ranger-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sneet...@apache.org
Subject [08/15] ARGUS-137 Rename Apache Argus to Apache Ranger on the codebase/config
Date Fri, 31 Oct 2014 21:03:46 GMT
http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/6af44c4f/security-admin/scripts/install.sh
----------------------------------------------------------------------
diff --git a/security-admin/scripts/install.sh b/security-admin/scripts/install.sh
deleted file mode 100755
index b221140..0000000
--- a/security-admin/scripts/install.sh
+++ /dev/null
@@ -1,1374 +0,0 @@
-#!/bin/bash
-# Licensed to the Apache Software Foundation (ASF) under one or more
-# contributor license agreements.  See the NOTICE file distributed with
-# this work for additional information regarding copyright ownership.
-# The ASF licenses this file to You under the Apache License, Version 2.0
-# (the "License"); you may not use this file except in compliance with
-# the License.  You may obtain a copy of the License at
-#
-#     http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-
-PROPFILE=$PWD/install.properties
-propertyValue=''
-
-. $PROPFILE
-if [ ! $? = "0" ];then	
-	log "$PROPFILE file not found....!!"; 
-	exit 1; 
-fi
-
-DB_HOST="${db_host}"
-
-usage() {
-  [ "$*" ] && echo "$0: $*"
-  sed -n '/^##/,/^$/s/^## \{0,1\}//p' "$0"
-  exit 2
-} 2>/dev/null
-
-log() {  
-   local prefix="[$(date +%Y/%m/%d\ %H:%M:%S)]: "
-   echo "${prefix} $@" >> $LOGFILE
-   echo "${prefix} $@" 
-} 
-
-check_ret_status(){
-	if [ $1 -ne 0 ]; then
-		log "[E] $2"; 
-		exit 1; 
-	fi
-}
-
-check_ret_status_for_groupadd(){
-# 9 is the response if the group exists
-    if [ $1 -ne 0 ] && [ $1 -ne 9 ]; then
-        log "[E] $2";
-        exit 1;
-    fi
-}
-
-is_command () {
-    log "[I] check if command $1 exists"
-    type "$1" >/dev/null 
-}
-
-get_distro(){
-	log "[I] Checking distribution name.."
-	ver=$(cat /etc/*{issues,release,version} 2> /dev/null)
-	if [[ $(echo $ver | grep DISTRIB_ID) ]]; then
-	    DIST_NAME=$(lsb_release -si)
-	else
-	    DIST_NAME=$(echo $ver | cut -d ' ' -f 1 | sort -u | head -1)
-	fi
-	export $DIST_NAME
-	log "[I] Found distribution : $DIST_NAME"
-
-}
-#Get Properties from File
-#$1 -> propertyName $2 -> fileName $3 -> variableName
-getPropertyFromFile(){
-	validateProperty=$(sed '/^\#/d' $2 | grep "^$1"  | tail -n 1) # for validation	
-	if  test -z "$validateProperty" ; then log "[E] '$1' not found in $2 file while getting....!!"; exit 1; fi
-	value=`sed '/^\#/d' $2 | grep "^$1"  | tail -n 1 | cut -d "=" -f2-`	
-	#echo 'value:'$value
-	#validate=$(sed '/^\#/d' $2 | grep "^$1"  | tail -n 1 | cut -d "=" -f2-) # for validation
-	#if  test -z "$validate" ; then log "[E] '$1' not found in $2 file while getting....!!"; exit 1; fi
-	eval $3="'$value'"
-}
-
-#Update Properties to File
-#$1 -> propertyName $2 -> newPropertyValue $3 -> fileName
-updatePropertyToFile(){
-	sed -i 's@^'$1'=[^ ]*$@'$1'='$2'@g' $3
-	#validate=`sed -i 's/^'$1'=[^ ]*$/'$1'='$2'/g' $3`	#for validation
-	validate=$(sed '/^\#/d' $3 | grep "^$1"  | tail -n 1 | cut -d "=" -f2-) # for validation
-	#echo 'V1:'$validate
-	if test -z "$validate" ; then log "[E] '$1' not found in $3 file while Updating....!!"; exit 1; fi
-	log "[I] File $3 Updated successfully : {'$1'}"
-}
-
-
-init_logfiles () {
-    for f in $LOGFILES; do
-        touch $f
-    done
-    #log "start date for $0 = `date`"
-}
-
-init_variables(){
-	curDt=`date '+%Y%m%d%H%M%S'`
-
-	VERSION=`cat ${PWD}/version`
-
-	XAPOLICYMGR_DIR=/usr/lib/xapolicymgr
-
-	if [ "${VERSION}" != "" ]
-	then
- 		INSTALL_DIR=${XAPOLICYMGR_DIR}-${VERSION}
-	else
-		INSTALL_DIR=${XAPOLICYMGR_DIR}
- 	fi
-
-	WEBAPP_ROOT=${INSTALL_DIR}/ews/webapp
-	
-	DB_FLAVOR=`echo $DB_FLAVOR | tr '[:lower:]' '[:upper:]'`
-	if [ "${DB_FLAVOR}" == "" ]
-	then
-		DB_FLAVOR="MYSQL"
-	fi
-	log "[I] DB_FLAVOR=${DB_FLAVOR}"
-
-	getPropertyFromFile 'db_root_user' $PROPFILE db_root_user
-	getPropertyFromFile 'db_root_password' $PROPFILE db_user
-	getPropertyFromFile 'db_user' $PROPFILE db_user
-	getPropertyFromFile 'db_password' $PROPFILE db_password
-	getPropertyFromFile 'audit_db_user' $PROPFILE audit_db_user
-	getPropertyFromFile 'audit_db_password' $PROPFILE audit_db_password
-}
-
-wait_for_tomcat_shutdown() {
-	i=1
-	touch $TMPFILE
-	while [ $i -le 20 ]
-	do
-		ps -ef | grep catalina.startup.Bootstrap | grep -v grep > $TMPFILE
-		if [ $? -eq 1 ]; then
-			log "[I] Tomcat stopped"
-			i=21
-		else 
-			log "[I] stopping Tomcat.."
-			i=`expr $i + 1`
-			sleep 1
-		fi 
-	done
-}
-
-check_db_version() {
-    if [ "${DB_FLAVOR}" == "MYSQL" ]
-    then
-		if is_command ${SQL_COMMAND_INVOKER} ; then
-			log "[I] '${SQL_COMMAND_INVOKER}' command found"
-		else
-			log "[E] '${SQL_COMMAND_INVOKER}' command not found"
-		exit 1;
-		fi
-	fi
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-    then
-        if is_command ${SQL_COMMAND_INVOKER} ; then
-            log "[I] '${SQL_COMMAND_INVOKER}' command found"
-        else
-            log "[E] '${SQL_COMMAND_INVOKER}' command not found"
-        exit 1;
-        fi
-    fi
-}
-
-check_db_connector() {
-    if [ "${DB_FLAVOR}" == "MYSQL" ]
-	then
-		log "[I] Checking MYSQL CONNECTOR FILE : ${SQL_CONNECTOR_JAR}"
-		if test -f "$SQL_CONNECTOR_JAR"; then
-			log "[I] MYSQL CONNECTOR FILE : $SQL_CONNECTOR_JAR file found"
-		else
-			log "[E] MYSQL CONNECTOR FILE : $SQL_CONNECTOR_JAR does not exists" ; exit 1;
-		fi
-	fi
-    if [ "${DB_FLAVOR}" == "ORACLE" ]
-    then
-        log "[I] Checking ORACLE CONNECTOR FILE : ${SQL_CONNECTOR_JAR}"
-        if test -f "${SQL_CONNECTOR_JAR}"; then
-			log "[I] ORACLE CONNECTOR FILE : ${SQL_CONNECTOR_JAR} file found"
-        else
-			log "[E] ORACLE CONNECTOR FILE : ${SQL_CONNECTOR_JAR} does not exists" ; exit 1;
-		fi
-    fi
-}
-check_java_version() {
-	if is_command ${JAVA_BIN} ; then
-		log "[I] '${JAVA_BIN}' command found"
-	else
-		log "[E] '${JAVA_BIN}' command not found"
-		exit 1;
-	fi
-
-	$JAVA_BIN -version 2>&1 | grep -q $JAVA_VERSION_REQUIRED 
-	if [ $? != 0 ] ; then
-		log "[E] Java 1.7 is required"
-		exit 1;
-	fi
-
-	#Check for JAVA_HOME 
-	if [ "${JAVA_HOME}" == "" ]
-	then
- 		log "[E] JAVA_HOME environment property not defined, aborting installation."
