001/* 002 * #%L 003 * Netarchivesuite - deploy 004 * %% 005 * Copyright (C) 2005 - 2018 The Royal Danish Library, 006 * the National Library of France and the Austrian National Library. 007 * %% 008 * This program is free software: you can redistribute it and/or modify 009 * it under the terms of the GNU Lesser General Public License as 010 * published by the Free Software Foundation, either version 2.1 of the 011 * License, or (at your option) any later version. 012 * 013 * This program is distributed in the hope that it will be useful, 014 * but WITHOUT ANY WARRANTY; without even the implied warranty of 015 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 016 * GNU General Lesser Public License for more details. 017 * 018 * You should have received a copy of the GNU General Lesser Public 019 * License along with this program. If not, see 020 * <http://www.gnu.org/licenses/lgpl-2.1.html>. 021 * #L% 022 */ 023package dk.netarkivet.deploy; 024 025import dk.netarkivet.common.exceptions.ArgumentNotValid; 026import dk.netarkivet.common.utils.StringUtils; 027 028/** 029 * This class contains constants and functions specific for creating the scripts and other files for the different 030 * machines and applications. 031 */ 032public final class ScriptConstants { 033 034 /** 035 * Private constructor to avoid instantiation of this class. 036 */ 037 private ScriptConstants() { 038 } 039 040 // Character constants as Strings. 041 /** The newline '\n' - acquired from Constants. */ 042 static final String NEWLINE = Constants.NEWLINE; 043 /** The directory separator for policy files. */ 044 static final String SECURITY_DIR_SEPARATOR = "${/}"; 045 046 // Strings 047 /** The header of some scripts. */ 048 static final String BIN_BASH_COMMENT = "#!/bin/bash"; 049 /** The call for running a batch script from another batch script. */ 050 static final String OPERATING_SYSTEM_WINDOWS_RUN_BATCH_FILE = "\"C:\\Program Files\\Bitvise WinSSHD\\bvRun\" -brj -new -cmd="; 051 /** The call to the wait.vbs script that waits 10 seconds. */ 052 static final String OPERATING_SYSTEM_WINDOWS_10_SECONDS_WAIT = ScriptConstants.CSCRIPT + Constants.SPACE 053 + Constants.SCRIPT_NAME_WAIT + Constants.EXTENSION_VBS_FILES; 054 /** Ddk.netarkivet.settings.file=. */ 055 static final String OPTION_SETTINGS = "Ddk.netarkivet.settings.file="; 056 /** Ddk.netarkivet.settings.file=\"\". */ 057 static final String OPTION_SETTINGS_WIN = OPTION_SETTINGS + "\"\""; 058 /** Dlogback.configurationFile=. */ 059 static final String OPTION_LOGBACK_CONFIG = "Dlogback.configurationFile="; 060 static final String OPTION_LOGBACK_CONFIG_WIN = OPTION_LOGBACK_CONFIG + "\"\""; 061 /** Djava.security.manager. */ 062 static final String OPTION_SECURITY_MANAGER = "Djava.security.manager"; 063 /** Djava.security.policy=. */ 064 static final String OPTION_SECURITY_POLICY = "Djava.security.policy="; 065 /** Djava.security.policy=\"\". */ 066 static final String OPTION_SECURITY_POLICY_WIN = OPTION_SECURITY_POLICY + "\"\""; 067 /** 068 * Array of classpaths for libraries used to access the database. Currently: lib/db/derbynet.jar and 069 * lib/db/derby.jar . 