You can use below script for any AIX change as pre & post check.
This was mainly designed for pre and post server reboot. To do comparison and provide the difference of them
Script Name: aix_healthcheck.sh
#!/usr/bin/ksh93
VERSION="1.8"
DEBUG="0" # Obviously enables debuging
VERBOSE="1" # Keeps a little more quiet
SNAPHIST="53" # History lenght for snapshots
RUN_DIR="/var/UNIX" # Place to keep the history
LOG_FILE="/var/adm/server_config_snapshot" # Log certain activity
CONFFILE=$(echo "${0}" | sed "s:\.k*sh$:.conf:") # Optional configuration file
###=========================================================
### Parameters used for installation that can be modified
###=========================================================
LOCATION="/exploit/scripts/server_config_snapshot.sh"
CHANGELN="/usr/bin/change"
LOCOWNER="root"
LOCPERMI="744"
CRONFILE="/var/spool/cron/crontabs/root"
CRONTEXT="Gather server configuration snapshot"
CRONLINE="40 0 * * 0 $LOCATION"
###=========================================================
# OS must be AIX
[ ! "$(uname)" = "AIX" ] && { echo "Sorry, $(uname) is not supported for now, only AIX is." >&2; exit 1; }
[ ! "$(ps -p $$ -o comm | tail -1)" = "ksh93" -o ! "$(tty | grep 'not a tty')" = "" ] && COLORS93='.\[[0-9;]*m' || COLORS93="COLORS93"
##############################
### Print message
##############################
function msg {
[[ $DEBUG -eq 1 ]] && set -x
[[ $VERBOSE = 0 ]] && return 0
SPACE=21
case "$1" in
"-d") printf "%-${SPACE}s : %s\n" "$(date '+%Y/%m/%d %H:%M:%S')" "$(echo $2)" ;;
"-e") printf "\E[5;31;40m%${SPACE}s\E[0m : \E[4m%s\E[0m \E[1m%s\E[0m\n" "! ! ! ERROR ! ! !" "$2" "$(echo $3)" ;;
"-w") printf "\E[1;35;40m%${SPACE}s\E[0m : \E[4m%s\E[0m \E[1m%s\E[0m\n" "Warning" "$2" "$(echo $3)" ;;
"-s") printf "\E[1;32;40m%${SPACE}s\E[0m : \E[4m%s\E[0m \E[1m%s\E[0m\n" "Success" "$2" "$(echo $3)" ;;
"-i") printf "\E[1m%${SPACE}s\E[0m : %s\n" "$2" "$(echo $3)" ;;
*) case "$2" in
"OK") printf "%${SPACE}s : \E[1;32;40m%s\E[0m\n" "$1" "$2" ;;
"KO") printf "%${SPACE}s : \E[1;31;40m%s\E[0m\n" "$1" "$2" ;;
"OLD") echo "$3" | while read TEXT; do printf "\E[0;35;40m%${SPACE}s :\E[0;34;40m%s\E[0m: %s\n" "$1" "OLD" "$(echo $TEXT)"; done ;;
"NEW") echo "$3" | while read TEXT; do printf "\E[1;35;40m%${SPACE}s :\E[1;34;40m%s\E[0m: %s\n" "$1" "NEW" "$(echo $TEXT)"; done ;;
"N/A") printf "%${SPACE}s : \E[1;33;40m%s\E[0m\n" "$1" "$(echo $2)" ;;
*) printf "%${SPACE}s : %s\n" "$1" "$(echo $2)" ;;
esac ;;
esac | sed "s:${COLORS93}::g"
}
##############################
### Copy file if it exists
##############################
function copy {
[[ $DEBUG -eq 1 ]] && set -x
if [ ! $# -eq 2 ]; then
msg -w "Copy: Cannot handle provided parameters:" "$@"
elif [ -f "$1" ]; then
cp "$1" "$2"
else
msg -w "Copy: File not found:" "'$1'"
fi
}
##############################
### Rotate file for history
##############################
function rotate_file {
[[ $DEBUG -eq 1 ]] && set -x
for F in $@; do
test -f ${F} || continue
# History of the file
V=$SNAPHIST
while [ $V -gt 0 ]; do
test -f ${F}.${V} && mv ${F}.${V} ${F}.$(($V+1))
V=$(($V-1))
done
test -f ${F} && mv ${F} ${F}.1
done
}
##############################
### Rotate log file
##############################
function rotate_log {
# Make sure log file exists and is rotated (after a lenght of 250000 lines)
if [ ! -f $1 ]; then
touch $1
elif [ $(wc -l < $1) -gt 250000 ]; then
[ -f ${1}.2.gz ] && mv -f ${1}.2.gz ${1}.3.gz
[ -f ${1}.1.gz ] && mv -f ${1}.1.gz ${1}.2.gz
gzip -c ${1} > ${1}.1.gz
> ${1}
fi
}
################################################################################
### Install this script to proper location and make necessary changes in cron
################################################################################
function self_install {
# Allow only root
if [ ! "$(whoami)" = "root" ]; then
msg -e "Only root can install this."
exit 1
fi
# Check if installation can be performed
if [ -f "$LOCATION" ]; then
L_INODE=$(ls -i "$LOCATION" | awk '{print $1}')
S_INODE=$(ls -i "$1" | awk '{print $1}')
if [ "$L_INODE" = "$S_INODE" ]; then
msg -w "Script is already installed." "Don't try to install again."
return 1
fi
fi
# Copy the script to destination
LOCA_DIR=$(echo "$LOCATION" | sed "s:/[^/]*$::")
mkdir -p "$LOCA_DIR"
cp -f "$1" "$LOCATION"
if [ ! $? -eq 0 ]; then
msg -e "Script '$1' cannot be copied to destiantion" "'$LOCATION'"
exit 1
elif [ ! -f "$LOCATION" ]; then
msg -e "Destiantion script '$LOCATION' does not exist"
exit 1
fi
# Change owner and permissions
chown $LOCOWNER "$LOCATION"
chmod $LOCPERMI "$LOCATION"
# Create link
ln -s "$LOCATION" "$CHANGELN"
# Add entry to crontab
if [ $(grep -v "^#" "$CRONFILE" | grep -w "$LOCATION" | wc -l) -eq 0 ]; then
echo "# $CRONTEXT" >> "$CRONFILE"
echo "$CRONLINE" >> "$CRONFILE"
if [ $(grep -v "^#" "$CRONFILE" | grep -w "$LOCATION" | wc -l) -eq 0 ]; then
msg -e "Unable to register script in Crontab"
exit 1
fi
# Reload Cron daemon
ps -eo comm,pid | grep -w "^cron" | awk '{print $2}' | xargs kill
sleep 1
if [ ! "$(ps -eo comm | grep -w cron)" = "cron" ]; then
msg -w "Cron daemon is NOT running!!!" "Trying to start."
test -f /usr/sbin/cron && /usr/sbin/cron &
sleep 1
if [ ! "$(ps -eo comm | grep -w cron)" = "cron" ]; then
msg -e "Cron daemon NOT started!" "Please check"
exit 1
fi
fi
fi
msg -s "Script installed succesfully!"