- 		exit 1
- 	fi
-
-	#$JAVA_BIN -version 2>&1 | grep -q "$JAVA_ORACLE"
-	#if [ $? != 0 ] ; then
-		#log "[E] Oracle Java is required"
-		#exit 1;
-	#fi
-}
-
-sanity_check_files() {
-
-	if test -f $war_file; then
-		log "[I] $war_file file found" 
-	else
-		log "[E] $war_file does not exists" ; exit 1;
-    fi
-	if [ "${DB_FLAVOR}" == "MYSQL" ]
-    then
-		if test -f $mysql_core_file; then
-			log "[I] $mysql_core_file file found"
-		else
-			log "[E] $mysql_core_file does not exists" ; exit 1;
-		fi
-	fi
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-    then
-        if test -f ${oracle_core_file}; then
-			log "[I] ${oracle_core_file} file found"
-        else
-            log "[E] ${oracle_core_file} does not exists" ; exit 1;
-        fi
-    fi
-}
-
-create_rollback_point() {
-    DATE=`date`
-    BAK_FILE=$APP-$VERSION.$DATE.bak
-    log "Creating backup file : $BAK_FILE"
-    cp "$APP" "$BAK_FILE"
-}
-
-create_db_user(){
-	check_db_user_password
-	strError="ERROR"
-    if [ "${DB_FLAVOR}" == "MYSQL" ]
-    then
-		log "[I] Creating ${DB_FLAVOR} user '${db_user}'"
-		for thost in '%' localhost
-		do
-			usercount=`$SQL_COMMAND_INVOKER -B -u "$db_root_user" --password="$db_root_password" -h $DB_HOST --skip-column-names -e "select count(*) from mysql.user where user = '$db_user' and host = '$thost';"`
-			if  [ ${usercount} -eq 0 ]
-			then
-				$SQL_COMMAND_INVOKER -B -u "$db_root_user" --password="$db_root_password" -h $DB_HOST -e "create user '$db_user'@'$thost' identified by '$db_password';"
-				log "[I] Creating user '$db_user' for host $thost done"
-			fi
-			dbquery="REVOKE ALL PRIVILEGES,GRANT OPTION FROM  '$db_user'@'$thost';FLUSH PRIVILEGES;"
-			echo "${dbquery}" | $SQL_COMMAND_INVOKER -u "$db_root_user" --password="$db_root_password" -h $DB_HOST
-			check_ret_status $? "'$DB_FLAVOR' revoke *.* privileges from user '$db_user'@'$thost' failed"
-		done
-		log "[I] Creating ${DB_FLAVOR} user '${db_user}' DONE"
-	fi
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-    then
-		#check user exist or not
-		result3=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "select UPPER(username) from all_users where UPPER(username)=UPPER('${db_user}');"`
-		username=`echo ${db_user} | tr '[:lower:]' '[:upper:]'`
-		#if does not contains username so create user
-		if test "${result3#*$username}" == "$result3"
-		then
-			#create user
-			result4=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "create user ${db_user} identified by \"${db_password}\";"`
-			result3=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "select UPPER(username) from all_users where UPPER(username)=UPPER('${db_user}');"`
-			username=`echo ${db_user} | tr '[:lower:]' '[:upper:]'`
-			#if user is not created print error message
-			if test "${result3#*$username}" == "$result3"
-			then
-				log "[E] Creating User: ${db_user} Failed";
-				log "[E] $result4"
-				exit 1
-			else
-				log "[I] Creating User: ${db_user} Success";
-			fi
-	    fi
-        result5=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED TABLESPACE TO ${db_user} WITH ADMIN OPTION;"`
-        if test "${result5#*$strError}" == "$result5"
-		then
-			log "[I] Granting User: ${db_user} Success";
-		else
-			log "[E] Granting User: ${db_user} Failed";
-			log "[E] $result5"
-			exit 1
-		fi
-		log "[I] Creating $DB_FLAVOR user '${db_user}' DONE"
-    fi
-}
-
-check_db_admin_password () {
-	count=0
-	msg=''
-	cmdStatus=''
-	strError="ERROR"
-	if [ "${DB_FLAVOR}" == "MYSQL" ]
-    then
-		log "[I] Checking ${DB_FLAVOR} $db_root_user password"
-		msg=`$SQL_COMMAND_INVOKER -u "$db_root_user" --password="$db_root_password" -h "$DB_HOST" -s -e "select version();" 2>&1`
-		cmdStatus=$?
-    fi
-
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-    then
-		log "[I] Checking ${DB_FLAVOR} $db_root_user password"
-		msg=`echo "select 1 from dual;" | $SQL_COMMAND_INVOKER  -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA>&1`
-		cmdStatus=$?
-    fi
-	if test "${msg#*$strError}" != "$msg"
-	then
-		cmdStatus=1
-	else
-		cmdStatus=0 # $substring is not in $string
-    fi
-	while :
-	do	
-		if  [  $cmdStatus != 0 ]; then
-			if [ $count != 0 ]
-			then
-				if [ "${DB_FLAVOR}" == "MYSQL" ]
-				then
-					log "[I] COMMAND: mysql -u $db_root_user --password=...... -h $DB_HOST : FAILED with error message:"
-			    fi
-				if [ "${DB_FLAVOR}" == "ORACLE" ]
-	            then
-	                log "[I] COMMAND: sqlplus  $db_root_user/...... @$DB_HOST AS SYSDBA : FAILED with error message:"
-	            fi
-				log "*******************************************${sg}*******************************************"
-			fi
-			if [ $count -gt 2 ]
-			then
-				log "[E] Unable to continue as db connectivity fails."
-				exit 1
-			fi
-		    trap 'stty echo; exit 1' 2 3 15
-            if [ "${DB_FLAVOR}" == "MYSQL" ]
-		    then
-				printf "Please enter password for mysql user-id, $db_root_user@${DB_HOST} : "
-            fi
-			if [ "${DB_FLAVOR}" == "ORACLE" ]
-			then
-				log="[msg] ${msg}"
-				printf "Please enter password for oracle user-id, $db_root_user@${DB_HOST} AS SYSDBA: "
-			fi
-			stty -echo
-			read db_root_password
-			stty echo
-			printf "\n"
-			trap '' 2 3 15
-			count=`expr ${count} + 1`
-			if [ "${DB_FLAVOR}" == "MYSQL" ]
-			then
-				msg=`$SQL_COMMAND_INVOKER -u "$db_root_user" --password="$db_root_password" -h "$DB_HOST" -s -e "select version();" 2>&1`
-				cmdStatus=$?
-			fi
-			if [ "${DB_FLAVOR}" == "ORACLE" ]
-			then
-				msg=`echo "select 1 from dual;" | $SQL_COMMAND_INVOKER  -L -S "${db_root_user}"/"\"${db_root_password}\""@"{$DB_HOST}" AS SYSDBA >&1`
-				cmdStatus=$?
-			fi
-			if test "${msg#*$strError}" != "$msg"
-		    then
-				cmdStatus=1
-			else
-				cmdStatus=0 # $substring is not in $string
-		    fi
-	   	else
-			log "[I] Checking DB password DONE"
-			break;
-		fi
-	done
-	return 0;
-}
-
-check_db_user_password() {
-	count=0
-	muser=${db_user}@${DB_HOST}
-	while [ "${db_password}" = "" ]
-	do
-		if [ $count -gt 0 ]
-		then
-			log "[I] You can not have a empty password for user: (${muser})." 
-		fi
-		if [ ${count} -gt 2 ]
-		then
-			log "[E] Unable to continue as user, ${muser} does not have a non-empty password."
-		fi
-		printf "Please enter password for the XASecure schema owner (${muser}): "
-		trap 'stty echo; exit 1' 2 3 15
-		stty -echo
-		read db_password
-		stty echo
-		printf "\n"
-		trap ''  2 3 15
-		count=`expr ${count} + 1`
-	done
-}
-
-
-check_audit_user_password() {
-	count=0
-	muser=${audit_db_user}@${DB_HOST}
-	while [ "${audit_db_password}" = "" ]
-	do
-		if [ $count -gt 0 ]
-		then
-			log "[I] You can not have a empty password for user: (${muser})." 