070 */ 071 static final String[] DERBY_ACCESS_CLASSPATH = new String[] {"lib/db/derbynet.jar", "lib/db/derby.jar"}; 072 /** org.apache.derby.drda.NetworkServerControl . */ 073 static final String DERBY_ACCESS_METHOD = "org.apache.derby.drda.NetworkServerControl"; 074 /** start . */ 075 static final String DERBY_COMMAND_START = "start"; 076 /** shutdown . */ 077 static final String DERBY_COMMAND_KILL = "shutdown"; 078 079 /** The message when database is trying to overwrite a non-empty dir. */ 080 static final String DATABASE_ERROR_PROMPT_DIR_NOT_EMPTY = "The database directory already exists. Thus database not reset."; 081 082 /** cmd /c - Command for running programs on windows. */ 083 static final String WINDOWS_COMMAND_RUN = "cmd /c"; 084 /** more - the command for reading a log file. */ 085 static final String WINDOWS_COMMAND_TYPE = "type"; 086 /** cmd /c unzip.exe -q -d - Command for unzipping on windows. */ 087 static final String WINDOWS_UNZIP_COMMAND = WINDOWS_COMMAND_RUN + " unzip.exe -q -d"; 088 /** output. -o. */ 089 static final String SCRIPT_OUTPUT = "-o"; 090 /** directory. -d. */ 091 static final String SCRIPT_DIR = "-d"; 092 /** repository. -r. */ 093 static final String SCRIPT_REPOSITORY = "-r"; 094 /** unzip -q -o. */ 095 static final String LINUX_UNZIP_COMMAND = "unzip -q -o"; 096 097 /** Linux chmod u+rwx. */ 098 static final String LINUX_USER_ONLY = "chmod u+rwx"; 099 /** Linux chmod 700. */ 100 static final String LINUX_USER_700 = "chmod 700"; 101 /** Linux chmod 400. */ 102 static final String LINUX_USER_400 = "chmod 400"; 103 /** Linux sent output to dev/null. */ 104 static final String LINUX_DEV_NULL = "< /dev/null >"; 105 /** & . */ 106 static final String LINUX_RUN_BACKGROUND = " &"; 107 /** 2>&1 &. */ 108 static final String LINUX_ERROR_MESSAGE_TO_1 = "2>&1 &"; 109 /** /etc/profile. */ 110 static final String ETC_PROFILE = "/etc/profile"; 111 /** /etc/profile. */ 112 static final String USER_BASH_PROFILE = "~/.bash_profile"; 113 /** The linux command for sleeping. sleep. */ 114 static final String SLEEP = "sleep"; 115 /** sleep 2. */ 116 static final String SLEEP_2 = SLEEP + " 2"; 117 /** sleep 5. */ 118 static final String SLEEP_5 = SLEEP + " 5"; 119 /** .log. */ 120 static final String STAR_LOG = "*.log"; 121 /** ' '. */ 122 static final String MULTI_SPACE_6 = " "; 123 /** ' '. */ 124 static final String MULTI_SPACE_4 = " "; 125 /** ' '. */ 126 static final String MULTI_SPACE_2 = " "; 127 /** ssh. */ 128 static final String SSH = "ssh"; 129 /** scp. */ 130 static final String SCP = "scp"; 131 /** $PIDS. */ 132 static final String PIDS = "$PIDS"; 133 /** " kill $PIDS". */ 134 static final String KILL_PIDS = " kill $PIDS"; 135 /** " kill -9 $PIDS". */ 136 static final String KILL_9_PIDS = " kill -9 $PIDS"; 137 /** " export CLASSPATH=". */ 138 static final String EXPORT_CLASSPATH = "export CLASSPATH="; 139 /** to. */ 140 static final String TO = "to"; 141 /** if. */ 142 static final String IF = "if"; 143 /** fi. */ 144 static final String FI = "fi"; 145 /** at. */ 146 static final String AT = "at"; 147 /** cd. */ 148 static final String CD = "cd"; 149 /** cat. */ 150 static final String CAT = "cat"; 151 /** exist. */ 152 static final String EXIST = "exist"; 153 /** exit. */ 154 static final String EXIT = "exit"; 155 /** then. */ 156 static final String THEN = "then"; 157 /** cacls. */ 158 static final String CACLS = "cacls"; 159 /** cscript. */ 160 static final String CSCRIPT = "cscript"; 161 /** goto. */ 162 static final String GOTO = "goto"; 163 /** else. */ 164 static final String ELSE = "else"; 165 /** else rm -r. */ 166 static final String ELSE_REMOVE = "else rm -r"; 167 /** del. */ 168 static final String DEL = "del"; 169 /** cd ~. */ 170 static final String LINUX_HOME_DIR = "cd ~"; 171 /** if [ -e. */ 172 static final String LINUX_IF_EXIST = "if [ -e"; 173 /** if [ -d. */ 174 static final String LINUX_IF_DIR_EXIST = "if [ -d"; 175 /** if [ ! -d. */ 176 static final String