#!/bin/bash # # Copyright 2003-2018 Broadcom. All Rights Reserved. # The term "Broadcom" refers to Broadcom Limited and/or its subsidiaries. # platform_os=`uname -s` is_fhs_build=0 use_chkconfig=1 mode_of_operation="3" enable_tcpip_operation="y" secure_management_mode="u" change_mode_of_operation="y" read_only_mode_of_operation="n" tcp_socket_change="n" socket_port_value="23333" management_host_address="" management_host_mode="n" management_host_is_exclusive="n" user_input="y" install_called=$1 undefined_groups="" systemd_elxhbamgr=systemd/system/elxhbamgrd.service systemd_elxdisco=systemd/system/elxdiscoveryd.service init_elxhbamgr=etc/init.d/elxhbamgrd init_elxdisco=etc/init.d/elxdiscoveryd if [ "$platform_os" = "Linux" ];then INSTALL_DIR="usr/sbin/ocmanager" CONF_DIR="etc" DUMP_DIR="var/opt/emulex/ocmanager/Dump" LOG_DIR="var/opt/emulex/ocmanager/logs" else INSTALL_DIR="opt/ELXocm" CONF_DIR="etc" DUMP_DIR="$INSTALL_DIR" LOG_DIR="$INSTALL_DIR" fi if [ $is_fhs_build -eq 1 ]; then INSTALL_DIR="opt/emulex/ocmanager" CONF_DIR="etc/emulex/ocmanager" fi enable_elxhbamgr() { if [ -f /${init_elxhbamgr} ]; then if [ $use_chkconfig -eq 1 ]; then chkconfig --level 235 elxhbamgrd on else sysv-rc-conf elxhbamgrd on fi elif [ -f /lib/${systemd_elxhbamgr} ] || [ -f /usr/lib/${systemd_elxhbamgr} ]; then systemctl -q enable elxhbamgrd.service fi } enable_elxdisco() { if [ -f /${init_elxdisco} ]; then if [ $use_chkconfig -eq 1 ]; then chkconfig --level 235 elxdiscoveryd on else sysv-rc-conf elxdiscoveryd on fi elif [ -f /lib/${systemd_elxdisco} ] || [ -f /usr/lib/${systemd_elxdisco} ]; then systemctl -q enable elxdiscoveryd.service fi } disable_elxhbamgr() { if [ -f /${init_elxhbamgr} ]; then if [ $use_chkconfig -eq 1 ]; then chkconfig --level 235 elxhbamgrd off else sysv-rc-conf elxhbamgrd off fi elif [ -f /lib/${systemd_elxhbamgr} ] || [ -f /usr/lib/${systemd_elxhbamgr} ]; then systemctl -q disable elxhbamgrd.service fi } disable_elxdisco() { if [ -f /${init_elxdisco} ]; then if [ $use_chkconfig -eq 1 ]; then chkconfig --level 235 elxdiscoveryd off else sysv-rc-conf elxdiscoveryd off fi elif [ -f /lib/${systemd_elxdisco} ] || [ -f /usr/lib/${systemd_elxdisco} ]; then systemctl -q disable elxdiscoveryd.service fi } question_enable_tcpip() { stay_in_loop=1 while [ $stay_in_loop -eq 1 ] do echo "" if [ "$mode_of_operation" = "2" ];then echo "Do you want to enable TCP/IP Management from remote hosts? (Y/N)" else echo "Do you want to enable TCP/IP Management to/from remote hosts? (Y/N)" fi echo "" echo "Enter 'y' to enable TCP/IP remote management (default)." echo "Enter 'n' to disable TCP/IP remote management." echo printf "Enter the letter 'y' or 'n': " # Obtain user selection for OneCommand Manager client read only mode of operation read enable_tcpip_operation if [ "$enable_tcpip_operation" = "N" ] || [ "$enable_tcpip_operation" = "n" ]; then enable_tcpip_operation="n" socket_port_value="0" echo "You selected: disable TCP/IP remote management " stay_in_loop=0; elif [ "$enable_tcpip_operation" = "Y" ] || [ "$enable_tcpip_operation" = "y" ]; then enable_tcpip_operation="y" echo "You selected: enable TCP/IP remote management " stay_in_loop=0; else echo "Invalid Selection " fi done } question_tcp_port_number() { stay_in_loop=1 while [ $stay_in_loop -eq 1 ] do echo "" printf "Enter TCP/IP port number to use or blank for default (23333): " # Obtain user selection for OneCommand Manager tcp port number read socket_port_value if [ "$socket_port_value" = "" ];then stay_in_loop=0; socket_port_value="23333" fi # verify user did not enter any non-digit in integer string test_value=`echo $socket_port_value | tr -d "0123456789"` if [ "$test_value" == "" ];then if [ $((socket_port_value)) -ge 1024 ];then if [ $((socket_port_value)) -le 65536 ];then stay_in_loop=0; fi fi fi if [ $stay_in_loop -eq 1 ];then echo "Invalid entry; valid port number must be decimal integer value > 1024 and < 65536 " fi done } question_management_host_address() { stay_in_loop=1 while [ $stay_in_loop -eq 1 ] do echo "" printf "Enter management host address (blank for none): " # Obtain user selection for OneCommand Manager remote IP address or host name read management_host_address if [ "$management_host_address" = "" ];then stay_in_loop=0; management_host_address="" else # call verification script # -1 = no address argument # 0 = good address # 1 = bad address # 2 = local host # 3 = host name not found if [ $is_fhs_build -eq 1 ]; then /${INSTALL_DIR}/bin/elxchkaddr $management_host_address else /${INSTALL_DIR}/elxchkaddr $management_host_address fi return_status=$? if [ $return_status -eq 0 ]; then stay_in_loop=0; # good address else if [ $return_status -eq 1 ]; then echo "Host address $management_host_address appears to be an invalid IP address or host name." echo "Please correct address and re-enter.\n" else if [ $return_status -eq 2 ]; then echo "Host address $management_host_address appears to be the local host address." echo "Address should be address of remote machine." echo "Please re-enter using remote address or hostname." else if [ $return_status -eq 3 ]; then stay_in_loop2=1 while [ $stay_in_loop2 -eq 1 ] do echo "" echo "Host name $management_host_address not found." echo "Do you want to use this host name anyway? (Y/N)" echo printf "Enter the letter 'y' or 'n': " # Obtain user selection read user_input if [ "$user_input" = "N" ] || [ "$user_input" = "n" ]; then stay_in_loop2=0 elif [ "$user_input" = "Y" ] || [ "$user_input" = "y" ]; then echo "You selected host name $management_host_address " stay_in_loop2=0 stay_in_loop=0 else echo "Invalid Selection, enter either 'y' or 'n'." fi done else echo "Host address $management_host_address appears to be an invalid IP address or host name." echo "Please correct address and re-enter.\n" fi fi fi fi fi done } question_exclusive_host() { stay_in_loop=1 while [ $stay_in_loop -eq 1 ] do echo "" echo "" echo "Exclude management of this host from any other host" echo "(other than management host) (y/n)?" echo "" echo "Enter 'y' to limit remote management to ONLY the management host (default)." echo "Enter 'n' to allow other remote hosts to manage this host" echo " in addition to the management host." echo printf "Enter the letter 'y' or 'n': " # Obtain user selection for OneCommand Manager exclusive remote oob management read management_host_is_exclusive if [ "$management_host_is_exclusive" = "N" ] || [ "$management_host_is_exclusive" = "n" ]; then management_host_is_exclusive="n" echo "You selected: no exclusive host management " stay_in_loop=0; elif [ "$management_host_is_exclusive" = "Y" ] || [ "$management_host_is_exclusive" = "y" ]; then management_host_is_exclusive="y" echo "You selected: exclusive host management " stay_in_loop=0; else echo "Invalid Selection " fi done } question_secure_management_mode() { stay_in_loop=1 while [ $stay_in_loop -eq 1 ] do echo "" echo "Do you