[ Replying to myself. ]
Marc Baudoin <baud...@stg-interactive.com> écrit :
>
> I'm assessing Cfengine 3 (community edition) to manage a bunch of
> servers. It seems to have all the required features but I can't
> figure out how to manage packages (at least in the way I want).
> I believe package management is quite new in Cfengine 3 so what I
> need may not exist yet.
>
> I'd like to be able to list explicitely what packages has to be
> installed on each server. This is easy:
>
> bundle agent packages
> {
> vars:
> "match_package" slist => { "pkg1" , "pkg2" } ;
>
> packages:
> "$(match_package)"
> package_policy => "add" ,
> package_method => generic ;
> }
>
> But I also want other packages to be removed. Ideally, packages
> installed as dependencies of those listed in $(match_package)
> should be handled automatically so they don't have to be listed
> explicitely but it depends heavily on which package manager is
> used. So, supposing every required package (and their
> dependencies) is listed in $(match_package), how can I have any
> other one removed?
>
> Intuitively, I'd like to be able to add something like that to my
> bundle:
>
> packages:
> not "$(match_package)"
> package_policy => "delete" ,
> package_method => generic ;
>
> But I haven't found the right syntax to use (I may have missed
> something in the documentation, as it's quite hard for a
> newcomer).
>
> Is there a way to do that?
After spending some time reading the documentation and testing
different aspects of Cfengine, I came up with the following
bundle, which seems to do what I want, which is make sure no
other package than those listed in $(packages) are installed:
bundle agent software
{
vars:
"packages" slist => { "pkg1" , "pkg2" } ;
"installed"
slist =>
{
readstringlist ( "/tmp/installed" ,
"#.*" , "[\n]" , "10000" , "100000" )
} ;
packages:
"$(packages)"
package_method => generic ,
package_policy => "add" ;
"$(installed)"
package_method => generic ,
package_policy => "delete" ;
commands:
"/usr/bin/dpkg -l | /usr/bin/awk '/^ii/ {print $2}' > /tmp/installed"
contain => in_shell ;
files:
"/tmp/installed"
edit_line => delete_lines_matching ( "$(packages)" ) ;
}
Can somebody more experienced in the ways of Cfengine tell me if
this is correct? Is it optimal or are there things to improve?
--
Marc Baudoin
STG Interactive
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
