Administrative Scripts

Administrative Scripts
 
 
This chapter provides information on various scripts used by the Cisco’s Policy Provisioning Tool (PPT) for performing different administrative tasks. However most of the scripts are specific to perform certain operations including database backup, restore, vacuuming, and resetting superuser password, some of them provide log information for troubleshooting purpose. All of these scripts except the PPT Components Control (pptctl) Script are located in the “scripts” folder in the PPT installation directory <PPT_install_dir>.
This chapter includes information on the following scripts:
note_smallImportant: The user must have PPT administrator privileges to run/execute all of the above listed scripts.
 
PPT Components Control Script
PPT Components Control (pptctl) script is used to control the PPT components by performing following operations/actions:
 
start: starts the specified process or all processes.
stop: stops the specified process or all processes.
restart: restarts the specified process or all processes.
forcestop: forcefully stops the specified process or all processes.
status: checks the running status of the specified process or all processes.
Caution_iconCaution: If the process name is not mentioned before any of the above mentioned operation/action, the respective action is taken for all the policy provisioning processes.
Syntax
pptctl [ postgres | apache | psmon | notif_server ] [ start | stop | restart | forcestop | status ] | [ version ] | [ --help ]
--help
This option is provided to show help for usage of this script.
postgres [ start | stop | restart | forcestop | status ]
start/ stop/ restart/ forcestop the Postgres server.
apache [ start | stop | restart | forcestop | status ]
start/ stop/ restart/ forcestop the Apache Web server.
psmon [ start | stop | restart | forcestop | status ]
start/ stop/ restart/ forcestop the Process monitor.
notif_server [ start | stop | restart | forcestop | status ]
start/ stop/ restart/ forcestop the Notification server.
version
Displays the version of the currently installed PPT.
Usage Description
Execute the following script command to start all the services required to run PPT:
./pptctl start
The sample output of the above command is displayed below:
Starting Postgres Server ...
Starting Apache Server ...
Starting PSMon Service ...
Starting Notif Server ...
Execute the following script command to see the version of the installed PPT:
./pptctl version
The sample output of the above command is displayed below:
Policy Provisioning Tool (version 12.1.36.0)
Execute the following script command to stop the Apache Web server by force:
./pptctl apache forcestop
The sample output of the above command is displayed below:
This will stop all currently running apache requests, if any.
Stopping apache...
 
Set Superuser Password Script
This script is used to reset the superuser password in the Policy Provisioning Tool (PPT) database.
 
syntax
./set_superuser_password [ --help ]
--help
This option is provided to show help for its usage.
Usage Description
The user having administrator rights needs to run the script without giving any option, as shown below:
./set_superuser_password.sh
The script prompts the user to enter a password. This password is stored in the database. The sample output is shown below:
Please enter the password for superuser.
password:new_password
Password for superuser changed successfully.
Caution_iconCaution: If you enter the same old password when prompted to enter the new superuser password, following messages are displayed:
Password updation for superuser failed.
New password cannot be same as old password.
 
Database Backup and Restore Script
This script is used to perform PPT database backup and restore operations.
 
syntax
backupAndRestore.sh [ --help ] | [ backup backup_dir_path ] | [ restore ]
--help
This option is provided to show help for its usage.
backup
Takes the backup of the PPT database and configuration files including ppt.cfg and psmon.cfg.
restore
Restores the PPT database and configuration file for PSMon. For this restore operation, the script prompts for a backup filename. Therefore an absolute path with the file extension has to be entered.
Caution_iconCaution: No extra parameters are required other than the restore keyword.
Usage Description
Execute the script and provide any of the above mentioned options. For backup option <backup_dir_path> is mandatory. The script takes backup of PPT database and copies configuration files, creates a tar ball and compresses the file. The file is created at the location specified by the user. If the backup operation fails, SNMP traps are sent. Details of traps can be found in ‘Trap Details’ table below. For more detailed information traps, please refer CISCO-PPT-MIB.txt file located at the <PPT-install-dir>/mib/ directory. The success/failure messages are displayed and the traps are sent for specific error conditions.
 
Trap Details
starPPTDBBackupDestinationNotAccessible: Backup directory is not accessible or PPT administrator does not have enough permissions to access it.
starPPTDBBackupNotEnoughDiskSpace: The disk on which backup is to be taken is full.
For example, to take the backup of the database, execute the following command set:
./backupAndRestore.sh backup backup_dir_path
The above command takes the backup of PPT database and copies configuration for PSMon, and creates a tar file. This tar file is created at the location backup_dir_path
Running the Backup and Restore script via CRON
During PPT installation a cron entry for backup script is added. By default, the backup time interval is configured as 1 day. This time interval can be modified using the script: <PPT-install-dir>/scripts/updateBackupInterval.sh. By default backup is taken at midnight for daily backup. In casae the backup interval is modified by user, the backup will be taken at following time
 
Update Backup Interval Script
This script is used to update the database backup interval in the CRON utility. The database backup interval is configured for the regular database backup.
 
Syntax
updateBackupInterval.sh [ --help ]
--help
This option is provided to show help for its usage.
Usage Description
Execute the script without any option. For example:
./updateBackupInterval.sh
It prompts the user to specify backup interval. The valid options include: 1 - hourly, 2 - daily, 3 - weekly, and 4 - monthly. In case the user selects weekly option then, the script asks for the day of week on which the backup will be taken. In such case the valid options are: 0 - Sun, 1 - Mon, 2 - Tue, 3 - Wed, 4 - Thu, 5 - Fri, and 6 - Sat. Depending on the user input, backup interval in cron entry for PPT backup is modified. The sample output is shown below:
=======================================
Please select any one of the following
options for backup interval
1 - hourly
2 - daily
3 - weekly
4 - monthly
=======================================
Enter your option and press [ENTER]:3
[0]Sun, [1]Mon, [2]Tue, [3]Wed, [4]Thu, [5]Fri, [6]Sat
Enter the weekday and press [ENTER]:1
Cron updated successfully. Crontab contents are as follows
0,5,10,15,20,25,30,35,40,45,50,55 * * * * sh /root/users/ppt//cronjobs/sessCleanup.sh
0 0 * * 1 /root/users/ppt//scripts/backupAndRestore.sh backup /root/users/ppt/backup_dir
Database Cleanup Script
This script is used to perform the cleanup of PPT database. However the cleanup is performed for the Audit table only.
 
