The first script is the install script /export/config/config610/
installAIX61.ksh:
#!/bin/ksh
#################################################################
# #
# Install AIX 6.1 on a new system #
# #
# #
# Update by : #
# #
#################################################################
export LANG=C
SN=`basename $0`
RP=`dirname $0`
HN=`hostname -s`
DAY=`date +%d%m`
LOG=$RP/log/install_client.log
REP_CONFIG=config610
SPOT=spot610
LPP_SOURCE=lpp_source610
BOSINST_DATA=bosinst_610
SCRIPTFB=scriptfb_610
CLIENT_NAME=nim_client61
mkdir $RP/log > /dev/null 2>&1
echo `date`" : Begin of "$SN
if [ "$VERBOSE_LOGGING" = "high" ]
then
set -x
fi
echo "Launch NIM installation"
echo "======================="
nim -o reset -a force=yes $CLIENT_NAME
nim -Fo deallocate -a subclass=all $CLIENT_NAME
for i in `lsnim -l $LPP_SOURCE | grep location | awk '{print $3}'`
do
rmnfsexp -d $i -B
done
nim -o bos_inst -a source=rte -a lpp_source=$LPP_SOURCE -a spot=$SPOT -a accept_licenses=yes -a fb_script=$SCRIPTFB -a bosinst_data=$BOSINST_DATA -a boot_client=no $CLIENT_NAME
echo "\n"
echo "Please, start client and configure IPL device with IP adress : " `host $CLIENT_NAME`
FINISH=NOK
TIME_BEF_ABORT=7200
while [ $FINISH != "OK" ]
do
sleep 60
TIME_BEF_ABORT=`expr $TIME_BEF_ABORT - 60`
FINISH=`lsnim -a Cstate $CLIENT_NAME | grep -v $CLIENT_NAME | awk -F= '{if($2==" BOS installation has been enabled") { print "OK" } else { print "NOK" }}'`
lsnim -a info
done
echo "\n"
echo "Installation...."
echo "================"
FINISH=NOK
TIME_BEF_ABORT=7200
while [ $FINISH != "OK" ]
do
sleep 60
TIME_BEF_ABORT=`expr $TIME_BEF_ABORT - 60`
FINISH=`lsnim -a Cstate $CLIENT_NAME | grep -v $CLIENT_NAME | awk -F= '{if($2==" ready for a NIM operation") { print "OK" } else { print "NOK" }}'`
lsnim -a info
done
echo "\n"
echo "Waiting for reboot..."
echo "================"
FINISH=NOK
TIME_BEF_ABORT=7200
while [ $FINISH != "OK" ]
do
sleep 60
TIME_BEF_ABORT=`expr $TIME_BEF_ABORT - 60`
ping -c3 $CLIENT_NAME > /dev/null
if [ $? -eq 0 ]
then
FINISH=OK
fi
echo $FINISH
done
sleep 30
for i in `df | grep "/export/lpp_source/lpp_source" | awk '{print $7}'`
do
mknfsexp -d $i -t rw
done
#rsh $CLIENT_NAME "mount -o soft nim:/export/config /mnt"
#rsh $CLIENT_NAME "/mnt/$REP_CONFIG/customize.ksh" > $LOG
cat /root/.ssh/known_hosts | grep -v $CLIENT_NAME > /tmp/known_hosts
mv /tmp/known_hosts /root/.ssh/known_hosts
cat /home/vpd/.ssh/known_hosts | grep -v $CLIENT_NAME > /tmp/known_hosts
mv /tmp/known_hosts /home/vpd/.ssh/known_hosts
nim -o showlog -a log_type=boot $CLIENT_NAME > $LOG
echo "####################"
echo "Logs are available on the NIM server in $LOG and on the client in /tmp/nim_customization.$DAY.log for customization scripts"
customize.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize AIX 6.1 after a new installation
#@(#) For information this script is copied during installation
#@(#) on the target machine in /etc/fb_<xxx> and executed
#@(#) after the first boot
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
export LANG=C
export SN=`basename $0`
export HN=`hostname -s`
export DAY=`date +%d-%m-%Y`
export RP=`dirname $0`
export LOG=/tmp/nim_customization.$DAY.log
export NIM_SRV=nim61
SCRIPT_DIR=/mnt/config610
echo "#########################"
echo `date`" : Begin of "$SN
echo $HN
if [ "$HN" = "nimsrv" ]
then
echo "Le script ne peut pas s'executer sur le serveur NIM"
exit 1
fi
mount -o soft $NIM_SRV:/export/config /mnt
cd $SCRIPT_DIR
for i in `ls $SCRIPT_DIR/../scripts_install | grep ksh | grep -v reboot`
do
echo $i
$SCRIPT_DIR/../scripts_install/$i
done
$SCRIPT_DIR/../scripts_install/*reboot*.ksh
echo `date`" : End of "$SN
All the follwing scripts (belonging to FB_script: first boot script) are located in /export/config/scripts_install/
All the config files are located in /export/config/scripts_install/install_files/
.env:
export LANG=C export SN=`basename $0` export HN=`hostname -s` export DAY=`date +%d-%m-%Y` export RP=`dirname $0` export DIR_CONFIG_BKP=/var/adm/config/etc export LOG=/tmp/nim_customization.$DAY.log export NIM_SRV=nim export NTP_SERVER1=ntp1.local.be export NTP_SERVER2=ntp2.local.be export AIXTOOLBOX=/export/lpp_source/aixtoolbox export AIXOTHERLPP=/export/lpp_source/otherlpp
S01config_TMOUT.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize TMOUT variable after a new installation
#@(#) /etc/profile
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Set TMOUT variable"
echo "=================="
#Backup the default /etc/profile file
cp /etc/profile /etc/profile.$$
cat /etc/profile | grep -v "^#" | grep "TMOUT="
if [ $? -ne 0 ]
then
echo export readonly TMOUT=2400 >> /etc/profile
fi
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S02config_crontab.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize crontab after a new installation
#@(#) /var/spool/cron/crontabs/root
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Delete crontab entries for SSA:"
echo "=============================="
cp -p /var/spool/cron/crontabs/root /var/spool/cron/crontabs/root.$$
grep -v ssa /var/spool/cron/crontabs/root | grep -v SSA > /tmp/cron.root
echo "Add crontab entries for rotation of logs and backup system:"
echo "=============================="
cat /tmp/cron.root | grep -v "^#" | grep "logrotate"
if [ $? -ne 0 ]
then
echo "0 8 * * 6 /usr/bin/logrotate /etc/logrotate.conf > /root/scripts/log/logrotate.log 2>&1" >> /tmp/cron.root
fi
echo "Add crontab entries for performance mesure"
cat /tmp/cron.root | grep -v "^#" | grep "/root/scripts/bin/perf_nmon"
if [ $? -ne 0 ]
then
echo "0 0 * * * /root/scripts/bin/perf_nmon > /dev/null 2>&1" >> /tmp/cron.root
fi
cp /tmp/cron.root /var/spool/cron/crontabs/root
rm /tmp/cron.root
echo "Restart Cron daemon:"
echo "=============================="
kill `ps -ef | grep cron | grep -v grep |awk '{print $2}'` > /dev/null 2>&1
