>>> "Eric Sorenson" <[EMAIL PROTECTED]> 05/18/05 5:27 PM >>>
> You would need to run cfservd on client machines if you wanted > to use 'cfrun' to trigger execution on them. Being a newbie here, I'll bite. Why would I want to run cfrun on a machine? Is it possible to push out a modification to cfagent.conf to start cfrun or cfservd, or should it be running as a daemon? I guess I'm a little confused on what needs to be running on the policy master vs. the clients. There are some main programs, and I don't know what they all do. I've read the reference here: http://www.cfengine.org/docs/cfengine-Reference.html And gotten the following from it. I've also read the tutorial, but that is more a of beginner's reference, not a tutorial. Maybe I'll try to do a beginner's how to on the wiki (I couldn't find one) for those of us bothering the more experienced of you out there. cfkey - generates keys for public-private pairs. Should really only be needed when first setting up a machine or when the keys need to be regenerated. cfshow - should only be run if you want to see when a host was last communicated with. cfagent - the meat of the system. Can either be run in daemon mode or via crontab. Either way, this needs to be run at certain intervals to get to the point of "convergence nirvana" on all hosts. cfservd - has to be running on the policy master (and backups) to distribute necessary information. Can run on non-policy master hosts for a number of reasons. cfexecd - I'm a little confused on this one. It says it is a wrapper for cfagent. Why does there need to be a wrapper? Does cfagent not have the flexibility of cfexecd? Is it bad to run cfagent via cron? cfenvd - mentioned with cfkey, but nothing very specific about what is does other than "detect anomalies" on the host on which it is running. cfenvgraph - run on demand to look for things if cfenvd is running. Since I'm a heavy RRDTool user, I really like graphs. This one should be cool to dive into. So, from what I gather, this is the what I need to have a successful minimalist cfengine environemt in this specific order: 1. cfenvd running for at least a week on every machine where I want to use cfengine. Keep this running if you want to use cfenvgraph later down the road. 2. cfkey to generate pub-priv key on same machines. 3. copy all pub keys from individual machines to the $cfengine/ppkeys in the format of user-ip.address.of.system.pub 4. cfservd running on the policy master. Can be running on non-masters for other purposes (like cfrun). 5. Generate an update.conf and put it in your masterfile location. 6. Generate a cfservd.conf ... 7. Generate a cfagent.conf ... 8. Test out (if possible) on the policy master. 9. Copy update.conf to all systems. 10. Roll it out. I know I'm probably being very dense about this, but I wanted to make sure I wrote everything down just to make sure I understand it all. Thanks, Paul _______________________________________________ Help-cfengine mailing list Help-cfengine@gnu.org http://lists.gnu.org/mailman/listinfo/help-cfengine
