You could try this :
bundle common acl_datas {
vars:
"listdirs" slist => lsdir(
"/var/cache/",
"[0-9]+.*", "false");
}
bundle server access_rules {
access:
"/var/cache/$(acls_data.listdirs)"
admit => { "$(acls_data.listdirs)" };
}
Nicolas CHARLES
On 14/06/2012 01:21, Neil Watson wrote:
> This is interesting. Server bundles do allow list iteration. Consider
> this:
>
> body common control {
>
> bundlesequence => { "main", };
>
> }
>
> bundle agent main {
>
> reports:
> cfengine::
> "Main agent bundle";
>
> }
>
> body server control {
>
> port => "5309";
> }
>
> bundle server access {
>
> vars:
>
> "cls" slist => {
> "192.168.9.1",
> "192.168.9.2",
> "192.168.9.3",
> "192.168.9.4",
> "192.168.9.5",
> "192.168.9.6",
> "192.168.9.7",
> };
>
> access:
>
> "/var/cache/${cls}"
> admit => { "${cls}" };
>
> }
>
> Now run
>
> cf-serverd -Fvf ./server.cf
>
> Interesting output:
>
> cf3> BUNDLE access
> cf3> *****************************************************************
> cf3>
> cf3>
> cf3> =========================================================
> cf3> access in bundle access (0)
> cf3> =========================================================
> cf3>
> cf3> Summarize control promises
> cf3> Granted access to paths :
> cf3> Path: /var/cache/192.168.9.1 (encrypt=0)
> cf3> Admit: 192.168.9.1 root=
> cf3> Path: /var/cache/192.168.9.2 (encrypt=0)
> cf3> Admit: 192.168.9.2 root=
> cf3> Path: /var/cache/192.168.9.3 (encrypt=0)
> cf3> Admit: 192.168.9.3 root=
> cf3> Path: /var/cache/192.168.9.4 (encrypt=0)
> cf3> Admit: 192.168.9.4 root=
> cf3> Path: /var/cache/192.168.9.5 (encrypt=0)
> cf3> Admit: 192.168.9.5 root=
> cf3> Path: /var/cache/192.168.9.6 (encrypt=0)
> cf3> Admit: 192.168.9.6 root=
> cf3> Path: /var/cache/192.168.9.7 (encrypt=0)
> cf3> Admit: 192.168.9.7 root=
>
_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine
