From 91d04c64771832a0b8815ffbe1f0f9920320d94d Mon Sep 17 00:00:00 2001 From: Pamela Dragosh Date: Tue, 14 Feb 2017 19:41:00 -0500 Subject: Initial OpenECOMP policy/engine commit Change-Id: I7dbff37733b661643dd4d1caefa3d7dccc361b6e Signed-off-by: Pamela Dragosh --- packages/base/src/files/bin/backup.sh | 151 ++++++++++++ packages/base/src/files/bin/certtool.sh | 207 ++++++++++++++++ packages/base/src/files/bin/java/log4j.properties | 31 +++ packages/base/src/files/bin/monitor.sh | 139 +++++++++++ packages/base/src/files/bin/policy.sh | 275 ++++++++++++++++++++++ 5 files changed, 803 insertions(+) create mode 100644 packages/base/src/files/bin/backup.sh create mode 100644 packages/base/src/files/bin/certtool.sh create mode 100644 packages/base/src/files/bin/java/log4j.properties create mode 100644 packages/base/src/files/bin/monitor.sh create mode 100644 packages/base/src/files/bin/policy.sh (limited to 'packages/base/src/files/bin') diff --git a/packages/base/src/files/bin/backup.sh b/packages/base/src/files/bin/backup.sh new file mode 100644 index 000000000..75cca7388 --- /dev/null +++ b/packages/base/src/files/bin/backup.sh @@ -0,0 +1,151 @@ +### +# ============LICENSE_START======================================================= +# ECOMP Policy Engine +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +#!/bin/bash + +######################################################################### +## +## Functions +## +######################################################################### + +function usage() { + echo -n "syntax: $(basename $0) " + echo -n "--debug (" + echo -n "[--backup ] | " + echo -n "[--restore ])" +} + +function backup() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} $@ --" + set -x + fi + + if [[ -z ${POLICY_HOME} ]]; then + echo "error: ${POLICY_HOME} is not set" + exit 1 + fi + + BACKUP_DIR=$1 + if [[ -z ${BACKUP_DIR} ]]; then + echo "error: a backup directory must be provided" + usage + exit 1 + fi + + /bin/mkdir -p ${BACKUP_DIR} > /dev/null 2>&1 + if [[ ! -d ${BACKUP_DIR} ]]; then + echo "error: ${BACKUP_DIR} is not a directory" + exit 1 + fi + + if [[ ! -w ${BACKUP_DIR} ]] ; then + echo "error: ${BACKUP_DIR} is not writable" + exit 1 + fi + + if [ "$(ls -A ${BACKUP_DIR})" ]; then + echo "error: ${BACKUP_DIR} must be empty" + exit 1 + fi + + echo "backing up ${POLICY_HOME} to ${BACKUP_DIR} to.." + rsync -a --delete \ + --exclude logs \ + --exclude tmp \ + --exclude backup \ + --exclude servers/pap/webapps/pap \ + --exclude servers/pdp/webapps/pdp \ + --exclude servers/pypdp/webapps/PyPDPServer \ + --exclude servers/console/webapps/policy \ + ${POLICY_HOME}/* \ + ${BACKUP_DIR} +} + +function restore() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} $@ --" + set -x + fi + + if [[ -z ${POLICY_HOME} ]]; then + echo "error: ${POLICY_HOME} is not set" + exit 1 + fi + + BACKUP_DIR=$1 + if [[ -z ${BACKUP_DIR} ]]; then + echo "error: a backup directory must be provided" + usage + exit 1 + fi + + if [[ ! -d ${BACKUP_DIR} ]]; then + echo "error: ${BACKUP_DIR} is not a directory" + exit 1 + fi + + if [ "$(ls -A ${BACKUP_DIR})" ]; then + echo "OK: ${BACKUP_DIR} has content" + else + echo "error: ${BACKUP_DIR} is empty" + exit 1 + fi + + echo "restoring from ${BACKUP_DIR} to ${POLICY_HOME} .." + rsync -a ${BACKUP_DIR}/* ${POLICY_HOME} +} + +OPERATION=none +DEBUG=n + +# command