nv-l
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu an

from [Leslie Clark] [Permanent Link][Original]
To: nv-l@lists.us.ibm.com
Subject: Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu
From: Leslie Clark <lclark@us.ibm.com>
Date: Wed, 29 Jun 2005 17:50:49 -0400
Delivery-date: Wed, 29 Jun 2005 22:51:36 +0100
Envelope-to: nv-l-archive@lists.skills-1st.co.uk
In-reply-to: <OFABFA17AE.0E8562DF-ON8525702F.0071C41C-8525702F.00765E0B@us.ibm.com>
Reply-to: nv-l@lists.us.ibm.com
Sender: owner-nv-l@lists.us.ibm.com

On reviewing your note, and acknowledging Francois', I see that you want this stuff on the Netview web client menu. Have you managed to add other things to the web client menu? There is a perfect example in /usr/OV/prg_samples.You could put the wruntask commands in scripts launched by this method.  However,  I believe that the whatever you run via those extensions is executed by the userid running the map, which would be root, usually. In that case you probably would not need a task, just a script. But those extensions are not interactive. They will run something on the server, and display any output in a browser instance.  For your /etc/hosts example, I think I would have them edit a copy on the server using dtterm , and then use the web client menu to run the script ( or task ) that puts it in place.

If you are using web client extensions with output of type 'text', then you should know that FP3 broke it and you need the efix for APAR IY70256.

Cordially,

Leslie A. Clark
IBM Global Services - Systems Mgmt & Networking
(248) 552-4968 Voicemail, Fax, Pager


Leslie Clark/Southfield/IBM@IBMUS
Sent by: owner-nv-l@lists.us.ibm.com

06/29/2005 05:38 PM
Please respond to
nv-l
To
nv-l@lists.us.ibm.com
cc
Subject
Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu






My current customer does almost everyting through the framework to avoid using root. We made a Tivoli Tasklib with all sorts of front-ends to Tivoli commands. Their logins are associated with a Tivoli Administrator that executes as root.

To start the gui from the Tivoli desktop, though, since it is not associated with a policy region, requires a global senior role. This is probably not the way to appease the security folks. Instead, we gave them sudo to run /usr/OV/bin/netview as root. Then they only need a global role of user or admin. Also sudo for serversetup.

So some things you can do through the menus and other things you cannot. For those things, we made tasks and jobs. We chose to keep the  code on the Netview server itself, since it is a Managed Node, but if it is just an endpoint, the stuff would all be on the TMR server.

For instance, a  task to run 'netmon -y' :

nvadmin_netmon_reload_seedfile.sh : a script that issues 'netmon -y' , real simple; you could log if you wanted.

del_nvadmin_NetviewCommands.sh: a script to delete the tasks and jobs in the NetviewCommands tasklib
make_nvadmin_NetviewCommands.sh: a script to build the tasklib and all of the tasks and jobs

Here's what's in make_nvadmin_NetviewCommands.sh:
. /etc/Tivoli/setup_env.sh
TMR=                  # Name of this TMR
POLREG=                        # Name of the Policy Region
LIB=                          # Name of the Task Library
SUBSCR=               # Name of the subscribed Profile Manager
NEWGRP=         # grup to run as
RUNAS="-u \$root_user -g $NEWGRP"      # user and group to run this as
ROLE=admin                                                        # Role of user
#
wcrttlib $LIB $POLREG                  # Create the Task Library if it does not exist
########################
# TASKS
....
wcrttask -t nvadmin_netmon_reload_seedfile -l $LIB -r $ROLE -i $INTERP $NVSERVER $LSDIR/nvadmin_netmon_reload_seedfile.sh $RUNAS
......
#
########################
# JOBS
......
wcrtjob -j nvadmin_netmon_reload_seedfile_job -t nvadmin_netmon_reload_seedfile -l $LIB -p $SUBSCR -o 17 -M serial -m 300
...
exit 0
------------------------------------------------------------------------------------------------------------------------------------------
And here's what's in del_nvadmin_NetviewCommands.sh:
TMR=`wtmrname | cut -f1 -d\-`                 # Name of this TMR
LIB=nvadmin_NetviewCommands_$TMR         # Name of the Task Library

########
# JOBS
########
....
wdeljob nvadmin_netmon_reload_seedfile_job $LIB
....
########
# TASKS
########
...
wdeltask nvadmin_netmon_reload_seedfile $LIB
....
exit 0
-------------------------------------------------------------------------------------
And of course there is a sched_nvadmin_NetviewCommands.sh for any that need to be scheduled jobs (they won't let us mess with cron),
and a rebuild_nvadmin_NetviewCommands.sh to run all three.

And.... for those who are too lazy to launch the Tivoli desktop, you can just run these things from the commandline. I make little scripts to launch them like this:
runetchosts.sh:
#!/bin/ksh
set -x
wruntask -t nvadmin_etchosts_push -l <tasklibname> -h <nvhostname> -o 15

What other kinds of things do we do via tasks and jobs?
Turn netmon tracing off and on, kill things, run /etc/netnmrc, run ovtopofix, etc, ovstop/ovstart, update netmon.lrf, run cleandb.sh, remove the .bak files after running  nvTurboDatabase, stuff like that.
For updating /etc/hosts, we update a copy in our local config directory and use the task to keep backups and put it into production. They could use whatever they wanted to edit the file.

Cordially,

Leslie A. Clark
IBM Global Services - Systems Mgmt & Networking
(248) 552-4968 Voicemail, Fax, Pager
don.turrentine@amsouth.com
Sent by: owner-nv-l@lists.us.ibm.com

06/29/2005 04:05 PM
Please respond to
nv-l
To
nv-l@lists.us.ibm.com
cc
Subject
[nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu








I am trying to appease the powers to be and come up with a way to handle
the day to day tasks of managing NetView without being the root user.  I am
using Framework so I plan on allowing users to start the Native GUI via the
Framework.  This actually handles everything except editing the /etc/hosts
file, no DNS.  Has anyone added a menu item that uses dtpad or something
like that to edit /etc/hosts?  The folks that would be using this are not
"vi" literate.

I also need to add the fuctionality of editing the netmon.seed (and
refreshing netmon) and /etc/hosts file to the Web Console.

One last thing, has anyone added the functionality of nvmaputil.sh to the
Web Console to allow operators to delete objects?  Scary thought for some
but I hope to control this through the scopes.

NV 7.1.4 fp02 on AIX 4.3.3

I am going through the Programmer's Guide and other docs/samples right now.
Just thought I would check out there before I reinvented the wheel.

Thanks,

Don
---
Don Turrentine
BH-0302
AmSouth Bank
P.O. Box 11007
Birmingham, AL 35288
(205) 261-6351
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu, Leslie Clark
Next by Date:  [nv-l] NV 7.1.3 - 7.1.4 upgrades.. any new unecessary daemons/processes ?, John Sobrinho
Previous by Thread:  Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and GUI menu, Leslie Clark
Next by Thread:  Re: [nv-l] EventForwarding to TEC - cut Domain from Hostname, Larry Fagan
Indexes:  [Date] [Thread] [Top] [All Lists]

Archive operated by Skills 1st Ltd

See also: The NetView Web