want to enable Secure Management feature for OneCommand? (s/u)" echo "" echo "The secure management feature requires OneCommand groups be configured on" echo "the LDAP network or the local host machine to provide for OneCommand operation." echo "" echo "Enter 's' to select secure management. (LDAP/NIS OCM group configuration required)" echo "Enter 'u' to run without secure management (default). " echo printf "Enter the letter 's' or 'u': " # Obtain user selection for OneCommand Manager client read only mode of operation read secure_management_mode if [ "$secure_management_mode" = "U" ] || [ "$secure_management_mode" = "u" ]; then secure_management_mode="u" echo "You selected: Secure Management Disabled" stay_in_loop=0; elif [ "$secure_management_mode" = "S" ] || [ "$secure_management_mode" = "s" ]; then secure_management_mode="s" echo "You selected: Secure Management Enabled" stay_in_loop=0; else echo "Invalid Selection " fi done } question_management_mode() { stay_in_loop=1 while [ $stay_in_loop -eq 1 ] do echo echo "Select desired mode of operation for OneCommand Manager" echo echo " 1 Strictly Local Management : Only manage the adapters on this host." echo " Management of adapters on this host from other" echo " hosts is not allowed." echo " 2 Local Management Plus : Only manage the adapters on this host." echo " Management of adapters on this host from other" echo " hosts is allowed." echo " 3 Full Management : Manage the adapters on this host and other" echo " hosts that allow it. Management of the adapters" echo " on this host from another host is allowed." echo " 4 Management Host : Manage the adapters on this host and other hosts" echo " that allow it. Management of the adapters on" echo " this host from another host is not allowed." echo printf "Enter the number 1, 2, 3, or 4: " # Obtain user selection for OneCommand Manager mode of operation read mode_of_operation if [ "$mode_of_operation" = "1" ];then echo "You selected: 'Local Only Mode' " # echo "(CNAs on this Platform can be managed by OneCommand apps on this Platform Only)" # On Linux: # Starting elxdiscoveryd at boot time is controlled by # chkconfig now. Previously, this was controlled # by /etc/emulexDiscConf. # By default, elxdiscoveryd does not start at time. # Turn off discovery daemon if [ "$platform_os" = "Linux" ];then disable_elxdisco else if [ "$platform_os" = "SunOS" ];then # Permanently disable the elxdiscoveryd daemon (until re-enabled by the user) svcadm disable svc:/application/elxdiscoveryd:default > /dev/null 2>&1 # Permanently disable the elxhbamgr daemon (until re-enabled by the user) # svcadm disable svc:/application/elxhbamgrd:default > /dev/null 2>&1 fi fi stay_in_loop=0 else if [ "$mode_of_operation" = "2" ];then echo "You selected: 'Managed-only Mode' " question_enable_tcpip if [ "$enable_tcpip_operation" = "y" ]; then question_management_host_address if [ "$management_host_address" != "" ];then question_exclusive_host fi question_tcp_port_number fi # On Linux: # Starting elxdiscoveryd at boot time is controlled by # chkconfig now. Previously, this was controlled # by /etc/emulexDiscConf. # By default, elxdiscoveryd does not start at time. # Turn off discovery daemon if [ "$platform_os" = "Linux" ];then disable_elxdisco else if [ "$platform_os" = "SunOS" ];then # Permanently disable the elxdiscoveryd daemon (until re-enabled by the user) svcadm disable svc:/application/elxdiscoveryd:default > /dev/null 2>&1 fi fi # Turn on rmserver daemon if [ "$platform_os" = "Linux" ];then enable_elxhbamgr else if [ "$platform_os" = "SunOS" ];then # Permanently enable the elxhbamgrd daemon so that it initializes at boot svcadm enable svc:/application/elxhbamgrd:default > /dev/null 2>&1 fi fi stay_in_loop=0 else if [ "$mode_of_operation" = "3" ];then echo "You selected: 'Remote Mode' " question_enable_tcpip if [ "$enable_tcpip_operation" = "y" ]; then question_management_host_address if [ "$management_host_address" != "" ];then question_exclusive_host fi question_tcp_port_number fi # On Linux: # Starting elxdiscoveryd at boot time is controlled by # chkconfig now. Previously, this was controlled # by /etc/emulexDiscConf. # By default, elxdiscoveryd does not start at time. # Turn on discovery daemonaddress if [ "$platform_os" = "SunOS" ];then # Temporarily enable the elxdiscoveryd daemon (until the next reboot) # To have it start at boot, /etc/emulexDiscConfig needs to be modified, # which is done below. svcadm enable -t svc:/application/elxdiscoveryd:default > /dev/null 2>&1 fi # current design has discovery daemon starting by 1st running of application # unless AUTOSTART entry in /etc/emulexDiscConf is true # /${INSTALL_DIR}/start_elxdiscovery & # Turn on rmserver daemon if [ "$platform_os" = "Linux" ];then enable_elxhbamgr else if [ "$platform_os" = "SunOS" ];then # Permanently enable the elxhbamgrd daemon so that it initializes at boot svcadm enable svc:/application/elxhbamgrd:default > /dev/null 2>&1 fi fi stay_in_loop=0 else if [ "$mode_of_operation" = "4" ];then echo "You selected this host as a: 'Management Host' " management_host_mode="y" question_tcp_port_number # On Linux: # Starting elxdiscoveryd at boot time is controlled by # chkconfig now. Previously, this was controlled # by /${CONF_DIR}/emulexDiscConf. # By default, elxdiscoveryd does not start at time. # Turn on discovery daemonaddress if [ "$platform_os" = "SunOS" ];then # Temporarily enable the elxdiscoveryd daemon (until the next reboot) # To have it start at boot, /etc/emulexDiscConfig needs to be modified, # which is done below. svcadm enable -t svc:/application/elxdiscoveryd:default > /dev/null 2>&1 fi # current design has discovery daemon starting by 1st running of application # unless AUTOSTART entry in /etc/emulexDiscConf is true # /${INSTALL_DIR}/start_elxdiscovery & # Turn on rmserver daemon if [ "$platform_os" = "Linux" ];then enable_elxhbamgr else if [ "$platform_os" = "SunOS" ];then # Permanently enable the elxhbamgrd daemon so that it initializes at boot svcadm enable svc:/application/elxhbamgrd:default > /dev/null 2>&1 fi fi stay_in_loop=0 else stay_in_loop=1 echo echo "Invalid Entry" echo "Must Enter either '1', '2', '3' or '4'" fi fi fi fi done } question_read_only() { stay_in_loop=1 while [ $stay_in_loop -eq 1 ] do echo "" echo "Would you like to enable configuration features for OneCommand" echo "Manager clients on this platform?" echo "" echo "Enter 'y' to allow configuration (default)." echo "Enter 'n' for read-only mode. " echo printf "Enter the letter 'y' or 'n': " # Obtain user selection for OneCommand Manager client read only mode of operation read read_only_mode_of_operation if [ "$read_only_mode_of_operation" = "N" ] || [ "$read_only_mode_of_operation" = "n" ]; then read_only_mode_of_operation="y" echo "You selected: Read Only mode " stay_in_loop=0; elif [ "$read_only_mode_of_operation" = "Y" ] || [ "$read_only_mode_of_operation" = "y" ]; then read_only_mode_of_operation="n" echo "You selected: Yes, enable configuration" stay_in_loop=0; else echo "Invalid Selection " fi done } question_change_management_mode() { # obtain user selection for change mode permission stay_in_loop=1 while [ $stay_in_loop -eq 1 ] do echo "" echo "Do you want to allow user to change management mode using" if [ $is_fhs_build -eq 1 ]; then echo "set_operating_mode script located in /${INSTALL_DIR}/scripts ?" else echo "set_operating_mode script located in /${INSTALL_DIR} ?" fi echo "" printf "Enter the letter 'y' if yes, or 'n' if no: " # Obtain user selection for OneCommand Manager mode of operation read change_mode_of_operation if [ "$change_mode_of_operation" = "y" ] || [ "$change_mode_of_operation" = "Y" ];then echo "You selected: Yes " stay_in_loop=0; fi if [ "$change_mode_of_operation" = "n" ] || [ "$change_mode_of_operation" = "N" ];then echo "You selected: No " stay_in_loop=0; fi if [ $stay_in_loop -eq 1 ];then echo "Invalid Selection " fi done } add_group_privileges_ufs() { # Some files may or may not exist yet. Create them so we can set the privileges. touch /${INSTALL_DIR}/rm.log touch /${INSTALL_DIR}/cnaboardmgmt.log touch /etc/emulexRMPref setfacl -r -m g:ocmadmin:rwx /${INSTALL_DIR} > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:rwx /${INSTALL_DIR} > /dev/null 2>&1 setfacl -r -m g:ocmuser:rwx /${INSTALL_DIR} > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:rwx /${INSTALL_DIR} > /dev/null 2>&1 setfacl -r -m g:ocmadmin:r-x /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:r-x /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 setfacl -r -m g:ocmuser:r-x /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:r-x /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 setfacl -r -m g:ocmadmin:rw- /${INSTALL_DIR}/rm.log > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:rw- /${INSTALL_DIR}/rm.log > /dev/null 2>&1 setfacl -r -m g:ocmuser:rw- /${INSTALL_DIR}/rm.log > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:rw- /${INSTALL_DIR}/rm.log > /dev/null 2>&1 setfacl -r -m g:ocmadmin:rw- /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:rw- /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 setfacl -r -m g:ocmuser:rw- /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:rw- /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 # If RMRepository doesn't exist yet, create it so we can ensure that # the proper privileges are set. if [ ! -d /${INSTALL_DIR}/RMRepository ]; then mkdir -p /${INSTALL_DIR}/RMRepository fi setfacl -r -m g:ocmadmin:rwx /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:rwx /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 setfacl -r -m g:ocmuser:rwx /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:rwx /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 # If misc directory doesn't exist yet, create it so we can ensure that # the proper privileges are set. if [ ! -d /${INSTALL_DIR}/misc ]; then mkdir -p /${INSTALL_DIR}/misc fi setfacl -r -m g:ocmadmin:r-x /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:r-x /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -r -m g:ocmuser:r-x /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:r-x /${INSTALL_DIR}/misc > /dev/null 2>&1 # bugzill 125989 if [ ! -r /${INSTALL_DIR}/misc/lockFile.sem ]; then touch /${INSTALL_DIR}/misc/lockFile.sem fi setfacl -r -m g:ocmadmin:rw- /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:rw- /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -r -m g:ocmuser:rw- /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:rw- /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 # bugzill 134308 if [ ! -r /${INSTALL_DIR}/misc/hbahost_lock.sem ]; then touch /${INSTALL_DIR}/misc/hbahost_lock.sem fi setfacl -r -m g:ocmadmin:rw- /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:rw- /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -r -m g:ocmuser:rw- /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:rw- /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 # If Dump doesn't exist yet, create it so we can ensure that # the proper privileges are set. if [ ! -d /${INSTALL_DIR}/Dump ]; then mkdir -p /${INSTALL_DIR}/Dump fi setfacl -r -m g:ocmadmin:rwx /${INSTALL_DIR}/Dump > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:rwx /${INSTALL_DIR}/Dump > /dev/null 2>&1 setfacl -r -m g:ocmuser:rwx /${INSTALL_DIR}/Dump > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:rwx /${INSTALL_DIR}/Dump > /dev/null 2>&1 setfacl -r -m g:ocmadmin:rw- /etc/emulexDiscConfig > /dev/null 2>&1 setfacl -r -m g:ocmadmin:rw- /etc/emulexRMConfig > /dev/null 2>&1 setfacl -r -m g:ocmadmin:rw- /etc/emulexRMOptions > /dev/null 2>&1 setfacl -r -m g:ocmadmin:rw- /etc/emulexRMPref > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:rw- /etc/emulexDiscConfig > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:rw- /etc/emulexRMConfig > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:rw- /etc/emulexRMOptions > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:rw- /etc/emulexRMPref > /dev/null 2>&1 setfacl -r -m g:ocmuser:rw- /etc/emulexDiscConfig > /dev/null 2>&1 setfacl -r -m g:ocmuser:rw- /etc/emulexRMConfig > /dev/null 2>&1 setfacl -r -m g:ocmuser:rw- /etc/emulexRMOptions > /dev/null 2>&1 setfacl -r -m g:ocmuser:rw- /etc/emulexRMPref > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:rw- /etc/emulexDiscConfig > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:rw- /etc/emulexRMConfig > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:rw- /etc/emulexRMOptions > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:rw- /etc/emulexRMPref > /dev/null 2>&1 setfacl -r -m g:ocmadmin:r-x /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 setfacl -r -m g:ocmlocaladmin:r-x /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 setfacl -r -m g:ocmuser:r-x /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 setfacl -r -m g:ocmlocaluser:r-x /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 # Recursively set privileges to all files and subdirectories in opt/ELXocm/jre. find /${INSTALL_DIR}/jre -exec setfacl -r -m g:ocmadmin:r-x > /dev/null 2>&1 {} \; find /${INSTALL_DIR}/jre -exec setfacl -r -m g:ocmlocaladmin:r-x > /dev/null 2>&1 {} \; find /${INSTALL_DIR}/jre -exec setfacl -r -m g:ocmuser:r-x > /dev/null 2>&1 {} \; find /${INSTALL_DIR}/jre -exec setfacl -r -m g:ocmlocaluser:r-x > /dev/null 2>&1 {} \; # If config doesn't exist yet, create it so we can ensure that # the proper privileges are set. if [ ! -d /${INSTALL_DIR}/config ]; then mkdir -p /${INSTALL_DIR}/config fi # Recursively set privileges to all files and subdirectories in opt/ELXocm/config. find /${INSTALL_DIR}/config -exec setfacl -r -m g:ocmadmin:rwx > /dev/null 2>&1 {} \; find /${INSTALL_DIR}/config -exec setfacl -r -m g:ocmlocaladmin:rwx > /dev/null 2>&1 {} \; find /${INSTALL_DIR}/config -exec setfacl -r -m g:ocmuser:rwx > /dev/null 2>&1 {} \; find /${INSTALL_DIR}/config -exec setfacl -r -m g:ocmlocaluser:rwx > /dev/null 2>&1 {} \; } remove_group_privileges_ufs() { setfacl -d g:ocmadmin: /${INSTALL_DIR} > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /${INSTALL_DIR} > /dev/null 2>&1 setfacl -d g:ocmuser: /${INSTALL_DIR} > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /${INSTALL_DIR} > /dev/null 2>&1 setfacl -d g:ocmadmin: /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 setfacl -d g:ocmuser: /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 setfacl -d g:ocmadmin: /${INSTALL_DIR}/rm.log > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /${INSTALL_DIR}/rm.log > /dev/null 2>&1 setfacl -d g:ocmuser: /${INSTALL_DIR}/rm.log > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /${INSTALL_DIR}/rm.log > /dev/null 2>&1 setfacl -d g:ocmadmin: /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 setfacl -d g:ocmuser: /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 setfacl -d g:ocmadmin: /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 setfacl -d g:ocmuser: /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 setfacl -d g:ocmadmin: /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -d g:ocmuser: /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -d g:ocmadmin: /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -d g:ocmuser: /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -d g:ocmadmin: /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -d g:ocmuser: /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -d g:ocmadmin: /${INSTALL_DIR}/Dump > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /${INSTALL_DIR}/Dump > /dev/null 2>&1 setfacl -d g:ocmuser: /${INSTALL_DIR}/Dump > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /${INSTALL_DIR}/Dump > /dev/null 2>&1 setfacl -d g:ocmadmin: /etc/emulexDiscConfig > /dev/null 2>&1 setfacl -d g:ocmadmin: /etc/emulexRMConfig > /dev/null 2>&1 setfacl -d g:ocmadmin: /etc/emulexRMOptions > /dev/null 2>&1 setfacl -d g:ocmadmin: /etc/emulexRMPref > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /etc/emulexDiscConfig > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /etc/emulexRMConfig > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /etc/emulexRMOptions > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /etc/emulexRMPref > /dev/null 2>&1 setfacl -d g:ocmuser: /etc/emulexDiscConfig > /dev/null 2>&1 setfacl -d g:ocmuser: /etc/emulexRMConfig > /dev/null 2>&1 setfacl -d g:ocmuser: /etc/emulexRMOptions > /dev/null 2>&1 setfacl -d g:ocmuser: /etc/emulexRMPref > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /etc/emulexDiscConfig > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /etc/emulexRMConfig > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /etc/emulexRMOptions > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /etc/emulexRMPref > /dev/null 2>&1 setfacl -d g:ocmadmin: /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 setfacl -d g:ocmlocaladmin: /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 setfacl -d g:ocmuser: /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 setfacl -d g:ocmlocaluser: /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 # Recursively set privileges to all files and subdirectories in opt/ELXocm/jre. find /${INSTALL_DIR}/jre -exec setfacl -d g:ocmadmin: > /dev/null 2>&1 {} \; find /${INSTALL_DIR}/jre -exec setfacl -d g:ocmlocaladmin: > /dev/null 2>&1 {} \; find /${INSTALL_DIR}/jre -exec setfacl -d g:ocmuser: > /dev/null 2>&1 {} \; find /${INSTALL_DIR}/jre -exec setfacl -d g:ocmlocaluser: > /dev/null 2>&1 {} \; # Recursively set privileges to all files and subdirectories in opt/ELXocm/config. find /${INSTALL_DIR}/config -exec setfacl -d g:ocmadmin: > /dev/null 2>&1 {} \; find /${INSTALL_DIR}/config -exec setfacl -d g:ocmlocaladmin: > /dev/null 2>&1 {} \; find /${INSTALL_DIR}/config -exec setfacl -d g:ocmuser: > /dev/null 2>&1 {} \; find /${INSTALL_DIR}/config -exec setfacl -d g:ocmlocaluser: > /dev/null 2>&1 {} \; } add_group_privileges_zfs() { # Some files may or may not exist yet. Create them so we can set the privileges. touch /${INSTALL_DIR}/rm.log touch /${INSTALL_DIR}/cnaboardmgmt.log touch /etc/emulexRMPref /usr/bin/chmod A+group:ocmadmin:rwx:allow /${INSTALL_DIR} > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaladmin:rwx:allow /${INSTALL_DIR} > /dev/null 2>&1 /usr/bin/chmod A+group:ocmuser:rwx:allow /${INSTALL_DIR} > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaluser:rwx:allow /${INSTALL_DIR} > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rx:allow /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaladmin:rx:allow /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 /usr/bin/chmod A+group:ocmuser:rx:allow /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaluser:rx:allow /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rw:allow /${INSTALL_DIR}/rm.log > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaladmin:rw:allow /${INSTALL_DIR}/rm.log > /dev/null 2>&1 /usr/bin/chmod A+group:ocmuser:rw:allow /${INSTALL_DIR}/rm.log > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaluser:rw:allow /${INSTALL_DIR}/rm.log > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rw:allow /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaladmin:rw:allow /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 /usr/bin/chmod A+group:ocmuser:rw:allow /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaluser:rw:allow /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 # If RMRepository doesn't exist yet, create it so we can ensure that # the proper privileges are set. if [ ! -d /${INSTALL_DIR}/RMRepository ]; then mkdir -p /${INSTALL_DIR}/RMRepository fi /usr/bin/chmod A+group:ocmadmin:rwx:allow /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaladmin:rwx:allow /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 /usr/bin/chmod A+group:ocmuser:rwx:allow /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaluser:rwx:allow /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 # If misc directory doesn't exist yet, create it so we can ensure that # the proper privileges are set. if [ ! -d /${INSTALL_DIR}/misc ]; then mkdir -p /${INSTALL_DIR}/misc fi /usr/bin/chmod A+group:ocmadmin:rx:allow /${INSTALL_DIR}/misc > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rx:allow /${INSTALL_DIR}/misc > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rx:allow /${INSTALL_DIR}/misc > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rx:allow /${INSTALL_DIR}/misc > /dev/null 2>&1 # bugzill 125989 if [ ! -r /${INSTALL_DIR}/misc/lockFile.sem ]; then touch /${INSTALL_DIR}/misc/lockFile.sem fi /usr/bin/chmod A+group:ocmadmin:rw:allow /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rw:allow /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rw:allow /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rw:allow /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 # bugzill 134308 if [ ! -r /${INSTALL_DIR}/misc/hbahost_lock.sem ]; then touch /${INSTALL_DIR}/misc/hbahost_lock.sem fi /usr/bin/chmod A+group:ocmadmin:rw:allow /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rw:allow /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rw:allow /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rw:allow /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 # If Dump doesn't exist yet, create it so we can ensure that # the proper privileges are set. if [ ! -d /${INSTALL_DIR}/Dump ]; then mkdir -p /${INSTALL_DIR}/Dump fi /usr/bin/chmod A+group:ocmadmin:rwx:allow /${INSTALL_DIR}/Dump > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaladmin:rwx:allow /${INSTALL_DIR}/Dump > /dev/null 2>&1 /usr/bin/chmod A+group:ocmuser:rwx:allow /${INSTALL_DIR}/Dump > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaluser:rwx:allow /${INSTALL_DIR}/Dump > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rw:allow /etc/emulexDiscConfig > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rw:allow /etc/emulexRMConfig > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rw:allow /etc/emulexRMOptions > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rw:allow /etc/emulexRMPref > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaladmin:rw:allow /etc/emulexDiscConfig > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaladmin:rw:allow /etc/emulexRMConfig > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaladmin:rw:allow /etc/emulexRMOptions > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaladmin:rw:allow /etc/emulexRMPref > /dev/null 2>&1 /usr/bin/chmod A+group:ocmuser:rw:allow /etc/emulexDiscConfig > /dev/null 2>&1 /usr/bin/chmod A+group:ocmuser:rw:allow /etc/emulexRMConfig > /dev/null 2>&1 /usr/bin/chmod A+group:ocmuser:rw:allow /etc/emulexRMOptions > /dev/null 2>&1 /usr/bin/chmod A+group:ocmuser:rw:allow /etc/emulexRMPref > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaluser:rw:allow /etc/emulexDiscConfig > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaluser:rw:allow /etc/emulexRMConfig > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaluser:rw:allow /etc/emulexRMOptions > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaluser:rw:allow /etc/emulexRMPref > /dev/null 2>&1 /usr/bin/chmod A+group:ocmadmin:rx:allow /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaladmin:rx:allow /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 /usr/bin/chmod A+group:ocmuser:rx:allow /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 /usr/bin/chmod A+group:ocmlocaluser:rx:allow /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 /usr/bin/chmod -R A+group:ocmadmin:rx:allow /${INSTALL_DIR}/jre > /dev/null 2>&1 /usr/bin/chmod -R A+group:ocmlocaladmin:rx:allow /${INSTALL_DIR}/jre > /dev/null 2>&1 /usr/bin/chmod -R A+group:ocmuser:rx:allow /${INSTALL_DIR}/jre > /dev/null 2>&1 /usr/bin/chmod -R A+group:ocmlocaluser:rx:allow /${INSTALL_DIR}/jre > /dev/null 2>&1 # If config doesn't exist yet, create it so we can ensure that # the proper privileges are set. if [ ! -d /${INSTALL_DIR}/config ]; then mkdir -p /${INSTALL_DIR}/config fi /usr/bin/chmod -R A+group:ocmadmin:rw:allow /${INSTALL_DIR}/config > /dev/null 2>&1 /usr/bin/chmod -R A+group:ocmlocaladmin:rw:allow /${INSTALL_DIR}/config > /dev/null 2>&1 /usr/bin/chmod -R A+group:ocmuser:rw:allow /${INSTALL_DIR}/config > /dev/null 2>&1 /usr/bin/chmod -R A+group:ocmlocaluser:rw:allow /${INSTALL_DIR}/config > /dev/null 2>&1 } remove_group_privileges_zfs() { /usr/bin/chmod -f A- /${INSTALL_DIR} > /dev/null 2>&1 /usr/bin/chmod -f A- /${INSTALL_DIR}/hbacmd > /dev/null 2>&1 /usr/bin/chmod -f A- /${INSTALL_DIR}/rm.log > /dev/null 2>&1 /usr/bin/chmod -f A- /${INSTALL_DIR}/cnaboardmgmt.log > /dev/null 2>&1 /usr/bin/chmod -f A- /${INSTALL_DIR}/RMRepository > /dev/null 2>&1 /usr/bin/chmod -f A- /${INSTALL_DIR}/misc > /dev/null 2>&1 /usr/bin/chmod -f A- /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 /usr/bin/chmod -f A- /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 /usr/bin/chmod -f A- /${INSTALL_DIR}/Dump > /dev/null 2>&1 /usr/bin/chmod -f A- /etc/emulexRMPref > /dev/null 2>&1 /usr/bin/chmod -f A- /etc/emulexRMPref > /dev/null 2>&1 /usr/bin/chmod -f A- /etc/emulexRMPref > /dev/null 2>&1 /usr/bin/chmod -f A- /etc/emulexRMPref > /dev/null 2>&1 /usr/bin/chmod -f A- /${INSTALL_DIR}/ocmanager > /dev/null 2>&1 /usr/bin/chmod -fR A- /${INSTALL_DIR}/jre > /dev/null 2>&1 /usr/bin/chmod -fR A- /${INSTALL_DIR}/config > /dev/null 2>&1 } add_group_privileges_linux() { # Some files may or may not exist yet. Create them so we can set the privileges. // This file should not be here! touch /etc/emulexRMPref setfacl -m g:ocmadmin:rwx /${INSTALL_DIR} setfacl -m g:ocmlocaladmin:rwx /${INSTALL_DIR} setfacl -m g:ocmuser:rwx /${INSTALL_DIR} setfacl -m g:ocmlocaluser:rwx /${INSTALL_DIR} setfacl -m g:ocmadmin:rx /${INSTALL_DIR}/hbacmd setfacl -m g:ocmlocaladmin:rx /${INSTALL_DIR}/hbacmd setfacl -m g:ocmuser:rx /${INSTALL_DIR}/hbacmd setfacl -m g:ocmlocaluser:rx /${INSTALL_DIR}/hbacmd setfacl -m g:ocmadmin:rx /${INSTALL_DIR}/convert_conf_file setfacl -m g:ocmlocaladmin:rx /${INSTALL_DIR}/convert_conf_file setfacl -m g:ocmuser:rx /${INSTALL_DIR}/convert_conf_file setfacl -m g:ocmlocaluser:rx /${INSTALL_DIR}/convert_conf_file setfacl -m g:ocmadmin:rwx /${INSTALL_DIR}/RMRepository setfacl -m g:ocmlocaladmin:rwx /${INSTALL_DIR}/RMRepository setfacl -m g:ocmuser:rwx /${INSTALL_DIR}/RMRepository setfacl -m g:ocmlocaluser:rwx /${INSTALL_DIR}/RMRepository # [Bug 151562] - Update OCM to comply with FHS setfacl -m g:ocmadmin:rw /${CONF_DIR}/rm.conf setfacl -m g:ocmlocaladmin:rw /${CONF_DIR}/rm.conf setfacl -m g:ocmuser:rw /${CONF_DIR}/rm.conf setfacl -m g:ocmlocaluser:rw /${CONF_DIR}/rm.conf setfacl -m g:ocmadmin:rw /${LOG_DIR}/cnaboardmgmt.log setfacl -m g:ocmlocaladmin:rw /${LOG_DIR}/cnaboardmgmt.log setfacl -m g:ocmuser:rw /${LOG_DIR}/cnaboardmgmt.log setfacl -m g:ocmlocaluser:rw /${LOG_DIR}/cnaboardmgmt.log setfacl -R -m g:ocmadmin:rwx /${DUMP_DIR} setfacl -R -m g:ocmlocaladmin:rwx /${DUMP_DIR} setfacl -R -m g:ocmuser:rwx /${DUMP_DIR} setfacl -R -m g:ocmlocaluser:rwx /${DUMP_DIR} setfacl -m g:ocmadmin:rw /${LOG_DIR}/featuremgmt.log setfacl -m g:ocmlocaladmin:rw /${LOG_DIR}/featuremgmt.log setfacl -m g:ocmuser:rw /${LOG_DIR}/featuremgmt.log setfacl -m g:ocmlocaluser:rw /${LOG_DIR}/featuremgmt.log setfacl -m g:ocmadmin:rw /${LOG_DIR}/rm.log setfacl -m g:ocmlocaladmin:rw /${LOG_DIR}/rm.log setfacl -m g:ocmuser:rw /${LOG_DIR}/rm.log setfacl -m g:ocmlocaluser:rw /${LOG_DIR}/rm.log setfacl -m g:ocmadmin:rw /${LOG_DIR}/wwnmgmt.log setfacl -m g:ocmlocaladmin:rw /${LOG_DIR}/wwnmgmt.log setfacl -m g:ocmuser:rw /${LOG_DIR}/wwnmgmt.log setfacl -m g:ocmlocaluser:rw /${LOG_DIR}/wwnmgmt.log # If misc directory doesn't exist yet, create it so we can ensure that # the proper privileges are set. if [ ! -d /${INSTALL_DIR}/misc ]; then mkdir -p /${INSTALL_DIR}/misc fi setfacl -m g:ocmadmin:rx /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -m g:ocmlocaladmin:rx /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -m g:ocmuser:rx /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -m g:ocmlocaluser:rx /${INSTALL_DIR}/misc > /dev/null 2>&1 # bugzill 133450 if [ ! -r /${INSTALL_DIR}/misc/lockFile.sem ]; then touch /${INSTALL_DIR}/misc/lockFile.sem fi setfacl -m g:ocmadmin:rw /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -m g:ocmlocaladmin:rw /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -m g:ocmuser:rw /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -m g:ocmlocaluser:rw /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 # bugzill 134308 if [ ! -r /${INSTALL_DIR}/misc/hbahost_lock.sem ]; then touch /${INSTALL_DIR}/misc/hbahost_lock.sem fi setfacl -m g:ocmadmin:rw /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -m g:ocmlocaladmin:rw /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -m g:ocmuser:rw /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -m g:ocmlocaluser:rw /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -m g:ocmadmin:rw /etc/emulexDiscConfig setfacl -m g:ocmadmin:rw /etc/emulexRMConfig setfacl -m g:ocmadmin:rw /etc/emulexRMOptions setfacl -m g:ocmadmin:rw /etc/emulexRMPref setfacl -m g:ocmlocaladmin:rw /etc/emulexDiscConfig setfacl -m g:ocmlocaladmin:rw /etc/emulexRMConfig setfacl -m g:ocmlocaladmin:rw /etc/emulexRMOptions setfacl -m g:ocmlocaladmin:rw /etc/emulexRMPref setfacl -m g:ocmuser:rw /etc/emulexDiscConfig setfacl -m g:ocmuser:rw /etc/emulexRMConfig setfacl -m g:ocmuser:rw /etc/emulexRMOptions setfacl -m g:ocmuser:rw /etc/emulexRMPref setfacl -m g:ocmlocaluser:rw /etc/emulexDiscConfig setfacl -m g:ocmlocaluser:rw /etc/emulexRMConfig setfacl -m g:ocmlocaluser:rw /etc/emulexRMOptions setfacl -m g:ocmlocaluser:rw /etc/emulexRMPref if [ -r /${INSTALL_DIR}/ocmanager ]; then setfacl -m g:ocmadmin:rx /${INSTALL_DIR}/ocmanager setfacl -m g:ocmlocaladmin:rx /${INSTALL_DIR}/ocmanager setfacl -m g:ocmuser:rx /${INSTALL_DIR}/ocmanager setfacl -m g:ocmlocaluser:rx /${INSTALL_DIR}/ocmanager fi if [ -d /${INSTALL_DIR}/jre ]; then setfacl -R -m g:ocmadmin:rx /${INSTALL_DIR}/jre setfacl -R -m g:ocmlocaladmin:rx /${INSTALL_DIR}/jre setfacl -R -m g:ocmuser:rx /${INSTALL_DIR}/jre setfacl -R -m g:ocmlocaluser:rx /${INSTALL_DIR}/jre fi if [ -d /${INSTALL_DIR}/config ]; then setfacl -m g:ocmadmin:rwx /${INSTALL_DIR}/config setfacl -m g:ocmlocaladmin:rwx /${INSTALL_DIR}/config setfacl -m g:ocmuser:rwx /${INSTALL_DIR}/config setfacl -m g:ocmlocaluser:rwx /${INSTALL_DIR}/config setfacl -m g:ocmadmin:rw /${INSTALL_DIR}/config/* setfacl -m g:ocmlocaladmin:rw /${INSTALL_DIR}/config/* setfacl -m g:ocmuser:rw /${INSTALL_DIR}/config/* setfacl -m g:ocmlocaluser:rw /${INSTALL_DIR}/config/* fi } add_group_privileges_linux_fhs() { # Some files may or may not exist yet. Create them so we can set the privileges. #This file should not be here! touch /${CONF_DIR}/emulexRMPref setfacl -m g:ocmadmin:rwx /${INSTALL_DIR} setfacl -m g:ocmlocaladmin:rwx /${INSTALL_DIR} setfacl -m g:ocmuser:rwx /${INSTALL_DIR} setfacl -m g:ocmlocaluser:rwx /${INSTALL_DIR} setfacl -m g:ocmadmin:rx /${INSTALL_DIR}/bin/hbacmd setfacl -m g:ocmlocaladmin:rx /${INSTALL_DIR}/bin/hbacmd setfacl -m g:ocmuser:rx /${INSTALL_DIR}/bin/hbacmd setfacl -m g:ocmlocaluser:rx /${INSTALL_DIR}/bin/hbacmd setfacl -m g:ocmadmin:rx /${INSTALL_DIR}/scripts/convert_conf_file.sh setfacl -m g:ocmlocaladmin:rx /${INSTALL_DIR}/scripts/convert_conf_file.sh setfacl -m g:ocmuser:rx /${INSTALL_DIR}/scripts/convert_conf_file.sh setfacl -m g:ocmlocaluser:rx /${INSTALL_DIR}/scripts/convert_conf_file.sh setfacl -m g:ocmadmin:rwx /${INSTALL_DIR}/RMRepository setfacl -m g:ocmlocaladmin:rwx /${INSTALL_DIR}/RMRepository setfacl -m g:ocmuser:rwx /${INSTALL_DIR}/RMRepository setfacl -m g:ocmlocaluser:rwx /${INSTALL_DIR}/RMRepository # [Bug 151562] - Update OCM to comply with FHS setfacl -m g:ocmadmin:rw /${CONF_DIR}/rm.conf setfacl -m g:ocmlocaladmin:rw /${CONF_DIR}/rm.conf setfacl -m g:ocmuser:rw /${CONF_DIR}/rm.conf setfacl -m g:ocmlocaluser:rw /${CONF_DIR}/rm.conf setfacl -m g:ocmadmin:rw /${LOG_DIR}/cnaboardmgmt.log setfacl -m g:ocmlocaladmin:rw /${LOG_DIR}/cnaboardmgmt.log setfacl -m g:ocmuser:rw /${LOG_DIR}/cnaboardmgmt.log setfacl -m g:ocmlocaluser:rw /${LOG_DIR}/cnaboardmgmt.log setfacl -R -m g:ocmadmin:rwx /${DUMP_DIR} setfacl -R -m g:ocmlocaladmin:rwx /${DUMP_DIR} setfacl -R -m g:ocmuser:rwx /${DUMP_DIR} setfacl -R -m g:ocmlocaluser:rwx /${DUMP_DIR} setfacl -m g:ocmadmin:rw /${LOG_DIR}/featuremgmt.log setfacl -m g:ocmlocaladmin:rw /${LOG_DIR}/featuremgmt.log setfacl -m g:ocmuser:rw /${LOG_DIR}/featuremgmt.log setfacl -m g:ocmlocaluser:rw /${LOG_DIR}/featuremgmt.log setfacl -m g:ocmadmin:rw /${LOG_DIR}/rm.log setfacl -m g:ocmlocaladmin:rw /${LOG_DIR}/rm.log setfacl -m g:ocmuser:rw /${LOG_DIR}/rm.log setfacl -m g:ocmlocaluser:rw /${LOG_DIR}/rm.log setfacl -m g:ocmadmin:rw /${LOG_DIR}/wwnmgmt.log setfacl -m g:ocmlocaladmin:rw /${LOG_DIR}/wwnmgmt.log setfacl -m g:ocmuser:rw /${LOG_DIR}/wwnmgmt.log setfacl -m g:ocmlocaluser:rw /${LOG_DIR}/wwnmgmt.log # If misc directory doesn't exist yet, create it so we can ensure that # the proper privileges are set. if [ ! -d /${INSTALL_DIR}/misc ]; then mkdir -p /${INSTALL_DIR}/misc fi setfacl -m g:ocmadmin:rx /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -m g:ocmlocaladmin:rx /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -m g:ocmuser:rx /${INSTALL_DIR}/misc > /dev/null 2>&1 setfacl -m g:ocmlocaluser:rx /${INSTALL_DIR}/misc > /dev/null 2>&1 # bugzill 133450 if [ ! -r /${INSTALL_DIR}/misc/lockFile.sem ]; then touch /${INSTALL_DIR}/misc/lockFile.sem fi setfacl -m g:ocmadmin:rw /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -m g:ocmlocaladmin:rw /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -m g:ocmuser:rw /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 setfacl -m g:ocmlocaluser:rw /${INSTALL_DIR}/misc/lockFile.sem > /dev/null 2>&1 # bugzill 134308 if [ ! -r /${INSTALL_DIR}/misc/hbahost_lock.sem ]; then touch /${INSTALL_DIR}/misc/hbahost_lock.sem fi setfacl -m g:ocmadmin:rw /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -m g:ocmlocaladmin:rw /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -m g:ocmuser:rw /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -m g:ocmlocaluser:rw /${INSTALL_DIR}/misc/hbahost_lock.sem > /dev/null 2>&1 setfacl -m g:ocmadmin:rw /${CONF_DIR}/emulexDiscConfig setfacl -m g:ocmadmin:rw /${CONF_DIR}/emulexRMConfig setfacl -m g:ocmadmin:rw /${CONF_DIR}/emulexRMOptions setfacl -m g:ocmadmin:rw /${CONF_DIR}/emulexRMPref setfacl -m g:ocmlocaladmin:rw /${CONF_DIR}/emulexDiscConfig