-		fi
-		if [ ${count} -gt 2 ]
-		then
-			log "[E] Unable to continue as user, ${muser} does not have a non-empty password."
-		fi
-		printf "Please enter password for the XASecure Audit Table owner (${muser}): "
-		trap 'stty echo; exit 1' 2 3 15
-		stty -echo
-		read audit_db_password
-		stty echo
-		printf "\n"
-		trap ''  2 3 15
-		count=`expr ${count} + 1`
-	done
-}
-
-upgrade_db() {
-	log "[I] - starting upgradedb ... "
-	if [ "${DB_FLAVOR}" == "MYSQL" ]
-    then
-		DBVERSION_CATALOG_CREATION=db/create_dbversion_catalog.sql
-		if [ -f ${DBVERSION_CATALOG_CREATION} ]
-		then
-			log "[I] Verifying database version catalog table .... "
-			${mysqlexec} < ${DBVERSION_CATALOG_CREATION}
-			`${SQL_COMMAND_INVOKER} -u "${db_root_user}" --password="${db_root_password}" -h ${DB_HOST} -D ${db_name} < ${DBVERSION_CATALOG_CREATION}`
-			check_ret_status $? "Verifying database version catalog table Failed."
-		fi
-
-		dt=`date '+%s'`
-		tempFile=/tmp/sql_${dt}_$$.sql
-		sqlfiles=`ls -1 db/patches/*.sql 2> /dev/null | awk -F/ '{ print $NF }' | awk -F- '{ print $1, $0 }' | sort -k1 -n | awk '{ printf("db/patches/%s\n",$2) ; }'`
-		for sql in ${sqlfiles}
-		do
-			if [ -f ${sql} ]
-			then
-				bn=`basename ${sql}`
-				version=`echo ${bn} | awk -F'-' '{ print $1 }'`
-				if [ "${version}" != "" ]
-				then
-					c=`${SQL_COMMAND_INVOKER} -u "${db_root_user}" --password="${db_root_password}" -h ${DB_HOST} -D ${db_name} -B --skip-column-names -e "select count(id) from x_db_version_h where version = '${version}' and active = 'Y'"`
-					check_ret_status $? "DBVerionCheck - ${version} Failed."
-					if [ ${c} -eq 0 ]
-					then
-						cat ${sql} > ${tempFile}
-						echo >> ${tempFile}
-						echo "insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ( '${version}', now(), user(), now(), user()) ;" >> ${tempFile}
-						log "[I] - patch [${version}] is being applied."
-						`${SQL_COMMAND_INVOKER} -u "${db_root_user}" --password="${db_root_password}" -h ${DB_HOST} -D ${db_name} < ${tempFile}`
-						check_ret_status $? "Update patch - ${version} Failed. See sql file : [${tempFile}]"
-						rm -f ${tempFile}
-					else
-						log "[I] - patch [${version}] is already applied. Skipping ..."
-					fi
-				fi
-			fi
-		done
-	fi
-	####
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-    then
-		strError="ERROR"
-		DBVERSION_CATALOG_CREATION=db/oracle/create_dbversion_catalog.sql
-		VERSION_TABLE=x_db_version_h
-		log "[I] Verifying table $VERSION_TABLE in database $db_name";
-		if [ -f ${DBVERSION_CATALOG_CREATION} ]
-		then
-			result1=`${SQL_COMMAND_INVOKER} -L -S "${db_user}"/"\"${db_password}\""@"${DB_HOST}" <<< "select UPPER(table_name) from all_tables where UPPER(tablespace_name)=UPPER('${db_name}') and UPPER(table_name)=UPPER('${VERSION_TABLE}');"`
-			tablename=`echo $VERSION_TABLE | tr '[:lower:]' '[:upper:]'`
-			if test "${result1#*$tablename}" == "$result1"	#does not contains tablename so create table
-			then
-				log "[I] Importing Version Catalog file: $DBVERSION_CATALOG_CREATION..."
-				result2=`echo "exit"|${SQL_COMMAND_INVOKER} -L -S "${db_user}"/"\"${db_password}\""@"${DB_HOST}" @$DBVERSION_CATALOG_CREATION`
-				if test "${result2#*$strError}" == "$result2"
-				then
-					log "[I] Importing Version Catalog file : $DBVERSION_CATALOG_CREATION DONE";
-				else
-					log "[E] Importing Version Catalog file : $DBVERSION_CATALOG_CREATION Failed";
-					log "[E] $result2"
-				fi
-			else
-				log "[I] Table $VERSION_TABLE already exists in database ${db_name}"
-			fi
-		fi
-
-		dt=`date '+%s'`
-		tempFile=/tmp/sql_${dt}_$$.sql
-		sqlfiles=`ls -1 db/oracle/patches/*.sql 2> /dev/null | awk -F/ '{ print $NF }' | awk -F- '{ print $1, $0 }' | sort -k1 -n | awk '{ printf("db/oracle/patches/%s\n",$2) ; }'`
-		for sql in ${sqlfiles}
-		do
-			if [ -f ${sql} ]
-			then
-				bn=`basename ${sql}`
-				version=`echo ${bn} | awk -F'-' '{ print $1 }'`
-				if [ "${version}" != "" ]
-				then
-					result2=`${SQL_COMMAND_INVOKER} -L -S "${db_user}"/"\"${db_password}\""@"${DB_HOST}" <<< "select version from x_db_version_h where version = '${version}' and active = 'Y';"`
-					#does not contains record so insert
-					if test "${result2#*$version}" == "$result2"
-					then
-						cat ${sql} > ${tempFile}
-						echo >> ${tempFile}
-						echo "insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'${version}', sysdate, '${db_user}', sysdate, '${db_user}') ;" >> ${tempFile}
-						log "[I] - patch [${version}] is being applied. $tempFile"
-						result3=`echo "exit"|${SQL_COMMAND_INVOKER} -L -S "${db_user}"/"\"${db_password}\""@"${DB_HOST}"  @$tempFile`
-						log "[+]$result3"
-						if test "${result3#*$strError}" == "$result3"
-						then
-							log "[I] Update patch - ${version} applied. See sql file : [${tempFile}]"
-						else
-							log "[E] Update patch - ${version} Failed. See sql file : [${tempFile}]"
-						fi
-						rm -f ${tempFile}
-					elif test "${result2#*$strError}" != "$result2"
-					then
-						log "[E] - patch [${version}] could not applied. Skipping ..."
-						exit 1
-					else
-						log "[I] - patch [${version}] is already applied. Skipping ..."
-					fi
-				fi
-			fi
-		done
-	fi
-	log "[I] - upgradedb completed."
-}
-
-import_db(){
-	if [ "${DB_FLAVOR}" == "MYSQL" ]
-    then
-		log "[I] Verifying Database: ${db_name}";
-		existdb=`${SQL_COMMAND_INVOKER} -u "${db_root_user}" --password="${db_root_password}" -h $DB_HOST -B --skip-column-names -e  "show databases like '${db_name}' ;"`
-		if [ "${existdb}" = "${db_name}" ]
-		then
-			log "[I] - database ${db_name} already exists. Ignoring import_db ..."
-		else
-			log "[I] Creating Database: $db_name";
-			$SQL_COMMAND_INVOKER -u "$db_root_user" --password="$db_root_password" -h $DB_HOST -e "create database $db_name"
-			check_ret_status $? "Creating database Failed.."
-			log "[I] Importing Core Database file: $mysql_core_file "
-			$SQL_COMMAND_INVOKER -u "$db_root_user" --password="$db_root_password" -h $DB_HOST $db_name < $mysql_core_file
-			check_ret_status $? "Importing Database Failed.."
