On Thu, 04 Mar 2010 16:05:04 +0100 Mark Burgess wrote:
MB> I always did a HUP, but I don't have to deal with AIX. From 3.0.4
MB> cfengine will detach from its parent, so it could kill and restart
MB> cron.
The other common method besides HUP is to just resubmit the crontab with
"crontab FILENAM
On Thu, 4 Mar 2010 10:21:27 -0500 Matt Richards wrote:
MR> On Mar 4, 2010, at 10:12 AM, Ted Zlatanov wrote:
>> On Thu, 04 Mar 2010 16:05:04 +0100 Mark Burgess
>> wrote:
>>
MB> I always did a HUP, but I don't have to deal with AIX. From 3.0.4
MB> cfengine wi
On Fri, 30 Apr 2010 11:30:28 -0500 Paul Krizak wrote:
PK> The main thing I'm asking is if anybody has had any experience scaling
PK> up a cfservd to this much work, and whether or not it fell over.
...
PK> I'm talking about 5,000 systems each updating about 50MB of policy data
PK> over a 1-2 h
On Mon, 3 May 2010 15:07:43 -0400 Wes Rogers wrote:
WR> Seems like too much effort to me, IMO when I can just add another
WR> 'cfservd server' behind my LB VIP and call it a day.
You still need a way to propagate policy between multiple cfservd
servers. What happens when one of them is offline
On Mon, 3 May 2010 22:34:02 -0400 Wes Rogers wrote:
WR> 2010/5/3 Ted Zlatanov :
>> On Mon, 3 May 2010 15:07:43 -0400 Wes Rogers wrote:
>>
WR> Seems like too much effort to me, IMO when I can just add another
WR> 'cfservd server' behind my LB VIP and call it a d
I'm evaluating the community edition:
community> Cfengine - 3.1.4 Copyright (C) Cfengine AS 2008,2010-
I have a module that defines a variable:
community> Defined variable: dns_domain in context pup.pl with value:
lifelogs.com
But I can't access it later. Here's the config file I ran directly w
uot;." or any
other illegal characters?
Thanks
Ted
Mark Burgess wrote:
> Check out tests/units/unit_module* in the source code.
On Tue, 22 Feb 2011 18:53:17 -0600 Ted Zlatanov wrote:
TZ> I'm evaluating the community edition:
community> Cfengine - 3.1.4 Copyright (C) Cfengine A
On Thu, 24 Feb 2011 16:23:58 +0100 (CET) kholloway wrote:
n> In CF3 we use edit_files functions (or write your own) and either
n> match the cron job exactly or use regex to match for it and then
n> insert/replace. If I go look at my crontab entry I won't see any
n> indication that CF3 put it the
On Thu, 24 Feb 2011 20:27:20 +0100 (CET) kholloway wrote:
n> That is a very nice solution, I would use names instead of numbers to
identify the job but otherwise yes great idea.
n> * * * * * CFCRON=cfserverd /my/job/for/cf-serverd
Sure. These days I just put things in /etc/cron.d but that's c
On Thu, 3 Mar 2011 09:49:49 +0100 (CET) mark wrote:
n> Sorry for the delay in replying. I've been travelling, I made a cronjob
method in the standard library, so that adding cron is simple:
n> bundle agent test
n> {
n> methods:
n> # cronjob(command,user,hours,mins)
n> "cron" usebundle =>
On Tue, 08 Mar 2011 16:26:47 +0100 Mikhail Gusarov
wrote:
MG> On 07.03.2011 18:33, Mikhail Gusarov wrote:
>> Ted,
>>
>> > As a suggestion, could the module execution take a
>>> "namespace" string parameter so this is not an issue? And could the
>>> module namespace be converted to a legal name
On Thu, 10 Mar 2011 22:35:31 +0100 (CET) mark wrote:
n> Please don't embed su in shell commands, use the contain method
n> contain => setuid("uid")
n> to do this. As always, if you look carefully, you will find the way to use
the features in a secure and efficient manner.
