Yes it is corrected on a subsequent activation, but that mean that between two
activation my configuration is false, and I don't want that.
I have fix my trouble with "-m 666" mknod option, so that the device are
created directly with the right permission, but my question is to understand
the normal ordering and the 3 passes and why this doesn't work as I expected.
Output for this bundle (bundle have more action that what I have copied in my
post, but are not revelant for my "trouble"):
cf3> *****************************************************************
cf3> BUNDLE config_bind9
cf3> *****************************************************************
cf3>
cf3>
cf3> =========================================================
cf3> vars in bundle config_bind9 (1)
cf3> =========================================================
cf3>
cf3>
cf3> =========================================================
cf3> classes in bundle config_bind9 (1)
cf3> =========================================================
cf3>
cf3> Initiate variable convergence...
cf3>
cf3> + Private classes augmented:
cf3> + cdev_random
cf3> + cdev_null
cf3>
cf3> - Private classes diminished:
cf3>
cf3>
cf3>
cf3> =========================================================
cf3> files in bundle config_bind9 (1)
cf3> =========================================================
cf3>
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /etc/default/bind9
cf3>
cf3> Comment: Set bind9 options
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /etc/default/bind9
cf3> -> File "/etc/default/bind9" exists as promised
cf3> -> Handling file existence constraints on /etc/default/bind9
cf3> -> Build file model from a blank slate (emptying)
cf3> -> Handling file edits in edit_line bundle default_bind9
cf3>
cf3> * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
cf3> BUNDLE default_bind9( {'NO','bind','/DATA/chroot_named'} )
cf3> * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
cf3>
cf3> Initiate variable convergence...
cf3> ? Augment scope default_bind9 with resolvconf (s)
cf3> ? Augment scope default_bind9 with buser (s)
cf3> ? Augment scope default_bind9 with cdir (s)
cf3> ?? Private class context
cf3>
cf3>
cf3> = = = = = = = = = = = = = = = = = = = = = = = = = = = =
cf3> insert_lines in bundle default_bind9
cf3> = = = = = = = = = = = = = = = = = = = = = = = = = = = =
cf3>
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: #### This file is managed by cfengine, do not edit by
hands
cf3> .........................................................
cf3>
cf3> -> Inserting the promised line "#### This file is managed by cfengine, do
not edit by hands" into /etc/default/bind9 after locator
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: # run resolvconf?
cf3> .........................................................
cf3>
cf3> -> Inserting the promised line "# run resolvconf?" into
/etc/default/bind9 after locator
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: RESOLVCONF=NO
cf3> .........................................................
cf3>
cf3> -> Inserting the promised line "RESOLVCONF=NO" into /etc/default/bind9
after locator
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: # startup options for the server
cf3> .........................................................
cf3>
cf3> -> Inserting the promised line "# startup options for the server" into
/etc/default/bind9 after locator
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: OPTIONS="-u bind -t /DATA/chroot_named"
cf3> .........................................................
cf3>
cf3> -> Inserting the promised line "OPTIONS="-u bind -t /DATA/chroot_named""
into /etc/default/bind9 after locator
cf3> ?? Private class context
cf3>
cf3>
cf3> = = = = = = = = = = = = = = = = = = = = = = = = = = = =
cf3> insert_lines in bundle default_bind9
cf3> = = = = = = = = = = = = = = = = = = = = = = = = = = = =
cf3>
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: #### This file is managed by cfengine, do not edit by
hands
cf3> .........................................................
cf3>
cf3> -> This promise has already been verified
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: # run resolvconf?
cf3> .........................................................
cf3>
cf3> -> This promise has already been verified
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: RESOLVCONF=NO
cf3> .........................................................
cf3>
cf3> -> This promise has already been verified
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: # startup options for the server
cf3> .........................................................
cf3>
cf3> -> This promise has already been verified
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: OPTIONS="-u bind -t /DATA/chroot_named"
cf3> .........................................................
cf3>
cf3> -> This promise has already been verified
cf3> ?? Private class context
cf3>
cf3>
cf3> = = = = = = = = = = = = = = = = = = = = = = = = = = = =
cf3> insert_lines in bundle default_bind9
cf3> = = = = = = = = = = = = = = = = = = = = = = = = = = = =
cf3>
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: #### This file is managed by cfengine, do not edit by
hands
cf3> .........................................................
cf3>
cf3> -> This promise has already been verified
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: # run resolvconf?
cf3> .........................................................
cf3>
cf3> -> This promise has already been verified
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: RESOLVCONF=NO
cf3> .........................................................
cf3>
cf3> -> This promise has already been verified
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: # startup options for the server
cf3> .........................................................
cf3>
cf3> -> This promise has already been verified
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: OPTIONS="-u bind -t /DATA/chroot_named"
cf3> .........................................................
cf3>
cf3> -> This promise has already been verified
cf3> -> No edit changes to file /etc/default/bind9 need saving
cf3> -> Handling file existence constraints on /etc/default/bind9
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/.
cf3> -> File "/DATA/chroot_named/." exists as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named
cf3> -> File permissions on /DATA/chroot_named as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named
cf3> -> File permissions on /DATA/chroot_named as promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/dev/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/dev/.
cf3> -> File "/DATA/chroot_named/dev/." exists as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/dev
cf3> -> File permissions on /DATA/chroot_named/dev as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/dev
cf3> -> File permissions on /DATA/chroot_named/dev as promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/etc/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/etc/.
cf3> -> File "/DATA/chroot_named/etc/." exists as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/etc
cf3> -> File permissions on /DATA/chroot_named/etc as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/etc
cf3> -> File permissions on /DATA/chroot_named/etc as promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/etc/bind/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/etc/bind/.
cf3> -> File "/DATA/chroot_named/etc/bind/." exists as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/etc/bind
cf3> -> File permissions on /DATA/chroot_named/etc/bind as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/etc/bind
cf3> -> File permissions on /DATA/chroot_named/etc/bind as promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/etc/bind/zones/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/etc/bind/zones/.
cf3> -> File "/DATA/chroot_named/etc/bind/zones/." exists as promised
cf3> -> Handling file existence constraints on
/DATA/chroot_named/etc/bind/zones
cf3> -> File permissions on /DATA/chroot_named/etc/bind/zones as promised
cf3> -> Handling file existence constraints on
/DATA/chroot_named/etc/bind/zones
cf3> -> File permissions on /DATA/chroot_named/etc/bind/zones as promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/etc/bind/zones/primary/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/etc/bind/zones/primary/.
cf3> -> File "/DATA/chroot_named/etc/bind/zones/primary/." exists as promised
cf3> -> Handling file existence constraints on
/DATA/chroot_named/etc/bind/zones/primary
cf3> -> File permissions on /DATA/chroot_named/etc/bind/zones/primary as
promised
cf3> -> Handling file existence constraints on
/DATA/chroot_named/etc/bind/zones/primary
cf3> -> File permissions on /DATA/chroot_named/etc/bind/zones/primary as
promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/var/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/var/.
cf3> -> File "/DATA/chroot_named/var/." exists as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/var
cf3> -> File permissions on /DATA/chroot_named/var as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/var
cf3> -> File permissions on /DATA/chroot_named/var as promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/var/cache/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/var/cache/.
cf3> -> File "/DATA/chroot_named/var/cache/." exists as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/var/cache
cf3> -> File permissions on /DATA/chroot_named/var/cache as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/var/cache
cf3> -> File permissions on /DATA/chroot_named/var/cache as promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/var/cache/bind/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/var/cache/bind/.
cf3> -> File "/DATA/chroot_named/var/cache/bind/." exists as promised
cf3> -> Handling file existence constraints on
/DATA/chroot_named/var/cache/bind
cf3> -> File permissions on /DATA/chroot_named/var/cache/bind as promised
cf3> -> Handling file existence constraints on
/DATA/chroot_named/var/cache/bind
cf3> -> File permissions on /DATA/chroot_named/var/cache/bind as promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/var/cache/bind/slave/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/var/cache/bind/slave/.
