[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Where is workdir?
|
From: |
Marion Hakanson |
|
Subject: |
Re: Where is workdir? |
|
Date: |
Tue, 29 Oct 2002 16:24:28 -0800 |
It's clear to me that you've thought this through very thoroughly,
and that you feel very strongly about your conclusions. I'm more
than willing to be educated about the possible shortcomings of my
suggestions.
> > People change it for all kinds of reasons, good, bad, and indifferent.
> > What is the risk of providing a preset (read-only) variable to help out
> > the cfengine programmer who has to deal with such a situation?
> > . . .
>
> This is definitely undesirable. The aim of a trusted directory is
> preceisly to avoid this. If you want to keep input files elsewhere
> then use CFINPUTS, otherwise I recommend using the defaults.
Precisely to avoid what? What is the risk of passing along to a cfengine
program the compiled-in, unchangeable value (read-only macro) of the default
workdir? How does that make the directory any less trusted?
CFINPUTS is not sufficient. The "update.conf" program updates the
WORKDIR/bin/ directories as well. I trust CFINPUTS less than a
compiled-in value, too.
Here's (sort of) what I'm doing now:
linux::
workdir = ( /var/cfengine )
cf_install_dir = ( /usr/sbin )
sunos_5_6::
workdir = ( /var/local/cfengine2 )
cf_install_dir = ( /usr/local/sbin )
sunos_5_8|sunos_5_9::
workdir = ( /var/opt/addons/cfengine204 )
cf_install_dir = ( /opt/addons/sbin )
This approach does not support the occasional need to run with _two_
versions of cfengine installed on the same machine (for testing purposes).
I trust the above less than using a compiled-in value, too.
In my opinion, having a reference to the compiled-in WORKDIR, or at the
least to the version of cfengine running the program, would make the
resulting cfengine program more robust.
Regards,
--
Marion Hakanson <hakanson@cse.ogi.edu>
CSE Computing Facilities