From fb2afbb19df46d65b0b306e015dc59c6b2bfc48f Mon Sep 17 00:00:00 2001 From: Tomi Eckert Date: Tue, 9 Sep 2025 10:41:47 +0200 Subject: [PATCH] add keymanager --- hdb_keymanager.sh | 106 ++++++++++++++++++++++++++++++++++++++++++++++ install.sh | 1 + 2 files changed, 107 insertions(+) create mode 100644 hdb_keymanager.sh diff --git a/hdb_keymanager.sh b/hdb_keymanager.sh new file mode 100644 index 0000000..edffd60 --- /dev/null +++ b/hdb_keymanager.sh @@ -0,0 +1,106 @@ +#!/bin/bash + +# A script to interactively manage SAP HANA hdbuserstore keys. + +# --- Style Definitions --- +COLOR_BLUE='\033[1;34m' +COLOR_GREEN='\033[1;32m' +COLOR_YELLOW='\033[1;33m' +COLOR_RED='\033[1;31m' +COLOR_NC='\033[0m' # No Color + +HDB_EXECUTABLE_PATH="/usr/sap/hdbclient/hdbuserstore" + +# --- Function: Create New Key --- +create_new_key() { + echo -e "\n${COLOR_BLUE}🔑 --- Create New Secure Key ---${COLOR_NC}" + read -p "Enter the Key Name [CRONKEY]: " key_name + read -p "Enter the HANA Host [hanasrv]: " hdb_host + read -p "Enter the Instance Number [00]: " hdb_instance + read -p "Enter the Tenant DB [NDB]: " hdb_tenant + read -p "Enter the Database User [SYSTEM]: " hdb_user + read -sp "Enter the Database Password: " hdb_pass + echo "" + + key_name=${key_name:-"CRONKEY"} + hdb_host=${hdb_host:-"hanasrv"} + hdb_instance=${hdb_instance:-"00"} + hdb_tenant=${hdb_tenant:-"NDB"} + hdb_user=${hdb_user:-"SYSTEM"} + + CONNECTION_STRING="${hdb_host}:3${hdb_instance}15@${hdb_tenant}" + + echo -e "\n${COLOR_YELLOW}📝 Review the command below (password is hidden):" + echo "------------------------------------------------------" + printf "${HDB_EXECUTABLE_PATH} SET \"%s\" \"%s\" \"%s\" \"\"\n" "$key_name" "$CONNECTION_STRING" "$hdb_user" + echo -e "------------------------------------------------------${COLOR_NC}" + + read -p "❓ Execute this command? (y/n): " execute_now + if [[ "$execute_now" =~ ^[Yy]$ ]]; then + echo -e "\n${COLOR_GREEN}⚙️ Executing command...${COLOR_NC}" + if "$HDB_EXECUTABLE_PATH" SET "$key_name" "$CONNECTION_STRING" "$hdb_user" "$hdb_pass"; then + echo -e "${COLOR_GREEN} ✅ Success! Key '${key_name}' stored securely.${COLOR_NC}" + else + echo -e "${COLOR_RED} ❌ Error: Failed to store key '${key_name}'. Please check details and credentials.${COLOR_NC}" + fi + else + echo -e "\n${COLOR_YELLOW}🛑 Execution aborted by user.${COLOR_NC}" + fi +} + +# --- Function: Delete Key --- +delete_key() { + echo -e "\n${COLOR_BLUE}🗑️ --- Delete Existing Secure Key ---${COLOR_NC}" + + keys=$("$HDB_EXECUTABLE_PATH" list 2>/dev/null | tail -n +3 | grep '^KEY ' | awk '{print $2}') + if [ -z "$keys" ]; then + echo -e "${COLOR_YELLOW}🤷 No keys found to delete.${COLOR_NC}" + return + fi + + PS3=$'\nPlease select a key to delete (or Ctrl+C to cancel): ' + select key_to_delete in $keys; do + if [ -n "$key_to_delete" ]; then + read -p "❓ PERMANENTLY delete the key '$key_to_delete'? (y/n): " confirm + if [[ "$confirm" =~ ^[Yy]$ ]]; then + echo -e "\n${COLOR_GREEN}⚙️ Deleting key '$key_to_delete'...${COLOR_NC}" + if "$HDB_EXECUTABLE_PATH" DELETE "$key_to_delete"; then + echo -e "${COLOR_GREEN} ✅ Success! Key '$key_to_delete' has been deleted.${COLOR_NC}" + else + echo -e "${COLOR_RED} ❌ Error: Failed to delete the key.${COLOR_NC}" + fi + else + echo -e "\n${COLOR_YELLOW}🛑 Deletion aborted by user.${COLOR_NC}" + fi + break + else + echo -e "${COLOR_RED}❌ Invalid selection. Try again.${COLOR_NC}" + fi + done +} + +# --- Main Menu --- +while true; do + echo -e "\n${COLOR_BLUE}🔐 ========== SAP HANA Secure User Store Key Manager ==========${COLOR_NC}" + echo "1) Create a New Key" + echo "2) Delete an Existing Key" + echo "3) Exit" + + read -p $'\nPlease select an option: ' choice + + case $choice in + 1) + create_new_key + ;; + 2) + delete_key + ;; + 3) + echo "👋 Exiting." + exit 0 + ;; + *) + echo -e "${COLOR_RED}❌ Invalid option '$choice'. Please try again.${COLOR_NC}" + ;; + esac +done \ No newline at end of file diff --git a/install.sh b/install.sh index 9b97fe4..199913a 100644 --- a/install.sh +++ b/install.sh @@ -6,6 +6,7 @@ declare -A SCRIPT_PACKAGES SCRIPT_PACKAGES["Aurora Suite"]="https://git.technopunk.space/tomi/Scripts/raw/branch/main/aurora/aurora.sh https://git.technopunk.space/tomi/Scripts/raw/branch/main/aurora/aurora.conf" +SCRIPT_PACKAGES["Userstore Key Manager"]="https://git.technopunk.space/tomi/Scripts/raw/branch/main/hdb_keymanager.sh" # Example: To add another single script later, just add a new line: # SCRIPT_PACKAGES["My Other Script"]="https://path/to/my-other-script.sh"