p4login #17

#!/bin/bash
#==============================================================================
# Copyright and license info is available in the LICENSE file included with
# the Server Deployment Package (SDP), and also available online:
# https://swarm.workshop.perforce.com/projects/perforce-software-sdp/view/main/LICENSE
#------------------------------------------------------------------------------

#==============================================================================
# Declarations and Environment

export P4CBIN=${P4CBIN:-/p4/common/bin}
export SDP_ENV=${SDP_ENV:-$P4CBIN/p4_vars}
export SDP_INSTANCE=${SDP_INSTANCE:-Unset}
declare -i DEBUG=0
declare -i SDP_ALWAYS_LOGIN=${SDP_ALWAYS_LOGIN:-0}
declare -i LoginSuperUser=1
declare -i LoginServiceUser=0
declare -i LoginAutomationUsers=0
declare AutomationUsers=${SDP_AUTOMATION_USERS:-""}
declare AuthID=
declare AuthServerPort=
declare Cmd=
declare ServiceUser=
declare TargetServerPort=
declare TicketExpiration=
declare Port=Unset
declare Log=Unset
declare CmdLine="$0 $*"
declare -i ShowLog=${SDP_SHOW_LOG:-0}
declare -i OverallExitCode=0
declare -i LoginCount=0
declare Version=4.1.1

#==============================================================================
# Local Functions

# Micro-functions, one-liners used to avoid external dependencies.
function msg () { if [[ $Log != Unset ]]; then echo -e "$*" >> $Log; else echo -e "$*"; fi; }
function dbg () { [[ "$DEBUG" -eq 1 ]] || return; if [[ $Log != Unset ]]; then echo -e "DBG: $*" >> $Log; else echo -e "DBG: $*" >&2; fi; }
function cmd () { msg "Executing: $*" >> $Log; $* >> $Log 2>&1 ; return $?; }
function bail () { msg "\nError: ${1:-Unknown Error}"; exit ${2:-1}; }

#------------------------------------------------------------------------------
# Function: usage (required function)
#
# Input:
# $1 - style, either -h (for short form) or -man (for man-page like format).
# The default is -h.
#
# $2 - error message (optional).  Specify this if usage() is called due to
# user error, in which case the given message displayed first, followed by the
# standard usage message (short or long depending on $1).  If displaying an
# errror, usually $1 should be -h so that the longer usage message doesn't
# obsure the error message.
#
# Sample Usage:
# usage 
# usage -man
# usage -h "Incorrect command line usage."
#
# This last example generates a usage error message followed by the short
# '-h' usage summary.
#------------------------------------------------------------------------------
function usage
{
   declare style=${1:--h}
   declare errorMessage=${2:-Unset}

   if [[ $errorMessage != Unset ]]; then
      echo -e "\n\nUsage Error:\n\n$errorMessage\n\n" >&2
   fi

   echo "USAGE for p4login v$Version:

p4login [<instance>] [-p <port> | -service] [-automation] [-all]

   or

p4login -h|-man
"
   if [[ $style == -man ]]; then
      echo -e "DESCRIPTION:

	In its simplest form, this script simply logs in P4USER to P4PORT
	using the defined password access mechanism.

	It generates a login ticket for the SDP super user, defined by
	P4USER when sourcing the SDP standard shell environment.  It is
	called from cron scripts, and so does not normally generate any
	output.

	If run on a replica with the -service option, the serviceUser defined
	for the given replica is logged in.

	The \$SDP_AUTOMATION_USERS variable can be defined in
	$P4CCFG/p4_N.vars. If defined, this should contain a
	comma-delimited list of automation users to be logged in when the
	-automation option is used.  A definition might look like:

	export SDP_AUTOMATION_USERS=builder,trigger-admin,p4review

	Login behaviour is affected by external factors:
	1. P4AUTH, if defined, affects login behavior on replicas.