}
################################################################################
### Uninstall this script from cron
################################################################################
function self_uninstall {
# Allow only root
if [ ! "$(whoami)" = "root" ]; then
msg -e "Only root can remove this."
exit 1
fi
# Backup the cron file if necessary
if [ ! -f ${CRONFILE}.$(date +%Y%m%d) ]; then
cp -f ${CRONFILE} ${CRONFILE}.$(date +%Y%m%d)
if [ ! $? -eq 0 ]; then
msg -e "Crontab backup did not work."
exit 1
fi
fi
# Remove from crontab
if [ $(crontab -l | grep -v "^#" | grep -w "$LOCATION" | wc -l) -gt 0 ]; then
VAR=$(contab -l | grep -w -v -E "^# ${CRONTEXT}|^[0-9].*${LOCATION}")
echo "$VAR" > "$CRONFILE"
if [ ! -s $CRONFILE ]; then
msg -w "Con file is empty." "Rollback..."
cat ${CRONFILE}.$(date +%Y%m%d) > ${CRONFILE}
if [ ! -s $CRONFILE ]; then
msg -w "Rollback successfull."
else
msg -e "Rollback failed!"
exit 1
fi
fi
# Reload Cron daemon
ps -eo comm,pid | grep -w "^cron" | awk '{print $2}' | xargs kill
sleep 1
if [ ! "$(ps -eo comm | grep -w cron)" = "cron" ]; then
msg -w "Cron daemon is not running!!!" "Trying to start."
test -f /usr/sbin/cron && /usr/sbin/cron &
sleep 1
if [ ! "$(ps -eo comm | grep -w cron)" = "cron" ]; then
msg -e "Cron daemon NOT started!" "Please check"
exit 1
fi
fi
fi
if [ $(crontab -l | grep -v "^#" | grep -w "$LOCATION" | wc -l) -gt 0 ]; then
msg -e "Script was NOT removed!"
return 1
fi
msg -s "Script uninstalled succesfully!"
}
##############################
### Gather server information
##############################
function gather_info {
[[ $DEBUG -eq 1 ]] && set -x
[ ! "$1" = "" -a -d "$1" ] && cd "$1"
msg -d "Creating system information snapshot."
DIR=vitals_$(uname -n)
LOG_DIR=/tmp/${DIR}
# Verify repository directory
mkdir -p $RUN_DIR
test -d $RUN_DIR || { msg -e "'$RUN_DIR' directory is NOT created." "Gathering server vitals abandoned!"; exit 1; }
touch ${RUN_DIR}/testfile || { msg -e "'$RUN_DIR' directory is NOT writable." "Gathering server vitals abandoned!"; exit 1; }
rm ${RUN_DIR}/testfile
if [ $(df -m $RUN_DIR | tail -1 | awk '{print $3}') -lt 32 ]; then
msg -e "'$RUN_DIR' doesn't have enough free space." "Gathering server vitals abandoned!"; exit 1
fi
# Verify temporary directory
mkdir -p $LOG_DIR
test -d $LOG_DIR || { msg -e "'$LOG_DIR' directory is not created." "Gathering server vitals abandoned!"; exit 1; }
touch ${LOG_DIR}/testfile || { msg -e "'$LOG_DIR' directory is NOT writable." "Gathering server vitals abandoned!"; exit 1; }
rm ${LOG_DIR}/testfile
if [ $(df -m $LOG_DIR | tail -1 | awk '{print $3}') -lt 32 ]; then
msg -e "'$LOG_DIR' doesn't have enough free space." "Gathering server vitals abandoned!"; exit 1
fi
# LPAR Information
[ -f /usr/bin/lparstat -a -x /usr/bin/lparstat ] && lparstat -i > $LOG_DIR/lparstat-i
uname -a > $LOG_DIR/uname-a
oslevel -s > $LOG_DIR/oslevel-s
instfix -i | grep -E "ML|SP|TL" > $LOG_DIR/instfix-i
lppchk -v > $LOG_DIR/lppchk-v
lslpp -l > $LOG_DIR/lslpp-l
uptime > $LOG_DIR/uptime
# Devices
prtconf > $LOG_DIR/prtconf
lsdev > $LOG_DIR/lsdev
lscfg -v > $LOG_DIR/lscfg-v
lscfg -vp > $LOG_DIR/lscfg-vp
for D in $(lsdev | cut -f1 -d\ ); do
echo === $D =================================
lsattr -El $D
echo
done > $LOG_DIR/lsattr-El_dev
lsslot -c pci > $LOG_DIR/lsslot-c_pci 2>&1
lspath > $LOG_DIR/lspath
test -x /usr/bin/fget_config && fget_config -Av > $LOG_DIR/fget_config-Av
test -x /usr/bin/datapath && /usr/bin/datapath query device > $LOG_DIR/datapath_q_d
test -x /usr/bin/datapath && /usr/bin/datapath query adapter > $LOG_DIR/datapath_q_a
test -x /usr/bin/pcmpath && /usr/bin/pcmpath query device > $LOG_DIR/pcmpath_q_d
test -x /usr/bin/pcmpath && /usr/bin/pcmpath query adapter > $LOG_DIR/pcmpath_q_a
# Bootlist
bootlist -o -m normal > $LOG_DIR/bootlist-o
# LVM
lspv > $LOG_DIR/lspv
for P in $(lspv | grep -w -v "None" | cut -f1 -d\ );do
echo === $P =================================;
lspv $P
echo
done > $LOG_DIR/lspv_hdisk_
for P in $(lspv | grep -w -v "None" | cut -f1 -d\ );do
echo === $P =================================;
lspv -l $P
echo
done > $LOG_DIR/lspv-l_hdisk_
for P in $(lspv | grep -w -v "None" | cut -f1 -d\ );do
echo === $P =================================;
lqueryvg -p $P -At
echo
done > $LOG_DIR/lqueryvg-p_hdisk_-At
for P in $(lspv | cut -f1 -d\ );do
echo $P $(getconf DISK_SIZE /dev/$P);
done > $LOG_DIR/bootinfo-s_hdisk_
lsvg -o | lsvg -i >$LOG_DIR/lsvg
lsvg -o | lsvg -ip > $LOG_DIR/lsvg-p
lsvg -o | lsvg -il > $LOG_DIR/lsvg-l
for L in $(lsvg -o | lsvg -il | grep -w -E "jfs|jfs2|jfslog|jfs2log" | cut -f1 -d\ );do
echo === $L =================================;
lslv $L
echo
done > $LOG_DIR/lslv_lv_
for L in $(lsvg -o | lsvg -il | grep -w -E "open|closed" | cut -f1 -d\ );do
echo === $L =================================;
lslv -l $L
echo
done > $LOG_DIR/lslv-l_lv_
lspv | awk '{print $1}'| xargs -n1 lscfg -vl > $LOG_DIR/lscfg-vl_hdisk_
# Paging space
lsps -a > $LOG_DIR/lsps-a
# Memory usage
ipcs -a > $LOG_DIR/ipcs-a
ps -eo vsz,pid,comm > $LOG_DIR/ps-eo_vsz
# Sysdump
sysdumpdev -l > $LOG_DIR/sysdumpdev-l
sysdumpdev -e > $LOG_DIR/sysdumpdev-e
# Filesystems
mount > $LOG_DIR/mount
lsfs > $LOG_DIR/lsfs
lsfs -q > $LOG_DIR/lsfs-q
df -vm > $LOG_DIR/df-vm
copy /etc/filesystems $LOG_DIR/ETC_filesystems
for FS in $(mount | grep -w -E "jfs|jfs2|nfs[234]" | cut -f2- -d\ | awk '{print $2}'); do ls -ld "$FS"; done > $LOG_DIR/ls-ld_FS
# Networking
ifconfig -a > $LOG_DIR/ifconfig-a
netstat -rn > $LOG_DIR/netstat-rn
odmget CuAt | grep -p -w route > $LOG_DIR/ODM_routes
copy /etc/hosts $LOG_DIR/ETC_hosts
for I in $(lsdev | grep -w "ent[0-9]*" | awk '{print $1}'); do
echo === $I =================================;
entstat -d $I 2>&1 | sed "s/^ *$/#/g"
echo
done > $LOG_DIR/entstat-d
# NFS exports
copy /etc/exports $LOG_DIR/NFS_exports
exportfs -a > $LOG_DIR/NFS_exportfs-a
# NIM
copy /etc/niminfo $LOG_DIR/NIM_niminfo
if [ -f /usr/sbin/lsnim ]; then
lsnim > $LOG_DIR/NIM_lsnim
fi
# HACMP / PowerHA
if [ -f /etc/es/objrepos/HACMPcluster ]; then
/usr/es/sbin/cluster/utilities/clRGinfo > $LOG_DIR/HA_clRGinfo
/usr/es/sbin/cluster/utilities/cllsres > $LOG_DIR/HA_cllsres
/usr/es/sbin/cluster/utilities/clshowres > $LOG_DIR/HA_clshowres
/usr/es/sbin/cluster/utilities/cldump > $LOG_DIR/HA_cldump
[ -f /usr/es/sbin/cluster/etc/exports ] && copy /usr/es/sbin/cluster/etc/exports $LOG_DIR/HA_exports
fi
# VIO - only if is a VIO
if [ -f /usr/ios/cli/ioscli ]; then
su - padmin -c "ioscli ioslevel" > $LOG_DIR/VIO_ioslevel
su - padmin -c "ioscli lsmap -all" > $LOG_DIR/VIO_lsmap-all
su - padmin -c "ioscli lsmap -net -all" > $LOG_DIR/VIO_lsmap-all-net
if [ $(su - padmin -c "ioscli ioslevel" | cut -f1 -d.) -gt 1 ]; then
su - padmin -c "ioscli lsmap -npiv -all" > $LOG_DIR/VIO_lsmap-all-npiv
fi
fi
# Tunables
no -a > $LOG_DIR/no-a
no -L > $LOG_DIR/no-L
vmo -a > $LOG_DIR/vmo-a
vmo -L > $LOG_DIR/vmo-L
ioo -a > $LOG_DIR/ioo-a
ioo -L > $LOG_DIR/ioo-L
raso -a > $LOG_DIR/raso-a
raso -L > $LOG_DIR/raso-L
schedo -a > $LOG_DIR/schedo-a
schedo -L > $LOG_DIR/schedo-L
# ODM customized params
odmget CuAt | egrep 'name = |attribute =|value =' | awk ' $1 ~ "name|attribute|value" { a[$1] = $3 }
$1 == "value" {printf "%-20s %-20s %s\n", a["name"], a["attribute"], a["value"] }' | sort > $LOG_DIR/ODM_CuAt
