#!/usr/sbin/rsct/perl5/bin/perl
# IBM_PROLOG_BEGIN_TAG 
# This is an automatically generated prolog. 
#  
#  
#  
# Licensed Materials - Property of IBM 
#  
# (C) COPYRIGHT International Business Machines Corp. 2002,2007 
# All Rights Reserved 
#  
# US Government Users Restricted Rights - Use, duplication or 
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp. 
#  
# IBM_PROLOG_END_TAG 
#* Module Name:
#*
#* Description:
#*  Script used to configure SNMP traps for Linux to allow
#*  RMC to receive SNMP traps in the audit log.
#*
use strict;
use Getopt::Std;

$::CTMSG = "/usr/sbin/rsct/bin/ctdspmsg";
$::MSGMAPPATH = "/usr/sbin/rsct/msgmaps";
$::LDPDEF = "/usr/sbin/rsct/install/bin/ldpdef";

#* Functions:
#*
#*===========================================================================*/
#* Config Function: config.
#* put trap2rmc entries in the snmptrapd.conf file
#* define new auditlog template and audit log resource classes
#* if they are not already defined.
#*===========================================================================*/

sub config {
    my $cmd;
    
    # now move /usr/share/snmptrapd.conf to /usr/share/snmptrapd.conf.orig
    # if it exists.

    if (-f "/usr/share/snmp/snmptrapd.conf"){ 
        # if the file exists and has references to trap2rmc then
        # there is nothing that needs to be done.
        $cmd = "/bin/grep  trap2rmc /usr/share/snmp/snmptrapd.conf > /dev/null";
        system("$cmd");

        if($? >> 8){     # if the return code is 1, then there is no trap2rmc
 			 # references and we need to put them in.

	    # back up the original file.
            $cmd = "/bin/cp /usr/share/snmp/snmptrapd.conf "; 
            $cmd .= "/usr/share/snmp/snmptrapd.conf.orig";
	    system("$cmd");

            # now add the new traphandle commands:
	    open(FILE, ">>/usr/share/snmp/snmptrapd.conf");
	    print FILE "# the trap2rmc command forwards traps to the IBM.AuditLog.\n\n";
	    print FILE "traphandle IBM-RSCT-MIB::errmEvent /usr/sbin/rsct/bin/trap2rmc errmEvent\n";
	    print FILE "traphandle default /usr/sbin/rsct/bin/trap2rmc\n";
	    close(FILE);

	}
	

     }
     else {     # The snmptrapd.conf file does not exists
	       # create the file:
	    open(FILE, ">/usr/share/snmp/snmptrapd.conf");
	    print FILE "# the trap2rmc command forwards traps to the IBM.AuditLog.\n\n";
	    print FILE "traphandle IBM-RSCT-MIB::errmEvent /usr/sbin/rsct/bin/trap2rmc errmEvent\n";
	    print FILE "traphandle default /usr/sbin/rsct/bin/trap2rmc\n";
	    close(FILE);
    }

    #*===========================================================================*/
    #*
    #* Define resource classes if not defined:
    #* run the lsrsrc command and grep for  SNMP.  If it is not found the return
    #* code will be 1.  If the return code is 1, then we define the resource class
    #* using the mkrsrc-api command.
    #*
    #*===========================================================================*/


    # Check if these resources are defined yet
    $cmd = '/usr/bin/lsrsrc -s"Name==\"SNMP\"" IBM.AuditLog | /bin/grep SNMP > /dev/null';
    system("$cmd");
    if($? >> 8){     # if the SNMP AuditLog is not defined then create it.
        $cmd = "/usr/sbin/rsct/bin/mkrsrc-api IBM.AuditLog::Name::SNMP::MessageCatalog::";
        $cmd .= "consume.cat::MessageSet::1::DescriptionId::3 > /dev/null";
        system("$cmd");
    }
    #else { print "The AuditLog was already defined for SNMP\n"; }

    # Next, see if the AuditLog template class has been created.  If it hasn't create it.

    $cmd = '/usr/bin/lsrsrc -s"Subsystem==\"SNMP\"" IBM.AuditLogTemplate | /bin/grep SNMP > /dev/null';
    system("$cmd");
    if($? >> 8){
        $cmd = "/usr/sbin/rsct/bin/mkrsrc-api 'IBM.AuditLogTemplate::TemplateId::0::Subsystem";
    	$cmd .= "::SNMP::FieldDefinitions::{[SNMPtrap,8,0,SNMPtrap,0,SNMPtrap,0]}::FormatMessageId";
    	$cmd .= "::0::FormatMessageText::%s' > /dev/null";
    	system("$cmd");
    }
    # else { print "The AuditLogTemplate was already defined for SNMP\n"; }


