#!/usr/bin/perl use strict; use warnings; sub trim($); sub ltrim($); sub rtrim($); my $PDAUTHDB_PREVCKSUM = "/var/PolicyDirector/scripts/pd_authdbrepl_prevcksum.txt"; my $PDAUTHDB = "/var/PolicyDirector/db/master_authzn.db"; my $SLEEPTIME = 5; my $FILE_NOT_FOUND = -1; my $pduserid; my $pdpasswd; my $prevChecksum = 0; my $currentChecksum = 0; my $checksumLn = ""; my @err_svrs = (); my $numErrSvrs; my $errsvr; my @svr_info; my $junk; my $junk2; my $host; my $port; my $hostln; my $portln; my $retCode = -1; my $retString = ""; my $sec = 0; my $min = 0; my $hour = 0; my $mday = 0; my $mon = 0; my $year = 0; my $wday = 0; my $yday = 0; my $isdst = 0; my $hostname = ""; my $envOS = ""; my $pdversion = ""; if (@ARGV == 2) { $pduserid = $ARGV[0]; $pdpasswd = $ARGV[1]; $hostname = `hostname`; print("*******************************************************************************\n"); print("pd_authdbrepl.pl Now starting on $hostname\n"); print("*******************************************************************************\n"); ($sec,$min,$hour,$mday,$mon,$year,$wday, $yday,$isdst) = localtime(time); printf("%4d-%02d-%02d %02d:%02d:%02d\n", $year+1900,$mon+1,$mday,$hour,$min,$sec); $envOS = $^O; if ($envOS eq "linux") { print("OS is Linux.\n"); } elsif ($envOS eq "MSWin32") { print("OS is Windows.\n"); } elsif ($envOS eq "aix") { print("OS is AIX.\n"); } elsif ($envOS eq "solaris") { print("OS is Solaris.\n"); } else { } print("Querying authorization databases checksums....\n"); if (open(PREVCKSUM, "$PDAUTHDB_PREVCKSUM")) { $prevChecksum = ; close(PREVCKSUM); chomp($prevChecksum); $prevChecksum = trim($prevChecksum); } else { $prevChecksum = $FILE_NOT_FOUND; } $checksumLn = `cksum $PDAUTHDB`; ($currentChecksum, $junk, $junk2) = split(/ /, $checksumLn); $currentChecksum = trim($currentChecksum); print("Previous checksum: $prevChecksum\n"); print("Current Checksum: $currentChecksum\n"); if ($prevChecksum == $currentChecksum) { print("Checksum for master authorization database has NOT changed.\n"); } elsif (($prevChecksum != $currentChecksum) || ($prevChecksum == $FILE_NOT_FOUND)){ print("Checksum for master authorization database has changed or was not previously known.\n"); print("Proceeding with resource manager notification & auth db replication....\n"); open(PREVCKSUM, ">", "$PDAUTHDB_PREVCKSUM"); print(PREVCKSUM "$currentChecksum"); print(PREVCKSUM "\n"); close(PREVCKSUM); repldb("WEBSEAL"); repldb("AUTHORIZATION"); repldb("JACC"); repldb("AUTHZ"); repldb("AUTHN"); $numErrSvrs = @err_svrs; if ($numErrSvrs > 0) { print("Could not replicate to the following $numErrSvrs servers:\n"); foreach $errsvr (@err_svrs) { print("$errsvr\n"); } } ($sec,$min,$hour,$mday,$mon,$year,$wday, $yday,$isdst) = localtime(time); print("\n"); printf("%4d-%02d-%02d %02d:%02d:%02d\n", $year+1900,$mon+1,$mday,$hour,$min,$sec); } print("*******************************************************************************\n"); print("pd_authdbrepl.pl end.\n"); print("*******************************************************************************\n\n"); } else { print("This script requires two parameters - TAM id and TAM passsword, for example:\n"); print("perl pd_authdbrepl.pl sec_master password\n"); } sub repldb { my($serverType) = @_; my @x_svrs = (); my $numXSvrs = 0; my $xsvr; if ($serverType eq "WEBSEAL") { @x_svrs = `pdadmin -a $pduserid -p $pdpasswd server list | grep -i webseald | sort`; } elsif ($serverType eq "AUTHORIZATION") { @x_svrs = `pdadmin -a $pduserid -p $pdpasswd server list | grep -i ivacld | sort`; } elsif ($serverType eq "JACC") { @x_svrs = `pdadmin -a $pduserid -p $pdpasswd server list | grep -i JACC | sort`; } elsif ($serverType eq "AUTHZ") { @x_svrs = `pdadmin -a $pduserid -p $pdpasswd server list | grep -i Authz | sort`; } elsif ($serverType eq "AUTHN") { @x_svrs = `pdadmin -a $pduserid -p $pdpasswd server list | grep -i Authn | sort`; } else { } $numXSvrs = @x_svrs; if ($numXSvrs > 0) { print("-----------------------------------------------------------------------------\n"); print("There are $numXSvrs $serverType servers reported for this TAM installation.\n"); print("-----------------------------------------------------------------------------\n"); foreach $xsvr (@x_svrs) { chomp($xsvr); $xsvr = trim($xsvr); print("Executing replicate for $xsvr\n"); $retString = `pdadmin -a $pduserid -p $pdpasswd server replicate -server $xsvr`; my $position = index($retString, "Error"); if ($position >= 0) { push @err_svrs, $xsvr; } print("$retString\n"); sleep $SLEEPTIME; } } else { print("-----------------------------------------------------------------------------\n"); print("There are no configured $serverType servers being reported by TAM.\n"); print("-----------------------------------------------------------------------------\n"); } } # trim functions from www.somacon.com/p114.php # Perl trim function to remove whitespace from the start and end of the string sub trim($) { my $string = shift; $string =~ s/^\s+//; $string =~ s/\s+$//; return $string; } # Left trim function to remove leading whitespace sub ltrim($) { my $string = shift; $string =~ s/^\s+//; return $string; } # Right trim function to remove trailing whitespace sub rtrim($) { my $string = shift; $string =~ s/\s+$//; return $string; }