How to inherit param value from container to component
Hi team,
i want to generate a container that contains user components. With different environment configuratio i want to install a different number of users. The user is a component with special component type SolarisUserCT (tools plugin)...
In this CT you must define the passowrd as a parameter to install the user...
How do i define this paramter in the container, that contains more than one user, and after that give it to the componet (type) of the user?
Thanks for advice
(for Peter: hope you feeling good again and greetings from Michael T: !)
Here is the code :
<extends>
<type name='system#container'></type>
</extends>
<varList>
<var name='installPath' default=':[target:sys.raTmpDir]'></var>
<var name='osversion' default=':[target:sys.OSVersion]'></var>
<var name='hostName' default=':[target:sys.hostName]'></var>
</varList>
<componentRefList>
<componentRef name='apache'>
<component name='apache' path='/vodafone/tools/scripts/postinstall/components/user' version='1.0'></component>
</componentRef>
<componentRef name='apacheas'>
<component name='apacheas' path='/vodafone/tools/scripts/postinstall/components/user' version='1.1'></component>
</componentRef>
<componentRef name='cvs'>
<component name='cvs' path='/vodafone/tools/scripts/postinstall/components/user' version='1.1'></component>
</componentRef>
<componentRef name='jboss'>
<component name='jboss' path='/vodafone/tools/scripts/postinstall/components/user' version='1.0'></component>
</componentRef>
<componentRef name='mpower'>
<component name='mpower' path='/vodafone/tools/scripts/postinstall/components/user' version='1.0'></component>
</componentRef>
<componentRef name='mysql'>
<component name='mysql' path='/vodafone/tools/scripts/postinstall/components/user' version='1.0'></component>
</componentRef>
<componentRef name='oracle'>
<component name='oracle' path='/vodafone/tools/scripts/postinstall/components/user' version='1.0'></component>
</componentRef>
<componentRef name='squid'>
<component name='squid' path='/vodafone/tools/scripts/postinstall/components/user' version='1.1'></component>
</componentRef>
<componentRef name='sshman'>
<component name='sshman' path='/vodafone/tools/scripts/postinstall/components/user' version='1.0'></component>
</componentRef>
</componentRefList>
<installList>
<installSteps returns='false' name='default'>
<paramList>
<param name='portal' default='yes' prompt='Is this system a PORTAL host (yes or no)'></param>
<param name='aging' default='yes' prompt='Do you want to deactivate password aging for all portal application users (yes or no) ?'></param>
</paramList>
<if>
<condition>
<equals value2='' value1=':[portal]'></equals>
</condition>
<then>
<raise message='One or more manadatory arguments were NULL.'></raise>
</then>
</if>
<if>
<condition>
<equals value2='no' value1=':[portal]'></equals>
</condition>
<then>
<if>
<condition>
<or>
<equals value2='5.8' value1=':[osversion]'></equals>
<equals value2='5.9' value1=':[osversion]'></equals>
<equals value2='5.10' value1=':[osversion]'></equals>
</or>
</condition>
<then>
<try>
<block>
<execNative userToRunAs='root'>
<inputText><![CDATA[
echo "No additional user are deployed..."
