Forum: CFEngine Help
Subject: Re: /etc/resolv.conf: if updating, backup first
Author: matt_garman
Link to topic: https://cfengine.com/forum/read.php?3,23954,23956#msg-23956
neilhwatson Wrote:
-------------------------------------------------------
> I'm skeptical of your claim that the first bundle
> in your post always edits. I would expect the
> agent to build in the file in memory and write to
> disk only if there is a change. Also, see
> edit_backup in the reference.
First, the edit_backup was the elegant solution I was looking for. Thanks!
Now: I actually created my own resolvconf() bundle that is a tweaked version of
what stdlib provides. However, the bundle usually edits my resolv.conf file.
But so far, I haven't determined what triggers the edit; sometimes it edits and
sometimes it doesn't.
Here's the full contents of "resolv.cf":
body common control
{
inputs => { "cfengine_stdlib.cf" };
version => "1.0";
bundlesequence => { "resolv" };
}
body edit_defaults timestamp
{
edit_backup => "timestamp";
max_file_size => "inf";
}
# modified resolvconf() from cfengine_stdlib.cf
# - search is the search domains with space
# - nameservers is an slist of nameserver addresses
# - commented is an slist of nameserver addresses that will be
# inserted as a comment
bundle edit_line my_resolvconf(search, nameservers, commented)
{
delete_lines:
"search.*" comment => "Reset search lines from resolver";
"nameserver.*" comment => "Reset nameservers in resolver";
insert_lines:
"search $(search)"
comment => "Add search domains to resolver",
location => start;
"nameserver $(nameservers)"
comment => "Add name servers to resolver";
"#nameserver $(commented)"
comment => "Add commented name servers to resolver";
}
bundle agent resolv
{
vars:
"search" string => "mydomain.com";
"nameservers" slist => { "192.168.184.7", "192.168.187.103" };
"commented" slist => { "192.168.185.220", "4.2.2.1" };
files:
"${sys.resolv}" -> "Some Stakeholder"
comment => "Make sure file ${sys.resolv} is correct",
edit_line => my_resolvconf("${search}", "${nameservers}",
"${commented}"),
edit_defaults => timestamp;
}
So, here is the initial state of my /etc/resolv.conf:
# date ; ls -lah /etc/resolv.conf* ; cat /etc/resolv.conf
Tue Nov 15 14:52:23 CST 2011
-rw-r--r-- 1 root root 120 Nov 15 14:28 /etc/resolv.conf
search mydomain.com
#nameserver 192.168.185.220
#nameserver 4.2.2.1
nameserver 192.168.184.7
nameserver 192.168.187.103
In other words, it is exactly as I want it. But if I do a "cf-agent -f
./resolv.cf":
# date ; ls -lah /etc/resolv.conf* ; cat /etc/resolv.conf
Tue Nov 15 14:54:03 CST 2011
-rw-r--r-- 1 root root 120 Nov 15 14:53 /etc/resolv.conf
-rw-r--r-- 1 root root 93 Nov 15 14:53
/etc/resolv.conf_1321390422_Tue_Nov_15_14_53_43_2011.cf-before-edit
search mydomain.com
#nameserver 192.168.185.220
#nameserver 4.2.2.1
nameserver 192.168.184.7
nameserver 192.168.187.103
Now if I diff those files:
# diff /etc/resolv.conf
/etc/resolv.conf_1321390422_Tue_Nov_15_14_53_43_2011.cf-before-edit
5d4
< nameserver 192.168.187.103
If I run "cf-agent -f ./resolv.conf" right away, it stays exactly as it is
above. But if I wait a while, it will edit the file again (and create another
backup). Looks like the wait is about three and a half minutes:
# date ; cf-agent -f ./resolv.cf ; ls -lah /etc/resolv.conf*
Tue Nov 15 14:57:14 CST 2011
-rw-r--r-- 1 root root 120 Nov 15 14:57 /etc/resolv.conf
-rw-r--r-- 1 root root 93 Nov 15 14:53
/etc/resolv.conf_1321390422_Tue_Nov_15_14_53_43_2011.cf-before-edit
-rw-r--r-- 1 root root 93 Nov 15 14:57
/etc/resolv.conf_1321390634_Tue_Nov_15_14_57_15_2011.cf-before-edit
# date ; cf-agent -f ./resolv.cf ; ls -lah /etc/resolv.conf*
Tue Nov 15 14:57:14 CST 2011
-rw-r--r-- 1 root root 120 Nov 15 14:57 /etc/resolv.conf
-rw-r--r-- 1 root root 93 Nov 15 14:53
/etc/resolv.conf_1321390422_Tue_Nov_15_14_53_43_2011.cf-before-edit
-rw-r--r-- 1 root root 93 Nov 15 14:57
/etc/resolv.conf_1321390634_Tue_Nov_15_14_57_15_2011.cf-before-edit
-rw-r--r-- 1 root root 93 Nov 15 15:00
/etc/resolv.conf_1321390838_Tue_Nov_15_15_00_39_2011.cf-before-edit
I get this behavior from running cf-agent in a tight loop, with a sleep, ala:
while [ 1 ] ; do echo -e "\n\n\n--------" ; date ; cf-agent -f ./resolv.cf ; ls
-lah /etc/resolv.conf* ; sleep 10s ; done
So it definitely edits when it doesn't need to. I'm assuming the problem is on
my side---hoping the CFE community can point out what I'm doing wrong!
Thanks again,
Matt
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
