I am new in linux and I need help to check SMPP binds of kannel through MONIT whether they are online or dead.
Currently in a script file named XYZ.sh using (curl --silent http://localhost:xyz/status?password=abc | grep SMPP| grep -v online) and writing in Monit as below :
check file XYZ with path /root/script/XYZ.sh if match "dead" after 5 cycles then alert
It is not working,please guide as i am very upset.
You are using the wrong check. You should use process instead of file when using custom scripts.
Also process is not able to check content so you have to return a different exit code according to the expected behaviour. So you will have to update your script to return an exit code according to your expectations
check program XYZ with path /root/script/XYZ.sh if status != 0 for 5 cycles then alert
Documentation: https://mmonit.com/monit/documentation/monit.html#Program
Related
I have developed an application for MacOS. I am including notarization process as part of its distribution. I have followed all the steps and I have run:
xcrun altool --notarize-app --primary-bundle-id "${APP_BUNDLE_ID}" --username "${APPLE_DEV_ID}" --password "${DEV_APP_SPECIFIC_PASSWORD}" --file "${DMG_PATH}"
Then I check notarization progress using:
xcrun altool --notarization-info "${notarize_uuid}" -u "${APPLE_DEV_ID}" -p "${DEV_APP_SPECIFIC_PASSWORD}
Output of it is:
RequestUUID: =<Request>
Date: 2019-05-26 09:40:34 +0000
Status: success
LogFileURL: <Log file>
Status Code: 0
Status Message: Package Approved =~ success ]]
Then I launch staple command:
xcrun stapler staple -v <dmg file>
It also ends with success:
The staple and validate action worked!
However when I extract the .app file and run:
spctl --assess --verbose ./macos/MyApp.app
./macos/MyApp.app/: accepted
According to the docs I have read it should say something like: “source=Notarized Developer ID”, right?
I am running this on MacOS Mojave 10.14.5
What am I missing??
Could someone help me?
Thanks in advance
In case someone faces the same problem I will post the solution to this:
First of all you must staple .app file not the dmg. This means you must extract the binary and staple it
Also in order to check if application has been notarized, in
`System Preferences - Security and Privacy`
Option Allow apps downloaded from: must have Apple Store and identifier developers option checked
Hope this helps
Both the app and the dmg may be notarized and stapled, seperately, one after the other. Try doing that and the error should go away.
Short answer
It could be due to an RPATH referencing a path outside the App bundle. Removing this RPATH would resolve the issue.
Inspecting log files
You can find extra information about the rejection (after trying to launch the blocked app) in the Console.app. Note that you should open the Console.app, before trying to open your blocked app, otherwise not all messages may be logged. You should look for process XprotectService in the logs of your device (i.e. choose your device in the left side bar of the Console.app). If the RPATH is indeed the problem, you should find a record like this:
XprotectService: [com.apple.xprotect:xprotect] File /path/to/your/executable/or/library failed on rPathCmd /rpath/causing/the/problem (rpath resolved to: (path not found), bundleURL: /path/to/your/bundle.app)
Inspecting these log files may give you a key to solve other issues too.
Note that I received the following information from an Apple engineer:
Gatekeeper does not inform users via UI about the specifics of the
error, though it is in the logs for developers to look at. The
notarization process is purely about a detecting malicious software
and does not replicate Gatekeeper enforcement. You still need to get
software notarized and test with Gatekeeper.
We are looking to provide better tooling for developers in the future
to pre-flight some of these common errors.
Contact Apple
If you are not able to solve your issue with the above information, you may want to contact Apple itself using the Feedback Assistant. They do not respond very quickly (~1-2 weeks), but the answers are rather to the point.
This is a general topic to discuss on ERRORLEVEL returned by executables in Windows. I am writing a script to install Apache HTTP server as a windows service.
httpd -k install
The httpd executable returns
ERRORLEVEL 1 when there is an error in config file.
ERRORLEVEL 2 when there is already a service installed.
ERRORLEVEL 0 for success.
Is it ok to handle errors based on the ERRORLEVEL returned by the executables in general? Do we need to relly on other means to handle return codes of commands that we run in our batch scripts
every programmer is free to handle exitcodes (returned by %errorlevel%) to his own gust. There is a general agreement, that 0 means "success", while any non-zero value means "an error of some sort". But you can't rely on that.
A good example is ping. If you ping a non-existent IP within your own network, it returns
Answer from <localhost>: destination unreachable.
You might think, that's unsuccessful and therefore expect an non-zero errorlevel, but obvioulsy the programmer thought "well, there is an answer, so it's successful"
Some internal commands don't touch the errorlevel, some will always return zero, some will always return 1 (robocopy, thanks aschipfl).
Executables do set the errorlevel (thanks Aacini), but how depends on the programmer. Some always zero, most of them actually usable errorlevels.
So sorry to have to tell you: you can't rely on general rules for %errorlevel%. You have to check it out for each and every single command/executable (either by documentation (if you are very lucky) or by trying)
I am trying to figure out a way to make the weblogic WLST terminal run in silent mode.
When i start the terminal with the java weblogic.WLST command, it prints the lines:
Initializing WebLogic Scripting Tool (WLST) ...
Welcome to WebLogic Server Administration Scripting Shell
Type help() for help on available commands
Is there a command line flag or some unknown witchcraft to make the interpreter not write these lines?
I wishfully tried -s for silent, to no avail.
And all my googling lead me to an -i flag that does something completely different.
EDIT:
To clarify my purpose:
I need the interpreter to run a python script, and i do need the output from that. The welcome message is useless clutter however, that i would like to be rid of.
Limited to:
The only problem i have is the first lines written by the interpreter itself. Once inside the python script i have no problem handling what send to the output. My only problem is the welcome lines written above. These are written by the interpreter itself, and not the python code.
To solve the problem, I did something little differente..
I put a grep -v in the output .. like this:
java weblogic.WLST script.py $ARGS | grep -v "Initializing WebLogic
Scripting Tool (WLST) ..." | grep -v "Welcome to WebLogic Server
Administration Scripting Shell" | grep -v "Type help() for help on
available commands" | grep -v "Successfully connected to Admin Server
\"AdminServer\" that belongs to domain \"domain\"." | grep -v
"Warning: An insecure protocol was used to connect to the server." |
grep -v "To ensure on-the-wire security, the SSL port or Admin port
should be used instead." | grep -v "Location changed to domainRuntime
tree. This is a read-only tree" | grep -v "with DomainMBean as the
root MBean." | grep -v "For more help, use help('domainRuntime')" |
grep -v "Successfully connected to Admin Server" | grep -v "Connecting
to t3://"
Try this:
Like you said "it's a hack", but it's a fairly elegant hack.
Create the file runwlst.sh:
#!/bin/bash
. ${WLS_HOME}/server/bin/setWLSEnv.sh >/dev/null 2>&1
FILENAME=$1
shift
java weblogic.WLST ${FILENAME} "$#" | sed -e "1,7 d"
WLS_HOME needs to be set, or use the absolute path to setWLSEnv.sh.
Then create your WLST scripts as "shell" scripts like so (I like to use the ".wlsh" extension for my scripts):
#!/bin/bash /absolute_path_to_runwlst.sh/runwlst.sh
# your WLST Python code starts here
import ...
This obviously the sed script used in runwlst.sh only works if the "Initializing" banner is 7 lines long, which could change with new releases or patches of WLS.
The benefit of this solution is that now you can just run your WLST scripts from the command line like so:
$ createManagedServer.wlsh domain servername
Or use WLST scripts is other shell scipts like so:
#!/bin/bash
PORT=`./getPortForManagedServer.wlsh domain server`
echo ${PORT}
you get the picture
I wanted for it to only show me lines that I print inside the script, so I did it simple - prepended special char sequence to all lines I wanted to see in logs (it was print('--> ...') in my case) and launched it like that:
wlst.sh changePassword.wlst.py "$#" | grep -- "-->"
Sample output:
Executing WLST script for domain SampleDomain
--> Executing credential change for SampleDomain
--> Changing DB password for DSTYPE1
--> Changing password for DataSource SampleDS1
--> Successfully changed DB credentials!
--> Changing password for DataSource SampleDS2
--> No JDBC resource with name SampleDS2 found, skipping...
--> Changing password for DataSource SampleDS3
--> No JDBC resource with name SampleDS3 found, skipping...
--> Changing password for DataSource SampleDS4
--> Successfully changed DB credentials!
Completed execution for domain SampleDomain
Bit of a long shot but you could also silence the entire JVM output by capturing stdout and stderr into a different stream and then print values captured from the weblogic mbeans to the console streams. I had to do something similar a while back after writing an ansible module which required me to return pure JSON to stdout without any message banners or other stuff printed to the terminal.
A possible solution for your needs would involve writing a python script that first changes the OutputStreams as in this example and then starts a WSLT session. Just remember to keep a "copy" of the console out streams and use these to write your results to.
On windows and such I used to use a trick to find out of a file is currently in use (written specifically).
I use to open the file for writing and if it failed most likey another process is busy accessing it.
Sadly these trick (using C OPEN with exclusive lock for writing) doesn't work on my Mac. While my curl in a terminal is still writing my -fileBusy() check fails.
fcnt call on the fd with F_GETLK doesn't reveal any locking as well.
Is there any chance for me to detect if a file is in use by another process?
Ps> listening for fsevents can't be done because my app launches after the is created by the other app / process.
Apple confirmed via email that the solution described in the link below is a valid one and not considered a private API.
More information:
http://lists.apple.com/archives/cocoa-dev/2010/May/msg01455.html
You could try running the following shell command using NSTask:
lsof -Fc path/to/thefile
That will give you the process ID and name of any process(es) that have thefile open.
I made a small automator app to help me launch and end apache ( another for mysql), so that I don't have to go to the terminal and do it ( yes I'm that lazy).
now here is the applescript I use for it:
on run {input, parameters}
set apache2state to (do shell script "/bin/ps -arx |/usr/bin/grep apache2 |wc -l")
repeat until apache2state does not start with " "
set apache2state to text 2 thru -1 of apache2state
end repeat
if apache2state is equal to "3" then
do shell script "/opt/local/bin/port load apache2" with administrator privileges
else
do shell script "/opt/local/bin/port unload apache2" with administrator privileges
end if
end run
Now this works, except for the fact that I'm actually comparing to integer values that are relative to the number of processes that apache is running.. so it's not really reliable.
Is there a better way to test if apache (and mysql, I have another script just the same) is running. Problem is that when they are shut off the shell command will return an integer value just the same ( and not just a 1 for the grep process..)
thanks
EDITED to specify thatthe solution up here worked badly because the grep would return any instance of the apache threads and any other process that said apache ( like tail -r /var/log/apache2/error.log for instance).
The running state of a service can be tested with the following command:
/sbin/service --test-if-configured-on "org.apache.httpd"
This however might not work for services installed with MacPorts.
Also see the answer to the this question.
Since the command service is deprecated under Snow Leopard, you can alternatively use launchctl to obtain the running state of a service. The command can be invoked from AppleScript in the following way:
try
do shell script "/bin/launchctl list | grep -q org.apache.httpd" with administrator privileges
set apache2Running to true
on error
set apache2Running to false
end try