Josh Lothian wrote:
Has anyone come up with a more elegant solution to this problem?  I'd like
to implement something similar at my present employer.  I really
like the recursive copying approach rather than the one listed
on http://cfwiki.org/cfwiki/index.php/Singlecopy_Nirvana because it
doesn't require any changes to the cfengine configs to add new files to
be distributed.

Just click on the "discussion" link on that page. :)


Briefly, my setup is (err, was) something like this:

1) Everything is stored in CVS, cfengine inputs as well
   as the "overlay" directory tree that is copied to each host.

2) On the master server, a shell script is responsible of
   cvs update, cvs tagging and rsync-copy excluding the
   CVS metadata directories from the master directory that
   is finally copied to the clients.

3) The master overlay directory is copied (cfengine internal
   or external - rsync) to each client into /etc/NWS/,
   for example.

4) On each client, a special shell script is run.
   It will generate or symlink the files according to the
   hints found in the overlay directory hierarchy.

Recent development has moved the whole customization
process into the master server. The overlay directory
is generated for each individual host separately.

This way, you cannot see other host's configurations
(/etc/sudoers, passwd etc) on every host even if you
can get a root shell. Less information leakage.

Please contact me if you want me to contribute. :)

-sjm


_______________________________________________ Help-cfengine mailing list Help-cfengine@gnu.org http://lists.gnu.org/mailman/listinfo/help-cfengine

Reply via email to