Try something like this:
body common control
{
bundlesequence => { "test" };
inputs => { "/var/cfengine/inputs/cfengine_stdlib.cf" };
}
bundle agent test
{
files:
"/tmp/sshd_config"
edit_line => uncomment_lines_containing("PermitRootLogin.*","#"),
classes => if_repaired("restart_sshd");
commands:
restart_sshd::
"/etc/init.d/sshd restart";
}
On Nov 15, 2010, at 3:42 AM, Seifert, Christian wrote:
> Hello,
> i've successfully implemented your solution with the sshd_config file. But
> the secound problem is cfengine has to restart the sshd service.
> It is possible to restart the service, only i've edited the sshd_config file?
> I mean a command with "if" or something else.
>
> Thanks in advance
>
>
> --
> Christian Seifert
>
> Basistechnologie und Betrieb
>
> GESIS Gesellschaft für Informationssysteme mbH
> Eisenhüttenstraße 99
> 38239 Salzgitter
> Telefon +49 5341 21-8464
> E-Mail [email protected]
> Internet www.gesis.de
>
>
> --
> GESIS Gesellschaft für Informationssysteme mbH | Sitz der Gesellschaft:
> Salzgitter | Registergericht: Amtsgericht Braunschweig | Registernummer: HRB
> 6194 | Geschäftsführer: Dipl.-Kfm. Ewald Kratz
>
>
>
>
> Von: Nakarin Phooripoom [mailto:[email protected]]
> Gesendet: Freitag, 12. November 2010 12:20
> An: Seifert, Christian
> Cc: [email protected]
> Betreff: Re: sshd_conf managing with cfengine
>
> It works fine for me. Here what I did.
>
> body common control
> {
> bundlesequence => { "test" };
> inputs => { "/var/cfengine/inputs/cfengine_stdlib.cf" };
> }
>
> bundle agent test
> {
> files:
> "/tmp/sshd_config"
> edit_line => uncomment_lines_containing("PermitRootLogin.*","#");
> }
>
> r...@testmachine:/tmp# grep Permit sshd_config
> #PermitRootLogin yes
> PermitEmptyPasswords no
>
> r...@testmachine:/tmp# cf-agent -f ./xxx.cf -IK
> Edited file /tmp/sshd_config
>
> r...@testmachine:/tmp# grep Permit sshd_config
> PermitRootLogin yes
> PermitEmptyPasswords no
>
> Cheers,
> --Nakarin
>
>
> On Nov 12, 2010, at 10:38 AM, Seifert, Christian wrote:
>
>>
>> Hello everybody,
>> I want to managing some configuration files of my system.
>> For example the file sshd_conf. I want to edit the line "PermitRootLoging
>> yes". In this line there has to be no comment - no # sign.
>>
>> I think i should use the bundle "edit_line
>> uncomment_lines_matching(regex,comment)", but it doesn't work for me.
>> My created file for this job is this:
>>
>> bundle sshd_conf {
>>
>> files:
>> "/tmp/sshd_conf"
>>
>> edit_line => AppendOrReplaceLineMatching("PermitRootLogin yes");
>>
>> }
>>
>> bundle edit_line uncomment_lines_matching(regex,comment)
>>
>> # Uncomment lines of a file where the regex matches
>> # the text after the comment string
>>
>> {
>> replace_patterns:
>>
>> "$(comment)($(regex))$" replace_with => uncomment;
>> }
>>
>>
>>
>> It would be very nice if some of you has a promise like that.
>>
>>
>> Thanks in advance
>>
>> --
>> Christian Seifert
>>
>> _______________________________________________
>> Help-cfengine mailing list
>> [email protected]
>> https://cfengine.org/mailman/listinfo/help-cfengine
>
> _______________________________________________
> Help-cfengine mailing list
> [email protected]
> https://cfengine.org/mailman/listinfo/help-cfengine
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
