[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: cfengine and revision control
|
From: |
Sami J. Mäkinen |
|
Subject: |
Re: cfengine and revision control |
|
Date: |
Mon, 09 May 2005 23:20:47 +0300 |
|
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041217 |
Josh Lothian wrote:
Has anyone come up with a more elegant solution to this problem? I'd like
to implement something similar at my present employer. I really
like the recursive copying approach rather than the one listed
on http://cfwiki.org/cfwiki/index.php/Singlecopy_Nirvana because it
doesn't require any changes to the cfengine configs to add new files to
be distributed.
Just click on the "discussion" link on that page. :)
Briefly, my setup is (err, was) something like this:
1) Everything is stored in CVS, cfengine inputs as well
as the "overlay" directory tree that is copied to each host.
2) On the master server, a shell script is responsible of
cvs update, cvs tagging and rsync-copy excluding the
CVS metadata directories from the master directory that
is finally copied to the clients.
3) The master overlay directory is copied (cfengine internal
or external - rsync) to each client into /etc/NWS/,
for example.
4) On each client, a special shell script is run.
It will generate or symlink the files according to the
hints found in the overlay directory hierarchy.
Recent development has moved the whole customization
process into the master server. The overlay directory
is generated for each individual host separately.
This way, you cannot see other host's configurations
(/etc/sudoers, passwd etc) on every host even if you
can get a root shell. Less information leakage.
Please contact me if you want me to contribute. :)
-sjm