Date: 28 Mar 2001 18:42:40 -0800 From: Duane T Mun <dtm@foobox.net> To: Jordan Hubbard <jkh@osd.bsdi.com> Cc: DougB@DougBarton.net, freebsd-arch@FreeBSD.ORG Subject: Re: configuration files Message-ID: <ru9g0fxi9cv.fsf@booyaa.hq.netapp.com> In-Reply-To: <20010327112049F.jkh@osd.bsdi.com> References: <20010327081943.EE95A37B718@hub.freebsd.org> <20010327004317J.jkh@osd.bsdi.com> <3AC06153.EEBF632E@DougBarton.net> <20010327112049F.jkh@osd.bsdi.com>
next in thread | previous in thread | raw e-mail | index | archive | help
>>>>> "JH" == Jordan Hubbard <jkh@osd.bsdi.com> writes:
JH> We have a whole bunch of system and application configuration
JH> data living in /etc and a few other places. Almost every
JH> configuration file has its own unique format and set of rules
JH> about how you're supposed to edit it or what utility
JH> (foo_mkdb) you're supposed to run after editing it so that its
JH> backing database, if it has one, is updated.
Ever taken a look at cfengine (http://www.iu.hioslo.no/cfengine/)?
Its a system configuration tool that uses classes to define what gets
done.
So, lets say I don't like my root account to use csh(1), and prefer
sh(1).
--------------------------------------------------------------------------
editfiles:
freebsd::
{ ${CFTESTDIR}/etc/master.passwd
ReplaceAll '/root:/bin/.sh$' With '/root:/bin/sh'
DefineClasses 'rebuild_passwd'
}
shellcommands:
freebsd.rebuild_passwd.postprocess::
"/usr/sbin/pwd_mkdb -p -d ${CFTESTDIR}/etc ${CFTESTDIR}/etc/master.passw
d"
--------------------------------------------------------------------------
I would use _editfiles_ to modify /etc/master.passwd. _ReplaceAll_ is
similar to `sed '1,$s/.../.../g'`. Then a new class is defined
_rebuild_passwd_.
When _shellcommands_ is executed, it tests to see if all three classes
(freebsd, rebuild_passwd, and postprocess) are defined. If so, then
/usr/sbin/pwd_mkdb is run.
The next time cfengine is run, the _Replace_All_ would not execute
because there's no match, and the class _rebuild_passwd_ would not be
defined, so the _shellcommands_ stuff shown will also not run.
BTW, the ${CFTESTDIR} is an environment variable that is passed to
cfengine when I'm doing testing.
Here's a quote from the docs:
Cfengine is a tool for setting up and maintaining BSD and
System-V-like operating system optionally attached to a TCP/IP
network. You can think of cfengine as a very high level
language--much higher level than Perl or shell: a single statement
can result in many hundreds of operations being performed on
multiple hosts. Cfengine is good at performing a lot of common
system administration tasks, and allows you to build on its
strengths with your own scripts. You can also use it as a netwide
front-end for `cron'. Once you have set up cfengine, you'll be
free to use your time being like a human being, instead of playing
R2-D2 with the system.
The main purpose of cfengine is to allow you to create a single,
central system configuration which will define how every host on
your network should be configured in an intuitive way. An
interpreter runs on every host on your network and parses the
master file (or file-set); the configuration of each host is
checked against this file and then, if you request it, any
deviations from the defined configuration are fixed automatically.
You do not have to mention every host specifically by name in
order to configure them: instead you can refer to the properties
which distinguish hosts from one another. Cfengine uses a
flexible system of "classes" which helps you to single out a
specific group of hosts with a single statement.
Its a decent system configuration tool, and doesn't require any
changes to the way UNIX-like systems work.
-- dtm
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-arch" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ru9g0fxi9cv.fsf>