From 4697e670434d01464723d3f3da6608ea6d650cf2 Mon Sep 17 00:00:00 2001

From: Jan Grulich <jgrulich@redhat.com>

Date: Tue, 7 Apr 2015 13:42:15 +0200

Subject: [PATCH 6/6] Add force mode BUG:1205691

---

 sapconf     | 33 +++++++++++++++++++--------------

 sapconf.man |  7 ++++---

 2 files changed, 23 insertions(+), 17 deletions(-)

diff --git a/sapconf b/sapconf

index 58096fe..bad7736 100755

--- a/sapconf

+++ b/sapconf

@@ -20,10 +20,11 @@

 # requires: tuned-profiles-sap

 #

 # options:

-#   -f <file> : uses the given file instead of /etc/sysconfig/sap (FUTURE USE)

-#   -n        : just check and don't modify

-#   -q        : quiet, no output

-#   -d <dbtyp>: used to set special parameters for Sybase and Oracle

+#   -d <dbtyp>   : used to set special parameters for Sybase and Oracle, respectively (i.e. sybase|syb|oracle|ora)

+#   -f           : FORCE mode: do actions which are not required, but makes your life easier (i.e. disable firewall)

+#   -n           : CHECK_ONLY mode: no modification will be made to the system

+#   -q           : quiet execution. log file directory: /var/log/sap

+#   -h           : help message

 #

 # returncodes:

 #       0 : all works well

@@ -53,6 +53,7 @@ export LOGFILE=${LOGDIR}/${SCRIPTNAME}-$(date +"%Y%m%d%H%M").log

 SAP_NOTE_RHEL7="SAP Note 2002167"

 CHECK_ONLY=0

+FORCE_MODE=0

 QUIET=0

 # rec_count counts the number of lines of variable array REC[] that contains recommendations to be put at the end of the $LOGFILE

 rec_count=0

@@ -115,10 +116,11 @@ ORA_EXTRA_RPMS="@development libaio libaio-devel compat-libstdc++-33 elfutils-li

 #    1

 function usage() {

 cat << EOU

-Usage: $0 [-d <dbtype>] [-n] [-q]

+Usage: $0 [-d <dbtype>] [-f] [-n] [-q]

    -d <dbtyp>   : used to set special parameters for Sybase and Oracle, respectively (i.e. sybase|syb|oracle|ora)

-   -n           : CHECK_ONLY mode: check only, no modification will be made to the system

+   -f           : FORCE mode: do actions which are not required, but makes your life easier (i.e. disable firewall)

+   -n           : CHECK_ONLY mode: no modification will be made to the system

    -q           : quiet execution. log file directory: /var/log/sap

    -h           : help message

@@ -639,7 +639,12 @@ function check_security() {

 # SELinux needs to be permissive or disabled

 SELINUX_CONFIG=/etc/selinux/config

 if egrep -q "^SELINUX=['\"]?enforcing" $SELINUX_CONFIG; then

-        rec "SELinux is configured to be booted in enforcing mode. It's recommended to set to permissive. Please check $SAP_NOTE_RHEL7 for details."

+        if [ $FORCE_MODE == 1 ]; then

+                sed -i "s/^SELINUX=['\"]\?enforcing/SELINUX=permissive/" $SELINUX_CONFIG

+                out "Configuring SELinux to be permissive..."

+        else

+                rec "SELinux is configured to be booted in enforcing mode. It's recommended to set to permissive. Please check $SAP_NOTE_RHEL7 for details."

+        fi

 else

     if egrep -q "^SELINUX=['\"]?disabled" $SELINUX_CONFIG; then

         rec "SElinux is configured to be disabled on boot. It's recommended to be set to permissive, however your system may then require to be relabeled. Please check $SAP_NOTE_RHEL7 for details."

@@ -655,7 +657,7 @@ fi

 # Firewall needs to be off

 if systemctl status firewalld.service > /dev/null 2>&1 ; then

-   if [ $CHECK_ONLY == 0 ]; then

+   if [ $FORCE_MODE == 1 ]; then

       # disable firewall or open required ports

       systemctl disable firewalld.service > /dev/null 2>&1

       systemctl stop firewalld.service > /dev/null 2>&1

@@ -905,18 +907,9 @@ done

 #

 ####################################################################################

-while getopts "nqhf:d:" opt; do

+while getopts "c:d:fhnq" opt; do

   case $opt in

-    n)

-      CHECK_ONLY=1

-      ;;

-    q)

-      QUIET=1

-      ;;

-    h)

-      usage

-      ;;

-    f)

+    c)

       SAPCONFIG=$OPTARG

       [ ! -r $SAPCONFIG ] && error "File $SAPCONFIG does not exist" 2

       . $SAPCONFIG

@@ -924,6 +917,18 @@ while getopts "nqhf:d:" opt; do

     d)

       dbtyp=$OPTARG

         ;;

+    f)

+      FORCE_MODE=1

+      ;;

+    h)

+      usage

+      ;;

+    n)

+      CHECK_ONLY=1

+      ;;

+    q)

+      QUIET=1

+      ;;

     *)

       usage

       ;;

diff --git a/sapconf.man b/sapconf.man

index 0d49cdf..57e50fd 100644

--- a/sapconf.man

+++ b/sapconf.man

@@ -4,7 +4,7 @@

 .SH NAME

 sapconf \- prepares fresh installed RHEL for installation of SAP

 .SH SYNOPSIS

-sapconf [-d <dbtype>] [-n] [-q]

+sapconf [-d <dbtype>] [-f] [-n] [-q]

 .SH DESCRIPTION

 sapconf is a shell program for configuring/checking a Red Hat Enterprise Linux system according to the follwing SAP Notes:

@@ -21,9 +21,10 @@ SE Linux status will only be checked.

 .SH OPTIONS

-   -n           : CHECK_ONLY mode: check only, no modification will be made to the system

+   -d <dbtyp>   : used to set special parameters for Sybase and Oracle, respectively (i.e. sybase|syb|oracle|ora)

+   -f           : FORCE mode: do actions which are not required, but makes your life easier (i.e. disable firewall)

+   -n           : CHECK_ONLY mode: no modification will be made to the system

    -q           : quiet execution. log file directory: /var/log/sap

-   -d <dbtype>  : used to set special parameters for Sybase and Oracle, respectively (i.e. sybase|syb|oracle|ora|db2|ada)

    -h           : help message

 .\.SH SEE ALSO

-- 

2.1.0