	2. The auth.id setting, if defined, affects login behaviors (and
	generally simplifies them).

	3. The \$SDP_ALWAYS_LOGIN variable.  If set to 1, this causes p4login
	to always execute a 'p4 login' command to generate a login ticket,
	even if a 'p4 login -s' test indicates none is needed.  By default,
	the login is skipped if a 'p4 login  -s' test indicates a long-term
	ticket is available that expires 31+days in the future.
	Add \"export SDP_ALWYAYS_LOGIN=1\" to $P4CCFG/p4_N.vars to
	change the default for an instance, or to $P4CBIN/p4_vars to
	change it globally.  If unset, the default is 0.

OPTIONS:
<instance>
	Specify the SDP instances.  If not specified, the SDP_INSTANCE
	environment variable is used instead.  If the instance is not
	defined by a parameter and SDP_INSTANCE is not defined, p4login
	exists immediately with an error message.

 -service
	Specify -service when run on a replica or edge server to login
	the super user and the replication service user.

	This option is not compatible with '-p <port>'.

 -p <port>
	Specify a P4PORT value to login to, overriding the default
	defined by P4PORT setting in the environment.  If operating
	on a host other than the master, and auth.id is set, this
	flag is ignored; the P4TARGET for the replica is used
	instead.

	This option is not compatible with '-service'.

 -automation
	Specify -automation to login external automation users defined
	by the \$SDP_AUTOMATION_USERS variable.

 -v     Show ouptput of login attempts, which is suppressed by default.
	Setting SDP_SHOW_LOG=1 in the shell environment has the same
	effect as -v.

 -L <log>
	Specify the log file to use.  The default is /p4/N/logs/p4login.log

 -d     Set debugging verbosity.

 -D     Set extreme debugging verbosity.

HELP OPTIONS:
 -h	Display short help message
 -man	Display man-style help message

EXAMPLES:
	1. Typical usage for automation, with instance SDP_INSTANCE defined
	in the environment by sourcing p4_vars, and logging in only the super
	user P4USER to P4PORT:
	source $P4CBIN/p4_vars abc
	p4login

	Login in only P4USER to the specified port, P4MASTERPORT in this example:
	p4login -p \$P4MASTERPORT

	Login the super user P4USER, and then login the replication serviceUser
	for the current ServerID:
	p4login -service

	Login external automation users (see SDP_AUTOMATION_USERS above):
	p4login -automation

	Login all users:
	p4login -all

	Or: p4login -service -automation

LOGGING:
	This script generates no output by default.  All (stdout and stderr) is
	logged to /p4/N/logs/p4login.log.

	The exception is usage errors, which result an error being sent to
	stderr followed usage info on stdout, followed by an immediate exit.

	If the '-v' flag is used, the contents of the log are displayed to
	stdout at the end of processing.

EXIT CODES:
	An exit code of 0 indicates a valid login ticket exists, while a
	non-zero exit code indicates a failure to login.
"
   fi

   exit 1
}

#------------------------------------------------------------------------------
# Function: login_user ($user, $port)
# Login specififed user into specified port.
# Return 0 if successful, 1 if not.
#------------------------------------------------------------------------------
function login_user () {
   declare user=${1:-Unset}
   declare port=${2:-Unset}
   declare userType=

   dbg "CALL: login_user(user=$user, port=$port)"

   userType=$($P4BIN -ztag -F %Type% user -o $user)
   userType=${userType:-Unknown}

   if [[ $userType != Unknown  ]]; then
      msg "Logging user $user (type=$userType) into port: $port."
   else
      msg "Logging user $user into port: $port."
   fi

   TicketExpiration=$($P4BIN -ztag -F %TicketExpiration% -p $port -u $user login -s 2>/dev/null)

   if [[ $TicketExpiration =~ [0-9]+ ]]; then
      # A 'long-term' ticket is one that expires more than a month (31 days + 1 second) from now.
      if [[ $TicketExpiration -ge 2678401 ]]; then
         msg "User $user already logged into $P4PORT with a long-term ticket.  Login not required."