setfacl -m g:ocmlocaladmin:rw /${CONF_DIR}/emulexRMConfig setfacl -m g:ocmlocaladmin:rw /${CONF_DIR}/emulexRMOptions setfacl -m g:ocmlocaladmin:rw /${CONF_DIR}/emulexRMPref setfacl -m g:ocmuser:rw /${CONF_DIR}/emulexDiscConfig setfacl -m g:ocmuser:rw /${CONF_DIR}/emulexRMConfig setfacl -m g:ocmuser:rw /${CONF_DIR}/emulexRMOptions setfacl -m g:ocmuser:rw /${CONF_DIR}/emulexRMPref setfacl -m g:ocmlocaluser:rw /${CONF_DIR}/emulexDiscConfig setfacl -m g:ocmlocaluser:rw /${CONF_DIR}/emulexRMConfig setfacl -m g:ocmlocaluser:rw /${CONF_DIR}/emulexRMOptions setfacl -m g:ocmlocaluser:rw /${CONF_DIR}/emulexRMPref if [ -r /${INSTALL_DIR}/ocmanager ]; then setfacl -m g:ocmadmin:rx /${INSTALL_DIR}/ocmanager setfacl -m g:ocmlocaladmin:rx /${INSTALL_DIR}/ocmanager setfacl -m g:ocmuser:rx /${INSTALL_DIR}/ocmanager setfacl -m g:ocmlocaluser:rx /${INSTALL_DIR}/ocmanager fi if [ -d /${INSTALL_DIR}/jre ]; then setfacl -R -m g:ocmadmin:rx /${INSTALL_DIR}/jre setfacl -R -m g:ocmlocaladmin:rx /${INSTALL_DIR}/jre setfacl -R -m g:ocmuser:rx /${INSTALL_DIR}/jre setfacl -R -m g:ocmlocaluser:rx /${INSTALL_DIR}/jre fi if [ -d /${INSTALL_DIR}/config ]; then setfacl -m g:ocmadmin:rwx /${INSTALL_DIR}/config setfacl -m g:ocmlocaladmin:rwx /${INSTALL_DIR}/config setfacl -m g:ocmuser:rwx /${INSTALL_DIR}/config setfacl -m g:ocmlocaluser:rwx /${INSTALL_DIR}/config setfacl -m g:ocmadmin:rw /${INSTALL_DIR}/config/* setfacl -m g:ocmlocaladmin:rw /${INSTALL_DIR}/config/* setfacl -m g:ocmuser:rw /${INSTALL_DIR}/config/* setfacl -m g:ocmlocaluser:rw /${INSTALL_DIR}/config/* fi } remove_group_privileges_linux() { setfacl -b /${INSTALL_DIR} setfacl -b /${INSTALL_DIR}/hbacmd setfacl -b /${INSTALL_DIR}/convert_conf_file setfacl -b /${INSTALL_DIR}/RMRepository setfacl -b /etc/emulexDiscConfig setfacl -b /etc/emulexRMConfig setfacl -b /etc/emulexRMOptions setfacl -b /etc/emulexRMPref if [ -d /${INSTALL_DIR}/scripts ]; then setfacl -R -b /${INSTALL_DIR}/scripts fi if [ -d /${INSTALL_DIR}/misc ]; then setfacl -R -b /${INSTALL_DIR}/misc fi if [ -d /${DUMP_DIR} ]; then setfacl -R -b /${DUMP_DIR} fi if [ -d /${LOG_DIR} ]; then setfacl -R -b /${LOG_DIR} fi if [ -d /${CONFIG_DIR} ]; then setfacl -R -b /${CONF_DIR} fi if [ -r /${INSTALL_DIR}/ocmanager ]; then setfacl -b /${INSTALL_DIR}/ocmanager fi if [ -d /${INSTALL_DIR}/jre ]; then setfacl -R -b /${INSTALL_DIR}/jre fi if [ -d /${INSTALL_DIR}/config ]; then setfacl -b /${INSTALL_DIR}/config setfacl -b /${INSTALL_DIR}/config/* fi } remove_group_privileges_linux_fhs() { setfacl -b /${INSTALL_DIR} setfacl -b /${INSTALL_DIR}/bin/hbacmd setfacl -b /${INSTALL_DIR}/scripts/convert_conf_file.sh setfacl -b /${INSTALL_DIR}/RMRepository setfacl -b /${CONF_DIR}/emulexDiscConfig setfacl -b /${CONF_DIR}/emulexRMConfig setfacl -b /${CONF_DIR}/emulexRMOptions setfacl -b /${CONF_DIR}/emulexRMPref if [ -d /${INSTALL_DIR}/scripts ]; then setfacl -R -b /${INSTALL_DIR}/scripts fi if [ -d /${INSTALL_DIR}/misc ]; then setfacl -R -b /${INSTALL_DIR}/misc fi if [ -d /${DUMP_DIR} ]; then setfacl -R -b /${DUMP_DIR} fi if [ -d /${LOG_DIR} ]; then setfacl -R -b /${LOG_DIR} fi if [ -d /${CONFIG_DIR} ]; then setfacl -R -b /${CONF_DIR} fi if [ -r /${INSTALL_DIR}/ocmanager ]; then setfacl -b /${INSTALL_DIR}/ocmanager fi if [ -d /${INSTALL_DIR}/jre ]; then setfacl -R -b /${INSTALL_DIR}/jre fi if [ -d /${INSTALL_DIR}/config ]; then setfacl -b /${INSTALL_DIR}/config setfacl -b /${INSTALL_DIR}/config/* fi } write_configuration_to_file() { # write server remote operation option to config file TF=/${CONF_DIR}/emulexRMConfig.tmp cat /${CONF_DIR}/emulexRMConfig | sed "/RemoteOperation/d" > $TF if [ $mode_of_operation -eq 1 ];then echo "ServerRemoteOperation:disabled" >> $TF else echo "ServerRemoteOperation:enabled" >> $TF fi cp $TF /${CONF_DIR}/emulexRMConfig rm $TF # write client remote operation option to config file TF=/${CONF_DIR}/emulexDiscConfig.tmp cat /${CONF_DIR}/emulexDiscConfig | sed "/RemoteOperation/d" > $TF if [ $mode_of_operation -eq 3 ] || [ $mode_of_operation -eq 4 ];then echo "ClientRemoteOperation:enabled" >> $TF else echo "ClientRemoteOperation:disabled" >> $TF fi cp $TF /${CONF_DIR}/emulexDiscConfig rm $TF # this information only processed when called by install routine if [ $install_called -eq 45 ] || [ $install_called -eq 25 ];then TF=/${CONF_DIR}/emulexDiscConfig.tmp cat /${CONF_DIR}/emulexDiscConfig | sed "/OperationMode/d" > $TF if [ "$change_mode_of_operation" = "y" ];then echo "ClientOperationMode:enabled" >> $TF else echo "ClientOperationMode:locked" >> $TF fi cp $TF /${CONF_DIR}/emulexDiscConfig rm $TF else echo "ClientOperationMode:enabled" >> $TF fi # init related flag to same selection # commenting out next line as part of fix for CR 29557 #if [ "$change_mode_of_operation" = "Y" ];then TF=/${CONF_DIR}/emulexRMOptions.tmp cat /${CONF_DIR}/emulexRMOptions | sed "/LocalHBAsOnly/d" > $TF if [ $mode_of_operation -eq 3 ] || [ $mode_of_operation -eq 4 ];then echo "LocalHBAsOnly:false" >> $TF else echo "LocalHBAsOnly:true" >> $TF fi cp $TF /${CONF_DIR}/emulexRMOptions rm $TF # place user's 'read only' configuration selection into config file TF=/${CONF_DIR}/emulexDiscConfig.tmp cat /${CONF_DIR}/emulexDiscConfig | sed "/ClientReadOnlyOperation/d" > $TF if [ $read_only_mode_of_operation = "y" ];then echo "ClientReadOnlyOperation:enabled" >> $TF else echo "ClientReadOnlyOperation:disabled" >> $TF fi cp $TF /${CONF_DIR}/emulexDiscConfig rm $TF # place 'tcp/ip socket' port number into config file TF=/${CONF_DIR}/emulexDiscConfig.tmp cat /${CONF_DIR}/emulexDiscConfig | sed "/TcpSocketPortNumber/d" > $TF echo "TcpSocketPortNumber:$socket_port_value" >> $TF cp $TF /${CONF_DIR}/emulexDiscConfig rm $TF # place 'ManagementHost' value into config file TF=/${CONF_DIR}/emulexRMConfig.tmp cat /${CONF_DIR}/emulexRMConfig | sed "/ManagementHost/d" > $TF if [ $management_host_mode = "y" ];then echo "ManagementHost:true" >> $TF else echo "ManagementHost:false" >> $TF fi cp $TF /${CONF_DIR}/emulexRMConfig rm $TF # place 'SecureManagement' value into config file TF=/${CONF_DIR}/emulexRMConfig.tmp cat /${CONF_DIR}/emulexRMConfig | sed "/SecureManagement/d" > $TF if [ $secure_management_mode = "s" ];then echo "SecureManagement:enabled" >> $TF else echo "SecureManagement:disabled" >> $TF fi cp $TF /${CONF_DIR}/emulexRMConfig rm $TF # place management host name or ip address value into config file TF=/${CONF_DIR}/emulexRMConfig.tmp cat /${CONF_DIR}/emulexRMConfig | sed "/MngmtHostIpAddress/d" > $TF echo "MngmtHostIpAddress:$management_host_address" >> $TF cp $TF /${CONF_DIR}/emulexRMConfig rm $TF # place exclusive mgmnt host boolean into config file TF=/${CONF_DIR}/emulexRMConfig.tmp cat /${CONF_DIR}/emulexRMConfig | sed "/ExclusiveHostMgmnt/d" > $TF if [ $management_host_is_exclusive = "y" ];then echo "ExclusiveHostMgmnt:true" >> $TF else echo "ExclusiveHostMgmnt:false" >> $TF fi cp $TF /${CONF_DIR}/emulexRMConfig rm $TF } # if OneCommand Manager GUI is running, exit script and request that user stop GUI # Get pid of script that started the OneCommand Manager GUI script_pid=`ps -eaf | grep ocmanager | grep "/bin/sh" | grep -v grep | head -n 1 | awk '{ print $2 }'` # echo "script pid of hbanyware is $script_pid" if [ "$script_pid" != "" ];then gui_pid=`ps -eaf | grep java | grep -v grep | grep "OCManager.jar" | awk '{ print $2 }'` if [ "$gui_pid" != "" ];then echo "The OneCommand Manager GUI client must be stopped before changing the mode of operation." echo "Please exit the GUI application and re-run this script" exit fi fi # first stop two daemons echo echo "Stopping OneCommand Manager daemons ..." if [ -x "/${INSTALL_DIR}/stop_ocmanager" ]; then /${INSTALL_DIR}/stop_ocmanager > /dev/null 2>&1 elif [ -x "/${INSTALL_DIR}/scripts/stop_ocmanager.sh" ]; then /${INSTALL_DIR}/scripts/stop_ocmanager.sh > /dev/null 2>&1 fi echo if [ -z $install_called ]; then install_called=0 fi if [ "$platform_os" = "Linux" ];then # On Linux, only prompt for secure management mode during installation. if [ $install_called -eq 0 ] || [ $install_called -eq 25 ];then question_secure_management_mode fi if [ "$secure_management_mode" = "s" ];then # Check for the four OCM groups. local_ocm_groups=0 for group in "ocmlocaluser" "ocmuser" "ocmlocaladmin" "ocmadmin"; do found_group=`getent group | grep -ic $group` local_ocm_groups=`expr $local_ocm_groups + $found_group` if [ $found_group -eq 0 ]; then undefined_groups="${undefined_groups} ${group}" fi done # Return an error if none of the four OCM groups was found and exit script. if [ $local_ocm_groups -eq 0 ]; then echo echo "Error: Attempting to enable secure management feature" echo " but no OCM groups are configured on this machine" echo " (the output of 'getent group' command does not" echo " show any OCM groups configured)" echo echo "Reinstall without selecting OCM 'secure management' feature" echo "or else configure OCM secure management groups on machine" echo exit 1 fi fi else # On Solaris, always prompt for secure management mode. question_secure_management_mode # If security has been enabled, make sure at least one of the OCM groups # is defined on this system. Otherwise, proper security settings cannot # cannot be applied during install. if [ "$secure_management_mode" = "s" ];then # Check for the four OCM groups. local_ocm_groups=0 for group in "ocmlocaluser" "ocmuser" "ocmlocaladmin" "ocmadmin"; do found_group=`getent group | grep -ic $group` local_ocm_groups=`expr $local_ocm_groups + $found_group` if [ $found_group -eq 0 ]; then undefined_groups="${undefined_groups} ${group}" fi done # Return an error if none of the four OCM groups was found and exit script. if [ $local_ocm_groups -eq 0 ]; then echo "" echo "ERROR: Attempting to enable the Secure Management feature, but no OCM" echo " groups are configured on this machine (the output of" echo " 'getent group' command does not show any OCM groups configured)." echo echo "Rerun without enabling the OCM 'Secure Management' feature or else" echo "configure OCM Secure Management groups on this machine." echo "" exit 1 fi fi fi if [ "$secure_management_mode" != "s" ];then question_management_mode # obtain user selection for 'read only' mode if [ "$mode_of_operation" != "1" ] && [ "$mode_of_operation" != "4" ];then question_read_only fi # If called by installation routine on solaris; ask this question. Never ask on # Solaris since set_operating_mode is not called during installation. if [ $install_called -eq 45 ] || [ $install_called -eq 25 ];then question_change_management_mode fi fi # Add or remove group privileges based on Secure Management selection. if [ "$platform_os" = "SunOS" ];then if [ "$secure_management_mode" = "s" ];then # Secure Management has been enabled. Add group privileges on the necessary files. if [ `/usr/bin/df -n | grep -w / | awk '{ print $3 }'` = "ufs" ]; then # UFS filesystem add_group_privileges_ufs else # ZFS filesystem add_group_privileges_zfs fi # Warn the user that if any of the 4 OCM groups are not currently defined, they # will not be given access privileges and if the group is added later, it will # not have privileges. if [ "$undefined_groups" != "" ]; then echo "" echo "WARNING: The following OCM groups are not currently defined on this system" echo "and could not be granted access privileges. If these groups are added at a" echo "later time, run /${INSTALL_DIR}/set_operating_mode or reinstall to grant" echo "them privileges:" echo "" for group in $undefined_groups; do echo " ${group}" done fi else # Secure Management has been disabled. Remove group privileges on the necessary files. if [ `/usr/bin/df -n | grep -w / | awk '{ print $3 }'` = "ufs" ]; then # UFS filesystem remove_group_privileges_ufs else # ZFS filesystem remove_group_privileges_zfs fi fi fi if [ "$platform_os" = "Linux" ];then if [ $secure_management_mode = "s" ];then # Secure Management has been enabled. Add group privileges on the necessary files. if [ $install_called -eq 0 ];then # if called directly by user, set file permission if [ $is_fhs_build -eq 0 ]; then add_group_privileges_linux > /dev/null 2>&1 else add_group_privileges_linux_fhs > /dev/null 2>&1 fi # Warn the user that if any of the 4 OCM groups are not currently defined, they # will not be given access privileges and if the group is added later, it will # not have privileges. if [ "$undefined_groups" != "" ]; then echo "" echo "WARNING: The following OCM groups are not currently defined on this system" echo "and could not be granted access privileges. If these groups are added at a" echo "later time, run /${INSTALL_DIR}/set_operating_mode or reinstall to grant" echo "them privileges:" echo "" for group in $undefined_groups; do echo " ${group}" done fi fi else # Secure Management has been disabled. Remove group privileges on the necessary files. if [ $install_called -eq 0 ];then # if called directly by user, set file permission if [ $is_fhs_build -eq 0 ]; then remove_group_privileges_linux > /dev/null 2>&1 else remove_group_privileges_linux_fhs > /dev/null 2>&1 fi fi fi fi write_configuration_to_file # added next lines as part of fix for CR 29557 # discovery daemon was intermittently not reporting to gui when 'local only' # or 'managed only' modes were selected, restarting daemon fixed problem echo #echo "Stopping OneCommand Manager daemons ..." if [ -x "/${INSTALL_DIR}/stop_ocmanager" ]; then /${INSTALL_DIR}/stop_ocmanager > /dev/null 2>&1 elif [ -x "/${INSTALL_DIR}/scripts/stop_ocmanager.sh" ]; then /${INSTALL_DIR}/scripts/stop_ocmanager.sh > /dev/null 2>&1 fi echo # remote server daemon is ALWAYS started (for 'dump' and such) if [ -x "/${INSTALL_DIR}/start_ocmanager" ]; then /${INSTALL_DIR}/start_ocmanager > /dev/null 2>&1 elif [ -x "/${INSTALL_DIR}/scripts/start_ocmanager.sh" ]; then /${INSTALL_DIR}/scripts/start_ocmanager.sh > /dev/null 2>&1 fi