Forum: CFEngine Help
Subject: Re: maintaining /etc/security/limits.conf with cf3
Author: zzamboni
Link to topic: https://cfengine.com/forum/read.php?3,21465,24610#msg-24610
The code below works, if CFEngine is the only thing that touches the file,
because it needs to empty it every time.
The parameters are declared with underscores instead of spaces, and those
underscores are replaced by spaces during the edit operation.
It's not very elegant but it works.
body common control
{
inputs => { "cfengine_stdlib.cf" };
bundlesequence => { "main" };
}
bundle agent main
{
vars:
# Files to edit
"files" string => "/tmp/limits.conf";
# Sysctl variables to set
"limits" string => "378";
"limits" string => "768";
"limits[@group_soft_nproc]" string => "2047";
"limits[@group_hard_nproc]" string => "16384";
methods:
"limits" usebundle => edit_limits("main.limits");
}
bundle agent edit_limits(param)
{
vars:
"index" slist => getindices("$(param)");
files:
"$(main.files)"
create => "true",
edit_defaults => empty,
edit_line => set_config_values_remove_underscores("$(param)");
}
bundle edit_line set_config_values_remove_underscores(v)
{
vars:
"index" slist => getindices("$(v)");
# Be careful if the index string contains funny chars
"cindex[$(index)]" string => canonify("$(index)");
replace_patterns:
# If the line is there, maybe commented out, uncomment and replace with
# the correct value
"^\s*($(index)\s+(?!$($(v)[$(index)])).*|# ?$(index)\s+.*)$"
replace_with => value("$(index) $($(v)[$(index)])"),
classes => always("replace_attempted_$(cindex[$(index)])");
insert_lines:
"$(index) $($(v)[$(index)])"
ifvarclass => "replace_attempted_$(cindex[$(index)])",
classes => always("all_done_$(cindex[$(index)])");
replace_patterns:
"_"
replace_with => value(" "),
ifvarclass => "all_done_$(cindex[$(index)])";
}
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