]]></inputText>
<exec cmd='/bin/bash'>
<arg value='-x'></arg>
</exec>
</execNative>
</block>
<catch>
<raise message='Failed to create user for non Portal system ...'></raise>
</catch>
</try>
</then>
</if>
</then>
</if>
<if>
<condition>
<equals value2='yes' value1=':[portal]'></equals>
</condition>
<then>
<if>
<condition>
<equals value2='5.9' value1=':[osversion]'></equals>
</condition>
<then>
<if>
<condition>
<matches value=':[hostName]' pattern='*be*'></matches>
</condition>
<then>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='apache'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='apacheas'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='jboss'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='mpower'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='mysql'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='cvs'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='oracle'></nestedRef>
</install>
<call blockName='disable_aging'>
<thisComponent></thisComponent>
</call>
</then>
</if>
<if>
<condition>
<matches value=':[hostName]' pattern='*fe*'></matches>
</condition>
<then>
<install blockName='default'>
<nestedRef name='apache'></nestedRef>
</install>
<install blockName='default'>
<nestedRef name='squid'></nestedRef>
</install>
<install blockName='default'>
<nestedRef name='sshman'></nestedRef>
</install>
<install blockName='default'>
<nestedRef name='apacheas'></nestedRef>
</install>
<call blockName='disable_aging'>
<thisComponent></thisComponent>
</call>
</then>
</if>
</then>
</if>
</then>
</if>
<if>
<condition>
<equals value2='5.10' value1=':[osversion]'></equals>
</condition>
<then>
<if>
<condition>
<matches value=':[hostName]' pattern='*be*'></matches>
</condition>
<then>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='jboss'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='mpower'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='mysql'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='oracle'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='apache'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='apacheas'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='cvs'></nestedRef>
</install>
<call blockName='disable_aging'>
<thisComponent></thisComponent>
</call>
</then>
</if>
<if>
<condition>
<matches value=':[hostName]' pattern='*fe*'></matches>
</condition>
<then>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='apache'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='squid'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='sshman'></nestedRef>
</install>
<install blockName='default'>
<argList name='passwd' default='sun123'></argList>
<nestedRef name='apacheas'></nestedRef>
</install>
<call blockName='disable_aging'>
<thisComponent></thisComponent>
</call>
</then>
</if>
</then>
</if>
</installSteps>
</installList>
<controlList>
<control returns='false' name='disable_aging' access='PRIVATE'>
<paramList>
<param name='aging' default='yes' prompt='Do you want to deactivate password aging for all portal application users (yes or no) ? '></param>
</paramList>
<execNative userToRunAs='root'>
<outputFile name=':[installPath]/user_aging.log'></outputFile>
<errorFile name=':[installPath]/user_aging.err'></errorFile>
<inputText><![CDATA[
# Deactivate password aging for gsp users
if [ ":[aging]" = "yes" ]
then
echo "Deactivating password aging for application users ..."
for user in apache apacheas squid oracle cvs sshman mysql mpower jboss
do
grep $user /etc/passwd > /dev/null 2&1
if [ $? -eq 0 ]
then
/usr/bin/passwd -x -1 $user
fi
done
else
echo "Password aging ist ACTIVE !"
fi
]]></inputText>
<exec cmd='sh'></exec>
</execNative>
</control>
</controlList>
</component>
[11865 byte] By [
ChRa] at [2007-11-26 12:42:35]
# 1
Sorry to be dense, but what exactly do you mean by, "contains user components"? Can you pull out the XML that does what you're describing?
Also, not sure if this is helpful, but, for your "default" install block, if you add displayMode="BOOLEAN" default="true" to your parameters, you can simplify your install block a little bit. You would not have to check for null values in the parameters and you would be sure that the values were constrained to either 'true' or 'false'.
# 2
Here is the code for the Solaris User CT that is used to build users ...