-			if [ -f "${mysql_asset_file}" ]
-			then
-				$SQL_COMMAND_INVOKER -u "$db_root_user" --password="$db_root_password" -h $DB_HOST ${db_name} < ${mysql_asset_file}
-				check_ret_status $? "Reset of DB repositories failed"
-			fi
-			log "[I] Importing Database file : $mysql_core_file DONE";
-		fi
-		for thost in '%' localhost
-		do
-			mysqlquery="GRANT ALL ON $db_name.* TO '$db_user'@'$thost' ;
-			GRANT ALL PRIVILEGES ON $db_name.* to '$db_user'@'$thost' WITH GRANT OPTION;
-			FLUSH PRIVILEGES;"
-			echo "${mysqlquery}" | $SQL_COMMAND_INVOKER -u "$db_root_user" --password="$db_root_password" -h $DB_HOST
-			check_ret_status $? "'$db_user' grant privileges on '$db_name' failed"
-			log "[I] Granting MYSQL user '$db_user' for host $thost DONE"
-		done
-	fi
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-    then
-		log "[I] Importing TABLESPACE: ${db_name}";
-		strError="ERROR"
-		existdb="false"
-
-		#Verifying Users
-		log "[I] Verifying DB User: ${db_user}";
-		result3=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "select UPPER(username) from all_users where UPPER(username)=UPPER('${db_user}');"`
-		username=`echo ${db_user} | tr '[:lower:]' '[:upper:]'`
-		if test "${result3#*$username}" == "$result3"	#does not contains username so create user
-		then
-			#create user
-			result4=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA  <<< "create user ${db_user} identified by \"${db_password}\";"`
-			result3=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "select UPPER(username) from all_users where UPPER(username)=UPPER('${db_user}');"`
-			username=`echo ${db_user} | tr '[:lower:]' '[:upper:]'`
-			if test "${result3#*$username}" == "$result3"	#does not contains username so create user
-			then
-				log "[E] Creating User: ${db_user} Failed";
-				log "[E] ${result4}";
-				exit 1
-			else
-				log "[I] Creating User: ${db_user} Success";
-			fi
-		else
-			log "[I] User: ${db_user} exist";
-		fi
-
-		#creating db/tablespace
-		result1=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "SELECT DISTINCT UPPER(TABLESPACE_NAME) FROM USER_TABLESPACES where UPPER(TABLESPACE_NAME)=UPPER('${db_name}');"`
-		tablespace=`echo ${db_name} | tr '[:lower:]' '[:upper:]'`
-		if test "${result1#*$tablespace}" == "$result1" #does not contains tablespace so create tablespace
-		then
-			log "[I] Creating TABLESPACE: ${db_name}";
-			result2=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "create tablespace ${db_name} datafile '${db_name}.dat' size 10M autoextend on;"`
-			if test "${result2#*$strError}" == "$result2"
-			then
-				log "[I] TABLESPACE ${db_name} created.";
-				existdb="true"
-			else
-				log "[E] Creating TABLESPACE: ${db_name} Failed";
-				log "[E] $result2";
-				exit 1
-			fi
-		else
-			log "[I] TABLESPACE ${db_name} already exists.";
-		fi
-
-		#verify table space
-		result1a=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "SELECT DISTINCT UPPER(TABLESPACE_NAME) FROM USER_TABLESPACES where UPPER(TABLESPACE_NAME)=UPPER('${db_name}');"`
-		tablespace1a=`echo ${db_name} | tr '[:lower:]' '[:upper:]'`
-		if test "${result1a#*$tablespace1a}" == "$result1a" #does not contains tablespace so exit
-		then
-			log "[E] TABLESPACE: ${db_name} Does not exist!!";
-			exit 1
-		fi
-
-		#verify user
-		result3=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "select UPPER(username) from all_users where UPPER(username)=UPPER('${db_user}');"`
-		username=`echo ${db_user} | tr '[:lower:]' '[:upper:]'`
-		if test "${result3#*$username}" == "$result3"	#does not contains username so exit
-		then
-			log "[E] User: ${db_user} Does not exist!!";
-			exit 1
-		fi
-
-		# ASSIGN DEFAULT TABLESPACE ${db_name}
-		result8=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA  <<< "alter user ${db_user} identified by \"${db_password}\" DEFAULT TABLESPACE ${db_name};"`
-
-	    #grant user
-        result5=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "GRANT CREATE SESSION,CREATE PROCEDURE,CREATE TABLE,CREATE VIEW,CREATE SEQUENCE,CREATE PUBLIC SYNONYM,CREATE TRIGGER,UNLIMITED TABLESPACE TO ${db_user} WITH ADMIN OPTION;"`
-        if test "${result5#*$strError}" == "$result5"
-		then
-			log "[I] Granting User: ${db_user} Success";
-		else
-			log "[E] Granting User: ${db_user} Failed";
-			log "[E] $result5";
-			exit 1
-		fi
-
-		#if does not contains tables create tables
-		if [ "${existdb}" == "true" ]
-		then
-			log "[I] Importing XA Database file: ${oracle_core_file}..."
-			result7=`echo "exit"|${SQL_COMMAND_INVOKER} -L -S "${db_user}"/"\"${db_password}\""@"${DB_HOST}" @${oracle_core_file}`
-			if test "${result7#*$strError}" == "$result7"
-			then
-				log "[I] Importing XA Database file : ${oracle_core_file} DONE";
-			else
-				log "[E] Importing XA Database file : ${oracle_core_file} Failed";
-				log "[E] $result7";
-				exit 1
-			fi
-		else
-			log "[I] - database ${db_name} already exists. Ignoring import_db ..."	;
-		fi
-	fi
-}
-
-extract_war () {
-	if [ ! -e $war_file ]
-	then
-		log "[E] $war_file file not found!"
-	fi
-	log "[I] Extract War file $war_file to $app_home" # 
-	if [ -d $app_home ]
-	then
-		mv ${app_home} ${app_home}_archive_`date '+%s'`
-	fi
-	mkdir -p $app_home
-	unzip -q $war_file -d $app_home 
-	check_ret_status $? "Extraction of war file failed....!!"
-	log "[I] Extract War file $war_file DONE" # 
-}
-
-copy_to_webapps (){
-	log "[I] Copying to ${WEBAPP_ROOT} ";
-	if [ -f $app_home/WEB-INF/log4j.xml.prod ]
-    then
-        mv -f $app_home/WEB-INF/log4j.xml.prod $app_home/WEB-INF/log4j.xml
-    fi
-    cp -rf $app_home/* ${WEBAPP_ROOT}
-	check_ret_status $? "Copying to ${WEBAPP_ROOT} failed"
-	
-	#
-	# the jar file, ${INSTALL_DIR}/webapps/ROOT/WEB-INF/lib/unixauthclient-*.jar should be accessed from external to have the parameter to work correctly
-	#
-	for f in  ${WEBAPP_ROOT}/WEB-INF/lib/unixauthclient-*.jar
-    do
-		if [ -f ${f} ]
-		then
-			mkdir -p ${INSTALL_DIR}/xasecure_jaas/
-			mv ${f} ${INSTALL_DIR}/xasecure_jaas/
-		fi
-    done
-
-	log "[I] Copying to ${WEBAPP_ROOT} DONE";
-}
-
-copy_db_connector(){
-	if [ "${DB_FLAVOR}" == "MYSQL" ]
-	then
-		log "[I] Copying MYSQL Connector to $app_home/WEB-INF/lib ";
-	    cp -f $SQL_CONNECTOR_JAR $app_home/WEB-INF/lib
-		check_ret_status $? "Copying MYSQL Connector to $app_home/WEB-INF/lib failed"
-		log "[I] Copying MYSQL Connector to $app_home/WEB-INF/lib DONE";
-	fi
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-    then
-        log "[I] Copying ORACLE Connector to $app_home/WEB-INF/lib ";
-        cp -f $SQL_CONNECTOR_JAR $app_home/WEB-INF/lib
-        check_ret_status $? "Copying ORACLE Connector to $app_home/WEB-INF/lib failed"
-        log "[I] Copying ORACLE Connector to $app_home/WEB-INF/lib DONE";
-    fi
-}
-
-update_properties() {
-	newPropertyValue=''
-	to_file=$app_home/WEB-INF/classes/xa_system.properties
-	if test -f $to_file; then
-		log "[I] $to_file file found" 
-	else
-		log "[E] $to_file does not exists" ; exit 1;
-    fi
-	if [ "${DB_FLAVOR}" == "MYSQL" ]
-	then
-		propertyName=jdbc.url
-		newPropertyValue="jdbc:log4jdbc:mysql://${DB_HOST}/${db_name}"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-		propertyName=auditDB.jdbc.url
-		newPropertyValue="jdbc:log4jdbc:mysql://${DB_HOST}/${audit_db_name}"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-		propertyName=jdbc.dialect
-		newPropertyValue="org.eclipse.persistence.platform.database.MySQLPlatform"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-		propertyName=auditDB.jdbc.dialect
-		newPropertyValue="org.eclipse.persistence.platform.database.MySQLPlatform"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-		propertyName=jdbc.driver
-		newPropertyValue="net.sf.log4jdbc.DriverSpy"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-		propertyName=auditDB.jdbc.driver
-		newPropertyValue="net.sf.log4jdbc.DriverSpy"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-	fi
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-	then
-		propertyName=jdbc.url
-		newPropertyValue="jdbc:oracle:thin:\@//${DB_HOST}"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-		propertyName=auditDB.jdbc.url