# /etc/...
copy /etc/passwd $LOG_DIR/ETC_passwd
copy /etc/inittab $LOG_DIR/ETC_inittab
copy /etc/group $LOG_DIR/ETC_group
copy /etc/security/passwd $LOG_DIR/ETC_security_passwd
copy /etc/security/limits $LOG_DIR/ETC_security_limits
copy /etc/security/user $LOG_DIR/ETC_security_user
copy /etc/exclude.rootvg $LOG_DIR/other_exclude.rootvg
copy /etc/sudoers $LOG_DIR/ETC_sudoers
copy /etc/hosts $LOG_DIR/ETC_hosts
copy /etc/syslog.conf $LOG_DIR/ETC_syslog_conf
# Processes
ps -ef > $LOG_DIR/ps-ef
lssrc -a > $LOG_DIR/lssrc-a
# Tivoli configuration
[ -f /opt/Tivoli/lcf/dat/1/conf/LGE_generique_Process.conf ] && copy /opt/Tivoli/lcf/dat/1/conf/LGE_generique_Process.conf $LOG_DIR/ITM4_Process
[ -f /opt/Tivoli/lcf/dat/1/conf/LGE_generique_Disk.conf ] && copy /opt/Tivoli/lcf/dat/1/conf/LGE_generique_Disk.conf $LOG_DIR/ITM4_Disk
[ -f /opt/Tivoli/lcf/dat/1/LCFNEW/Tmw2k/Unix/TSA_process.param ] && copy /opt/Tivoli/lcf/dat/1/LCFNEW/Tmw2k/Unix/TSA_process.param $LOG_DIR/ITM5_Process
[ -f /opt/Tivoli/lcf/dat/1/LCFNEW/Tmw2k/Unix/TSA_DMXFileSystem.param ] && copy /opt/Tivoli/lcf/dat/1/LCFNEW/Tmw2k/Unix/TSA_DMXFileSystem.param $LOG_DIR/ITM5_Filesystem
[ -f /opt/IBM/ITM/CONFILES/ups_all_configured.loc ] && copy /opt/IBM/ITM/CONFILES/ups_all_configured.loc $LOG_DIR/ITM6_Process
[ -f /opt/IBM/ITM/CONFILES/ufs_all_configured.loc ] && copy /opt/IBM/ITM/CONFILES/ufs_all_configured.loc $LOG_DIR/ITM6_Filesystem
# Other
lsvpd > $LOG_DIR/lsvpd
crontab -l > $LOG_DIR/crontab-l
for U in $(ls /var/spool/cron/crontabs | grep -w -v "root"); do
if /usr/bin/id $U >/dev/null 2>&1; then
echo === $U =================================
cat /var/spool/cron/crontabs/$U | sed "s:^ *$:#:g"
echo
fi
done > $LOG_DIR/crontab-l_user
# FINISH
rotate_file ${RUN_DIR}/*.tgz
tar -cf - -C $LOG_DIR/.. ./${DIR} | gzip -c > ${RUN_DIR}/${DIR}.tgz
chmod 644 ${RUN_DIR}/${DIR}.tgz
msg -d "Done creating system information snapshot."
if [ -s ${RUN_DIR}/${DIR}.tgz ]; then
test -d ${LOG_DIR} && rm -f ${LOG_DIR}/* && rmdir $LOG_DIR
msg -s "Server vitals were gathered."
else
msg -e "Unable to gather server vitals."
fi
}
### END ### Gather server information
##############################
### Load History
##############################
function load_history {
[[ $DEBUG -eq 1 ]] && set -x
T=0
for F in $(ls -t ${RUN_DIR}/*.tgz* | sort -n -k3 -t.); do
HISTORY[$T]=$F
T=$(($T+1))
done
}
##############################
### Display History
##############################
function display_history {
[[ $DEBUG -eq 1 ]] && set -x
# Load
T=0
for F in $(ls -t ${RUN_DIR}/*.tgz* | sort -n -k3 -t.); do
HISTORY[$T]=$F
T=$(($T+1))
done
# Display
while [ $T -gt 0 ]; do
T=$(($T-1))
if [ "$1" = "" -o "$1" = "$T" -o "$2" = "$T" ]; then
HISTDATE[$T]=$(gunzip -c < ${HISTORY[$T]} | tar -tvf - | head -1 | awk '{print $8 "_" $5 "_" $6 "_" $7 }')
msg $T "${HISTDATE[$T]} : ${HISTORY[$T]}"
fi
done
}
##############################
### Get Differences
##############################
function get_diff {
[[ $DEBUG -eq 1 ]] && set -x
F=$1 # File type Label
NEW=$2 # File that has to be checked
OLD=$3 # File that is used as reference for checking
RC=0 # Return code
# Decide what to check based on first parameter
case $1 in
"bootlist-o")
for VAR in $(cat $NEW | awk '{print $1}' | sort -u); do
cat $OLD | awk '{print $1}' | grep -w -q $VAR || { msg -w "'$VAR' was NOT bootable before."; RC=1; }
done
for VAR in $(cat $OLD | awk '{print $1}' | sort -u); do
cat $NEW | awk '{print $1}' | grep -w -q $VAR || { msg -w "'$VAR' was bootable before."; RC=1; }
done
;;
"mount")
# Check that mounted filesystems are in correct order
for FS in $(cat $NEW | grep -w -E "jfs|jfs2|nfs[234]" | cut -f2- -d\ | awk '{print $2}'); do
cat $NEW | grep -w -E "jfs|jfs2|nfs[234]" | cut -f2- -d\ | awk '{print $2}' | grep "^${FS}" | while read VAR; do
[ "$VAR" = "$FS" ] && break
[ "${VAR%/*}" = "${FS%/*}" ] && continue
msg -w "$VAR is mounted before $FS"
RC=1
done
done
# Check filesystems that are or aren't mounted
NEW_VAR=$(cat $NEW | grep -w -E "jfs|jfs2|nfs[234]" | cut -f2- -d\ | awk '{print $2}')
OLD_VAR=$(cat $OLD | grep -w -E "jfs|jfs2|nfs[234]" | cut -f2- -d\ | awk '{print $2}')
for VAR in $NEW_VAR; do
echo "$OLD_VAR" | grep -q -w "^$VAR$" || \
{ msg -w "Filesystem mounted now but NOT mounted before:" "$VAR"; RC=1; }
done
for VAR in $OLD_VAR; do
echo "$NEW_VAR" | grep -q -w "^$VAR$" || \
{ msg -w "Filesystem NOT mounted now but mounted before:" "$VAR"; RC=1; }
done
;;
"ETC_filesystems")
# Check the filesystem mount order is correct in /etc/filesystems
for D in $(grep "^/" $NEW | cut -f1 -d: | sort -r); do
VAR=$(grep -w "^$D" $NEW | head -1)
if [ ! "$D:" = "$VAR" ]; then
msg -w "'$VAR' will be mounted before '$D'"
RC=1
fi
done
# Check if any filesystem is not mounted automatically
for FS in $(grep "^/" $NEW | cut -f1 -d:); do
VAR=$(grep -E "^/|mount" $NEW | grep -p "^${FS}:" | grep -w "mount" | awk '{print $3}')
if [ "$VAR" = "false" ]; then
msg -w "FS is NOT mounted automatically:" "${FS}"
RC=1
fi
done
# Check filesystem existance in /etc/filesystems
NEW_VAR=$(cat $NEW | grep "^/" | cut -f1 -d:)
OLD_VAR=$(cat $OLD | grep "^/" | cut -f1 -d:)
for VAR in $NEW_VAR; do
echo "$OLD_VAR" | grep -q -w "^$VAR$" || \