LINUX_IF_NOT_DIR_EXIST = "if [ ! -d"; 177 /** if [ -n. */ 178 static final String LINUX_IF_N_EXIST = "if [ -n"; 179 /** ]; then. */ 180 static final String LINUX_THEN = "]; then"; 181 /** ] ; then. */ 182 static final String LINUX_N_THEN = "] ; then"; 183 /** java. */ 184 static final String JAVA = "java"; 185 /** -cp. */ 186 static final String JAVA_CLASSPATH = "-cp"; 187 /** rd. (windows for remove dir). */ 188 static final String RD = "rd"; 189 /** not. */ 190 static final String NOT = "not"; 191 /** md. (windows for makedir). */ 192 static final String MD = "md"; 193 /** mkdir. (linux for makedir). */ 194 static final String MKDIR = "mkdir"; 195 /** mv -f. (Linux force move of file). */ 196 static final String LINUX_FORCE_MOVE = "mv -f"; 197 /** move /Y. (force move on windows). */ 198 static final String WINDOWS_FORCE_MOVE = "move /Y"; 199 /** classpath. */ 200 static final String CLASSPATH = "classpath"; 201 /** $CLASSPATH. */ 202 static final String VALUE_OF_CLASSPATH = "$CLASSPATH"; 203 /** label KILL. */ 204 static final String LABEL_KILL = "KILL"; 205 /** label NOKILL. */ 206 static final String LABEL_NOKILL = "NOKILL"; 207 /** label DONE. */ 208 static final String LABEL_DONE = "DONE"; 209 /** label START. */ 210 static final String LABEL_START = "START"; 211 /** label NOSTART. */ 212 static final String LABEL_NOSTART = "NOSTART"; 213 /** /P - slash p. */ 214 static final String SLASH_P = "/P"; 215 /** :F - colon f. */ 216 static final String COLON_F = ":F"; 217 /** :R - colon r. */ 218 static final String COLON_R = ":R"; 219 /** -r - dash r. */ 220 static final String DASH_R = "-r"; 221 /** BITARKIV\\\\ - prefix for windows user rights. */ 222 static final String BITARKIV_BACKSLASH_BACKSLASH = "BITARKIV\\\\"; 223 /** readonly - for the monitorRole. */ 224 static final String JMXREMOTE_MONITOR_PRIVILEGES = "readonly"; 225 /** readonly - for the controlRole. */ 226 static final String JMXREMOTE_HERITRIX_PRIVILEGES = "readwrite"; 227 /** The argument for the port for the external database: -p. */ 228 static final String DATABASE_PORT_ARGUMENT = "-p"; 229 230 // echos 231 /** echo. */ 232 static final String ECHO = "echo"; 233 /** echo copying. */ 234 static final String ECHO_COPYING = "echo copying"; 235 /** echo unzipping. */ 236 static final String ECHO_UNZIPPING = "echo unzipping"; 237 /** echo deleting. */ 238 static final String ECHO_DELETING = "echo deleting"; 239 240 /** Do a recursive delete in Linux. */ 241 static final String LINUX_FORCE_RECURSIVE_DELETE = "rm -rf"; 242 /** echo preparing for copying of settings and scripts. */ 243 static final String ECHO_PREPARING_FOR_COPY = "echo preparing for copying of settings and scripts"; 244 /** echo 1. */ 245 static final String ECHO_ONE = "echo 1"; 246 /** echo Y. */ 247 static final String ECHO_Y = "echo Y"; 248 /** echo copying settings and scripts. */ 249 static final String ECHO_COPY_SETTINGS_AND_SCRIPTS = "echo copying settings and scripts"; 250 /** echo make password files readonly. */ 251 static final String ECHO_MAKE_PASSWORD_FILES = "echo make password and access files readonly"; 252 /** echo Killing all applications on. */ 253 static final String ECHO_KILL_ALL_APPS = "echo Killing all applications on"; 254 /** echo Starting all applications on. */ 255 static final String ECHO_START_ALL_APPS = "echo Starting all applications on"; 256 /** ECHO Killing windows application. */ 257 static final String ECHO_KILL_WINDOWS_APPLICATION = "ECHO Killing windows application"; 258 /** echo Killing linux application. */ 259 static final String