[mdlug] Jboss 7 question

Mathew May mathewmay1 at wowway.com
Tue Oct 7 16:57:06 EDT 2014


Please note that in the GODDARD section I have tried both "service jboss_goddard start" and "/etc/init.d/jboss_goddard start" as you can see by the commented out line. And this script is run by the tcatusr. 


----- Original Message -----

From: "Mathew May" <mathewmay1 at wowway.com> 
To: "MDLUG's Main discussion list" <mdlug at mdlug.org> 
Sent: Tuesday, October 7, 2014 4:42:20 PM 
Subject: Re: [mdlug] Jboss 7 question 

Here is the script below. Please note, this was not my script and my Perl skills are beginner at best. There are a lot of dependencies on other file for variables. I have also allowed the tcatusr sudo access to run the /etc/init.d/jboss_applicationname scripts as well as the /sbin/service scripts. 

Even before modifying the sudoers file I could stop the JVM as the tcatusr without being prompted for a passwd. 

As you can tell by variable names this is from work, not giving away any company secrets here, but please be discrete. Can't think of anything else I might have left out.... 



### Purpose: stop/start/restart jboss utilities 
############################################################################### 
############################################################################### 

print "running $0 . . .\n"; 

############### 
### modules ### 
############### 
### common modules 
use strict; 
use warnings; 
### uncommon modules 
use Getopt::Long; 
############### 
############### 

###check username 
my $su=''; 
my $user=`whoami`; 
#if ( "$user" eq "tcatusr" ){$su='su - tcatusr -c ';} 
if ( "$user" eq "tcatusr" ){$su='sudo ';} 

################## 
### call help? ### 
################## 
if (!@ARGV) {help(); exit;} 
if (@ARGV){if (($ARGV[0] eq "help")||($ARGV[0] eq "-help")||($ARGV[0] eq "h")||($ARGV[0] eq "-h")){help(); exit;}} 
################## 
################## 

#################### 
### call keys.pl ### 
#################### 
require "keys.pl"; 
our $novus; 
our $chrysler; 
our $fiat; 
our $contrado; 
our $cdaws_app; 
our $mpulse_serv; 
our $sandbox; 
#################### 
#################### 

######################### 
### declare variables ### 
######################### 
my $start = 0; 
my $stop = 0; 
my $restart = 0; 
my $tail = 0; 
my $goddard = 0; 
my $sonus = 0; 
my $workbench = 0; 
my $jboss_contrado = 0; 
my $jboss_cdaws = 0; 
my $n; 
######################### 
######################### 

################### 
### get options ### 
################### 
my $getopt_ok = GetOptions 
( 
"start" => \$start, 
"stop" => \$stop, 
"restart" => \$restart, 
"goddard" => \$goddard, 
"sonus" => \$sonus, 
"workbench" => \$workbench, 
"contrado" => \$jboss_contrado, 
"cdaws" => \$jboss_cdaws, 
"tail" => \$tail, 
"n:s" => \$n, 
); 
if (!$getopt_ok){help(); exit;} 
################### 
################### 

####################### 
### check arguments ### 
####################### 
my $opcounter=0; 
$opcounter++ if $start; 
$opcounter++ if $stop; 
$opcounter++ if $restart; 
if ($opcounter > 1) {print "\nplease provide only one operation: \'--start\', \'--stop\', or \'--restart\'\n\n"; help(); die;} 
if ($opcounter == 0 && !$tail) {print "\nplease provide at least one operation, or \'--tail\': \'--start\', \'--stop\', or \'--restart\'\n\n"; help(); die;} 
if (defined($n) && !$tail) {print "\nwhen proving argument --n, please include --tail\n\n"; help(); die;} 
if (!defined($n)) {$n = 10;} 