{ msg -w "Filesystem NOT present before:" "$VAR"; RC=1; }
done
for VAR in $OLD_VAR; do
echo "$NEW_VAR" | grep -q -w "^$VAR$" || \
{ msg -w "Filesystem NOT present now:" "$VAR"; RC=1; }
done
;;
"ls-ld_FS")
NEW_VAR=$(cat $NEW | awk '{print $9}')
OLD_VAR=$(cat $OLD | awk '{print $9}')
for FS in $(echo "$NEW_VAR" | grep -w "$OLD_VAR"); do
grep -w "$FS$" $NEW | read NEW_P VAR NEW_U NEW_G VAR
grep -w "$FS$" $OLD | read OLD_P VAR OLD_U OLD_G VAR
if [ "$NEW_P" = "" ]; then
msg -w "Removed filesystem:" "$FS"
elif [ "$OLD_P" = "" ]; then
msg -w "New filesystem:" "$FS"
else
[ "$NEW_P" = "$OLD_P" ] || { msg -w "FS permisions changed for '$FS':" "Old: $OLD_P / New: $NEW_P"; RC=1; }
[ "$NEW_U" = "$OLD_U" ] || { msg -w "FS owner changed for '$FS':" "Old: $OLD_U / New: $NEW_U"; RC=1; }
[ "$NEW_G" = "$OLD_G" ] || { msg -w "FS group changed for '$FS':" "Old: $OLD_G / New: $NEW_G"; RC=1; }
fi
done
;;
"NFS_exports"|"NFS_exportfs-a"|"HA_exports")
OLD_VAR=$(grep -v "^#" $OLD | awk '{print $1}')
NEW_VAR=$(grep -v "^#" $NEW | awk '{print $1}')
for VAR in $OLD_VAR; do
echo "$NEW_VAR" | grep -q -w "^$VAR$" || \
{ msg $F "OLD" "$VAR"; RC=1; }
done
for VAR in $NEW_VAR; do
echo "$OLD_VAR" | grep -q -w "^$VAR$" || \
{ msg $F "NEW" "$VAR"; RC=1; }
done
for FS in $(cat $NEW | awk '{print $1}'); do
if cat $OLD | awk '{print $1}' | grep -q -w "^${FS}$"; then
# Server access part
NEW_VAR=$(cat $NEW | grep -w "^$FS " | tr "," "\n" | grep "access=" | cut -f2 -d= | tr ":" "\n")
OLD_VAR=$(cat $OLD | grep -w "^$FS " | tr "," "\n" | grep "access=" | cut -f2 -d= | tr ":" "\n")
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg -w "FS '$FS' was NOT exported to:" "$(echo $VAR)"; RC=1; }
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg -w "FS '$FS' is NOT anymore exported to:" "$(echo $VAR)"; RC=1; }
# Root access part
NEW_VAR=$(cat $NEW | grep -w "^$FS " | tr ",:" "\n " | grep "root=" | cut -f2 -d=)
OLD_VAR=$(cat $OLD | grep -w "^$FS " | tr ",:" "\n " | grep "root=" | cut -f2 -d=)
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg -w "NFS Root access to '$FS' is NOT anymore valid for:" "$(echo $VAR)" ; RC=1; }
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg -w "NFS ROOT access to '$FS' was NOT valid for:" "$(echo $VAR)"; RC=1; }
# Security part
NEW_VAR=$(cat $NEW | grep -w "^$FS " | tr ",:" "\n " | grep "sec=" | cut -f2 -d=)
OLD_VAR=$(cat $OLD | grep -w "^$FS " | tr ",:" "\n " | grep "sec=" | cut -f2 -d=)
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg -w "NFS Security setting of '$FS' is NOT anymore:" "$(echo $VAR)" ; RC=1; }
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg -w "NFS Security setting of '$FS' was NOT :" "$(echo $VAR)"; RC=1; }
fi
done
;;
"lsattr-El_dev")
IGNORE=$(cat $NEW $OLD | grep -p -E "^lvserial_id|^vgserial_id" | grep "^=== " | awk '{print $2}')
NEW_VAR=$(cat $NEW | grep "^=== " | awk '{print $2}' | grep -w -v -E "$IGNORE")
OLD_VAR=$(cat $OLD | grep "^=== " | awk '{print $2}' | grep -w -v -E "$IGNORE")
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_D")
[ ! "$VAR" = "" ] && { msg -w "Devices NOT configured before:" "$VAR"; RC=1; }
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_D")
[ ! "$VAR" = "" ] && { msg -w "Devices NOT configured anymore:" "$VAR"; RC=1; }
for D in $(echo "$NEW_VAR" | grep -w "$OLD_VAR"); do
NEW_VAR=$(cat $NEW | grep -p "^=== $D " | sed "s/ */ /g")
OLD_VAR=$(cat $OLD | grep -p "^=== $D " | sed "s/ */ /g")
if [ ! "$NEW_VAR" = "$OLD_VAR" ]; then
msg -w "Device has different configuration:" "$D"
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg "$F" "OLD" "$VAR"; RC=1; }
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg "$F" "NEW" "$VAR"; RC=1; }
RC=1
fi
done
;;
"lsps-a")
for VAR in $(cat $NEW $OLD | grep -w -v "^Page Space" | awk '{print $1 "_" $2 "_" $3}'); do
NEW_VAR=$(cat $NEW | awk '{print $1 "_" $2 "_" $3 " " $4 " " $6 " " $7}' | grep -w "$VAR")
OLD_VAR=$(cat $OLD | awk '{print $1 "_" $2 "_" $3 " " $4 " " $6 " " $7}' | grep -w "$VAR")
if [ "$NEW_VAR" = "" ]; then
msg -w "Paging space is NOT there anymore:" "$OLD_VAR"
RC=1
elif [ "$OLD_VAR" = "" ]; then
msg -w "New Paging space:" "$NEW_VAR"
RC=1
elif [ ! "$NEW_VAR" = "$OLD_VAR" ]; then
[ ! "$OLD_VAR" = "" ] && { msg "$F" "OLD" $(echo "$OLD_VAR"); RC=1; }
[ ! "$NEW_VAR" = "" ] && { msg "$F" "NEW" $(echo "$NEW_VAR"); RC=1; }
RC=1
fi
done
;;
"crontab-l")
VAR=$(diff $NEW $OLD | grep "^>" | cut -c3- | grep -v "^#" | tr "*" '%')
[ ! "$VAR" = "" ] && { msg $F "OLD" "$VAR" | tr '%' '*'; RC=1; }
VAR=$(diff $OLD $NEW | grep "^>" | cut -c3- | grep -v "^#" | tr "*" '%')
[ ! "$VAR" = "" ] && { msg $F "NEW" "$VAR" | tr '%' '*'; RC=1; }
;;
"crontab-l_user")
for VAR_U in $(grep "^=== " $OLD $NEW | awk '{print $2}' | sort -u); do
NEW_VAR=$(grep -v "^#" $NEW | sed "s/^=== /%=== /g" | tr "%" "\n" | grep -p "^=== ${VAR_U}" | tr '*' '%')
OLD_VAR=$(grep -v "^#" $OLD | sed "s/^=== /%=== /g" | tr "%" "\n" | grep -p "^=== ${VAR_U}" | tr '*' '%')
if [ "$NEW_VAR" = "" -a ! "$OLD_VAR" = "" ]; then
msg -w "Crontab removed for user:" "${VAR_U}"
msg $F "OLD" "$OLD_VAR" | tr '%' '*'; RC=1;
elif [ "$OLD_VAR" = "" -a ! "$NEW_VAR" = "" ]; then
msg -w "Crontab added for user:" "${VAR_U}"