ECHO_KILL_LINUX_APPLICATION = "echo Killing linux application"; 260 /** ECHO Cannot kill application. Is not running. */ 261 static final String ECHO_CANNOT_KILL_APP = "ECHO Cannot kill application. Is not running."; 262 /** echo Cannot start. Application already running. */ 263 static final String ECHO_CANNOT_START_APP = "echo Cannot start. Application already running."; 264 /** echo Database not implemented for windows. */ 265 static final String ECHO_WINDOWS_DATABASE = "echo Database not implemented " + "for windows."; 266 /** echo Creating directories. */ 267 static final String ECHO_CREATING_DIRECTORIES = "echo Creating directories."; 268 /** echo Installing external jar files. */ 269 static final String ECHO_INSTALLING_EXTERNAL_JAR_FILES = "echo Installing external jar files."; 270 /** echo make scripts executable. */ 271 static final String ECHO_MAKE_EXECUTABLE = "echo make scripts executable"; 272 /** echo Starting linux application. */ 273 static final String ECHO_START_LINUX_APP = "echo Starting linux application"; 274 /** " echo Application already running.". */ 275 static final String ECHO_APP_ALREADY_RUNNING = " echo Application already running."; 276 /** echo Copying database. */ 277 static final String ECHO_COPYING_DATABASE = "echo Copying harvest definition database"; 278 /** echo Copying archive database. */ 279 static final String ECHO_COPYING_ARCHIVE_DATABASE = "echo Copying archive database"; 280 /** echo Unzipping harvest definition database. */ 281 static final String ECHO_UNZIPPING_DATABASE = "echo Unzipping harvest definition database"; 282 /** echo Unzipping archive database. */ 283 static final String ECHO_UNZIPPING_ARCHIVE_DATABASE = "echo Unzipping archive database"; 284 /** echo Starting external admin database. */ 285 static final String ECHO_START_EXTERNAL_ADMIN_DATABASE = "echo Starting external admin database."; 286 /** echo Killing external admin database. */ 287 static final String ECHO_KILL_EXTERNAL_ADMIN_DATABASE = "echo Killing external admin database."; 288 /** echo Starting external harvest database. */ 289 static final String ECHO_START_EXTERNAL_HARVEST_DATABASE = "echo Starting external harvest database."; 290 /** echo Killing external harvest database. */ 291 static final String ECHO_KILL_EXTERNAL_HARVEST_DATABASE = "echo Killing external harvest database."; 292 293 /** echo Updating external harvest database. */ 294 static final String ECHO_UPDATE_EXTERNAL_HARVEST_DATABASE = "echo Updating external harvest database."; 295 /** echo Changing logos. */ 296 static final String ECHO_CHANGING_LOGOS = "echo Changing logos."; 297 298 /** Name of the app called in the harvest database update script. */ 299 static final String HARVEST_DATABASE_UPDATE_APP = "dk.netarkivet.harvester.tools.HarvestdatabaseUpdateApplication"; 300 301 static final String BITARCHIVE_APPLICATION_NAME = "BitarchiveApplication"; 302 303 // VB script 304 /** Set WshShell= CreateObject(\"WScript.Shell\"). */ 305 static final String VB_CREATE_SHELL_OBJ = "Set WshShell= CreateObject(\"WScript.Shell\")"; 306 /** Set oExec = WshShell.exec( \". */ 307 static final String VB_CREATE_EXECUTE = "Set oExec = WshShell.exec( \""; 308 /** "set fso= CreateObject(\"Scripting.FileSystemObject\")". */ 309 static final String VB_CREATE_FSO = "set fso= " + "CreateObject(\"Scripting.FileSystemObject\")"; 310 /** "set f=fso.OpenTextFile(\".\\conf\\". */ 311 static final String VB_WRITE_F_PREFIX = "set f=fso.OpenTextFile(\".