-		newPropertyValue="jdbc:oracle:thin:\@//${DB_HOST}"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-		propertyName=jdbc.dialect
-		newPropertyValue="org.eclipse.persistence.platform.database.OraclePlatform"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-		propertyName=auditDB.jdbc.dialect
-		newPropertyValue="org.eclipse.persistence.platform.database.OraclePlatform"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-		propertyName=jdbc.driver
-		newPropertyValue="oracle.jdbc.OracleDriver"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-		propertyName=auditDB.jdbc.driver
-		newPropertyValue="oracle.jdbc.OracleDriver"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-	fi
-	propertyName=xa.webapp.url.root
-	newPropertyValue="${policymgr_external_url}"
-	updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-	propertyName=http.enabled
-	newPropertyValue="${policymgr_http_enabled}"
-	updatePropertyToFile $propertyName $newPropertyValue $to_file	
-	
-	propertyName=jdbc.user
-	newPropertyValue="${db_user}"
-	updatePropertyToFile $propertyName $newPropertyValue $to_file	
-	
-	propertyName=auditDB.jdbc.user
-	newPropertyValue="${audit_db_user}"
-	updatePropertyToFile $propertyName $newPropertyValue $to_file
-	##########
-
-	keystore="${cred_keystore_filename}"
-
-	echo "Starting configuration for XA DB credentials:"
-
-	db_password_alias=policyDB.jdbc.password
-	
-   	if [ "${keystore}" != "" ]
-   	then
-		mkdir -p `dirname "${keystore}"`
-
-   		java -cp "cred/lib/*" com.hortonworks.credentialapi.buildks create "$db_password_alias" -value "$db_password" -provider jceks://file$keystore
-   		
-   		propertyName=xaDB.jdbc.credential.alias
-		newPropertyValue="${db_password_alias}"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-	
-		propertyName=xaDB.jdbc.credential.provider.path
-		newPropertyValue="${keystore}"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-		propertyName=jdbc.password
-		newPropertyValue="_"	
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-   	else  	
-		propertyName=jdbc.password
-		newPropertyValue="${db_password}"	
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-	fi	
-	
-	if test -f $keystore; then
-		#echo "$keystore found."
-		chown -R ${unix_user}:${unix_group} ${keystore}
-	else
-		#echo "$keystore not found. so clear text password"
-		propertyName=jdbc.password
-		newPropertyValue="${db_password}"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-	fi
- 
-	###########
-	audit_db_password_alias=auditDB.jdbc.password
-
-	echo "Starting configuration for Audit DB credentials:"
-	
-   	if [ "${keystore}" != "" ]
-   	then
-	   	java -cp "cred/lib/*" com.hortonworks.credentialapi.buildks create "$audit_db_password_alias" -value "$audit_db_password" -provider jceks://file$keystore
-	   	
-		propertyName=auditDB.jdbc.credential.alias
-		newPropertyValue="${audit_db_password_alias}"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file	
-		
-		propertyName=auditDB.jdbc.credential.provider.path
-		newPropertyValue="${keystore}"
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-
-		propertyName=auditDB.jdbc.password
-		newPropertyValue="_"	
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-   	else
-		propertyName=auditDB.jdbc.password
-		newPropertyValue="${audit_db_password}"	
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-	fi	
-	
-	if test -f $keystore; then
-		chown -R ${unix_user}:${unix_group} ${keystore}
-		#echo "$keystore found."
-	else
-		#echo "$keystore not found. so use clear text password"
-		propertyName=auditDB.jdbc.password
-		newPropertyValue="${audit_db_password}"	
-		updatePropertyToFile $propertyName $newPropertyValue $to_file
-	fi
-	
-}
-
-create_audit_db_user(){
-	check_audit_user_password
-	AUDIT_DB="${audit_db_name}"
-	AUDIT_USER="${audit_db_user}"
-	AUDIT_PASSWORD="${audit_db_password}"
-	strError="ERROR"
-	#Verifying Database
-	if [ "${DB_FLAVOR}" == "MYSQL" ]
-    then
-		log "[I] Verifying Database: $AUDIT_DB";
-		existdb=`${SQL_COMMAND_INVOKER} -u "$db_root_user" --password="$db_root_password" -h $DB_HOST -B --skip-column-names -e  "show databases like '$AUDIT_DB' ;"`
-		if [ "${existdb}" = "$AUDIT_DB" ]
-		then
-			log "[I] Database $AUDIT_DB already exists."
-		else
-			log "[I] Creating Database: $audit_db_name";
-			$SQL_COMMAND_INVOKER -u "$db_root_user" --password="$db_root_password" -h $DB_HOST -e "create database $AUDIT_DB"
-			check_ret_status $? "Creating database $AUDIT_DB Failed.."
-		fi
-	fi
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-    then
-		log "[I] Verifying TABLESPACE: $AUDIT_DB";
-		result1=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA  <<< "SELECT distinct UPPER(TABLESPACE_NAME) FROM USER_TABLESPACES where UPPER(TABLESPACE_NAME)=UPPER('${AUDIT_DB}');"`
-		tablespace=`echo $AUDIT_DB | tr '[:lower:]' '[:upper:]'`
-		if test "${result1#*$tablespace}" == "$result1" #does not contains tablespace so create tablespace
-		then
-			log "[I] Creating TABLESPACE: $AUDIT_DB";
-			result2=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "create tablespace $AUDIT_DB datafile '$AUDIT_DB.dat' size 10M autoextend on;"`
-			if test "${result2#*$strError}" == "$result2"
-			then
-				log "[I] TABLESPACE $AUDIT_DB created."
-			else
-				log "[E] Creating TABLESPACE: $AUDIT_DB Failed";
-				log "[E] $result2"
-				exit 1
-			fi
-		else
-			log "[I] TABLESPACE $AUDIT_DB already exists."
-		fi
-	fi
-
-	#Verifying Users
-	log "[I] Verifying Audit User: $AUDIT_USER";
-	if [ "${DB_FLAVOR}" == "MYSQL" ]
-    then
-		for thost in '%' localhost
-		do
-			usercount=`$SQL_COMMAND_INVOKER -B -u "$db_root_user" --password="$db_root_password" -h $DB_HOST --skip-column-names -e "select count(*) from mysql.user where user = '$AUDIT_USER' and host = '$thost';"`
-			if  [ ${usercount} -eq 0 ]
-			then
-				log "[I] Creating ${DB_FLAVOR} user '$AUDIT_USER'@'$thost'"
-				$SQL_COMMAND_INVOKER -B -u "$db_root_user" --password="$db_root_password" -h $DB_HOST -e "create user '$AUDIT_USER'@'$thost' identified by '$AUDIT_PASSWORD';"
-				check_ret_status $? "${DB_FLAVOR} create user failed"
-			fi
-			if [ "${AUDIT_USER}" != "${db_user}" ]
-			then
-				mysqlquery="REVOKE ALL PRIVILEGES,GRANT OPTION FROM '$AUDIT_USER'@'$thost' ;
-				FLUSH PRIVILEGES;"
-				echo "${mysqlquery}" | $SQL_COMMAND_INVOKER -u "$db_root_user" --password="$db_root_password" -h $DB_HOST
-				check_ret_status $? "'$DB_FLAVOR' revoke privileges from user '$AUDIT_USER'@'$thost' failed"
-				log "[I] '$DB_FLAVOR' revoke all privileges from user '$AUDIT_USER'@'$thost' DONE"
-			fi
-		done
-	fi
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-    then
-		result3=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "select UPPER(username) from all_users where UPPER(username)=UPPER('${AUDIT_USER}');"`
-		username=`echo $AUDIT_USER | tr '[:lower:]' '[:upper:]'`
-		if test "${result3#*$username}" == "$result3"	#does not contains username so create user
-		then
-			#create user
-			result4=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "create user ${AUDIT_USER} identified by \"${AUDIT_PASSWORD}\" DEFAULT TABLESPACE ${AUDIT_DB};"`
-			if test "${result4#*$strError}" == "$result4"
-		    then
-				log "[I] Creating User: ${AUDIT_USER} Success";
-			else
-				log "[E] Creating User: ${AUDIT_USER} Failed";
-				log "[E] $result4"
-				exit 1
-		    fi
-		else
-			log "[I] User: ${AUDIT_USER} exist";
-		fi
-        result5=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "GRANT CREATE SESSION TO ${AUDIT_USER};"`
-        if test "${result5#*$strError}" == "$result5"
-		then
-			log "[I] Granting User: $AUDIT_USER Success";
-		else
-			log "[E] Granting User: $AUDIT_USER Failed";
-			log "[E] $result5"
-			exit 1
-		fi
-    fi
-
-	#Verifying audit table
-	AUDIT_TABLE=xa_access_audit
-	if [ "${DB_FLAVOR}" == "MYSQL" ]
-	then
-		log "[I] Verifying table $AUDIT_TABLE in audit database $AUDIT_DB";
-		existtbl=`${SQL_COMMAND_INVOKER} -u "$db_root_user" --password="$db_root_password" -D $AUDIT_DB -h $DB_HOST -B --skip-column-names -e  "show tables like '$AUDIT_TABLE' ;"`
-		if [ "${existtbl}" != "$AUDIT_TABLE" ]
-		then
-			log "[I] Importing Audit Database file: $mysql_audit_file..."
