Cfengine2 files owner property
Hi There, I'm trying to use a cfengine2 files stanza to copy some authorized_keys files out to machines for a set of users. # id 323_access uid=40056(323_access) gid=100(users) groups=100(users) office_desktops:: $(masterfiles)/ssh_keys/323_access dest=/home/323_access/.ssh/authorized_keys mode=600 owner=323_access group=users type=checksum typecheck=off server=$(policyhost) However, this rule results in the file being owned by user id 323: -rw--- 1 323 users 2897 Dec 7 09:29 authorized_keys Any suggestions on how to make this right? Thanks, -Will ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: Unable to delete a directory
Forum: Cfengine Help
Subject: Re: Unable to delete a directory
Author: berntjernberg
Link to topic: https://cfengine.com/forum/read.php?3,18863,19654#msg-19654
Hi,
I got it working in 3.05p1 with:
bundle agent cleanup(dir)
{
files:
# Delete all files.
"$(dir)"
delete => tidy,
file_select => plain,
depth_search => recurse("inf");
# Delete all subdirectories.
"$(dir)"
delete => tidy,
file_select => dirs,
depth_search => recurse("inf");
# Delete parent.
"$(dir)"
delete => tidy;
}
Regards
/Bernt
___
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: Set class on file changes
Forum: Cfengine Help
Subject: Re: Set class on file changes
Author: Ferjama
Link to topic: https://cfengine.com/forum/read.php?3,19601,19655#msg-19655
Hi,
I’ve god a similar problem and tried the mentioned solution with "action" but
it didn't helped. I want to restart a daemon if the configuration changed. Here
is my old solution from cfe2:
copy:
$(masterfiles)/global/etc/ntp.conf dest=/etc/ntp.conf rec=inf
type=checksum server=$(cfe_server) define=ntpRestart
shellcommands:
ntpRestart::
"/etc/init.d/ntp restart"
But how does it have so look in cfe3? Dies doesn't work:
bundle agent ntp {
files:
Hr05.Min40_45::
"/etc/ntp.conf"
copy_from =>
remote_cp("$(g.cfe_server)","$(g.masterfiles)/global/etc/ntp.conf"),
action => "if_ntp_update";
}
body action if_ntp_update {
commands:
SuSE::
"/etc/init.d/ntp restart";
!SuSE::
"/etc/init.d/ntpd restart";
}
I hope somebody can help.
Best regards
Stephan
___
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: Set class on file changes
Forum: Cfengine Help
Subject: Re: Set class on file changes
Author: Seva Gluschenko
Link to topic: https://cfengine.com/forum/read.php?3,19601,19656#msg-19656
sometimes reading the reference manual is useful ;> Your code must be rewritten
like this:
bundle agent ntp {
files:
Hr05.Min40_45::
"/etc/ntp.conf"
copy_from =>
remote_cp("$(g.cfe_server)","$(g.masterfiles)/global/etc/ntp.conf"),
action => if_repaired("ntp_update");
commands:
ntp_update.SuSE::
"/etc/init.d/ntp restart";
ntp_update.!SuSE::
"/etc/init.d/ntpd restart";
}
body action if_repaired(x)
{
promise_repaired => { "$(x)" };
}
The body action if_repaired can be found in cfengine_stdlib.cf, btw.
___
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: Binaries for 3.1.1?
Forum: Cfengine Help Subject: Re: Binaries for 3.1.1? Author: matter Link to topic: https://cfengine.com/forum/read.php?3,19642,19657#msg-19657 I think a little blurb about that is new when the release is announced might be nice. ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: Binaries for 3.1.1?
Forum: Cfengine Help Subject: Re: Binaries for 3.1.1? Author: mark Link to topic: https://cfengine.com/forum/read.php?3,19642,19658#msg-19658 I think we always paste the change log into the release when we do it. Of course, no one is obliged to read it ;-) ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: simple edit_line
Forum: Cfengine Help
Subject: Re: simple edit_line
Author: bidwell
Link to topic: https://cfengine.com/forum/read.php?3,19617,19659#msg-19659
OK here is a simple promise that is wrong somewhere.
bundle agent editmyfiles
{
files:
any::
"/tmp/test"
edit_line => myreplace("line1","line3");
}
bundle edit_line myreplace(oldv,newv)
{
replace_patterns:
"$(oldv)"
replace_with => "$(newv)";
}
cf-promise -v -f ./test.cf (3.0.5.p1) gives
cf3 Undeclared promise body "$(newv)()" was referenced in a promise
___
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: simple edit_line
Forum: Cfengine Help
Subject: Re: simple edit_line
Author: neilhwatson
Link to topic: https://cfengine.com/forum/read.php?3,19617,19660#msg-19660
Replace_with should point to a body part not the string.
http://www.cfengine.org/manuals/cf3-reference.html#replace_005fpatterns-in-edit_005fline-promises
$ cf-promises -f ./bar.cf
$ cf-agent -IKf ./bar.cf
-> Edited file /tmp/test
$ cat /tmp/test
line3
line2
line3
line4
$ cat bar.cf
##
body common control {
bundlesequence => { "test" };
}
bundle common g {
classes:
"all" expression => "any";
}
bundle agent test {
files:
"/tmp/test"
edit_line => myreplace("line1","line3");
}
bundle edit_line myreplace(oldv,newv)
{
replace_patterns:
"$(oldv)"
replace_with => value("$(newv)");
}
# From stdlib
body replace_with value(x)
{
replace_value => "$(x)";
occurrences => "all";
}
___
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: simple edit_line
Forum: Cfengine Help Subject: Re: simple edit_line Author: Seva Gluschenko Link to topic: https://cfengine.com/forum/read.php?3,19617,19661#msg-19661 Yep, the one level down is required. Look for body replace_with With(x) in cfengine_stdlib.cf ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: Binaries for 3.1.1?
Forum: Cfengine Help Subject: Re: Binaries for 3.1.1? Author: matter Link to topic: https://cfengine.com/forum/read.php?3,19642,19662#msg-19662 How about that, right in front of me. If it was a snake, it would have bitten me. % head -7 ChangeLog 3.1.1 Memory leaks in server tracked down and fixed. List expansion bug (one list items not executed) fixed. Security issue introduced by change of runcommand shell policy fixed. If users defined a runcommand for cf-runagent/cf-serverd communication, possible to execute commands. cf-key -s command for showing key hash/IP address identity pairs Nevermind. ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: templating and need for action
Forum: Cfengine Help Subject: templating and need for action Author: bglomm Link to topic: https://cfengine.com/forum/read.php?3,19663,19663#msg-19663 Hi all, I finally understood the benefits of templating/variable expanding only to face a new question. I followed closely http://www.cfengine.org/manuals/cf3-solutions.html#Templating but I'm now experiencing the fact that the template get downloaded and expanded EACH time cf-agent is running. Logically that might make sense but I'm trying to use "if_repaired" in the calling methods section of the "test bundle" to determine if there is a class to be set to restart a corresponding service... so, since the template get always copied, always expanded, this class is always true consequently the service always restarted, even if the file doesn't need to be repaired :-( What am I missing? thnx for any hint Bernhard ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: templating and need for action
Forum: Cfengine Help Subject: Re: templating and need for action Author: neilhwatson Link to topic: https://cfengine.com/forum/read.php?3,19663,19664#msg-19664 Please show us a file download and edit promise that exhibits this behavior. I don't have any template promises at the moment but it seems that if the staging file is kept then there should be no download. Similarly edits are supposed to be done in memory and only committed if there is a change. ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: templating and need for action
Forum: Cfengine Help
Subject: Re: templating and need for action
Author: bglomm
Link to topic: https://cfengine.com/forum/read.php?3,19663,19665#msg-19665
thnx Neil,
here the three files I'm working with... all works fine except that on each run
the snmpd.conf gets repaired... even if is not necessary
the "top layer":
bundle agent sdk_snmpd_config {
vars:
any::
"snmp2cstring" string => "public";
"nmsaddr" string => "192.168.10.10/32";
inhouse::
"syslocstring" string => "home";
outhosuse::
"syslocstring" string => "outhouse location";
packages:
"snmpd"
comment => "make sure snmpd is installed",
package_policy => "add",
package_method => apt;
methods:
"any"
comment => "get the snmpd.conf template",
usebundle =>
get_template("/etc/snmp/snmpd.conf","400","root","root"),
classes => if_repaired("restart_snmpd");
commands:
restart_snmpd::
"/etc/init.d/snmpd restart",
comment => "restart snmpd after having reconfigured
snmpd.conf";
}
the get_template bundle:
bundle agent get_template(final_destination,mode,owner,group) {
vars:
"confmasterfiles" string => "$(update.masterfiles)/conf_files";
"this_template" string => lastnode("$(final_destination)","/");
files:
"$(final_destination).staging"
comment => "Get template and expand variables for this host",
perms => mog("400","root","root"),
copy_from =>
secure_cp("$(confmasterfiles)/$(this_template)","$(update.cfmaster)"),
action => if_elapsed("60");
"$(final_destination)"
comment => "Expand the template",
create => "true",
edit_line => expand_template("$(final_destination).staging"),
edit_defaults => empty,
perms => mog("$(mode)","$(owner)","$(group)"),
action => if_elapsed("60");
}
finally the template I'm working with
agentAddressudp:$(sys.ipv4):161
viewsystemonly included .1.3.6.1.2.1
rocommunity $(sdk_snmpd_config.snmp2cstring)
$(sdk_snmpd_config.nmsaddr) -V systemonly
sysLocation $(sdk_snmpd_config.syslocstring)
sysContact bglomm
sysServices 72
includeAllDisks 10%
load12 10 5
master agentx
and here the output of cf-agent -vIK:
cf3 Done checking packages and patches
cf3 ???
cf3 -> Package version was not specified
cf3 -> Looking for (snmpd,*,*)
cf3 -> Matched name snmpd
cf3 -> Matched version *
cf3 -> Looking for (snmpd,*,*)
cf3 -> Matched name snmpd
cf3 -> Matched version *
cf3 -> 1 package(s) matching the name "snmpd" already installed
cf3 -> 1 package(s) match the promise body's criteria fully
cf3 -> Package promises to refer to itself as "snmpd" to the manager
cf3 -> Package version seems to match criteria
cf3 -> Package already installed, so we never add it again
cf3
cf3=
cf3commands in bundle sdk_snmpd_config (1)
cf3=
cf3
cf3 Verifying SQL table promises is only available with Cfengine Nova or above
cf3
cf3 . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3 Skipping whole next promise (/etc/init.d/snmpd restart), as context
restart_snmpd is not relevant
cf3 . . . . . . . . . . . . . . . . . . . . . . . . . . . .
cf3
cf3=
cf3methods in bundle sdk_snmpd_config (1)
cf3=
cf3
cf3 Verifying SQL table promises is only available with Cfengine Nova or above
cf3
cf3 .
cf3 Promise handle:
cf3 Promise made by: any
cf3
cf3 Comment: snmpd.conf is a sensitive file so we keep full control about
it
cf3 .
cf3
cf3
cf3 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
cf3 BUNDLE get_template( {'/etc/snmp/snmpd.conf','400','root','root'} )
cf3 * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
cf3
cf3 ? Augment scope get_template with final_destination
cf3 ? Augment scope get_template with mode
cf3 ? Augment scope get_template with owner
cf3 ? Augment scope get_template with group
cf3
cf3=
cf3vars in bundle get_template (1)
cf3=
cf3 Verifying SQL table promises is only available with Cfengine Nova or above
cf3
cf3 + Private classes augmented:
cf3
cf3 - Private classes diminished:
cf3
cf3
cf3
cf3
Cfengine Help: Re: Finding "segfault at" error messages in syslog
Forum: Cfengine Help
Subject: Re: Finding "segfault at" error messages in syslog
Author: Sal
Link to topic: https://cfengine.com/forum/read.php?3,19645,19666#msg-19666
I found the problem. It seems that the task file was edited in masterfiles on
the policy server while the updates were happening and this var was saved
without exiting the file.
"svn_hosts" string => { "svnhost.*", "build03" };
This is what was eventually saved as the final/correct version but the damage
was done.
"svn_hosts" slist => { "svnhost.*", "build03" };
All the cfengine clients that downloaded the first version would segfault
during what appears to be the "Verifying the syntax of the inputs..." section
and never go any further so cfengine could not download the right version of
the file and fix itself.
I was under the impression that if incorrect syntax was detected that it would
just go to failsafe mode and hopefully check for newer versions of inputs files
and download those. Any ideas why it didn't behave that way?