<?xml version="1.0" encoding="UTF-8"?>
<!-- generated by N1 SPS -->
<component platform="system#Solaris - any version" xmlns="http://www.sun.com/schema/SPS"
name="SolarisUserCT" version="5.2" description="Backing component for SolarisUser component
type" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" softwareVendor="Sun Microsystems"
path="/com/sun/tools/types" xsi:schemaLocation="http://www.sun.com/schema/SPS component.xsd"
installPath=":[installPath]">
<varList>
<var name="user" default="" prompt="Username to create"/>
<var name="group" default="" prompt="Primary group of :[user]"/>
<var name="otherGroups" default="" prompt="Secondary groups (comma separated list)"/>
<var name="uid" default="" prompt="UID number"/>
<var name="home" prompt="Home directory" default="/export/home/:[user]"/>
<var name="comment" default="" prompt="Comment"/>
<var name="shell" prompt="Shell" default="/bin/bash"/>
<var name="authorizations" default="" prompt="Authorization(s) (comma separated list)"/>
<var name="profiles" default="" prompt="Profile(s) (comma separated list)"/>
<var name="roles" default="" prompt="Role(s) (comma separated list)"/>
<var name="project" default="" prompt="Name of project user is associated with"/>
<var name="createDir" default="true" prompt="Create home directory (true/false)"/>
<var name="skeleton" default="" prompt="Skeleton dir (only valid if createHome is true)"/>
<var access="PRIVATE" modifier="FINAL" name="installName" default="User-:[user]"/>
<var access="PRIVATE" modifier="FINAL" name="installPath"
default=":[target(/):sys.raDataDir]:[/]com.sun.tools:[/]users:[/]:[installName] "
prompt="Path where component will be installed"/>
</varList>
<installList>
<installSteps name="default">
<paramList>
<param name="passwd" prompt="Password to assign to user" displayMode="PASSWORD"/>
</paramList>
<if>
<condition>
<or>
<equals value2="" value1=":[user]"/>
<equals value2="" value1=":[uid]"/>
<equals value2="" value1=":[group]"/>
<equals value2="" value1=":[home]"/>
<equals value2="" value1=":[shell]"/>
</or>
</condition>
<then>
<raise message=":[installName]: One or more manadatory arguments were NULL."/>
</then>
</if>
<if>
<condition>
<or>
<equals value1=":[user]" value2="root"/>
<equals value1=":[uid]" value2="0"/>
</or>
</condition>
<then>
<raise message="Operations on root user are forbidden!"/>
</then>
</if>
<if>
<condition>
<or>
<equals value1=":[home]" value2="/"/>
<equals value1=":[home]" value2="/usr"/>
<equals value1=":[home]" value2="/opt"/>
<equals value1=":[home]" value2="/etc"/>
<equals value1=":[home]" value2="/var"/>
</or>
</condition>
<then>
<raise message="Dangerous home directory specification!"/>
</then>
</if>
<try>
<block>
<execNative userToRunAs="root">
<inputText><![CDATA[
cmdStr="/usr/sbin/useradd -u :[uid] -g :[group] -s :[shell] -d :[home]"
if [[ ":[otherGroups]" != "" ]] ; then
cmdStr="$cmdstr -G ':[otherGroups]'"
fi
if [[ ":[createDir]" == "true" ]] ; then
cmdStr="$cmdStr -m"
if [[ ":[skeleton]" != "" ]] ; then
cmdStr="$cmdStr -k :[skeleton]"
fi
fi
if [[ ":[authorizations]" != "" ]] ; then
cmdStr="$cmdStr -A :[authorizations]"
fi
if [[ ":[profiles]" != "" ]] ; then
cmdStr="$cmdStr -P :[profiles]"
fi
if [[ ":[roles]" != "" ]] ; then
cmdStr="$cmdStr -R :[roles]"
fi
if [[ ":[project]" != "" ]] ; then
cmdStr="$cmdStr -p :[project]"
fi
#
#The comment section breaks the command line. Something is going on here with
#quoting when it comes to execute time. I have echoed the cmdStr and cut/pasted
#it to a shell prompt and the command works, but not from here or within a shell script
#
if [[ ":[comment]" != "" ]] ; then
cmdStr="$cmdStr -c ':[comment]'"
fi
cmdStr="$cmdStr :[user]"
/usr/bin/mkdir -p `dirname :[home]`
$cmdStr
RC=$?
if [[ "$RC" != "0" && "$RC" != "9" ]] ; then
echo "User :[user] could not be created. Check STDERR, correct the problem, and try again."
exit $RC
fi
echo "User :[user] added to /etc/passwd."
