On reviewing your note, and acknowledging Francois', I see that you
want this stuff on the Netview web client menu. Have you managed to
add other things to the web client menu? There is a perfect example in
/usr/OV/prg_samples.You could put the wruntask commands in scripts
launched by this method. However, I believe that the whatever you
run via those extensions is executed by the userid running the map,
which would be root, usually. In that case you probably would not need
a task, just a script. But those extensions are not interactive. They
will run something on the server, and display any output in a browser
instance. For your /etc/hosts example, I think I would have them edit
a copy on the server using dtterm , and then use the web client menu
to run the script ( or task ) that puts it in place.
If you are using web client extensions with output of type 'text',
then you should know that FP3 broke it and you need the efix for APAR
IY70256.
Cordially,
Leslie A. Clark
IBM Global Services - Systems Mgmt & Networking
(248) 552-4968 Voicemail, Fax, Pager
*Leslie Clark/Southfield/IBM@IBMUS*
Sent by: owner-nv-l@lists.us.ibm.com
06/29/2005 05:38 PM
Please respond to
nv-l
To
nv-l@lists.us.ibm.com
cc
Subject
Re: [nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu
and GUI menu
My current customer does almost everyting through the framework to
avoid using root. We made a Tivoli Tasklib with all sorts of
front-ends to Tivoli commands. Their logins are associated with a
Tivoli Administrator that executes as root.
To start the gui from the Tivoli desktop, though, since it is not
associated with a policy region, requires a global senior role. This
is probably not the way to appease the security folks. Instead, we
gave them sudo to run /usr/OV/bin/netview as root. Then they only need
a global role of user or admin. Also sudo for serversetup.
So some things you can do through the menus and other things you
cannot. For those things, we made tasks and jobs. We chose to keep the
code on the Netview server itself, since it is a Managed Node, but if
it is just an endpoint, the stuff would all be on the TMR server.
For instance, a task to run 'netmon -y' :
nvadmin_netmon_reload_seedfile.sh : a script that issues 'netmon -y' ,
real simple; you could log if you wanted.
del_nvadmin_NetviewCommands.sh: a script to delete the tasks and jobs
in the NetviewCommands tasklib
make_nvadmin_NetviewCommands.sh: a script to build the tasklib and all
of the tasks and jobs
Here's what's in make_nvadmin_NetviewCommands.sh:
. /etc/Tivoli/setup_env.sh
TMR= # Name of this TMR
POLREG= # Name of the Policy Region
LIB= # Name of the Task Library
SUBSCR= # Name of the subscribed Profile Manager
NEWGRP= # grup to run as
RUNAS="-u \$root_user -g $NEWGRP" # user and group to run this as
ROLE=admin #
Role of user
#
wcrttlib $LIB $POLREG # Create the Task Library if it
does not exist
########################
# TASKS
....
wcrttask -t nvadmin_netmon_reload_seedfile -l $LIB -r $ROLE -i $INTERP
$NVSERVER $LSDIR/nvadmin_netmon_reload_seedfile.sh $RUNAS
......
#
########################
# JOBS
......
wcrtjob -j nvadmin_netmon_reload_seedfile_job -t
nvadmin_netmon_reload_seedfile -l $LIB -p $SUBSCR -o 17 -M serial -m 300
...
exit 0
------------------------------------------------------------------------------------------------------------------------------------------
And here's what's in del_nvadmin_NetviewCommands.sh:
TMR=`wtmrname | cut -f1 -d\-` # Name of this TMR
LIB=nvadmin_NetviewCommands_$TMR # Name of the Task Library
########
# JOBS
########
....
wdeljob nvadmin_netmon_reload_seedfile_job $LIB
....
########
# TASKS
########
...
wdeltask nvadmin_netmon_reload_seedfile $LIB
....
exit 0
-------------------------------------------------------------------------------------
And of course there is a sched_nvadmin_NetviewCommands.sh for any that
need to be scheduled jobs (they won't let us mess with cron),
and a rebuild_nvadmin_NetviewCommands.sh to run all three.
And.... for those who are too lazy to launch the Tivoli desktop, you
can just run these things from the commandline. I make little scripts
to launch them like this:
runetchosts.sh:
#!/bin/ksh
set -x
wruntask -t nvadmin_etchosts_push -l <tasklibname> -h <nvhostname> -o 15
What other kinds of things do we do via tasks and jobs?
Turn netmon tracing off and on, kill things, run /etc/netnmrc, run
ovtopofix, etc, ovstop/ovstart, update netmon.lrf, run cleandb.sh,
remove the .bak files after running nvTurboDatabase, stuff like that.
For updating /etc/hosts, we update a copy in our local config
directory and use the task to keep backups and put it into production.
They could use whatever they wanted to edit the file.
Cordially,
Leslie A. Clark
IBM Global Services - Systems Mgmt & Networking
(248) 552-4968 Voicemail, Fax, Pager
*don.turrentine@amsouth.com*
Sent by: owner-nv-l@lists.us.ibm.com
06/29/2005 04:05 PM
Please respond to
nv-l
To
nv-l@lists.us.ibm.com
cc
Subject
[nv-l] : Adding nvmaputil.sh, seed editor, /etc/hosts to web menu and
GUI menu
I am trying to appease the powers to be and come up with a way to handle
the day to day tasks of managing NetView without being the root user.
I am
using Framework so I plan on allowing users to start the Native GUI
via the
Framework. This actually handles everything except editing the /etc/hosts
file, no DNS. Has anyone added a menu item that uses dtpad or something
like that to edit /etc/hosts? The folks that would be using this are not
"vi" literate.
I also need to add the fuctionality of editing the netmon.seed (and
refreshing netmon) and /etc/hosts file to the Web Console.
One last thing, has anyone added the functionality of nvmaputil.sh to the
Web Console to allow operators to delete objects? Scary thought for some
but I hope to control this through the scopes.
NV 7.1.4 fp02 on AIX 4.3.3
I am going through the Programmer's Guide and other docs/samples right
now.
Just thought I would check out there before I reinvented the wheel.
Thanks,
Don
---
Don Turrentine
BH-0302
AmSouth Bank
P.O. Box 11007
Birmingham, AL 35288
(205) 261-6351