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S03config_tty.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Configuration of TTY (serial console)
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "\n"
echo "Configuration TTY"
echo "========================"
mkdev -c tty -t'tty' -s'rs232' -p'sa0' -w'0' -a login=enable > /dev/null 2>&1
if [ $? -ne 0 ]
then
mkdev -c tty -t'tty' -s'vcon' -p'sa0' -w'0' -a login=enable > /dev/null 2>&1
fi
echo "Enable login on TTY if still exist on the machine"
echo "========================"
chdev -l tty0 -a login=enable > /dev/null 2>&1
chdev -l vty0 -a login=enable -P > /dev/null 2>&1
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S04config_inittab.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize inittab after a new installation /etc/inittab
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
INITTAB_TMP=/etc/inittab.$$
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Customize inittab entries"
echo "========================="
#Backup the default inittab file
cp /etc/inittab $INITTAB_TMP
cat $INITTAB_TMP | sed "s/^#/:/" > /etc/inittab
#Delete entries
for i in rcml mkatmpvc atmsvcd sniinst rcnfs piobe qdaemon writesrv uprintfd naudio
do
echo "Deleting $i from inittab"
rmitab $i > /dev/null 2>&1
done
echo "\n"
echo "Services start by inittab:"
echo "=========================="
grep -v '^:' /etc/inittab | awk -F":" '{print $1}' | grep -v "^#"
# Change the console start position to have faster access in case of trouble
cat /etc/inittab | grep -v "cons:" > /tmp/inittab
rm /tmp/inittab.new > /dev/null 2>&1
cat /tmp/inittab | while read i
do
echo $i | grep "rctcpip:" > /dev/null 2>&1
if [ $? -ne 0 ]
then
echo $i >> /tmp/inittab.new
else
echo $i >> /tmp/inittab.new
echo "cons:0123456789:respawn:/usr/sbin/getty /dev/console" >> /tmp/inittab.new
fi
done
mv /tmp/inittab.new /etc/inittab
rm /tmp/inittab > /dev/null 2>&1
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S05config_netsvc.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize netsvc to solve IP adress in IPV4 and IPV6 in local
#@(#) and then with DNS /etc/netsvc.conf
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Configure /etc/netsvc.conf"
echo "=========================="
cat /etc/netsvc.conf | grep -v "^#" | egrep "hosts|=|local|bind"
if [ $? -ne 0 ]
then
echo "hosts=local,bind4" >> /etc/netsvc.conf
fi
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S06config_rctcpip.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize /etc/rc.tcpip to remove unused entries
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Customize rc.tcpip entries"
echo "=========================="
#Backup the default rc.tcpip file
cp /etc/rc.tcpip /etc/rc.tcpip.$$
#Delete entries
for i in sendmail snmpmibd dpid2 hostmibd aixmibd muxatmd
do
echo "Deleting $i from rc.tcpip"
chrctcp -S -d $i
done
echo "\n"
echo "List of services start by rc.tcpip:"
echo "=========================="
grep '^start' /etc/rc.tcpip | awk '{print $2}'
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S07config_resolv.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize /etc/resolv.conf (DNS)
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RESOLV_FILE=/etc/resolv.conf
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "configure resolv.conf"
echo "====================="
#Backup the default /etc/resolv.conf file
if [ -f $RESOLV_FILE ]
then
echo "file $RESOLV_FILE exist"
else
echo "nameserver 110.10.10.1" > $RESOLV_FILE
echo "nameserver 110.10.10.2" >> $RESOLV_FILE
echo "domain local.be" >> $RESOLV_FILE
fi
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S08config_syslog.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize /etc/syslog.conf to report more logs
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
MESSAGES="/var/log/messages"
SYSLOG="/var/log/syslog"
AUTHLOG="/var/log/authlog"
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Customize syslog.conf"
echo "====================="
#Backup the default syslog.conf file
cp /etc/syslog.conf /etc/syslog.conf.$$
[ -d /var/log ] || mkdir -p /var/log
[ -f $MESSAGES ] || touch $MESSAGES
[ -f $SYSLOG ] || touch $SYSLOG
[ -f $AUTHLOG ] || touch $AUTHLOG
#Adding entries in syslog.conf
cat /etc/syslog.conf | grep -v "^#" | grep "*.crit"
if [ $? -ne 0 ]
then
echo "*.crit\t *" >> /etc/syslog.conf
fi
cat /etc/syslog.conf | grep -v "^#" | grep "*.err;kern.debug;daemon.notice"
if [ $? -ne 0 ]
then
echo "*.err;kern.debug;daemon.notice\t $MESSAGES rotate time 7d files 8 compress" >> /etc/syslog.conf
fi
cat /etc/syslog.conf | grep -v "^#" | grep "mail.debug;*.info"
if [ $? -ne 0 ]
then
echo "mail.debug;*.info\t $SYSLOG rotate size 1M files 5" >> /etc/syslog.conf
fi
cat /etc/syslog.conf | grep -v "^#" | grep "auth,authpriv.debug"
if [ $? -ne 0 ]
then
echo "auth,authpriv.debug\t $AUTHLOG rotate time 1d files 30 compress" >> /etc/syslog.conf
fi
#Modify /etc/rc.tcpip to add "-r"
TEST=`cat /etc/rc.tcpip | grep -v "^#" | grep syslog | awk '{print $4}'`
if [[ $TEST != "-r" ]]
then
sed 's/syslogd \"\$src_running\"/syslogd \"\$src_running\" \-r/g' /etc/rc.tcpip > /tmp/rc.tcpip
cp /tmp/rc.tcpip /etc/rc.tcpip
rm /tmp/rc.tcpip
fi
#Refresh service
refresh -s syslogd
echo "\n"
echo "Syslog.conf entries:"
echo "===================="
grep -v '^#' /etc/syslog.conf
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S09config_telnet.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize telnet after a new installation
#@(#) /etc/security/login.cfg
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Set telnet banner"
echo "================="
cat /etc/security/login.cfg| grep -v "^*" | egrep "herald" | grep "login"
if [ $? -ne 0 ]
then
sed -e '/default:/a\
herald = "login:"' /etc/security/login.cfg > /tmp/login.cfg
cp /tmp/login.cfg /etc/security/login.cfg
rm /tmp/login.cfg
fi
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S10config_filesystems.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Add new filesystems if they dont exists