\\conf\\"; 312 /** "\",2,True)". */ 313 static final String VB_WRITE_F_SURFIX = "\",2,True)"; 314 /** "f.WriteLine \"taskkill /F /PID \" & oExec.ProcessID". */ 315 static final String VB_WRITE_F_KILL = "f.WriteLine \"taskkill /F /PID \"" + " & oExec.ProcessID"; 316 /** f.close. */ 317 static final String VB_WRITE_F_CLOSE = "f.close"; 318 /** "set f=fso.OpenTextFile(\".\\conf\\". */ 319 static final String VB_WRITE_TF_PREFIX = "set tf=fso.OpenTextFile(\".\\conf\\"; 320 /** "\",8,True)". */ 321 static final String VB_WRITE_TF_SURFIX = "\",8,True)"; 322 /** "tf.WriteLine \"taskkill /F /PID \" & oExec.ProcessID". */ 323 static final String VB_WRITE_TF_CONTENT = "tf.WriteLine \"running process: " + "\" & oExec.ProcessID"; 324 /** f.close. */ 325 static final String VB_WRITE_TF_CLOSE = "tf.close"; 326 /** WScript.Sleep. */ 327 static final String VB_WRITE_WAIT = "WScript.Sleep"; 328 /** 'Create a new start-log for the application. */ 329 static final String VB_COMMENT_NEW_START_LOG = "'Create a new start-log for the application"; 330 /** CreateObject("Scripting.FileSystemObject").OpenTextFile(". */ 331 static final String VB_OPEN_WRITE_FILE_PREFIX = "CreateObject(\"Scripting.FileSystemObject\").OpenTextFile(\""; 332 /** ", 2, True). Means "write to new file", e.g. override existing. */ 333 static final String VB_OPEN_WRITE_FILE_SUFFIX_2 = "\", 2, True)"; 334 /** ", 8, True). Means "append to file" */ 335 static final String VB_OPEN_WRITE_FILE_SUFFIX_8 = "\", 8, True)"; 336 /** .close. */ 337 static final String VB_CLOSE = ".close"; 338 /** Do While oExec.Status = 0. */ 339 static final String VB_DO_WHILE_OEXEC_STATUS_0 = "Do While oExec.Status = 0"; 340 /** WScript.Sleep 1000. */ 341 static final String VB_WSCRIPT_SLEEP_1000 = "WScript.Sleep 1000"; 342 /** Do While. */ 343 static final String VB_DO_WHILE = "Do While "; 344 /** oExec.StdOut. */ 345 static final String VB_OEXEC_STD_OUT = "oExec.StdOut"; 346 /** oExec.StdErr. */ 347 static final String VB_OEXEC_STD_ERR = "oExec.StdErr"; 348 /** .AtEndOfStream <> True. */ 349 static final String VB_AT_END_OF_STREAM_FALSE = ".AtEndOfStream <> True"; 350 /** Set outFile = . */ 351 static final String VB_SET_OUTFILE = "Set outFile = "; 352 /** outFile.WriteLine. */ 353 static final String VB_OUTFILE_WRITELINE = "outFile.WriteLine "; 354 /** ReadLine. */ 355 static final String VB_READ_LINE = ".ReadLine"; 356 /** outFile.close. */ 357 static final String VB_OUTFILE_CLOSE = "outFile.close"; 358 /** Loop. */ 359 static final String VB_LOOP = "Loop"; 360 361 // integers 362 /** Number of '-' repeat for the writeDashLine function. */ 363 static final int SCRIPT_DASH_NUM_REPEAT = 44; 364 365 // functions 366 367 /** 368 * Function for creating dash lines in scripts. 369 * 370 * @return A line of dashes. 371 */ 372 public static String writeDashLine() { 373 return "echo " + StringUtils.repeat("-", SCRIPT_DASH_NUM_REPEAT); 374 } 375 376 /** 377 * The header for the kill all script for the machine. 378 * 379 * @param login The login to the machine (username@machinename) 380 * @return The echo header for killing a machine. 381 * @throws ArgumentNotValid If the login is null or the empty string. 382 */ 383 public static String writeKillMachineHeader(String login) throws ArgumentNotValid { 384 ArgumentNotValid.checkNotNullOrEmpty(login, "String login"); 385 return "echo KILLING MACHINE: " + login + NEWLINE; 386 } 387 388 /** 389 * The header for the start all script for the machine. 390 * 391 * @param login The login to the machine (username@machinename) 392 * @return The echo header for killing a machine. 393 * @throws ArgumentNotValid If the login is null or the empty string. 