Running a script on Linux

(imported topic written by jcsUTSW)

I’m using createfile to create a shell script. Running chmod 777 on the script then doing a wait myscript.sh > scriptresults.txt

Ultimately I would like to read the lines of the results file back into BigFix as a property.

As I prepare to hand myself “The dumbest question of the week” award, where is the actionsite folder on a Linux client?

I want to verify that my script is being created and I am unable to locate the folder.

Thanks for helping a dum dum out… :slight_smile:

(imported comment written by jessewk)

/var/opt/besclient/__besdata/actionsiste

(imported comment written by jcsUTSW)

Thank you sir !

That helped me figure out that my createfile wasnt working…

So I switched to downloading the file. But it still doesnt seem to work, it downloads the file successfully but it’s not running it… Heres my action.

download http://sw2kbf1.swmed.org:52311/download/openssh-blacklist-1.0.sh

run chmod 777 __Download/openssh-blacklist-1.0.sh

wait __Download/openssh-blacklist-1.0.sh > /tmp/opensshresults.txt

See where I’m going wrong?

If I shell into the machine and go into the __Download directory and run sh openssh-blacklist-1.0.sh > /tmp/opensshresults.txt it works fine.

Any tips?

(imported comment written by jessewk)

my guess is that your ‘run’ command doesn’t complete before your wait command executes. Try changing ‘run chmod …’ to ‘wait chmod …’.

Also, I’d recommend checking the hash on your script to make sure it hasn’t changed during transit. The best way would be to switch to use ‘prefetch’ instead of ‘download’. The download command has been deprecated in favor of the prefetch command.

Jesse

(imported comment written by jcsUTSW)

Ok I switched from download to prefetch and added the wait to the chmod and am having the same results.

Completed prefetch openssh-blacklist-1.0.sh sha1:afaef2a0e7e0db8de20c3b6893cd23a137bdbf76 size:5075 http://sw2kbf1.swmed.org:52311/download/openssh-blacklist-1.0.sh

Completed wait chmod 777 __Download/openssh-blacklist-1.0.sh

Completed wait __Download/openssh-blacklist-1.0.sh > opensshresults.txt

The results says everything is completed but my text file isn’t there, it’s like it’s not running.

I’ve also tried running the following with no success. (I can run the below manually sucessfully)

wait sh __Download/openssh-blacklist-1.0.sh > opensshresults.txt

Any ideas?

(imported comment written by Doug_Coburn)

Hello,

I wouldn’t even bother with the chmod command. Just change this line:

wait __Download/openssh-blacklist-1.0.sh > opensshresults.txt

to:

wait sh __Download/openssh-blacklist-1.0.sh > opensshresults.txt

Depending on the platform you might need some command line switches for sh like “-C”.

Doug

(imported comment written by jcsUTSW)

Earlier I removed the chmod action and it didn’t make a difference.

I just removed it again and added the -c to the shell command and no luck.

This is my action script.

prefetch openssh-blacklist-1.0.sh sha1:afaef2a0e7e0db8de20c3b6893cd23a137bdbf76 size:5075 http://sw2kbf1.swmed.org:52311/download/openssh-blacklist-1.0.sh

wait sh -c __Download/openssh-blacklist-1.0.sh > opensshresults.txt

These are the results of the action.

Completed prefetch openssh-blacklist-1.0.sh sha1:afaef2a0e7e0db8de20c3b6893cd23a137bdbf76 size:5075 http://sw2kbf1.swmed.org:52311/download/openssh-blacklist-1.0.sh

Completed wait sh -c __Download/openssh-blacklist-1.0.sh > opensshresults.txt

But my txt file is no where to be found.

Any other ideas?

(imported comment written by jcsUTSW)

Is there a fixlet for this?

http://www.redhat.com/security/data/openssh-blacklist.html

That’s what I’m trying to detect.

I’m trying to take their script, output it to text file and then read that text file in as a property, but if there’s a fixlet that can more easily get me this information that would be great. However the knowledge from knowing how to do what I’ve been trying to do would be useful for the future.

(imported comment written by jessewk)

usually with a -c option you need to put the command line in quotes. So try this:

wait sh -c ‘__Download/openssh-blacklist-1.0.sh > opensshresults.txt’

However, I believe you lose your base path when you call sh with -c, so you may actually need to do this:

wait sh -c ‘"{pathname of client folder of current site}/__Download/openssh-blacklist-1.0.sh" > “{pathname of client folder of current site}/opensshresults.txt”’

Jesse

(imported comment written by jcsUTSW)

jesswk,

Still no joy. It downloads the file, line says completed but there is no text file.

Could it be a rights issue? If the command is there and BigFix tries to run it and RedHat kicks an error wouldn’t it still say completed?

Although if it returned an error I would think whatever it returned would be represented in the text file I have the results piping to.

Are there any other recommended methods for running a shell script? I could change the action from BigFix action to script and paste the contents of the script in there but I’m not fluent enough with sh to add in the pipe results to text file…

Any help is appreciated,

(imported comment written by jcsUTSW)

I’ve tried different variations of the following also with no success.

wait sh __Download/openssh-blacklist-1.0.sh | tee __Download/opensshresults.txt

(imported comment written by Leland_Jobe)

Try this…

download https://www.redhat.com/security/data/openssh-blacklist-1.0.sh

continue if {(size of it = 5075 AND sha1 of it = “afaef2a0e7e0db8de20c3b6893cd23a137bdbf76”) of file “openssh-blacklist-1.0.sh” of folder “__Download”}

// Create clean temp directory for storing information

wait rm -rf “__SshCheckTemp”

wait mkdir -p “__SshCheckTemp”

wait mv “__Download/openssh-blacklist-1.0.sh” “__SshCheckTemp/openssh-blacklist-1.0.sh”

continue if {exists file “__SshCheckTemp/openssh-blacklist-1.0.sh”}

wait chmod 777 “__SshCheckTemp/openssh-blacklist-1.0.sh”

wait bash -c "__SshCheckTemp/openssh-blacklist-1.0.sh &> ‘__SshCheckTemp/openssh-check-results.log’ "

continue if {exists file “__SshCheckTemp/openssh-check-results.log”}