Forum: Cfengine Help
Subject: Manage Solaris 10 Services (a working example)
Author: kholloway
Link to topic: https://cfengine.com/forum/read.php?3,20812,20812#msg-20812
For any of you that struggled with this here is what I came up with that worked
well for us.
Works only on Solaris 10 for services that use the SMF framework.
Enjoy
-Kent
--------PUT ANY PLACE YOU WANT TO MANAGE A SEVICE (OR LIST OF SERVICES)---------
bundle agent services_main
{
vars:
"base_enabled_services" slist => {
'ssh',
'cron'
},
comment => "Default enabled services list for Solaris";
# This may go away also but builds a list of enabled services from a
slist..
# This way you can exclude things via the grep if needed, like removing
or adding FTP service for example.
solaris|solarisx86::
"enabled_services" slist => grep(".*","base_enabled_services");
methods:
solaris|solarisx86::
# Services one at a time..
"any" usebundle =>
manage_services("telnet","disable","service_disabled");
"any" usebundle =>
manage_services("finger","disable","service_disabled");
"any" usebundle =>
manage_services("rlogin","disable","service_disabled");
"any" usebundle =>
manage_services("rexec","disable","service_disabled");
# Enable a list of services from a slist
"any" usebundle =>
manage_services($(enabled_services),"enable","service_enabled"),
comment => "Enabling default services";
}
----PUT IN YOUR COMMON LIBRARY LOCATION-----
bundle common service_status(service)
{
vars:
# Clean service name for use in variables..
"clean_service" string => canonify("${service}"),
policy => "overridable";
# Create array named sstat with clean_service name as array index with
output from execresult
"sstat[${clean_service}]" string => execresult("/usr/bin/svcs -H
${service}","noshell");
}
bundle agent manage_services(service,state,setclass)
{
# For service name check and set it's desired state
# State can be anything that svcadm can handle which is currently
# enable, disable, restart, clear
#
# The other options mark and milestone require different options and are not
supported
# in this bundle
vars:
# Clean service name for use in variables..
"cservice" string => canonify("${service}"),
policy => "overridable";
solaris|solarisx86::
"svc_cmd" string => "/usr/sbin/svcadm";
classes:
# Set one of the classes below based on output from service_status
array sstat
# NOTE: This sets the services CURRENT state, not it's desired state
"c_online" expression => regcmp(".*online.*",
"${service_status.sstat[${cservice}]}");
"c_disabled" expression => regcmp(".*disabled.*",
"${service_status.sstat[${cservice}]}");
"c_maintenance" expression => regcmp(".*maintenance.*",
"${service_status.sstat[${cservice}]}");
"c_not_exist" expression => regcmp(".*doesn't match any instances.*",
"${service_status.sstat[${cservice}]}");
# Set one of the classes below based on which desired state was passed
to us
"d_enable" expression => regcmp(".*enable.*", "${state}");
"d_disable" expression => regcmp(".*disable.*", "${state}");
"d_restart" expression => regcmp(".*restart.*", "${state}");
"d_clear" expression => regcmp(".*clear.*", "${state}");
commands:
# If desired state is disable then disable if we are online or in
maintenance mode
d_disable.(solaris|solarisx86)::
"${svc_cmd}"
args => "disable ${service}",
ifvarclass => "c_online|c_maintenance",
classes => if_else("${setclass}","no");
# Enable only works from a disabled state, if in maintnenace clear it
first then try to enable.
# Clear it first if needed then enable, note that status will still be
c_maintenance until next CFEngine run
# which is why c_maintenance is valid for an enable request
d_enable.(solaris|solarisx86)::
"${svc_cmd}"
args => "clear ${service}",
ifvarclass => "c_maintenance",
classes => if_else("${setclass}","no");
"${svc_cmd}"
args => "enable ${service}",
ifvarclass => "c_disabled|c_maintenance",
classes => if_else("${setclass}","no");
# You can't restart a disabled or in maintenance service, only online
is valid
d_restart.(solaris|solarisx86)::
"${svc_cmd}"
args => "restart ${service}",
ifvarclass => "c_online",
classes => if_else("${setclass}","no");
# Clear a service is valid only from maintenance state
d_clean.(solaris|solarisx86)::
"${svc_cmd}"
args => "restart ${service}",
ifvarclass => "c_maintenance",
classes => if_else("${setclass}","no");
methods:
solaris|solarisx86::
"any" usebundle => service_status("${service}"),
comment => "Checking service status";
reports:
solaris|solarisx86::
"Changed to state: ${state} for service: ${service} - previous state
was: ${service_status.sstat[${cservice}]}",
ifvarclass => "${setclass}";
"Failed to change to state: ${state} for service: ${service} -
previous state was: ${service_status.sstat[${cservice}]}",
ifvarclass => "no";
# NOTE: You can force a class to be set from the command line so to
enable this run
# cf-agent -D debug and you will see the output below or anywhere debug
is used.
debug.(solaris|solarisx86)::
"Service: ${service} - Requested State: ${state} - Current State:
${service_status.sstat[${cservice}]}";
}
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
