As a workaround, you could create a class that tests if NIS is generally working and predicate all of your NIS-based rules on that. Some sort of ReturnsZero command should do it. An example might be "ypwhich | grep ExpectedServerName >/dev/null" <that's off the top of my head, better check it>.
-Jason Martin -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andrew Stribblehill Sent: Tuesday, August 16, 2005 9:27 AM To: Cfengine bugs Subject: Cfengine ate my mail We run Cfengine across all of our servers and workstations in Durham. One of the things it does is control the sendmail.cf file and HUP sendmail if it changes. To determine whether or not a host is a mail exchanger, we have: groups: mxes = ( [EMAIL PROTECTED] ) However, we lost access to NIS (the core router blew up) so our MXes forgot that's what they were and reconfigured themselves, presumably caching the negative response in nscd. Net result: we bounced a load of legitemate mail. I believe that Cfengine could do better than this, by checking the return code of setnetgrent() and (conditionally, perhaps) aborting if it can't find the netgroup. What do other people think? -- VIKING NORTH UTSIRE WEST 3 OR 4 BACKING SOUTH 5 TO 7. OCCASIONAL RAIN. GOOD BECOMING MODERATE OR POOR _______________________________________________ Bug-cfengine mailing list Bug-cfengine@gnu.org http://lists.gnu.org/mailman/listinfo/bug-cfengine _______________________________________________ Bug-cfengine mailing list Bug-cfengine@gnu.org http://lists.gnu.org/mailman/listinfo/bug-cfengine