Syntax
dbcleanup [ --days number_of_days ] | [ --help ]
--help
This option is provided to show help for its usage.
--days
Number of days for which the data is to be retained. Default is 30 days, minimum is 2 days, and maximum is 30 days. Therefore the number_of_days ranges from 2 to 30.
Usage Description
Execute the script with or without the --days option followed by the number of days for which records are to be retained. For example, to delete all records older than 5 days:
./dbcleanup.sh --days 5
If the script is executed without any option, it asks for confirmation whether data older than 30 days is to be deleted. If you wish to change the number of days to some value other than 30 then, enter 'yes'. Enter the number of days for which the data is to be retained. Script deletes records from the database and displays success/failure message.
Sample output for the above command without any option is given below:
Number of days prior to which data is to be deleted is not specified.
Using default value: 30 days.
Do you want to change the number of days? (yes/no):yes
Number of days:5
30 records deleted from database, which were older than 5 days.
Caution_iconCaution: Running this script results in purging the data which would neither be available nor be recovered.
 
Database Vacuum Script
This script is used to perform the vacuuming on PPT database.
 
Syntax
vacuum [ --help ]
--help
This option is provided to show help for its usage.
Usage Description
Execute the script without any option. For example:
./vacuum.sh
It asks for confirmation. If you wish to continue then, enter ‘yes’ on command prompt. Script performs the vacuum operation on the database and displays success/failure message. The sample output is shown below:
Vacuumimg will be done for database.
Proceed (yes/no):yes
Password:postgres_password
Vacuum was done successfully.
Caution_iconCaution: When prompted for the password, you are required to enter the correct Postgres password. In case you enter an incorrect password, following message is displayed:
Vacuum operation failed: vacuumdb: could not connect to database pptdb: FATAL: password authentication failed for user "pptadmin".
 
SNMP Target Configuration Script
This script is used to add/delete SNMP targets to/from PPT database. These targets are used by Notification Server (NotifServer) to send traps.
 
Syntax
configSnmpTarget.sh [ --help ]
--help
This option is provided to show help for its usage.
Usage Description
Execute the script without any option. For example:
./configSnmpTarget.sh
It displays the list of SNMP targets currently configured in databse and prompts the user to “Add/Delete” a target or to “Exit” the script. Choosing “Add” option prompts the user for IP address, port, SNMP version (1/2c) and community name. Choosing “Delete” option prompts the user for IP address and port value. Depending on success or failure, appropriate message is displayed. Choosing “Exit” option exits the script.
note_smallImportant: Upto a maximum of five SNMP targets can be configured.
The sample output of this script is shown below:
The list of SNMP targets configured is as follows. Maximum of 5 targets can be configured.
===================================================
IP address - Port number - SNMP version - Community
===================================================
127.0.0.1 -     162          - 1 -        public
Select option to Add/Delete SNMP target (Add/Delete/Exit):Add
Please enter SNMP target details
IP address:1.2.3.4
Port: 667
SNMP version (1 / 2c):2c
Community: test
SNMP target added successfully
The list of SNMP targets configured is as follows. Maximum of 5 targets can be configured.
===================================================
IP address - Port number - SNMP version - Community
===================================================
127.0.0.1 -     162          - 1 -        public
1.2.3.4 -       667          - 2c -       test
Select option to Add/Delete SNMP target (Add/Delete/Exit): Exit
 
Get Support Details Script
This script is used to collect support details information for the Policy Provisioning Tool.
The purpose of this script is to collect debug information for PPT. The script collects different log files and captures output of certain system commands that would help in better debugging of a particular issue. Executing this script collects the required information and prepares a gzip file named “<project_name>supportDetails.tar.gz” file in the /tmp directory.
note_smallImportant: The gzip file is supposed to be attached in the problem report (PR) while reporting a problem in the customer setup.
The gzip file name and the directory in which this gzip file is created, are configurable via an XML file
Syntax
./getSupportDetails.pl [ --level = level_number ] [ --xmlfile = xml_filename ] [ --outputDir = outpur_dir_path ] [ --verbose ] [ --help ]
--level = level_number
Specifies the level of debug to run. Default: 1 and Max: 2. Level 1 debugging includes the following information:
Level 2 debugging includes the logs from level 1 and dump of the database.
--xmlfile = xml_filename
Specifies the XML file to be used to collect the log information. Default: getSupportDetails.xml in same directory as script. XML file allows the user to configure the gzip file name and directory where the gzip file will be created.
Caution_iconCaution: Updating other configuration attributes in the XML file may lead to unexpected results.
--outputDir = output_dir_path
Uses specified directory output_dir_path as destination to collect logs. Default: /tmp/ as output directory to collect logs.
--verbose
Displays information of the logs being collected.
--help
This option is provided to show help for its usage.
Usage Description
In order to run the script for level 2 debugging with XML file name testXML, execute the following set of commands:
./getSupportDetails.pl --level=2 --xmlfile=/tmp/testXML.xml
 

Cisco Systems Inc.
Tel: 408-526-4000
Fax: 408-527-0883