This is interesting. Server bundles do allow list iteration. Consider
this:
body common control {
bundlesequence => { "main", };
}
bundle agent main {
reports:
cfengine::
"Main agent bundle";
}
body server control {
port => "5309";
}
bundle server access {
vars:
"cls" slist => {
"192.168.9.1",
"192.168.9.2",
"192.168.9.3",
"192.168.9.4",
"192.168.9.5",
"192.168.9.6",
"192.168.9.7",
};
access:
"/var/cache/${cls}"
admit => { "${cls}" };
}
Now run
cf-serverd -Fvf ./server.cf
Interesting output:
cf3> BUNDLE access
cf3> *****************************************************************
cf3>
cf3>
cf3> =========================================================
cf3> access in bundle access (0)
cf3> =========================================================
cf3>
cf3> Summarize control promises
cf3> Granted access to paths :
cf3> Path: /var/cache/192.168.9.1 (encrypt=0)
cf3> Admit: 192.168.9.1 root=
cf3> Path: /var/cache/192.168.9.2 (encrypt=0)
cf3> Admit: 192.168.9.2 root=
cf3> Path: /var/cache/192.168.9.3 (encrypt=0)
cf3> Admit: 192.168.9.3 root=
cf3> Path: /var/cache/192.168.9.4 (encrypt=0)
cf3> Admit: 192.168.9.4 root=
cf3> Path: /var/cache/192.168.9.5 (encrypt=0)
cf3> Admit: 192.168.9.5 root=
cf3> Path: /var/cache/192.168.9.6 (encrypt=0)
cf3> Admit: 192.168.9.6 root=
cf3> Path: /var/cache/192.168.9.7 (encrypt=0)
cf3> Admit: 192.168.9.7 root=
--
Neil Watson
Linux/UNIX Consultant
http://watson-wilson.ca
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
