Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
HristoGrigorov
Jump to solution

Proper place to put custom scripts

Hi,

So, I wrote my own backup script for Security Management Server and I thought the proper place to put it in is /usr/local/sbin/

Well, I was wrong. When I upgraded server from R80.10 to R80.20 my script was silently deleted.

Where shall I place my scripts so that they are preserved between upgrades?

1 Solution

Accepted Solutions
Tomer_Sole
Mentor
Mentor

Our recommendation is to use the Script Repository available in SmartConsole.

As Check Point Objects, they will survive all upgrades.

Later you can run that script on gateways by right-clicking them. You can also run them with the Management API referring to just the name of the Script object with the parameters "script-name", representing a title for the script, and "script", representing the script code.

View solution in original post

15 Replies
PhoneBoy
Admin
Admin

Somewhere under your home directory is probably the safest place to put it as it should not be affected by an upgrade.

HristoGrigorov

Thank you, /home/bin/ it is then.

Danny
Champion Champion
Champion
It depends. Check via set with paths are defined in your environment. I prefer /usr/local/bin


0 Kudos
PhoneBoy
Admin
Admin

I think he said that location got overwritten, thus why I suggested somewhere else.

0 Kudos
HristoGrigorov

Yes, I just need a path that won't be touched by the upgrade scripts. I vaguely remember according to LSB, /usr/local/bin/ is the right one. Do not like to put executables in home dir but in this case I probably have no other choice.

JozkoMrkvicka
Authority
Authority

The best would be to do deep pre-check before upgrade. Save all custom scripts and cron jobs outside of the machine to be available for all collegues and ready to be put back after upgrade. This is also valid for all .conf and .def files.

Kind regards,
Jozko Mrkvicka
Tomer_Sole
Mentor
Mentor

Our recommendation is to use the Script Repository available in SmartConsole.

As Check Point Objects, they will survive all upgrades.

Later you can run that script on gateways by right-clicking them. You can also run them with the Management API referring to just the name of the Script object with the parameters "script-name", representing a title for the script, and "script", representing the script code.

HristoGrigorov

I like that the most, thanx Tomer. Only need to figure out how to invoke script from Job Scheduler using Management API. Shouldn't be that difficult...

0 Kudos
Petr_Hantak
Advisor
Advisor

In case you want to invoke job scheduler then I think it is still the best way put it to some /home/ directory and attach job to cron. Just attach it there via  WebUI or CLI commands:

HostName> set cron job JOB_NAME command ... 
HostName> set cron job JOB_NAME recurrence ...

In that case job stay to be scheduled in your configuration file. On the other hand you must still have the script itself backuped somewhere. 

For me personally it is not a bafd enchancement to have possibility to use Script repository and just schedule same script for example on different firewalls throuh console...

0 Kudos
Ronen_Zel
Mod
Mod

Thanks for the information Tomer. I just created a new SecureKnowledge article with this information, sk140852.

HristoGrigorov

Great idea, thanx! Just to mention, there is a small error in SK. Parameter name is "script" and not "script-body".

Tomer_Sole
Mentor
Mentor

sorry about that, I made the mistake originally in this thread..

0 Kudos
Ronen_Zel
Mod
Mod

Thanks. I just fixed the sk. The fixed version should be available within a few minutes.

0 Kudos
jacneto
Participant

Make no sense to me put a scripts in the Script Repository and run it with Security Management API calling the script by the name ("script-name" parameter) and still using the "script" parameter (which is required) with the script body. Am I missing something? 

0 Kudos
Sven_Glock
Advisor

If you like to share your exprience with running scripts thru the Scrpit Repository your are more than welcome to join my threat: SmartConsole Scripts Repository usecases and experience 

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events