Scripts for AIX installation through NIM

NIM installation scripts

The first script is the install script /export/config/config610/

installAIX61.ksh:

#!/bin/ksh
#################################################################
#                                                               #
#       Install AIX 6.1 on a new system                         #
#                                                               #
#                                                               #
#       Update by  :                                            #
#                                                               #
#################################################################

export LANG=C
SN=`basename $0`
RP=`dirname $0`
HN=`hostname -s`
DAY=`date +%d%m`
LOG=$RP/log/install_client.log
REP_CONFIG=config610
SPOT=spot610
LPP_SOURCE=lpp_source610
BOSINST_DATA=bosinst_610
SCRIPTFB=scriptfb_610
CLIENT_NAME=nim_client61


mkdir $RP/log > /dev/null 2>&1

echo `date`" : Begin of "$SN
if [ "$VERBOSE_LOGGING" = "high" ]
then
        set -x
fi
echo "Launch NIM installation"
echo "======================="
nim -o reset -a force=yes $CLIENT_NAME
nim -Fo deallocate -a subclass=all $CLIENT_NAME
for i in `lsnim -l $LPP_SOURCE | grep location | awk '{print $3}'`
do
	rmnfsexp -d $i -B
done

nim -o bos_inst -a source=rte -a lpp_source=$LPP_SOURCE -a spot=$SPOT -a accept_licenses=yes -a fb_script=$SCRIPTFB -a bosinst_data=$BOSINST_DATA -a boot_client=no $CLIENT_NAME
echo "\n"
echo "Please, start client and configure IPL device with IP adress : " `host $CLIENT_NAME`
FINISH=NOK
TIME_BEF_ABORT=7200
while [ $FINISH != "OK" ]
do
        sleep 60
        TIME_BEF_ABORT=`expr $TIME_BEF_ABORT - 60`
        FINISH=`lsnim -a Cstate $CLIENT_NAME | grep -v $CLIENT_NAME | awk -F= '{if($2==" BOS installation has been enabled") { print "OK" } else { print "NOK" }}'`
        lsnim -a info
done
echo "\n"
echo "Installation...."
echo "================"
FINISH=NOK
TIME_BEF_ABORT=7200
while [ $FINISH != "OK" ]
do
	sleep 60
	TIME_BEF_ABORT=`expr $TIME_BEF_ABORT - 60`
	FINISH=`lsnim -a Cstate $CLIENT_NAME | grep -v $CLIENT_NAME | awk -F= '{if($2==" ready for a NIM operation") { print "OK" } else { print "NOK" }}'`
	lsnim -a info
done
echo "\n"
echo "Waiting for reboot..."
echo "================"
FINISH=NOK
TIME_BEF_ABORT=7200
while [ $FINISH != "OK" ]
do
        sleep 60
	TIME_BEF_ABORT=`expr $TIME_BEF_ABORT - 60`
        ping -c3 $CLIENT_NAME > /dev/null
	if [ $? -eq 0 ]
	then 
		FINISH=OK
	fi
	echo $FINISH
done
sleep 30

for i in `df | grep "/export/lpp_source/lpp_source" | awk '{print $7}'`
do
        mknfsexp -d $i -t rw
done

#rsh $CLIENT_NAME "mount -o soft nim:/export/config /mnt"
#rsh $CLIENT_NAME "/mnt/$REP_CONFIG/customize.ksh" > $LOG

cat /root/.ssh/known_hosts | grep -v $CLIENT_NAME > /tmp/known_hosts
mv /tmp/known_hosts /root/.ssh/known_hosts
cat /home/vpd/.ssh/known_hosts | grep -v $CLIENT_NAME > /tmp/known_hosts
mv /tmp/known_hosts /home/vpd/.ssh/known_hosts

nim -o showlog -a log_type=boot $CLIENT_NAME > $LOG

echo "####################"
echo "Logs are available on the NIM server in $LOG and on the client in /tmp/nim_customization.$DAY.log for customization scripts"

customize.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize AIX 6.1 after a new installation
#@(#) For information this script is copied during installation
#@(#) on the target machine in /etc/fb_<xxx> and executed
#@(#) after the first boot
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

export LANG=C
export SN=`basename $0`
export HN=`hostname -s`
export DAY=`date +%d-%m-%Y`
export RP=`dirname $0`
export LOG=/tmp/nim_customization.$DAY.log
export NIM_SRV=nim61

SCRIPT_DIR=/mnt/config610

echo "#########################"
echo `date`" : Begin of "$SN
echo $HN
if [ "$HN" = "nimsrv" ]
then
	echo "Le script ne peut pas s'executer sur le serveur NIM"
	exit 1
fi

mount -o soft $NIM_SRV:/export/config /mnt

cd $SCRIPT_DIR

for i in `ls $SCRIPT_DIR/../scripts_install | grep ksh | grep -v reboot`
do
	echo $i
        $SCRIPT_DIR/../scripts_install/$i 
done
$SCRIPT_DIR/../scripts_install/*reboot*.ksh

echo `date`" : End of "$SN

NIM customization scripts

All the follwing scripts (belonging to FB_script: first boot script) are located in /export/config/scripts_install/
All the config files are located in /export/config/scripts_install/install_files/

.env:

export LANG=C
export SN=`basename $0`
export HN=`hostname -s`
export DAY=`date +%d-%m-%Y`
export RP=`dirname $0`
export DIR_CONFIG_BKP=/var/adm/config/etc
export LOG=/tmp/nim_customization.$DAY.log
export NIM_SRV=nim
export NTP_SERVER1=ntp1.local.be
export NTP_SERVER2=ntp2.local.be
export AIXTOOLBOX=/export/lpp_source/aixtoolbox
export AIXOTHERLPP=/export/lpp_source/otherlpp

S01config_TMOUT.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize TMOUT variable after a new installation 
#@(#) /etc/profile
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Set TMOUT variable"
echo "=================="

#Backup the default /etc/profile file
cp /etc/profile /etc/profile.$$
cat /etc/profile | grep -v "^#" | grep "TMOUT="
if [ $? -ne 0 ]
 then
  echo export readonly TMOUT=2400 >> /etc/profile
fi

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S02config_crontab.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize crontab after a new installation
#@(#) /var/spool/cron/crontabs/root
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Delete crontab entries for SSA:"
echo "=============================="
cp -p /var/spool/cron/crontabs/root /var/spool/cron/crontabs/root.$$
grep -v ssa /var/spool/cron/crontabs/root | grep -v SSA > /tmp/cron.root

echo "Add crontab entries for rotation of logs and backup system:"
echo "=============================="
cat /tmp/cron.root | grep -v "^#" | grep "logrotate"
if [ $? -ne 0 ]
 then
  echo "0 8 * * 6 /usr/bin/logrotate /etc/logrotate.conf > /root/scripts/log/logrotate.log 2>&1" >> /tmp/cron.root
fi

echo "Add crontab entries for performance mesure"
cat /tmp/cron.root | grep -v "^#" | grep "/root/scripts/bin/perf_nmon"
if [ $? -ne 0 ]
 then
  echo "0 0 * * * /root/scripts/bin/perf_nmon > /dev/null 2>&1" >> /tmp/cron.root
fi

cp /tmp/cron.root /var/spool/cron/crontabs/root
rm /tmp/cron.root

echo "Restart Cron daemon:"
echo "=============================="
kill `ps -ef | grep cron | grep -v grep |awk '{print $2}'` > /dev/null 2>&1

