README for OSTools 1.14 ======================= Copyright 2012-2015 Teleflora $Revision: 1.69.2.33 $ OSTools 1.14.0 -------------- The contents of ostools 1.14.0 are the changes to CVS head since the branch for OSTools 1.13 was generated. Each change is documented by a tracker which appear below in reverse chronological order. ########## 197118 The "tfmkpserver.pl --convert" looks for the cron files in the wrong place. ########## 197303 The "Network -> Host Connectivity Test" uses URLs and protocols that are obsolete. ########## 197303 Convert Red Hat subscription management in ostools.1.14 script updateos.pl to the new method. ------ ########## 194257 ------ Make all email messages from tfrsync.pl contain consistently formatted information. ########## 193811 ------ Add command line option "--keep-ip-addr" to "tfmkpserver.pl" to preserve backup server ip addr when converting to production server. ########## 193877 ------ Enhance "updateos.pl --baremetal" to set the default password hash to sha512. ########## 193698 ------ When doing an upgrade via "rtibackup.pl --upgrade", don't generate new ".bash_profile" files for users. ########## 193517 ------ The subject line of email for the summary report should conform to format specified by email from Shannon Jackson: > The tfrsync.pl email summary report notification subject line format should be: > . SUCCESS Cloud Backup (rticloud.homelinux.com or IP Address) hostname > . SUCCESS Server.to.Server Backup (192.168.1.22) hostname > . SUCCESS Local Backup (Passport) hostname > . SUCCESS Local Backup (/dev/sdb) hostname > . ERROR Cloud Backup (rticloud.homelinux.com or IP Address) hostname > . ERROR Server.to.Server Backup (192.168.1.22) hostname > . ERROR Local Backup (Passport) hostname > . ERROR Local Backup (/dev/sdb) hostname ########## 193509 ------ On T300 systems, the "updateos.pl --ospatches" command should automatically add "--keepkernels=1". ########## 192374 ------ The command to register RHEL5/6 systems with Red Hat Portal needs to be updated with new options. ########## 191926 ------ The "rtibackup.pl --upgrade" command does not restore the "smb.conf" file correctly. ########## 191499 ------ Restoring files via "rtibackup.pl" results in ifcfg.eth0 becoming corrupted. ########## 190733 ------ In the tfrsync.pl script, add the rsync exit status of "12" to be one that causes a backup retry like exit status 30 and 255. NOTE, as part of the change for 190733, the change for 189997 was also incorported. 189997 ------ For server to server backup, tfrsync.pl should not copy /var/log from primary server to /var/log on backup server. ########## 190622 ------ When backing up to an image file with rtibackup.pl, an error msg is output stating the backup device is not a block device. ########## 190403 ------ The "harden_linux.pl --sudo" command was using "sudo" to run "visudo" to check syntax which is unnecessary since the "harden_linux.pl" command must be run as root or under "sudo". ########## 190402 ------ Per Shannon Jackson: The "updateos.pl --daisy8" command should add the default password for the Daisy "tfsupport" account without prompting the user. The issue with this change is that the default password for the "tfsupport" account now resides in clear text on the system and currently, the "tfsupport" account's password is not rotated on Daisy systems like it is on RTI systems. However, this change is required to make the large number of RHEL5 to RHEL6 upgrades possible in the time available. ########## 189922 ------ Add new Kaseya agent RHEL5/6 system service name to system service white list in harden_linux.pl. ########## 189394 ------ Per JJ, in scripts tfconfed.pl and harden_linux.pl, add opening up TCP port 8888 to iptables host firewall. ########## 188858 ------ The rtibackup.pl script must put RETURN/LINEFEED line endings for output sent to the printer. The used to be done for ostools 1.13 but was changed for 1.14 since it was understood that there would be no more "raw" printers as part of a Daisy configuration, ie printers would be able to print Linux text files. Guess that's not true. ########## 188798 ------ Per email from JJ, open additional inbound IP ports via iptables code in harden_linux.pl. Here is the list of ports from JJ that need to be opened in addition to the ports it it already opening: Ports 2000 thru 2009 And 2100, 2103, 2552 ########## 188793 ------ When installing the "rtibackup.pl" script, it should not comment out the "lone-tar" entry from the root crontab file ########## 188438 ------ Add support for LUKS devices to tfrsync.pl. ########## 188317 ------ The ostools install script should put a symlink for tfrsync.pl in the Daisy bin directory like it does for RTI. ########## 188315 ------ The tfrsync.pl did not report the rsync transfer stats correctly when the rsync command exit status was "24" (vanished files). ########## 188254 ------ The dsyuser.pl