Re: type=mtime

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: type=mtime

From:	Chip Seraphine
Subject:	Re: type=mtime
Date:	Sat, 18 Oct 2003 12:24:46 -0500 (CDT)

In my environment I worked around that particular problem by having the
default copy type set to 'chksum' one run a week (on the Sunday midnight
run).  The rest of the time, the default copy type is 'mtime'.

This has a nice bonus affect of allowing local tweaks to config files,
which the sysadmins appreciate.  For example, if somebody wants to change
the loglevel of a facility in syslog.conf to 'debug' while they hunt down
a problem, they can do so without cfengine stepping on them.  If they
forget to correct the change, the weekly run will see the differing
chksums and refresh the file.

Obviously, this is not terribly helpful for cases where the files are
modified maliciously or are broken, so I only use it for root-owned
configuration files (syslog.conf, /etc/hosts, ntp.conf,  etc...)

If that isn't good enough, you might be able to do this using filters or
by defining a class in the groups section something like this:

bad_mod_time_for_foo = ( "/bin/test /etc/foo -nt /master/etc/foo"
                         "/bin/test /master/etc/foo -nt /etc/foo" )

Haven't tried it, but it oughta work if your 'test' supports the -nt flag.

-Chip

"I had a falling out with God.  I wanted the Cubs to win the World Series
and he wanted them to continue to suck." - Andy Richter

On Fri, 17 Oct 2003, Akop Pogosian wrote:

> When you specify type=mtime in copy: section, the file gets copied
> only when the source version is newer. This works well if you assume
> that nothing other than cfengine disturbs the files on a client.
> However, I have run into a problem with some types of files. For
> example, we distribute /etc/mail/submit.cf using cfengine. Once in a
> while this file also gets replaced by a newer version by Solaris
> patches. After that happens, cfengine does not put back the old file
> unless I also update the source file's time stamp on the server. Is
> there a way to make cfengine copy files whenever the mtime of the
> source and destination files is not the same as opposed to what
> type=mtime does by default?
>
>
> -akop
>
>
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@gnu.org
> http://mail.gnu.org/mailman/listinfo/help-cfengine
>

[Prev in Thread]

Current Thread

[Next in Thread]

type=mtime, Akop Pogosian, 2003/10/17
- RE: type=mtime, Alexander Mattausch, 2003/10/18
- Re: type=mtime, Chip Seraphine <=

Prev by Date: Re: custom classes not defined?
Next by Date: Re: Editing Files In Particular Format
Previous by thread: RE: type=mtime
Next by thread: childlinks problem
Index(es):
- Date
- Thread