-			$SQL_COMMAND_INVOKER -u "$db_root_user" --password="$db_root_password" -h $DB_HOST $AUDIT_DB < $mysql_audit_file
-			check_ret_status $? "Importing Audit Database Failed.."
-			log "[I] Importing Audit Database file : $mysql_audit_file DONE";
-		else
-			log "[I] Table $AUDIT_TABLE already exists in audit database $AUDIT_DB"
-		fi
-	fi
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-	then
-		log "[I] Verifying table $AUDIT_TABLE in TABLESPACE $db_name";
-		# ASSIGN DEFAULT TABLESPACE ${db_name}
-		result8=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA  <<< "alter user ${AUDIT_USER} identified by \"${AUDIT_PASSWORD}\" DEFAULT TABLESPACE ${AUDIT_DB};"`
-		result6=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "select UPPER(table_name) from all_tables where UPPER(tablespace_name)=UPPER('$db_name') and UPPER(table_name)=UPPER('${AUDIT_TABLE}');"`
-		tablename=`echo $AUDIT_TABLE | tr '[:lower:]' '[:upper:]'`
-		if test "${result6#*$tablename}" == "$result6"	#does not contains tablename so create table
-		then
-			log "[I] Importing Audit Database file: $oracle_audit_file..."
-			result7=`echo "exit"|${SQL_COMMAND_INVOKER} -L -S "${db_user}"/"\"${db_password}\""@"${DB_HOST}" @$oracle_audit_file`
-			if test "${result7#*$strError}" == "$result7"
-			then
-				log "[I] Importing Audit Database file : $oracle_audit_file DONE";
-			else
-				log "[E] Importing Audit Database file : $oracle_audit_file failed";
-				log "[E] $result7"
-			fi
-		else
-			log "[I] Table $AUDIT_TABLE already exists in TABLESPACE $db_name"
-		fi
-	fi
-
-	#Granting Users
-	log "[I] Granting Privileges to User: $AUDIT_USER";
-	if [ "${DB_FLAVOR}" == "MYSQL" ]
-    then
-		for thost in '%' localhost
-		do
-			mysqlquery="GRANT ALL ON $AUDIT_DB.* TO '$db_user'@'$thost' ;
-			GRANT ALL PRIVILEGES ON $AUDIT_DB.* to '$db_user'@'$thost' WITH GRANT OPTION;
-			FLUSH PRIVILEGES;"
-			echo "${mysqlquery}" | $SQL_COMMAND_INVOKER -u "$db_root_user" --password="$db_root_password" -h $DB_HOST
-			check_ret_status $? "'$db_user' grant privileges on '$AUDIT_DB' failed"
-			log "[I] Creating MYSQL user '$AUDIT_USER' for host $thost DONE"
-
-			mysqlquery="GRANT INSERT ON $AUDIT_DB.$AUDIT_TABLE TO '$AUDIT_USER'@'$thost' ;
-			FLUSH PRIVILEGES;"
-			echo "${mysqlquery}" | $SQL_COMMAND_INVOKER -u "$db_root_user" --password="$db_root_password" -h $DB_HOST
-			check_ret_status $? "'$DB_FLAVOR' grant INSERT privileges to user '$AUDIT_USER'@'$thost' on $AUDIT_TABLE failed"
-			log "[I] '$DB_FLAVOR' grant INSERT privileges to user '$AUDIT_USER'@'$thost' on $AUDIT_TABLE DONE"
-		done
-	fi
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-	then
-		if [ "${AUDIT_USER}" != "${db_user}" ]
-		then
-			result11=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "GRANT SELECT ON ${db_user}.XA_ACCESS_AUDIT_SEQ TO ${AUDIT_USER};"`
-			result12=`${SQL_COMMAND_INVOKER} -L -S "${db_root_user}"/"\"${db_root_password}\""@"${DB_HOST}" AS SYSDBA <<< "GRANT INSERT ON ${db_user}.${AUDIT_TABLE} TO ${AUDIT_USER};"`
-			if test "${result11#*$strError}" != "$result11"
-			then
-				log "[E] Granting User: $AUDIT_USER Failed";
-				log "[E] $result11";
-				exit1
-			elif test "${result12#*$strError}" != "$result12"
-			then
-				log "[E] Granting User: $AUDIT_USER Failed";
-				log "[E] $result12";
-				exit 1
-			else
-				log "[I] Granting User: $AUDIT_USER Success";
-			fi
-		fi
-	fi
-}
-
-do_unixauth_setup() {
-
-	XASECURE_JAAS_DIR="${INSTALL_DIR}/xasecure_jaas"
-
-	if [ -d "${XASECURE_JAAS_DIR}" ]
-	then
-		mv "${XASECURE_JAAS_DIR}" "${XASECURE_JAAS_DIR}_archive_`date '+%s'`"
-	fi
-
-	mkdir -p ${XASECURE_JAAS_DIR}
-
-	cp ./unixauth-config/*  ${XASECURE_JAAS_DIR}
-
-	cat unixauth-config/unixauth.properties | \
-			grep -v '^remoteLoginEnabled=' | \
-			grep -v '^authServiceHostName=' | \
-			grep -v '^authServicePort=' > ${INSTALL_DIR}/xasecure_jaas/unixauth.properties
-
-	echo "remoteLoginEnabled=${remoteLoginEnabled}"   >> ${INSTALL_DIR}/xasecure_jaas/unixauth.properties
-	echo "authServiceHostName=${authServiceHostName}" >> ${INSTALL_DIR}/xasecure_jaas/unixauth.properties
-	echo "authServicePort=${authServicePort}"         >> ${INSTALL_DIR}/xasecure_jaas/unixauth.properties
-
-	owner=xasecure
-	group=xasecure
-	chown -R ${owner}:${group} ${XASECURE_JAAS_DIR}
-	chmod -R go-rwx ${XASECURE_JAAS_DIR}
-}
-do_authentication_setup(){
-	log "[I] Starting setup based on user authentication method=$authentication_method";     
-	./setup_authentication.sh $authentication_method $app_home
-
-    if [ $authentication_method = "LDAP" ] ; then
-    	log "[I] Loading LDAP attributes and properties";
-		newPropertyValue=''	
-		ldap_file=$app_home/WEB-INF/classes/xa_ldap.properties
-		if test -f $ldap_file; then
-			log "[I] $ldap_file file found" 
-			propertyName=xa_ldap_url
-			newPropertyValue="${xa_ldap_url}"
-			
-			updatePropertyToFile $propertyName $newPropertyValue $ldap_file
-			
-			propertyName=xa_ldap_userDNpattern
-			newPropertyValue="${xa_ldap_userDNpattern}"
-			updatePropertyToFile $propertyName $newPropertyValue $ldap_file
-			
-			propertyName=xa_ldap_groupSearchBase
-			newPropertyValue="${xa_ldap_groupSearchBase}"
-			updatePropertyToFile $propertyName $newPropertyValue $ldap_file
-			
-			propertyName=xa_ldap_groupSearchFilter
-			newPropertyValue="${xa_ldap_groupSearchFilter}"
-			updatePropertyToFile $propertyName $newPropertyValue $ldap_file
-			
-			propertyName=xa_ldap_groupRoleAttribute
-			newPropertyValue="${xa_ldap_groupRoleAttribute}"
