Re: modular policies

NWatson Wed, 09 Dec 2009 12:31:00 -0800

Thanks for the feedback Ed.  It is possible to try to further hide some 
repeated information such as owners and modes.  However this value still 
has to be set somewhere.  If it is not in the current location as I have 
shown you'll have to look in multiple places to find all the information. 
Lets look an example.


            "coreadm" string => "/etc/coreadm.conf";
            "face" string => "/usr/oasys/tmp/TERRLOG";
            "loginlog" string => "/var/adm/loginlog";

            "files" slist => {
                "coreadm",
                "face",
                "loginlog"
            };
 
    methods:

##################
# Pass file information above to a files promise

        redhat|suse|sunos_5_10::

            "any" usebundle => fileperms(
                "${${files}",
                "0600",
                "root",
                "bin"
                );

It looks neater.  Suppose I want to add a file that has a different user, 
group or mode?  In a perfect world we'd be able to define data structures 
in CF as we would in Perl and loop through them.

@files = (

        { 
        mod => 0644,
        usr => root,
        grp => root,
        trgs => [
                 "/etc/coreadm.conf",
                  "/usr/oasys/tmp/TERRLOG",
                 "/var/adm/loginlog";\
        ]
        },
 
        {
        mod => 0600,
        usr => root,
        grp => root,
        trgs => [
                "/root",
                "/etc/secret",
                "/var/log/secure.*"
        ]
        }
)
 

Sincerely,
--
Neil Watson
416-673-3465


CONFIDENTIALITY WARNING 
This communication, including any attachments, is for the exclusive use of 
addressee and may contain proprietary and/or confidential information. If you 
are not the intended recipient, any use, copying, disclosure, dissemination or 
distribution is strictly prohibited. If you are not the intended recipient, 
please notify the sender immediately by return e-mail, delete this 
communication and destroy all copies.

AVERTISSEMENT RELATIF À LA CONFIDENTIALITÉ 
Ce message, ainsi que les pièces qui y sont jointes, est destiné à l’usage 
exclusif de la personne à laquelle il s’adresse et peut contenir de 
l’information personnelle ou confidentielle. Si le lecteur de ce message n’en 
est pas le destinataire, nous l’avisons par la présente que toute diffusion, 
distribution, reproduction ou utilisation de son contenu est strictement 
interdite. Veuillez avertir sur-le-champ l’expéditeur par retour de courrier 
électronique et supprimez ce message ainsi que toutes les pièces jointes.

_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine

Re: modular policies

Reply via email to