should add the alias "l=ls -l" to the generated .bash_profile file. ########## 188252 ------ The rtiuser.pl script uses the /etc/profile.d/pro5.sh file which is now obsolute and should be removed. ########## 187922 ------ The tfrsync.pl script should observe the "--retry-reps" and "--retry-wait" values when attempting to establish SSH tunnel. ########## 187918 ------ The tfrsync.pl script should not accept a non-standard cloud account name without verification from the user. ########## 187743 ------ In the tfrsync.pl script, when doing a "restore upgrade", for all restore types, remove excluded files from list of files to be restored. ########## 187697 ------ If the tfrsync.pl script gets an exit status of 24 from rsync during a backup, the transfer stats reported are incorrect. ########## 187696 ------ When restoring files with tfrsync.pl, if there are no user files specified, don't attempt to restore and don't report an error ########## 187684 ------ When doing a "tfrsync.pl --cloud --restore-upgrade" and restoring from RHEL5 to RHEL6, don't restore "/etc/rsyslog.conf" since that file does not exist on RHEL5 systems. ########## 187601 ------ The tfrsync.pl must set the owner and group of the home directory of any users added by "restore upgrade". ########## 185732 ------ The tfsupport.pl "Backup Menu -> Backup History" menu item should report "FAILED" if rtibackup.pl verify operation failed or did not run. ########## 187506 ------ The ostools install script sets the owner:group of the modules to unknown values when installling on new machine. The install script tries to change the owner:group of the Perl modules to "tfsupport" and either "rti" or "daisy" but on a new machines, at the time that ostools needs to be installed, those accounts and groups don't exist. ########## 187507 ------ When tfrsync.pl backs up some files in "userconfigs" on RHEL6 systems, they must be set to readable before backing up, eg /etc/shadow. Then, after backing up, they must be reset to unreadable. ########## 187388 ------ The tfrsync.pl script should consider rsync exit status of 255 as SSH connection error and retry (same as rsync I/O error) ########## 187371 ------ The updateos.pl script should not make new Samba users until after modifying the Samba config file. ########## 187362 ------ The harden_linux.pl script calls the tfsupport.pl script to get ostools pkg version number . it should call tfinfo.pl because harden_linux.pl calls tfsupport.pl as root and tfsupport.pl has a check to prevent it being run by root. It's better to call tfinfo.pl since that is what it is for and it can be run by root. ########## 187323 ------ The tfrsync.pl script should retry the open ssh tunnel operation 3 times before returning an error. ########## 187228 ------ The tfrsync.pl script should not combine the "cloud" or "server" or "device" log files into a combined log file - keep them separate. ########## 187272 ------ When backing up "userconfigs" via tfrsync.pl, don't log error if file from "userconfigs" set does not exist, eg "/etc/passwd-" ########## 185472 ------ The tfrsync.pl script should be able to restore a backup from an RHEL5 platform to a RHEL6 platform. This will include migrating users, some system files, and Samba as is done in rtibackup.pl with the "--upgrade" command line option. ########## 187193 ------ The tfrsync.pl should ignore "/etc/rc.d/init.d/daisy" if it is not present when doing a backup. ########## 187184 ------ The "--restore=type" option should write list of files restored to the log file as well as STDOUT ########## 187067 ------ Enhance tfrsync.pl to send the summary email msg to any configured printers. With this change, by not specifying "--send-summary" but by configuring a list of printers with "--printer=list", it is now possible to get the backup summary report exclusively output to a printer and have no email sent. ########## 186971 ------ The tfrsync.pl total bytes sent is sometimes incorrect. There have been two instances out of 12 where upon the initial backup, the reported total bytes sent is incorrect . it's too low by a large factor. ########## 186941 ------ When generating "perm files" for a list of backup types in tfrsync.pl, don't stop processing list elements even if "getfacl" reports an error on any particular list element. ########## 186940 ------ When doing a "cloud" backup via tfrsync.pl, exclude "/usr2/bbx/delvconf" directory. ########## 186811 ------ The tfrsync.pl script should allow the "--network.device=s" command line option to be specified in the config file. ########## 186778 ------ When using the "--backup" option to tfrsync.pl, the summary log file should be copied to the destination server even if backups failed. ########## 186768 ------ In the tfrsync.pl script, after a successful close of the ssh tunnel, sometimes the ssh tunnel socket still exists unexpectedly so the script exits with an error but the data was backed up successfully. ########## 186672 ------ The tfrsync.pl rsync stats file should be in a temporary location rather than the POS log dir otherwise rsync sometimes tries to copy it to the backup server or the cloud server and sometimes gets a transient file error. The rsync stats file is really just a temp file and should be handled as such. ########## 186671 ------ Cleanup pass over the tfrsync.pl code. 1) additional documentation for the POD DESCRIPTION section. 