Re: classes

Fri, 17 Dec 2010 14:20:12 -0800 

I did not read your config in detail, but you said "only one server in a class" 
and then I see lists, so... If you are running 3.1.0(?), you have possibly 
stumbled across a bug with singleton lists that is repaired in the versions 
after that.  Upgrade to the latest version, and you should see this particular 
problem go away.

-Dan

On Dec 17, 2010, at 2:08 PM, Sandra Wittenbrock wrote:

> Hello,
> 
> I am using cfengine for firewall configurations.  I have many servers, 
> and most have different firewall configurations.  I am using classes to 
> specify the firewall settings.  I'm having difficulty when there is only 
> one server in a class.
> 
> For the classes containing lists of servers I define them as follows and 
> this works:
> 
> bundle common g{
> 
>   classes:
>       "sdm_hosts" or => { "dmx17_gov", "dmx11_gov", 
> "ipv4_128_3_30_207", "data1_gov", "data2_gov", "data3_gov", "data4_gov", 
> "data5__gov","datagridF_gov", "sim_gov", "sdm_gov", "sdmhome_gov", 
> "sdmis2_gov", "dmsoft_gov", "esg_gov", "srm_gov"  },
> 
> }
> 
> I'm not sure how to define just one.  I try to run a section only when 
> the system is dmg, but it is making the file modifications all the time 
> regardless of the system name.  Neither of the following entries seemed 
> to work:
> 
>     "dmg" or => { "dmg_gov"  };
>     "dmg" expression => "dmg_gov";
> 
> 
> Here are the entries in more detail:
> 
> bundle common g{
> 
>      classes:
>         "dmg" expression => "dmg_gov";
> 
> }
> 
> 
> bundle agent sdm
> {
> 
> files:
> 
>     dmg::
>       "/etc/firestarter/inbound/allow-service"
>         create => "true",
>         edit_line => sdmallowservicedmg,
>         perms => usystem("0440"),
>         classes => if_repaired("firewall_reconfigured");
> 
> processes:
> 
>      firewall_reconfigured::
>         "/etc/init.d/firestarter"
>           restart_class => "restart_firestarter";
> 
> 
> commands:
> 
>         restart_firestarter::
>       "/etc/init.d/firestarter restart";
> 
> 
> }
> 
> 
> bundle edit_line sdmallowservicedmg
> {
> "SSH, 22, everyone,";
> }
> 
> 
> 
> Thanks for any advice.  I can't find how to do this in the reference manual.
> 
> Sandra
> _______________________________________________
> Help-cfengine mailing list
> [email protected]
> https://cfengine.org/mailman/listinfo/help-cfengine

_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine

Reply via email to