line options parsing +until [[ -z "$1" ]]; do + case $1 in + -d|--debug) DEBUG=y + set -x + ;; + -b|--backup) OPERATION=backup + shift + DIR=$1 + ;; + -r|--restore) OPERATION=restore + shift + DIR=$1 + ;; + *) usage + exit 1 + ;; + esac + shift +done + +# operation validation +case $OPERATION in + backup) backup $DIR + ;; + restore) restore $DIR + ;; + *) echo "invalid operation (${OPERATION}): must be in {backup|restore}"; + usage + exit 1 + ;; +esac \ No newline at end of file diff --git a/packages/base/src/files/bin/certtool.sh b/packages/base/src/files/bin/certtool.sh new file mode 100644 index 000000000..02899f17b --- /dev/null +++ b/packages/base/src/files/bin/certtool.sh @@ -0,0 +1,207 @@ +### +# ============LICENSE_START======================================================= +# ECOMP Policy Engine +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +#!/bin/bash +# +# certtool [ init fqdn | importcert cert.cer.txt | exportcsr ] +# + +KEYPASS=${KEYSTORE_PASSWD} +STOREPASS=${KEYSTORE_PASSWD} +DIR=${POLICY_HOME}/etc/ssl + +KSFILE=policy-keystore +ID=`id -n -u` +GRP=`id -n -g` + +if [ ! -d $DIR ] +then + echo "Policy Engine application software must be installed before using certtool" + exit 1 +fi + +TZ=GMT0 +umask 0077 +cd $DIR + +MODE="$1" +shift +if [ "$MODE" = init ] +then + if [ -f $KSFILE ] + then + echo "File \"$KSFILE\" already exists - did you already initialize?" + echo 'Remove it before initializing' + exit 1 + fi + + if [ -f $KSFILE.tmp ] + then + echo "File \"$KSFILE.tmp\" already exists - did you already initialize?" + echo 'Remove it before initializing' + exit 1 + fi + + rm -f $KSFILE.csr + FQDN="$1" + shift + if [ "$FQDN" = "" ] + then + echo 'FQDN of server required for certtool init' + exit 1 + fi + + $JAVA_HOME/bin/keytool -genkey -alias $FQDN -keyalg RSA -keystore $KSFILE.tmp -keysize 2048 -storepass "$STOREPASS" -keypass "$KEYPASS" -dname "CN=$FQDN,OU=Information Technology,O=AT&T Services\, Inc.,L=Southfield,S=Michigan,C=US" + $JAVA_HOME/bin/keytool -certreq -alias $FQDN -keystore $KSFILE.tmp -file $KSFILE.csr -storepass "$STOREPASS" -keypass "$KEYPASS" + echo cat $DIR/$KSFILE.csr + cat $KSFILE.csr + echo Keystore initialized. Use the above certificate signing request. + exit 0 +fi + +if [ "$MODE" != "importcert" -a "$MODE" != "exportcsr" ] +then + echo "Improper arguments. Usage is:" + echo "First time - to create key pair:" + echo " certtool init " + echo "Install certificate file:" + echo " certtool importcert " + echo "Generate certificate signing request when old certificate nears expiry:" + echo " certtool exportcsr" + exit 1 +fi + +KS=$KSFILE +if [ ! -f $KSFILE ] +then + KS=$KSFILE.tmp + if [ ! -f $KSFILE.tmp ] + then + echo "Keystore not initialized." + exit 1 + fi +fi + +$JAVA_HOME/bin/keytool -list -keystore $KS -storepass "$STOREPASS" | grep ', PrivateKeyEntry, $' +FQDN=`$JAVA_HOME/bin/keytool -list -keystore $KS -storepass "$STOREPASS" | grep ', PrivateKeyEntry, $' | sed 's/,.