The script to get the db user password from LDAP does not work on AIX 5.3. It's using bash. Our current shell is /usr/bin/shell.
How can i make changes to this script so that it can run on aix with current shell with out installing bash.
We tried making but din't work.
====================Original script=====================
#
# Set signal handler
#
trap 'signalhandler' 0 1 2 3 9 10 13 15
function signalhandler {
cleanup
}
#####################################################
#
# environment variable
#
#####################################################
# openssl enc options
CipherType=-aes-128-cbc
SaltOpt=-nosalt
LdapSearch=ldapsearch
#####################################################
#
# functions
#
#####################################################
function getConfig {
_configFile=$1
_keyConfig=$2
_valueConfig=""
if [[ -z $_keyConfig ]]; then
echo $_valueConfig
return 0
fi
while read line; do
_linewithoutComment=`echo $line | awk -F'#' '{print $1}'`
if [[ -z $_linewithoutComment ]]; then
continue;
fi
_keyInConfig=`echo $_linewithoutComment | awk -F'=' '{print $1}' | sed 's/^[ ]*//
s/[ ]*$//g'`
if [[ -z $_keyInConfig ]]; then
continue;
fi
if [[ $_keyInConfig == $_keyConfig ]]; then
contentIndex=`expr index "$_linewithoutComment" "="`
_valueConfig=${_linewithoutComment:$contentIndex}
echo $_valueConfig
return 0
fi
done < $_configFile
}
function getMasterKey {
#decrypt
echo `openssl enc $CipherType $SaltOpt -d -in $LdapPasswordFile -kfile $CryptoKeyFile`
}
function loadConfig {
_passwordConfigFile=$1
if [[ ! -f $_passwordConfigFile ]]; then
echo 1>&2 "$_passwordConfigFile does not exist"
exit 1
fi
CryptoKeyFile=$(getConfig $_passwordConfigFile "CryptoKeyFile")
LdapPasswordFile=$(getConfig $_passwordConfigFile "LdapPasswordFile")
OpenLdapUri=$(getConfig $_passwordConfigFile "OpenLdapUri")
LdapBindDn=$(getConfig $_passwordConfigFile "LdapBindDn")
DnListFile=$(getConfig $_passwordConfigFile "DnListFile")
EncryptedPasswordFile=$(getConfig $_passwordConfigFile "EncryptedPasswordFile")
}
function cleanup {
rm -f $PswTmpFile
rm -f $AllPswTmpFile
}
function getPassword {
_passwordConfigFile=$1
loadConfig $_passwordConfigFile
MasterKey=$(getMasterKey)
# the file must be cleaned up.
PswTmpFile=.MasterKeytmpfile.$$.$$
echo $MasterKey | tr -d '\n' > $PswTmpFile
chmod 0600 $PswTmpFile
_dn=$2
if [[ -z $_dn ]]; then
echo 1>&2 "User dn does not exist"
exit 1
fi
tldapPsw=`$LdapSearch -x -D "${LdapBindDn}" -b "${_dn}" -H $OpenLdapUri -y $PswTmpFile -P3 2>/dev/null | grep "^userPassword::" | awk -F "::" '{print \$2}'`
ldapPsw=`echo $tldapPsw | perl -MMIME::Base64 -ne 'print decode_base64($_)'`
cleanup
echo $ldapPsw
}
function getPasswordFromFile {
_passwordConfigFile=$1
loadConfig $_passwordConfigFile
# the file must be cleaned up.
PswTmpFile=.Pswtmpfile.$$.$$
cp /dev/null $PswTmpFile
chmod 0600 $PswTmpFile
openssl enc $CipherType $SaltOpt -d -in $EncryptedPasswordFile -kfile $CryptoKeyFile > $PswTmpFile
# should use master key here
_dn=$2
_found=0
while read line
do
if [[ $line == $_dn ]]; then
_found=1
continue;
fi
if [[ $_found -eq 1 ]]; then
filePsw=`echo $line | tr -d '\n'`
break;
fi
done < $PswTmpFile
cleanup
echo $filePsw
}
function queryPassword() {
# Which user do we want to query from database?
_passwordConfig=$1
if [[ -f ${_passwordConfig} ]]; then
set +x
_psw=$(getPassword $_passwordConfig "$2")
if [[ -z $_psw ]]; then
_psw=$(getPasswordFromFile $_passwordConfig "$2")
fi
echo $_psw
set -x
else
echo 1>&2 "Can't find password file - ${_passwordConfig}"
fi
}
function generatePasswordFile() {
_passwordConfigFile=$1
loadConfig $_passwordConfigFile
MasterKey=$(getMasterKey)
# the file must be cleaned up.
PswTmpFile=.MasterKeytmpfile.$$.$$
AllPswTmpFile=.AllPswtmpfile.$$.$$
echo $MasterKey | tr -d '\n' > $PswTmpFile
chmod 0600 $PswTmpFile
cp /dev/null $AllPswTmpFile
chmod 0600 $AllPswTmpFile
while read line
do
_dn=$line
if [[ -z $_dn ]]; then
continue;
fi
ldapPsw=`$LdapSearch -x -D "${LdapBindDn}" -b "${_dn}" -H $OpenLdapUri -y $PswTmpFile -P3 2>/dev/null | grep "^userPassword::" | awk -F "::" '{print \$2}' | perl -MMIME::Base64 -ne 'print decode_base64($_)'`
echo "$_dn" >> $AllPswTmpFile
if [[ -z $ldapPsw ]]; then
exit 1
fi
echo $ldapPsw >> $AllPswTmpFile
done < $DnListFile
openssl enc $CipherType $SaltOpt -e -kfile $CryptoKeyFile -in $AllPswTmpFile -out $EncryptedPasswordFile
cleanup
}
====================================================
we tried by putting this as first line. Dint work either
#!/usr/bin/ksh