cf3> -> File "/DATA/chroot_named/var/cache/bind/slave/." exists as promised
cf3> -> Handling file existence constraints on
/DATA/chroot_named/var/cache/bind/slave
cf3> -> File permissions on /DATA/chroot_named/var/cache/bind/slave as promised
cf3> -> Handling file existence constraints on
/DATA/chroot_named/var/cache/bind/slave
cf3> -> File permissions on /DATA/chroot_named/var/cache/bind/slave as promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/var/log/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/var/log/.
cf3> -> File "/DATA/chroot_named/var/log/." exists as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/var/log
cf3> -> File permissions on /DATA/chroot_named/var/log as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/var/log
cf3> -> File permissions on /DATA/chroot_named/var/log as promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/var/run/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/var/run/.
cf3> -> File "/DATA/chroot_named/var/run/." exists as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/var/run
cf3> -> File permissions on /DATA/chroot_named/var/run as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/var/run
cf3> -> File permissions on /DATA/chroot_named/var/run as promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/var/run/named/.
cf3>
cf3> Comment: Make sure chroot dir exist
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/var/run/named/.
cf3> -> File "/DATA/chroot_named/var/run/named/." exists as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/var/run/named
cf3> -> File permissions on /DATA/chroot_named/var/run/named as promised
cf3> -> Handling file existence constraints on /DATA/chroot_named/var/run/named
cf3> -> File permissions on /DATA/chroot_named/var/run/named as promised
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/dev/null
cf3>
cf3> Comment: Fix null device permission
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/dev/null
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /DATA/chroot_named/dev/random
cf3>
cf3> Comment: Fix random device permission
cf3> .........................................................
cf3>
cf3> -> Using literal pathtype for /DATA/chroot_named/dev/random
cf3>
cf3> =========================================================
cf3> commands in bundle config_bind9 (1)
cf3> =========================================================
cf3>
cf3> -> Promiser string contains a valid executable (/bin/mknod) - ok
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /bin/mknod /DATA/chroot_named/dev/null c 1 3 -m 666
cf3> .........................................................
cf3>
cf3> -> Executing '/bin/mknod /DATA/chroot_named/dev/null c 1 3 -m 666'
...(timeout=-678,owner=-1,group=-1)
cf3> -> (Setting umask to 77)
cf3> -> Finished command related to promiser "/bin/mknod
/DATA/chroot_named/dev/null c 1 3 -m 666" -- succeeded
cf3> ?> defining promise result class cbind9_devs_null_repaired
cf3> -> Completed execution of /bin/mknod /DATA/chroot_named/dev/null c 1 3 -m
666
cf3> -> Promiser string contains a valid executable (/bin/mknod) - ok
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: /bin/mknod /DATA/chroot_named/dev/random c 1 8 -m 666
cf3> .........................................................
cf3>
cf3> -> Executing '/bin/mknod /DATA/chroot_named/dev/random c 1 8 -m 666'
...(timeout=-678,owner=-1,group=-1)
cf3> -> (Setting umask to 77)
cf3> -> Finished command related to promiser "/bin/mknod
/DATA/chroot_named/dev/random c 1 8 -m 666" -- succeeded
cf3> ?> defining promise result class cbind9_devs_random_repaired
cf3> -> Completed execution of /bin/mknod /DATA/chroot_named/dev/random c 1 8
-m 666
cf3>
cf3> =========================================================
cf3> reports in bundle config_bind9 (1)
cf3> =========================================================
cf3>
cf3>
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3> Skipping whole next promise (File /etc/default/bind9 have been repaired),
as context file_default_bind9_repaired is not relevant
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3>
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3> Skipping whole next promise (Directory /DATA/chroot_named have been
repaired), as context cbind9_repaired is not relevant
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3>
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3> Skipping whole next promise (Bind9 chroot environement directory
repaired), as context env_cbind9_repaired is not relevant
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: Bind9 chroot device null repaired
cf3> .........................................................
cf3>
cf3> Report: Bind9 chroot device null repaired
cf3> R: Bind9 chroot device null repaired
cf3>
cf3> .........................................................
cf3> Promise handle:
cf3> Promise made by: Bind9 chroot device random repaired
cf3> .........................................................
cf3>
cf3> Report: Bind9 chroot device random repaired
cf3> R: Bind9 chroot device random repaired
cf3>
cf3> =========================================================
cf3> vars in bundle config_bind9 (2)
cf3> =========================================================
cf3>
cf3>
cf3> =========================================================
cf3> classes in bundle config_bind9 (2)
cf3> =========================================================
cf3>
cf3> Initiate variable convergence...
cf3>
cf3> + Private classes augmented:
cf3> + cdev_random
cf3> + cdev_null
cf3>
cf3> - Private classes diminished:
cf3>
cf3>
cf3>
cf3> =========================================================
cf3> files in bundle config_bind9 (2)
cf3> =========================================================
cf3>
cf3>
cf3> =========================================================
cf3> commands in bundle config_bind9 (2)
cf3> =========================================================
cf3>
cf3>
cf3> =========================================================
cf3> reports in bundle config_bind9 (2)
cf3> =========================================================
cf3>
cf3>
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3> Skipping whole next promise (File /etc/default/bind9 have been repaired),
as context file_default_bind9_repaired is not relevant
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3>
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3> Skipping whole next promise (Directory /DATA/chroot_named have been
repaired), as context cbind9_repaired is not relevant
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3>
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3> Skipping whole next promise (Bind9 chroot environement directory
repaired), as context env_cbind9_repaired is not relevant
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3>
cf3> =========================================================
cf3> vars in bundle config_bind9 (3)
cf3> =========================================================
cf3>
cf3>
cf3> =========================================================
cf3> classes in bundle config_bind9 (3)
cf3> =========================================================
cf3>
cf3> Initiate variable convergence...
cf3>
cf3> + Private classes augmented:
cf3> + cdev_random
cf3> + cdev_null
cf3>
cf3> - Private classes diminished:
cf3>
cf3>
cf3>
cf3> =========================================================
cf3> files in bundle config_bind9 (3)
cf3> =========================================================
cf3>
cf3>
cf3> =========================================================
cf3> commands in bundle config_bind9 (3)
cf3> =========================================================
cf3>
cf3>
cf3> =========================================================
cf3> reports in bundle config_bind9 (3)
cf3> =========================================================
cf3>
cf3>
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3> Skipping whole next promise (File /etc/default/bind9 have been repaired),
as context file_default_bind9_repaired is not relevant
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3>
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3> Skipping whole next promise (Directory /DATA/chroot_named have been
repaired), as context cbind9_repaired is not relevant
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3>
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3> Skipping whole next promise (Bind9 chroot environement directory
repaired), as context env_cbind9_repaired is not relevant
cf3> . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3> Outcome of version STH ns3 Promises.cf 1.0.0 (agent-0): Promises observed
to be kept 92%, Promises repaired 8%, Promises not repaired 0%
cf3> -> Checked 22 objects with 75 promises, efficiency 22.68
cf3> -> No lock purging scheduled
_________________________________________________________________________________________________________________________
Ce message et ses pieces jointes peuvent contenir des informations
confidentielles ou privilegiees et ne doivent donc
pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce
message par erreur, veuillez le signaler
a l'expediteur et le detruire ainsi que les pieces jointes. Les messages
electroniques etant susceptibles d'alteration,
France Telecom - Orange decline toute responsabilite si ce message a ete
altere, deforme ou falsifie. Merci.
This message and its attachments may contain confidential or privileged
information that may be protected by law;
they should not be distributed, used or copied without authorisation.
If you have received this email in error, please notify the sender and delete
this message and its attachments.
As emails may be altered, France Telecom - Orange is not liable for messages
that have been modified, changed or falsified.
Thank you.
_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
