Forum: CFEngine Help
Subject: Re: CFEngine Help: Re: maintaining /etc/security/limits.conf with cf3
Author: milindk
Link to topic: https://cfengine.com/forum/read.php?3,24612,24641#msg-24641
Does this work ?
body common control
{
bundlesequence => { "configfiles" };
inputs => { "/var/cfengine/masterfiles/cfengine_stdlib.cf" };
version => "1.2.3";
}
bundle agent configfiles
{
vars:
# Files to edit
"files" string => "/tmp/limits.conf";
"limits[^\s*sybase\s*hard\s*memlock\s.*$]" string => "sybase hard
memlock 10000";
"limits[^\s*sybase\s*soft\s*memlock\s.*$]" string => "sybase soft
memlock unlimited";
methods:
"limits" usebundle => edit_limits;
}
bundle agent edit_limits
{
files:
"$(configfiles.files)"
comment => "Make sure sysctl.conf contains desired configuration settings",
create => "true",
edit_line => replace_or_add("configfiles.limits"),
classes => if_repaired("limits_modified");
}
bundle edit_line replace_or_add(v)
{
vars:
"pattern" slist => getindices("$(v)");
"cpattern[$(pattern)]" string => canonify("$(pattern)");
classes:
"${cpattern[$(pattern)]}_parameter_found" expression =>
regline("$(pattern)","$(configfiles.files)");
replace_patterns:
"$(pattern)"
replace_with => value("$($(v)[$(pattern)])"),
ifvarclass => "${cpattern[$(pattern)]}_parameter_found";
insert_lines:
"$($(v)[$(pattern)])"
location => before("# End of file"),
ifvarclass => "!${cpattern[$(pattern)]}_parameter_found";
reports:
parameter_found::
"${pattern}";
}
body location before(str)
{
before_after => "before";
select_line_matching => "$(str)";
}
It will replace the current setting if exists and add if does not exists
-----
# tail -2 /tmp/limits.conf
sybase hard memlock 65546
# End of file
# cf-agent -K -f ./n1.cf
# tail -3 /tmp/limits.conf
sybase hard memlock 10000
sybase soft memlock unlimited
# End of file
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
