Some files (/etc/hosts is one of them) have both a copy AND an editfiles directive in cfagent.conf f.e. :
control:
actionsequence = ( processes links files copy editfiles tidy )
copy:
$(configpath)/generic/hosts
dest=/etc/hosts
owner=root
group=root
mode=644
type=checksum
backup=false
server=$(masterhost)
and later on :
editfiles:
{ /etc/hosts
LocateLineMatching "127\.0\.0\.1.+"
AppendIfNoSuchLine "$(ipaddress) $(fqhost) $(host)"
}
This is based on the idea that every host should have a basic hosts file in place but then also gets itself added
via a dns lookup so I don't have to maintain this stuff manually. It works so well and I was so excited when I first
did it. I guess, however, since cfengine keeps editing the file after it was copied it has to copy it over again the next time
and the next and so on cause it has changed from the original. That's why certain files keep getting replaced every time cfagent runs. It makes perfect sense.
What doesn't make sense is that they get copied with a permission of 600 first and then adjust to whatever permission
I have set in the copy: statement.
Does anyone else have a similar setup where files get copied first and then edited ?
On 3/20/06, Leslie Smith <
[EMAIL PROTECTED]> wrote:
Yes, that sounds very strange.Good luck with that one :)Les
From: stucky [mailto:[EMAIL PROTECTED]]
Sent: Tue 3/21/2006 10:19 AM
To: Leslie Smith
Subject: Re: copy function creates mode 600 by default ?nope - That was one of the first things I checked. Perms in the repo are 644 just like the way I want them and my cfagent.conf statement sets them to 644 root:root, yet it keeps saying:
Object /etc/hosts had permission 600, changed it to 644
So it must be the copy function. Then again I'm sure Mark would have told me that right away (or someon else). I just have no other explaination.
On 3/20/06, Leslie Smith <[EMAIL PROTECTED]> wrote:Maybe you should check the permissions of the file in the repository, It may be duplicating those first, then changing them.Les
From: help-cfengine-bounces+les.smith=[EMAIL PROTECTED] on behalf of stucky
Sent: Tue 3/21/2006 9:55 AM
To: cfengine
Subject: copy function creates mode 600 by default ?Guys
I think my /etc/hosts permission problem might have to do with the way cfagent copies files.
"...by copying first to a file called file.cfnew on the local filesystem, and then renaming it this quickly into place."
Question is what default permission does hosts.cfnew have - I'm inclined to think it's 600 which would explain everything.
The thing is I'd really like to know when permissions on my files change - even if cfengine fixes them again over the next hour - I like
to know what's going on that's why I turned the inform flag on. If hosts.cfnew really creates a file with 600 first then I can't do that
cause it causes email alerts to be sent every hour.
Can you confirm that my theory is correct and If I just have to live with that ?
--
stucky
--
stucky
--
stucky
_______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org http://cfengine.org/mailman/listinfo/help-cfengine