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S03config_tty.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Configuration of TTY (serial console)
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "\n"
echo "Configuration TTY"
echo "========================"
mkdev -c tty -t'tty' -s'rs232' -p'sa0' -w'0' -a login=enable > /dev/null 2>&1
if [ $? -ne 0 ]
then
	mkdev -c tty -t'tty' -s'vcon' -p'sa0' -w'0' -a login=enable > /dev/null 2>&1
fi

echo "Enable login on TTY if still exist on the machine"
echo "========================"
chdev -l tty0 -a login=enable > /dev/null 2>&1
chdev -l vty0 -a login=enable -P > /dev/null 2>&1

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S04config_inittab.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize inittab after a new installation /etc/inittab
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

INITTAB_TMP=/etc/inittab.$$
RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Customize inittab entries"
echo "========================="
#Backup the default inittab file

cp /etc/inittab $INITTAB_TMP
cat $INITTAB_TMP | sed "s/^#/:/" > /etc/inittab

#Delete entries
for i in rcml mkatmpvc atmsvcd sniinst rcnfs piobe qdaemon writesrv uprintfd naudio
do
	echo "Deleting $i from inittab"
	rmitab $i > /dev/null 2>&1
done
echo "\n"

echo "Services start by inittab:"
echo "=========================="
grep -v '^:' /etc/inittab | awk -F":" '{print $1}' | grep -v "^#" 

# Change the console start position to have faster access in case of trouble
cat /etc/inittab | grep -v "cons:" > /tmp/inittab
rm /tmp/inittab.new > /dev/null 2>&1
cat /tmp/inittab | while read i
do
 echo $i | grep "rctcpip:" > /dev/null 2>&1
 if [ $? -ne 0 ]
 then
  echo $i >> /tmp/inittab.new
 else
  echo $i >> /tmp/inittab.new
  echo "cons:0123456789:respawn:/usr/sbin/getty /dev/console" >> /tmp/inittab.new
 fi
done
mv /tmp/inittab.new /etc/inittab
rm /tmp/inittab > /dev/null 2>&1

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S05config_netsvc.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize netsvc to solve IP adress in IPV4 and IPV6 in local 
#@(#) and then with DNS /etc/netsvc.conf
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Configure /etc/netsvc.conf"
echo "=========================="
cat /etc/netsvc.conf | grep -v "^#" | egrep "hosts|=|local|bind"
if [ $? -ne 0 ]
 then
  echo "hosts=local,bind4" >> /etc/netsvc.conf
fi

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S06config_rctcpip.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize /etc/rc.tcpip to remove unused entries
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Customize rc.tcpip entries"
echo "=========================="
#Backup the default rc.tcpip file
cp /etc/rc.tcpip /etc/rc.tcpip.$$
#Delete entries
for i in sendmail snmpmibd dpid2 hostmibd aixmibd muxatmd
do
        echo "Deleting $i from rc.tcpip"
        chrctcp -S -d $i
done
echo "\n"

echo "List of services start by rc.tcpip:"
echo "=========================="
grep '^start' /etc/rc.tcpip | awk '{print $2}'

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S07config_resolv.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize /etc/resolv.conf (DNS) 
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RESOLV_FILE=/etc/resolv.conf
RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "configure resolv.conf"
echo "====================="

#Backup the default /etc/resolv.conf file
if [ -f $RESOLV_FILE ]
 then
  echo "file $RESOLV_FILE exist"
 else
  echo "nameserver      110.10.10.1" > $RESOLV_FILE
  echo "nameserver      110.10.10.2" >> $RESOLV_FILE
  echo "domain  local.be" >> $RESOLV_FILE
fi

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S08config_syslog.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize /etc/syslog.conf to report more logs
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

MESSAGES="/var/log/messages"
SYSLOG="/var/log/syslog"
AUTHLOG="/var/log/authlog"
RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Customize syslog.conf"
echo "====================="

#Backup the default syslog.conf file
cp /etc/syslog.conf /etc/syslog.conf.$$
[ -d /var/log ] || mkdir -p /var/log
[ -f $MESSAGES ] || touch $MESSAGES
[ -f $SYSLOG ] || touch $SYSLOG
[ -f $AUTHLOG ] || touch $AUTHLOG
#Adding entries in syslog.conf
cat /etc/syslog.conf | grep -v "^#" | grep "*.crit"
if [ $? -ne 0 ]
 then
  echo "*.crit\t *" >> /etc/syslog.conf
fi
cat /etc/syslog.conf | grep -v "^#" | grep "*.err;kern.debug;daemon.notice"
if [ $? -ne 0 ]
 then
  echo "*.err;kern.debug;daemon.notice\t $MESSAGES rotate time 7d files 8 compress" >> /etc/syslog.conf
fi
cat /etc/syslog.conf | grep -v "^#" | grep "mail.debug;*.info"
if [ $? -ne 0 ]
 then
  echo "mail.debug;*.info\t $SYSLOG rotate size 1M files 5" >> /etc/syslog.conf
fi
cat /etc/syslog.conf | grep -v "^#" | grep "auth,authpriv.debug"
if [ $? -ne 0 ]
 then
  echo "auth,authpriv.debug\t $AUTHLOG rotate time 1d files 30 compress" >> /etc/syslog.conf
fi

#Modify /etc/rc.tcpip to add "-r"
TEST=`cat /etc/rc.tcpip | grep -v "^#" | grep syslog | awk '{print $4}'`
if [[ $TEST != "-r" ]]
 then
  sed 's/syslogd \"\$src_running\"/syslogd \"\$src_running\" \-r/g' /etc/rc.tcpip > /tmp/rc.tcpip
  cp /tmp/rc.tcpip /etc/rc.tcpip
  rm /tmp/rc.tcpip
fi
#Refresh service
refresh -s syslogd

echo "\n"
echo "Syslog.conf entries:"
echo "===================="
grep -v '^#' /etc/syslog.conf

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S09config_telnet.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize telnet after a new installation 
#@(#) /etc/security/login.cfg
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Set telnet banner"
echo "================="
cat /etc/security/login.cfg| grep -v "^*" | egrep "herald" | grep "login"
if [ $? -ne 0 ] 
 then
  sed -e '/default:/a\
        herald = "login:"' /etc/security/login.cfg > /tmp/login.cfg
  cp /tmp/login.cfg /etc/security/login.cfg
  rm /tmp/login.cfg
fi

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S10config_filesystems.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Add new filesystems if they dont exists 
#@(#) /etc/filesystems
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

HOME_ROOT=/root
SCRIPT_PATH=/root/scripts
MKSYSB=/mksysb
HOME_ITM=/opt/IBM/ITM 
SOFTWARE=/software
HOME_ECC=/usr/ecc
RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "\n"
echo "Creating FS /root /opt/IBM/ITM /mksysb /software"
echo "========================"
if [ `lsvg rootvg | grep SIZE | awk '{print $6}'` -lt 16 ]
then 
	NB_LP=2
else
	NB_LP=1
fi  

