Mark Burgess wrote: > Undo is rather ambiguous unless you snapshot the entire system (as Ed > alluded to), since there can be unseen consequences of changes.
And even then, the problem can't be solved generally because the state of the network is important as well. However, I think there is plenty of space for innovation in limited rollback functionality. I could see closer integration with version control systems providing some of this functionality. As it stands, most tools can manipulate a very limited set of OS objects, mostly limited to files. It would not be hard to support rollback for files. With more nebulous objects like users, supporting rollback (for example, undoing the partial creation of a user account) would require lots of supporting machinery that would need to be written by hand (and thus prone to bugs). As more of these sort of things become "first-order" objects to configuration management systems, it will be easier to support undo-type operations. As it stands now, the admin would need to write essentially imperative back-out code for much of this type of work. Particularly, I could see undo actions being useful for atomic groupings of actions. For example, to deploy a functioning httpd, one might need to create a user, install a package, edit a configuration file, and start a service. If that block of policy does not result in a working web server (based on some sort of monitoring feedback) it seems reasonable to roll back the above changes, which should be technically possible with the systems we have now. Best, Brendan -- Senior System Administrator The University of Chicago Department of Computer Science http://www.cs.uchicago.edu/people/brendan http://praksys.blogspot.com/ _______________________________________________ Help-cfengine mailing list Help-cfengine@cfengine.org http://cfengine.org/mailman/listinfo/help-cfengine
