Search

OakieTags

Who's online

There are currently 0 users and 34 guests online.

Recent comments

Affiliations

wget

Replicating Tanel’s Script Library

Tanel does offer a zip file with all of his scripts. The zip seems up-to-date now; I started doing this alternative technique awhile ago when the zip file didn’t seem to get updated as quickly as the raw scripts directory.

  mkdir tpt
  cd tpt

wget -r -nH --cut-dirs=2 --no-parent --reject="index.html*" http://blog.tanelpoder.com/files/scripts/

  cd ..

[svn/git] add tpt
[svn/git] commit tpt -m "added Tanel Poder's script library to our script repository"

Please remember that as Tanel says on his own website, “always proofread the scripts and test their effect out in a test environment before running in production.”

Replicating Tanel’s Script Library

Tanel does offer a zip file with all of his scripts. The zip seems up-to-date now; I started doing this alternative technique awhile ago when the zip file didn’t seem to get updated as quickly as the raw scripts directory.

  mkdir tpt
  cd tpt

wget -r -nH --cut-dirs=2 --no-parent --reject="index.html*" http://blog.tanelpoder.com/files/scripts/

  cd ..

[svn/git] add tpt
[svn/git] commit tpt -m "added Tanel Poder's script library to our script repository"

Please remember that as Tanel says on his own website, “always proofread the scripts and test their effect out in a test environment before running in production.”

Using wget and proxy to download patches from MOS

This is a rather quick note, but can be quite useful in certain situations. I currently look after a system which is quite difficult to jump on. That means before I get to do a “sudo su – oracle” I need to get to a jump-off box, ssh to 2 other machines and then log in as myself. It’s secure, but not user friendly. Especially in this case where I needed to run the latest RDA for an an open support request.

So rather than “dragging” the RDA with me on each box I used the new (Flash) interface to get a small shell script which you just need to deploy to your machine and run. It then connects to updates.oracle.com and does its magic.

The script works mostly fine, but depending on your environment you have to make small changes. My example is for Solaris 10, any Linux should just work out of the box.To start with you need to log in to the Flash version of My Oracle Support (unsurprisingly) and click on “patches and updates”. Enter your patch number, for example 10376971 for RDA on Solaris SPARC 64bit. On the results page, click on the description (“remote Diagnostics Agent OCM Bundle….”). The line will now be highlighted. Next, click on the download icon to view a new pop up window.The magic is in the “wget options” link down to the left. Clicking on it you have the option to have a script created or either copy the script to the clipboard.

I chose the latter, and created /tmp/get.sh with the contents from the clipboard. The script is shown here:

#!/bin/sh

#
# Generated Wed, 23 Feb 2011 08:49:57 Coordinated Universal Time
# Start of user configurable variables
#

# SSO username and password
SSO_USERNAME=user@company.com
SSO_PASSWORD=

# E-Delivery token
# The EPD_TOKEN will expire 48 hours after the following generation date
# Wed, 23 Feb 2011 08:49:57 Coordinated Universal Time
EPD_TOKEN=

# Path to wget command
WGET="/usr/bin/wget"

# Location of cookie file
COOKIE_FILE=/tmp/$$.cookies

# Log directory and file
LOGDIR=.
LOGFILE=$LOGDIR/wgetlog-`date +%m-%d-%y-%H:%M`.log

# Output directory and file
OUTPUT_DIR=.

#
# End of user configurable variable
#

if [ "$SSO_PASSWORD " = " " ]
then
 echo "Please edit script and set SSO_PASSWORD"
 exit
fi

# Contact updates site so that we can get SSO Params for logging in
SSO_RESPONSE=`$WGET https://updates.oracle.com/Orion/Services/download 2>&1|grep Location`

# Extract request parameters for SSO
SSO_TOKEN=`echo $SSO_RESPONSE| cut -d '=' -f 2|cut -d ' ' -f 1`
SSO_SERVER=`echo $SSO_RESPONSE| cut -d ' ' -f 2|cut -d 'p' -f 1,2`
SSO_AUTH_URL=sso/auth
AUTH_DATA="ssousername=$SSO_USERNAME&password=$SSO_PASSWORD&site2pstoretoken=$SSO_TOKEN"

# The following command to authenticate uses HTTPS. This will work only if the wget in the environment
# where this script will be executed was compiled with OpenSSL. Remove the --secure-protocol option
# if wget was not compiled with OpenSSL
# Depending on the preference, the other options are --secure-protocol= auto|SSLv2|SSLv3|TLSv1
$WGET --secure-protocol=auto --post-data $AUTH_DATA --save-cookies=$COOKIE_FILE --keep-session-cookies $SSO_SERVER$SSO_AUTH_URL -O sso.out >> $LOGFILE 2>&1

rm -f sso.out

$WGET  --load-cookies=$COOKIE_FILE --save-cookies=$COOKIE_FILE --keep-session-cookies "https://updates.oracle.com/Orion/Services/download/p10376971_422_SOLARIS64.zip?aru=13243257&patch_file=p10376971_422_SOLARIS64.zip" -OUTPUT_DIR/p10376971_422_SOLARIS64.zip   >> $LOGFILE 2>&1

# Cleanup
rm -f $COOKIE_FILE

You need to check the SSO_USERNAME and SSO_PASSWORD variables to match your settings. I needed to do some minor modifications for my Solaris 10 installation . For example, wget is in the Sun Freeware directory (/usr/sfw/bin), which is not in the PATH. Change wget to “not check for certificates”, as shown in this example, line 20:

WGET=”/usr/sfw/bin/wget –no-check-certificate”

I also had to set a proxy-set the following environment variables, either in the script or on the command line:

export http_proxy=http://proxy.host:port
export https_proxy=https://proxy.host:port

With this set, everything worked smoothly. It pays off to run the script with the -x option as in bash -x /tmp/get.sh. As you can see the script writes a log file to your current working directory, and it saves the patch in it as well. Be careful not to fill up /tmp/ with a 3GB download :)

This technique obviously depends on the wget utility to be available. For security reasons your sys admin may not have installed it in which case you might use some fancy cascaded port-forwarding to get the patch to your box (or ask someome with more permissions after having spent 30 minutes raising a ticket which is going to be executed in the next 3 weeks)

Happy patching