USAGE for ccheck.sh v1.1.1: ccheck.sh [<SDPInstance>] [-p <Profile>] [-c <CfgFile>] [-y] [-v] [-d|-D] or ccheck.sh [-h|-man|-V] DESCRIPTION: This script compares configurables set on the current server with best practices defined a data file. OPTIONS: -p <Profile> Specify a profile defined in the config file, such as 'demp' or 'hcc'. A profile defines a set of expected configurable values that can differ from the expected values in other profiles. For example, for a demo environment, the filesys.P4ROOT.min might have an expected value of 128M, while the expected value in a prod (production) profile might be 5G, and the same value might be 30G for 'prodent', the profile for production at large enterprise scale. The 'always' profile defines settings that always apply whether '-p' is specified or not. The profile specified with '-p' applies in addition to the 'always' configuration, adding to and possibly overriding settings from the 'always' configuration. The defaut profile is 'prod', the production profile. Specify the special value '-p none' to use only the settings defined in the 'always' profile. -c <CfgFile> Specify an alternate config file that defines best practice configurables. This is intended for testing. -L <log> Specify the path to a log file, or the special value 'off' to disable logging. By default, all output (stdout and stderr) goes to $LOGS/ccheck.log NOTE: This script is self-logging. That is, output displayed on the screen is simultaneously captured in the log file. Using redirection operators like '> log' or '2>&1' are unnecessary, nor is using 'tee'. -y Live operation mode. By default, any commands that affect data, such as setting configurables, are displayed, but not executed. With the '-y' option, commands may be executed. This option is included for future needs. This current version of ccheck.sh does not execute any commands that affect data. -d Display debug messages. -D Set extreme debugging verbosity using bash 'set -x' mode. Implies -d. -si Silient Mode. No output is displayed to the terminal (except for usage errors on startup). Output is captured in the log. The '-si' cannot be used with '-L off'. HELP OPTIONS: -h Display short help message -man Display man-style help message FILES: The standard configurables config file is: /p4/common/config/configurables.cfg EXAMPLES: Example 1: Check configurables with the default profile, and no logging: ccheck.sh -L off Example 2: Check configurables with the 'prod' (Production) profile: ccheck.sh -p prod Example 3: Check configurables with the 'demo' profile, doing a verbose comparison: ccheck.sh -p demo -v FUTURE ENHANCEMENTS: Presently, this ccheck.sh v1.1.1 only reports configurables. It does not support changing configurables. As the script is currently only capable of reporting, the '-y' option has no effect. Some possible future enhancements are: * Extend reporting to suggesting configuration changes. * Provide an option to make changes to configurables that are safe to change immediately, and provide guidance on those configurables that are best set with guidance and plannning. * Provide a way to specify custom exemptions for certain configurables. * Added multi-version support for backward compatibility. This version assumes P4D 2023.1+ (though will be useful for older versions).
| # | Change | User | Description | Committed | |
|---|---|---|---|---|---|
| #12 | 31557 | C. Thomas Tyler | Updated generated script man pages. | ||
| #11 | 31497 | C. Thomas Tyler | Improvements to '-p4config' option. | ||
| #10 | 31492 | C. Thomas Tyler |
More ccheck.sh enhancements. Added code to mitigate the impact of setting auth.id. If the changes advised include setting auth.id, a warning is displayed indicating a series of p4login commands to run immediately after. If '-FIX' is used, the script will execute those commands on the current server and advise they be used on other servers. Added logic so that changing security from 3 -> 4 can be done with '-fix', but going from 0-2 -> 4 requires -FIX due to risk of impact. Added special checks not related to the data file: * Add as a required check: Report error if client.readonly.dir is an absolute path. * Add as a recommended check: Report error if client.readonly.dir is defined and client.sendq.dir has a different value. Added 'prodent' profile to configuration file (already mentioned in docs). Changed config so filesys.*.min settings require manual intervention (as they can quickly break the server). Tweaked so data file supports raw text in the config file as well as URLs for providing guidance. #review-31493 |
||
| #9 | 31487 | C. Thomas Tyler | Implemented '-p4config' option. | ||
| #8 | 31485 | C. Thomas Tyler |
Implemented '-fix' and '-FIX' options. Implemented '-y' option. Improved docs in general and added more usage examples. Added DISCLAIMER. Did spell check (with apsell) and shellcheck. Updated script doc page for ease of review. #review-31486 |
||
| #7 | 31366 | C. Thomas Tyler | Updated generated script man pages. | ||
| #6 | 31187 | Will Kreitzmann | Updated generated script man pages. | ||
| #5 | 30912 | C. Thomas Tyler | Updated generated script man pages. | ||
| #4 | 30384 | C. Thomas Tyler | Updated generated script man pages. | ||
| #3 | 30291 | C. Thomas Tyler | Updated generated script man pages. | ||
| #2 | 30113 | C. Thomas Tyler | Re-generated docs (as a test of gen_script_man_pages.sh). | ||
| #1 | 30030 | C. Thomas Tyler | Updated generated script man pages. |