#@(#) /etc/filesystems
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
HOME_ROOT=/root
SCRIPT_PATH=/root/scripts
MKSYSB=/mksysb
HOME_ITM=/opt/IBM/ITM
SOFTWARE=/software
HOME_ECC=/usr/ecc
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "\n"
echo "Creating FS /root /opt/IBM/ITM /mksysb /software"
echo "========================"
if [ `lsvg rootvg | grep SIZE | awk '{print $6}'` -lt 16 ]
then
NB_LP=2
else
NB_LP=1
fi
COPIES_LV=`lslv hd5 | grep COPIES | awk '{ print $2 }'`
FS_TYPE=`lsfs -a | grep hd4 | awk '{ print $4 }'`
if [[ "$COPIES_LV" -gt 1 ]]
then
mklv -t $FS_TYPE -c2 -y rootlv rootvg $NB_LP
else
mklv -t $FS_TYPE -y rootlv rootvg $NB_LP
fi
crfs -v $FS_TYPE -d rootlv -m $HOME_ROOT -Ayes
mount $HOME_ROOT
mkdir -p $SCRIPT_PATH/bin
mkdir -p $SCRIPT_PATH/log
if [[ "$COPIES_LV" -gt 1 ]]
then
mklv -t $FS_TYPE -c2 -y mksysblv rootvg $NB_LP
else
mklv -t $FS_TYPE -y mksysblv rootvg $NB_LP
fi
crfs -v $FS_TYPE -d mksysblv -m $MKSYSB -Ayes
mount $MKSYSB
mklv -t $FS_TYPE -y softlv rootvg 1
crfs -v $FS_TYPE -d softlv -m $SOFTWARE -Ayes
mount $SOFTWARE
if [[ "$COPIES_LV" -gt 1 ]]
then
mklv -t $FS_TYPE -c2 -y itmlv rootvg $NB_LP
else
mklv -t $FS_TYPE -y itmlv rootvg $NB_LP
fi
crfs -v $FS_TYPE -d itmlv -m $HOME_ITM"1" -Ayes
mount $HOME_ITM"1"
chfs -a size=512M $HOME_ITM"1"
# migrate data from directory /opt/IBM/ITM to filesystem /opt/IBM/ITM
mv $HOME_ITM/* $HOME_ITM"1" > /dev/null 2>&1
umount $HOME_ITM"1"
rm -r $HOME_ITM"1"
chfs -m $HOME_ITM $HOME_ITM"1"
mount $HOME_ITM
if [[ "$COPIES_LV" -gt 1 ]]
then
mklv -t $FS_TYPE -c2 -y ecclv rootvg $NB_LP
else
mklv -t $FS_TYPE -y ecclv rootvg $NB_LP
fi
crfs -v $FS_TYPE -d ecclv -m $HOME_ECC -Ayes
mount $HOME_ECC
chfs -a size=640M $HOME_ECC
chfs -a size=256M $HOME_ROOT
chfs -a size=512M $SCRIPT_PATH
chfs -a size=512M $SOFTWARE
chfs -a size=3G $MKSYSB
chfs -a size=128M /
chfs -a size=512M /opt
chfs -a size=512M /tmp
chfs -a size=512M /var
chfs -a size=512M /home
echo "Creating CDROM FS"
echo "========================"
if [ ! -d /cdrom ]
then
mkdir /cdrom
fi
lsdev -Cc cdrom -Sa
if [ $? -eq 0 ]
then
grep "cdrom" /etc/filesystems
if [ $? -eq 1 ]
then
/usr/sbin/crfs -v cdrfs -d /dev/cd0 -m /cdrom -p ro
fi
fi
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S11config_user.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Create user Garde and delete root access
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
HOME_ROOT=/root
RP=`dirname $0`
NUM=`echo $$`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Delete root rlogin"
echo "=================="
chuser home=$HOME_ROOT fsize=-1 rlogin=false root
cp $HOME_ROOT/.profile $HOME_ROOT/.profile.$$ > /dev/null 2>&1
cp $RP/install_files/profileroot $HOME_ROOT/.profile
chown root:system $HOME_ROOT/.profile
chmod 644 $HOME_ROOT/.profile
cat /etc/security/.profile | grep -v "^#" | grep "TMOUT="
if [ $? -ne 0 ]
then
echo "export readonly TMOUT=2400" >> /etc/security/.profile
fi
pwdck -y ALL
grpck -y ALL
echo "\n"
echo "Create user garde"
echo "================="
mkuser -a garde
echo "\n"
echo "Message d'accueil"
echo "================="
cp /etc/motd $DIR_CONFIG_BKP/motd.$NUM
cp $RP/install_files/motd /etc/motd
chmod 444 /etc/motd
chown sys:sys /etc/motd
echo "\n"
echo "Modifications /etc/profile"
echo "================="
count=1
cp /etc/profile $DIR_CONFIG_BKP/profile.$NUM
cat $RP/install_files/etcprofile | while read i
do
if [[ $i = "" ]]
then
count=1
else
cat /etc/profile | grep -v "^#" | grep "$i" > /dev/null
if [ $? -ne 0 ]
then
if [[ $count = "1" ]]
then
echo "" >> /etc/profile
count=0
fi
echo $i >> /etc/profile
echo $i add
fi
fi
done
# this script don't erase the garde account if it's not the last created
cat /etc/security/passwd | grep ":" | tail -1 | grep -v "garde:"
if [ $? -eq 1 ]
then
cp /etc/security/passwd $DIR_CONFIG_BKP/passwd.$NUM
cat /dev/null > /etc/security/passwd
cat $DIR_CONFIG_BKP/passwd.$NUM | while read LINE
do
echo $LINE | grep -v "garde:" > /dev/null 2>&1
if [ $? -ne 0 ]
then
exit 0
else
echo $LINE | grep -v ":" > /dev/null 2>&1
if [ $? -ne 0 ]
then
echo "$LINE" >> /etc/security/passwd
else
echo "\t$LINE" >> /etc/security/passwd
fi
fi
done
fi
# Do not add more line here
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S12config_garde.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Add password for garde user
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Add entries in /etc/security/passwd"
echo "=================="
echo "garde:" >> /etc/security/passwd
echo "\tpassword = 7cJlYifXxZtmc" >> /etc/security/passwd
echo "\tlastupdate = 1195603287" >> /etc/security/passwd
echo "\tflags =" >> /etc/security/passwd
echo >> /etc/security/passwd
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S13config_scriptsroot.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize scripts
#@(#) copy files from /export/config/scripts_install/root_scripts/bin to /root/scripts/bin
#@(#) add entries in root crontab
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
HOME_ROOT=/root
SCRIPT_PATH=/root/scripts
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Mise en place des scripts de customisation"
echo "=================="
cp -Rp $RP/root/scripts/bin/* $SCRIPT_PATH/bin
chmod 755 $SCRIPT_PATH/bin/*
cat /var/spool/cron/crontabs/root | grep -v "^#" | grep "chkcore"
if [ $? -ne 0 ]
then
echo "# " >>/var/spool/cron/crontabs/root
echo "# crontab -echeck exploitation" >>/var/spool/cron/crontabs/root
echo "# " >>/var/spool/cron/crontabs/root
echo "0,15,30,45 * * * * /root/scripts/bin/chkcore now mail > /root/scripts/log/chkcore.log 2>&1" >>/var/spool/cron/crontabs/root
echo "0 8 * * 1-5 /root/scripts/bin/chkcore daily mail > /root/scripts/log/chkcore.log 2>&1" >>/var/spool/cron/crontabs/root
echo "0 0 * * * /root/scripts/bin/config_vg_disk_vm > /root/scripts/log/config_vg_disk_vm.log 2>&1" >>/var/spool/cron/crontabs/root
fi
cat /var/spool/cron/crontabs/root | grep -v "^#" | grep "chkfree"
if [ $? -ne 0 ]
then
echo "0,15,30,45 * * * * /root/scripts/bin/chkfree mail > /root/scripts/log/chkfree1.log 2>&1" >>/var/spool/cron/crontabs/root
fi
chdev -l sys0 -a iostat=true > /dev/null
echo "\n"
tar xvf $RP/install_files/ksh_func.tar
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S14config_pkg.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Add additionnal filesets and RPM
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
PATH_RPM=/mnt1/rpm #/export/lpp_source/aixtoolbox/rpm
VERSION=$$
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Install additionnal packages"
echo "========================"
mkdir /mnt1
mount -o soft $NIM_SRV:$AIXTOOLBOX /mnt1
cp /etc/sudoers /etc/sudoers.$VERSION > /dev/null 2>&1
cp /etc/logrotate.conf /etc/logrotate.conf.$VERSION > /dev/null 2>&1
OPENSSL=`ls -t /mnt1/rpm | grep ssl | egrep -v "devel|doc" | sort | tail -1`
for i in nmon logrotate lsof-4.78-1.aix5.3.ppc.rpm bash less-382 bzip2 sudo zip unzip popt rsync-2.6.2 $OPENSSL
do
rpm -U $PATH_RPM/$i*
done
umount /mnt1
rm -r /mnt1
if [ -f /etc/sudoers.$VERSION ]
then
mv /etc/sudoers /etc/sudoers.samples
mv /etc/sudoers.$VERSION /etc/sudoers
fi
chmod 0440 /etc/sudoers*
if [ -f /etc/logrotate.conf.$VERSION ]
then
mv /etc/logrotate.conf /etc/logrotate.conf.samples
mv /etc/logrotate.conf.$VERSION /etc/logrotate.conf
fi
cat /etc/logrotate.conf | grep -v "^#" | grep "/var/adm/wtmp"
if [ $? -ne 0 ]
then
echo "" >> /etc/logrotate.conf
echo "/var/adm/wtmp {" >> /etc/logrotate.conf
echo "copytruncate" >> /etc/logrotate.conf
echo "rotate 50" >> /etc/logrotate.conf
echo "weekly" >> /etc/logrotate.conf
echo "}" >> /etc/logrotate.conf
fi
cat /etc/logrotate.conf | grep -v "^#" | grep "/var/adm/sulog"
if [ $? -ne 0 ]
then
echo "" >> /etc/logrotate.conf
echo "/var/adm/sulog {" >> /etc/logrotate.conf
echo "copytruncate" >> /etc/logrotate.conf
echo "rotate 50" >> /etc/logrotate.conf
echo "weekly" >> /etc/logrotate.conf
echo "}" >> /etc/logrotate.conf
fi
cat /etc/logrotate.conf | grep -v "^#" | grep "/var/log/syslog"
if [ $? -ne 0 ]
then
echo "" >> /etc/logrotate.conf
echo "/var/log/syslog {" >> /etc/logrotate.conf
echo "copytruncate" >> /etc/logrotate.conf
echo "rotate 15" >> /etc/logrotate.conf
echo "weekly" >> /etc/logrotate.conf
echo "}" >> /etc/logrotate.conf
fi
cat /etc/logrotate.conf | grep -v "^#" | grep "/var/adm/cron/log"
if [ $? -ne 0 ]
then
echo "" >> /etc/logrotate.conf
echo "/var/adm/cron/log {" >> /etc/logrotate.conf
echo "copytruncate" >> /etc/logrotate.conf
echo "rotate 15" >> /etc/logrotate.conf
echo "weekly" >> /etc/logrotate.conf
echo "}" >> /etc/logrotate.conf
fi
cat /etc/logrotate.conf | grep -v "^#" | grep "/root/scripts/log/TCheckFree.ksh.log"
if [ $? -ne 0 ]
then
echo "" >> /etc/logrotate.conf
echo "/root/scripts/log/TCheckFree.ksh.log {" >> /etc/logrotate.conf
echo "copytruncate" >> /etc/logrotate.conf
echo "rotate 15" >> /etc/logrotate.conf
echo "weekly" >> /etc/logrotate.conf
echo "}" >> /etc/logrotate.conf
fi
echo "========================"
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S16config_tsm.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Installation of TSM
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Install TSM"
echo "========================"
HOSTNAME=`uname -n`
TSM_SOURCE_DIR=/mnt1/tsm
DSM_OPT=/usr/tivoli/tsm/client/ba/bin/dsm.opt
DSM_SYS=/usr/tivoli/tsm/client/ba/bin/dsm.sys
LINK_DSM_OPT=/usr/bin/dsm.opt
LINK_DSM_OPT_NEW=/usr/bin/dsmos.opt
LINK_DSM_SYS=/usr/bin/dsm.sys
INCL_EXCL=/etc/tsmos.list
mkdir /mnt1
mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1
##########################################################
# installation des filesets
##########################################################
# mise a jour si possible
lslpp -l | grep "tivoli.tsm.client.ba" >/dev/null
if [ $? -eq 0 ]
then
install_all_updates -d $TSM_SOURCE_DIR -rc -Y
fi
# installation des composants si necessaire, ou manquants
installp -agXY -d $TSM_SOURCE_DIR xlC.rte xlC.aix50.rte tivoli.tsm.client.api.64bit tivoli.tsm.client.ba.32bit.base tivoli.tsm.client.ba.32bit.common tivoli.tsm.client.ba.32bit.web tivoli.tsm.client.ba.32bit.image
##########################################################
# custonmisation des dsm.opt et dsm.sys
##########################################################
if [ -f $DSM_OPT ]
then
echo "file $DSM_OPT exist"
else
echo SErvername ${HOSTNAME}os > $DSM_OPT
fi
ln -s $DSM_OPT $LINK_DSM_OPT
ln -s $DSM_OPT $LINK_DSM_OPT_NEW
ln -s /usr/tivoli /opt/tivoli
if [ -f $DSM_SYS ]
then
echo "file $DSM_SYS exist"
else
echo SErvername ${HOSTNAME}os > $DSM_SYS
echo COMMmethod TCPip >> $DSM_SYS
echo TCPPort 1500 >> $DSM_SYS
echo TCPServeraddress tsmprod >> $DSM_SYS
echo NODENAME ${HOSTNAME} >> $DSM_SYS
echo PASSWORDACCESS generate >> $DSM_SYS
echo COMPRESSION no >> $DSM_SYS
# echo INCLEXCL $INCL_EXCL >> $DSM_SYS
echo schedlogname /var/log/dsmsched.log >> $DSM_SYS
echo errorlogname /var/log/dsmerror.log >> $DSM_SYS
echo schedlogretention 10 >> $DSM_SYS
echo errorlogretention 60 >> $DSM_SYS
echo WEBPorts 1582 1583 >> $DSM_SYS
echo resourceutilization 3 >> $DSM_SYS
fi
ln -s $DSM_SYS $LINK_DSM_SYS
#cat /etc/hosts | grep -v "^#" | grep serverstk
#if [ $? -ne 0 ]
# then
# echo 10.10.16.65 serverstk >> /etc/hosts
#fi
touch /var/log/tsmos.log
if [ -f $INCL_EXCL ]
then
echo "file $INCL_EXCL exist"
else
echo include /var/.../\* futil > $INCL_EXCL
echo include /etc/.../* important >> $INCL_EXCL
echo exclude.fs /software >> $INCL_EXCL
echo exclude /.../core >> $INCL_EXCL
echo exclude /.../core.* >> $INCL_EXCL
fi
mkitab tsmos:2:once:"/usr/tivoli/tsm/client/ba/bin/dsmc sched -optfile=$LINK_DSM_OPT > /dev/null 2>&1 # TSM scheduler"
# Keep the next line for future automatic registration on TSM server
#dsmadmc -id=admin -password=1mdppstk -optfile=$LINK_DSM_OPT "register NODE ${HOSTNAME} sTSMpn2c CONTACT='acsls failover' DOMAIN=UNIX_COLL_DOM COMPRESSION=NO AUTOFSRENAME=NO ARCHDELETE=NO BACKDELETE=NO FORCEPWRESET=NO TYPE=CLIENT KEEPMP=NO MAXNUMMP=2 URL=http://client.host.name:1581 USERID=NONE PASSEXP=9999"
umount /mnt1
rm -r /mnt1
echo "========================"
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S17config_tz-ntp.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize time zone after a new installation
#@(#) And Time Server synchronization
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "\n"
echo "Changing TZ"
echo "========================"
if [ `uname -a | awk '{print $4}'` -lt 6 ]
then
chtz 'NFT-1DFT,M3.5.0,M10.5.0'
else
chtz 'Europe/Brussels'
fi
echo "\n"
echo "Initalization of /etc/ntp.conf"
echo "========================"
cp /etc/ntp.conf $DIR_CONFIG_BKP/ntp.conf.$$ > /dev/null 2>&1
cat /etc/ntp.conf | grep -v "^#" | grep server
if [ $? -ne 0 ]
then
echo "server $NTP_SERVER1 prefer" >> /etc/ntp.conf
echo "server $NTP_SERVER2 prefer" >> /etc/ntp.conf
fi
cat /etc/ntp.conf | grep -v "^#" | grep driftfile
if [ $? -ne 0 ]
then
echo "driftfile /etc/ntp.drift" >> /etc/ntp.conf
fi
cat /etc/ntp.conf | grep -v "^#" | grep tracefile
if [ $? -ne 0 ]
then
echo "tracefile /etc/ntp.trace" >> /etc/ntp.conf
fi
cp -p /var/spool/cron/crontabs/root /tmp/cron.root
cat /var/spool/cron/crontabs/root | grep -v "^#" | grep "/root/scripts/bin/ntpsync"
if [ $? -ne 0 ]
then
echo "5 5 * * 6 /root/scripts/bin/ntpsync > /root/scripts/log/ntpsync.log 2>&1" >> /tmp/cron.root
fi
cp /tmp/cron.root /var/spool/cron/crontabs/root
rm /tmp/cron.root
kill `ps -ef | grep cron | grep -v grep |awk '{print $2}'` > /dev/null 2>&1
chrctcp -S -a xntpd
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S18config_aio.ksh:
#!/bin/ksh
#@(#) #################################################################
#@(#) Activation des asynchronous IO
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Activation aio0"
echo "=================="
if [ `uname -a | awk '{print $4}'` -lt 6 ]
then
chdev -l aio0 -a autoconfig='available' -P
mkdev -l aio0
fi
echo "========================"
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S20config_openssh.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize openssh after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
OSLEVEL=`oslevel | cut -f1-2 -d.`
SSH_CONF_FILE=/etc/ssh/sshd_config
SSH_CONF_FILE_SMP=$RP/install_files/sshd_config
VERSION_EXIST=2
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "install openssh"
echo "==============="
mkdir /mnt1
mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1
cp $SSH_CONF_FILE $DIR_CONFIG_BKP/sshd_config.$$ > /dev/null 2>&1
mkdir /usr/local/etc > /dev/null 2>&1
chfs -a size=+512M /usr
installp -agXY -d /mnt1/openssh/aix$OSLEVEL/latest/ openssh.base openssh.license openssh.man.en_US
cat $SSH_CONF_FILE | grep -v "^#" | grep "Port 22"
if [ $? -ne 0 ]
then
cat /dev/null > /tmp/sshd_config
cat $SSH_CONF_FILE | while read i
do
echo $i >> /tmp/sshd_config
echo $i | grep "Port 22" > /dev/null
if [ $? -eq 0 ]
then
echo "Port 22" >> /tmp/sshd_config
fi
done
mv /tmp/sshd_config $SSH_CONF_FILE
fi
cat $SSH_CONF_FILE | grep -v "^#" | grep "Protocol 2"
if [ $? -ne 0 ]
then
cat /dev/null > /tmp/sshd_config
cat $SSH_CONF_FILE | while read i
do
echo $i >> /tmp/sshd_config
echo $i | grep "Protocol 2" > /dev/null
if [ $? -eq 0 ]
then
echo "Protocol 2" >> /tmp/sshd_config
fi
done
mv /tmp/sshd_config $SSH_CONF_FILE
fi
cat $SSH_CONF_FILE | grep -v "^#" | grep "X11Forwarding no"
if [ $? -ne 0 ]
then
cat /dev/null > /tmp/sshd_config
cat $SSH_CONF_FILE | while read i
do
echo $i >> /tmp/sshd_config
echo $i | grep "X11Forwarding " > /dev/null
if [ $? -eq 0 ]
then
echo "X11Forwarding yes" >> /tmp/sshd_config
fi
done
mv /tmp/sshd_config $SSH_CONF_FILE
fi
cat $SSH_CONF_FILE | grep -v "^#" | grep "X11UseLocalhost yes"
if [ $? -ne 0 ]
then
cat /dev/null > /tmp/sshd_config
cat $SSH_CONF_FILE | while read i
do
echo $i >> /tmp/sshd_config
echo $i | grep "X11UseLocalhost yes" > /dev/null
if [ $? -eq 0 ]
then
echo "X11UseLocalhost yes" >> /tmp/sshd_config
fi
done
mv /tmp/sshd_config $SSH_CONF_FILE
fi
cat $SSH_CONF_FILE | egrep -v "PermitRootLogin||yes" | egrep -v "PermitRootLogin||no" > /tmp/sshd_config1
cat $SSH_CONF_FILE | grep "PermitRootLogin" > /tmp/sshd_config2
cat /dev/null > /tmp/sshd_config
cat /tmp/sshd_config1 | while read i
do
echo $i >> /tmp/sshd_config
echo $i | grep LoginGraceTime > /dev/null
if [ $? -eq 0 ]
then
grep "^#" /tmp/sshd_config2 | grep -v "without-password" >> /tmp/sshd_config
cat /tmp/sshd_config2 | grep -v "^#" | grep "PermitRootLogin" | tail -1 | while read j
do
if [ "$j" != "" ]
then
echo $j >> /tmp/sshd_config
fi
done
grep -v "^#" /tmp/sshd_config | grep PermitRootLogin > /dev/null
if [ $? -ne 0 ]
then
echo "PermitRootLogin no" >> /tmp/sshd_config
fi
fi
echo $i | grep "PasswordAuthentication" | grep "PermitEmptyPasswords" > /dev/null
if [ $? -eq 0 ]
then
grep "^#" /tmp/sshd_config2 | grep "without-password" >> /tmp/sshd_config
fi
done
mv /tmp/sshd_config $SSH_CONF_FILE
rm /tmp/sshd* > /dev/null 2>&1
NOB=`ls $SSH_CONF_FILE.* | wc -l | awk '{print $1}'`
while [[ "$NOB" -ge $VERSION_EXIST ]]
do
FILE=`ls -rt $SSH_CONF_FILE.* | head -1`
if [ -f $FILE ]
then
rm -f $FILE > /dev/null 2>&1
fi
let NOB=NOB-1
done
umount /mnt1
rm -r /mnt1
stopsrc -s sshd;startsrc -s sshd
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S21config_mksysb.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Add script to do an automatic backup system on /mksysb
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Add crontab entries for mksysb:"
echo "=============================="
cp -p /var/spool/cron/crontabs/root /var/spool/cron/crontabs/root.$$
cat /var/spool/cron/crontabs/root > /tmp/cron.root
cat /tmp/cron.root | grep -v "^#" | grep "fullbackup"
if [ $? -ne 0 ]
then
echo "5 1 10,20 * * /root/scripts/bin/fullbackup local >/dev/null 2>&1" >> /tmp/cron.root