msg $F "NEW" "$NEW_VAR" | tr '%' '*'; RC=1;
elif [ ! "$NEW_VAR" = "$OLD_VAR" ]; then
msg -w "Crontab changed for user:" "${VAR_U}"
$VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg $F "OLD" "$VAR" | tr '%' '*'; RC=1; }
$VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg $F "NEW" "$VAR" | tr '%' '*'; RC=1; }
fi
done
;;
"lssrc-a")
NEW_VAR=$(grep -w "active" $NEW | awk '{print $1}' | sort)
OLD_VAR=$(grep -w "active" $OLD | awk '{print $1}' | sort)
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg -w "Services NOT running now:" "$VAR"; RC=1; }
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg -w "Services that were not running before:" "$VAR"; RC=1; }
;;
"netstat-rn")
NEW_VAR=$(grep -w "en[0-9]*" $NEW | grep -w -v "FLAGs" | awk '{print $1 " " $2 " " $3 " " $6}')
OLD_VAR=$(grep -w "en[0-9]*" $OLD | grep -w -v "FLAGs" | awk '{print $1 " " $2 " " $3 " " $6}')
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg $F "OLD" "$VAR"; RC=1; }
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg $F "NEW" "$VAR"; RC=1; }
;;
"NIM_niminfo"|"NIM_lsnim")
diff $NEW $OLD >/dev/null 2>&1
if [ ! $? -eq 0 ]; then
VAR=$(diff $NEW $OLD | grep "^>" | cut -c3- | sort -k 3)
[ ! "$VAR" = "" ] && msg "$F" "OLD" "$VAR"
VAR=$(diff $OLD $NEW | grep "^>" | cut -c3- | sort -k 3)
[ ! "$VAR" = "" ] && msg "$F" "NEW" "$VAR"
RC=1
fi
;;
"lsdev"|"lspv"| \
"ioo-a"|"no-a"|"schedo-a"|"vmo-a"|"raso-a"| \
"oslevel-s"|"instfix-i"|"lppchk-v"|"sysdumpdev-l"|"lparstat-i")
diff $NEW $OLD >/dev/null 2>&1
if [ ! $? -eq 0 ]; then
VAR=$(diff $NEW $OLD | grep "^>" | cut -c3-)
[ ! "$VAR" = "" ] && msg "$F" "OLD" "$VAR"
VAR=$(diff $OLD $NEW | grep "^>" | cut -c3-)
[ ! "$VAR" = "" ] && msg "$F" "NEW" "$VAR"
RC=1
fi
;;
"ETC_syslog_conf"|"ETC_inittab"|"ETC_sudoers")
diff $NEW $OLD >/dev/null 2>&1
if [ ! $? -eq 0 ]; then
VAR=$(diff $NEW $OLD | grep "^>" | cut -c3- | grep -v "^#")
[ ! "$VAR" = "" ] && msg "$F" "OLD" "$VAR"
VAR=$(diff $OLD $NEW | grep "^>" | cut -c3- | grep -v "^#")
[ ! "$VAR" = "" ] && msg "$F" "NEW" "$VAR"
RC=1
fi
;;
"ITM4_Filesystem"|"ITM5_Filesystem"|"ITM6_Filesystem"|"ITM4_Process"|"ITM5_Process"|"ITM6_Process")
diff $NEW $OLD >/dev/null 2>&1
if [ ! $? -eq 0 ]; then
VAR=$(diff $NEW $OLD | grep "^>" | cut -c3- | grep -v "^#")
[ ! "$VAR" = "" ] && msg "$F" "OLD" "$VAR"
VAR=$(diff $OLD $NEW | grep "^>" | cut -c3- | grep -v "^#")
[ ! "$VAR" = "" ] && msg "$F" "NEW" "$VAR"
RC=1
fi
;;
"ETC_passwd")
NEW_VAR=$(cat $NEW | cut -f1 -d:)
OLD_VAR=$(cat $OLD | cut -f1 -d:)
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg -w "Removed user(s):" "$VAR"; RC=1; }
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg -w "New user(s):" "$VAR"; RC=1; }
;;
"ETC_group")
NEW_VAR=$(cat $NEW | cut -f1 -d:)
OLD_VAR=$(cat $OLD | cut -f1 -d:)
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg -w "Removed group(s):" "$VAR"; RC=1; }
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg -w "New group(s):" "$VAR"; RC=1; }
;;
"ETC_hosts")
# Check for IPs
NEW_VAR=$(grep -v "^#" $NEW | awk '{print $1}' | sort -u | grep -v "^$")
OLD_VAR=$(grep -v "^#" $OLD | awk '{print $1}' | sort -u | grep -v "^$")
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg -w "Removed IP(s):" "$VAR"; RC=1; }
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg -w "New IP(s):" "$VAR"; RC=1; }
# Check for names
for VAR in $(grep -v "^#" $NEW $OLD | cut -f2- -d: | cut -f1 -d'#' | awk '{print $2 " " $3 " " $4 " " $5}' | sort -u); do
NEW_VAR=$(grep -w $VAR $NEW | awk '{print $1}' | grep -v "^#")
OLD_VAR=$(grep -w $VAR $OLD | awk '{print $1}' | grep -v "^#")
if [ "$NEW_VAR" = "" ]; then
msg "$F" "OLD" "$OLD_VAR $VAR"
RC=1
elif [ "$OLD_VAR" = "" ]; then
msg "$F" "NEW" "$NEW_VAR $VAR"
RC=1
elif [ ! "$NEW_VAR" = "$OLD_VAR" ]; then
msg -w "Hostname '$VAR' has different IP(s):" "Old: $OLD_VAR / New: $NEW_VAR"
RC=1
fi
done
;;
"lsvg-l")
NEW_VAR=$(grep -w -v -E "^LV NAME|[a-zA-Z0-9]*:" $NEW | awk '{print $1 " " $2 " " $6 " " $7}')
OLD_VAR=$(grep -w -v -E "^LV NAME|[a-zA-Z0-9]*:" $OLD | awk '{print $1 " " $2 " " $6 " " $7}')
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg "$F" "OLD" "$VAR"; RC=1; }
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg "$F" "NEW" "$VAR"; RC=1; }
;;
"ifconfig-a")
for VAR in $(grep "^[a-z]" $NEW $OLD | cut -f2 -d: | sort -u); do
NEW_VAR=$(cat $NEW | sed "s/.* rfc1323 .*//g" | grep -p "^${VAR}:" | grep -w "inet")
OLD_VAR=$(cat $OLD | sed "s/.* rfc1323 .*//g" | grep -p "^${VAR}:" | grep -w "inet")
if [ ! "$NEW_VAR" = "$OLD_VAR" ]; then
msg -w "Network interface configuration changed for:" "$VAR"
[ ! "$OLD_VAR" = "" ] && msg "$F" "OLD" "$OLD_VAR"
[ ! "$NEW_VAR" = "" ] && msg "$F" "NEW" "$NEW_VAR"
RC=1
fi
done
;;
"lspath")
NEW_VAR=$()
for VAR_D in $(cat $NEW $OLD | awk '{print $2}' | sort -u); do
NEW_VAR=$(grep -w "$VAR_D" $NEW | awk '{print $1 " " $3}')
OLD_VAR=$(grep -w "$VAR_D" $OLD | awk '{print $1 " " $3}')
if [ ! "$NEW_VAR" = "$OLD_VAR" ]; then
msg -w "Paths changed for disk:" "$VAR_D"
VAR=$(echo "$OLD_VAR" | grep -v -w "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg "$F" "OLD" "$VAR"; RC=1; }
VAR=$(echo "$OLD_VAR" | grep -v -w "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg "$F" "NEW" "$VAR"; RC=1; }