2) cleanup of code to address perlcritic policy InputOput::RequireBriefOpen. The default value is 9 lines of code between "open" and "close", a very small value. The current value used in the ostools project ".perlcriticrc" file in order to pass perlcritic level 4 is 30. Over time, the goal will be to make the project value smaller. 3) cleanup of code to address perlcritic policy InputOutput::RequireBracedFileHandleWithPrint. 4) remove support for the Iomega Rev drive. ########## 186328 ------ In tfrsync.pl, if the exit status of the rsync command is 23, report the error but do not abort the backup operation. When rsync exits with a status of 23, according to the man page, it means there was a partial transfer due to errors. ########## 185668 ------ The tfrsync.pl script should report the transfer byte totals in the summary email message. Tracker 186444 documents the modifications to "tfrsync.pl". When using tfrsync.pl to do "--backup=all" to the cloud server and an rsync timeout error occurs, the ssh socket gets removed unexpectedly. ########## 185470 ------ The tfrsync.pl should rsync the summary log file to the cloud server after backup is complete. The strategy in a previous commit did a resync of the entire POS log dir in order to tranfer the summary log file to the backup device. It was decided that only the summary log file should be transferred rather than the entire log directory. ########## 186288 ------ The summary report generated by tfrsync.pl should be uniform for all backup types, ie cloud, server, or device. If a particular field in the summary report record is "not applicable" to the backup type being performed, the field should have the value of "NA". ########## 186166 ------ In the tfrsync.pl script, the max number of seconds for "--retry-wait" should be changed from 600 to 3600 seconds. ########## 185470 ------ The tfrsync.pl should rsync the summary log file to the cloud server after backup is complete. ########## 185938 ------ When backing up via tfrsync.pl, provide a method to retry the entire command if the script is to end because rsync reported an io error, ie exit status = 30. The method should be a command line option to specify repeating the entire backup command in the event of an rsync io error. Also provide command line options to specify how many times to repeat the command, and how many seconds to wait between repeating the command. ########## 185469 ------ The tfrsync.pl script must be able to determine the platform type of the backup data. This info will be used when doing restores from cloud backups to staged servers. ########## 185669 ------ In the tfrsync.pl script, the default value for the rsync timeout out, "--rsync.timeout", should be changed from 1 min to 10 mins. Testing at customer sites has proven that 1 min is often not enough and 10 mins results in much better results. ########## 185708 ------ The rtibackup.pl script uses a "here doc" which the pod2html script parses incorrectly. The pod2html script is used to produce the ostools doc for the web and there is a "here doc" in rtibackup.pl that even though it is correct Perl syntax, causes pod2html to parse it incorrectly and the resulting HTML includes rtibackup.pl source code when it should not. ########## 185701 ------ In the dsyuser.pl script, the version number displayed via perldoc does not match that of "--version". This is confusing and has the unfortunately side effect that the version shown when viewing the web docs at http://rtihardware.homelinux.com/ostools/ostools.html is also wrong. ########## 185479 ------ The tfrsync.pl error notification sent when there is a failure to acquire the process lock is missing information. The message has place holders for the PID and start time of the process holding the process lock instead of the actual information. ########## 185474 ------ The tfrsync.pl script overwrites the backup class log file, ie the cloud, or server, or device log file, if a second instance of tfrsync.pl starts before the first one ends. The script only has the number of the month day in the name of the log file - it should add the script start time to the name of the log file as well to keep from these name clashes. ########## 185442 ------ The tfrsync.pl --info.cloud command line option does not report any info. The routine handling "--info.cloud" in only a stub and needs to be filled out. ########## 185355 ------ The tfrsync.pl