-			updatePropertyToFile $propertyName $newPropertyValue $ldap_file
-			
-			propertyName=authentication_method
-			newPropertyValue="${authentication_method}"
-			updatePropertyToFile $propertyName $newPropertyValue $ldap_file
-		else
-			log "[E] $ldap_file does not exists" ; exit 1;
-		
-    	fi
-    fi
-    if [ $authentication_method = "ACTIVE_DIRECTORY" ] ; then
-    	log "[I] Loading ACTIVE DIRECTORY attributes and properties";
-		newPropertyValue=''
-		ldap_file=$app_home/WEB-INF/classes/xa_ldap.properties
-		if test -f $ldap_file; then
-			log "[I] $ldap_file file found" 
-			propertyName=xa_ldap_ad_url
-			newPropertyValue="${xa_ldap_ad_url}"
-			updatePropertyToFile $propertyName $newPropertyValue $ldap_file
-		
-			propertyName=xa_ldap_ad_domain
-			newPropertyValue="${xa_ldap_ad_domain}"
-			updatePropertyToFile $propertyName $newPropertyValue $ldap_file
-			
-			propertyName=authentication_method
-			newPropertyValue="${authentication_method}"
-			updatePropertyToFile $propertyName $newPropertyValue $ldap_file
-		else
-			log "[E] $ldap_file does not exists" ; exit 1;
-		fi
-    fi
-    if [ $authentication_method = "UNIX" ] ; then
-        do_unixauth_setup
-    fi
-    log "[I] Finished setup based on user authentication method=$authentication_method";  
-}
-
-#=====================================================================
-
-setup_unix_user_group(){
-
-	log "[I] Setting up UNIX user : ${unix_user} and group: ${unix_group}";
-
-    groupadd ${unix_group}
-    check_ret_status_for_groupadd $? "Creating group ${unix_group} failed"
-
-	id -u ${unix_user} > /dev/null 2>&1
-
-	if [ $? -ne 0 ]
-	then
-	    log "[I] Creating new user and adding to group";
-        useradd ${unix_user} -g ${unix_group} -m
-		check_ret_status $? "useradd ${unix_user} failed"
-	else
-	    log "[I] User already exists, adding it to group";
-	    usermod -g ${unix_group} ${unix_user}
-	fi
-
-	log "[I] Setting up UNIX user : ${unix_user} and group: ${unix_group} DONE";
-}
-
-setup_install_files(){
-
-	log "[I] Setting up installation files and directory";
-	if [ -d ${INSTALL_DIR} ]
-	then
-		mv ${INSTALL_DIR} ${INSTALL_DIR}_${curDt}
-	fi
-
-	mkdir -p ${INSTALL_DIR}
-	mkdir -p ${INSTALL_DIR}/ews
-	mkdir -p ${WEBAPP_ROOT}
-
-	cp -r ews/* ${INSTALL_DIR}/
-	mv ${INSTALL_DIR}/lib ${INSTALL_DIR}/ews/
-	mv ${INSTALL_DIR}/xapolicymgr.properties ${INSTALL_DIR}/ews/
-	mv ${INSTALL_DIR}/xapolicymgr /etc/init.d/xapolicymgr
-
-	cat ews/startpolicymgr.sh | sed -e "s|[ \t]*JAVA_HOME=| JAVA_HOME=${JAVA_HOME}|" > ${INSTALL_DIR}/startpolicymgr.sh
-
-	chmod ug+rx /etc/init.d/xapolicymgr
-
-	if [ -d /etc/rc2.d ]
-    then
-		RC_DIR=/etc/rc2.d
-        log "[I] Creating script S88xapolicymgr/K90xapolicymgr in $RC_DIR directory .... "
-		rm -f $RC_DIR/S88xapolicymgr  $RC_DIR/K90xapolicymgr
-		ln -s /etc/init.d/xapolicymgr $RC_DIR/S88xapolicymgr
-		ln -s /etc/init.d/xapolicymgr $RC_DIR/K90xapolicymgr
-    fi
-
-    if [ -d /etc/rc3.d ]
-    then
-	    RC_DIR=/etc/rc3.d
-        log "[I] Creating script S88xapolicymgr/K90xapolicymgr in $RC_DIR directory .... "
-		rm -f $RC_DIR/S88xapolicymgr  $RC_DIR/K90xapolicymgr
-		ln -s /etc/init.d/xapolicymgr $RC_DIR/S88xapolicymgr
-		ln -s /etc/init.d/xapolicymgr $RC_DIR/K90xapolicymgr
-    fi
-
-	# SUSE has rc2.d and rc3.d under /etc/rc.d
-    if [ -d /etc/rc.d/rc2.d ]
-    then
-		RC_DIR=/etc/rc.d/rc2.d
-        log "[I] Creating script S88xapolicymgr/K90xapolicymgr in $RC_DIR directory .... "
-		rm -f $RC_DIR/S88xapolicymgr  $RC_DIR/K90xapolicymgr
-		ln -s /etc/init.d/xapolicymgr $RC_DIR/S88xapolicymgr
-		ln -s /etc/init.d/xapolicymgr $RC_DIR/K90xapolicymgr
-    fi
-    if [ -d /etc/rc.d/rc3.d ]
-    then
-		RC_DIR=/etc/rc.d/rc3.d
-        log "[I] Creating script S88xapolicymgr/K90xapolicymgr in $RC_DIR directory .... "
-		rm -f $RC_DIR/S88xapolicymgr  $RC_DIR/K90xapolicymgr
-		ln -s /etc/init.d/xapolicymgr $RC_DIR/S88xapolicymgr
-		ln -s /etc/init.d/xapolicymgr $RC_DIR/K90xapolicymgr
-    fi
-
-
-	if [ -L ${XAPOLICYMGR_DIR} ]
-	then 
-		rm -f ${XAPOLICYMGR_DIR}
-	fi
-
-	ln -s ${INSTALL_DIR} ${XAPOLICYMGR_DIR}
-
-	if [ ! -L /var/log/xapolicymgr ]
-	then
-		ln -s ${XAPOLICYMGR_DIR}/ews/logs  /var/log/xapolicymgr
-	fi
-	log "[I] Setting up installation files and directory DONE";
-
-	if [ -d ${INSTALL_DIR}/ ]
-	then
-		chown -R ${unix_user}:${unix_group} ${INSTALL_DIR}
-	fi
-}
-
-restart_policymgr(){
-
-	log "[I] Restarting xapolicymgr";
-	service xapolicymgr stop 
-	service xapolicymgr start
-	sleep 30  # To ensure that the root application is initialized fully
-	log "[I] Restarting xapolicymgr DONE";
-
-}
-execute_java_patches(){
-	if [ "${DB_FLAVOR}" == "MYSQL" ]
-	then
-		dt=`date '+%s'`
-		tempFile=/tmp/sql_${dt}_$$.sql
-		mysqlexec="${SQL_COMMAND_INVOKER} -u ${db_root_user} --password="${db_root_password}" -h ${DB_HOST} ${db_name}"
-		javaFiles=`ls -1 $app_home/WEB-INF/classes/com/xasecure/patch/Patch*.class 2> /dev/null | awk -F/ '{ print $NF }' | awk -F_J '{ print $2, $0 }' | sort -k1 -n | awk '{ printf("%s\n",$2) ; }'`
-		for javaPatch in ${javaFiles}
-		do
-			if test -f "$app_home/WEB-INF/classes/com/xasecure/patch/$javaPatch"; then
-				className=$(basename "$javaPatch" .class)
-				version=`echo ${className} | awk -F'_' '{ print $2 }'`
-				if [ "${version}" != "" ]
-				then
-					c=`${mysqlexec} -B --skip-column-names -e "select count(id) from x_db_version_h where version = '${version}' and active = 'Y'"`
-					check_ret_status $? "DBVerionCheck - ${version} Failed."
-					if [ ${c} -eq 0 ]
-					then
-						log "[I] patch ${javaPatch} is being applied..";
-						msg=`java -cp "$app_home/WEB-INF/:$app_home/META-INF/:$app_home/WEB-INF/lib/*:$app_home/WEB-INF/classes/:$app_home/WEB-INF/classes/META-INF/" com.xasecure.patch.${className}`
-						check_ret_status $? "Unable to apply patch:$javaPatch"
-						touch ${tempFile}
-						echo >> ${tempFile}
-						echo "insert into x_db_version_h (version, inst_at, inst_by, updated_at, updated_by) values ( '${version}', now(), user(), now(), user()) ;" >> ${tempFile}
-						${mysqlexec} < ${tempFile}
-						check_ret_status $? "Update patch - ${javaPatch} has failed."
-						rm -f ${tempFile}
-						log "[I] patch ${javaPatch} has been applied!!";
-					else
-						log "[I] - patch [${javaPatch}] is already applied. Skipping ..."
-					fi
-				fi
-			fi
-		done
-	fi
-	if [ "${DB_FLAVOR}" == "ORACLE" ]
-	then
-		dt=`date '+%s'`
-		tempFile=/tmp/sql_${dt}_$$.sql
-		javaFiles=`ls -1 $app_home/WEB-INF/classes/com/xasecure/patch/Patch*.class 2> /dev/null | awk -F/ '{ print $NF }' | awk -F_J '{ print $2, $0 }' | sort -k1 -n | awk '{ printf("%s\n",$2) ; }'`
-		for javaPatch in ${javaFiles}
-		do
-			if test -f "$app_home/WEB-INF/classes/com/xasecure/patch/$javaPatch"; then
-				className=$(basename "$javaPatch" .class)
-				version=`echo ${className} | awk -F'_' '{ print $2 }'`
-				if [ "${version}" != "" ]
-				then
-					result2=`${SQL_COMMAND_INVOKER} -L -S "${db_user}"/"\"${db_password}\""@"${DB_HOST}" <<< "select version from x_db_version_h where version = '${version}' and active = 'Y';"`
-					#does not contains record so insert
-					if test "${result2#*$version}" == "$result2"
-					then
-						log "[I] patch ${javaPatch} is being applied..";
-						msg=`java -cp "$app_home/WEB-INF/:$app_home/META-INF/:$app_home/WEB-INF/lib/*:$app_home/WEB-INF/classes/:$app_home/WEB-INF/classes/META-INF/" com.xasecure.patch.${className}`
-						check_ret_status $? "Unable to apply patch:$javaPatch"
-						touch ${tempFile}
-						echo >> ${tempFile}
-						echo "insert into x_db_version_h (id,version, inst_at, inst_by, updated_at, updated_by) values ( X_DB_VERSION_H_SEQ.nextval,'${version}', sysdate, '${db_user}', sysdate, '${db_user}') ;" >> ${tempFile}
-						result3=`echo "exit"|${SQL_COMMAND_INVOKER} -L -S "${db_user}"/"\"${db_password}\""@"${DB_HOST}"  @$tempFile`
-						if test "${result3#*$strError}" == "$result3"
-						then
-							log "[I] patch ${javaPatch} has been applied!!";
-						else
-							log "[E] patch ${javaPatch} has failed."
-						fi
-						rm -f ${tempFile}
-					elif test "${result2#*$strError}" != "$result2"
-					then
-						log "[E] - patch [${javaPatch}] could not applied. Skipping ..."
-						exit 1
-					else
-						log "[I] - patch [${javaPatch}] is already applied. Skipping ..."
-					fi
-				fi
-			fi
-		done
-	fi
-}
-init_logfiles
-log " --------- Running XASecure PolicyManager Web Application Install Script --------- "
-log "[I] uname=`uname`"
-log "[I] hostname=`hostname`"
-init_variables
-get_distro
-check_java_version
-check_db_version
-check_db_connector
-setup_unix_user_group
-setup_install_files
-sanity_check_files
-check_db_admin_password
-create_db_user
-extract_war
-copy_db_connector
-import_db
-upgrade_db
-create_audit_db_user
-update_properties
-do_authentication_setup
-copy_to_webapps
-execute_java_patches
-restart_policymgr
-echo "Installation of XASecure PolicyManager Web Application is completed."

http://git-wip-us.apache.org/repos/asf/incubator-argus/blob/6af44c4f/security-admin/scripts/set_globals.sh
----------------------------------------------------------------------
diff --git a/security-admin/scripts/set_globals.sh b/security-admin/scripts/set_globals.sh
new file mode 100755
index 0000000..2c00aed
--- /dev/null
+++ b/security-admin/scripts/set_globals.sh
@@ -0,0 +1,95 @@
+#!/bin/bash
+# Licensed to the Apache Software Foundation (ASF) under one or more
+# contributor license agreements.  See the NOTICE file distributed with
+# this work for additional information regarding copyright ownership.
+# The ASF licenses this file to You under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with
+# the License.  You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+#If it is a manual install, then it is recommended to run this for every install/upgrade, before the setup.sh is called
+#This script will create the appropriate soft links for folders and files
+#This script will not override existing configuration or log files.
+#This script creates the required folders in /etc/ranger, /var/log/ranger and other folders.
+#This will also create the ranger linux user and groups if required.
+
+#This script needs to be run as root
+if [ ! -w /etc/passwd ]; then
+	echo "ERROR: Please run this script as root"
+	exit 1
+fi
+
+#Go to the current build directory
+cd `dirname $0`
+if [ ! -d ews ]; then
+	echo "ERROR: The script needs to be in the installed directory for this version"
+	exit 1
+fi
+
+curDt=`date '+%Y%m%d%H%M%S'`
+LOGFILE=set_globals.log.$curDt
+
+log() {
+	local prefix="[$(date +%Y/%m/%d\ %H:%M:%S)]: "
+	echo "${prefix} $@" >> $LOGFILE
+	echo "${prefix} $@"
+}
+
+#Create the ranger users and groups (if needed)
+unix_user=ranger
+unix_group=ranger
+
+groupadd ${unix_group}
+ret=$?
+if [ $ret -ne 0 ] && [ $ret -ne 9 ]; then
+	echo "Error creating group $unix_group"
+	exit 1
+fi
+
+id -u ${unix_user} > /dev/null 2>&1
+if [ $? -ne 0 ]; then
+    useradd ${unix_user} -g ${unix_group} -m
+else
+	usermod -g ${unix_group} ${unix_user}
+fi
+
+chown -R $unix_user *
+
+
+#Create etc conf folders
+if [ ! -d /etc/ranger/admin/conf ]; then
+	#Create the conf file /etc and copy either from package conf or conf.dist
+	mkdir -p /etc/ranger/admin/conf
+	if [ -d ews/webapp/WEB-INF/classes/conf ]; then
+		#If conf already exists, then move it to /etc...
+		cp -r ews/webapp/WEB-INF/classes/conf/* /etc/ranger/admin/conf
+	else
+		#Let's copy conf.dist to /etc/ranger/admin/conf
+		cp -r ews/webapp/WEB-INF/classes/conf.dist/* /etc/ranger/admin/conf
+	fi
+	chmod 750 /etc/ranger/admin/conf
+	chown -R $unix_user:$unix_group /etc/ranger/admin/conf
+fi
+
+log "[I] Soft linking /etc/ranger/admin/conf to ews/webapp/WEB-INF/classes/conf"
+mv -f ews/webapp/WEB-INF/classes/conf ews/webapp/WEB-INF/classes/conf.$curDt 2> /dev/null
+ln -sf /etc/ranger/admin/conf ews/webapp/WEB-INF/classes/conf
+
+#Create the log folder
+if [ ! -d /var/log/ranger/admin ]; then
+	mkdir -p /var/log/ranger/admin
+	if [ -d ews/logs ]; then
+		cp -r ews/logs/* /var/log/ranger/admin
+	fi
+	chmod 755 /var/log/ranger/admin
+	chown -R $unix_user:$unix_group /var/log/ranger
+fi
+mv -f ews/logs ews/webapp/logs.$curDt 2> /dev/null
+ln -sf /var/log/ranger/admin ews/logs


Mime
View raw message