    #*===========================================================================*/
    #*
    #* Restart the snmptrapd daemon with the new settings.
    #*
    #*===========================================================================*/
    # get the PID of the currently running snmptrapd if it is running.
    # then stop it and restart it again so that it reads our new
    # snmptrapd.conf configuration file. Then the process

    chomp(my $pid= `/bin/ps -ef | /bin/grep snmptrapd | /bin/grep -v grep | /bin/awk '{print \$2}'`);
    if($pid){ 
        `/bin/kill -9 $pid`;
    }
    # start it up again!
    system("/usr/sbin/snmptrapd");

    #*===========================================================================*/
    #*
    #* Start or verify that the snmpd daemon is running.
    #*
    #*===========================================================================*/
    # get the PID of the currently running snmpd if it is running.
    # if it's running then we just leave.  Otherwise, if we don't get A PID, then we 
    # assume that it isn't running, and start it up again!

    chomp(my $pid= `/bin/ps -ef | /bin/grep snmpd | /bin/grep -v grep | /bin/awk '{print \$2}'`);
    unless($pid){ 
        # start it up again!
	#print "Starting thE snmpd!\n";
        system("/usr/sbin/snmpd");          # start snmpd daemon.
    }

    # check SNMP trap sensor
    $cmd = "/usr/bin/lssensor | /bin/grep SNMPTrap 2>&1 > /dev/null";
    system("$cmd");
    if($? >> 8){
        # creat the SNMP trap sensor if it is not exist
        $cmd = "$::LDPDEF -s IBM.SensorRMsensor.pdef";
        system("$cmd");
    }

    # check SNMP condition
    my $condName = `$::CTMSG IBM_SensorRMcond SensorRMpdef.cat IMsgSNMPTrapDetectedName`;
    $cmd = "/usr/bin/lscondition | /bin/grep '$condName' 2>&1 > /dev/null";
    system("$cmd");
    if ($? >> 8){
        # creat the SNMP trap condition
        $cmd = "$::LDPDEF -c IBM.SensorRMcond.pdef";
        system("$cmd");
	
    }

    # check response
    my $respName = `$::CTMSG IBM_SensorRMresp SensorRMpdef.cat IMsgBroadcastDetailsOfEventAnyTimeName`;
    $cmd = "/usr/bin/lsresponse | /bin/grep '$respName' 2>&1 > /dev/null";
    system("$cmd");
    if ($? >> 8){
        # creat needed response
        $cmd = "$::LDPDEF -r IBM.SensorRMresp.pdef";
        system("$cmd");
    }
}

#*===========================================================================*/
#* Unconfig Function: unconfig.
#* remove trap2rmc entries in the snmptrapd.conf file
#* Note: this function will not uninstall ucd-snmp
#*===========================================================================*/

sub unconfig {
    if (-f "/usr/share/snmp/snmptrapd.conf"){   # check if file exists.
     	my $cmd = "/bin/grep -v trap2rmc /usr/share/snmp/snmptrapd.conf ";  # if the file exists,
        $cmd .= "> /usr/share/snmp/snmptrapd.conf.unconfig ";           # delete all entries that have trap2rmc
	system("$cmd");                              # run the command.
        $cmd = "/bin/mv /usr/share/snmp/snmptrapd.conf.unconfig"; # move it back to the
        $cmd .= " /usr/share/snmp/snmptrapd.conf";                 # snmptrapd.conf file.
	system("$cmd");                              # run the command.
	
    }

    # now check to see if the daemon is running.  If it is then we need to restart
    # it with the new snmptrapd.conf file that will not forward events to RMC.
    my $pid="";
    chomp($pid= `/bin/ps -ef | /bin/grep snmptrapd | /bin/grep -v grep | /bin/awk '{print $\2}'`);
    if($pid){
	`/bin/kill -9 $pid`;
	# start it up again!
	`/usr/sbin/snmptrapd`;
    }
}


#*===========================================================================*/
#* Argument Function: getArguments 
#* gets command line arguments and puts them into global variables
#*===========================================================================*/

sub getArguments {
    getopts('hu');
    if($::opt_u){
  	&unconfig(); 
	exit 0; 
    }
    if($::opt_h){
	my $msg = `$::CTMSG cfgrmcsnmp bridges.snmp.cat IMsg_CFGRMCSNMP_USAGE`;
	print $msg;
	exit 0; 
    }
}


#*===========================================================================*/
#* 
#* Main 
#* 
#*===========================================================================*/


# unless we are running on linux, exit. 
unless($^O eq "linux"){       # the $^O is the os name.
    exit;
}
 
&getArguments();

# check supported snmp package
my $cmd;
my @snmpPkg = `/bin/rpm -qa | grep snmp`;
my $pkginstalled = grep(/ucdsnmp/, @snmpPkg);
$pkginstalled |= grep(/ucd-snmp/, @snmpPkg);
$pkginstalled |= grep(/net-snmp/, @snmpPkg);

if ($pkginstalled) {
	&config();
} else {
	my $msg = `$::CTMSG cfgrmcsnmp bridges.snmp.cat IMsg_SNMP_PKG_NOT_INSTALLED`;
	print $msg;
}

exit 0;