script should report the exit status of rsync in the summary report if the exit status of rsync is non-zero. ########## 185285 ------ The "tfrsync.pl" script with the "--cloud --backup=all" was attempting to backup the cloister directory which does not exist. The cloister directory was only being made for "--server" when it should have been made for both "--server" and "--cloud". ########## 185217 ------ Further testing indicates mods to tfrsync.pl to add more files to backup and restore exeception lists. These additions will speed up backups and restores by excluding files which don't need to be backed up or restored. ########## 185155 ------ The "tfrsync.pl" restores "bbxd" and "bbxps" when doing a "--restore=all" and it should not. ########## 185130 ------ The "tfrsync.pl" script exits with syntax error when "rsync" returns with an exit status of 30 (i/o error). When this happens, the lock file and the ssh socket file are not cleaned up so "tfrsync.pl" is prevented from executing again until "tfrsync.pl --rsync.cleanup" is run. This syntax error is weird - it excapes detection by the Perl syntax checker, ie "perl -c tfrsync.pl" reports "ok". The syntax error is an errant string between a call to a function and an assignment statement in function sub tfr_backup_transaction(): elsif ($rc == 30) { logerror("..."); tfr_ $rc = $EXIT_RSYNC_ERROR; } This condition is true of the "rsync" command exits with a status value of 30. Note the string "tfr_" - this looks like a call to a function to Perl but there is not such function so the script exits with syntax error. But again, this is not caught by "perl -c"! ########## 185014 ------ The "tfrsync.pl" script does not accept a restore type of "pservercloister" for the command line option "--restore=" and it should. ########## 184992 ------ The "tfrsync.pl" calls "getfacl" with the "-p" option - that only works on RHEL6 not RHEL5. Instead of using "-p", use "--absolute.names" which works on both platforms. ########## 184702 ------ Add the "--dry-run" command line option to "dsyperms.pl" - don't change any files, just report what should be changed. ########## 183575 ------ The "tfsupport.pl" script allows being run under sudo which can lead to a user escaping to a root shell - which must not be allowed. ########## 183555 ------ The "tfrsync.pl" is not rotating the log file so it is growing without bound. The log file in question is the "combined" log file, "/usr2/bbx/log/tfrsync.Day_nn.log". ########## 183351 ------ When the "rtiuser.pl" script adds the "kiosk" user, it must specify "/usr2/bbx/kiosk/work" as the home directory. ########## 182813 ------ In scripts updateos.pl and harden_linux.pl, change email address going to "rtimail.homelinux.com" to " "managedservicesar@teleflora.com". ########## 182725 ------ When "updateos.pl --update" is run, it specifies "install-ostools-1.13.pl" instead of "install-ostools-1.14.pl". ########## 182696 ------ Refactor and simplify code for setting hostname and add test routines for testing hostname change. ########## 182599 ------ Update script "updateos.pl" to generate "smb.conf" with content consistent to current standard system config: 1) set password database backend to "smbpasswd" 2) set password file to "/etc/samba/smbpasswd" 3) set security to "user" 4) set server signing to "auto" ########## 182538 ------ Modify updateos.pl to verify that system is registered with Red Hat Network for option "--rtiv14". The code for "--rti14" should check to make sure the system is registered with RHN before proceeding with any steps and if not, log an error message and exit with a non-zero exit status. Also, for the "--rhnreg" command line option, check to see if the system is already registered - if it is, just log a message and exit with successful exit status. If not, try to register, and log results of both success and failure cases. ########## 182506 ------ The "dsyperms.pl" script in Daisy 9.2 did not set ower/group/perms for several files in "/d/daisy": 1) the files "dcom.alv", "dcom_mail", and "dcom_lock" were not handled 2) the symlink "/d/daisy/bin/pcl6" did not have the correct owner or group 3) the files "/d/daisy/*.orig" left from the installer were not set correctly 4) the files "hp5ctrl.