat /var/spool/cron/crontabs/root | grep mkhomedir_ldap > /dev/null 2>&1 if [ $? -ne 0 ] then echo "# create user LDAP" >> /var/spool/cron/crontabs/root echo "0 8 * * 3,6 /root/scripts/bin/mkhomedir_ldap > /root/scripts/log/mkhomedir_ldap.log 2>&1" >> /var/spool/cron/crontabs/root kill `ps -ef | grep cron | grep -v grep |awk '{print $2}'` > /dev/null 2>&1 fi echo "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" echo "Please rename now the client, and affect him the right IP adress to be able to contact the LDAP server and after that, you can register your server on LDAP" # echo "connexion au serveur LDAP" echo "mksecldap -c -h "ldap01.local.be,ldap02.local.be" -a "cn=proxyagent,ou=profile,dc=local,dc=adms" -p 7lpAp@ -d"dc=local,dc=adms" -A ldap_auth" echo "And restart LDAP client...\n" echo "restart-secldapclntd" echo "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@" echo "\n" echo `date`" : End of "$SN } main 2>&1 | tee -a $LOG
S99config_reboot64b.ksh:
#!/bin/ksh ################################################################# # # # Convert the system in 64bits # # # # # # Update by : # # # ################################################################# export LANG=C SN=`basename $0` HN=`hostname -s` RP=`dirname $0` DAY=`date +%d%m` echo `date`" : Begin of "$SN if [ "$VERBOSE_LOGGING" = "high" ] then set -x fi echo "convert to 64bit kernel and reboot" echo "==================" KERNEL_64=`bootinfo -K` if [ $KERNEL_64 != "64" ] then ln -sf /usr/lib/boot/unix_64 /unix ln -sf /usr/lib/boot/unix_64 /usr/lib/boot/unix bosboot -ad /dev/ipldevice fi #shutdown -Fr echo "\n" echo `date`" : End of "$SN
install_files:
reconfigure: