hanks for the quick response.
>
> What is your thoughts on this "purge" option? Assuming I'm running the latest
> (3.1.2), should I leave it enabled? This setting sounds like a good thing to
> keep things clean and tidy. right?
>
> Thanks again,
>
> Tom
&g
Was that because you have purge => "true" in your copy_from body?
http://www.cfengine.org/manuals/cf3-reference.html#copy_005ffrom-in-files
For the Transmission refused problem, I strongly suggested to upgrade to the
latest version.
Cheers,
--Nakarin
On Dec 21, 2010, at 12:54 AM, Tom Tucker wro
It works fine for me. Here what I did.
body common control
{
bundlesequence => { "test" };
inputs => { "/var/cfengine/inputs/cfengine_stdlib.cf" };
}
bundle agent test
{
files:
"/tmp/sshd_config"
edit_line => uncomment_lines_containing("PermitRootLogin.*","#");
}
r...@testmachine:/tmp#
Gently add trustkey => "true"; to your copy_from body then try again.
body copy_from my_copy_body_with_options
{
# .. other settings ..
trustkey => "true";
}
Cheers,
--Nakarin
On Sep 20, 2010, at 4:20 AM, Francisco Reyes wrote:
> Trying to get my first test setup going using the tutorial at
> h
Or you might break everything to specific aspects rather than a
feature comparison such as; simplicity, performance, scalability,
reliability, usability, user base or even community support.
For simplicity, I might say Puppet is easier to understand at first
and a learning curve of Cfengine c
I guess, library.cf might be an earlier version of cfengine_stdlib.cf.
From the error messages, you might want to rename/delete the
duplicate bodies in library.cf
Cheers,
--Nakarin
On Sep 16, 2010, at 2:12 AM, Aleksey Tsalolikhin wrote:
> Hi. So I've installed 3.0.5p1, and copied the follo
Where are you located? I'm in NY, using a free Wifi at Times square
right now. It took me only 2 seconds to login. ^^"
Cheers,
--Nakarin
On Sep 16, 2010, at 12:53 AM, Aleksey Tsalolikhin wrote:
>
> ___
> Help-cfengine mailing list
> Help-cfengine@cfe
You might probably do something like the following;
files:
"/var/test0/test1"
changes => tripwire,
commands:
checksum_alerts::
"/var/cfengine/bin/cf-runagent -H192.168.1.1"
classes => cancel_checksum_alerts;
...
bod
I have seen this behaviour sometimes on Solaris. It might be worth to add
exec_timeout to the promise.
bundle agent remote_promises
{
commands:
CF_RA_ADMIN::
"/usr/bin/date"
contain => timeout_after_a_min;
}
body contain timeout_after_a_min {
exec_timeout => "60";
}
Cheers,
--N
On Jul 15, 2010, at 10:23 PM, no-re...@cfengine.com wrote:
> cf3 Could not bind server address
> cf3 !!! System error for bind: "Address already in use"
> cf3 Could not bind server address
> cf3 !!! System error for bind: "Address already in use"
> cf3 Couldn't open bind an open socket
You nee
IMHO, it should work. To expand 'host_list', you might need to create a small
test bundle like the following;
bundle agent test
{
vars:
"ls_1"string => execresult("/bin/ls -1
/srv/cfengine-masterfiles/stage/datafiles/","noshell");
"host_list" slist=> splitstring("$(ls_1)","\s"
I got an error on 3.0.4p2, but it seemed fine when I upgraded to 3.0.5a2.
Cheers,
--Nakarin
On Jun 7, 2010, at 2:23 PM, Mark Burgess wrote:
>
> I don't get any errors if I write:
>
> package_list_update_ifelapsed => "240"; # 4 hours
>
> Check that there is no binary weirdness in
In which situation would you like to do something like you mentioned? Could you
describe more for the scenario? There might be another way to get to the same
goal.
Cheers,
--Nakarin
On Jun 4, 2010, at 1:06 PM, Vasiliy G Tolstov wrote:
> is there are any plans to add support to append value to
quot;;
}
Cheers,
--Nakarin
On Jun 4, 2010, at 9:38 AM, Seva Gluschenko wrote:
> Nakarin,
>
> this way you can only define timed rotation (by means of action =>
> if_elapsed or by classes), but not size-based rotation. To define
> size-based rotation, I use file_select, but
Do we really need to include depth_search to rotate a file?
file:
"/var/cfengine/promise.log"
rename => rotate("3");
Cheers,
--Nakarin
On Jun 4, 2010, at 8:46 AM, Seva Gluschenko wrote:
> Hello folks,
>
> When I wrote a promise to rotate /var/cfengine/promise.log (BTW, why
> Cfengine
Alternatively, I would use a built-in function fileexists() to check there is a
directory or not then execute commands.
classes:
"dir_exists" expression => fileexists("some/directory");
"no_dir"not => fileexists("some/directory");
commands:
dir_exists::
"command_1";
no_dir::
You should check for cfengine version as this built-in function was available
since 3.0.4 regarding this link;
http://www.cfengine.org/manuals/cf3-reference.html#Function-getenv
Cheers,
--Nakarin
On Jun 1, 2010, at 1:53 PM, Vasiliy G Tolstov wrote:
> I'm try to run some bundles, that use getenv
It should look like this example; I've got "cf2_if_else" body from
'cfengine_stdlib.cf'
files:
linux::
"/etc/config.cong"
comment => "...",
perms => mog("440","root","root"),
copy_from => secure_cp("/cfroot/etc/config.conf","$(master)"),
classes => cf2_if_e
I would follow to the first approach, getting to the forth column of the match
lines then appending users from lists, like the following.
body common control
{
bundlesequence => { "def","test" };
}
bundle common def
{
vars:
aix::
"groups" slist => { "unix","dba","support" };
"grp
Global variables can be access by writing $(bundle.variable). Please try;
body copy_from secopy(from)
{
source => "$(globals.sourcebase)/$(from)";
servers => { @(globals.servers) };
compare => "digest";
encrypt => "true";
trustkey=> "true";
}
Cheers,
--Nakarin
Also we can use function classify() to transform the fq hostname to canonical
form. :-)
"policy_hosts" expression => classify("cfengine.domain.com"),
handle => "global_classes";
"policy_hosts" or => {classify("cfengine.domain.com")},
handle => "global_clas
ut functions.
>
> Thank you, Jakub V.
>
> ---- Original Message
> Subject: Re: simple return array from other "code"
> Date: Mon, 26 Apr 2010 08:03:55 +0200
> From: Jakub Viták
> To: Nakarin Phooripoom
>
>
> Hello
Please make sure that the domain variable is set in the configuration files
read by both client and server; alternatively use 'skipidentify' and
'skipverify' to decouple DNS from the authentication.
skipidentify
http://www.cfengine.org/manuals/cf3-reference.html#skipidentify-in-agent
skipverify
cf-twin is exactly cf-agent. If your exec_command looks like
exec_command => "$(sys.cf_twin) -f failsafe.cf && $(sys.cf_agent)
You might need to copy cf-agent to become cf-twin.
# cp /var/cfengine/bin/cf-agent /var/cfengine/bin/cf-twin
Otherwise, just kindly change exec_command to
exec_comm
You could get a string from a shell command by execresult() then split the
string up to an slist by splitstring()
##
vars:
"result" string => execresult("/bin/ls /","noshell");
"split" slist => splitstring("$(result)"," ","100");
reports:
Yr2010::
"Found: $(split)";
##
Did you tell cfengine to use that env variable?
body agent control
{
freebsd::
environment => { "PKG_PATH=/tmp/packages/All" };
}
or you should possibly use 'package_file_repositories' in the body
package_method.
Cheers,
--Nakarin
On Apr 21, 2010, at 11:28 AM, Сева Глущенко wrote:
> Hello
I think this bug has been fixed on the svn, (3.0.4p2). Please correct me If I
misunderstood.