fi
done
;;
"pcmpath_q_a"|"datapath_q_a")
NEW_VAR=$(grep "^ *[0-9]" $NEW | awk '{print $2 " " $3 " " $4 " " $7 " " $8}')
OLD_VAR=$(grep "^ *[0-9]" $OLD | awk '{print $2 " " $3 " " $4 " " $7 " " $8}')
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg "$F" "OLD" "$VAR"; RC=1; }
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg "$F" "NEW" "$VAR"; RC=1; }
;;
"fget_config-Av")
NEW_VAR=$(grep "^ *dac[0-9]" $NEW)
OLD_VAR=$(grep "^ *dac[0-9]" $OLD)
VAR=$(echo "$OLD_VAR" | grep -w -v "$NEW_VAR")
[ ! "$VAR" = "" ] && { msg "$F" "OLD" "$VAR"; RC=1; }
VAR=$(echo "$NEW_VAR" | grep -w -v "$OLD_VAR")
[ ! "$VAR" = "" ] && { msg "$F" "NEW" "$VAR"; RC=1; }
;;
"VIO_lsmap-all-npiv")
for VAR in $(grep -p "^Name" $OLD $NEW | grep -v -w "^$|^Name|^-" | cut -f2 -d: | awk '{print $1}' | sort -u); do
NEW_VAR=$(grep -v "^$" $NEW | grep -v -w "^$VAR" | sed "s/\-*//g")
OLD_VAR=$(grep -v "^$" $OLD | grep -v -w "^$VAR" | sed "s/\-*//g")
if [ ! "$NEW_VAR" = "$OLD_VAR" ]; then
msg -w "NPIV mapping change for:" "$VAR"
[ ! "$OLD_VAR" = "" ] && msg "$F" "$OLD" "$OLD_VAR"
[ ! "$NEW_VAR" = "" ] && msg "$F" "$NEW" "$NEW_VAR"
RC=1
fi
done
;;
"VIO_lsmap-all-net")
for VAR in $(grep -p "^SVEA" $OLD $NEW | grep -v -w "^$|^SVEA|^-" | cut -f2 -d: | awk '{print $1}' | sort -u); do
NEW_VAR=$(grep -v "^$" $NEW | grep -v -w "^$VAR" | sed "s/\-*//g")
OLD_VAR=$(grep -v "^$" $OLD | grep -v -w "^$VAR" | sed "s/\-*//g")
if [ ! "$NEW_VAR" = "$OLD_VAR" ]; then
msg -w "Network mapping change for:" "$VAR"
msg "$F" "$OLD" "$OLD_VAR"
msg "$F" "$NEW" "$NEW_VAR"
RC=1
fi
done
;;
"VIO_lsmap-all")
for VAR in $(grep -p "^SVSA" $OLD $NEW | grep -v -w "^$|^SVSA|^-" | cut -f2 -d: | awk '{print $1}' | sort -u); do
NEW_VAR=$(grep -v "^$" $NEW | grep -v -w "^$VAR" | sed "s/\-*//g")
OLD_VAR=$(grep -v "^$" $OLD | grep -v -w "^$VAR" | sed "s/\-*//g")
if [ ! "$NEW_VAR" = "$OLD_VAR" ]; then
msg -w "Virtual addapter mapping change for:" "$VAR"
[ ! "$OLD_VAR" = "" ] && msg "$F" "$OLD" "$OLD_VAR"
[ ! "$NEW_VAR" = "" ] && msg "$F" "$NEW" "$NEW_VAR"
RC=1
fi
done
;;
"HA_clRGinfo")
NEW_VAR=$(tail +4 $NEW | grep ^[A-Z] | awk '{print $1}')
OLD_VAR=$(tail +4 $OLD | grep ^[A-Z] | awk '{print $1}')
for VAR in $(cat $NEW $OLD | grep -v -E "^Group Name|^-" | awk '{print $1}' | sort -u); do
NEW_VAR=$(tail +4 $NEW | grep -p "^$VAR" | awk '{print $2 "_" $3}')
OLD_VAR=$(tail +4 $OLD | grep -p "^$VAR" | awk '{print $2 "_" $3}')
if [ ! "$NEW_VAR" = "$OLD_VAR" ]; then
msg -w "PowerHA Resource has different status:" "$VAR"
[ ! "$OLD_VAR" = "" ] && msg "$F" "OLD" "$OLD_VAR"
[ ! "$NEW_VAR" = "" ] && msg "$F" "NEW" "$NEW_VAR"
RC=1
fi
done
;;
"HA_cldump"|"HA_clshowres"|"HA_cllsres")
diff $NEW $OLD >/dev/null 2>&1
if [ ! $? -eq 0 ]; then
msg -w "Cluster state is different!"
VAR=$(diff $NEW $OLD | grep "^>" | cut -c3-)
[ ! "$VAR" = "" ] && msg "$F" "OLD" "$VAR"
VAR=$(diff $OLD $NEW | grep "^>" | cut -c3-)
[ ! "$VAR" = "" ] && msg "$F" "NEW" "$VAR"
RC=1
fi
;;
"entstat-d")
VAR[0]="Device Type:"
VAR[1]="Hardware Address:"
VAR[2]="Switch ID:"
VAR[3]="Port VLAN ID:"
VAR[4]="VLAN Tag IDs:"
VAR[5]="Link Status:"
VAR[6]="Media Speed Selected:"
VAR[7]="Media Speed Running: "
VAR[8]="Transmit and Receive Flow Control Status:"
VAR[9]="TCP Segmentation Offload:"
VAR[10]="Number of adapters:"
VAR[11]="Active channel:"
VAR[12]="Operating mode:"
VAR[13]="Aggregation status:"
VAR[14]="Port Operational State:"
VAR[15]="External-Network Switch-Port Operational State:"
VAR[16]="External-Network-Switch (ENS) Port Speed:"
for VAR_E in $(grep "^=== " $NEW $OLD | awk '{print $2}' | sort -u); do
I=17
while [ $I -gt 0 ]; do
I=$(($I-1))
OLD_VAR=$(grep -p "^=== $VAR_E =" $OLD | grep "^${VAR[$I]}" | cut -f2- -d:)
NEW_VAR=$(grep -p "^=== $VAR_E =" $NEW | grep "^${VAR[$I]}" | cut -f2- -d:)
if [ ! "$OLD_VAR" = "$NEW_VAR" ]; then
msg -w "Active configuration changed:" "$VAR_E"
msg $F "OLD" "${VAR[$I]}"
msg $F "OLD" "$OLD_VAR"
msg $F "NEW" "${VAR[$I]}"
msg $F "NEW" "$NEW_VAR"
RC=1
fi
done
done
;;
*) return 2 ;; # diff $NEW $OLD >/dev/null 2>&1 || RC=1;;
esac
# # TO DO:
# ETC_security_limits
# ETC_security_passwd
# ETC_security_user
# ODM_CuAt
# ODM_routes
# bootinfo-s_hdisk_
# datapath_q_d
# df-vm
# ioo-L
# ipcs-a
# lqueryvg-p_hdisk_-At
# lscfg-v
# lscfg-vl_hdisk_
# lscfg-vp
# lsfs
# lsfs-q
# lslpp-l
# lslv-l_lv_
# lslv_lv_
# lspath
# lspv-l_hdisk_
# lspv_hdisk_
# lsslot-c_pci
# lsvg
# lsvg-p
# lsvpd
# no-L
# other_exclude.rootvg
# pcmpath_q_d
# prtconf
# ps-ef
# ps-eo_vsz
# raso-L
# schedo-L
# sysdumpdev-e
# uname-a
# uptime
# vmo-L
return $RC
}
##############################
### Compare server information
##############################
function compare_info {
[[ $DEBUG -eq 1 ]] && set -x
[ "$1" = "-q" ] && shift && QUIET=1 || QUIET=0
DIR=vitals_$(uname -n)
V1="$1"
V2="$2"
display_history $V1 $V2
[ "$V1" = "" ] && read V1?"Enter 1st reference point in time - NEW [0]: "
[ "$V1" = "" ] && V1=0 || V1=$(printf "%d" $V1 2>/dev/null)
[ "$V2" = "" ] && read V2?"Enter 2nd reference point in time - OLD [1]: "
[ "$V2" = "" ] && V2=1 || V2=$(printf "%d" $V2 2>/dev/null)
if [ "${HISTORY[$V1]}" = "" -o "${HISTORY[$V2]}" = "" -o $V1 -eq $V2 ]; then
msg -e "Entered values are not good."