COPIES_LV=`lslv hd5 | grep COPIES | awk '{ print $2 }'`
FS_TYPE=`lsfs -a | grep hd4 | awk '{ print $4 }'` 
if [[ "$COPIES_LV" -gt 1 ]]
then
        mklv -t $FS_TYPE -c2 -y rootlv rootvg $NB_LP 
else
        mklv -t $FS_TYPE -y rootlv rootvg $NB_LP
fi
crfs -v $FS_TYPE -d rootlv -m $HOME_ROOT -Ayes
mount $HOME_ROOT 

mkdir -p $SCRIPT_PATH/bin
mkdir -p $SCRIPT_PATH/log

if [[ "$COPIES_LV" -gt 1 ]]
then
        mklv -t $FS_TYPE -c2 -y mksysblv rootvg $NB_LP
else
        mklv -t $FS_TYPE -y mksysblv rootvg $NB_LP
fi
crfs -v $FS_TYPE -d mksysblv -m $MKSYSB -Ayes
mount $MKSYSB

mklv -t $FS_TYPE -y softlv rootvg 1
crfs -v $FS_TYPE -d softlv -m $SOFTWARE -Ayes
mount $SOFTWARE

if [[ "$COPIES_LV" -gt 1 ]]
then
        mklv -t $FS_TYPE -c2 -y itmlv rootvg $NB_LP
else
        mklv -t $FS_TYPE -y itmlv rootvg $NB_LP
fi
crfs -v $FS_TYPE -d itmlv -m $HOME_ITM"1" -Ayes
mount $HOME_ITM"1"
chfs -a size=512M $HOME_ITM"1"
# migrate data from directory /opt/IBM/ITM to filesystem /opt/IBM/ITM
mv $HOME_ITM/* $HOME_ITM"1" > /dev/null 2>&1
umount $HOME_ITM"1"
rm -r $HOME_ITM"1"
chfs -m $HOME_ITM $HOME_ITM"1"
mount $HOME_ITM

if [[ "$COPIES_LV" -gt 1 ]]
then
        mklv -t $FS_TYPE -c2 -y ecclv rootvg $NB_LP
else
        mklv -t $FS_TYPE -y ecclv rootvg $NB_LP
fi
crfs -v $FS_TYPE -d ecclv -m $HOME_ECC -Ayes
mount $HOME_ECC

chfs -a size=640M $HOME_ECC
chfs -a size=256M $HOME_ROOT
chfs -a size=512M $SCRIPT_PATH
chfs -a size=512M $SOFTWARE
chfs -a size=3G $MKSYSB

chfs -a size=128M /
chfs -a size=512M /opt
chfs -a size=512M /tmp
chfs -a size=512M /var
chfs -a size=512M /home

echo "Creating CDROM FS"
echo "========================"
if [ ! -d /cdrom ]
 then
 mkdir /cdrom 
fi
lsdev -Cc cdrom -Sa 
if [ $? -eq 0 ]
then
	grep "cdrom" /etc/filesystems
	if [ $? -eq 1 ]
	then
		/usr/sbin/crfs -v cdrfs -d /dev/cd0 -m /cdrom -p ro
	fi
fi

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S11config_user.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Create user Garde and delete root access 
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

HOME_ROOT=/root
RP=`dirname $0`
NUM=`echo $$`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Delete root rlogin"
echo "=================="
chuser home=$HOME_ROOT fsize=-1 rlogin=false root
cp $HOME_ROOT/.profile $HOME_ROOT/.profile.$$ > /dev/null 2>&1
cp $RP/install_files/profileroot $HOME_ROOT/.profile
chown root:system $HOME_ROOT/.profile
chmod 644 $HOME_ROOT/.profile
cat /etc/security/.profile | grep -v "^#" | grep "TMOUT="
if [ $? -ne 0 ]
 then
  echo "export readonly TMOUT=2400" >> /etc/security/.profile
fi
pwdck -y ALL
grpck -y ALL
echo "\n"

echo "Create user garde"
echo "================="
mkuser -a garde
echo "\n"

echo "Message d'accueil"
echo "================="
cp /etc/motd $DIR_CONFIG_BKP/motd.$NUM
cp $RP/install_files/motd /etc/motd
chmod 444 /etc/motd
chown sys:sys /etc/motd
echo "\n"

echo "Modifications /etc/profile"
echo "================="
count=1
cp /etc/profile $DIR_CONFIG_BKP/profile.$NUM
cat $RP/install_files/etcprofile | while read i
do
 if [[ $i = "" ]]
  then
   count=1
 else
  cat /etc/profile | grep -v "^#" | grep "$i" > /dev/null
  if [ $? -ne 0 ]
   then
    if [[ $count = "1" ]]
     then
      echo "" >> /etc/profile
      count=0
    fi
    echo $i >> /etc/profile
    echo $i add
  fi
 fi
done

# this script don't erase the garde account if it's not the last created
cat /etc/security/passwd | grep ":" | tail -1 | grep -v "garde:"
if [ $? -eq 1 ]
then
        cp /etc/security/passwd $DIR_CONFIG_BKP/passwd.$NUM
        cat /dev/null > /etc/security/passwd
        cat $DIR_CONFIG_BKP/passwd.$NUM | while read LINE
        do
                echo $LINE | grep -v "garde:" > /dev/null 2>&1
                if [ $? -ne 0 ]
                then
                        exit 0
                else
                        echo $LINE | grep -v ":" > /dev/null 2>&1
                        if [ $? -ne 0 ]
                        then
                                echo "$LINE" >> /etc/security/passwd
                        else
                                echo "\t$LINE" >> /etc/security/passwd
                        fi
                fi
        done
fi

# Do not add more line here
echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S12config_garde.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Add password for garde user
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Add entries in /etc/security/passwd"
echo "=================="


echo "garde:" >> /etc/security/passwd
echo "\tpassword = 7cJlYifXxZtmc" >> /etc/security/passwd
echo "\tlastupdate = 1195603287" >> /etc/security/passwd
echo "\tflags =" >> /etc/security/passwd 
echo >> /etc/security/passwd

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S13config_scriptsroot.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize scripts 
#@(#) copy files from /export/config/scripts_install/root_scripts/bin to /root/scripts/bin
#@(#) add entries in root crontab
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

HOME_ROOT=/root
SCRIPT_PATH=/root/scripts
RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Mise en place des scripts de customisation"
echo "=================="

cp -Rp $RP/root/scripts/bin/* $SCRIPT_PATH/bin
chmod 755 $SCRIPT_PATH/bin/*
cat /var/spool/cron/crontabs/root | grep -v "^#" | grep "chkcore"
if [ $? -ne 0 ]
 then
  echo "# " >>/var/spool/cron/crontabs/root
  echo "# crontab -echeck exploitation" >>/var/spool/cron/crontabs/root
  echo "# " >>/var/spool/cron/crontabs/root
  echo "0,15,30,45 * * * * /root/scripts/bin/chkcore now mail > /root/scripts/log/chkcore.log 2>&1" >>/var/spool/cron/crontabs/root
  echo "0 8 * * 1-5 /root/scripts/bin/chkcore daily mail > /root/scripts/log/chkcore.log 2>&1" >>/var/spool/cron/crontabs/root
  echo "0 0 * * * /root/scripts/bin/config_vg_disk_vm > /root/scripts/log/config_vg_disk_vm.log 2>&1" >>/var/spool/cron/crontabs/root
fi
cat /var/spool/cron/crontabs/root | grep -v "^#" | grep "chkfree"
if [ $? -ne 0 ]
 then 
  echo "0,15,30,45 * * * *  /root/scripts/bin/chkfree mail > /root/scripts/log/chkfree1.log 2>&1" >>/var/spool/cron/crontabs/root
fi

chdev -l sys0 -a iostat=true > /dev/null

echo "\n"
tar xvf $RP/install_files/ksh_func.tar

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S14config_pkg.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Add additionnal filesets and RPM
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

