help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

cfengine audit scripts


From: David J. Bianco
Subject: cfengine audit scripts
Date: 14 Apr 2003 08:37:29 -0400

I recently posted regarding some scripts I use to audit the machines
which are supposed to be running cfengine.  Specifically, cfengine 
provides no negative feedback, in the sense that if I configure cfengine
on a machine, and it later stops running, I get no notification.  This
can happen fairly often, either when the cfengine processes die or when
the OS is reinstalled.  Since I wanted to know when cfengine wasn't
running properly, I wrote a couple of scripts to help me out.  In 
response to a few requests I got, I'm attaching them to this email.

On my cfengine master server, I run them from cron, like this:

# Automatically rebuild the list of the cfengine clients each night.
# This is based on the public keys cfengine has registered for it's
# clients.
# This only needs to run on the master.
16 3 * * * /local/cfengine/bin/mkcfrunhosts | /bin/sort >
/local/cfengine/etc/cfrun.hosts 
#
# Check the list of all cfengine hosts (generated above) to see which
# ones are up and responding to cfservd requests.  Mail a report to the 
# cfengine alias summarizing the down hosts.
23 4 * * 5 /local/cfengine/bin/cfaudit

Notice that mkcfrunhosts generates a list of hosts that *should* be
running cfengine, based on the keys in the server's ppkeys directory.
Then cfaudit reads this list later, and runs cfrun against each host in
that list.  It summarizes only the errors, and mails them to the 
administrator's email address (defined in the script).  There are a 
couple of lines in each script that you'll need to customize for your
site, where I've explicitly included my domain name or an email address.
I've marked them, so search for "Customize" and make the appropriate 
changes.

I'm sure there are lots of corrections and enhancements people can 
make to these.  If you do, please consider sharing them so we can all
benefit.

        Thanks,
          David


-- 
David J. Bianco <bianco@jlab.org>
Thomas Jefferson National Accelerator Facility

Attachment: cfaudit
Description: Text Data

Attachment: mkcfrunhosts
Description: Text Data


reply via email to

[Prev in Thread] Current Thread [Next in Thread]