394 */ 395 public static String writeStartMachineHeader(String login) throws ArgumentNotValid { 396 ArgumentNotValid.checkNotNullOrEmpty(login, "String login"); 397 return "echo STARTING MACHINE: " + login + NEWLINE; 398 } 399 400 /** 401 * The header for the install all script for the machine. 402 * 403 * @param login The login to the machine (username@machinename) 404 * @return The echo header for killing a machine. 405 * @throws ArgumentNotValid If the login is null or the empty string. 406 */ 407 public static String writeInstallMachineHeader(String login) throws ArgumentNotValid { 408 ArgumentNotValid.checkNotNullOrEmpty(login, "String login"); 409 return "echo INSTALLING TO MACHINE: " + login + NEWLINE; 410 } 411 412 /** 413 * Changes a string into correct formatted style. The '.vbs' script needs '\\' instead of '\', which is quite 414 * annoying when using regular expressions, since a final '\' in regular expressions is '\\\\', thus '\\' = 415 * '\\\\\\\\' (8). 416 * 417 * @param path The directory path to change to appropriate format. 418 * @return The formatted path. 419 * @throws ArgumentNotValid If the path is null or the empty string. 420 */ 421 public static String doubleBackslashes(String path) throws ArgumentNotValid { 422 ArgumentNotValid.checkNotNullOrEmpty(path, "String path"); 423 return path.replaceAll("[\\\\]", "\\\\\\\\"); 424 } 425 426 /** 427 * Changes a string into correct formatted style. The '.vbs' script needs '\\' instead of '\', which is quite 428 * annoying when using regular expressions, since a final '\' in regular expressions is '/', thus '\\' = '\\\\\\\\' 429 * (8). 430 * 431 * @param path The directory path to change to appropriate format. 432 * @return The formatted path. 433 * @throws ArgumentNotValid If the path is null or the empty string. 434 */ 435 public static String replaceWindowsDirSeparators(String path) throws ArgumentNotValid { 436 ArgumentNotValid.checkNotNullOrEmpty(path, "String path"); 437 return path.replaceAll("[/]", "\\\\\\\\"); 438 } 439 440 /** 441 * For giving readonly permission to a directory in the security policy. 442 * 443 * @param dir The path to the directory. This has to be formatted to have the correct directory separator: '${/}', 444 * instead of '/' or '\\' for Windows and Linux respectively. 445 * @return The permission string. 446 * @throws ArgumentNotValid If the dir is null or the empty string. 447 */ 448 public static String writeSecurityPolicyDirPermission(String dir) throws ArgumentNotValid { 449 ArgumentNotValid.checkNotNullOrEmpty(dir, "String dir"); 450 return " permission java.io.FilePermission \"" + dir + "-\", \"read\"" + ";" + "\n"; 451 } 452 453 /** 454 * Creates the script for extracting the processes of a specific application, depending on the name of the 455 * application and the settings file. 456 * 457 * @param totalName The total name of the application. 458 * @param path The path to the directory of the settings file (conf-dir). 459 * @param id The identification of the application (name + instanceId). 460 * @return The script for getting the list of running application. 461 * @throws ArgumentNotValid If the totalName, the path or the id is either null or the empty string. 