CFEngine Help: Odd netmask behavior

[no-reply]

Forum: CFEngine Help
Subject: Odd netmask behavior
Author: sauer
Link to topic: https://cfengine.com/forum/read.php?3,26113,26113#msg-26113

So, I'm seeing this weird behavior on AIX only.  When cf-agent is launched from 
cf-execd, the contents of allclasses.txt include:

$ grep net_ /var/cfengine/state/allclasses.txt
net_iface_en0
net_iface_lo0
net_prod



But when I run "/var/cfengine/bin cf-agent -IK" on the command line, the 
results are

$ grep net_ /var/cfengine/state/allclasses.txt
net_test
net_iface_en0
net_iface_lo0



It stays that way until cf-execd launches cf-agent again.  The net_test and 
net_prod classes are set based on the contents of a file which looks somewhat 
like this:
10.146.164.0/25:prod
10.180.209.0/24:test
10.180.210.0/24:test

And I have a policy which looks like this:

vars:
  any::
    "netmask"
      string  => "$(sys.workdir)/netmasks",
      comment => "destination";
    "netmask_arr_count"
      int => readstringarray(
        "netmask_arr",
        "$(netmask)",
        "\s*#[^\n]*",
        ":",
        "inf",
        "inf"
      ),
      comment => "Will look like netmask_arr[1] = prod/test/dr/etl";
    "netmasks"
      slist => getindices("netmask_arr");
classes:
  any::
    "net_$(netmask_arr[$(netmasks)][1])"
      expression => iprange("$(netmasks)");
    "net_prod"
      and => { "!net_prod", "!net_test" },
      comment => "Default to prod if we didn't match prod or test";
    "net_unknown"
      expression => classmatch("^net_(?!(prod|test))[^_]+$"),
      comment => "Was a network found which wasn't prod or test?";
  net_prod&net_test::
    "g_net_cleaned"
      expression => usemodule("lower_class.sh", "net_prod"),
      comment    => "Lower net_prod class if net_test is also set :/";


I had to add the module to lower the net_prod class because these AIX systems 
were also sometimes getting both net_prod and net_test raised, even though only 
one netmask in the file matched.

This is only happening with version 3.1.4 on AIX; I don't have any other 
version compiled on AIX, but the same behavior does not happen with 3.1.4 on 
HP-UX (even though the HP systems have similar network layouts).

Any thoughts on what might be going on here?  I'm particularly interested in 
any thoughts on what the heck would be causing it to behave differently when 
run by root on the command line, v/s being run by root from cf-execd.  It 
consistently behaves the same when run in the same way, but consistently 
behaves differently between manual v/s cf-execd. :/

_______________________________________________
Help-cfengine mailing list
Help-cfengine@cfengine.org
https://cfengine.org/mailman/listinfo/help-cfengine