*//'` +if [ "$FQDN" = "" ] +then + echo "Unable to read keystore file $KS." + exit 1 +fi + +if [ "$MODE" = exportcsr ] +then + if [ ! -f $KSFILE ] + then + echo "Cannot export new signing request before initial certificate imported" + exit 1 + fi + rm -f $KSFILE.csr + $JAVA_HOME/bin/keytool -certreq -alias $FQDN -keystore $KS -file $KSFILE.csr -storepass "$STOREPASS" -keypass "$KEYPASS" + echo cat $DIR/$KSFILE.csr + cat $KSFILE.csr + echo Use the above certificate signing request. + exit 1 +fi + +FN="$1" +shift +cd - + +if [ ! -f "$FN" ] +then + echo "Certificate file $FN not found." + exit 1 +fi +XFN=$DIR/$$.cer +cp "$FN" $XFN +cat <> $XFN +-----BEGIN CERTIFICATE----- +MIIFODCCBCCgAwIBAgIQUT+5dDhwtzRAQY0wkwaZ/zANBgkqhkiG9w0BAQsFADCB +yjELMAkGA1UEBhMCVVMxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQL +ExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJp +U2lnbiwgSW5jLiAtIEZvciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxW +ZXJpU2lnbiBDbGFzcyAzIFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0 +aG9yaXR5IC0gRzUwHhcNMTMxMDMxMDAwMDAwWhcNMjMxMDMwMjM1OTU5WjB+MQsw +CQYDVQQGEwJVUzEdMBsGA1UEChMUU3ltYW50ZWMgQ29ycG9yYXRpb24xHzAdBgNV +BAsTFlN5bWFudGVjIFRydXN0IE5ldHdvcmsxLzAtBgNVBAMTJlN5bWFudGVjIENs +YXNzIDMgU2VjdXJlIFNlcnZlciBDQSAtIEc0MIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAstgFyhx0LbUXVjnFSlIJluhL2AzxaJ+aQihiw6UwU35VEYJb +A3oNL+F5BMm0lncZgQGUWfm893qZJ4Itt4PdWid/sgN6nFMl6UgfRk/InSn4vnlW +9vf92Tpo2otLgjNBEsPIPMzWlnqEIRoiBAMnF4scaGGTDw5RgDMdtLXO637QYqzu +s3sBdO9pNevK1T2p7peYyo2qRA4lmUoVlqTObQJUHypqJuIGOmNIrLRM0XWTUP8T +L9ba4cYY9Z/JJV3zADreJk20KQnNDz0jbxZKgRb78oMQw7jW2FUyPfG9D72MUpVK +Fpd6UiFjdS8W+cRmvvW1Cdj/JwDNRHxvSz+w9wIDAQABo4IBYzCCAV8wEgYDVR0T +AQH/BAgwBgEB/wIBADAwBgNVHR8EKTAnMCWgI6Ahhh9odHRwOi8vczEuc3ltY2Iu +Y29tL3BjYTMtZzUuY3JsMA4GA1UdDwEB/wQEAwIBBjAvBggrBgEFBQcBAQQjMCEw +HwYIKwYBBQUHMAGGE2h0dHA6Ly9zMi5zeW1jYi5jb20wawYDVR0gBGQwYjBgBgpg +hkgBhvhFAQc2MFIwJgYIKwYBBQUHAgEWGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20v +Y3BzMCgGCCsGAQUFBwICMBwaGmh0dHA6Ly93d3cuc3ltYXV0aC5jb20vcnBhMCkG +A1UdEQQiMCCkHjAcMRowGAYDVQQDExFTeW1hbnRlY1BLSS0xLTUzNDAdBgNVHQ4E +FgQUX2DPYZBV34RDFIpgKrL1evRDGO8wHwYDVR0jBBgwFoAUf9Nlp8Ld7LvwMAnz +Qzn6Aq8zMTMwDQYJKoZIhvcNAQELBQADggEBAF6UVkndji1l9cE2UbYD49qecxny +H1mrWH5sJgUs+oHXXCMXIiw3k/eG7IXmsKP9H+IyqEVv4dn7ua/ScKAyQmW/hP4W +Ko8/xabWo5N9Q+l0IZE1KPRj6S7t9/Vcf0uatSDpCr3gRRAMFJSaXaXjS5HoJJtG +QGX0InLNmfiIEfXzf+YzguaoxX7+0AjiJVgIcWjmzaLmFN5OUiQt/eV5E1PnXi8t +TRttQBVSK/eHiXgSgW7ZTaoteNTCLD0IX4eRnh8OsN4wUmSGiaqdZpwOdgyA8nTY +Kvi4Os7X1g8RvmurFPW9QaAiY4nxug9vKWNmLT+sjHLF+8fk1A/yO0+MKcc= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIE0DCCBDmgAwIBAgIQJQzo4DBhLp8rifcFTXz4/TANBgkqhkiG9w0BAQUFADBf +MQswCQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsT +LkNsYXNzIDMgUHVibGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkw +HhcNMDYxMTA4MDAwMDAwWhcNMjExMTA3MjM1OTU5WjCByjELMAkGA1UEBhMCVVMx +FzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2lnbiBUcnVz +dCBOZXR3b3JrMTowOAYDVQQLEzEoYykgMjAwNiBWZXJpU2lnbiwgSW5jLiAtIEZv +ciBhdXRob3JpemVkIHVzZSBvbmx5MUUwQwYDVQQDEzxWZXJpU2lnbiBDbGFzcyAz +IFB1YmxpYyBQcmltYXJ5IENlcnRpZmljYXRpb24gQXV0aG9yaXR5IC0gRzUwggEi +MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCvJAgIKXo1nmAMqudLO07cfLw8 +RRy7K+D+KQL5VwijZIUVJ/XxrcgxiV0i6CqqpkKzj/i5Vbext0uz/o9+B1fs70Pb +ZmIVYc9gDaTY3vjgw2IIPVQT60nKWVSFJuUrjxuf6/WhkcIzSdhDY2pSS9KP6HBR +TdGJaXvHcPaz3BJ023tdS1bTlr8Vd6Gw9KIl8q8ckmcY5fQGBO+QueQA5N06tRn/ +Arr0PO7gi+s3i+z016zy9vA9r911kTMZHRxAy3QkGSGT2RT+rCpSx4/VBEnkjWNH +iDxpg8v+R70rfk/Fla4OndTRQ8Bnc+MUCH7lP59zuDMKz10/NIeWiu5T6CUVAgMB +AAGjggGbMIIBlzAPBgNVHRMBAf8EBTADAQH/MDEGA1UdHwQqMCgwJqAkoCKGIGh0 +dHA6Ly9jcmwudmVyaXNpZ24uY29tL3BjYTMuY3JsMA4GA1UdDwEB/wQEAwIBBjA9 +BgNVHSAENjA0MDIGBFUdIAAwKjAoBggrBgEFBQcCARYcaHR0cHM6Ly93d3cudmVy +aXNpZ24uY29tL2NwczAdBgNVHQ4EFgQUf9Nlp8Ld7LvwMAnzQzn6Aq8zMTMwbQYI +KwYBBQUHAQwEYTBfoV2gWzBZMFcwVRYJaW1hZ2UvZ2lmMCEwHzAHBgUrDgMCGgQU +j+XTGoasjY5rw8+AatRIGCx7GS4wJRYjaHR0cDovL2xvZ28udmVyaXNpZ24uY29t +L3ZzbG9nby5naWYwNAYIKwYBBQUHAQEEKDAmMCQGCCsGAQUFBzABhhhodHRwOi8v +b2NzcC52ZXJpc2lnbi5jb20wPgYDVR0lBDcwNQYIKwYBBQUHAwEGCCsGAQUFBwMC +BggrBgEFBQcDAwYJYIZIAYb4QgQBBgpghkgBhvhFAQgBMA0GCSqGSIb3DQEBBQUA +A4GBABMC3fjohgDyWvj4IAxZiGIHzs73Tvm7WaGY5eE43U68ZhjTresY8g3JbT5K +lCDDPLq9ZVTGr0SzEK0saz6r1we2uIFjxfleLuUqZ87NMwwq14lWAyMfs77oOghZ +tOxFNfeKW/9mz1Cvxm1XjRl4t7mi0VfqH5pLr7rJjhJ+xr3/ +-----END CERTIFICATE----- +!EOF +cd $DIR +$JAVA_HOME/bin/keytool -import -trustcacerts -alias $FQDN -keystore $KS -storepass "$STOREPASS" -keypass "$KEYPASS" -file $XFN +rm -f $XFN + +if [ "$KS" = "$KSFILE.tmp" ] +then + mv $KSFILE.tmp $KSFILE +fi + +rm -f $KSFILE.csr +echo Certificate imported. +exit 0 diff --git a/packages/base/src/files/bin/java/log4j.properties b/packages/base/src/files/bin/java/log4j.properties new file mode 100644 index 000000000..3d1f50790 --- /dev/null +++ b/packages/base/src/files/bin/java/log4j.properties @@ -0,0 +1,31 @@ +### +# ============LICENSE_START======================================================= +# ECOMP Policy Engine +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +# +# Use this properties for deployments. +# +# +# Set root logger level to DEBUG and its only appender to A1. +log4j.rootLogger=ERROR, CONSOLE + +# for Developments and Debugging +log4j.appender.CONSOLE=org.apache.log4j.ConsoleAppender +log4j.appender.CONSOLE.layout=org.apache.log4j.PatternLayout +log4j.appender.CONSOLE.layout.ConversionPattern=%d{yyyy_MM_dd_HH_mm_ss_SSS} [%t] %-5p %l- %m%n diff --git a/packages/base/src/files/bin/monitor.sh b/packages/base/src/files/bin/monitor.sh new file mode 100644 index 000000000..fb311bc04 --- /dev/null +++ b/packages/base/src/files/bin/monitor.sh @@ -0,0 +1,139 @@ +### +# ============LICENSE_START======================================================= +# ECOMP Policy Engine +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +#!/bin/bash + +function usage() { + echo -n "syntax: $(basename $0) " + echo "[--debug]" +} + +function log() { + echo "$(date +"%Y-%m-%d_%H-%M-%S") $1" >> ${POLICY_HOME}/logs/monitor.log +} + +function monitor() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} --" + set -x + fi + + COMPONENT=$1 + STATUS=$2 + + if [[ -z ${COMPONENT} ]]; then + log "WARNING: invalid invocation: no component provided" + return + fi + + if [[ -z ${STATUS} ]]; then + log "WARNING: invalid invocation: no on/off/uninstalled switch provided for ${COMPONENT}" + return + fi + + if [[ "${STATUS}" == "off" ]]; then + off ${COMPONENT} + else + if [[ "${STATUS}" == "on" ]]; then + on ${COMPONENT} + fi + fi +} + +function on() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} --" + set -x + fi + + COMPONENT=$1 + + ${POLICY_HOME}/etc/init.d/${COMPONENT} status + if [[ $? != 0 ]]; then + log "starting ${COMPONENT}" + + ${POLICY_HOME}/etc/init.d/${COMPONENT} umstart + else + log "OK: ${COMPONENT} (UP)" + fi +} + +function off() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} --" + set -x + fi + + COMPONENT=$1 + + ${POLICY_HOME}/etc/init.d/${COMPONENT} status + if [[ $? != 0 ]]; then + log "OK: ${COMPONENT} (DOWN)" + + else + log "stopping ${COMPONENT}" + ${POLICY_HOME}/etc/init.d/${COMPONENT} umstop + fi +} + +function config() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} --" + set -x + fi + + CONF_FILE=${POLICY_HOME}/etc/monitor/monitor.cfg + while read line || [ -n "${line}" ]; do + if [[ -n ${line} ]] && [[ ${line} != *#* ]]; then + component=$(echo "${line}" | awk -F = '{print $1;}') + status=$(echo "${line}" | awk -F = '{print $2;}') + if [[ -n ${component} ]] && [[ -n ${status} ]]; then + monitor ${component} ${status} + fi + fi + done < "${CONF_FILE}" + return 0 +} + +log "Enter monitor" + +DEBUG=n +until [[ -z "$1" ]]; do + case $1 in + -d|--debug|debug) DEBUG=y + set -x + ;; + *) usage + exit 1 + ;; + esac + shift +done + +if pidof -o %PPID -x $(basename $0) > /dev/null 2>&1; then + log "WARNING: $(basename $0) from the previous iteration still running. Exiting." + exit 1 +fi + +. ${POLICY_HOME}/etc/profile.d/env.sh + + +config + diff --git a/packages/base/src/files/bin/policy.sh b/packages/base/src/files/bin/policy.sh new file mode 100644 index 000000000..0b061a46e --- /dev/null +++ b/packages/base/src/files/bin/policy.sh @@ -0,0 +1,275 @@ +### +# ============LICENSE_START======================================================= +# ECOMP Policy Engine +# ================================================================================ +# Copyright (C) 2017 AT&T Intellectual Property. All rights reserved. +# ================================================================================ +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ============LICENSE_END========================================================= +### + +#!/bin/bash + +function usage() { + echo -n "syntax: $(basename $0) " + echo -n "[--debug] " + echo "status|start|stop" +} + +function check_r_file() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} --" + set -x + fi + + FILE=$1 + if [[ ! -f ${FILE} || ! -r ${FILE} ]]; then + return 1 + fi + + return 0 +} + +function check_x_file() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} --" + set -x + fi + + FILE=$1 + if [[ ! -f ${FILE} || ! -x ${FILE} ]]; then + return 1 + fi + + return 0 +} + +function component_status() { + COMPONENT=$1 + output=$("${POLICY_HOME}"/etc/init.d/"${COMPONENT}" status) + if [[ $? == 0 ]]; then + echo " ${COMPONENT}: UP: ${output}" + else + echo " ${COMPONENT}: DOWN" + fi +} + +function component_start() { + COMPONENT=$1 + "${POLICY_HOME}"/etc/init.d/"${COMPONENT}" status > /dev/null 2>&1 + if [[ $? == 0 ]]; then + echo " ${COMPONENT}: UP: already running .." + else + "${POLICY_HOME}"/etc/init.d/"${COMPONENT}" start > /dev/null 2>&1 + echo " ${COMPONENT}: STARTING .." + fi +} + +function component_stop() { + COMPONENT=$1 + "${POLICY_HOME}"/etc/init.d/"${COMPONENT}" status > /dev/null 2>&1 + if [[ $? != 0 ]]; then + echo " ${COMPONENT}: DOWN: already stopped .." + else + "${POLICY_HOME}"/etc/init.d/"${COMPONENT}" stop > /dev/null 2>&1 + echo " ${COMPONENT}: STOPPING .." + fi +} + +function policy_status() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} --" + set -x + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/pap"; then + component_status pap + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/pdp"; then + component_status pdp + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/configs"; then + component_status configs + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/pypdp"; then + component_status pypdp + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/console"; then + component_status console + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/brmsgw"; then + component_status brmsgw + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/paplp"; then + component_status paplp + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/pdplp"; then + component_status pdplp + fi + + NUM_CRONS=$(crontab -l 2> /dev/null | wc -l) + echo " ${NUM_CRONS} cron jobs installed." + +} + +function policy_start() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} --" + set -x + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/pap"; then + component_start pap + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/pdp"; then + component_start pdp + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/configs"; then + component_start configs + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/pypdp"; then + component_start pypdp + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/console"; then + component_start console + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/brmsgw"; then + component_start brmsgw + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/paplp"; then + component_start paplp + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/pdplp"; then + component_start pdplp + fi + + cat "${POLICY_HOME}"/etc/cron.d/*.cron | crontab +} + +function policy_stop() { + if [[ $DEBUG == y ]]; then + echo "-- ${FUNCNAME[0]} --" + set -x + fi + + pkill -f "/bin/bash ${POLICY_HOME}/bin/monitor.sh" + crontab -r > /dev/null 2>&1 + sleep 2 + + if check_x_file "${POLICY_HOME}/etc/init.d/paplp"; then + component_stop paplp + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/pdplp"; then + component_stop pdplp + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/brmsgw"; then + component_stop brmsgw + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/console"; then + component_stop console + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/pypdp"; then + component_stop pypdp + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/configs"; then + component_stop configs + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/pdp"; then + component_stop pdp + fi + + if check_x_file "${POLICY_HOME}/etc/init.d/pap"; then + component_stop pap + fi + +} + +######################################################################### +## +## script execution body +## +######################################################################### + +DEBUG=n +OPERATION=none + +until [[ -z "$1" ]]; do + case $1 in + -d|--debug|debug) DEBUG=y + set -x + ;; + -i|--status|status) OPERATION=status + ;; + -s|--start|start) OPERATION=start + ;; + -h|--stop|stop|--halt|halt) OPERATION=halt + ;; + *) usage + exit 1 + ;; + esac + shift +done + +# operation validation +case $OPERATION in + status) ;; + start) ;; + halt) ;; + *) echo "invalid operation \(${OPERATION}\): must be in {status|start|stop}"; + usage + exit 1 + ;; +esac + +if [[ -z ${POLICY_HOME} ]]; then + echo "error: POLICY_HOME is unset." + exit 1 +fi + +# operation validation +case $OPERATION in + status) + policy_status + ;; + start) + policy_start + ;; + halt) + policy_stop + ;; + *) echo "invalid operation \(${OPERATION}\): must be in {status|start|stop}"; + usage + exit 1 + ;; +esac -- cgit 1.2.3-korg