PATH_RPM=/mnt1/rpm                 #/export/lpp_source/aixtoolbox/rpm
VERSION=$$
RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Install additionnal packages"
echo "========================"

mkdir /mnt1
mount -o soft $NIM_SRV:$AIXTOOLBOX /mnt1

cp /etc/sudoers /etc/sudoers.$VERSION > /dev/null 2>&1
cp /etc/logrotate.conf /etc/logrotate.conf.$VERSION > /dev/null 2>&1

OPENSSL=`ls -t /mnt1/rpm | grep ssl | egrep -v "devel|doc" | sort | tail -1`

for i in nmon logrotate lsof-4.78-1.aix5.3.ppc.rpm bash less-382 bzip2 sudo zip unzip popt rsync-2.6.2 $OPENSSL
 do
  rpm -U $PATH_RPM/$i* 
done
umount /mnt1
rm -r /mnt1

if [ -f /etc/sudoers.$VERSION ]
 then 
  mv /etc/sudoers /etc/sudoers.samples
  mv /etc/sudoers.$VERSION /etc/sudoers
fi
chmod 0440 /etc/sudoers* 
if [ -f /etc/logrotate.conf.$VERSION ]
 then 
  mv /etc/logrotate.conf /etc/logrotate.conf.samples
  mv /etc/logrotate.conf.$VERSION /etc/logrotate.conf
fi

cat /etc/logrotate.conf | grep -v "^#" | grep "/var/adm/wtmp"
if [ $? -ne 0 ]
 then
  echo "" >> /etc/logrotate.conf
  echo "/var/adm/wtmp {" >> /etc/logrotate.conf
  echo "copytruncate" >> /etc/logrotate.conf
  echo "rotate 50" >> /etc/logrotate.conf
  echo "weekly" >> /etc/logrotate.conf
  echo "}" >> /etc/logrotate.conf
fi

cat /etc/logrotate.conf | grep -v "^#" | grep "/var/adm/sulog"
if [ $? -ne 0 ]
 then
  echo "" >> /etc/logrotate.conf
  echo "/var/adm/sulog {" >> /etc/logrotate.conf
  echo "copytruncate" >> /etc/logrotate.conf
  echo "rotate 50" >> /etc/logrotate.conf
  echo "weekly" >> /etc/logrotate.conf
  echo "}" >> /etc/logrotate.conf
fi

cat /etc/logrotate.conf | grep -v "^#" | grep "/var/log/syslog"
if [ $? -ne 0 ]
 then
  echo "" >> /etc/logrotate.conf
  echo "/var/log/syslog {" >> /etc/logrotate.conf
  echo "copytruncate" >> /etc/logrotate.conf
  echo "rotate 15" >> /etc/logrotate.conf
  echo "weekly" >> /etc/logrotate.conf
  echo "}" >> /etc/logrotate.conf
fi

cat /etc/logrotate.conf | grep -v "^#" | grep "/var/adm/cron/log"
if [ $? -ne 0 ]
 then
  echo "" >> /etc/logrotate.conf
  echo "/var/adm/cron/log {" >> /etc/logrotate.conf
  echo "copytruncate" >> /etc/logrotate.conf
  echo "rotate 15" >> /etc/logrotate.conf
  echo "weekly" >> /etc/logrotate.conf
  echo "}" >> /etc/logrotate.conf
fi

cat /etc/logrotate.conf | grep -v "^#" | grep "/root/scripts/log/TCheckFree.ksh.log"
if [ $? -ne 0 ]
 then
  echo "" >> /etc/logrotate.conf
  echo "/root/scripts/log/TCheckFree.ksh.log {" >> /etc/logrotate.conf
  echo "copytruncate" >> /etc/logrotate.conf
  echo "rotate 15" >> /etc/logrotate.conf
  echo "weekly" >> /etc/logrotate.conf
  echo "}" >> /etc/logrotate.conf
fi

echo "========================"
echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S16config_tsm.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Installation of TSM
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Install TSM"
echo "========================"

HOSTNAME=`uname -n`
TSM_SOURCE_DIR=/mnt1/tsm
DSM_OPT=/usr/tivoli/tsm/client/ba/bin/dsm.opt
DSM_SYS=/usr/tivoli/tsm/client/ba/bin/dsm.sys
LINK_DSM_OPT=/usr/bin/dsm.opt
LINK_DSM_OPT_NEW=/usr/bin/dsmos.opt
LINK_DSM_SYS=/usr/bin/dsm.sys
INCL_EXCL=/etc/tsmos.list

mkdir /mnt1
mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1

##########################################################
# installation des filesets
##########################################################
# mise a jour si possible
lslpp -l | grep "tivoli.tsm.client.ba" >/dev/null
if [ $? -eq 0 ]
 then
   install_all_updates  -d $TSM_SOURCE_DIR -rc -Y 
fi

# installation des composants si necessaire, ou manquants
installp -agXY -d $TSM_SOURCE_DIR xlC.rte xlC.aix50.rte tivoli.tsm.client.api.64bit tivoli.tsm.client.ba.32bit.base tivoli.tsm.client.ba.32bit.common tivoli.tsm.client.ba.32bit.web tivoli.tsm.client.ba.32bit.image

##########################################################
# custonmisation des dsm.opt et dsm.sys
##########################################################

if [ -f $DSM_OPT ]
 then
  echo "file $DSM_OPT exist"
else
  echo SErvername ${HOSTNAME}os > $DSM_OPT
fi
ln -s $DSM_OPT $LINK_DSM_OPT
ln -s $DSM_OPT $LINK_DSM_OPT_NEW
ln -s /usr/tivoli /opt/tivoli

if [ -f $DSM_SYS ]
 then
  echo "file $DSM_SYS exist"
else
  echo SErvername         ${HOSTNAME}os > $DSM_SYS
  echo COMMmethod         TCPip >> $DSM_SYS
  echo TCPPort            1500 >> $DSM_SYS
  echo TCPServeraddress   tsmprod >> $DSM_SYS
  echo NODENAME           ${HOSTNAME} >> $DSM_SYS
  echo PASSWORDACCESS     generate >> $DSM_SYS
  echo COMPRESSION        no >> $DSM_SYS
#  echo INCLEXCL           $INCL_EXCL >> $DSM_SYS
  echo schedlogname       /var/log/dsmsched.log >> $DSM_SYS
  echo errorlogname       /var/log/dsmerror.log >> $DSM_SYS
  echo schedlogretention  10 >> $DSM_SYS
  echo errorlogretention  60 >> $DSM_SYS
  echo WEBPorts           1582 1583 >> $DSM_SYS
  echo resourceutilization 3 >> $DSM_SYS
fi
ln -s $DSM_SYS $LINK_DSM_SYS

#cat /etc/hosts | grep -v "^#" | grep serverstk
#if [ $? -ne 0 ]
# then
#  echo 10.10.16.65     serverstk >> /etc/hosts
#fi

touch /var/log/tsmos.log

if [ -f $INCL_EXCL ]
 then
  echo "file $INCL_EXCL exist"
else
  echo include /var/.../\* futil   > $INCL_EXCL
  echo include /etc/.../* important >> $INCL_EXCL
  echo exclude.fs /software >> $INCL_EXCL
  echo exclude /.../core >> $INCL_EXCL
  echo exclude /.../core.* >> $INCL_EXCL
fi

mkitab tsmos:2:once:"/usr/tivoli/tsm/client/ba/bin/dsmc sched -optfile=$LINK_DSM_OPT > /dev/null 2>&1 # TSM scheduler"

