From owner-freebsd-hackers@FreeBSD.ORG Wed Jan 10 21:46:25 2007 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 22BF416A407; Wed, 10 Jan 2007 21:46:25 +0000 (UTC) (envelope-from lamont@scriptkiddie.org) Received: from sploit.scriptkiddie.org (sploit.scriptkiddie.org [216.231.47.214]) by mx1.freebsd.org (Postfix) with ESMTP id E89BD13C45E; Wed, 10 Jan 2007 21:46:24 +0000 (UTC) (envelope-from lamont@scriptkiddie.org) Received: from sploit (sploit [216.231.47.214]) by sploit.scriptkiddie.org (8.12.11/8.12.11) with ESMTP id l0ALQvxN005407; Wed, 10 Jan 2007 13:27:05 -0800 (PST) Date: Wed, 10 Jan 2007 13:26:57 -0800 (PST) From: Lamont Granquist To: Vulpes Velox In-Reply-To: <20070109184346.135e0bf4@vixen42> Message-ID: References: <20070107190616.73dee7b0@vixen42> <45A1DE76.7000201@FreeBSD.org> <20070108185247.2b6e1f69@vixen42> <45A407D1.9030101@FreeBSD.org> <20070109184346.135e0bf4@vixen42> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed Cc: freebsd-hackers@freebsd.org, Doug Barton Subject: Re: LDAP integration X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jan 2007 21:46:25 -0000 On Tue, 9 Jan 2007, Vulpes Velox wrote: > The why is because I like centralized management and it would be > really handy for that. For my use, it would be handy in regards to my > laptops. > > I feel better central management is extreme significant. If I had > nothing more to say than "this would be neat!" we would not still be > talking. Right now I am just poking around for other people > > I regards to searching the archives, I am not seeing any thing in > regards to LDAP outside of NSS recently. I am also not finding any > thing in regards to dynamically and automatically building various > config files. Why are you doing this in the FreeBSD rc scripts directly? Why not install cfengine and work on making cfengine play better with database-driven config? And if you're looking specifically at the /etc/rc.conf config file, what would be more useful would be an /etc/rc.conf.d/ directory. That gets away from the need to tweak and edit the /etc/rc.conf config file with multiple inputs tweaking a single file. Instead you can drop whole orthogonal fragments into /etc/rc.conf.d/inetd to manage the inetd config which would make it more friendly to radmind-like approaches. It also makes it easier to use with cfengine since orthogonal cfengine modules aren't doing editfiles touches to the same files. The /etc/cron.d directory that (most?) linux distros have is similarly very useful to drop in files that contain completely orthogonal config (and may be written by entirely different config management tools -- e.g. system config management vs. application deployment/management), and the /etc/periodic functionality is not flexible enough to cover all cases.