Is there a way to
On Fri, 11 Mar 2011 18:56:55 +0100 Eystein Måløy Stenberg
wrote:
EMS> You can set the environment in agent control:
EMS> http://www.cfengine.org/manuals/cf3-reference.html#environment-in-agent
EMS> This is a global setting that will be inherited by all children
EMS> (commands-promises and backg
On Fri, 11 Mar 2011 09:54:00 -0800 Aleksey Tsalolikhin
wrote:
AT> I've got something up at
AT> http://www.verticalsysadmin.com/cfengine/shared-configs-index.html
AT> it's not a basic cookbook, but rather an index of Cfengine configs
AT> that people have shared and
AT> I have listed.
AT> Let me
On Fri, 11 Mar 2011 14:14:55 -0600 Ted Zlatanov wrote:
TZ> I don't have an account there yet and my Engine Room and Support
TZ> accounts don't work on that tracker. I requested the account; could you
TZ> or someone else do the feature request meanwhile?
Never mind, I got
On Mon, 14 Mar 2011 10:21:05 -0400 Jesse Becker wrote:
JB> On Mon, Mar 14, 2011 at 10:04:40AM -0400, no-re...@cfengine.com wrote:
>> Forum: Cfengine Help
>> Subject: Re: Weird unset variable warning?
>> Author: sauer
>> Link to topic: https://cfengine.com/forum/read.php?3,21129,21133#msg-21133
>
On Mon, 14 Mar 2011 19:16:48 +0100 (CET) neilhwatson wrote:
n> Are you proposing that the agent with root privilege should fetch
n> files from the server running as non-root? I'm having trouble
n> visualizing your architecture. I appreciate the effort run at least
n> privilege but, are there an
On Tue, 15 Mar 2011 14:25:55 +0100 Eystein Måløy Stenberg
wrote:
EMS> When running as non-root, note that cf-serverd uses ~/.cfagent as
EMS> its working directory. This means it does not share workdir with
EMS> the rest of the Cfengine components.
EMS> One thing you might want to consider in
On Thu, 17 Mar 2011 13:58:40 +0100 (CET) max_fr wrote:
n> Ok, if I understand correctly i must substitute the dollar character by the
constant const.dollar? I am surprised by that.
n> It is very complicate to change a hash password as following :
n> $1$JNoH0WXg$3sF.c.I5aWMoAj8LpMtOW1
n> by
n
On Sun, 10 Apr 2011 14:42:11 -0400 Jesse Becker wrote:
JB> Here's a question: how does one detect a *new* IP address getting added
JB> to a system?
JB> For example, if there's some mecahnism for bringing up a new interface
JB> (such as failover/heartbeat mechanism), is there a way to detect th
On Mon, 11 Apr 2011 14:47:26 -0500 Ted Zlatanov wrote:
TZ> Detecting new interfaces can be done with ifconfig -a, again, or by
TZ> looking at /proc/net/dev.
Actually it would be really nice if cfengine produced the list of
interfaces in addition to the current net_iface_* classes.
On Mon, 11 Apr 2011 15:26:19 -0500 Ted Zlatanov wrote:
TZ> Actually it would be really nice if cfengine produced the list of
TZ> interfaces in addition to the current net_iface_* classes. It's already
TZ> traversing the list of interfaces and providing sys.ipv4 so collecting
TZ&g
On Fri, 15 Apr 2011 11:21:44 -0400 Frans Lawaetz
wrote:
>> You want to have the class set if the promise need to be repaired
>> (if the file content is not right). So it's not *if_notkept* that
>> you need to use, but *if_repaired*
>>
FL> That doesn't seem to work either.. The promise wasn't
On Tue, 12 Apr 2011 08:13:29 -0500 Ted Zlatanov wrote:
TZ> On Mon, 11 Apr 2011 15:26:19 -0500 Ted Zlatanov wrote:
TZ> Actually it would be really nice if cfengine produced the list of
TZ> interfaces in addition to the current net_iface_* classes. It's already
TZ> trave
On Fri, 15 Apr 2011 13:12:00 -0500 Ted Zlatanov wrote:
TZ> On Tue, 12 Apr 2011 08:13:29 -0500 Ted Zlatanov wrote:
TZ> Actually it would be really nice if cfengine produced the list of
TZ> interfaces in addition to the current net_iface_* classes. It's already
TZ> trave
On Sun, 8 May 2011 05:00:23 +0200 (CEST) no-re...@cfengine.com wrote:
n> I've been wanting to share feedback with the community about my
n> experiences moving my team's cf2 installation to cf3. I started this
n> last month and will try, as time permits, to do more.
