Internet2 is investigating a security incident involving a compromise to a confluence server that affected https://spaces.at.internet2.edu on April 10, 2019, which was successfully mitigated on April 12, 2019. If you did not receive an email from us, it’s unlikely that any of the content you submitted to the Internet2 Spaces Wiki needs to be re-entered. We apologize for any inconvenience this may have caused. Should you have any questions or require further assistance, please email collaboration-support@internet2.edu.
Child pages
  • GrouperShell GSH loader linux service
Skip to end of metadata
Go to start of metadata

You can run the loader as a linux service so that it auto-starts when the machine boots up

Note, here are systemd scripts

Create a directory for the loader script, pid, and logs (feel free to change dir names etc).  Note, in our case, the appserv dir is sync'ed across the cluster, the /opt/grouperLoader dir is not, so that is used for the pid and logs

mkdir -p /opt/appserv/grouperLoader
mkdir -p /opt/grouperLoader
chown appadmin.users /opt/grouperLoader

Create the bootstrap script: /opt/appserv/grouperLoader/grouperLoader.sh

Note, test the script as below, and make sure all the commands are in the right place, e.g. /bin/kill, /bin/ps, etc

#!/bin/bash

export JAVA_HOME=/opt/appserv/java6
export PATH=$JAVA_HOME/bin:$PATH

pidLocation=/opt/grouperLoader/grouperLoader.pid
gshBinDirectory=/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin
loaderLog=/opt/grouperLoader/grouperLoader.log

cd $gshBinDirectory
theDate=`date`
/usr/bin/nohup $gshBinDirectory/gsh -loader >> $loaderLog 2>&1 &
pid=$!
echo $pid > $pidLocation
echo >> $loaderLog
echo "##############################" >> $loaderLog
echo "## $theDate: started Grouper loader... ($pid)" >> $loaderLog
echo "##############################" >> $loaderLog
echo >> $loaderLog

Create the service script: /opt/appserv/grouperLoader/grouperLoaderService.sh

#!/bin/bash
#
# Startup script for the Tomcat Server
#
# chkconfig: - 86 14
# description: Grouper loader service
# processname:
# pidfile:
# config:
# Tomcat
# description: Starts the grouper loader

#################### CUSTOMIZE THIS FOR YOUR ENV ####################### 
# the user this script should run as

shouldRunAs=appadmin

pidLocation=/opt/appserv/local/grouperLoader/grouperLoader.pid

#note, this should not contain the gsh command, just the parent directory
gshBinDirectory=/opt/appserv/tomcat/apps/grouperWs/loader/bin

#only run on daemon box of cluster.  note, customize this for your env
# source /home/appadmin/bin/requireDaemon.sh

loaderLog=/opt/appserv/local/grouperLoader/grouperLoader.log

grouperLoaderBootstrapScript=/opt/appserv/common/grouperLoader/grouperLoader.sh
# grouperLoaderBootstrapScript is a way to su as the real user to run the loader
# it has these contents
#
# #!/bin/bash
#
# export JAVA_HOME=/opt/appserv/java6
# export PATH=$JAVA_HOME/bin:$PATH
#
# pidLocation=/opt/grouperLoader/grouperLoader.pid
# gshBinDirectory=/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin
# loaderLog=/opt/grouperLoader/grouperLoader.log
#
# cd $gshBinDirectory
# theDate=`date`
# /usr/bin/nohup $gshBinDirectory/gsh -loader >> $loaderLog 2>&1 &
# pid=$!
# echo $pid > $pidLocation
# echo >> $loaderLog
# echo "##############################" >> $loaderLog
# echo "## $theDate: started Grouper loader... ($pid)" >> $loaderLog
# echo "##############################" >> $loaderLog
# echo >> $loaderLog





########################################################################

# function to kill a pid, wait for exit...
killPid(){
  pidToKill=$1
  /bin/kill $pidToKill

  #loop until the program is dead
  waitingForExit=true
  iterator=1

  while [ "$waitingForExit" == "true" ]; do

    # xargs will trim the string
    processIdToKill=`/bin/ps -fp $pidToKill | grep gsh | grep loader | grep -v /bin/ps | cut -c10-15 | xargs`
    if [ -n "$processIdToKill" ]; then
      echo Waiting for exit...
    else
      # lets just make sure: (sometimes process isnt found with -fp...)
      /bin/kill -KILL $pidToKill > /dev/null 2>&1

      waitingForExit=false
    fi

    if [ "$iterator" -gt "10" ]; then
      waitingForExit=false
    fi

    let "iterator += 1"
    if [ "$waitingForExit" == "true" ]; then
      sleep 1
    fi
  done