# Keep the next line for future automatic registration on TSM server
#dsmadmc -id=admin -password=1mdppstk -optfile=$LINK_DSM_OPT "register NODE ${HOSTNAME} sTSMpn2c CONTACT='acsls failover' DOMAIN=UNIX_COLL_DOM COMPRESSION=NO AUTOFSRENAME=NO ARCHDELETE=NO BACKDELETE=NO  FORCEPWRESET=NO TYPE=CLIENT KEEPMP=NO MAXNUMMP=2 URL=http://client.host.name:1581 USERID=NONE PASSEXP=9999"

umount /mnt1
rm -r /mnt1

echo "========================"
echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S17config_tz-ntp.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize time zone after a new installation
#@(#) And Time Server synchronization
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "\n"
echo "Changing TZ"
echo "========================"
if [ `uname -a | awk '{print $4}'` -lt 6 ]
then
  chtz 'NFT-1DFT,M3.5.0,M10.5.0' 
else
  chtz 'Europe/Brussels'
fi

echo "\n"
echo "Initalization of /etc/ntp.conf"
echo "========================"
cp /etc/ntp.conf $DIR_CONFIG_BKP/ntp.conf.$$ > /dev/null 2>&1
cat /etc/ntp.conf | grep -v "^#" | grep server
if [ $? -ne 0 ]
 then
  echo "server $NTP_SERVER1 prefer" >> /etc/ntp.conf
  echo "server $NTP_SERVER2 prefer" >> /etc/ntp.conf
fi
cat /etc/ntp.conf | grep -v "^#" | grep driftfile
if [ $? -ne 0 ]
 then
  echo "driftfile /etc/ntp.drift" >> /etc/ntp.conf
fi
cat /etc/ntp.conf | grep -v "^#" | grep tracefile 
if [ $? -ne 0 ]
 then
  echo "tracefile /etc/ntp.trace" >> /etc/ntp.conf
fi

cp -p /var/spool/cron/crontabs/root /tmp/cron.root
cat /var/spool/cron/crontabs/root | grep -v "^#" | grep "/root/scripts/bin/ntpsync"
if [ $? -ne 0 ]
 then
  echo "5 5 * * 6 /root/scripts/bin/ntpsync > /root/scripts/log/ntpsync.log 2>&1" >> /tmp/cron.root
fi
cp /tmp/cron.root /var/spool/cron/crontabs/root
rm /tmp/cron.root
kill `ps -ef | grep cron | grep -v grep |awk '{print $2}'` > /dev/null 2>&1

chrctcp -S -a xntpd 

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S18config_aio.ksh:

#!/bin/ksh
#@(#) #################################################################
#@(#) Activation des asynchronous IO
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Activation aio0"
echo "=================="
if [ `uname -a | awk '{print $4}'` -lt 6 ]
then
	chdev -l aio0 -a autoconfig='available' -P
	mkdev -l aio0
fi

echo "========================"
echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S20config_openssh.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize openssh after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
OSLEVEL=`oslevel | cut -f1-2 -d.`
SSH_CONF_FILE=/etc/ssh/sshd_config
SSH_CONF_FILE_SMP=$RP/install_files/sshd_config
VERSION_EXIST=2
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "install openssh"
echo "==============="

mkdir /mnt1
mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1

cp $SSH_CONF_FILE $DIR_CONFIG_BKP/sshd_config.$$ > /dev/null 2>&1

mkdir /usr/local/etc > /dev/null 2>&1
chfs -a size=+512M /usr

installp -agXY -d /mnt1/openssh/aix$OSLEVEL/latest/ openssh.base openssh.license openssh.man.en_US

cat $SSH_CONF_FILE | grep -v "^#" | grep "Port 22"
if [ $? -ne 0 ]
 then
  cat /dev/null > /tmp/sshd_config
  cat $SSH_CONF_FILE | while read i
  do
   echo $i >> /tmp/sshd_config
   echo $i | grep "Port 22" > /dev/null
   if [ $? -eq 0 ]
    then
      echo "Port 22" >> /tmp/sshd_config
   fi
  done
  mv /tmp/sshd_config $SSH_CONF_FILE
fi

cat $SSH_CONF_FILE | grep -v "^#" | grep "Protocol 2"
if [ $? -ne 0 ]
 then
  cat /dev/null > /tmp/sshd_config
  cat $SSH_CONF_FILE | while read i
  do
   echo $i >> /tmp/sshd_config
   echo $i | grep "Protocol 2" > /dev/null
   if [ $? -eq 0 ]
    then
      echo "Protocol 2" >> /tmp/sshd_config
   fi
  done
  mv /tmp/sshd_config $SSH_CONF_FILE
fi

cat $SSH_CONF_FILE | grep -v "^#" | grep "X11Forwarding no"
if [ $? -ne 0 ]
 then
  cat /dev/null > /tmp/sshd_config
  cat $SSH_CONF_FILE | while read i
  do
   echo $i >> /tmp/sshd_config
   echo $i | grep "X11Forwarding " > /dev/null
   if [ $? -eq 0 ]
    then
      echo "X11Forwarding yes" >> /tmp/sshd_config
   fi
  done
  mv /tmp/sshd_config $SSH_CONF_FILE
fi

cat $SSH_CONF_FILE | grep -v "^#" | grep "X11UseLocalhost yes"
if [ $? -ne 0 ]
 then
  cat /dev/null > /tmp/sshd_config
  cat $SSH_CONF_FILE | while read i
  do
   echo $i >> /tmp/sshd_config
   echo $i | grep "X11UseLocalhost yes" > /dev/null
   if [ $? -eq 0 ]
    then
      echo "X11UseLocalhost yes" >> /tmp/sshd_config
   fi
  done
  mv /tmp/sshd_config $SSH_CONF_FILE
fi


cat $SSH_CONF_FILE | egrep -v "PermitRootLogin||yes" | egrep -v "PermitRootLogin||no" > /tmp/sshd_config1
cat $SSH_CONF_FILE | grep "PermitRootLogin" > /tmp/sshd_config2
cat /dev/null > /tmp/sshd_config

cat /tmp/sshd_config1 | while read i
do
 echo $i >> /tmp/sshd_config 
 echo $i | grep LoginGraceTime > /dev/null
 if [ $? -eq 0 ] 
  then
   grep "^#" /tmp/sshd_config2 | grep -v "without-password" >> /tmp/sshd_config
   cat /tmp/sshd_config2 | grep -v "^#" | grep "PermitRootLogin" | tail -1 | while read j
   do
    if [ "$j" != "" ]
     then
      echo $j >> /tmp/sshd_config
    fi  
   done
  grep -v "^#" /tmp/sshd_config | grep PermitRootLogin > /dev/null
  if [ $? -ne 0 ]
   then
    echo "PermitRootLogin no" >> /tmp/sshd_config
  fi
 fi
 echo $i | grep "PasswordAuthentication" | grep "PermitEmptyPasswords" > /dev/null
 if [ $? -eq 0 ]
  then
   grep "^#" /tmp/sshd_config2 | grep "without-password" >> /tmp/sshd_config
 fi
done