exit 0
]]></inputText>
<exec cmd="/bin/bash">
<arg value="-x"/>
</exec>
<successCriteria status="0"/>
</execNative>
</block>
<catch>
<raise message="Failed to create user :[user]."/>
</catch>
</try>
<try>
<block>
<call blockName="changePassword">
<argList newPasswd=":[passwd]"/>
<thisComponent></thisComponent>
</call>
</block>
<catch>
<raise message="Failed to set password for user :[user]"/>
</catch>
</try>
</installSteps>
<installSteps name="markOnly"></installSteps>
</installList>
<uninstallList>
<uninstallSteps name="default">
<paramList>
<param name="removeDir" default="false" displayMode="BOOLEAN" prompt="Destroy home directory"/>
</paramList>
<if>
<condition>
<or>
<equals value1=":[user]" value2="root"/>
<equals value1=":[uid]" value2="0"/>
</or>
</condition>
<then>
<raise message="Operations on root user are forbidden!"/>
</then>
</if>
<if>
<condition>
<or>
<equals value1=":[home]" value2="/"/>
<equals value1=":[home]" value2="/usr"/>
<equals value1=":[home]" value2="/opt"/>
<equals value1=":[home]" value2="/etc"/>
<equals value1=":[home]" value2="/var"/>
</or>
</condition>
<then>
<raise message="Dangerous home directory specification!"/>
</then>
</if>
<execNative userToRunAs="root">
<inputText><![CDATA[
if [[ ":[removeDir]" == "true" ]] ; then
/usr/bin/rm -rf :[home]
fi
/usr/sbin/userdel :[user]
RC=$?
if [[ "$RC" != "0" && "$RC" != "6" ]] ; then
echo "User :[user] could not be deleted. Check STDERR, correct the problem, and try again."
exit $RC
fi
echo "User :[user] deleted from /etc/passwd."
exit 0
]]></inputText>
<exec cmd="/bin/bash">
<arg value="-x"/>
</exec>
<successCriteria status="0"/>
</execNative>
</uninstallSteps>
<uninstallSteps name="markOnly"></uninstallSteps>
</uninstallList>
<controlList>
<control name="changePassword">
<paramList>
<param name="newPasswd" default="" displayMode="PASSWORD" prompt="New password"/>
</paramList>
<if>
<condition>
<or>
<equals value1=":[user]" value2="root"/>
<equals value1=":[uid]" value2="0"/>
</or>
</condition>
<then>
<raise message="Operations on root user are forbidden!"/>
</then>
</if>
<if>
<condition>
<or>
<equals value1=":[home]" value2="/"/>
<equals value1=":[home]" value2="/usr"/>
<equals value1=":[home]" value2="/opt"/>
<equals value1=":[home]" value2="/etc"/>
<equals value1=":[home]" value2="/var"/>
</or>
</condition>
<then>
<raise message="Dangerous home directory specification!"/>
</then>
</if>
<execNative userToRunAs="root">
<inputText>
<![CDATA[
set user [lindex $argv 0]
set newPasswd [lindex $argv 1]
set timeout -1
spawn /usr/bin/passwd $user
match_max 100000
expect {
"New Password: "
{
send -- "$newPasswd\r"
expect -exact "assword: "
send -- "$newPasswd\r"
expect eof
}
timeout
{
exit 7
}
eof
{
exit 0
}
}
]]>
</inputText>
<exec cmd="/opt/sfw/bin/expect">
<arg value="-d"/>
<arg value="-"/>
<arg value=":[user]"/>
<arg value=":[newPasswd]"/>
</exec>
<successCriteria status="0"/>
</execNative>
</control>
</controlList>
</component>
ChRa at 2007-7-7 16:17:22 >
# 3
OK, I /think/ I understand what you want to do.