fi
cp /tmp/cron.root /var/spool/cron/crontabs/root
#rm /tmp/cron.root
echo "Restart Cron daemon:"
echo "=============================="
kill `ps -ef | grep cron | grep -v grep |awk '{print $2}'` > /dev/null 2>&1
echo "\n"
echo "Create an exclusion file"
echo "=================="
if [ -f /etc/exclude.rootvg ]
then
echo "file /etc/exclude.rootvg exist"
else
cp -p $RP/install_files/exclude.rootvg /etc/exclude.rootvg
fi
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S22config_ecc.ksh:
#!/bin/ksh
#@(#) #################################################################
#@(#) Customize ecc after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Customize ecc after a new installation"
echo "========================"
cp -p $RP/install_files/eccmad /etc/rc.d/init.d
cd /etc/rc.d/rc2.d
ln -s ../init.d/eccmad S95eccmad
ln -s ../init.d/eccmad K01eccmad
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S25config_core.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Change core path
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Changing core path"
echo "========================"
mkdir -p /var/core/old
chmod -R 777 /var/core
#syscorepath -p /var/core
chcore -p on -l /var/core -n on
echo "\n"
echo "Changing dump device"
echo "========================"
sysdumpdev -l | grep primary | grep hd6 > /dev/null
if [ $? -ne 0 ]
then
mklv -tsysdump -ylg_dumplv rootvg 15
sysdumpdev -K
sysdumpdev -Pp /dev/lg_dumplv
fi
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S26config_ent.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) changement de la vitesse des cartes reseau
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo " changement de la vitesse des cartes reseau"
echo "========================"
for i in `lsdev -C | grep ent | awk '{print $1}'`
do
chdev -l $i -a media_speed=100_Full_Duplex -P
done
echo "========================"
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S27config_rc-d.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Suppression de la ligne kill dans /etc/rc.d/rc
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo " Suppression de la ligne kill dans /etc/rc.d/rc"
echo "========================"
grep -v "^#" /etc/rc.d/rc | grep stop | grep echo
if [ $? -ne 0 ]
then
mv /etc/rc.d/rc /etc/rc.d/rc.old
sed '/stop/s/^/ echo #/g' /etc/rc.d/rc.old > /etc/rc.d/rc
chmod 544 /etc/rc.d/rc
fi
echo "========================"
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S48config_sendmail.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize /etc/mail/sendmail.cf
#@(#) add DSsmtp.local.be
#@(#) add DMlocal.be
#@(#) ver 1.0 19-12-2007
#@(#) #################################################################
SENDMAIL_FILE=/etc/mail/sendmail.cf
SENDMAIL_FILE_TMP=/tmp/sendmail.cf
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Change /etc/mail/sendmail.cf"
echo "=================="
cp $SENDMAIL_FILE $SENDMAIL_FILE.$$
grep "DSsmtp.local.be" $SENDMAIL_FILE
if [ $? -ne 0 ]
then
cat $SENDMAIL_FILE | sed "s/^DS/DSsmtp.local.be/" > $SENDMAIL_FILE_TMP
mv $SENDMAIL_FILE_TMP $SENDMAIL_FILE
fi
grep "DMlocal.be" $SENDMAIL_FILE
if [ $? -ne 0 ]
then
cat $SENDMAIL_FILE | sed "s/^DM/DMsmtp.local.be/" > $SENDMAIL_FILE_TMP
mv $SENDMAIL_FILE_TMP $SENDMAIL_FILE
fi
echo "configuration mail"
echo "=================="
cat /etc/aliases | grep -v "^#" | grep g-asw-monitoring
if [ $? -ne 0 ]
then
echo "prod: g-asw-monitoring@local.be" >> /etc/aliases
echo "root: g-asw-monitoring@local.be" >> /etc/aliases
fi
chmod 755 /var/spool
chmod 750 /var/spool/mqueue
newaliases
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S49config_softadd.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Install additionnal AIX software
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
OSLEVEL=`oslevel | cut -f1-3 -d.`
OS=`echo $OSLEVEL | sed -e 's/[.]//g'`
REMOTE_DIR=/export/lpp_source/lpp_source$OS
LOCAL_DIR=/mnt1
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Install additionnal software"
echo "=================="
mkdir /mnt1
mount -o soft $NIM_SRV:$REMOTE_DIR $LOCAL_DIR
install_all_updates -d $LOCAL_DIR -rc -Y
# installation des composants si necessaire, ou manquants
installp -agXY -d $LOCAL_DIR X11.base X11.adt X11.apps.clients X11.apps.config Java14.license Java14_64.license Java14_64.sdk Java14_64.ext bos.acct bos.adt.debug bos.adt.lib bos.adt.libm bos.adt.samples bos.adt.prof bos.adt.syscalls bos.aixpert bos.alt_disk_install bos.data bos.content_list bos.man.en_US.cmds bos.perf bos.suma perl.man.en_US rpm.rte rsct.basic.rte rsct.compat.basic.rte ldap.client ldap.max_crypto_client gskta.rte
install_all_updates -d $LOCAL_DIR -rc -Y
umount /mnt1
mount -o soft $NIM_SRV:$AIXOTHERLPP $LOCAL_DIR
# installation des composants si necessaire, ou manquants
installp -agXY -d $LOCAL_DIR/java Java14.license Java14_64.license Java14_64.sdk Java14_64.ext
install_all_updates -d $LOCAL_DIR/java -rc -Y
cp /etc/environment /etc/environment.$$
sed -e "s/java14\//java14_64\//g" /etc/environment > /tmp/environment.tmp
mv /tmp/environment.tmp /etc/environment
umount /mnt1
rm -r /mnt1
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S50config_tivoli.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize tivoli after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
ITM_SOURCE_DIR=/mnt1/itm
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "\n"
echo "Installing Tivoli Client"
echo "========================"
mkdir /mnt1
mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1
installp -agXY -d $ITM_SOURCE_DIR itm.base.rte itm.cec.agent itm.premium.rte
umount /mnt1
rm -r /mnt1
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S51config_fc.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Changement des parametres des cartes FC
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo " changement de parametres des cartes FC"
echo "========================"