         if [[ $SDP_ALWAYS_LOGIN -eq 1 ]]; then
            msg "Doing login anyway as SDP_ALWAYS_LOGIN is enabled."
            LoginCount=$((LoginCount+1))

            if [[ $user == $P4USER ]]; then
               Cmd="$P4BIN -p $port -u $user -s login -a"
               msg Running: $Cmd
               $Cmd < $SDP_ADMIN_PASSWORD_FILE >> $Log 2>&1 || return 1
            else
               if [[ $userType == service ]]; then
                  Cmd="$P4BIN -p $port -u $P4USER -s login $user"
               else
                  Cmd="$P4BIN -p $port -u $P4USER -s login -a $user"
               fi
               msg Running: $Cmd
               $Cmd >> $Log 2>&1 || return 1
            fi
         fi

         return 0
      else
         msg "Warning: User $user logged into $P4PORT with a short-term ticket.  Attempting to extend."
         if [[ $user == $P4USER ]]; then
            LoginCount=$((LoginCount+1))
            Cmd="$P4BIN -p $port -u $P4USER -s login -a"
            msg Running: $Cmd
            $Cmd < $SDP_ADMIN_PASSWORD_FILE >> $Log 2>&1 || return 1
         else
            LoginCount=$((LoginCount+1))
            Cmd="$P4BIN -p $port -u $P4USER -s login -a $user"
            msg Running: $Cmd
            $Cmd >> $Log 2>&1 || return 1
         fi
      fi
   else
      msg "User $user is not logged into $P4PORT.  Attempting to login."
      if [[ $user == $P4USER ]]; then
         LoginCount=$((LoginCount+1))
         Cmd="$P4BIN -p $port -u $P4USER -s login -a"
         msg Running: $Cmd
         $Cmd < $SDP_ADMIN_PASSWORD_FILE >> $Log 2>&1 || return 1
      else
         # We cannot use the '-a' flag to 'p4 login' for service accounts, so
         # drop it for service accounts.  Otherwise, '-a' is preferred for
         # robustness, since certain network interface card (NIC)
         # configurations with multiple IPs need tickets not bound to one of
         # multiple possible IPs.  See 'p4 help login' for more.
         LoginCount=$((LoginCount+1))
         if [[ $userType == service ]]; then
            Cmd="$P4BIN -p $port -u $P4USER -s login $user"
         else
            Cmd="$P4BIN -p $port -u $P4USER -s login -a $user"
         fi
         msg Running: $Cmd
         $Cmd >> $Log 2>&1 || return 1
      fi
   fi
}


#==============================================================================
# Command Line Processing

declare -i shiftArgs=0

set +u
while [[ $# -gt 0 ]]; do
   case $1 in
      # Note: When If $LoginServiceUser is set to 1, the super user is
      # still logged in, but in a different block of code than the one
      # dedicated to logging, in only the super user, which applies
      # if LoginSuperUser=1.
      (-service) LoginSuperUser=0; LoginServiceUser=1;;
      (-automation) LoginSuperUser=0; LoginAutomationUsers=1;;
      (-all) LoginSuperUser=1; LoginServiceUser=1; LoginAutomationUsers=1;;
      (-h) usage -h;;
      (-man) usage -man;;
      (-p) Port=$2; shiftArgs=1;;
      (-v) ShowLog=1;;
      (-L) Log=$2; shiftArgs=1;;
      (-d) DEBUG=1;; # Debug; enable dbg() function calls.
      (-D) set -x;; # Debug; use 'set -x' mode.
      (-*) usage -h "Unknown command line option ($1).";;
      (*) export SDP_INSTANCE=$1;;
   esac

   # Shift (modify $#) the appropriate number of times.
   shift; while [[ $shiftArgs -gt 0 ]]; do
      [[ $# -eq 0 ]] && usage -h "Incorrect number of arguments."
      shiftArgs=$shiftArgs-1
      shift
   done
done
set -u

#==============================================================================
# Command Line Verification

[[ $SDP_INSTANCE == Unset ]] && \
   bail "The \$SDP_INSTANCE setting is not defined. It must be defined by doing:\n\n\tsource $P4CBIN/p4_vars <instance>\n\nor by passing in the instance name as a parameter to this script.\n"

#==============================================================================
# Main Program

source $SDP_ENV $SDP_INSTANCE ||\
   bail "Failed to load SDP environment for instance $SDP_INSTANCE."

[[ $Log == Unset ]] && Log=$LOGS/p4login.$(date +'%Y%m%d-%H%M%S').log

rm -f "$Log"
msg "${0##*/} v$Version Checking login status at $(date +'%a %Y-%m-%d %H:%M:%S %Z').\nInitial command line:\n$CmdLine"

[[ $Port == Unset ]] && Port=$P4PORT

cmd $P4BIN set P4TICKETS

AuthID=$($P4DBIN -cshow | grep "auth.id" | cut -d ' ' -f 4)

if [[ $LoginSuperUser -eq 1 ]]; then
   if [[ -n "$SERVERID" && "$SERVERID" == "$P4MASTER_ID" ]]; then
      msg "Logging user $P4USER to port $Port."
      dbg "C1 login_user ($P4USER, $Port)"
      login_user "$P4USER" "$Port" || OverallExitCode=1
   else
      # If not on the master, login to the P4TARGET if auth.id is set, else
      # just login as indicated.  This implies that '-p <port>' is ignored
      # if auth.id is set.
      if [[ -n "$AuthID" ]]; then
         TargetServerPort=$($P4DBIN -cshow | grep "${SERVERID}: P4TARGET" | cut -d ' ' -f 4)
         dbg "C2 login_user ($P4USER, $TargetServerPort)"
         login_user "$P4USER" "$TargetServerPort" || OverallExitCode=1
      else
         dbg "C3 login_user ($P4USER, $Port)"
         login_user "$P4USER" "$Port" || OverallExitCode=1
      fi
   fi
fi

if [[ $LoginServiceUser -eq 1 ]]; then
   # If we are on a replica/edge, login the service user and super
   # user to the master server first, then to the local replica.
   if [[ -n "$SERVERID" && "$SERVERID" != "$P4MASTER_ID" ]]; then
      msg "\nDoing replica/edge logins."
      TargetServerPort=$($P4DBIN -cshow | grep "${SERVERID}: P4TARGET" | cut -d ' ' -f 4)
      ServiceUser=$($P4DBIN -cshow | grep "${SERVERID}: serviceUser" | cut -d ' ' -f 4)

      if [[ -n "$AuthID" ]]; then
         msg "The auth.id configurable is set ($AuthID).  Logging in to master P4PORT only."
         # Login the $P4USER super user first, whose password must match that
         # in the SDP admin password file ($SDP_ADMIN_PASSWORD_FILE).
         if [[ -n "$TargetServerPort" && -n "$ServiceUser" ]]; then
            dbg "C4.1 login_user ($P4USER, $TargetServerPort)"
            login_user "$P4USER" "$TargetServerPort" || OverallExitCode=1
            dbg "C4.2 login_user ($ServiceUser, $TargetServerPort)"
            login_user "$ServiceUser" "$TargetServerPort" || OverallExitCode=1
         else
            msg "\nError: This is not the master (ServerID=$SERVERID), but could not determine P4TARGET and/or serviceUser for server $SERVERID."
            OverallExitCode=1
            dbg "C5.1 login_user ($P4USER, $TargetServerPort)"
            login_user "$P4USER" "$TargetServerPort"
            dbg "C5.2 login_user ($ServiceUser, $TargetServerPort)"
            login_user "$ServiceUser" "$TargetServerPort"
         fi
      else
         msg "The auth.id configurable is not set.  Logging in to both local and P4TARGET ports."
         if [[ -n "$TargetServerPort" &&  -n "$ServiceUser" ]]; then
            dbg "C6.1 login_user ($P4USER, $TargetServerPort)"
            login_user "$P4USER" "$TargetServerPort" || OverallExitCode=1
            dbg "C6.2 login_user ($P4USER, $P4PORT)"
            login_user "$P4USER" "$P4PORT" || OverallExitCode=1
            dbg "C6.3 login_user ($ServiceUser, $TargetServerPort)"
            login_user "$ServiceUser" "$TargetServerPort" || OverallExitCode=1
         else
            msg "\nError: This is not the master (ServerID=$SERVERID), but could not determine P4TARGET and/or serviceUser for server $SERVERID."
            OverallExitCode=1
            dbg "C7 login_user ($P4USER, $P4PORT)"
            login_user "$P4USER" "$P4PORT"
         fi