return 1
fi
msg "Processing" "Comparing ${HISTDATE[$V1]} (NEW) with ${HISTDATE[$V2]} (OLD)."
DIR[$V1]=$(gunzip -c < ${HISTORY[$V1]} | tar -tvf - | head -1 | cut -f2 -d/)
DIR[$V2]=$(gunzip -c < ${HISTORY[$V2]} | tar -tvf - | head -1 | cut -f2 -d/)
for F in $(gunzip -c < ${HISTORY[$V1]} | tar -tvf - | grep "^-" | cut -f3 -d/ | grep -v -E "$(uname -n)|cfg2html.sh"); do
gunzip -c < ${HISTORY[$V1]} | tar -xvf - "./${DIR[$V1]}/$F" >/dev/null 2>&1
if [ -f "./${DIR[$V1]}/$F" ]; then
mv "./${DIR[$V1]}/$F" /tmp/NEW.$$
else
msg -w "$F was not retrieved."
continue
fi
gunzip -c < ${HISTORY[$V2]} | tar -xvf - "./${DIR[$V2]}/$F" >/dev/null 2>&1
if [ -f "./${DIR[$V2]}/$F" ]; then
mv "./${DIR[$V2]}/$F" /tmp/OLD.$$
else
msg "$F" "N/A"
rm -f /tmp/NEW.$$
continue
fi
[ $QUIET -eq 0 ] && echo "Processing : ${F}\r\c"
[ $QUIET -eq 1 ] && VERBOSE=0
get_diff $F /tmp/NEW.$$ /tmp/OLD.$$
case $? in
0) [ $QUIET -eq 1 ] && VERBOSE=1 || echo " \r\c" ; msg "$F" "OK" ;;
1) [ $QUIET -eq 1 ] && VERBOSE=1 || echo " \r\c" ; msg "$F" "KO" ;;
*) echo " \r\c" ;; # "Just ignore any return code different than 0 or 1"
esac
rm -f /tmp/NEW.$$ /tmp/OLD.$$
done
[ -d ./${DIR[$V1]} ] && rmdir ./${DIR[$V1]}
[ -d ./${DIR[$V2]} ] && rmdir ./${DIR[$V2]}
}
##############################
### Generate config file
##############################
function generate_config {
[[ $DEBUG -eq 1 ]] && set -x
[ "$CONFFILE" = "" ] && { msg -e "Configuration file is not defined."; exit 1; }
[ -s "$CONFFILE" ] && { msg -w "Configuration file exists." "'$CONFFILE'"; exit 1; }
touch $CONFFILE || { msg -e "Cannot create configuration file." "'$CONFFILE'"; exit 1; }
cat > "$CONFFILE" <<EOF
DEBUG="$DEBUG"
SNAPHIST="$SNAPHIST"
RUN_DIR="$RUN_DIR"
LOG_FILE="$LOG_FILE"
LOCATION="$LOCATION"
CHANGELN="$CHANGELN"
LOCOWNER="$LOCOWNER"
LOCPERMI="$LOCPERMI"
CRONFILE="$CRONFILE"
CRONTEXT="$CRONTEXT"
CRONLINE="$CRONLINE"
EOF
[ -s "${CONFFILE}" ] && { msg -s "Config generated successfuly." "'$CONFFILE'"; }
}
##############################
### Tivoli Maintenance Flag
##############################
function maintenance_flag {
[[ $DEBUG -eq 1 ]] && set -x
# Validate the provided parameters
case $1 in
"START")
if [ $# -lt 3 ]; then
msg -w "Not enough parameters provided for Maintenance Flag activation." "Not activating."
msg -w "Provided parameters:" "$@"
return 1
fi
CH=$2 # Change number
NM=$3 # Name or Email
;;
"CLEAN")
if [ $# -lt 2 ]; then
msg -w "Not enough parameters provided for Maintenance Flag removal." "Not removing."
msg -w "Provided parameters:" "$@"
return 1
fi
CH=$2 # Change number
;;
*)
msg -w "Incorect action was requested for Maintenance Flag processing." "Nothing done."
msg -w "Provided parameters:" "$@"
return 1
;;
esac
# Check for Tivoli directories
if [ -d /opt/IBM/ITM/CONFILES ]; then
# ITM v6
MF_LINE="$(uname -n);UNIX; ; ; ;$CH;0;0;/tmp/maintenanceUNIX.txt"
MF_FILE="/opt/IBM/ITM/CONFILES/maintenance.cfg"
elif [ -d $(find '/opt/Tivoli/lcf/dat' -name 'Unix' -type d | head -1) ]; then
# ITM v5
MF_LINE="AP;UNIX;1200;$CH;$NM;/tmp/maintenanceUNIX.txt;"
MF_FILE="$(find '/opt/Tivoli/lcf/dat' -name 'Unix' -type d | head -1)/TSA_Maintenance_Mode.param"
else
msg -w "Could not find valid Tivoli directory installation." "Maintenance flag NOT configured."
return 1
fi
# Process the Maintenance Flag as requested
case $1 in
"START")
if [ -s $MF_FILE ]; then
if [ $(wc -c < $MF_FILE) -gt 20 ]; then
msg -w "Maintenance flag is allready active ($MF_FILE)." "Not changing."
cat $MF_FILE
return 1
fi
fi
echo "$MF_LINE" >> $MF_FILE
grep -q -w -i "$CH" $MF_FILE
if [ $? -eq 0 ]; then
msg -s "Maintenance flag activated. ($MF_FILE)"
return 0
else
msg -w "Maintenance flag NOT activated. ($MF_FILE)"
return 1
fi
;;
"CLEAN")
if [ -s $MF_FILE ]; then
grep -q -w -i "$CH" $MF_FILE
if [ ! $? -eq 0 ]; then
msg -e "Maintenance flag contains annother change number." "Not removed."
cat $MF_FILE
return 1
fi
fi
rm -f "$MF_FILE"
if [ ! -s $MF_FILE ]; then
msg -w "Maintenance flag NOT removed. ($MF_FILE)"
return 1
else
msg -s "Maintenance flag removed. ($MF_FILE)"
return 0
fi
;;
esac
}
##############################
### Seconday simple usage
##############################
function system_change {
[[ $DEBUG -eq 1 ]] && set -x
# Rotate log file if necessary
rotate_log $LOG_FILE
# Override certain variables
SNAPHIST="1000" # just to be on the safe side
RUN_DIR="/tmp/UNIX_Change" # different directory for snapshots
# Do the do
case $1 in
"START")
if [ -f $RUN_DIR/change ]; then
msg -w "Change '$(cat ${RUN_DIR}/change)' is still running or it was not cleaned." "Contact: $(cat ${RUN_DIR}/owner)"
return 1
elif [ "$2" = "" ]; then
msg -w "Maintenance flag will NOT be created."
