Hi Aleksey,
You are right.
If you look in cfengine_stdlib.cf, you would see
---
body changes detect_all_change
# This is fierce, and will cost disk cycles
{
hash => "best";
report_changes => "all";
update_hashes => "yes";
}
---
Consider using the detect_content body for a cheaper but less secure
alternative.
--
Regards,
Eystein
On Thu, May 12, 2011 at 10:00 PM, Aleksey Tsalolikhin
<atsaloli.t...@gmail.com> wrote:
> Is it just me, or did Cfengine 3 used to use md5 databases for change
> detection? now I see both md5 and sha1 are used. why is that?
> (doesn't that double the cost of change detection?)
>
>
> bundle agent example
>
> {
> files:
>
> "/etc"
>
> changes => detect_all_change,
> depth_search => recurse("inf");
> }
>
>
>
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> ALERT: Hash (md5) for /etc/date.txt changed!
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> -> Updating hash for /etc/date.txt to MD5=5e3e868b8f7f69bf2ffb651bf11b4f65
> I: Made in version 'not specified' of
> './00132_Security__detect_changes_in_etc.cf' near line 17
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> ALERT: Hash (sha1) for /etc/date.txt changed!
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> -> Updating hash for /etc/date.txt to
> SHA=62f811f53d0547827b625397ba46f963eddb1efe
> I: Made in version 'not specified' of
> './00132_Security__detect_changes_in_etc.cf' near line 17
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> ALERT: Last modified time for /etc/date.txt changed Thu May 12
> 21:49:23 2011 -> Thu May 12 21:58:20 2011
> !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@cfengine.org
> https://cfengine.org/mailman/listinfo/help-cfengine
>
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
