On Mon, Nov 21, 2016 at 3:48 PM, Antoine Jacoutet wrote > On Mon, Nov 21, 2016 at 05:34:35PM -0500, sven falempin wrote: > > Ansible is already managing pkg and service of openBSD , cool > > > > If one want to manage pf with it, and push or modify a few files, > > on must run - command: /sbin/pfctl -f {{ dank.config }} > > > > Yet - service could be use, if this glue was in the rc.d directory : > > You can easily create an ansible role|module to do that natively. > The rc.d framework is only meant to handle real daemons. > We don't want it to manage pf, quota, network, mounts...
I don't understand this philosophical point - why wouldn't you want the rc.d framework to manage pf, quota, etc. whenever it's natural. With pf, for example, it surely is. One of the reasons I loved AIX's System Resource Controller (SRC) was that it did present a unified management interface to all system resources whether daemon or built in. Using a consistent rc.d/rcctl framework to manage system services and daemons - even pkg_add daemons - seems a good idea. Consistent interfaces, fewer interfaces, less special-casing all simplify management, thus minimize the chance of error and enhance security. This is true whether management is local or through a remote tool like ansible. Or? John