for i in `lsdev -Cc disk | grep hdiskpower | awk '{print $1}'`
do
rmdev -l $i
done
for i in `lsdev -C | grep fcs | awk '{print $1}'`
do
rmdev -l $i -R
chdev -l $i -a init_link=pt2pt
if [ $? -ne 0 ]
then
chdev -l $i -a init_link=pt2pt -P
fi
done
for i in `lsdev -C | grep fscsi | awk '{print $1}'`
do
chdev -l $i -a dyntrk=yes -a fc_err_recov=fast_fail
if [ $? -ne 0 ]
then
chdev -l $i -a dyntrk=yes -a fc_err_recov=fast_fail -P
fi
done
echo "========================"
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S52config_disk_vios.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Change priority access to VIOS server in case of 2 VIOS
#@(#) Affect high priority to 2nd VIOS and lower to first
#@(#) Required for automatic path recover
#@(#) chpath -l hdisk${disk} -p vscsi0 -a priority=1
#@(#) chpath -l hdisk${disk} -p vscsi1 -a priority=2
#@(#) chdev -l hdisk${disk} -a hcheck_interval=30 -P
#@(#)
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Change disk path priority"
echo "========================="
cat /dev/null > /tmp/vscsi.txt
cat /dev/null > /tmp/vscsi1.txt
cat /dev/null > /tmp/vscsi_prio.txt
cat /dev/null > /tmp/vscsi_priority.txt
lsdev -Cc adapter | grep Avail | grep vscsi | awk '{print $1}' | while read i
do
lscfg -vpl $i | grep Client >> /tmp/vscsi1.txt
done
cat /tmp/vscsi1.txt | while read i
do
echo $i | awk '{print $1}' >> /tmp/vscsi.txt
echo $i | awk '{print $2}' | cut -f 3 -d- | cut -b3 >> /tmp/vscsi_prio.txt
done
cat /tmp/vscsi.txt
cat /tmp/vscsi_prio.txt
while [[ `tail -1 /tmp/vscsi_prio.txt` -ne "" ]]
do
tail -1 /tmp/vscsi_prio.txt >> /tmp/vscsi_priority.txt
cat /tmp/vscsi_prio.txt | grep -v `tail -1 /tmp/vscsi_prio.txt` > /tmp/vscsi_prio.txt
done
while [[ `tail -1 /tmp/vscsi.txt` != "" ]]
do
for i in `lspv | awk '{print $1}'`
do
echo $i `tail -1 /tmp/vscsi.txt` `tail -1 /tmp/vscsi_priority.txt`
chpath -l $i -p `tail -1 /tmp/vscsi.txt` -a priority=`tail -1 /tmp/vscsi_priority.txt`
done
cat /tmp/vscsi.txt | grep -v `tail -1 /tmp/vscsi.txt` > /tmp/vscsi.txt
cat /tmp/vscsi_priority.txt | grep -v `tail -1 /tmp/vscsi_priority.txt` > /tmp/vscsi_priority.txt
done
for i in `lspv | awk '{print $1}'`
do
chdev -l $i -a hcheck_interval=30 -P
done
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S90config_director.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize IBM Director after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "installation des composants agent IBM DIrector 5.2"
echo "=================="
mkdir /mnt1
mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1
installp -agXY -d /mnt1/director/5.20.2/director/agent/aix/FILES/ sysmgt.pegasus.cimserver sysmgt.pegasus.osbaseproviders sysmgt.pegasus.smisproviders IBM.Director.Agent Director.Agent.ext Director.CimCore Director.CimExtension Director.DirectorCimCore ColSrvDirExt
umount /mnt1
rm -r /mnt1
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S91config_inventory.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Create user vpd to load inventory from all machines
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
SCRIPT_PATH=/home/scripts
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Create user vpd"
echo "================="
mkuser id=900 fsize='-1' vpd
mkdir /home/vpd/.ssh
cp $RP/install_files/id_dsa.pub.vpd /home/vpd/.ssh/authorized_keys
chown -R vpd.staff /home/vpd/.ssh
chmod -R 700 /home/vpd/.ssh
chmod -R 400 /home/vpd/.ssh/authorized_keys
pwdck -y ALL
echo "vpd ALL = (root) NOPASSWD: /usr/sbin/bootinfo -r,/usr/sbin/bootinfo -b,/usr/sbin/bootinfo -K,/usr/bin/bootlist -m normal -o,/usr/bin/cat /var/spool/cron/crontabs/root,/usr/sbin/xntpdc -c peers" >> /etc/sudoers
cp $RP/root/scripts/bin/aixinv.sh $SCRIPT_PATH/bin
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S92config_rsf.old:
#!/bin/ksh ################################################################# # # # Customize ftp after a new installation # # # # # # Update by : # # # ################################################################# export LANG=C SN=`basename $0` HN=`hostname -s` DAY=`date +%d%m` HOST=`uname -n` RP=`dirname $0` . $RP/.env echo `date`" : Begin of "$SN if [ "$VERBOSE_LOGGING" = "high" ] then set -x fi echo "\n" mkdir /mnt1 mount -o soft nim:/export/lpp_source/otherlpp /mnt1 ########################################################## # installation des filesets ########################################################## # mise a jour si possible lslpp -l | grep "rsf.rsflite" >/dev/null if [ $? -eq 0 ] then install_all_updates -d $RSF_SOURCE_DIR -rc -Y fi # installation des composants si necessaire, ou manquants installp -agXY -d $RSF_SOURCE_DIR rsf.extended rsf.rsflite /usr/bin/sm_rsf chg_config -n 'cluster' -S 'h' -r '$RSF_MASTER' -f 'MONTHLY' -s opname='Hotline' -s opphone='003242497777' -s connadr='003242497502' -s opmail='root' -s remote='remote' -s scarsite="local $HOST" umount /mnt1 rm -r /mnt1 echo "\n" echo `date`" : Begin of "$SN
S95config_ftp.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize ftp after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Set FTP banner"
echo "========================"
dspcat -g /usr/lib/nls/msg/en_US/ftpd.cat > /tmp/ftpd.msg
sed "s/FTP server (%s) ready./FTP server ready./" /tmp/ftpd.msg > /tmp/ftpd.$$
gencat /tmp/ftpd.cat /tmp/ftpd.$$
cp -p /tmp/ftpd.cat /usr/lib/nls/msg/en_US/ftpd.cat
rm /tmp/ftpd.cat /tmp/ftpd.msg /tmp/ftpd.$$
echo "\n"
echo "FTP banner:"
echo "==========="
dspcat -g /usr/lib/nls/msg/en_US/ftpd.cat
echo "\n"
echo "Disable FTP users"
echo "================="
cp /etc/ftpusers /etc/ftpusers.$$ > /dev/null 2>&1
echo "root\ndaemon\nbin\nadm\nuucp\nguest\nnobody\nlpd\nnuucp\nimnadm" > /etc/ftpusers
cat /etc/ftpusers
echo "\n"
echo "Adding Log for FTPD"
echo "==================="
sed "s/\/usr\/sbin\/ftpd ftpd/\/usr\/sbin\/ftpd ftpd -l/g" /etc/inetd.conf > /tmp/inetd.conf
cp /tmp/inetd.conf /etc/inetd.conf
rm /tmp/inetd.conf
refresh -s inetd
echo "\n"