         # AuthServerPort is the P4AUTH server; it is not related to the
         # auth.id configurable.  If a P4AUTH server is defined, we need to
         # login there, too.
         AuthServerPort=$($P4BIN -p $P4PORT configure show P4AUTH 2>/dev/null)
         if [[ -n "$AuthServerPort" ]]; then
            AuthServerPort=${AuthServerPort##*=}
            AuthServerPort=${AuthServerPort%% *}
            msg "Logging into P4AUTH server."
            dbg "C8 login_user ($ServiceUser, $AuthServerPort)"
            login_user "$ServiceUser" "$AuthServerPort" || OverallExitCode=1
         fi
      fi
   else
      msg "\nOperating on master/commit server, skipping replica/edge logins."
   fi

   # Login to P4BROKERPORT unless auth.id is set, in which case it's not
   # necessary.
   if [[ -n "$P4BROKERPORT" && "$P4BROKERPORT" != Unset && -z "$AuthID" ]]; then
      msg Logging $P4USER into broker.
      dbg "C9 login_user ($P4USER, $P4BROKERPORT)"
      login_user "$P4USER" "$P4BROKERPORT" || OverallExitCode=1
   fi
fi

if [[ $LoginAutomationUsers -eq 1 ]]; then
   # Login other automation users (which may or may not be super users)
   # using $P4USER's super powers to log them in without a password.
   if [[ -n "$AutomationUsers" ]]; then
      msg "\nLogging in special automation users defined by \$SDP_AUTOMATION_USERS in $P4CCFG/${P4SERVER}.vars."
      for user in ${AutomationUsers/,/ }; do
         msg "Logging in user $user."
         dbg "C10 login_user ($user, $P4PORT)"
         login_user "$user" "$P4PORT" || OverallExitCode=1
         if [[ -z "$AuthID" ]]; then
            if [[ -n "$P4BROKERPORT" && "$P4BROKERPORT" != Unset ]]; then
               dbg "C11 login_user ($user, $P4BROKERPORT)"
               login_user "$user" "$P4BROKERPORT" || OverallExitCode=1
            fi
         fi
      done
   else
      msg "\nError: The -automation flag was specified, but \$SDP_AUTOMATION_USERS is not defined in the environment.  Check $P4CCFG/${P4SERVER}.vars."
      OverallExitCode=1
   fi
fi

if [[ $OverallExitCode -eq 0 ]]; then
   if [[ $LoginCount -gt 0 ]]; then
      msg "\nSuccess: All logins were successful, $LoginCount login(s) were needed."
   else
      msg "\nSuccess: No logins were needed."
   fi
else
   msg "\nError: Some logins were not successful; $LoginCount were attempted.  Review the output above."
fi

[[ $ShowLog -eq 1 && -s $Log ]] && cat $Log

# Overwrite p4login.log so it always has the contents of the last call
# to p4login.
if [[ "$Log" != "$LOGS/p4login.log" ]]; then
   cp -f "$Log" "$LOGS/p4login.log"
fi

