On Tue, 15 Mar 2011 14:25:55 +0100 Eystein Måløy Stenberg <eystein.stenb...@gmail.com> wrote:
EMS> When running as non-root, note that cf-serverd uses ~/.cfagent as EMS> its working directory. This means it does not share workdir with EMS> the rest of the Cfengine components. EMS> One thing you might want to consider in particular is the lastseen report. EMS> cf-serverd creates a dbm-database of incoming connections, which might EMS> not be shared with the other components. EMS> This would for example affect the hostssen() function: EMS> http://www.cfengine.org/manuals/cf3-reference.html#Function-hostsseen EMS> It would become less useful for the agent. Yes. It's a good design for some environments, absolutely. But I can't justify the risk in our environment. EMS> So it depends on your policy I guess, but you should expect to EMS> spend more time if you decide to run cf-serverd as non-root. EMS> Personally, I would think it's more effort than it's worth, but EMS> that's just me.. Unfortunately I can't do that due to IT policy, as you guessed. Instead for distribution we use Git over HTTPS, which is in some ways less powerful but fits our IT policy much better. Ted _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