echo `date`" : Begin of "$SN
}
main 2>&1 | tee -a $LOG
S96config_inetd.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize inetd after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Customize inetd.conf entries"
echo "============================"
#Backup the default inetd.conf file
cp /etc/inetd.conf /etc/inetd.conf.$$
#Delete tcp entries
for i in telnet shell kshell login klogin exec daytime time
do
echo "Deleting $i from inetd.conf"
chsubserver -d -p tcp -v $i -r inetd
done
#Delete udp entries
for i in ntalk daytime time
do
echo "Deleting $i from inetd.conf"
chsubserver -d -p udp -v $i -r inetd
done
echo "\n"
echo "Services start by inetd:"
echo "========================"
grep -v '^#' /etc/inetd.conf | awk '{print $1}'
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S97config_tcpwrapper.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Customize tcp_wrapper after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "install and config tcpwrapper"
echo "============================="
mkdir /mnt1
mount -o soft $NIM_SRV:$AIXOTHERLPP /mnt1
installp -agXY -d /mnt1/tcpwrapper/ freeware.tcp_wrappers
sed "s/\/usr\/sbin\/ftpd/\/usr\/local\/bin\/tcpd/" /etc/inetd.conf > /tmp/inetd.conf
cp /tmp/inetd.conf /etc/inetd.conf
rm /tmp/inetd.conf
if [ -f /etc/hosts.deny ]
then
echo "ALL : ALL" > /etc/hosts.deny.samples
else
echo "ALL : ALL" > /etc/hosts.deny
fi
chown root:security /etc/hosts.deny
chmod 600 /etc/hosts.deny
if [ -f /etc/hosts.allow ]
then
echo "#ALL : 10.10.60.0/255.255.252.0" > /etc/hosts.allow.samples
echo "ALL : ALL" >> /etc/hosts.allow.samples
else
echo "#ALL : 10.10.60.0/255.255.252.0" > /etc/hosts.allow
echo "#sshd : 10.10.60.0/255.255.252.0, 10.10.61.0/255.255.252.0, 10.10.28.0/255.255.255.0" > /etc/hosts.allow
echo "#ftpd : 10.10.60.0/255.255.252.0, 10.10.61.0/255.255.252.0, 10.10.28.0/255.255.255.0" > /etc/hosts.allow
echo "ALL : ALL" >> /etc/hosts.allow
fi
umount /mnt1
rm -r /mnt1
refresh -s inetd
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S98config_ldap.ksh:
#!/bin/ksh
#set -x
#@(#) #################################################################
#@(#) Configure client LDAP auth after a new installation
#@(#) ver 1.0 27-06-2007
#@(#) #################################################################
export JAVA_HOME=`ls /usr/java*/jre/bin/java | grep -v 64 | tail -1 | cut -f1-4 -d"/"`
LDAP_CFG=/etc/security/ldap/ldap.cfg
RP=`dirname $0`
. $RP/.env
main () {
echo "#########################"
echo `date`" : Begin of "$SN
echo "Install TSM"
echo "========================"
ulimit -d unlimited
echo "Creation DB SSL client...\n"
gsk7cmd -keydb -create -db /etc/ldap/ldapkeys.kdb -pw 71pwdlocal -type cms -stash
echo "Copie des certificats SSL depuis le server NIM\n"
if [ -e $RP/install_files/ldap/*.crt ]
then
cp $RP/install_files/ldap/*.crt /etc/ldap/
fi
echo "Ajout des certificats SSL de ldap01 et ldap02 dans la DB...\n"
/usr/bin/gsk7capicmd -cert -add -db /etc/ldap/ldapkeys.kdb -pw 71pwdlocal -label ldap-ca1 -file /etc/ldap/ca-localnrs01.crt
/usr/bin/gsk7capicmd -cert -add -db /etc/ldap/ldapkeys.kdb -pw 71pwdlocal -label ldap-ca2 -file /etc/ldap/ca-localnrs02.crt
echo "Autorisation du LDAP + SSL pour l'authentification AIX\n"
cp $LDAP_CFG /tmp/ldap.cfg
cat $LDAP_CFG | grep -v "^#" | grep "useSSL"
if [ $? -ne 0 ]
then
echo "useSSL:yes" >> /tmp/ldap.cfg
fi
cat $LDAP_CFG | grep -v "^#" | grep "ldapsslkeyf"
if [ $? -ne 0 ]
then
echo "ldapsslkeyf:/etc/ldap/ldapkeys.kdb" >> /tmp/ldap.cfg
fi
cat $LDAP_CFG | grep -v "^#" | grep "ldapsslkeypwd"
if [ $? -ne 0 ]
then
echo "ldapsslkeypwd:71pwdlocal" >> /tmp/ldap.cfg
fi
cat $LDAP_CFG | grep -v "^#" | grep "ldapsslport"
if [ $? -ne 0 ]
then
echo "ldapsslport:636" >> /tmp/ldap.cfg
fi
mv /tmp/ldap.cfg $LDAP_CFG
echo "Autorisation des utilisateurs a s'authentifier en LDAP par défaut (user default:)"
#chuser SYSTEM=LDAP registry=LDAP ADM_P06727
# replace first occurancy of compat after the 215th line if needed
cat /etc/security/user | grep -v "^*" | grep "SYSTEM =" | grep LDAP > /dev/null 2>&1
if [ $? -ne 0 ]
then
cp /etc/security/user /etc/security/user.orig
sed -e '215,/compat/s//compat or LDAP/' /etc/security/user.orig > /etc/security/user
fi
echo "Add entrie in crontab to create home directory"
cat /var/spool/cron/crontabs/root | grep mkhomedir_ldap > /dev/null 2>&1
if [ $? -ne 0 ]
then
echo "# create user LDAP" >> /var/spool/cron/crontabs/root
echo "0 8 * * 3,6 /root/scripts/bin/mkhomedir_ldap > /root/scripts/log/mkhomedir_ldap.log 2>&1" >> /var/spool/cron/crontabs/root
kill `ps -ef | grep cron | grep -v grep |awk '{print $2}'` > /dev/null 2>&1
fi
echo "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"
echo "Please rename now the client, and affect him the right IP adress to be able to contact the LDAP server and after that, you can register your server on LDAP"
# echo "connexion au serveur LDAP"
echo "mksecldap -c -h "ldap01.local.be,ldap02.local.be" -a "cn=proxyagent,ou=profile,dc=local,dc=adms" -p 7lpAp@ -d"dc=local,dc=adms" -A ldap_auth"
echo "And restart LDAP client...\n"
echo "restart-secldapclntd"
echo "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@"
echo "\n"
echo `date`" : End of "$SN
}
main 2>&1 | tee -a $LOG
S99config_reboot64b.ksh:
#!/bin/ksh ################################################################# # # # Convert the system in 64bits # # # # # # Update by : # # # ################################################################# export LANG=C SN=`basename $0` HN=`hostname -s` RP=`dirname $0` DAY=`date +%d%m` echo `date`" : Begin of "$SN if [ "$VERBOSE_LOGGING" = "high" ] then set -x fi echo "convert to 64bit kernel and reboot" echo "==================" KERNEL_64=`bootinfo -K` if [ $KERNEL_64 != "64" ] then ln -sf /usr/lib/boot/unix_64 /unix ln -sf /usr/lib/boot/unix_64 /usr/lib/boot/unix bosboot -ad /dev/ipldevice fi #shutdown -Fr echo "\n" echo `date`" : End of "$SN
install_files:
reconfigure: