Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu
2005-06-29 17:39:06
My current customer does almost everyting
through the framework to avoid using root. We made a Tivoli Tasklib with
all sorts of front-ends to Tivoli commands. Their logins are associated
with a Tivoli Administrator that executes as root.
To start the gui from the Tivoli desktop,
though, since it is not associated with a policy region, requires a global
senior role. This is probably not the way to appease the security folks.
Instead, we gave them sudo to run /usr/OV/bin/netview as root. Then they
only need a global role of user or admin. Also sudo for serversetup.
So some things you can do through the
menus and other things you cannot. For those things, we made tasks and
jobs. We chose to keep the code on the Netview server itself, since
it is a Managed Node, but if it is just an endpoint, the stuff would all
be on the TMR server.
For instance, a task to run 'netmon
-y' :
nvadmin_netmon_reload_seedfile.sh :
a script that issues 'netmon -y' , real simple; you could log if you wanted.
del_nvadmin_NetviewCommands.sh: a script
to delete the tasks and jobs in the NetviewCommands tasklib
make_nvadmin_NetviewCommands.sh: a script
to build the tasklib and all of the tasks and jobs
Here's what's in make_nvadmin_NetviewCommands.sh:
. /etc/Tivoli/setup_env.sh
TMR=
# Name of this TMR
POLREG=
# Name of
the Policy Region
LIB=
#
Name of the Task Library
SUBSCR=
# Name of the subscribed Profile Manager
NEWGRP=
# grup to run as
RUNAS="-u \$root_user -g $NEWGRP"
# user and group to run this as
ROLE=admin
# Role of user
#
wcrttlib $LIB $POLREG
# Create the Task Library
if it does not exist
########################
# TASKS
....
wcrttask -t nvadmin_netmon_reload_seedfile
-l $LIB -r $ROLE -i $INTERP $NVSERVER $LSDIR/nvadmin_netmon_reload_seedfile.sh
$RUNAS
......
#
########################
# JOBS
......
wcrtjob -j nvadmin_netmon_reload_seedfile_job
-t nvadmin_netmon_reload_seedfile -l $LIB -p $SUBSCR -o 17 -M serial -m
300
...
exit 0
------------------------------------------------------------------------------------------------------------------------------------------
And here's what's in del_nvadmin_NetviewCommands.sh:
TMR=`wtmrname | cut -f1 -d\-`
# Name
of this TMR
LIB=nvadmin_NetviewCommands_$TMR
# Name of the Task Library
########
# JOBS
########
....
wdeljob nvadmin_netmon_reload_seedfile_job
$LIB
....
########
# TASKS
########
...
wdeltask nvadmin_netmon_reload_seedfile
$LIB
....
exit 0
-------------------------------------------------------------------------------------
And of course there is a sched_nvadmin_NetviewCommands.sh
for any that need to be scheduled jobs (they won't let us mess with cron),
and a rebuild_nvadmin_NetviewCommands.sh
to run all three.
And.... for those who are too lazy to
launch the Tivoli desktop, you can just run these things from the commandline.
I make little scripts to launch them like this:
runetchosts.sh:
#!/bin/ksh
set -x
wruntask -t nvadmin_etchosts_push -l
<tasklibname> -h <nvhostname> -o 15
What other kinds of things do we do
via tasks and jobs?
Turn netmon tracing off and on, kill
things, run /etc/netnmrc, run ovtopofix, etc, ovstop/ovstart, update netmon.lrf,
run cleandb.sh, remove the .bak files after running nvTurboDatabase,
stuff like that.
For updating /etc/hosts, we update a
copy in our local config directory and use the task to keep backups and
put it into production. They could use whatever they wanted to edit the
file.
Cordially,
Leslie A. Clark
IBM Global Services - Systems Mgmt & Networking
(248) 552-4968 Voicemail, Fax, Pager
don.turrentine AT amsouth DOT com
Sent by: owner-nv-l AT lists.us.ibm DOT com
06/29/2005 04:05 PM
|
To
| nv-l AT lists.us.ibm DOT com
|
cc
|
|
Subject
| [nv-l] : Adding nvmaputil.sh,
seed editor, /etc/hosts to web menu and GUI menu |
|
I am trying to appease the powers to be and come up with a way to handle
the day to day tasks of managing NetView without being the root user. I
am
using Framework so I plan on allowing users to start the Native GUI via
the
Framework. This actually handles everything except editing the /etc/hosts
file, no DNS. Has anyone added a menu item that uses dtpad or something
like that to edit /etc/hosts? The folks that would be using this
are not
"vi" literate.
I also need to add the fuctionality of editing the netmon.seed (and
refreshing netmon) and /etc/hosts file to the Web Console.
One last thing, has anyone added the functionality of nvmaputil.sh to the
Web Console to allow operators to delete objects? Scary thought for
some
but I hope to control this through the scopes.
NV 7.1.4 fp02 on AIX 4.3.3
I am going through the Programmer's Guide and other docs/samples right
now.
Just thought I would check out there before I reinvented the wheel.
Thanks,
Don
---
Don Turrentine
BH-0302
AmSouth Bank
P.O. Box 11007
Birmingham, AL 35288
(205) 261-6351
|
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [nv-l] EventForwarding to TEC - cut Domain from Hostname, Martina Haseneder
- Re: [nv-l] EventForwarding to TEC - cut Domain from Hostname, bill . kellam
- Re: [nv-l] EventForwarding to TEC - cut Domain from Hostname, Martina Haseneder
- Re: [nv-l] EventForwarding to TEC - cut Domain from Hostname, Martina Haseneder
- [nv-l] ovtopofix -m -> nonstandard objects, don . turrentine
- Re: [nv-l] ovtopofix -m -> nonstandard objects, Paul
- Re: [nv-l] ovtopofix -m -> nonstandard objects, Leslie Clark
- [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu, don . turrentine
- Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu, Francois Le Hir
- Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu,
Leslie Clark <=
- Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu, Leslie Clark
|
Previous by Date: |
RE: [nv-l] SNMP v2c/v3 Support, James Shanks |
Next by Date: |
Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu, Leslie Clark |
Previous by Thread: |
Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu, Francois Le Hir |
Next by Thread: |
Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu, Leslie Clark |
Indexes: |
[Date]
[Thread]
[Top]
[All Lists] |
|
|