On Mon, Nov 21, 2016 at 3:48 PM, Antoine Jacoutet wrote
> On Mon, Nov 21, 2016 at 05:34:35PM -0500, sven falempin wrote:
> > Ansible is already managing pkg and service of openBSD , cool
> >
> > If one want to manage pf with it, and push or modify a few files,
> > on must run - command: /sbin/pfctl -f {{ dank.config }}
> >
> > Yet - service could be use, if this glue was in the rc.d directory :
>
> You can easily create an ansible role|module to do that natively.
> The rc.d framework is only meant to handle real daemons.
> We don't want it to manage pf, quota, network, mounts...I don't understand this philosophical point - why wouldn't you want the rc.d framework to manage pf, quota, etc. whenever it's natural. With pf, for example, it surely is. One of the reasons I loved AIX's System Resource Controller (SRC) was that it did present a unified management interface to all system resources whether daemon or built in. Using a consistent rc.d/rcctl framework to manage system services and daemons - even pkg_add daemons - seems a good idea. Consistent interfaces, fewer interfaces, less special-casing all simplify management, thus minimize the chance of error and enhance security. This is true whether management is local or through a remote tool like ansible. Or? John