exit $OverallExitCode

#	Change	User	Description
#29	31411	C. Thomas Tyler	Changed behavior of '-service' option to that, if used on a commit server, will login to all active edge servers. Revised p4login logging write to a single $LOGS/p4login.log file all day, with the log being rotated daily. This reduces the number of p4login.* log files. First pass at modernizing script internals. #review-31412
#28	31167	C. Thomas Tyler	Fixed p4login bug for case-insensitive servers checking for SERVERID using case case-sensitive check. Fixes SDP-1189 (Bug): p4login is wrongly sensitive to case of ServerID on case-insensitive server.
#27	30979	C. Thomas Tyler	Eliminated buildup of temp dirs, e.g. /tmp/tmp.XXXXXXXXXX. Added remove_jd_tables() function and calls to it to prevent buildup of new cruft. Modified remove_old_logs() to cleanup cruft created previously. #review-30980 @robert_cowham
#26	30270	Robert Cowham	Fix shellcheck warnings and use of copy_jd_table
#25	30267	Robert Cowham	Copy files to be dumped via p4d -jd to tmp dir first to avoid locks on P4ROOT (or offline_db) SDP-1087
#24	29410	C. Thomas Tyler	Fixed bug where p4login substitunes only first comma (',') instead of all commas in SDP_AUTOMATION_USERS.
#23	29408	C. Thomas Tyler	Fixed bug with regex that needed to be tightened in p4login.
#22	27722	C. Thomas Tyler	Refinements to @27712: * Resolved one out-of-date file (verify_sdp.sh). * Added missing adoc file for which HTML file had a change (WorkflowEnforcementTriggers.adoc). * Updated revdate/revnumber in .adoc files. Additional content updates in Server/Unix/p4/common/etc/cron.d/ReadMe.md. * Bumped version numbers on scripts with Version= def'n. * Generated HTML, PDF, and doc/gen files: - Most HTML and all PDF are generated using Makefiles that call an AsciiDoc utility. - HTML for Perl scripts is generated with pod2html. - doc/gen/*.man.txt files are generated with .../tools/gen_script_man_pages.sh. #review-27712
#21	26855	C. Thomas Tyler	Fixed minor bug in p4login where 'p4 login -a' could be attempted for a service user if it has only a short-term ticket. This is deemed minor since a service user with a short-term ticket is misconfiguration anyway (already with a warning message).
#20	26637	Robert Cowham	Include script help within doc Requires a couple of tags in the scripts themselves.
#19	25798	C. Thomas Tyler	Enhanced p4login to perform 'p4 trust' checks/fixes if required. p4login is now shellcheck v0.6.0 compliant.
#18	25769	C. Thomas Tyler	Fixed bug where P4PORT value might be 'Unset'. This could be observed due to a misconfiguration where the P4MASTER_ID value set in the instance vars file, /p4/common/config/p4_N.vars, was incorrect (i.e. didn't match the actual ServerID of the master/commit server). Or if a replica was only partially defined without P4TARGET being defined. These misconfigurations are outside the realm of this script to address, but they exposed a bad assumption in the script. That has been corrected. Also: * Added logic to ensure 'p4d -cshow' is not attempted unless $P4ROOT/db.config exists, for error-free operation on proxy and replica servers that have no p4d. * Several unrelated minor tweaks were made to help with shellcheck compliance.
#17	24357	C. Thomas Tyler	Added SDP_ADMIN_PASSWORD_FILE variable in p4_vars.template, and also added a default value in backup_functions.sh. Also added comments in p4_vars explaining the 'set +u' bit. Adding SDP_ADMIN_PASSWORD_FILE is an enabling change for an upcoming change to mkrep.sh. Updated p4login and p4login-super.sh to reference this variable. Normalized p4login-super.sh to accept SDP instance parameter, which (as with other scripts) is optional of SDP_INSTANCE is already defined, else required. Also chmod +x p4login-super.sh. #review @robert_cowham
#16	23203	C. Thomas Tyler	p4login v4.1.0: * Added '-d' flag to enable debug mode, and dbg() function. * Added dbg() calls. * Improved info in error output.
#15	23041	C. Thomas Tyler	Minor changes to p4login: * Corrected login count in p4login script. * Referenced P4CCFG and P4CBIN vars; removed hard-coding. * Allow SDP_ENV to be overriden (coding standard for future use).
#14	20855	C. Thomas Tyler	Fixed quoting bug in p4login.
#13	20774	C. Thomas Tyler	p4login: Minor fix to use $P4BIN rather than raw 'p4'. This impacted only 'p4 set P4TICKETS' output, but is otherwise a non-functional change.
#12	20749	C. Thomas Tyler	Approved and committed, but I believe that the shared data setting is always set to false on the master and we should look at fixing that in another change. Enhanced p4login again. Improvements: Default behavior with no arguments gives the desired results. For example, if run on a master, we login on the super user P4USER to P4PORT. If run on a replica/edge and auth.id is set, we login P4USER to the P4TARGET port of the replica. All other login functionality, such as logging in the replication service user on a replica, logging in supplemental automation users, is now accessed via new flags. A usage message is now available via '-h' and '-man' options. The new synopsys is: p4login [<instance>] [-p <port> \| -service] [-automation] [-all] The <instance> parameter is the only non-flag positional parameter, and can be ommitted if SDP_INSTANCE is already defined (as is typical when called by scripts). With this change, several other scripts calling either the 'p4login' script or 'p4 login' commands were normalized to call p4login as appropriate given the new usage. Reviewer Note: Review p4login first, then other files. Most changes are in p4login. In other scripts callling p4login, calls similar to: $P4BIN -u $P4USER -p $P4PORT login < /path/to/pwd are replaced with: $P4CBIN/p4login In other scritps calling p4login, calls similar to: $P4BIN -p $P4MASTERPORT login < /path/to/pwd are replaced with: $P4CBIN/p4login -p $P4MASTERPORT Note that, if auth.id is set, calling 'p4login' actually has the same behavior as 'p4login -p $P4MASTERPORT', since p4login called on a replica with auth.id set will just login to the master port anyway. Depending on intent, sometimes $P4BIN/p4login -service is used. == Misc Cleanup == In doing the cleanup: * Fixed a hard-coding-to-instance-1 bug in broker_rotate.sh. * Fixed an inconsistency in recreate_db_sync_replica.sh, where it did just a regular login rather than a login -a as done in other places for (for compatibility with some multi-interface NIC card configs). == p4login Call Normalization == Code cleanup was done to normalize calls to p4login, such that: 1) the call starts with $P4CBIN/p4login (not the hard-coded path), and 2) logic to redirect sdtout/stderr to /dev/null was removed, since it's not necessary with p4login. (And if p4login ever does generate any unwanted output, we only fix it in one place). == Tweak to instance_vars.template == This change includes a tweak to set P4MASTERPORT dynamically on a replica to ensure the value precisely matches P4TARGET for the given replica. This will reduce a source of problems when SSL is used, as it is particularly sensitive to the precise P4PORT values used, and will also help for environments which have not yet set auth.id. If the port cannot be determined dynamically, we fall back to the old logic using the assigned value. == Tweak to SDP_ALWAYS_LOGIN behavior == This used to default to 1, now it defaults to 0. At this point we should no longer need to force logins, and in fact doing so can get into a 'p4 login' hang situation with auth.id set. Best to avoid unnecessary logins if we already have a valid ticket. (I think the need to force a login may have gone away with p4d patches). == Obsolete Script == With this change, svclogin.sh is now obsolete. All it was doing was a few redundant 'p4 login' commands followed by a call to p4login anyway. == Testing == Our test suite doesn't fully cover this change, so additional manual testing was done in the Battle School lab environment.
#11	20635	C. Thomas Tyler	p4login changes: * Fixed bug in attempted login count. * Added '-s' flag to login only P4USER to P4PORT. This is to make p4login more useful for cases where extraneous logins it now does (e.g. automation users) isn't desired. * Enahnced in-code docs.
#10	20170	Russell C. Jackson (Rusty)	Moved password and users into the config directory to allow for instance specific users and passwords. Ran into a case where two different teams were sharing the same server hardware and needed this type of differentiation. Surprised that we haven't hit this sooner. Also defaulted mkdirs to use the numeric ports since this is the most common installation.
#9	20028	C. Thomas Tyler	p4login v3.1.4: * Avoids logging replication service user into local replica host, as doing so breaks the login to the master. * Does needed login of service user to P4AUTH server if P4AUTH is set. * Clarity enhancements to log messages.