*" were not set correctly ########## 182395 ------ Modify "dsyperms.pl" to support new Daisy 9.2 programs "activate" and "poll". This modified version of "dsyperms.pl" will also be added to the Daisy 9.2 ISO file since ostools 1.14 will not be distributed before Daisy 9.2. In file dsyperms.pl: 1) in sub assign_pabp_permissions(), add the names of the two new programs to the list "@dsy_bin_files". In the loop processing the files in "@dsy_bin_files", if the current file is "activate" or "poll", check for it's existence and if not present, do a "next" to next loop variable. This will prevent error messages on pre Daisy 9.2 systems that do not have these files. ########## 178348 ------ The IP address of the Paragould (non.IT) network has changes. Thus, in script "harden_linux.pl", the value of the IP address for Paragould that is put into generated "/etc/hosts.allow" must be updated. In script harden_linux.pl: 1) in function generate_hosts_allow(), update the value of the ip addr for the Paragould network that is put into the generated contents of the "/etc/hosts.allow" config file. ########## 177205 ------ For RHEL6 systems, the "updateos.pl" script should set the value of "Timeout" in the /etc/cups/cupsd.conf file to 300 rather than 0. In script updateos.pl: 1) added two new constants at the beginning of file, one for the timeout value for RHEL6 and the other for the timeout value for RHEL5. 2) in sub cups_edit_conf(), modified code to output the RHEL6 timeout value for RHEL6 systems and like wise RHEL5 or below. 3) updated the POD doc for the "--cupsconf" option. ########## 177051 ------ After running "updateos.pl --ospatches" on a Daisy RHEL6 system, if the "initscripts" package is updated, the Daisy virtual consoles no longer appear. The installation of "initscripts" writes 2 files to /etc/init that interfere with the operation of the Daisy screens on the system's virtual consoles. To fix manually, "sudo rm /etc/init/{start.ttys.conf,tty.conf}" and reboot. In script updateos.pl: 1) in sub update_ospatches(), when running the "yum" commands, there are 4 requirements: 1) detect errors in the yum commands 2) display the output of the yum commands to stdout 3) save the output of the 2 yum commands so they can be emailed 4) save the output of the 2 yum commands in the global log file The code in sub update_ospatches() was not fulfilling req 1. Rewrote the code to take care of all four which took some significant rework. Also in sub update_ospatches(), call new sub update_ospatches_initscripts_fixup() upon successful update of the system. 2) add new sub update_ospatches_initscripts_fixup() which repairs the config so the Daisy virtual consoles will appear. 3) add new exit condition to POD doc. 4) took this opportunity to get rid of CARRIAGE RETURN char from log messages. ########## 176750 ------ On some servers, immediately after using the rtibackup.pl script to format a WD Passport, the WD Passport will not be detected as a USB backup device. This is a result of the udevinfo command reporting stale status data about the drive. The WD Passport must be unplugged and plugged back in to force the udevinfo command to report fresh device data. Specifically, the filesystem label is not being reported and the filesystem label must be parsed to detect that the drive has been formatted for use as a USB backup device. In script rtibackup.pl: 1) added global constant ($TELEFLORA_FS_LABEL_PATTERN) to define format of Teleflora backup device filesystem label. 2) in sub backup_osconfigs(), simplified the list of files/directories that constitute an "osconfigs" backup. The new list is backwards compatible with previous versions of rtibackup.pl, but there is no longer a need for distinguishing between RTI and Daisy systems. This changes was agreed to in a meeting on 20130911. 3) refactor code to detect backup devices on a USB bus and for reading the filesystem label of the backup device. Added new functions is_on_usb_bus(), get_fs_label(), and is_teleflora_fs_label(). With these new functions, the fuction find_usb_device() is greatly simplified. ########## 176335 ------ Remove support for DVD, RD1000, and tape as backup devices from rtibackup.pl. The supported devices are now Western Digital Passport disks, Iomega Rev drives, and USB flash drives. In script rtibackup.pl: 1) remove code for DVD backup device: a) command line option "--dvd", "--dvddev" b) remove search for DVD when searching for backup device c) remove DVD device from code managing ejecting devices d) remove code backing up to DVD e) remove code restoring from DVD f) remove references to DVD in config file 2) remove code for RD1000 backup device a) remove search for RD1000 when searching for backup device b) remove code actually backing up to RD1000 3) remove code for tape backup device a) remove search for tape when searching for backup device b) remove code actually backing up to tape 4) remove code for "--ddbackup" - it was never used and was specific to only the Dell T3500. ########## 176345 ------ Add the new tfrsync.pl script to the ostools 1.14 bundle. Now the tfrsync.pl script will be installed along with the other ostools scripts but only on RTI systems. Note, in order to use tfrsync.pl on an RTI system, it will still need to be run with the "--install-primary" on the primary RTI server and "--install-secondary" on the backup RTI server before it can be used. In makefile: 1) added tfrsync.pl to set of scripts that are put into the ostools package 2) for an undetermined reason at this point, check syntax of scripts that use ostools modules separately and do not do a "perl -c" on them - the appropriate directory gets put into @INC yet perl reports that it can not find an *.pm files in that directory - using this as a work around. Doing a "perl -c tfrsync.pl" still works at the shell level. In script install-ostools.pl: 1) remove code that performed ostools 1.12 to 1.13 upgrades - there are no ostools 1.12 systems in the field anymore. 2) the tfrsync.pl script is now installed on all systems but only on RTI systems is a symlink made to tfrsync.pl in the standard RTI directory for programs and scripts (/usr2/bbx/bin). ########## 176235 ------ Teleflora no longer uses the "altiris package" and the altiris server is no longer in service. Thus, remove references to "altiris" from all ostools 1.14 scripts: harden_linux.pl, install.ostools.pl, rtibackup.pl, tfsupport.pl, and updateos.pl. ########## 175137 ------ Implement feature to convert harden_linux.pl config file "append /etc/sudoers" directives to new format. The new feature will be invoked with a new command line option "--convert-config". Config file "append /etc/suders here docs" and "append /etc/sudoers file" directives will be converted to "append /etc/suders directory" directives - this makes it easy to programmatically add new "/etc/sudoers" file entries while the old method only really supported manual editing. ########## 164091 ------ The original work for this tracker involved changes to the reading of the config file. One of the changes was to convert a global filehandle to an indirect filehandle. However, the change was only made to the "open" and "while" statements and NOT to the "close". The "close" should have been converted also. The effect would be a filehandle leak for the duration of the script since the config file would not be closed. Considering the script is not a long running script and there are not a lot of files opened simultaneously, this is not a big issue. But it is corrected here. ########## 174973 ------ Add two new methods to Platform.pm: plat_redhat_version() and plat_kernel_release(). These methods return a string reflecting attributes of the platform. Adding these two methods will modularize the varied code in ostools that gather this information in many different ways. In module Platform.pm: 1) add new method plat_kernel_release() which obtains kernel release string from "uname -r" and returns that value. If a pipe to "uname" fails, return undef. 2) add new method plat_redhat_version() which obtains Red Hat distro string from "/etc/redhat-relase" and returns that value. If the file can not be opened, return undef. 3) update POD section. ########## 173173 ------ When "harden_linux.pl --logging" is run, any reference to "sudo" in /etc/logrotate.d/syslog should be removed. Since the "harden_linux.pl" puts a separate logrotate conf file in /etc/logrotate.d for the sudo log file, if there is a reference to it in /etc/logrotate.d/syslog, it should be removed. If this is not done, then log rotation for the whole system is not performed due to an error thrown by the "logrotate" program which is run from the /etc/cron.daily job. In script harden_linux.pl: 1) the "Begin" and "End" program messages are only logged now, not also sent to stdout. 2) operating system type message only logged now. 3) added new sub fgrep() which mimics the "grep(1)" command but does not use system() built-in and thus does not spawn any sub processes. 4) added new sub sudo_cleanup_logrotate_conf(): # checks for a reference to the string specified by the given # regular expression in the specified logrotate conf file, and # if there is one, remove it. This sub is used to remove "sudo" from "/etc/logrotate.d/syslog". 5) modified sub sudo_gen_sudo_logrotate_conf() to call new sub sudo_cleanup_logrotate_conf() if the "syslog" log rotate conf file exists, and it contains a reference to "sudo". 6) cleaned up all types of log file subs and made consistent with other ostools scripts. 7) updated POD section. ########## 170502 ------ The install-ostools.pl script must skip the test for detecting a 1.12 to 1.13 upgrade when doing a fresh install. In script install-ostools.pl: 1) Set $FRESH_INSTALL to true if installing on a system where the default ostools dirs do not exist. 2) If $FRESH_INSTALL is true, then skip test for detecting a 1.12 to 1.13 upgrade - if doing a fresh install, can't possibly be doing a 1.12 to 1.13 upgrade. 3) change a couple of references to sub showinfo() to loginfo() - there is no showinfo() in the install script. ########## 172948 ------ This commit changes dsyperms.pl to not change the permissions of the contents of "/d/daisy/export". Reported Issue: The permissions of files in "/d/daisy/export" are being changed so that they are inaccessible by Windows PCs attaching to the "/d/daisy/export" share after "dsyperms.pl" is run. In script dsyperms.pl: 1) In function assign_pabp_permissions(), when setting the owner, group, and perms of the directories and their contents in "/d/daisy", only set the owner, group, and perms of the directory "/d/daisy/export", BUT DO NOT change the owner, group or perms of any files contained within the "/d/daisy/export" directory (as was done previously). 