####################### 
####################### 

############ 
### main ### 
############ 
#if ($novus) 
#{ 
# if ($goddard||$workbench||$jboss_contrado||$jboss_cdaws) {print "\nplease choose an application that exists on this server: sonus\n\n"; help(); die;} 
#} 
if ($chrysler||$novus) 
{ 
if ($jboss_contrado||$jboss_cdaws) {print "\nplease choose an application that exists on this server: goddard, sonus, workbench\n\n"; help(); die;} 
} 

if ($fiat) 
{ 
if ($goddard||$workbench||$jboss_contrado||$jboss_cdaws) {print "\nplease choose an application that exists on this server: sonus\n\n"; help(); die;} 
} 

if ($contrado) 
{ 
if ($goddard||$sonus||$workbench||$cdaws_app) {print "\nplease choose an application that exists on this server: contrado, cdaws\n\n"; help(); die;} 
} 

if ($cdaws_app) 
{ 
if ($goddard||$sonus||$workbench||$contrado) {print "\nplease choose an application that exists on this server: contrado, cdaws\n\n"; help(); die;} 
} 

if ($mpulse_serv) 
{ 
if ($goddard||$workbench||$jboss_contrado||$jboss_cdaws) {print "\nplease choose an application that exists on this server: sonus\n\n"; help(); die;} 
} 

if (!$goddard&&!$sonus&&!$workbench&&!$jboss_contrado&&!$jboss_cdaws) 
{ 
# if ($novus) {$sonus=1;} 
# if ($chrysler||$novus) {$goddard=1; $sonus=1; $workbench=1;} 
if ($chrysler) {$goddard=1; $sonus=1;} 
if ($fiat) {$sonus=1;} 
if ($contrado) {$jboss_contrado=1;} 
if ($cdaws_app) {$jboss_cdaws=1;} 
if ($mpulse_serv) {$sonus=1;} 
} 

if ($goddard) 
{ 
#if ($start) {system "${su}service jboss_goddard start";} 
if ($start) {system "${su} /etc/init.d/jboss_goddard start";} 
if ($stop) {system "${su}service jboss_goddard stop";} 
if ($restart) {system "${su}service jboss_goddard restart";} 
} 

if ($sonus) 
{ 
if ($start) {system "${su}service jboss_sonus start";} 
if ($stop) {system "${su}service jboss_sonus stop";} 
if ($restart) {system "${su}service jboss_sonus restart";} 
} 

if ($workbench) 
{ 
if ($start) {system "${su}service jboss_workbench start";} 
if ($stop) {system "${su}service jboss_workbench stop";} 
if ($restart) {system "${su}service jboss_workbench restart";} 
} 

if ($jboss_contrado) 
{ 
if ($start) {system "${su}service jboss_contrado start";} 
if ($stop) {system "${su}service jboss_contrado stop";} 
if ($restart) {system "${su}service jboss_contrado restart";} 
} 

if ($jboss_cdaws) 
{ 
if ($start) {system "${su}service jboss_cdaws start";} 
if ($stop) {system "${su}service jboss_cdaws stop";} 
if ($restart) {system "${su}service jboss_cdaws restart";} 
} 

if ($tail) 
{ 
my $tail_arg_str = "tail -f -n $n"; 
$tail_arg_str .= " /logs/server.goddard.log" if ($goddard); 
$tail_arg_str .= " /logs/server.sonus.log" if ($sonus); 
$tail_arg_str .= " /logs/server.workbench.log" if ($workbench); 
$tail_arg_str .= " /logs/server.contrado.log" if ($jboss_contrado); 
$tail_arg_str .= " /logs/server.cdaws.log" if ($jboss_cdaws); 
system "$tail_arg_str"; 
} 
############ 
############ 

print "end of $0\n"; 

############ 
### help ### 
############ 
sub help 
{ 
print " 
filename: $0 

syntax: 
$0 --start [--tail --n N] || --stop [--tail] || --restart [--tail] || --tail 
[--goddard] [--sonus] [--workbench] [--contrado] [--cdaws] 

description: utility to start and stop jboss servers 

start start target JBoss server 
stop stop target JBoss server 
restart stop and start target JBoss server 
tail optionally tail the server log files 
n the number of lines to initially show when tailing 

notes JBoss options will be different based on server type (chrysler, fiat, contrado) 
If no JBoss servers are specified, all JBoss servers will started, stopped, 
and/or tailed 

Examples: 
to start all JBoss servers: 
jboss --start 
to stop a JBoss server: 
jboss --stop --goddard 
to start goddard and tail the log file: 
jboss --start --tail --goddard 
to tail the goddard log file: 
jboss --tail --goddard 
"; 
} 
############ 
############ 



----- Original Message ----- 

From: "Jason" <jmtaylor90 at gmail.com> 
To: "MDLUG's Main discussion list" <mdlug at mdlug.org> 
Sent: Tuesday, October 7, 2014 4:32:52 PM 
Subject: Re: [mdlug] Jboss 7 question 

The password appears that it would be for the calling su user. To be honest it sounds like the script is broken, any chance you can post the script? Since you are using a rhel based distro you can leverage the functions such as daemon which would be more appropriate. 

JT 

> On Oct 7, 2014, at 16:19, David Wood <dwood169 at gmail.com> wrote: 
> 
> What is the password for. I have seen this with apache when a ssl cert is 
> used that requires a password. 
> +1 on Gibs answer, that is how I would do it. 
> 
>> On Tue, Oct 7, 2014 at 4:03 PM, gib at juno.com <gib at juno.com> wrote: 
>> 
>> Perhasp redirect from a password or varible file. 
>> Add < mypasswordFile.txt 
>> 
>> ---------- Original Message ---------- 
>> From: Mathew May <mathewmay1 at wowway.com> 
>> To: MDLUG's Main discussion list <mdlug at mdlug.org> 
>> Subject: [mdlug] Jboss 7 question 
>> Date: Tue, 7 Oct 2014 15:27:50 -0400 (EDT) 
>> 
>> Hey guys, 
>> 
>> Having an issue with JBoss7 on a CentOS 5.7 server. It is setup to run as 
>> the non-root user tcatusr. A script, written by someone other than myself, 
>> does a user check and if the user is equal to tcatusr is sets a variable of 
>> $su=su - tcatusr -c. Then later in the script it will issue the command to 
>> stop, start, or restart the JVM. Example from the script: ${su}service 
>> jboss_appname stop or ${su} service jboss_appname_start or ${su}service 
>> jboss_appname restart depending on the options passed. 
>> 
>> The stop command works just fine. With variables filled in it would issues 
>> the following: su - tcatusr -c "service jboss_appname stop" . And as I said 
>> this work just fine. 
>> 
>> When I try to issue the start command, I am prompted for a password. With 
>> variables filled in: su - tcatusr -c "service jboss_appname start" . This 
>> prompts me for a password to successfully start the JVM. 
>> 
>> Can anyone point me in a direction here? Why can I stop the JVM with the 
>> tcatusr without having to enter a passwd, but not be able to start the JVM 
>> without entering a password? 
>> 
>> Banging my head on the wall here.... 
>> _______________________________________________ 
>> mdlug mailing list 
>> mdlug at mdlug.org 
>> http://mdlug.org/mailman/listinfo/mdlug 
>> ____________________________________________________________ 
>> Apple&#39;s Crazy New Gizmo 
>> Forget the iPhone 6. Next hit Apple product leaked. &#40;see picture&#41; 
>> http://thirdpartyoffers.juno.com/TGL3131/5434475ecfc26475e7fd8st03vuc 
>> _______________________________________________ 
>> mdlug mailing list 
>> mdlug at mdlug.org 
>> http://mdlug.org/mailman/listinfo/mdlug 
> _______________________________________________ 
> mdlug mailing list 
> mdlug at mdlug.org 
> http://mdlug.org/mailman/listinfo/mdlug 
_______________________________________________ 
mdlug mailing list 
mdlug at mdlug.org 
http://mdlug.org/mailman/listinfo/mdlug 

_______________________________________________ 
mdlug mailing list 
mdlug at mdlug.org 
http://mdlug.org/mailman/listinfo/mdlug 



More information about the mdlug mailing list