  processIdToKill=`/bin/ps -fp $pidToKill | grep gsh | grep loader | grep -v /bin/ps | cut -c10-15 | xargs`
  if [ -n "$processIdToKill" ]; then
    /bin/kill -KILL $pidToKill
    sleep 1

    processIdToKill=`/bin/ps -fp $pidToKill | grep gsh | grep loader | grep -v /bin/ps | cut -c10-15 | xargs`
    if [ -n "$processIdToKill" ]; then
      echo "Cannot kill process: $processIdToKill"
      exit 1
    fi  

  fi

}

# get the process id of the gsh process, put into the variable theGshProcessId
# if pass "true" as arg, then exit if there are multiple running
gshProcessId(){

  if [ "$1" == "true" ]; then
    numberOfProcesses=`/bin/ps -ef | grep $gshBinDirectory | grep gsh | grep loader | grep -v /bin/ps | grep edu.internet2.middleware.grouper.app.gsh.GrouperShellWrapper | wc -l` 
    if [  "$numberOfProcesses" -gt "1" ]; then
      echo "Grouper loader is running multiple times!!!"
      exit 1
    fi
  fi


  theGshProcessId=`/bin/ps -ef | grep $gshBinDirectory | grep gsh | grep loader | grep -v /bin/ps | grep edu.internet2.middleware.grouper.app.gsh.GrouperShellWrapper | head -1 | cut -c10-15 | xargs`
}

# get the parent process id of the gsh process, put into the variable theGshParentProcessId
gshParentProcessId(){
  theGshParentProcessId=`/bin/ps -ef | grep /bin/sh | grep $gshBinDirectory | grep gsh | grep loader | grep -v /bin/ps | head -1 | cut -c10-15 | xargs`
}



runningUser=`/usr/bin/whoami`

 
# we only want appadmin or root to be able to do this
if [ "$runningUser" != "$shouldRunAs" ]; then
 
  if [ "$runningUser" != "root"  ]; then
 
    echo "ERROR: only user $shouldRunAs or root can run administer the grouperLoader service: '$runningUser'"
    echo
    exit 1
    
  fi
 
fi
 
case "$1" in
  start)
 
    gshProcessId "true"
    gshParentProcessId

    # if this is true, then it is running...
    if [ -n "$theGshProcessId" ]; then

      # lets see if the process id matches
      if [ -f "$pidLocation" ]; then
        pidInFile=`cat $pidLocation`
      
        if [ -n "$theGshParentProcessId" ]; then
          if [ "$theGshParentProcessId" -eq "$pidInFile" ]; then
            echo "Grouper loader is running already, parent process id: $theGshParentProcessId, process id: $theGshProcessId"
            exit 1
          fi
        fi

      fi
      echo "Grouper loader is already running, but pid doesnt match file.  Parent process id: $theGshParentProcessId, process id: $theGshProcessId, parent process id in file: $pidInFile"
      exit 1
    fi

    echo "Starting Grouper loader service..."

    # caches build up, remove them
    rm -rf /opt/appserv/tomcat/apps/grouperWs/logs/grouper/grouperLoaderCache/ehcache_auto_created_*

    # if not appadmin, then we must be root
    if [ ! "$runningUser" == "$shouldRunAs" ]; then
      su $shouldRunAs -c $grouperLoaderBootstrapScript
    else
      # if not root then we must be appadmin
      $grouperLoaderBootstrapScript
    fi
    echo "Grouper loader is running..."
    ;;
  stop)


    waitingForExitStop=true
    iteratorStop=1
    wasRunning=false
    while [ "$waitingForExitStop" == "true" ]; do

      gshProcessId
      if [ -n "$theGshProcessId" ]; then
        wasRunning=true
        echo "Grouper loader is running with processId: $theGshProcessId, waiting for exit..."
        theDate=`date`
        if [ -f $loaderLog ]; then
          echo >> $loaderLog
          echo "##############################" >> $loaderLog
          echo "## $theDate: stopping Grouper loader... ($theGshProcessId)" >> $loaderLog
          echo "##############################" >> $loaderLog
          echo >> $loaderLog
        fi

        killPid $theGshProcessId
      else 
        waitingForExitStop=false
      fi

      if [ "$iteratorStop" -gt "10" ]; then
       
        echo "Cannot stop Grouper loader!"
        exit 1
      fi

      let "iteratorStop += 1"
      if [ "$waitingForExitStop" == "true" ]; then
        sleep 1
      fi
    done