Cheers,
--Nakarin
On Apr 2, 2010, at 12:53 PM, Nicolas Charles wrote:
> Hi guys,
>
> I've got the same issue on a Debian 5, using Nova 1.1.0
>
> Apr 2 12:52:24 debian-5-32 cf-execd[1102]: Couldn't r
The culprit might be body classes satisfied as sshd_ready would be defined
every time cfegnine runs. The body should look like the following to restart
sshd when there is something changed. (promise_repaired not promise_kept)
body classes satisfied(x)
{
promise_repaired => { "$(x)" };
}
Cheers
IMO; it should work. Anyway I haven't tried to remove a specific folder by a
promiser yet. What I did was to pass a slist to remove multiple directories at
once so the following would work for you.
# inputs => { "cfengine_stdlib.cf" };
bundle agent rmdirtest {
files:
"/tmp"
Did you run cf-agent with -K? if_elapsed works fine for me.
cf3>=
cf3>commands in bundle test (1)
cf3>=
cf3>
cf3> -> Promiser string contains a valid executable (/tmp/backu
It could be wherever you'd like either in check-file-perms.cf or library.cf
Cheers,
--Nakarin
On Mar 22, 2010, at 9:40 AM, daniel parkes wrote:
> I'm using the first solution, but I'm getting and error with the always
> clause:
>
> No such FnCall "always()" in promise @ /var/cfengine/git/check
It didn't match because you declared one with no argument, but tried to use it
with an argument. It was different indeed. You should either redeclare the body
or change the way you use it in the bundle agent test.
# alternative 1
body depth_search recurse(x)
{
depth => "$(x)";
}
or
# alternat
Please ignore.
On Mar 18, 2010, at 6:02 PM, fo...@cfengine.com wrote:
> Forum: Cfengine Help (Mailing list)
> Subject: mailing list test
> Author: isaac
> Link to topic: https://cfengine.com/forum/read.php?3,16556,16556#msg-16556
>
> Please disregard.
>
> ___
Is this what you would like to have?
# add access_rule() to cf-serverd config on the policy_server
bundle server access_rules()
{
access:
"/usr/local/etc"
handle => "grant_access_etcfiles",
comment => "Grant access to etc configurations",
admit => { "192.168.200.2" }; # my cl
Simply add backslash (\) right in front of the inner quotation marks.
"snmp2" string => "access example \"\" usm auth exact all none none";
Cheers,
--Nakarin
On Mar 15, 2010, at 10:47 AM, Patrick de Ruiter wrote:
> Hi Guys,
>
> I'm currently strugling with the problem of escaping double quo
Did you try to add a line /home/nwatson/cfengine/lib to /etc/ld.so.conf, run
/sbin/ldconfig and re-configure?
--Nakarin
On Mar 8, 2010, at 3:53 PM, nwat...@symcor.com wrote:
> Yeah, it's a copy and paste typo.
> configure:17173: checking for BerkeleyDB location in
> /home/nwatson/cfengine
> co
On Mar 8, 2010, at 3:29 PM, nwat...@symcor.com wrote:
> New information. When checking config.log I see:
> configure:17173: checking for BerkeleyDB location in
> /home/nwatson/cfengine
> configure:17343: result: /home/nwatson/cfengine
> configure:17401: checking Berkeley DB API
> configure:1744
It seems like the configure script could not find db header files. A good one
should look like;
checking for BerkeleyDB location in /var/cfengine.community...
/var/cfengine.community
checking Berkeley DB API... 4.8.24 OK
checking for db_create in -ldb... yes
You might need to do ldconfig or pos
You need to give a path to the cf-agent (cfruncommand) inside body server
control.
cfruncommand => "/var/cfengine/bin/cf-agent";
http://www.cfengine.org/manuals/cf3-reference.html#cfruncommand-in-server
Cheers,
--Nakarin
On Mar 1, 2010, at 2:59 PM, Seifert, Christian wrote:
> That ist my cf-s
You should add a shared point, either folders or files, to server access_rules.
bundle server access_rules {
access:
"/srv/cf-serverd"
admit => { "172\.24\..*" };
"/jawoll"
admit => { "172\.24\..*" }
}
Cheers,
--Nakarin
On Feb 26, 2010, at 11:38 AM, Seifert
Which distro are you running? For me, a debug flag didn't be stripped on my
RedHat 4.