n> I thought the sensible pl
On Tue, 10 May 2011 00:00:06 +0200 (CEST) no-re...@cfengine.com wrote:
n> Is it possible to define a compound body inline? I'd like to do something
like
n> commands:
n> "$(command)"
n> contain => { useshell => "false"; umask => "002"; };
n> but I'm not seeing an obvious way to do that.
On Thu, 09 Jun 2011 14:19:21 +0200 Sjoerd Oostdijck wrote:
SO> On 6/9/11 2:05 PM, no-re...@cfengine.com wrote:
SO> The end goal is, for example, installing a large list of packages. The
SO> the promise that installs the package then sets a certain class which
SO> contains the package name.
SO> (
The cfengine mode that ships with GNU Emacs (written by Dave Love) works
OK, but is not aware of the many new cfengine3 keywords. Indentation is
a bit off, as well, in some sections.
The one that is in the cfengine3 core SVN checkout (Rolf Ebert's code)
is very old and also doesn't have the cfeng
On Thu, 16 Jun 2011 21:15:23 +0200 (CEST) debheller wrote:
n> For this particular exercise, I think we'll do this outside of
n> cfengine with an expect script... For a one-time change, cfengine is
n> probably not the right tool in this particular case.
At $(work) we use cfengine with an external
(trying another e-mail address for Rolf Ebert because
doesn't work)
After looking at cfengine.el (both the old-old-old one in cfengine's SVN
trunk, and Dave Love's version in GNU Emacs, I'm starting a patch to the
GNU Emacs version. It won't have semantic parsing, just syntax
highlighting. Note
On Fri, 17 Jun 2011 12:26:32 -0500 Ted Zlatanov wrote:
TZ> I'd appreciate some help and advice... I'll keep working on this as
TZ> time allows :)
I started a new thread on emacs-devel, so please go there if you have
suggestions. I realized (too late, sorry!) that it was not
On Mon, 20 Jun 2011 13:06:12 -0500 Diego Zamboni wrote:
DZ> On 6/16/2011 9:59 AM, Ted Zlatanov wrote:
>> The cfengine mode that ships with GNU Emacs (written by Dave Love) works
>> OK, but is not aware of the many new cfengine3 keywords. Indentation is
>> a bit off, as w
I've committed a new version of cfengine.el to GNU Emacs (to be released
with 24.1) which contains the new cfengine3-mode (the file begins with
instructions on how to use it). The current cfengine-mode works the
same way so you can keep using it if you prefer. I'm attaching
cfengine.el here, and
This is similar to
https://cfengine.org/pipermail/help-cfengine/2010-August/009339.html but
I really need an empty slist, I think.
My syntax is:
bundle agent x
{
vars:
...
case1::
"slistA" slist => { };
"slistB" slits => { "case1 data" };
case2::
"slistA" slist => { "case2 data" }
On Tue, 5 Jul 2011 18:11:37 +0200 (CEST) zzamboni wrote:
n> I think to define an empty list you need to use the cf_null constant:
n> http://cfengine.com/manuals/cf3-reference.html#Special-list-value-cf_005fnull
Ah, thank you. I had not noticed that one.
n> OTOH, what is it exactly you want to
On Mon, 11 Jul 2011 13:51:09 -0700 Aleksey Tsalolikhin
wrote:
AT> I don't suppose it would help to set the empty list to "undefined"?
AT> And take action accordingly? (i.e. check its value and if it is
AT> "undefined", then do nothing?)
AT> I understand it'd be a messy workaround and that you
On Thu, 14 Jul 2011 09:12:33 +0200 (CEST) geir wrote:
n> Forum: CFEngine Help
n> Subject: Re: Are all messages moderated?
n> Author: geir
n> Link to topic: https://cfengine.com/forum/read.php?3,22795,22796#msg-22796
Can we have the sender of forum messages over e-mail set to
u...@no-reply.cfengi
On Fri, 28 Oct 2011 01:25:42 +0200 (CEST) sauer wrote:
n> As far as fragility, I'd argue that this is more robust in the
n> environment I'm describing. If we need to move one of the secondaries
n> to a new IP, move a machine name to a different location, etc, then
n> the reconfiguration is handl
On Fri, 30 Sep 2011 19:00:28 +0200 (CEST) neilhwatson wrote:
n> No, use a negative regular expression. Match things that are not 'Two'.
There are regular expressions that can't be practically inverted, and
even simple ones look awkward. Could grep() support a "-v" flag?
Ted
__
Could we copy the cfengine mailing list posts to Gmane? All that's
required is approval from the list owners, plus subscribing an e-mail
address if the default subscription process doesn't work. Please see:
http://gmane.org/subscribe.php
http://gmane.org/about.php
That would let anyone read th
On Thu, 17 Nov 2011 09:45:27 -0500 Ted Zlatanov wrote:
TZ> this is because I only tested against Emacs 24, I didn't know prog-mode
TZ> was not available in earlier ones. I will make the necessary changes.
Please try the attached patch and tell me if it works for you. It
should,
On Wed, 23 Nov 2011 09:37:31 +0100 Marco Marongiu
wrote:
MM> The patch doesn't apply, as this line:
>> (defgroup cfengine ()
MM> is actually
>> (defgroup cfengine3 ()
OK, I am attaching the "good" version of this file. It has a modified
info section, the compatibility fix, and will be main
On Fri, 25 Nov 2011 09:34:43 -0600 Diego Zamboni wrote:
DZ> Thanks. With the new version, I now get the following message, and syntax
highlighting doesn't work:
DZ> set: Symbol's function definition is void: syntax-propertize-rules
DZ> This is on Carbon Emacs on OSX, which is Emacs 22.3.1.
F
On Mon, 28 Nov 2011 17:21:06 +0100 Marco Marongiu
wrote:
MM> I've just done a quick test, and things seem to work smoothly (GNU Emacs
MM> 23.1.1 running on Ubuntu Linux 10.04 LTS)
On Mon, 28 Nov 2011 17:24:29 +0100 Marco Marongiu
wrote:
MM> Forget that :(
MM> As I load the mode using M-x
On Mon, 31 Oct 2011 10:09:37 -0500 Ted Zlatanov wrote:
TZ> On Fri, 30 Sep 2011 19:00:28 +0200 (CEST) neilhwatson wrote:
n> No, use a negative regular expression. Match things that are not 'Two'.
TZ> There are regular expressions that can't be practically inverted,
On Wed, 23 Nov 2011 15:45:24 +0100 (CET) no-re...@cfengine.com wrote:
n> Forum: CFEngine Help
n> Subject: Re: putting cfengine mailing list on Gmane?
n> Author: zzamboni
n> Link to topic: https://cfengine.com/forum/read.php?3,23979,24049#msg-24049
n> List archiving has resumed under
http://dir.
On Wed, 30 Nov 2011 20:15:56 -0800 (PST) "Carl E. Ma"
wrote:
CEM> I am new to Cfengine3. Is it possible to use cfengine to clone one
server's configuration to another server?
CEM> My intention is using cfengine to deploy system/application
CEM> configuration change on VM host. If this host c
On Tue, 29 Nov 2011 08:55:46 -0500 Ted Zlatanov wrote:
TZ> On Mon, 28 Nov 2011 17:21:06 +0100 Marco Marongiu
wrote:
MM> I've just done a quick test, and things seem to work smoothly (GNU Emacs
MM> 23.1.1 running on Ubuntu Linux 10.04 LTS)
TZ> On Mon, 28 Nov 2011 17:
On Fri, 02 Dec 2011 15:47:06 +0100 Marco Marongiu
wrote:
MM> I confirm the following:
MM> My platform: Ubuntu 10.04.3 LTS (as appears in motd)
MM> My Emacs:
MM> This is GNU Emacs 23.1.1 (i486-pc-linux-gnu, GTK+ Version 2.20.1)
MM> of 2011-03-04 on palmer, modified by Debian
...
MM> I confirm
On Fri, 02 Dec 2011 15:59:49 +0100 Mikhail Gusarov
wrote:
MG> Ted,
MG> On 11/25/2011 02:26 PM, Ted Zlatanov wrote:
>> cfengine SVN maintainers: please review the attached file and especially
>> the copyright notice. I believe it's no different from before as far as
>
On Fri, 02 Dec 2011 16:48:38 +0100 Mikhail Gusarov
wrote:
MG> On 12/02/2011 04:44 PM, Ted Zlatanov wrote:
MG> Could you ask Emacs guys (or make a patch yourself) to rename
MG> cfengine-mode to cfengine2-mode, or something similar?
>>
>> That would break backwards comp
On Fri, 02 Dec 2011 10:38:14 -0500 Ted Zlatanov wrote:
TZ> For the attribute 0 indent, it's a feature but I can change it to give
TZ> an optional extra indent to continued lines. I was trying to make the
TZ> appearance uniform and consistent but I see how it can be useful
On Wed, 07 Dec 2011 23:56:19 +0100 Nicolas Charles
wrote:
>> Check it out here http://www.packtpub.com/cfengine-3-beginners-guide/book
NC> I've ordered this book a couple of weeks ago and start to review it, to
NC> see if my team would learn from it. I really have mixed feelings about
NC> th
On Sat, 3 Dec 2011 00:58:10 +0100 (CET) theaccount wrote:
n> Is there a tool that you would recommend for remote script execution?
I know some people that use func (Python tool) and are happy with it.
Rundeck is also interesting.
Ted
___
Help-cfengin
On Wed, 07 Dec 2011 14:43:00 +0100 Marco Marongiu
wrote:
MM> The bad ones: as soon as I did it, font-locking broke. The following
MM> error appears in the *Messages* window:
>> Error during redisplay: (void-variable font-lock-constant-name-face)
MM> Now class names are black as normal text (t
On Wed, 14 Dec 2011 10:08:22 + (GMT) Mark Dixon
wrote:
MD> However, it wasn't the "if" bit I was fuzzy about, it was how people use
MD> the language to do the job of an "if..elif..else" construct in the
MD> clearest and least fragile way.
MD> Extending the example on the devops page naiv
While we're discussing fundamentals... :) Some small ideas I think may
be useful to the cfengine users:
1) allow passing body parameters as JSON, not just positional
parameters. Take the standard file permissions promise:
"$(crond)/cfrun"
perms => mo("644","root");
it instead become
On Wed, 14 Dec 2011 14:54:02 + (GMT) Mark Dixon
wrote:
MD> How would you cleanly do an if..elif..else ? The example you give
MD> appears to be an if..else.
cfengine doesn't have that. It has a switch statement, really, but it
will spin through the switch until it's settled (up to 3 passes
On Wed, 14 Dec 2011 15:50:13 + (GMT) Mark Dixon
wrote:
MD> OK, so this works because of rule 5 of agent normal ordering ("The
MD> order of promises within one of the above types follows their top-down
MD> ordering within the bundle itself") from the reference manual?
MD> http://cfengine.co
On Tue, 13 Dec 2011 15:50:33 -0600 Ted Zlatanov wrote:
TZ> On Wed, 07 Dec 2011 14:43:00 +0100 Marco Marongiu
wrote:
MM> The bad ones: as soon as I did it, font-locking broke. The following
MM> error appears in the *Messages* window:
>>> Error during redisplay: (void-
On Fri, 16 Dec 2011 11:13:29 +0100 (CET) lauwersw wrote:
n> But your comment made me think: maybe "local" classes should remain, but be
transformed in "scoped" classes, so they can be accessed from other bundles as
well.
I think local classes should remain as they are, but the user should
have
On Fri, 16 Dec 2011 08:06:32 +0100 Mark Burgess wrote:
MB> Please forget you ever saw this.
Saw what?!?!?
MB> This might look superficially attractive to a programmer but it
MB> suffers from many problems, not the least of which would be a major
MB> increase in the size and complexity of the p
On Fri, 16 Dec 2011 15:53:10 +0100 (CET) neilhwatson wrote:
n> One other point comes to mind if you'll indulge me again. I think this was
n> mentioned before. Passing parameters to bundles. I'd like to see this done
n> better. The current positional approach is very limited. It might be
hel
On Mon, 19 Dec 2011 13:42:03 -0600 Nick Anderson wrote:
NA> What would the best way to capture a list of the files detected changed
NA> into a list?
Use etckeeper+Git, it will do a much better job, especially if you
snapshot often. Then you just use Git commands from CFEngine or outside
(which
On Wed, 28 Dec 2011 13:13:13 + Michael Gliwinski
wrote:
MG> Another option which I'm considering now is to let managed nodes
MG> pull from VCS directly into their own masterfiles and change policy
MG> in update.cf to just copy locally into inputs/ modules/ etc. after
MG> doing some local pr
On Wed, 4 Jan 2012 04:25:56 +0100 (CET) bughari wrote:
n> Is there command available in cfengine3 to do health check of all cf-agent
is active and talking to cf-serverd which we can run from cfengine master
server.
You could use loggly or Splunk or plain syslog or something similar to
collect
On Tue, 21 Feb 2012 12:54:44 +0100 (CET) rsdejo...@gmail.com wrote:
n> I have a question ,
n> We want to copy the repository files to rhel 5 + 6 and sles 9 / 10 / 11
n> I know how to divide into OS ,but how do you divide further in the tree ?
n> example => /etc/yum.repos.d/baseline.repo
n> It
On Fri, 24 Feb 2012 07:35:34 -0800 Aleksey Tsalolikhin
wrote:
AT> This site has been using CFEngine 2 for 5 years and they have a very
AT> large policy set. We're talking thousands or more of little inputs files.
AT> They do EVERYTHING in CFEngine. Their system architect teaches all
AT> their
On Mon, 12 Mar 2012 18:43:52 -0500 Nick Anderson wrote:
NA> I'm kind of surprised that rsync is so much faster than svn update. But
NA> I haven't tried to use subversion to distribute lots of files, only used
NA> for small trees. But i seem to use subversion for distributing small
NA> trees a lo
On Tue, 13 Mar 2012 09:30:04 -0500 Nick Anderson wrote:
NA> On 03/13/2012 09:22 AM, Mikhail Gusarov wrote:
>> Something like "git clean -fxd"?
NA> Something like that. When I do it with svn I like to track which files
NA> had which state so I can send a report to the person who cared about the
On Tue, 20 Mar 2012 21:53:37 -0500 Nick Anderson wrote:
NA> I'm just curious. At what point do you decide a module is better than doing
things natively?
At JOB^1 I wrote a Perl script to look up company inventory metadata and
feed it to cfengine through the module interface. The script was m
On Tue, 3 Apr 2012 20:45:08 +0200 (CEST) sauer wrote:
n> I've been working on this for sudoers, where later entries override
n> earlier entries. The way I'm currently doing it is to have a
n> directory full of small templates which start with a number. It looks
n> like the new lsdir function w
On Thu, 5 Apr 2012 05:59:35 -0700 Aleksey Tsalolikhin
wrote:
AT> Hi. Is there a tidy or pretty-print program for CFEngine 3?
AT> I am just looking for something to make sure there is uniform
AT> indentation style in my examples, I've got like 200 of them by now and
AT> I don't want to correct t
On Wed, 18 Apr 2012 11:35:01 +0200 Bas van der Vlies wrote:
BvdV> I am using slist because configuration parameters can contain more then
one value. For most configuration files
BvdV> it is nice that a 'list' variable is repeated multiple times, eg:
BvdV> [%CFEngine BEGIN %]
BvdV> search $(te
On Fri, 27 Apr 2012 23:56:49 +0200 Mikhail Gusarov
wrote:
MG> On 27.04.2012 23:22, no-re...@cfengine.com wrote:
>> Is there a way to tell cfengine not to start if there is no networking up
>> without hacking startup script?
MG> It does not hang, but it tries to resolve IP address into DNS nam
On Thu, 26 Apr 2012 22:08:56 +0200 (CEST) msvob...@linkedin.com wrote:
ms> Most exploits / data loss happen from _within_ the organization. If I
ms> give a developer / fellow co-worker root access to a machine inside
ms> our network, he can snoop around the Cfengine area and see things he
ms> re
On Mon, 30 Apr 2012 16:24:52 +0200 (CEST) msvob...@linkedin.com wrote:
n> Giving developers root access to development machines is a known evil.
n> I would rather not give root access to people who aren't
n> administrators, but in reality, this doesn't happen.
n> Folks that run QA, performance e
On Mon, 30 Apr 2012 10:09:37 -0500 Nick Anderson wrote:
NA> Well I think if we approach this with the expectation that we will stop
NA> someone with root access from doing anything then we just performing an
NA> exercise in futility.
NA> You could argue that security is only the the inverse of
On Wed, 16 May 2012 14:33:03 -0500 Nick Anderson wrote:
NA> On 05/16/2012 02:28 PM, no-re...@cfengine.com wrote:
>> bundle agent git_master
>> {
>> commands:
>> "/usr/bin/git pull origin"
>> comment => "Update /repo from git repository",
>> contain => silent_in_dir("/repo");
>> }
NA> What hap
On Thu, 17 May 2012 12:25:53 -0500 Nick Anderson wrote:
NA> On 05/16/2012 03:44 PM, Ted Zlatanov wrote:
>> I'd love to see native pluggable CFEngine support for VCS pulls, like it
>> has for package management.
NA> That would be cool. It seems to be a pattern I do a lot
On Thu, 17 May 2012 12:34:10 -0500 Nick Anderson wrote:
NA> On 05/17/2012 12:31 PM, Ted Zlatanov wrote:
>> On Thu, 17 May 2012 12:25:53 -0500 Nick Anderson wrote:
NA> On 05/16/2012 03:44 PM, Ted Zlatanov wrote:
>>>> I'd love to see native pluggable CFEngine s
On Thu, 17 May 2012 12:51:39 -0500 Nick Anderson wrote:
NA> Any new status updates on cfsketch to come along with that?
Real Soon Now ;)
Ted
___
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine
On Thu, 17 May 2012 20:27:03 -0500 Nick Anderson wrote:
NA> Hey Analogue, I submitted a pull request to the design-center earlier
NA> today with a sketch that I think does what you were looking for.
NA> https://github.com/cfengine/design-center/pull/49
NA>
https://github.com/nickanderson/desig
On Fri, 18 May 2012 15:17:12 -0400 Ted Zlatanov wrote:
TZ> cfsketch itself will make it possible to activate this multiple times,
TZ> so you don't have to deal with passing a 2-level array to describe
TZ> multiple repositories.
TZ> Although it will only support Git for now
On Fri, 18 May 2012 17:00:15 -0400 Ted Zlatanov wrote:
TZ> OK, pushed to https://github.com/tzz/design-center.git
I ran into one issue with the vcs_freshclone sketch, the vcs_configfile
variable is not defined in time on the first pass, so it always tries to
clone. I had to force just one
One more improvement: the .git/config file is now enforced :)
This means that it's pretty much impossible for an attacker to make you
check out the wrong thing, even if they can modify the .git/config file
(they can always exploit a race condition, but it's still an improvement).
But it seems lik
On Mon, 21 May 2012 15:21:20 -0400 Ted Zlatanov wrote:
TZ> But it seems like `this.promise_filename' refers to the top-level
TZ> (i.e. runme.cf) filename, even though the vcs_freshclone promises are
TZ> made in a different file. This makes it impossible to find templates
TZ>
On Mon, 21 May 2012 15:51:11 -0400 Ted Zlatanov wrote:
TZ> On Mon, 21 May 2012 15:21:20 -0400 Ted Zlatanov wrote:
TZ> bundle agent vcs_freshclone(prefix)
TZ> {
TZ> vars:
TZ> "bundle_home" string => dirname("$(this.promise_filename)"),
TZ> policy =>
On Tue, 22 May 2012 12:50:39 -0500 Nick Anderson wrote:
NA> On 05/21/2012 02:51 PM, Ted Zlatanov wrote:
>> Nick, see if you can duplicate the bug on your side and I'll open the
>> ticket. No rush, I have the fix above in place.
NA> I tried to use it manually and none o
On Tue, 22 May 2012 15:11:23 -0500 Nick Anderson wrote:
NA> So in general are you preferring prefix to passing an array name with
NA> new sketches? And also are you preferring a single usebundle call for
NA> each different configuration?
Yes, and yes. It makes passing data between JSON, Perl,
On Tue, 22 May 2012 18:25:20 -0500 Nick Anderson wrote:
NA> On 05/22/2012 03:36 PM, Ted Zlatanov wrote:
>> How about vcs_mirror? That's pretty clear and the term is not used by
>> Git or Subversion. If you agree I'll make the change on my side.
NA> Works fo
On Tue, 22 May 2012 20:57:26 -0500 Nick Anderson wrote:
NA> On 05/22/2012 08:41 PM, Nick Anderson wrote:
>> https://cfengine.com/manuals/cf3-Reference#Function-getenv
NA> So env contains USER, and with that we can get gid.
NA> "user" string => getenv("USER","20");
NA> "no" int => get
On Wed, 23 May 2012 16:25:05 +0200 (CEST) daveseff wrote:
n> I am distributing a large XML config file to a group of servers for an
n> application. some parameters in the file need to be unique to the
n> machine it's on. Because of it's size I would normally use a copy_from
n> promise from a mast
On Wed, 23 May 2012 09:52:13 -0500 Nick Anderson wrote:
NA> On 05/23/2012 09:44 AM, Ted Zlatanov wrote:
>> You may want to copy to an intermediate file (1) and use Augeas or
>> edit_line on a second copy (2) which then gets copied into the final
>> destination (3). That wa
On Wed, 23 May 2012 20:21:06 +0200 (CEST) sauer wrote:
n> It's not git, but with subversion I just use a command promise (which
n> runs "svn update") in combination with a regular CFEngine file copy to
n> get the top-level directory's .svn directory in place.
Could you share the exact commands y
On Thu, 14 Jun 2012 13:22:38 +0200 (CEST) bernhard.gl...@ecologic.eu wrote:
n> Didn't find any way to deliver a shadowed passwort/secret to the darwin auth
system.
n> Instead we can simply copy the users plist.
n> This works at least in OSX 10.7.4
Could you show the solution? That sounds ver
On Wed, 13 Jun 2012 10:18:45 -0400 Neil Watson
wrote:
NW> I can't recall if this is now possible with 3.3.0. Can we define a list
NW> in an array and then loop the list after passing it?
I do it in the db_install sketch in Design Center:
"base_packages" slist => { "@($(prefix)bycontext
On Tue, 12 Jun 2012 19:49:17 +0200 (CEST) bahamat wrote:
n> The default failsafe.cf includes promises that will start all three daemons.
If you really want it disabled you need to do it in both places. It's not lupus.
I'm really curious what you mean by "it's not lupus."
Ted
__
Ted Z wrote:
>> `cpanm' doesn't support uninstalling, but neither does `cpan'
Because of this, and because CPAN doesn't have the notion of listing
installed modules, I wrote a sketch that simply runs the `cpanm' command
for every Perl module you specify. I just couldn't make it a reasonable
packa
1 - 100 of 146 matches
Mail list logo