2) several file wide changes to comply with "perlcritic" level 4 and 5. ########## 172796 ------ The "dsyperms.pl" script changes the owner/group/perms of any unknown file/dir in "/d" which is sometimes undesirable. For example, for the off cycle edir project, a new directory was added to "/d" named "edirectories". Since "dsyperms.pl" did not recognize this new directory, it changed the owner/group/perms with values that negatively affected the off cycle edir functionality. This is a problem because there is no policy to make sure new version of ostools ("dsyperms.pl" is a part of ostools) are installed before or at the same time as the off cycle edir code. Thus, it appears that going forward, it is better to change to a new strategy to just log that an unknown directory entry is present and not change it. In script dsyperms.pl: 1) in function assign_pabp_permissions(), instead of recursively changing the owner/group/perms of any unrecognized directory entry in "/d" to "tfsupport:dsyasmins:555", just log a message and not touch it. ########## 170994 ------ Initial commit of tfrsync.pl - a script that uses rsync to copy/retrieve files to/from a backup server. ########## 170276 ------ When upgrading from ostools 1.12.x to 1.13.x, the harden_linux.pl script must handle conf files which already have append entries in them. In script harden_linux.pl: 1) added new command line option "--upgrade-12-13". If this option is specified, force a call to the existing upgrade function install_upgrade_conversion() rather than depending on detecting that an upgrade is in progress (which would be very hard to do). 2) added new function install_sanitize_conf_file() to remove old "append" sections from conf file. 3) added new function install_sanitize_custom_rules() to remove old headers and footers from custom rules text. 4) modified function install_put_custom_rules() to call new function install_sanitize_conf_file(). modified function install_upgrade_host_access() to call new function install_sanitize_custom_rules(). 5) updated the POD section. ########## 170273 ------ The ostools install script, install.ostools.pl, must detect when doing an upgrade from ostools 1.12.x to 1.13.x and inform other scripts appropriately. This must be done by the installer since it is "too late", ie the system state used to determine that an upgrade is being performed will be changed, at the point in time that the individual scripts are installed to determine that an update is being done. For example, if upgrading from 1.12.x to 1.13.x, the harden_linux.pl script must be called by the installer with a command line option specifying that an upgrade is taking place. In script install-ostools.pl: 1) added new command line option "upgrade-12-13". 2) added new functions ost_is_12_to_13_upgrade() and ost_get_installed_version() which determine if an upgrade from ostools 1.12.x to 1.13.x is being attempted. 3) if performing an upgrade from 1.12.x to 1.13.x, call harden_linux.pl with the new "--upgrade-12-13" option. 4) updated the POD section. ########## 169945 ------ The install.ostools.pl script must copy OSTools modules to a global location: /usr/local/ostools/modules. This is required because Perl has no good way to search for modules based on a location calculated at run time for use in our POS systems, RTI and Daisy, since there is no good way to always arrange to have an appropriate value in the environment, so the path to the ostools modules must be put into the Perl source as a literal string. Thus, to support both RTI and Daisy, where the ostools directory is in a different location, we must copy the modules to a fixed global location common to both RTI and Daisy, from which that can be referenced. In script install-ostools.pl: 1) added global variable to contain the path to the loation of the ostools modules in /usr/local. 2) added new exit values for new exit conditions and documented them in the POD section. 3) added code to make the directory structure needed in /usr/local for the ostools modules and set owner, group, and mode. And added code to copy the modules from the ostools dir to /usr/local and set owner, group, and mode for the files. 4) updated POD documentation. ########## 169827 ------ Initial implemenation of modules for ostools scripts. This commit adds the first modules for the ostools package. The first two modules are OSTools::Hardware and OSTools::Platform. The source file for the OSTools::Hardware module is lib/OSTools/Hardware.pm in the ostools/linux directory. The module contains the implementation for a set of a non-OOP functions reporting attributes of the hardware that Linux POS systems run on. The first 5 functions are: hw_module_version hw_manufacturer hw_product_name hw_serial_number hw_sysinfo The source file for the OSTools::Platform module is lib/OSTools/Platform.pm in the ostools/linux directory. The module contains the implementation for a set of a non-OOP functions reporting attributes of the platform that Linux POS systems run on. The first 3 functions are: plat_module_version plat_os_version plat_processor_arch The functions chosen were those that appeared in more than one source file of the ostools scripts, thus greatly reducing duplication with the attendant possibility of inconsistencies. In the future, many more modules are planned: networking, application, and logging to name a few. In script "install-ostools.pl": 1) removed definition and use of determine_os(). This is now taken care of by the plat_os_version() function of the OSTools::Platform module. However, the use of the function is no longer needed since it's only use was to special case a small code segment for RH72 and since there are no more RH72 systems, this is no longer necessary. 2) added code to make the "modules" subdirectory in the ostools directory. When the ostools package is installed, all modules will be installed in /usr2/ostools/modules for RTI systems or /d/ostools/modules for Daisy systems. In makefile "makefile": 1) added header with name of file and copyright message. 2) added variables for various directories referred to in the makefile now that there is more than just one, ie there used to be only the "bin" directory. Now there is the "lib" directory which contains the source files for the modules, and "OSTools" directory which is the a directory in "lib", and "modules" which is the directory where the modules will be installed when the ostools package as a whole is installed. 3) added a vpath so gmake would find modules source files when they are specified as a dependency. 4) added variable for list of modules source file names. 5) added modules as dependency on ostools tar file target. ########## 169728 ------ The "updateos.pl --klog" option outputs a replacement line and the old line to the /etc/sysconfig/syslog file - it should only output the replacement line. In script updateos.pl: 1) modified function modify_klog_msg_priority() to not output old line if being replaced with new line. ########## 169599 ------ Since some Daisy RHEL5 systems do not support dialog windows larger than 80x20 and tfsupport.pl in 1.13.1 uses 80x24, this results in some dialog windows not being displayed. For example, the Linux -> Messages dialog window does not display. The fix is to make the size of the "pick" windows smaller. Note, 80x24 was chosen since it is the size of the console and it has worked on all testing done up to this point (or at least there were no previous reports of issues). George, I'd like to go ahead and make the change to tfsupport.pl that we discussed yesterday. I would like to change the setting from "80 24" to "80 16". This seems to work best in all scenarios that I test ed (RHEL5, RHEL6, putty sessions, console, etc.) If you can make this one change and then build me a new OSTools 1.13.2, I would really appreciate it. Thanks, Shannon In script tfsupport.pl: 1) in function pickfile(), change size of dialog windows from 80x24 to 80x16. ########## 168397 ------ For each ostools branch, there is a corresponding "install.ostools.pl" script. Within this install script, there is a URL that points at the package to be installed. For the newly instantiated 1.14 branch of ostools, this URL needs to point at the appropriate package for the 1.14 branch. In script install-ostools.pl: 1) modify URL to point at the package "ostools-1.14-latest.tar.gz" on the "rtihardware.homelinux.com" web server. 2) update the POD section to be consistent with the guidelines from the "perlstyle" document from the Perl distribution: B<> for commands and command line switches C<> for code, and filenames ########## 168328 ------ Reported issue: The Daisy virtual console screens do not extend all the way to the bottom of the screen on the RHEL6 platform. This commit adds the command line option "--disable-kms" which can be used to disable kernel (video) mode setting. For Daisy customers that use the console of the Daisy server as a workstation, disabling KMS is required or Daisy application screens do not appear correctly on the virtual consoles. In script updateos.pl: 1) added code for new command line option "--disable-kms" which calls new function disable_kms(). Added new option to usage(). 2) added new function disable_kms(). 3) added call to new function disable_kms() to code that is run when "--baremetal" command line option is specified. 4) added variable for exit status 4 which means there was an error modifying the GRUB config file. 5) updated POD section with new info for "--disable-kms".