Cheers,
--Nakarin
On Feb 25, 2010, at 1:09 PM, Jesse Becker wrote:
> On Thu, Feb 25, 2010 at 12:39:33AM -0500, Mark Burgess wrote:
>>
>> Jesse - can you please compile with debugging symbols -g so that the
>
tionssysteme mbH | Sitz der Gesellschaft:
> Salzgitter | Registergericht: Amtsgericht Braunschweig | Registernummer: HRB
> 6194 | Geschäftsführer: Dipl.-Ing. Günter König
>
>
>
> -Ursprüngliche Nachricht-
> Von: Nakarin Phooripoom [mailto:mynameisje...@gmail.com]
> G
There might be an example for FreeBSD in a
tarball:/test/units/unit_package_freebsd.cf, I guess.
Cheers,
--Nakarin
On Feb 25, 2010, at 11:03 AM, Traiano Welcome wrote:
> Hi List
>
> How would I construct a bundle to add packages to a freebsd system using the
> Ports collection? I see the CF3
Is there any shared libraries in /var/cfengine/lib? If so, you might need to do
something with ldconfig, add the lib folder and re-run ldconfig.
Cheers,
--Nakarin
On Feb 25, 2010, at 12:40 PM, Seifert, Christian wrote:
> Hello,
> i want to start cf-agent on my policy or client server and get th
Could we use [A-Z]? for instance;
body common control
{
bundlesequence => { case("Hello"),
case("hello") };
}
bundle agent case(string)
{
classes:
"invalid" expression => regcmp("^[A-Z].*","$(string)");
reports:
!invalid::
"Not start with a capit
On Feb 9, 2010, at 5:55 PM, Andrew J. Millar wrote:
>
>
> If I add in depth_search include_basedir => "true", it changes the permissions
> recursively, which isn't what I want. How can I make this apply only to the
> directory I've specified in the same way it works fine for the authorized_key
>
You might need to add /usr/local/BerkeleyDB.3.3/lib to /etc/ld.so.conf and run
ldconfig once.
Why don't you consider to use cfengine3 instead? Dunno what you think, but for
me, cfengine 2 is the past, 3 is the future. :-)
Cheers,
--Nakarin
On Feb 5, 2010, at 5:05 PM, Jim Gosney wrote:
> We ar
Why don't you use packages: stanza instead? Cfengine will check a status of all
those packages behind the scene. A body package_method yum could be found in
cfengine_stdlib.cf
body common control
{
bundlesequence => { "checkrpms" };
}
#
bundle agent
de_dirs => { "data/cache" }; . Why do you need the
> .* in front? Also, I guess this would also exclude base/hello/data/cache,
> which I may want...
>
> Jean-Noel
>
>
> On Mon, Feb 1, 2010 at 4:00 PM, Nakarin Phooripoom
> wrote:
> Maybe this is
Maybe this is what you want.
body depth_search recurse(depth)
{
depth => "$(depth)";
exclude_dirs => { ".*data/cache" };
}
Cheers,
--Nakarin
On Feb 1, 2010, at 11:46 PM, Jean-Noël Rivasseau wrote:
> Hi
>
> It seems to me exclude_dirs is not flexible enough, or I dont know how to use
> it pr
Could we do something like this following?
classes:
"test_hosts_c" or => { classmatch(canonify("$(test_hosts)")) };
Cheers,
--Nakarin
On Jan 29, 2010, at 8:02 PM, Justin Lloyd wrote:
> If I have a list of hostnames, many of which have hyphens in them, what’s the
> cleanest way of generat
checking for main in -lpcre... no
checking for pcre.h... no
checking pcre/pcre.h usability... no
checking pcre/pcre.h presence... no
Maybe you should compile with --with-pcre=/path_to_pcre. BTW; do you have flex
or bison installed?
Cheers,
--Nakarin
On Jan 28, 2010, at 9:44 PM, Thomas Marshall
Or what I have done is to create a applescript with AppleScript Editor and
execute the script in cfengine like the following;
commands:
darwin::
"/usr/bin/osascript /tmp/applescript.scpt";
Cheers,
--Nakarin
On Jan 27, 2010, at 10:12 AM, Tim Cutts wrote:
>
> On 26 Jan 2010, at 8:11 pm, J
tude;
body package_method aptitude
{
package_add_command => "/usr/bin/aptitude --assume-yes install";
}
Cheers,
--Nakarin
On Jan 26, 2010, at 3:45 PM, Tim Cutts wrote:
>
> On 26 Jan 2010, at 2:41 pm, Nakarin Phooripoom wrote:
>
>> Zypper and yum seem to check and
Zypper and yum seem to check and update the latest list of packages every time
it runs before installing any selected packages.
Could we do something like this for Debian/Ubuntu?
package_add_command => "/usr/bin/aptitude update && /usr/bin/aptitude
--assume-yes install";
Cheers,
--Nakarin
On
It is required by Nova to get full capacity allowing robot agents to talk to
mysql/postgresql. If you are running a community version, you don't need it at
all.
Cheers,
--Nakarin
On Jan 21, 2010, at 8:28 PM, nwat...@symcor.com wrote:
> Consider this:
> bash-3.00# ldd /var/cfengine/bin/cf-key
>
You might need to configure the dynamic linker.
# crle
Default configuration file (/var/ld/ld.config) not found
Default Library Path (ELF): /lib:/usr/lib (system default)
Trusted Directories (ELF):/lib/secure:/usr/lib/secure (system default)
Now you can add a new path -- for example
Rebuild cfengine3 with --with-pcre=, checking your outcome by
ldd
[r...@localhost cfengine-3.0.3]# ldd src/cf-agent | grep pcre
libpcreposix.so.0 => /var/cfengine/lib/libpcreposix.so.0 (0x00155000)
libpcre.so.0 => /var/cfengine/lib/libpcre.so.0 (0x00157000)
Cheers,
--Nakarin
On
It is said that the class "reload_sshd" will be defined, if
/repository/cf3/etc/ssh/ssh_config is copied to /etc/ssh/sshd_config or its
permission is changed to 600
To test it out, you may add a comment to /repository/cf3/etc/ssh/ssh_config or
change the permission to something else then rerun
Um... it doesn't happen to me.
cfengine-3.0.3 phnakarin$ sudo /tmp/cfengine-3.0.3/src/cf-promises -f
/usr/local/share/doc/cfengine/unit_update.cf
cfengine-3.0.3 phnakarin$ sudo /tmp/cfengine-3.0.3/src/cf-promises -V
This comprises cf-promises core community version 3.0.3 - (C) Cfengine AS 2008-
c
Hi Jordan,
I might say cfengine3 really supports Snow Leopard. I didn't use MacPorts but
compiled all dependencies on my own.
Nakarin-MacBook:cfengine-3.0.3 phnakarin$ sw_vers
ProductName:Mac OS X
ProductVersion: 10.6.2
BuildVersion: 10C540
Nakarin-MacBook:cfengine-3.0.3 phnakarin$ uname
Hi Robert,
You should try this. Let make it done sequently.
classes:
SRV_APACHE_STANDALONE::
"isdir" expression => isdir("/var/www");
files:
SRV_APACHE_STANDALONE.isdir::
# make sure that there is /srv directory
"/srv/."
cre
Hi,
Why don't you use only ${d} in methods?
methods:
"any" usebundle => subfoo("${d}");
I think you would get expected results.
Cheers,
--Nakarin
On Dec 2, 2009, at 9:28 PM, nwat...@symcor.com wrote:
> Thanks for the tip Mark. Using this method again for something different
> get's me som
Why does it work fine for me? ^^"
macbook:bin $ sudo cat /tmp/foo
Hello world!!!
macbook:bin $ sudo ./cf-agent -f /tmp/bar.cf -K
macbook:bin $ sudo cat /tmp/foo
Hello world!!!
one
two
three
Cheers,
--Nakarin
On Dec 2, 2009, at 5:15 PM, Mark Burgess wrote:
>
> First you need to pass the list to
64 matches
Mail list logo
