Date: Wed, 10 Jan 2007 17:37:26 -0600 From: Vulpes Velox <v.velox@vvelox.net> To: Lamont Granquist <lamont@scriptkiddie.org> Cc: freebsd-hackers@freebsd.org, Doug Barton <dougb@freebsd.org> Subject: Re: LDAP integration Message-ID: <20070110173726.466bdc48@vixen42> In-Reply-To: <Pine.GSO.4.60.0701101316300.5305@sploit.scriptkiddie.org> References: <20070107190616.73dee7b0@vixen42> <45A1DE76.7000201@FreeBSD.org> <20070108185247.2b6e1f69@vixen42> <45A407D1.9030101@FreeBSD.org> <20070109184346.135e0bf4@vixen42> <Pine.GSO.4.60.0701101316300.5305@sploit.scriptkiddie.org>
index | next in thread | previous in thread | raw e-mail
On Wed, 10 Jan 2007 13:26:57 -0800 (PST) Lamont Granquist <lamont@scriptkiddie.org> wrote: > > > > On Tue, 9 Jan 2007, Vulpes Velox wrote: > > The why is because I like centralized management and it would be > > really handy for that. For my use, it would be handy in regards > > to my laptops. > > > > I feel better central management is extreme significant. If I had > > nothing more to say than "this would be neat!" we would not still > > be talking. Right now I am just poking around for other people > > > > I regards to searching the archives, I am not seeing any thing in > > regards to LDAP outside of NSS recently. I am also not finding any > > thing in regards to dynamically and automatically building various > > config files. > > Why are you doing this in the FreeBSD rc scripts directly? Why not > install cfengine and work on making cfengine play better with > database-driven config? I've looked at it once a long time ago and have looked at it again today. It has never held my interest for too long. I find perl and LDAP much more interesting. More user friendly as well. > And if you're looking specifically at the /etc/rc.conf config file, > what would be more useful would be an /etc/rc.conf.d/ directory. > That gets away from the need to tweak and edit the /etc/rc.conf > config file with multiple inputs tweaking a single file. Instead > you can drop whole orthogonal fragments into /etc/rc.conf.d/inetd > to manage the inetd config which would make it more friendly to > radmind-like approaches. It also makes it easier to use with > cfengine since orthogonal cfengine modules aren't doing editfiles > touches to the same files. The /etc/cron.d directory that (most?) > linux distros have is similarly very useful to drop in files that > contain completely orthogonal config (and may be written by > entirely different config management tools -- e.g. system config > management vs. application deployment/management), and > the /etc/periodic functionality is not flexible enough to cover all > cases. This honestly sounds like a massive and complete pain in the ass. I don't even see how this is remote admin friendly. It just means way more to muck around with. If cfengine can not generate rc.conf in a nice manner, it seems more like a problem with cfengine. On a similar note, rc.conf.local supported? I saw it referenced in the man file for rc.conf, but never hear any thing about it and I've not finished picking rc.subr apart yet.home | help
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070110173726.466bdc48>