On 3/31/06, Edward F. Brown <[EMAIL PROTECTED]> wrote: > On Fri, March 31, 2006 2:48 pm, Atom Powers said: > > > It depends a lot on what you are rolling back, > > Right, I agree. Some things are simple to implement, perhaps a one-line > change in your configuration to 'undo' an action. But what if a simple > mode change on a directory had allowed a user to write or change files > there, what is the right way to 'undo' now, do you merely correct the > mode, or do you remove the [possibly trojaned] file too?
I would say that this is beyond the scope of the tool. A config. mgmt. tool only knows about the changes you tell it about. If you tell it what to expect in those files then you can probably undo the user's changes. If you don't tell it what to expect then you have no reason to think that the tool will ever be able to undo those changes. >Does 'undo' mean > completely restore the system image to what it was before the last change? "undo" means "un-do": reverse what you did. If you expect it to restore the system image, and that was not a change it was responsible for, you better have a config in there to tell it what to do. > What about subsequent changes that were appropriate: new mail in the > spool, or logfiles? If you just eliminate them from rollback changes, you > eliminate the possibility that that is where the wrong mode allowed a user > to delete someone's mail or lines from a logfile. Those are just the > simplest examples I can think of. Installing the wrong version of a > software package can have all kinds of consequences, and forcing a > re-install of the previous version could just make things worse. The tool only does what you tell it to, no more and no less. If you are enforcing content on a mailbox or log file you have a whole other class of problems. > My point is that I believe an 'undo' function in a configuration > management tool is a pipe dream, akin to time travel. Like you say, it > inescapably 'depends a lot'. > > -Ed I don't think it would be too hard for cfe to be able to undo most of what it does, with the obvious exception of shell scripts, service management, and package management. A little more logging, maybe in a format readable by a new de-cfagent program, and you could get the most useful functionality out of an undo process. -- -- Perfection is just a word I use occasionally with mustard. --Atom Powers-- _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org http://cfengine.org/mailman/listinfo/help-cfengine