mv /tmp/sshd_config $SSH_CONF_FILE
rm /tmp/sshd* > /dev/null 2>&1

NOB=`ls $SSH_CONF_FILE.* | wc -l | awk '{print $1}'` 
while [[ "$NOB" -ge $VERSION_EXIST ]]
do
        FILE=`ls -rt $SSH_CONF_FILE.* | head -1`
        if [ -f $FILE ]
        then
                rm -f $FILE > /dev/null 2>&1
        fi
        let NOB=NOB-1
done

umount /mnt1
rm -r /mnt1

stopsrc -s sshd;startsrc -s sshd

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S21config_mksysb.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Add script to do an automatic backup system on /mksysb
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Add crontab entries for mksysb:"
echo "=============================="
cp -p /var/spool/cron/crontabs/root /var/spool/cron/crontabs/root.$$
cat /var/spool/cron/crontabs/root > /tmp/cron.root

cat /tmp/cron.root | grep -v "^#" | grep "fullbackup"
if [ $? -ne 0 ]
 then
  echo "5 1 10,20 * * /root/scripts/bin/fullbackup local >/dev/null 2>&1" >> /tmp/cron.root
fi

cp /tmp/cron.root /var/spool/cron/crontabs/root
#rm /tmp/cron.root

echo "Restart Cron daemon:"
echo "=============================="
kill `ps -ef | grep cron | grep -v grep |awk '{print $2}'` > /dev/null 2>&1

echo "\n"

echo "Create an exclusion file"
echo "=================="
if [ -f /etc/exclude.rootvg ]
then
  echo "file /etc/exclude.rootvg exist"
else
  cp -p $RP/install_files/exclude.rootvg /etc/exclude.rootvg
fi

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S22config_ecc.ksh:

#!/bin/ksh
#@(#) #################################################################
#@(#) Customize ecc after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Customize ecc after a new installation"
echo "========================"

cp -p $RP/install_files/eccmad /etc/rc.d/init.d
cd /etc/rc.d/rc2.d
ln -s ../init.d/eccmad S95eccmad
ln -s ../init.d/eccmad K01eccmad

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S25config_core.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Change core path
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Changing core path"
echo "========================"
mkdir -p /var/core/old
chmod -R 777 /var/core
#syscorepath -p /var/core
chcore -p on -l /var/core -n on

echo "\n"
echo "Changing dump device"
echo "========================"
sysdumpdev -l | grep primary | grep hd6 > /dev/null
if [ $? -ne 0 ]
then
	mklv -tsysdump -ylg_dumplv rootvg 15
	sysdumpdev -K
	sysdumpdev -Pp /dev/lg_dumplv
fi

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S26config_ent.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) changement de la vitesse des cartes reseau
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo " changement de la vitesse des cartes reseau"
echo "========================"
for i in `lsdev -C | grep ent | awk '{print $1}'`
do
	chdev -l $i -a media_speed=100_Full_Duplex -P
done

echo "========================"
echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S27config_rc-d.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Suppression de la ligne kill dans /etc/rc.d/rc 
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo " Suppression de la ligne kill dans /etc/rc.d/rc"
echo "========================"

grep -v "^#" /etc/rc.d/rc | grep stop | grep echo
if [ $? -ne 0 ]
 then
  mv /etc/rc.d/rc /etc/rc.d/rc.old
  sed '/stop/s/^/                         echo #/g' /etc/rc.d/rc.old > /etc/rc.d/rc
  chmod 544 /etc/rc.d/rc
fi

echo "========================"
echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S48config_sendmail.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize /etc/mail/sendmail.cf
#@(#) add DSsmtp.local.be
#@(#) add DMlocal.be
#@(#) ver 1.0 19-12-2007
#@(#) #################################################################

SENDMAIL_FILE=/etc/mail/sendmail.cf
SENDMAIL_FILE_TMP=/tmp/sendmail.cf

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Change /etc/mail/sendmail.cf"
echo "=================="
cp $SENDMAIL_FILE $SENDMAIL_FILE.$$

grep "DSsmtp.local.be" $SENDMAIL_FILE 
if [ $? -ne  0 ]
then
  cat $SENDMAIL_FILE | sed "s/^DS/DSsmtp.local.be/" > $SENDMAIL_FILE_TMP
  mv $SENDMAIL_FILE_TMP $SENDMAIL_FILE
fi

grep "DMlocal.be" $SENDMAIL_FILE
if [ $? -ne  0 ]
then
  cat $SENDMAIL_FILE | sed "s/^DM/DMsmtp.local.be/" > $SENDMAIL_FILE_TMP
  mv $SENDMAIL_FILE_TMP $SENDMAIL_FILE
fi

echo "configuration mail"
echo "=================="
cat /etc/aliases | grep -v "^#" | grep g-asw-monitoring
if [ $? -ne 0 ]
 then
  echo "prod: g-asw-monitoring@local.be" >> /etc/aliases
  echo "root: g-asw-monitoring@local.be" >> /etc/aliases
fi
chmod 755 /var/spool
chmod 750 /var/spool/mqueue
newaliases

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S49config_softadd.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Install additionnal AIX software
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################


OSLEVEL=`oslevel | cut -f1-3 -d.`
OS=`echo $OSLEVEL | sed -e 's/[.]//g'`
REMOTE_DIR=/export/lpp_source/lpp_source$OS
LOCAL_DIR=/mnt1

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Install additionnal software"
echo "=================="

mkdir /mnt1
mount -o soft $NIM_SRV:$REMOTE_DIR $LOCAL_DIR 

install_all_updates  -d $LOCAL_DIR -rc -Y 

# installation des composants si necessaire, ou manquants

installp -agXY -d $LOCAL_DIR  X11.base X11.adt X11.apps.clients X11.apps.config Java14.license Java14_64.license Java14_64.sdk Java14_64.ext bos.acct bos.adt.debug bos.adt.lib bos.adt.libm bos.adt.samples bos.adt.prof bos.adt.syscalls bos.aixpert bos.alt_disk_install bos.data bos.content_list bos.man.en_US.cmds bos.perf bos.suma perl.man.en_US rpm.rte rsct.basic.rte rsct.compat.basic.rte ldap.client ldap.max_crypto_client gskta.rte

install_all_updates  -d $LOCAL_DIR -rc -Y 

umount /mnt1

mount -o soft $NIM_SRV:$AIXOTHERLPP $LOCAL_DIR

# installation des composants si necessaire, ou manquants

installp -agXY -d $LOCAL_DIR/java  Java14.license Java14_64.license Java14_64.sdk Java14_64.ext

install_all_updates  -d $LOCAL_DIR/java -rc -Y

cp /etc/environment /etc/environment.$$
sed -e "s/java14\//java14_64\//g" /etc/environment > /tmp/environment.tmp
mv /tmp/environment.tmp /etc/environment

umount /mnt1

rm -r /mnt1

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S50config_tivoli.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize tivoli after a new installation 
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