It looks like, to create a user, you want to install SolarisUserCT. So, to create a single user, you'd need a plan something like this:
<?xml version="1.0" encoding="UTF-8"?>
<executionPlan xmlns="http://www.sun.com/schema/SPS"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
version="5.2" ><!-- or whatever's appropriate for you -->
xsi:schemaLocation="http://www.sun.com/schema/SPS ../plan.xsd"
path="/your/path/goes/here" name="createUserSubplan" description="creates a user">
<paramList>
<param name="password" prompt="user password" displayMode="PASSWORD"/>
</paramList>
<simpleSteps>
<install blockName="default">
<argList name=":[password]"/>
<component path="/path/to/SolarisUserCT" name="SolarisUserCT"/>
</install>
</simpleSteps>
</executionPlan>
This component seems to require the use of a CompVarSet instead of more parameters for the user name, group, etc. This makes running it a little more complicated, to be sure. It would be much easier if these other values were defined by install block parameters, but that may not be under your control.
With version 5.2.4, you can specify component variable values from the calling plan, but you may not be able to use that version when it comes out, so I'll assume you need a 5.2 solution.
To be able to execute the above plan a variable number of times, I think the easiest approach is to use a plan that calls the CLI. You would need to install the CLI on a host that can reach the MS host (can be the MS host iteslf). Create a virtual host to represent the CLI (a vritual host to avoid deadlocking). Naturally, the CLI host will need an RA installed on it (you can use an existing RA as long as you create a new virtual host).
To create a single user, then, I would create a new plan that takes as parameters all the values you want to set on the user. For simplicity, I'll just use the username and password here:
<?xml version="1.0" encoding="UTF-8"?>
<executionPlan xmlns="http://www.sun.com/schema/SPS"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
version="5.2" ><!-- or whatever's appropriate for you -->
xsi:schemaLocation="http://www.sun.com/schema/SPS ../plan.xsd"
path="/your/path/goes/here" name="createUser" description="creates a user">
<paramList>
<param name="username" prompt="username"/>
<param name="group" prompt="group"/>
<param name="password" prompt="user password" displayMode="PASSWORD"/>
</paramList>
<simpleSteps>
<!-- first, create a varset to use when calling the solaris component -->
<execNative>
<exec cmd="/path/to/cr_cli.sh>
<arg value="-cmd"/>
<arg value="cdb.vs.add"/>
<arg value="-comp"/>
<arg value="NM:SolarisUserCT"/>
<arg value="-name"/>
<arg value="some-unique-name-here-for-the-vs"/>
<arg value="-vars"/>
<arg value="user=:[username];group=:[group]"/>
<arg value="-u"/>
<arg value="admin"/> <!-- this is your cli username, can add another param for it -->
<arg value="-p"/>
<arg value="admin"/> <!-- this is your cli password, can add another param for it -->
</exec>
</execNative>
<!-- next, execute the plan above through the CLI using the VS we just created -->
<try>
<block>
<execNative>
<shell="/bin/sh -c">
<![CDATA[echo ":[password]" | path/to/cr_cli.sh -cmd pe.p.run -PID NM:/your/path/goes/here/createUserSubplan -tar clui-virtual-host -pto 30 -nto 10 -comp - -vs your-vs-name-here -u admin -p admin]]
></shell>
</execNative>
</block>
<finally>
<!-- clean up the vs -->
<execNative>
<exec cmd="/path/to/cr_cli.sh>
<arg value="-cmd"/>
<arg value="cdb.vs.del"/>
<arg value="-vs"/>
<arg value="NM:SolarisUserCT:ths-vs-name-you-used-above"/>
<arg value="-u"/>
<arg value="admin"/> <!-- this is your cli username -->
<arg value="-p"/>
<arg value="admin"/> <!-- this is your cli password -->
</exec>
</execNative>
</finally>
</try>
</simpleSteps>
</executionPlan>
Now, I haven't tested the above, so there way be a little bit of polishing that's required, but it should give you the idea. Lastly, you can modify the CLUI command to execute multiple plans (inside the try block) based on your environment variables. You can also pass in multiple passwords in the parameter and split them up with an execNative command however you like. It's coimplex, I agree, but, hopefully you can use this as a place to start.