462 */ 463 public static String getLinuxPIDS(String totalName, String path, String id) throws ArgumentNotValid { 464 ArgumentNotValid.checkNotNullOrEmpty(totalName, "String totalName"); 465 ArgumentNotValid.checkNotNullOrEmpty(path, "String path"); 466 ArgumentNotValid.checkNotNullOrEmpty(id, "String id"); 467 return "PIDS=$(ps -wwfe | grep " + totalName + " | grep -v grep | grep " + path + "settings_" + id + ".xml" 468 + " | awk \"{print \\$2}\")"; 469 } 470 471 // Headers 472 /** The header for the jxmremote.password file. */ 473 public static final String JMXREMOTE_PASSWORD_HEADER = "##############################################################" 474 + NEWLINE 475 + "# Password File for Remote JMX Monitoring" 476 + NEWLINE 477 + "##############################################################" 478 + NEWLINE 479 + "#" 480 + NEWLINE 481 + "# Password file for Remote JMX API access to monitoring. This" 482 + NEWLINE 483 + "# file defines the different roles and their passwords. The access" 484 + NEWLINE 485 + "# control file (jmxremote.access by default) defines the allowed" 486 + NEWLINE 487 + "# access for each role. To be functional, a role must have an entry" 488 + NEWLINE 489 + "# in both the password and the access files." 490 + NEWLINE 491 + "#" 492 + NEWLINE 493 + "# Default location of this file is " 494 + "$JRE/lib/management/jmxremote.password" 495 + NEWLINE 496 + "# You can specify an alternate location by specifying a property in" 497 + NEWLINE 498 + "# the management config file " 499 + "$JRE/lib/management/management.properties" 500 + NEWLINE 501 + "# or by specifying a system property (See that file for details)." 502 + NEWLINE 503 + NEWLINE 504 + NEWLINE 505 + "##############################################################" 506 + NEWLINE 507 + "# File permissions of the jmxremote.password file" 508 + NEWLINE 509 + "##############################################################" 510 + NEWLINE 511 + "# Since there are cleartext passwords stored in this file," 512 + NEWLINE 513 + "# this file must be readable by ONLY the owner," 514 + NEWLINE 515 + "# otherwise the program will exit with an error." 516 + NEWLINE 517 + "#" 518 + NEWLINE 519 + "# The file format for password and access files " 520 + "is syntactically the same" 521 + NEWLINE 522 + "# as the Properties file format. The syntax is " 523 + "described in the Javadoc" 524 + NEWLINE 525 + "# for java.util.Properties.load." 526 + NEWLINE 527 + "# Typical password file has multiple lines, " 528 + "where each line is blank," 529 + NEWLINE 530 + "# a comment (like this one), or a password entry." 531 + NEWLINE 532 + "#" 533 + NEWLINE 534 + "#" 535 + NEWLINE 536 + "# A password entry consists of a role name and an associated" 537 + NEWLINE 538 + "# password. " 539 + " The role name is any string that does not itself contain" 540 + NEWLINE 541 + "# spaces or tabs. The password is again any string that does not" 542 + NEWLINE 543 + "# contain spaces or tabs. " 544 + " Note that passwords appear in the clear in" 545 + NEWLINE 546 + "# this file, so it is a good idea not to use valuable passwords." 547 + NEWLINE 548 + "#" 549 + NEWLINE 550 + "# A given role should have at most one entry in this file. " 551 + " If a role" 552 + NEWLINE 553 + "# has no entry" 554 + NEWLINE 555 + "# If multiple entries are found for the same role name, " 556 + "then the last one" 557 + NEWLINE 558 + "# is used." 559 + NEWLINE 560 + "#" 561 + NEWLINE 562 + "# In a typical installation, this file can be read by anybody on the" 563 + NEWLINE 564 + "# local machine, and possibly by people on other machines." 