    waitingForExitStop=true
    iteratorStop=1

    while [ "$waitingForExitStop" == "true" ]; do

      gshParentProcessId
      if [ -n "$theGshParentProcessId" ]; then
        echo "Grouper loader parent is running with processId: $theGshProcessId, waiting for exit..."
        killPid $theGshParentProcessId
      else 
        waitingForExitStop=false
      fi

      if [ "$iteratorStop" -gt "10" ]; then
       
        echo "Cannot stop Grouper loader parent!"
        exit 1
      fi

      let "iteratorStop += 1"
      if [ "$waitingForExitStop" == "true" ]; then
        sleep 1
      fi
    done
    if [ -f $pidLocation ]; then
      rm $pidLocation
    fi
    if [ "true" == "$wasRunning" ]; then
      echo "Grouper loader is stopped"
    else
      echo "Grouper loader was not running"
    fi

    # caches build up, remove them 
    rm -rf /opt/appserv/tomcat/apps/grouperWs/logs/grouper/grouperLoaderCache/ehcache_auto_created_*

    ;;
  status)

    gshProcessId "true"
    gshParentProcessId

    # if this is true, then it is running...
    if [ -n "$theGshProcessId" ]; then

      # lets see if the process id matches
      if [ -f "$pidLocation" ]; then
        pidInFile=`cat $pidLocation`
      
        if [ -n "$theGshParentProcessId" ]; then
          if [ "$theGshParentProcessId" == "$pidInFile" ]; then
            echo "Grouper loader is running, parent process id: $theGshParentProcessId, process id: $theGshProcessId"
            exit 0
          fi
        fi

      fi
      echo "Grouper loader is running, but pid doesnt match file.  Parent process id: $theGshParentProcessId, process id: $theGshProcessId, parent process id in file: $pidInFile"
      exit 0
    fi
    # lets see if the process id matches
    if [ -f "$pidLocation" ]; then
      pidInFile=`cat $pidLocation`
    
      if [ -n "$theGshParentProcessId" ]; then
        echo "Grouper loader is not running, but there is a process id: $pidInFile in the pid file: $pidLocation"
        exit 1
      fi
    fi
    echo "Grouper loader is not running"
    exit 0

    ;;
  restart)
    echo -n "Restarting Grouper loader: "
    $0 stop
    sleep 5
    $0 start
    echo "done."
    ;;
  *)
    echo "Usage: $0 {start|stop|restart|status}"
    exit 1

Set permissions and register the service:

[appadmin@theprince grouperLoader]$ chmod +x /opt/appserv/grouperLoader/grouperLoader.sh
[appadmin@theprince grouperLoader]$ chmod +x /opt/appserv/grouperLoader/grouperLoaderService.sh

[root@theprince init.d]# ln -s /opt/appserv/grouperLoader/grouperLoaderService.sh /etc/init.d/grouperLoader
[root@theprince init.d]# chkconfig --add grouperLoader
[root@theprince init.d]# chkconfig --levels 345 grouperLoader on

You can test this by turning on the service, turning it on again, getting the status, etc

[appadmin@mamapalma grouperLoader]$ ps -ef | grep gsh
appadmin 14300   518  0 16:30 pts/0    00:00:00 grep gsh
[appadmin@mamapalma grouperLoader]$ /sbin/service grouperLoader stop
Grouper loader was not running
[appadmin@mamapalma grouperLoader]$ /sbin/service grouperLoader status
Grouper loader is not running
[appadmin@mamapalma grouperLoader]$ /sbin/service grouperLoader start
Starting Grouper loader service...
Grouper loader is running...
[appadmin@mamapalma grouperLoader]$ ps -ef | grep gsh
appadmin 14420     1  0 16:30 pts/0    00:00:00 /bin/sh /opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/gsh -loader
appadmin 14421 14420 99 16:30 pts/0    00:00:09 java -Xms64m -Xmx750m -Dgrouper.home=/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../ -classpath /opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../classes:/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../lib/*: edu.internet2.middleware.grouper.app.gsh.GrouperShellWrapper -loader
appadmin 14450   518  0 16:30 pts/0    00:00:00 grep gsh
[appadmin@mamapalma grouperLoader]$ cat /opt/grouperLoader/grouperLoader.pid
14420
[appadmin@mamapalma grouperLoader]$ /sbin/service grouperLoader status
Grouper loader is running, parent process id: 14420, process id: 14421
[appadmin@mamapalma grouperLoader]$ /sbin/service grouperLoader start
Grouper loader is running already, parent process id: 14420, process id: 14421
[appadmin@mamapalma grouperLoader]$ echo "123" > /opt/grouperLoader/grouperLoader.pid
[appadmin@mamapalma grouperLoader]$ /sbin/service grouperLoader status
Grouper loader is running, but pid doesnt match file.  Parent process id: 14420, process id: 14421, parent process id in file: 123
[appadmin@mamapalma grouperLoader]$ /sbin/service grouperLoader start
Grouper loader is already running, but pid doesnt match file.  Parent process id: 14420, process id: 14421, parent process id in file: 123
[appadmin@mamapalma grouperLoader]$ ps -ef | grep gsh
appadmin 14420     1  0 16:30 pts/0    00:00:00 /bin/sh /opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/gsh -loader
appadmin 14421 14420  9 16:30 pts/0    00:00:11 java -Xms64m -Xmx750m -Dgrouper.home=/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../ -classpath /opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../classes:/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../lib/*: edu.internet2.middleware.grouper.app.gsh.GrouperShellWrapper -loader
appadmin 14638   518  0 16:32 pts/0    00:00:00 grep gsh
[appadmin@mamapalma grouperLoader]$ /sbin/service grouperLoader stop
Grouper loader is running with processId: 14421, waiting for exit...
Waiting for exit...
Grouper loader is stopped
[appadmin@mamapalma grouperLoader]$ ps -ef | grep gsh
appadmin 14725   518  0 16:33 pts/0    00:00:00 grep gsh
[appadmin@mamapalma grouperLoader]$ locate gsh
/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/gsh
[appadmin@mamapalma grouperLoader]$ cd /opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/
[appadmin@mamapalma bin]$ ./gsh -loader & >/dev/null 2>&1
[appadmin@mamapalma bin]$ /sbin/service grouperLoader status
Grouper loader is running, but pid doesnt match file.  Parent process id: , process id: 14731, parent process id in file:
[appadmin@mamapalma bin]$ ps -ef | grep gsh
appadmin 14731 14730 35 16:34 pts/0    00:00:10 /opt/appserv/java6/bin/java -Xms64m -Xmx750m -Dgrouper.home=/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../ -classpath /opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../classes:/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../lib/*: edu.internet2.middleware.grouper.app.gsh.GrouperShellWrapper -loader
appadmin 14812   518  0 16:34 pts/0    00:00:00 grep gsh
[appadmin@mamapalma bin]$ /sbin/service grouperLoader stop
Grouper loader is running with processId: 14731, waiting for exit...
Waiting for exit...
Grouper loader is stopped
[1]+  Done                    ./gsh -loader
[appadmin@mamapalma bin]$ ps -ef | grep gsh
appadmin 14891   518  0 16:34 pts/0    00:00:00 grep gsh
[appadmin@mamapalma bin]$ /sbin/service grouperLoader start
Starting Grouper loader service...
Grouper loader is running...
[appadmin@mamapalma bin]$ ./gsh -loader & >/dev/null 2>&1
[appadmin@mamapalma bin]$ ps -ef | grep gsh
appadmin 14956     1  0 16:35 pts/0    00:00:00 /bin/sh /opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/gsh -loader
appadmin 14957 14956 68 16:35 pts/0    00:00:10 java -Xms64m -Xmx750m -Dgrouper.home=/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../ -classpath /opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../classes:/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../lib/*: edu.internet2.middleware.grouper.app.gsh.GrouperShellWrapper -loader
appadmin 14987 14986 96 16:35 pts/0    00:00:10 /opt/appserv/java6/bin/java -Xms64m -Xmx750m -Dgrouper.home=/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../ -classpath /opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../classes:/opt/appserv/tomcat_3b/webapps/grouperWs/WEB-INF/bin/../lib/*: edu.internet2.middleware.grouper.app.gsh.GrouperShellWrapper -loader
appadmin 15040   518  0 16:35 pts/0    00:00:00 grep gsh
[appadmin@mamapalma bin]$ /sbin/service grouperLoader status
Grouper loader is running multiple times!!!
[appadmin@mamapalma bin]$ /sbin/service grouperLoader start
Grouper loader is running multiple times!!!
[appadmin@mamapalma bin]$ /sbin/service grouperLoader stop
Grouper loader is running with processId: 14957, waiting for exit...
Waiting for exit...
Grouper loader is running with processId: 14987, waiting for exit...
Grouper loader is stopped
[1]+  Done                    ./gsh -loader
[appadmin@mamapalma bin]$ ps -ef | grep gsh
appadmin 15191   518  0 16:36 pts/0    00:00:00 grep gsh
[appadmin@mamapalma bin]$
  • No labels