ITM_SOURCE_DIR=/mnt1/itm
RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "\n"
echo "Installing Tivoli Client"
echo "========================"

mkdir /mnt1
mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1

installp -agXY -d $ITM_SOURCE_DIR itm.base.rte itm.cec.agent itm.premium.rte

umount /mnt1
rm -r /mnt1

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S51config_fc.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Changement des parametres des cartes FC
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo " changement de parametres des cartes FC"
echo "========================"
for i in `lsdev -Cc disk | grep hdiskpower | awk '{print $1}'`
do
 rmdev -l $i
done

for i in `lsdev -C | grep fcs | awk '{print $1}'`
do
 rmdev -l $i -R
 chdev -l $i -a init_link=pt2pt
 if [ $? -ne 0 ]
 then
  chdev -l $i -a init_link=pt2pt -P
 fi
done

for i in `lsdev -C | grep fscsi | awk '{print $1}'`
do
 chdev -l $i -a dyntrk=yes -a fc_err_recov=fast_fail
 if [ $? -ne 0 ]
 then
  chdev -l $i -a dyntrk=yes -a fc_err_recov=fast_fail -P
 fi
done

echo "========================"
echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S52config_disk_vios.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Change priority access to VIOS server in case of 2 VIOS
#@(#) Affect high priority to 2nd VIOS and lower to first
#@(#) Required for automatic path recover
#@(#) chpath -l hdisk${disk} -p vscsi0 -a priority=1
#@(#) chpath -l hdisk${disk} -p vscsi1 -a priority=2
#@(#) chdev -l hdisk${disk} -a hcheck_interval=30 -P
#@(#) 
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Change disk path priority"
echo "========================="

cat /dev/null > /tmp/vscsi.txt
cat /dev/null > /tmp/vscsi1.txt
cat /dev/null > /tmp/vscsi_prio.txt
cat /dev/null > /tmp/vscsi_priority.txt

lsdev -Cc adapter | grep Avail | grep vscsi | awk '{print $1}' | while read i
do
lscfg -vpl $i | grep Client >> /tmp/vscsi1.txt
done

cat /tmp/vscsi1.txt  | while read i
do
echo $i | awk '{print $1}' >> /tmp/vscsi.txt
echo $i | awk '{print $2}' | cut -f 3  -d- | cut -b3 >> /tmp/vscsi_prio.txt
done

cat /tmp/vscsi.txt
cat /tmp/vscsi_prio.txt

while [[ `tail -1 /tmp/vscsi_prio.txt` -ne "" ]]
do
tail -1 /tmp/vscsi_prio.txt >> /tmp/vscsi_priority.txt
cat /tmp/vscsi_prio.txt | grep -v `tail -1 /tmp/vscsi_prio.txt` > /tmp/vscsi_prio.txt
done

while [[ `tail -1 /tmp/vscsi.txt` != "" ]]
do
for i in `lspv | awk '{print $1}'`
do
echo $i `tail -1 /tmp/vscsi.txt` `tail -1 /tmp/vscsi_priority.txt`
chpath -l $i -p `tail -1 /tmp/vscsi.txt` -a priority=`tail -1 /tmp/vscsi_priority.txt`

done
cat /tmp/vscsi.txt | grep -v `tail -1 /tmp/vscsi.txt` > /tmp/vscsi.txt
cat /tmp/vscsi_priority.txt | grep -v `tail -1 /tmp/vscsi_priority.txt` > /tmp/vscsi_priority.txt
done

for i in `lspv | awk '{print $1}'`
do
chdev -l $i -a hcheck_interval=30 -P
done

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S90config_director.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize IBM Director after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "installation des composants agent IBM DIrector 5.2"
echo "=================="

mkdir /mnt1
mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1

installp -agXY -d /mnt1/director/5.20.2/director/agent/aix/FILES/ sysmgt.pegasus.cimserver sysmgt.pegasus.osbaseproviders sysmgt.pegasus.smisproviders IBM.Director.Agent Director.Agent.ext Director.CimCore Director.CimExtension Director.DirectorCimCore ColSrvDirExt

umount /mnt1
rm -r /mnt1

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S91config_inventory.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Create user vpd to load inventory from all machines
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

SCRIPT_PATH=/home/scripts
RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Create user vpd"
echo "================="
mkuser id=900 fsize='-1' vpd 
mkdir /home/vpd/.ssh
cp $RP/install_files/id_dsa.pub.vpd /home/vpd/.ssh/authorized_keys
chown -R vpd.staff /home/vpd/.ssh
chmod -R 700 /home/vpd/.ssh
chmod -R 400 /home/vpd/.ssh/authorized_keys
pwdck -y ALL
echo "vpd     ALL = (root) NOPASSWD: /usr/sbin/bootinfo -r,/usr/sbin/bootinfo -b,/usr/sbin/bootinfo -K,/usr/bin/bootlist -m normal -o,/usr/bin/cat /var/spool/cron/crontabs/root,/usr/sbin/xntpdc -c peers" >> /etc/sudoers
cp $RP/root/scripts/bin/aixinv.sh $SCRIPT_PATH/bin 
echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S92config_rsf.old:

#!/bin/ksh
#################################################################
#								#
#	Customize ftp after a new installation		        #
#								#
#								#
#	Update by  :						#
#								#
#################################################################

export LANG=C
SN=`basename $0`
HN=`hostname -s`
DAY=`date +%d%m`
HOST=`uname -n`
RP=`dirname $0`
. $RP/.env


echo `date`" : Begin of "$SN
if [ "$VERBOSE_LOGGING" = "high" ]
then
	set -x
fi

echo "\n"


mkdir /mnt1
mount -o soft nim:/export/lpp_source/otherlpp /mnt1

##########################################################
# installation des filesets
##########################################################
# mise a jour si possible
lslpp -l | grep "rsf.rsflite" >/dev/null
if [ $? -eq 0 ]
 then
   install_all_updates  -d $RSF_SOURCE_DIR -rc -Y 
fi

# installation des composants si necessaire, ou manquants
installp -agXY -d $RSF_SOURCE_DIR rsf.extended rsf.rsflite

/usr/bin/sm_rsf chg_config -n 'cluster' -S 'h' -r '$RSF_MASTER' -f 'MONTHLY' -s opname='Hotline' -s opphone='003242497777' -s connadr='003242497502' -s opmail='root' -s remote='remote' -s scarsite="local $HOST"

umount /mnt1
rm -r /mnt1

echo "\n"
echo `date`" : Begin of "$SN

S95config_ftp.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize ftp after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Set FTP banner"
echo "========================"
dspcat -g /usr/lib/nls/msg/en_US/ftpd.cat > /tmp/ftpd.msg
sed "s/FTP server (%s) ready./FTP server ready./" /tmp/ftpd.msg > /tmp/ftpd.$$
gencat /tmp/ftpd.cat /tmp/ftpd.$$
cp -p /tmp/ftpd.cat /usr/lib/nls/msg/en_US/ftpd.cat
rm /tmp/ftpd.cat /tmp/ftpd.msg /tmp/ftpd.$$
echo "\n"
echo "FTP banner:"
echo "==========="
dspcat -g /usr/lib/nls/msg/en_US/ftpd.cat
echo "\n"
echo "Disable FTP users"
echo "================="
cp /etc/ftpusers /etc/ftpusers.$$ > /dev/null 2>&1
echo "root\ndaemon\nbin\nadm\nuucp\nguest\nnobody\nlpd\nnuucp\nimnadm" > /etc/ftpusers
cat /etc/ftpusers
echo "\n"
echo "Adding Log for FTPD"
echo "==================="
sed "s/\/usr\/sbin\/ftpd         ftpd/\/usr\/sbin\/ftpd         ftpd -l/g" /etc/inetd.conf > /tmp/inetd.conf
cp /tmp/inetd.conf /etc/inetd.conf
rm /tmp/inetd.conf
refresh -s inetd
echo "\n"
echo `date`" : Begin of "$SN
}

main 2>&1 | tee -a $LOG

S96config_inetd.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize inetd after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Customize inetd.conf entries"
echo "============================"

