The reference manual states that classes are local to a bundle unless
defined in a common bundle. I just noticed some unexpected behaviour on
some hosts where a class defined in one bundle was seemingly active in
another bundle.
Heavily redacted bundle below..
bundle agent base {
files:
linux::
"/etc/ssh/sshd_config"
edit_line => append_if_no_lines("PermitRootLogin
without-password"),
classes => satisfied("restart_ssh");
commands:
restart_ssh::
"/sbin/service sshd reload",
contain => silent;
}
In a different bundle I also have a "restart_ssh" command section
however it executes "/sbin/service sshd restart" instead of reload. I
noticed I was getting sshd restart messages even though "restart_ssh" is
never defined as a class in that bundle. (never mind that the command is
supposed to be silent)
# grep -A3 restart_ssh xyz.cf
restart_ssh::
"/sbin/service sshd restart",
contain => silent;
xyz.cf contains a single bundle of type agent.
A verbose run of cf-agent shows:
cf3 .........................................................
cf3 Promise handle:
cf3 Promise made by: /sbin/service sshd restart
cf3 .........................................................
cf3
cf3 -> Executing '/sbin/service sshd restart'
...(timeout=-678,owner=-1,group=-1)
cf3 -> (Setting umask to 77)
cf3 -> Finished script - succeeded /sbin/service sshd restart
cf3 -> Completed execution of /sbin/service sshd restart
Unless I am missing something shouldn't the bundle boundary trump the
fact that a class has the same name in two different bundles?
Frans
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
