Date: Wed, 10 Jan 2007 17:37:26 -0600 From: Vulpes Velox <v.velox@vvelox.net> To: Lamont Granquist <lamont@scriptkiddie.org> Cc: freebsd-hackers@freebsd.org, Doug Barton <dougb@freebsd.org> Subject: Re: LDAP integration Message-ID: <20070110173726.466bdc48@vixen42> In-Reply-To: <Pine.GSO.4.60.0701101316300.5305@sploit.scriptkiddie.org> References: <20070107190616.73dee7b0@vixen42> <45A1DE76.7000201@FreeBSD.org> <20070108185247.2b6e1f69@vixen42> <45A407D1.9030101@FreeBSD.org> <20070109184346.135e0bf4@vixen42> <Pine.GSO.4.60.0701101316300.5305@sploit.scriptkiddie.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 10 Jan 2007 13:26:57 -0800 (PST) Lamont Granquist <lamont@scriptkiddie.org> wrote: > > > > On Tue, 9 Jan 2007, Vulpes Velox wrote: > > The why is because I like centralized management and it would be > > really handy for that. For my use, it would be handy in regards > > to my laptops. > > > > I feel better central management is extreme significant. If I had > > nothing more to say than "this would be neat!" we would not still > > be talking. Right now I am just poking around for other people > > > > I regards to searching the archives, I am not seeing any thing in > > regards to LDAP outside of NSS recently. I am also not finding any > > thing in regards to dynamically and automatically building various > > config files. > > Why are you doing this in the FreeBSD rc scripts directly? Why not > install cfengine and work on making cfengine play better with > database-driven config? I've looked at it once a long time ago and have looked at it again today. It has never held my interest for too long. I find perl and LDAP much more interesting. More user friendly as well. > And if you're looking specifically at the /etc/rc.conf config file, > what would be more useful would be an /etc/rc.conf.d/ directory. > That gets away from the need to tweak and edit the /etc/rc.conf > config file with multiple inputs tweaking a single file. Instead > you can drop whole orthogonal fragments into /etc/rc.conf.d/inetd > to manage the inetd config which would make it more friendly to > radmind-like approaches. It also makes it easier to use with > cfengine since orthogonal cfengine modules aren't doing editfiles > touches to the same files. The /etc/cron.d directory that (most?) > linux distros have is similarly very useful to drop in files that > contain completely orthogonal config (and may be written by > entirely different config management tools -- e.g. system config > management vs. application deployment/management), and > the /etc/periodic functionality is not flexible enough to cover all > cases. This honestly sounds like a massive and complete pain in the ass. I don't even see how this is remote admin friendly. It just means way more to muck around with. If cfengine can not generate rc.conf in a nice manner, it seems more like a problem with cfengine. On a similar note, rc.conf.local supported? I saw it referenced in the man file for rc.conf, but never hear any thing about it and I've not finished picking rc.subr apart yet.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070110173726.466bdc48>