01-30-2011
Yes it can be done and be secure. I done a couple and basically here was my approach.
1. Create the central users script. If needed the make menu driven. We created a base user not a super user for this account. In out case the home dir is a NFS mount to all the servers. So a script to send commands to another server wasn't needed. A NAS mounted device would work for this also.
2. So since in most cases root needs to be the user to do the work.
I have a local root script that is looping and looking for a file to show up in a defined directory on the global mount. Now this is were it depends on what you are trying to do on the server. So the dropped file
could contain the objective to be bounce. So if you would bounce oracle and refresh sendmail lets say. the file would be named <server name>_???.trg and contain oracle|sendmail. The local script would see the file then consume the file and create a results file.
3. the master script would look for the files to be consumed and the results being created.
There are a lot more steps to all this...
Security wise - since the user login into the server as the service user. They don't know or have ability to be root. That is all controlled by the scripts and your programs. And the service account when it logs in will only run the menu to do your application. And you will also do the trap command in the login control so they can't ctl c or anything out to a shell.
This may sound worse than what the work really is. You could have the whole thing done in a day or so.
10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
I would like to allow only one instance of a script to run at any moment.
I've tried the following solution to count the instances but the result is always the number of running instances plus one and I can't find the problem
ps -ef | grep $0 | sed '/^$/ d' | sed '/grep/ d' | wc -l
Please... (2 Replies)
Discussion started by: oti
2 Replies
2. UNIX for Advanced & Expert Users
I have the below code in a file called test.ksh and it is scheduled using cron forevery 5 min. when i see the cron out file for every 5 min it showing the no of process running are 2. same thing when i implement in another script which contains other code along with the below code , it showing as... (1 Reply)
Discussion started by: kamesh83
1 Replies
3. Shell Programming and Scripting
Hello,
I'm trying to write a script that checks for previous instances of the same script which may still be running (this script is scheduled to run every 30 minutes). I want to somehow use the pid from each instance to make sure the previous one isn't running before continuing with my... (5 Replies)
Discussion started by: bd_joy
5 Replies
4. Shell Programming and Scripting
Hi,
Please let us know how to create a multiple instances of a job in the shell script.
Thanks.
Gangegowda K.G (1 Reply)
Discussion started by: Gangegowda
1 Replies
5. Shell Programming and Scripting
Can I get the STATE(instance are RUNNING or not and HEALTH is OK or not) of the weblogic instances(Admin and Managed) running on my unix machine via shell script.
Someone told me that it can be done via "weblogic.Admin GETSTATE"....but it is not working for me(might be I am doing something wrong)... (2 Replies)
Discussion started by: joshilalit2004
2 Replies
6. Shell Programming and Scripting
Hello,
My goal is to run the same Shell script in a parallel mode. This script will get triggered from different machines and different application teams by some job scheduling tool.
They may trigger the process at the same time. so I want to have them in QUEUE ..and release them for execution on... (3 Replies)
Discussion started by: chetan_sonar
3 Replies
7. UNIX for Advanced & Expert Users
just wanted to ask if anybody have script template for the subject above so I can make ti as my guide? example
a. server 1.1.1.1: restart script located at /etc/init.d/glassfish.sh
b. server 2.2.2.2: central script that support admin will use to execute to restart the /etc/init.d/glassfish.sh... (0 Replies)
Discussion started by: lhareigh890
0 Replies
8. Shell Programming and Scripting
How we can run the multiple instances of the script? I need to run the script which I am calling from the below function.I can doit with cron but I don't want to put it in the cron.This cript dploy the build and here I want when the build stage then it should run with multilpe instances of... (6 Replies)
Discussion started by: anuragpgtgerman
6 Replies
9. Solaris
Hi everyone,
I have a Solaris machine:
SunOS 5.10 Generic_127127-11 sun4v sparc SUNW,SPARC-Enterprise-T5220
After reboot, I can't ssh to this machine. Error message:
ssh: connect to host xxxx port 22: Connection refused
It seems ssh daemon is not running, but I don't have... (5 Replies)
Discussion started by: Zaiwen Gong
5 Replies
10. Shell Programming and Scripting
Hello,
I know this is not a simple question so I just need to know where to start for below project:
I am running under Ubuntu 18.04
What I'd like to see in apache page is to display status of particular process pids.
ps aux | grep keywords.txt
keywords.txt
word1
word2
word3
word4... (9 Replies)
Discussion started by: baris35
9 Replies
LEARN ABOUT CENTOS
pmdasendmail
PMDASENDMAIL(1) General Commands Manual PMDASENDMAIL(1)
NAME
pmdasendmail - sendmail performance metrics domain agent (PMDA)
SYNOPSIS
$PCP_PMDAS_DIR/sendmail/pmdasendmail [-d domain] [-l logfile] [-U username]
DESCRIPTION
pmdasendmail is a sendmail Performance Metrics Domain Agent (PMDA) which exports mail traffic statistics as collected by sendmail(1).
Before the sendmail PMDA can export any metrics, sendmail(1) must have statistics collection enabled. This involves checking the name of
the statistics file, as given by the OS or O StatusFile control lines in /etc/sendmail.cf, and then creating this file if it does not
already exist. Removing the file will terminate statistics collection by sendmail(1) and hence the sendmail PMDA.
A brief description of the pmdasendmail command line options follows:
-d It is absolutely crucial that the performance metrics domain number specified here is unique and consistent. That is, domain should
be different for every PMDA on the one host, and the same domain number should be used for the same PMDA on all hosts.
-l Location of the log file. By default, a log file named sendmail.log is written in the current directory of pmcd(1) when pmdasendmail
is started, i.e. $PCP_LOG_DIR/pmcd. If the log file cannot be created or is not writable, output is written to the standard error
instead.
-U User account under which to run the agent. The default is the unprivileged "pcp" account in current versions of PCP, but in older
versions the superuser account ("root") was used by default.
There are no communication options, as the Install script ensures the sendmail PMDA will be connected to PMCD by a pipe.
INSTALLATION
If you want access to the names, help text and values for the sendmail performance metrics, do the following as root:
# cd $PCP_PMDAS_DIR/sendmail
# ./Install
If you want to undo the installation, do the following as root:
# cd $PCP_PMDAS_DIR/sendmail
# ./Remove
pmdasendmail is launched by pmcd(1) and should never be executed directly. The Install and Remove scripts notify pmcd(1) when the agent is
installed or removed.
FILES
$PCP_PMCDCONF_PATH
command line options used to launch pmdasendmail
$PCP_PMDAS_DIR/sendmail/help
default help text file for the sendmail metrics
$PCP_PMDAS_DIR/sendmail/Install
installation script for the pmdasendmail agent
$PCP_PMDAS_DIR/sendmail/Remove
undo installation script for the pmdasendmail agent
$PCP_LOG_DIR/pmcd/sendmail.log
default log file for error messages and other information from pmdasendmail
/etc/sendmail.cf
sendmail configuration file to identify the name of the statistics file
PCP ENVIRONMENT
Environment variables with the prefix PCP_ are used to parameterize the file and directory names used by PCP. On each installation, the
file /etc/pcp.conf contains the local values for these variables. The $PCP_CONF variable may be used to specify an alternative configura-
tion file, as described in pcp.conf(5).
SEE ALSO
pmcd(1) and sendmail(1).
Performance Co-Pilot PCP PMDASENDMAIL(1)