CH="No_Change_Number"
NM=$(whoami)
else
CH=$2
NM=$3
while [ "$CH" = "" ]; do read CH?"Please provide the change number: "; done
while [ "$NM" = "" ]; do read NM?"What is your Name or E-mail? "; done
maintenance_flag "START" "$CH" "$NM"
fi
mkdir -p $RUN_DIR
echo "$CH" > $RUN_DIR/change
echo "$NM" > $RUN_DIR/owner
msg -d "Start of change $CH"
gather_info
;;
"STOP")
if [ ! -f $RUN_DIR/change ]; then
msg -w "No change is started."
return 1
elif [ -f ${RUN_DIR}/stopped ]; then
msg -d "Generating snapshot number $(($(ls $RUN_DIR/*.tgz* |wc -l)+1))"
fi
gather_info
compare_info 0 $(ls ${RUN_DIR}/*.tgz.* | wc -l)
touch ${RUN_DIR}/stopped
;;
"COMPARE")
if [ ! -f $RUN_DIR/change ]; then
msg -w "No change running."
return 1
fi
if [ $(ls ${RUN_DIR}/*.tgz* | wc -l) -lt 2 ]; then
msg -w "Not enough snapshots." "Try stopping."
return 1
fi
compare_info
;;
"CLEAN")
if [ ! -d ${RUN_DIR} ]; then
msg -d "Nothing to clean."
return 1
elif [ $(cat $RUN_DIR/change) = "No_Change_Number" ]; then
msg -w "Are you sure you want to clean?"
read Q?"Clean anyway? [y/N]"
[ ! "$Q" = "y" -a ! "$Q" = "Y" ] && return 1
elif [ -s $RUN_DIR/change -a ! -f $RUN_DIR/stopped ]; then
msg -w "Change '$(cat ${RUN_DIR}/change)' is still running." "Contact: $(cat ${RUN_DIR}/owner)"
read Q?"Clean anyway? [y/N]"
[ ! "$Q" = "y" -a ! "$Q" = "Y" ] && return 1
maintenance_flag "CLEAN" "$(cat $RUN_DIR/change)"
else
msg -w "Is change '$(cat ${RUN_DIR}/change)' complete?" "Contact: $(cat ${RUN_DIR}/owner)"
read Q?"Clean anyway? [y/N]"
[ ! "$Q" = "y" -a ! "$Q" = "Y" ] && return 1
maintenance_flag "CLEAN" "$(cat $RUN_DIR/change)"
fi
rm -f ${RUN_DIR}/* && rmdir ${RUN_DIR} && msg -d "Cleaning done."
;;
esac 2>&1 | tee -a $LOG_FILE
}
##############################
### Display usage information
##############################
function print_usage {
[[ $DEBUG -eq 1 ]] && set -x
msg -i "Primary Usage" "$1 [ -h | -i | -c | -C | -d | -g | -l | -q | -u | -v ]"
msg "----------" "------------------------------------------------------------"
msg -i "Options" "Are designed for general long term usage."
msg " -h" "Print help information."
msg " -i" "Add entry in crontab to execute script periodically."
msg " -c" "Create a new snapshot and compare it to the previous one."
msg " -C" "Display all available snapshots and chose which 2 to compare."
msg " -d" "Display all available snapshots."
msg " -g" "Create a new snapshot."
msg " -q" "Compare quietly the latest 2 snapshots. Doesn't display differences."
msg " -l" "Create or compare snapshots in the current directory."
msg " -u" "Remove entry from crontab."
msg " -v" "Print version."
msg "" ""
msg "Seconday Usage" "$1 [ start [ <change_number> ] | stop | compare | clean ]"
msg "----------" "------------------------------------------------------------"
msg -i "Options" "Are designed for usage during changes."
msg " start" "to use before impmenting change to create initial snapshot."
msg "" "change_number : is necessary to activate the maintenance flag."
msg " stop" "creates a new snapshot and will compare it with the first one."
msg " compare" "allows to compare any of the recorded snapshots."
msg " clean" "to use at the end of the change to clean all snapshots."
msg "----------" "------------------------------------------------------------"
msg "" "Execution without any parameter will do something to, by guessing."
msg "" "Only 1 option is processed."
}
##############################
### Guess what should be done
##############################
function guess_what_to_do {
[[ $DEBUG -eq 1 ]] && set -x
# Rotate log file if necessary
rotate_log $LOG_FILE
# Just gather data if started by cron
if [ "$(ps -p $PPID -o comm | tail -1)" = "cron" ]; then
exec 1>> $LOG_FILE 2>&1
gather_info
return $?
fi
# If this is a symlink, then display usage
if [ -L $1 ]; then
print_usage $1
return $?
fi
# If there is no snapshot, then create one
if [ ! -f ${RUN_DIR}/*.tgz ]; then
gather_info
return $?
fi
# Create snapshot if the last one is older then reboot time (from errpt timestamp)
VAR=$(errpt -j 2BFA76F6 | head -2 | tail -1 | awk '{print $2}')
if [ ! "$VAR" = "" ]; then
touch $VAR $LOG_FILE
if [ $(find ${RUN_DIR} -type f -name "*.tgz" -newer $LOG_FILE | wc -l) -eq 0 ]; then
msg -d "Reboot detected."
gather_info
fi
fi
# If last snapshot is older than one week, then create a new one and compare
if [ $(find ${RUN_DIR} -name "*.tgz*" -mtime -7 2>/dev/null | wc -l) -eq 0 ]; then
gather_info
compare_info 0 1
return $?
fi
# Just compare the last 2 snapshots
if [ $(ls ${RUN_DIR}/*.tgz* 2>/dev/null | wc -l) -gt 1 ]; then
compare_info 0 1
return $?
fi
# No idea
msg -w "No idea what to do."
print_usage $1
}
##############################
####### M A I N ########
##############################
# Apply the optional customization by admin (optional)
if [ -s $CONFFILE ]; then
if [ $(grep -v "^#" $CONFFILE | grep -v "[A-Z]*=\"[0-9a-zA-Z/-_\* \$\.]*\"" | wc -l) -gt 0 ]; then
msg -e "Problems found in config file, incorrect syntax detected:"
grep -v "^#" $CONFFILE | grep -v "[A-Z]*=\"[0-9a-zA-Z/_\* \$\.\-]*\""
exit 1
fi
. $CONFFILE
fi
# Validate config variables
if [ ! -d $RUN_DIR ]; then
mkdir -p $RUN_DIR 2>/dev/null || { msg -e "'$RUN_DIR' directory does not exist."; exit 1; }
fi
case $1 in
"-c") gather_info; compare_info 0 1 ;;
"-C") compare_info ;;
"-d") display_history ;;
"-g") gather_info ;;
"-i") self_install $0 ;;
"-l") RUN_DIR=$(pwd); LOG_FILE=$(basename $LOG_FILE); guess_what_to_do $0 ;;
"-u") self_uninstall $0 ;;
"-q") compare_info -q 0 1 ;;
"-v") msg "Version" "${VERSION}" ;;
"start") system_change "START" "$2" ;;
"stop") system_change "STOP" ;;
"compare") system_change "COMPARE" ;;
"clean") system_change "CLEAN" ;;
"--generate-config") generate_config ;;
"") guess_what_to_do $0 ;;
"-h") print_usage $0 ;;
*) print_usage $0 ;;
esac # 2>&1 | tee -a $LOG_FILE
Technical Blog for System Administrator 
Do not forǥet to inquire aabout іnsurancе coverage and also
licensing, if required.
LikeLike