#Backup the default inetd.conf file
cp /etc/inetd.conf /etc/inetd.conf.$$
#Delete tcp entries
for i in telnet shell kshell login klogin exec daytime time
do
        echo "Deleting $i from inetd.conf"
       chsubserver -d -p tcp -v $i -r inetd
done
#Delete udp entries
for i in ntalk daytime time
do
        echo "Deleting $i from inetd.conf"
       chsubserver -d -p udp -v $i -r inetd
done
echo "\n"
echo "Services start by inetd:"
echo "========================"
grep -v '^#' /etc/inetd.conf | awk '{print $1}'
echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S97config_tcpwrapper.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize tcp_wrapper after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "install and config tcpwrapper"
echo "============================="


mkdir /mnt1
mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1


installp -agXY -d /mnt1/tcpwrapper/ freeware.tcp_wrappers
sed "s/\/usr\/sbin\/ftpd/\/usr\/local\/bin\/tcpd/" /etc/inetd.conf > /tmp/inetd.conf
cp /tmp/inetd.conf /etc/inetd.conf
rm /tmp/inetd.conf

if [ -f /etc/hosts.deny ]
then
 echo "ALL : ALL" > /etc/hosts.deny.samples
else
 echo "ALL : ALL" > /etc/hosts.deny
fi
chown root:security /etc/hosts.deny
chmod 600 /etc/hosts.deny

if [ -f /etc/hosts.allow ]
then
 echo "#ALL : 10.10.60.0/255.255.252.0" > /etc/hosts.allow.samples
 echo "ALL : ALL" >> /etc/hosts.allow.samples
else
 echo "#ALL : 10.10.60.0/255.255.252.0" > /etc/hosts.allow
 echo "#sshd : 10.10.60.0/255.255.252.0, 10.10.61.0/255.255.252.0, 10.10.28.0/255.255.255.0" > /etc/hosts.allow 
 echo "#ftpd : 10.10.60.0/255.255.252.0, 10.10.61.0/255.255.252.0, 10.10.28.0/255.255.255.0" > /etc/hosts.allow
 echo "ALL : ALL" >> /etc/hosts.allow
fi

umount /mnt1
rm -r /mnt1

refresh -s inetd
echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S98config_ldap.ksh:

#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Configure client LDAP auth after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################

export JAVA_HOME=`ls /usr/java*/jre/bin/java | grep -v 64 | tail -1 | cut -f1-4 -d"/"`
LDAP_CFG=/etc/security/ldap/ldap.cfg
RP=`dirname $0`
. $RP/.env

main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Install TSM"
echo "========================"


ulimit -d unlimited

echo "Creation DB SSL client...\n"
gsk7cmd -keydb -create -db /etc/ldap/ldapkeys.kdb -pw 71pwdlocal -type cms -stash

echo "Copie des certificats SSL depuis le server NIM\n"
if [ -e $RP/install_files/ldap/*.crt ]
then
   cp $RP/install_files/ldap/*.crt /etc/ldap/
fi

echo "Ajout des certificats SSL de ldap01 et ldap02 dans la DB...\n"
/usr/bin/gsk7capicmd -cert -add -db /etc/ldap/ldapkeys.kdb -pw 71pwdlocal -label ldap-ca1 -file /etc/ldap/ca-localnrs01.crt
/usr/bin/gsk7capicmd -cert -add -db /etc/ldap/ldapkeys.kdb -pw 71pwdlocal -label ldap-ca2 -file /etc/ldap/ca-localnrs02.crt



echo "Autorisation du LDAP + SSL pour l'authentification AIX\n"
cp $LDAP_CFG /tmp/ldap.cfg
cat $LDAP_CFG | grep -v "^#" | grep "useSSL"
if [ $? -ne 0 ]
 then
  echo "useSSL:yes" >> /tmp/ldap.cfg
fi

cat $LDAP_CFG | grep -v "^#" | grep "ldapsslkeyf"
if [ $? -ne 0 ]
 then
  echo "ldapsslkeyf:/etc/ldap/ldapkeys.kdb" >> /tmp/ldap.cfg
fi

cat $LDAP_CFG | grep -v "^#" | grep "ldapsslkeypwd"
if [ $? -ne 0 ]
 then
  echo "ldapsslkeypwd:71pwdlocal" >> /tmp/ldap.cfg
fi

cat $LDAP_CFG | grep -v "^#" | grep "ldapsslport"
if [ $? -ne 0 ]
 then
  echo "ldapsslport:636" >> /tmp/ldap.cfg
fi

mv /tmp/ldap.cfg $LDAP_CFG


echo "Autorisation des utilisateurs a s'authentifier en LDAP par défaut (user default:)"
#chuser SYSTEM=LDAP registry=LDAP ADM_P06727
# replace first occurancy of compat after the 215th line if needed
cat /etc/security/user | grep -v "^*" | grep "SYSTEM =" | grep LDAP > /dev/null 2>&1
if [ $? -ne 0 ]
then
   cp /etc/security/user /etc/security/user.orig
   sed -e  '215,/compat/s//compat or LDAP/' /etc/security/user.orig > /etc/security/user
fi

echo "Add entrie in crontab to create home directory"
cat /var/spool/cron/crontabs/root | grep mkhomedir_ldap > /dev/null 2>&1 
if [ $? -ne 0 ]
then
   echo "# create user LDAP" >> /var/spool/cron/crontabs/root
   echo "0 8 * * 3,6 /root/scripts/bin/mkhomedir_ldap > /root/scripts/log/mkhomedir_ldap.log 2>&1" >> /var/spool/cron/crontabs/root
   kill `ps -ef | grep cron | grep -v grep |awk '{print $2}'` > /dev/null 2>&1
fi

echo "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"
echo "Please rename now the client, and affect him the right IP adress to be able to contact the LDAP server and after that, you can register your server on LDAP"
# echo "connexion au serveur LDAP"
echo "mksecldap -c -h "ldap01.local.be,ldap02.local.be" -a "cn=proxyagent,ou=profile,dc=local,dc=adms" -p 7lpAp@ -d"dc=local,dc=adms" -A ldap_auth"

echo "And restart LDAP client...\n"
echo "restart-secldapclntd"
echo "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"

echo "\n"
echo `date`" : End of "$SN
}

main 2>&1 | tee -a $LOG

S99config_reboot64b.ksh:

#!/bin/ksh
#################################################################
#								#
#	Convert the system in 64bits		#
#								#
#								#
#	Update by  :						#
#								#
#################################################################

export LANG=C
SN=`basename $0`
HN=`hostname -s`
RP=`dirname $0`
DAY=`date +%d%m`
echo `date`" : Begin of "$SN
if [ "$VERBOSE_LOGGING" = "high" ]
then
	set -x
fi

echo "convert to 64bit kernel and reboot"
echo "=================="
KERNEL_64=`bootinfo -K`
if [ $KERNEL_64 != "64" ]
then
  ln -sf /usr/lib/boot/unix_64 /unix
  ln -sf /usr/lib/boot/unix_64 /usr/lib/boot/unix
  bosboot -ad /dev/ipldevice
fi
#shutdown -Fr
echo "\n"
echo `date`" : End of "$SN

install_files:



reconfigure: