PAMSC/PIM - Sample script for automated endpoint upgrade
search cancel

PAMSC/PIM - Sample script for automated endpoint upgrade

book

Article ID: 267945

calendar_today

Updated On:

Products

CA Privileged Access Manager - Server Control (PAMSC)

Issue/Introduction

CA Privileged Access Manager Server Control is loaded.
CA Privileged Access Manager Server Control needs to be unloaded first in order for install to complete.
error: %prein(CAeAC-1410-50.61.x86_64) scriptlet failed, exit status 1
error: CAeAC-1410-50.61.x86_64: install failed
error: CAeAC-1410-40.182.x86_64: erase skipped

Environment

Release : 14.1

Resolution

A sample script to start an automated upgrade.

 

#!/bin/sh -x
 
#This script is the PAM SC 14.1 Upgrade 
 
#Modify this line for the upgrade version
PKGVersion="CAeAC-1410-50.61.x86_64"
#input variables
 
PKGInstall=$PKGVersion.rpm
TARBALL=$PKGVersion.tar
 
INSTALLDIR=/opt/CA
 
 
TEMPDIR=$INSTALLDIR/tmp_upgrade
   if [ ! -d "$TEMPDIR" ] ;then
      mkdir -p $TEMPDIR 2>&1
    fi
 
MEDIA_DIR=$INSTALLDIR/media
    if [ ! -d "$MEDIA_DIR" ] ;then
       mkdir -p $MEDIA_DIR 2>&1
    fi
 
SEOSDIR=$INSTALLDIR/PAMSC
 
 
 
#Define patch log file and start logging to this
 
DATE=`date '+%y%m%d%H'`
ENDPOINT=`hostname`
LOGFILE="$TEMPDIR/$ENDPOINT.$DATE.PAMPatchInstall.Log"
 
exec > $LOGFILE 2>&1
echo "Automated upgrade begin - $DATE"
 
 
# Confirm base OS
OS_NAME=`uname`
   if [ $OS_NAME != "Linux" ];then
      echo " The program $0 can be installed only on Linux" >&2
      exit 1
   fi
 
 
# Shutdown and confirm running installation
SHUTDOWN=`$SEOSDIR/bin/secons -sk |grep DOWN`
   if [[ -z $SHUTDOWN ]] ;then
       echo "PAMSC errored on shutdown" >&2 
   fi
 
sleep 20
 
RUNNING=`$SEOSDIR/bin/issec |grep "pid="`
   if [ -z "$RUNNING" ];then
       echo "PAMSC successfully stopped"
   else
       echo "PAMSC failed to stop in time"
       #May want to restart with seload here in case only partially stopped
       exit 1
    fi
 
# Preapre kernel module to be upgraded
$SEOSDIR/bin/SEOS_load -u
sleep 60
 
ENABLED=`$SEOSDIR/bin/secons -ik |grep "<--"`
    if [[ -z "$ENABLED" ]] ;then
       echo "SEOS_load unloaded the kernel module."
   else 
       echo "SEOS_load failed to unload the kernel module."
       KERNEL=`echo $ENABLED|awk '{print $1;}' `
       $SEOSDIR/bin/secons -dk $KERNEL
 
       ENABLED2=`$SEOSDIR/bin/secons -ik |grep "<--"`
       if [[ -z "$ENABLED2" ]] ;then
           echo "secons -dk disabled the kernel module."
       else 
            echo "secons -dk failed to disable the kernel module."
           echo "Please check gfor additaional error conditions which may stop the module unload."
           exit 1
       fi
   fi
 
 
#  Perform the RPM upgrade
echo "Continue Upgrading PAMSC"
 
if [ -f /etc/seos.ini ];then
cd $MEDIA_DIR
tar xvf $TARBALL 2>&1
else
echo "PAMSC does not exist on server" >&2
exit 1
fi
 
if [[ -f "$PKGInstall" ]];then
rpm -Uvh $PKGInstall
else
echo "Could not find $PKGInstall" >&2
exit 1
fi
 
 
 
# Restart PAMSC and confirm
$SEOSDIR/bin/seload &
sleep 300  # set to ensure plenty of time to load even on slow machines
 
#  Check service was reloaded properly
RUNNING=`$SEOSDIR/bin/issec |grep "pid="`
if [[ ! -z "$RUNNING" ]];then
echo "Automated upgrade ended successfully - $DATE"
echo "$0 completed"
else
echo "PAMSC failed to start, there may be an issue with the upgrade."
# May want to do more here
exit 1
fi
 
# Document PAMSC loaded and connected to DH service properly afte upgrade
date +"%T@%b %d %Y"  
grep connect $SEOSDIR/log/policyfetcher.log
 
 
exit 0
Powered by Wolken Software