565 + NEWLINE 566 + "# For # security, you should either restrict the" 567 + " access to this file," 568 + NEWLINE 569 + "# or specify another, less accessible file in " 570 + "the management config file" 571 + NEWLINE 572 + "# as described above." + NEWLINE + "#" + NEWLINE; 573 /** The header for the jmxremote.access file. */ 574 public static final String JMXREMOTE_ACCESS_HEADER = "#################################################################" 575 + "#####" 576 + NEWLINE 577 + "#Default Access Control File for Remote JMX(TM) Monitoring" 578 + NEWLINE 579 + "################################################################" 580 + "######" 581 + NEWLINE 582 + "#" 583 + NEWLINE 584 + "# Access control file for Remote JMX API access to monitoring." 585 + NEWLINE 586 + "# This file defines the allowed access for different roles. The" 587 + NEWLINE 588 + "# password file (jmxremote.password by default) defines the " 589 + "roles and their" 590 + NEWLINE 591 + "# passwords. To be functional, a role must have an entry in" 592 + NEWLINE 593 + "# both the password and the access files." 594 + NEWLINE 595 + "#" 596 + NEWLINE 597 + "# Default location of this file is " 598 + "$JRE/lib/management/jmxremote.access" 599 + NEWLINE 600 + "# You can specify an alternate location by specifying a property in" 601 + NEWLINE 602 + "# the management config file " 603 + "$JRE/lib/management/management.properties" 604 + NEWLINE 605 + "# (See that file for details)" 606 + NEWLINE 607 + "#" 608 + NEWLINE 609 + "# The file format for password and access files is syntactically " 610 + "the same" 611 + NEWLINE 612 + "# as the Properties file format. The syntax is described in " 613 + "the Javadoc" 614 + NEWLINE 615 + "# for java.util.Properties.load." 616 + NEWLINE 617 + "# Typical access file has multiple lines, where each line is blank," 618 + NEWLINE 619 + "# a comment (like this one), or an access control entry." 620 + NEWLINE 621 + "#" 622 + NEWLINE 623 + "# An access control entry consists of a role name, and an" 624 + NEWLINE 625 + "# associated access level. The role name is any string that " 626 + "does not" 627 + NEWLINE 628 + "# itself contain spaces or tabs. It corresponds to an entry in the" 629 + NEWLINE 630 + "# password file (jmxremote.password). The access level is one " 631 + "of the" 632 + NEWLINE 633 + "# following:" 634 + NEWLINE 635 + "# \"readonly\" grants access to read attributes of MBeans." 636 + NEWLINE 637 + "# For monitoring, this means that a remote " 638 + "client in this" 639 + NEWLINE 640 + "# role can read measurements but cannot perform " 641 + "any action" 642 + NEWLINE 643 + "# that changes the environment of the " 644 + "running program." 645 + NEWLINE 646 + "# \"readwrite\" grants access to read and write attributes " 647 + "of MBeans," 648 + NEWLINE 649 + "# to invoke operations on them, and to create " 650 + "or remove them." 651 + NEWLINE 652 + "# This access should be granted to only " 653 + "trusted clients," 654 + NEWLINE 655 + "# since they can potentially interfere with " 656 + "the smooth" 657 + NEWLINE 658 + "# operation of a running program" 659 + NEWLINE 660 + "#" 661 + NEWLINE 662 + "# A given role should have at most one entry in this file. " 663 + "If a role" 664 + NEWLINE 665 + "# has no entry, it has no access." 666 + NEWLINE 667 + "# If multiple entries are found for the same role name, " 668 + "then the last" 669 + NEWLINE 670 + "# access entry is used." 671 + NEWLINE 672 + "#" 673 + NEWLINE 674 + "#" 675 + NEWLINE 676 + "# Default access control entries:" 677 + NEWLINE 678 + "# o The \"monitorRole\" role has readonly access." 679 + NEWLINE 680 + "# o The \"controlRole\" role has readwrite access." + NEWLINE + "" + NEWLINE; 681 682 static final String ECHO_DELETING_OLD_LIBRARIES = "echo removing old libraries if they exist."; 683 684}