#8	19965	C. Thomas Tyler	The Ultimate Perforce Login Script. Enhanced p4login v3.1.0: * If on a replica/edge server, logs in replication service users. * Uses 'p4 login -a' for non-service type accounts, and 'p4 login 'for service type accounts. * Accounts for auth.id, and behaves appropriately whether auth.id is set or not, e.g. doing an extra 'p4 login' as needed if auth.id isn't set. * Logs in external automaiton users, e.g. trigger or broker filter script users, if defined by the SDP_AUTOMATION_USERS setting in /p4/common/config/p4_<instance>.vars. * Fixed bug where it broke if p4_vars wasn't sourced. It now sources p4_vars. * Logs whether actual 'p4 login' commands were needed and the number of logins done, along with other cosmetic logging enhancements. * Added Version identifier.
#7	18209	Russell C. Jackson (Rusty)	Added missing auto source of p4_vars to eliminate the need to use p4master_run. Missed in early changes to support that behavior.
#6	16029	C. Thomas Tyler	Routine merge to dev from main using: p4 merge -b perforce_software-sdp-dev
#5	15605	C. Thomas Tyler	Per review, Rusty noted a preference for the current behvaior, i.e. always doing a login if p4login is called. This version introduces SDP_ALWAYS_LOGIN, which defaults to 1 (enabled), which preserves the traditional 'always login each time the script is run' behavior, while allowing the new 'login only if a ticket is not available' behavior. (An advantage of the traditional behavior is that it fixes the case where a human admin does a 'p4 login' but forgets the '-a' on a server a network card configuration setup such that 'p4 login -a' is required). Customers desiring the 'login only if required' can set SDP_ALWAYS_LOGIN=0 in p4_vars. Also includes style improvements. #review-15606
#4	15559	C. Thomas Tyler	Enhancements to p4login: * Enhanced handling for the cose where p4login is run with no environment defined. * Now checks login status first, and only does a login if ticket expires in less than a month. * Enhanced auditability. * Added comments. #review-15560
#3	13906	C. Thomas Tyler	Normalized P4INSTANCE to SDP_INSTANCE to get Unix/Windows implementations in sync. Reasons: 1. Things that interact with SDP in both Unix and Windows environments shoudn't have to account for this obscure SDP difference between Unix and Windows. (I came across this doing CBD work). 2. The Windows and Unix scripts have different variable names for defining the same concept, the SDP instance. Unix uses P4INSTANCE, while Windows uses SDP_INSTANCE. 3. This instance tag, a data set identifier, is an SDP concept. I prefer the SDP_INSTANCE name over P4INSTANCE, so I prpose to normalize to SDP_INSTANCE. 4. The P4INSTANCE name makes it look like a setting that might be recognized by the p4d itself, which it is not. (There are other such things such as P4SERVER that could perhaps be renamed as a separate task; but I'm not sure we want to totally disallow the P4 prefix for variable names. It looks too right to be wrong in same cases, like P4BIN and P4DBIN. That's a discussion for another day, outside the scope of this task). Meanwhile: * Fixed a bug in the Windows 2013.3 upgrade script that was referencing undefined P4INSTANCE, as the Windows environment defined only SDP_INSTANCE. * Had P4INSTANCE been removed completely, this change would likely cause trouble for users doing updates for existing SDP installations. So, though it involves slight technical debt, I opted to keep a redundant definition of P4INSTANCE in p4_vars.template, with comments indicating SDP_INSTANCE should be used in favor of P4INSTANCE, with a warning that P4INSTANCE may go away in a future release. This should avoid unnecessary upgrade pain. * In mkdirs.sh, the varialbe name was INSTANCE rather than SDP_INSTANCE. I changed that as well. That required manual change rather than sub/replace to avoid corrupting other similar varialbe names (e.g. MASTERINSTANCE). This is a trivial change technically (a substitute/replace, plus tweaks in p4_vars.template), but impacts many files.
#2	12169	Russell C. Jackson (Rusty)	Updated copyright date to 2015 Updated shell scripts to require an instance parameter to eliminate the need for calling p4master_run. Python and Perl still need it since you have to set the environment for them to run in. Incorporated comments from reviewers. Left the . instead of source as that seems more common in the field and has the same functionality.
#1	10638	C. Thomas Tyler	Populate perforce_software-sdp-dev.
//guest/perforce_software/sdp/main/Server/Unix/p4/common/bin/p4login
#1	10148	C. Thomas Tyler	Promoted the Perforce Server Deployment Package to The Workshop.