___
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: templating and need for action
Forum: Cfengine Help Subject: Re: templating and need for action Author: neilhwatson Link to topic: https://cfengine.com/forum/read.php?3,19663,19667#msg-19667 I'm not certain about the classes call via methods. I do not know that does what we think it does. I would set the classes at the expansion promise. ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: templating and need for action
Forum: Cfengine Help Subject: Re: templating and need for action Author: neilhwatson Link to topic: https://cfengine.com/forum/read.php?3,19663,19668#msg-19668 Also, check your if_repaired body an ensure that it is doing what you think it should. ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: templating and need for action
Forum: Cfengine Help Subject: Re: templating and need for action Author: bglomm Link to topic: https://cfengine.com/forum/read.php?3,19663,19669#msg-19669 And thnx again Neil. Brilliant that's it. Works perfect and as generic as before... Now I just set a generic class with the expansion promise. What exact service shall be restarted can stay under control of the calling promise. Thnx also 4 being that quick! chapeau! Bernhard ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: templating and need for action
Forum: Cfengine Help Subject: Re: templating and need for action Author: neilhwatson Link to topic: https://cfengine.com/forum/read.php?3,19663,19670#msg-19670 "Because a method is just an encapsulation, there is a subtlety about how to interpret a successful method invocation. Before version 3.1.0, a method was considered repaired if executed (like commands), however this led to unnecessary logging of executions, even if not actual encapsulated promise was kept. In version 3.1.0 this has been changed so that a method promise is considered kept if the method is expanded. A method promise is thus never considered repaired. " http://www.cfengine.org/manuals/cf3-reference.html#methods-in-agent-promises ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: templating and need for action
Forum: Cfengine Help Subject: Re: templating and need for action Author: bglomm Link to topic: https://cfengine.com/forum/read.php?3,19663,19671#msg-19671 if_repaired etc. all comes from cfengine_stdlib.cf it was the methods/"set class" thing ... ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: Finding "segfault at" error messages in syslog
Forum: Cfengine Help Subject: Re: Finding "segfault at" error messages in syslog Author: bglomm Link to topic: https://cfengine.com/forum/read.php?3,19645,19672#msg-19672 Are you sure you have configured your failsafe/update promises all correct? Have you tried them? As long as I don't brake my update promises, that should (think of it as must) not depend on any other code but the update code itself it works for me as you expect. In my testbed it happens too that I don't do a proper cf-promise on the new/changed code. Than often it's failsafe that keeps it going smoothly. If the update depends on anything else than it is easy to brake it I think. bglomm ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
edit_lines convergence
Hello,
I have some troubles with edit_lines convergence:
#v+
body common control
{
bundlesequence => { "filetest" };
version => "0.0.3";
}
bundle agent filetest
{
vars:
"smtp" string => "smtp.example.net";
files:
"/tmp/main.cf"
create => "true",
edit_line => fix_smtp_host("$(smtp)"),
comment => "smpt_host must be $(smtp)";
reports:
SMTPHostFixed::
"I reload the SMTP server";
}
bundle edit_line fix_smtp_host(smtp)
{
replace_patterns:
any::
"^(smtp_host)\s+.*$" replace_with => value("$(match.1) $(smtp)"),
classes => if_ok("SMTPHostOK", "SMTPHostFixed"),
comment => "Replace smtp_host if any";
insert_lines:
"smtp_host $(smtp)",
classes => if_ok("SMTPHostOK", "SMTPHostFixed"),
comment => "Add smtp_host if none";
}
body replace_with value(v)
{
replace_value => "$(v)";
occurrences => "all";
}
body classes if_ok(notchanged, changed)
{
promise_kept => { "$(notchanged)" };
promise_repaired => { "$(changed)" };
}
#v-
Verbose output produce:
#v+
cf3 Promise handle:
cf3 Promise made by: ^(smtp_host)\s+.*$
cf3
cf3 Comment: Replace smtp_host if any
cf3 .
cf3
cf3 -> Looking at pattern ^(smtp_host)\s+.*$
cf3 -> Verifying replacement of "^(smtp_host)\s+.*$" with "smtp_host
smtp.example.net" (2)
cf3 -> Verifying replacement of "^(smtp_host)\s+.*$" with "smtp_host
smtp.example.net" (3)
[...]
cf3 -> Verifying replacement of "^(smtp_host)\s+.*$" with "smtp_host
smtp.example.net" (21)
cf3 !! Too many replacements on this line
cf3 -> Replaced pattern "^(smtp_host)\s+.*$" in /tmp/main.cf
cf3 ?> defining promise result class SMTPHostFixed
cf3 -> << (22)"smtp_host smtp.example.net"
cf3 -> >> (22)"smtp_host smtp.example.net"
cf3 -> Promised replacement "smtp_host smtp.example.net" for pattern
"^(smtp_host)\s+.*$" is not properly convergent while editing /tmp/main.cf
cf3 Because the regular expression "^(smtp_host)\s+.*$" still matches the
end-state replacement string "smtp_host smtp.example.net"
cf3 Promise (version 0.0.3) belongs to bundle 'fix_smtp_host' in file
'/home/dad/.cfagent/inputs/promises.cf' near line 31
cf3 Comment: Replace smtp_host if any
#v-
The pattern to replace must not match the replacement string, I think
that if I use delete_lines/insert_lines I will always reload my SMTP
server.
I want to
- insert the line if it's not defined
- replace previous setting with the new one
If I change the "smtp" variable, I end with two "smtp_host" lines in my
file.
Regards.
--
Daniel Dehennin
Récupérer ma clef GPG:
gpg --keyserver pgp.mit.edu --recv-keys 0x6A2540D1
pgplZV6yw19h2.pgp
Description: PGP signature
___
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
Re: edit_lines convergence
I believe the problem is this expression:
"^(smtp_host)\s+.*$" replace_with => value("$(match.1) $(smtp)"),
Because you use a .* after the whitespace, the regex will continue to match
after any replacement occurs.
Try using a negative lookahead assertion:
"^(smtp_host)\s+(?!$(smtp))$"
This will ensure the pattern only matches when smtp_host is *not* followed
by $(smtp), so after the first replacement occurs, the regex will no longer
match and will be convergent.
On Wed, Dec 8, 2010 at 9:13 AM, Daniel Dehennin <
daniel.dehen...@baby-gnu.org> wrote:
> Hello,
>
> I have some troubles with edit_lines convergence:
>
> #v+
> body common control
> {
>
>bundlesequence => { "filetest" };
>version => "0.0.3";
> }
>
> bundle agent filetest
> {
>
>vars:
>
>"smtp" string => "smtp.example.net";
>files:
>
>"/tmp/main.cf"
>create => "true",
>edit_line => fix_smtp_host("$(smtp)"),
>comment => "smpt_host must be $(smtp)";
>
>
>reports:
>SMTPHostFixed::
>"I reload the SMTP server";
> }
>
> bundle edit_line fix_smtp_host(smtp)
> {
>replace_patterns:
>any::
>"^(smtp_host)\s+.*$" replace_with => value("$(match.1)
> $(smtp)"),
>classes => if_ok("SMTPHostOK",
> "SMTPHostFixed"),
>comment => "Replace smtp_host if any";
>
>insert_lines:
>"smtp_host $(smtp)",
> classes => if_ok("SMTPHostOK", "SMTPHostFixed"),
> comment => "Add smtp_host if none";
> }
>
> body replace_with value(v)
> {
>replace_value => "$(v)";
>occurrences => "all";
> }
>
> body classes if_ok(notchanged, changed)
> {
>promise_kept => { "$(notchanged)" };
>promise_repaired => { "$(changed)" };
> }
> #v-
>
> Verbose output produce:
> #v+
> cf3 Promise handle:
> cf3 Promise made by: ^(smtp_host)\s+.*$
> cf3
> cf3 Comment: Replace smtp_host if any
> cf3 .
> cf3
> cf3 -> Looking at pattern ^(smtp_host)\s+.*$
> cf3 -> Verifying replacement of "^(smtp_host)\s+.*$" with "smtp_host
> smtp.example.net" (2)
> cf3 -> Verifying replacement of "^(smtp_host)\s+.*$" with "smtp_host
> smtp.example.net" (3)
> [...]
> cf3 -> Verifying replacement of "^(smtp_host)\s+.*$" with "smtp_host
> smtp.example.net" (21)
> cf3 !! Too many replacements on this line
> cf3 -> Replaced pattern "^(smtp_host)\s+.*$" in /tmp/main.cf
> cf3 ?> defining promise result class SMTPHostFixed
> cf3 -> << (22)"smtp_host smtp.example.net"
> cf3 -> >> (22)"smtp_host smtp.example.net"
> cf3 -> Promised replacement "smtp_host smtp.example.net" for pattern
> "^(smtp_host)\s+.*$" is not properly convergent while editing /tmp/main.cf
> cf3 Because the regular expression "^(smtp_host)\s+.*$" still matches the
> end-state replacement string "smtp_host smtp.example.net"
> cf3 Promise (version 0.0.3) belongs to bundle 'fix_smtp_host' in file
> '/home/dad/.cfagent/inputs/promises.cf' near line 31
> cf3 Comment: Replace smtp_host if any
> #v-
>
> The pattern to replace must not match the replacement string, I think
> that if I use delete_lines/insert_lines I will always reload my SMTP
> server.
>
> I want to
> - insert the line if it's not defined
> - replace previous setting with the new one
>
> If I change the "smtp" variable, I end with two "smtp_host" lines in my
> file.
>
> Regards.
> --
> Daniel Dehennin
> Récupérer ma clef GPG:
> gpg --keyserver pgp.mit.edu --recv-keys 0x6A2540D1
>
> ___
> Help-cfengine mailing list
> Help-cfengine@cfengine.org
> https://cfengine.org/mailman/listinfo/help-cfengine
>
>
___
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Re: Finding "segfault at" error messages in syslog
Forum: Cfengine Help Subject: Re: Finding "segfault at" error messages in syslog Author: Sal Link to topic: https://cfengine.com/forum/read.php?3,19645,19675#msg-19675 I have on more than one occasion had to rely on the failsafe to fix broken configs. Some of our new tasks are tested live, so to speak, by some of our sysads that have not gotten into the habit of running cf-promises before pushing the changes/additions. That's why I thought it was odd that I saw a segfault then nothing. I ran a manual run with cf-execd -F -K -v on one of the instances that was segfaulting to watch the output and I saw it get to that bundle then it segfaulted and exited. Never got past that so it couldn't get to the failsafe portion of the process. Correct me if I'm wrong but I believe that cf-execd verifies the syntax of the current local copy of the input files then starts the cf-agent failsafe and cf-agent standard run. It appeared that cf-execd was exiting before it could start the cf-agent failsafe run. ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Cfengine Help: Does anyone know how to make cfengine report from only one network interface?
Forum: Cfengine Help Subject: Does anyone know how to make cfengine report from only one network interface? Author: Sal Link to topic: https://cfengine.com/forum/read.php?3,19676,19676#msg-19676 We have several servers with multiple NIC's configured live. Cfengine will send out email from all NICs when reporting an error and the lastseen report shows the server reporting from all configured NICs. Is there a way to tell cfengine to only report from the primary interface, eth0 for example? ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
Re: Cfengine Help: Does anyone know how to make cfengine report from only one network interface?
Check out "bindtointerface" in the reference guide. 5.2.8 bindtointerface Type: string Allowed input range: .* Synopsis: Use this interface for outgoing connections Example: bindtointerface => "192.168.1.1"; Notes: On multi-homed hosts, the server and client can bind to a specific interface for server traffic. The IP address of the interface must be given as the argument, not the device name. On 12/7/10 7:23 PM, "no-re...@cfengine.com" wrote: > Forum: Cfengine Help > Subject: Does anyone know how to make cfengine report from only one network > interface? > Author: Sal > Link to topic: https://cfengine.com/forum/read.php?3,19676,19676#msg-19676 > > We have several servers with multiple NIC's configured live. Cfengine will > send out email from all NICs when reporting an error and the lastseen report > shows the server reporting from all configured NICs. Is there a way to tell > cfengine to only report from the primary interface, eth0 for example? > > ___ > Help-cfengine mailing list > Help-cfengine@cfengine.org > https://cfengine.org/mailman/listinfo/help-cfengine ___ Help-cfengine mailing list Help-cfengine@cfengine.org https://cfengine.org/mailman/listinfo/help-cfengine
