From owner-freebsd-hackers@FreeBSD.ORG Wed Jan 10 21:56:32 2007 Return-Path: X-Original-To: freebsd-hackers@freebsd.org Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 91A5816A40F for ; Wed, 10 Jan 2007 21:56:32 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: from mail2.fluidhosting.com (mx22.fluidhosting.com [204.14.89.5]) by mx1.freebsd.org (Postfix) with SMTP id 49AFC13C43E for ; Wed, 10 Jan 2007 21:56:32 +0000 (UTC) (envelope-from dougb@FreeBSD.org) Received: (qmail 15239 invoked by uid 399); 10 Jan 2007 21:56:27 -0000 Received: from localhost (HELO ?192.168.0.5?) (dougb@dougbarton.us@127.0.0.1) by localhost with SMTP; 10 Jan 2007 21:56:27 -0000 X-Originating-IP: 127.0.0.1 Message-ID: <45A56107.5050205@FreeBSD.org> Date: Wed, 10 Jan 2007 13:56:23 -0800 From: Doug Barton Organization: http://www.freebsd.org/ User-Agent: Thunderbird 1.5.0.8 (X11/20061215) MIME-Version: 1.0 To: Lamont Granquist References: <20070107190616.73dee7b0@vixen42> <45A1DE76.7000201@FreeBSD.org> <20070108185247.2b6e1f69@vixen42> <45A407D1.9030101@FreeBSD.org> <20070109184346.135e0bf4@vixen42> In-Reply-To: X-Enigmail-Version: 0.94.1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Cc: freebsd-hackers@freebsd.org, Vulpes Velox Subject: Re: LDAP integration X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 10 Jan 2007 21:56:32 -0000 Lamont Granquist wrote: > Why are you doing this in the FreeBSD rc scripts directly? Why not > install cfengine and work on making cfengine play better with > database-driven config? Indeed. For a "many systems" problem, cfengine is a great tool. I think the OP is more interested in the "dynamically configured laptop" problem, which is also an interesting/difficult one, but I don't think it's a good problem for LDAP to solve. It still feels like "I have LDAP that I want to use as a solution, so what problem can I point it at?" to me. > And if you're looking specifically at the /etc/rc.conf config file, what > would be more useful would be an /etc/rc.conf.d/ directory. Good news for you, we already support that. :) I agree that it makes a great tool for the "many systems" problem, and could reasonably be used for part of the "dynamic laptop" problem too. > That gets > away from the need to tweak and edit the /etc/rc.conf config file with > multiple inputs tweaking a single file. Instead you can drop whole > orthogonal fragments into /etc/rc.conf.d/inetd to manage the inetd > config which would make it more friendly to radmind-like approaches. It > also makes it easier to use with cfengine since orthogonal cfengine > modules aren't doing editfiles touches to the same files. Yes yes yes all around. At one time I suggested that we add support for /usr/local/etc/rc.conf.d and encourage port authors to drop files in there, but I didn't get much enthusiasm for it. Perhaps it's time to revisit that? > The > /etc/cron.d directory that (most?) linux distros have is similarly very > useful to drop in files that contain completely orthogonal config (and > may be written by entirely different config management tools -- e.g. > system config management vs. application deployment/management), and the > /etc/periodic functionality is not flexible enough to cover all cases. That's not a bad idea, but you'll have to find some other huckleberry to address it, I've got my hands full at the moment. Doug -- This .signature sanitized for your protection