help-cfengine
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

"Warning: Redefinition of macro" etc


From: Sami J. Mäkinen
Subject: "Warning: Redefinition of macro" etc
Date: Sat, 05 Jun 2004 12:11:10 +0300
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040113


Hello. I am new to cfengine, and I pretty much love it.

We are using it on our RHEL3ES (Red Hat Enterprise Linux 3 ES)
machines in order to finish the settings after an automated
kickstaft network (PXE) installation . Actually, all the kickstart
does is the actual installation: partition disks, make filesystems,
install software, install boot loader and set the network parameters
and such. And most importantly, bootstrap cfengine.

Our goal is to minimize tasks done during kickstart and maximize
tasks done by cfengine. The installation can be repeated easily,
because all the host keys (ssh host keys, cfengine keys) are made
on the boot/installation server and included into the postinstall-phase
script of the kickstart configuration file of each host.
So the keys will not change on a reinstallation of a certain machine.


I have a couple of small but annoying problems, though.

1) cfkey

   AFAIK the cfkey program does not take any command line arguments.
   So it is not possible to generate "additional" keys for another
   machine into a separate directory or file. OK, I built a statically
   linked binary of cfkey and run it chrooted. Then I dig out the keys
   from the chroot jail and make a tar.bz2 of the key files and
   incorporate that into the kickstart configuration, like this:

(
  cd /
  perl -MMIME::Base64 -ne 'print decode_base64($_)' <<EOF \
    | tar xvjf -
QlpoOTFBWSZTWdWjGg4ABnN/huyQAEBAD//zv///8P////AAAIIAAAhgBt8kPvted7O+73l2557u
69c7b7tn3ufeIpomTTFP0Rk002kaZKfqnpgyZNGBqPSJBpptTQxFAjRgTBD1DJqeCYTNGhNMpgjU
9ENGgCoGqeTRsqeoZpP0JP0yptJ+VPNEnlDano01DQAAERCmp+1GnlMTMRGJpiNU9qZtIj0maTJo
...
)

  The base64-encoded tar.bz2 extracts itself into /var/cfengine and creates
  the necessary empty directories and most importantly, the host keys.

  This works for me, but it would be helpful if cfkey would know how to
  generate keys on alternative location. Just like ssh-keygen does.


2) "Warning: Redefinition of macro"

   I have written a couple of shellscripts to "profile" certain files.
   The first case is to symlink a file, for example /etc/resolv.conf
   depending of a "profile" variable derived from cfengine.
   I call this script "cflink". The second task is to generate a "base"
   configuration and possibly add more lines from a "group profile"
   and a "host profile file".

   The scripts are quite short, so I include them here since someone
   might find them useful.

--- 8< ---
#!/bin/sh
# $Id: cflink,v 1.4 2004/06/04 12:34:44 cfengine Exp $

PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
export PATH
umask 022

host=`hostname`
group='-'
for l in $*
do
    case "$l" in
    -*)
        group=`echo $l | sed -e 's/^-//'`
        ;;
    *)
        lf=`basename $l`
        [ -d $l.d -a -r $l.d/$lf.DEFAULT ] || continue
        touch $l.$$.tmp || continue
        rm -f $l.$$.tmp
        if [ -s $l.d/$lf.$host ]
        then
            ln -s $l.d/$lf.$host $l.$$.tmp
        elif [ -s $l.d/$lf.$group ]
        then
            ln -s $l.d/$lf.$group $l.$$.tmp
        else
            ln -s $l.d/$lf.DEFAULT $l.$$.tmp
        fi
        mv $l.$$.tmp $l
        ;;
    esac
done
exit 0
--- 8< ---
#!/bin/sh
# $Id: cfcat,v 1.5 2004/06/04 12:37:25 cfengine Exp $

PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin
export PATH
umask 022

host=`hostname`
group='-'
for l in $*
do
    case "$l" in
    -*)
        group=`echo $l | sed -e 's/^-//'`
        ;;
    *)
        lf=`basename $l`
        [ -d $l.d -a -r $l.d/$lf.BASE ] || continue
        touch $l.$$.tmp || continue
        cat $l.d/$lf.BASE > $l.$$.tmp
        [ -s $l.d/$lf.$group ] && cat $l.d/$lf.$group >> $l.$$.tmp
        [ -s $l.d/$lf.$host ] && cat $l.d/$lf.$host >> $l.$$.tmp
        cmp -s $l $l.$$.tmp || mv $l.$$.tmp $l
        rm -f $l.*.tmp
        ;;
    esac
done
exit 0
--- 8< ---

For cflink, I may create a directory /etc/resolv.conf.d/ and make the
files resolv.conf.DEFAULT and resolv.conf.xyzzy in there.
If the machine profile is xyzzy, resolv.conf will be symlinked
to the file resolv.conf.d/resolv.conf.xyzzy, otherwise the symlink
will be -> resolv.conf.d/resolv.conf.DEFAULT.

For cfcat, the "default" file is a BASE file that will include a base
configuration. There may be more lines coming from a group-specific
file and/or a host-specific file. The file /etc/sudoers is a potential
target for this approach.

And now the problem itself. All of above works fine. But the cfengine
configuration says something like this:

--- 8< ---
groups:
  # Logical groups
  KLO           = ( ruuvi naula niitti pultti nasta koukku )
  Luukku        = ( katto lippu mato pato posti roska suksi
                    taka tarjoilu tuhka )
  LuukkuSMTP    = ( mato pato posti roska tarjoilu )

  # Hardware-based groups
  hw_SE7501WV2  = ( KLO LuukkuSMTP lippu suksi tuhka )
  hw_SCB2       = ( katto taka )
  hw_X345       = ( vanne )

  # Time-based groups
  resync_local  = ( Hr22.Min10_15 Hr22.Min15_20 Hr22.Min20_25 )


control:
  actionsequence = ( copy directories files links editfiles
                     disable shellcommands tidy )

  # System variables
  SplayTime             = ( 3 )
  domain                = ( almamedia.fi )
  timezone              = ( EET )
  smtpserver            = ( ... )
  sysadm                = ( ... )
  EmailMaxLines         = ( 65535 )
  Verbose               = ( off )
  Warnings              = ( off )
  editfilesize          = ( 65535 )
  repository            = ( /var/cfengine/repository )
  ExcludeCopy           = ( "*~ *% #* *,v core *.core" )
  AllowRedefinitionOf   = ( host_profile )

  # User variables
  policyhost    = ( ... )
  master_files  = ( /data/Linuxlandia/cfengine/files )
  ...
  cfcat_list    = ( "/etc/lvp.conf /etc/sudoers /etc/sysctl.conf" )
  cflink_list   = ( "/etc/hosts.allow /etc/resolv.conf /etc/syslog.conf" )

  any::         host_profile = ( "-" )
  KLO::         host_profile = ( "KLO" )
  Luukku::      host_profile = ( "Luukku" )
  LuukkuSMTP::  host_profile = ( "LuukkuSMTP" )

...

shellcommands:
  "/etc/NWS/cfcat -$(host_profile) $(cfcat_list)" timeout=5
  "/etc/NWS/cflink -$(host_profile) $(cflink_list)" timeout=5
  "/bin/sh -c 'echo $(host_profile) > /etc/NWS.host_profile'" timeout=5
--- 8< ---

I have tried to switch warnings off AND tell cfengine that
it is okay to redefine the variable (or macro) called host_profile.

I will get the following messages into my /var/cfengine/outputs
on each run of cfexecd -F from cron:

cfengine::/var/cfengine/inputs/cfagent.conf:48: Warning: Redefinition of macro 
host_profile=Luukku
cfengine::/var/cfengine/inputs/cfagent.conf:49: Warning: Redefinition of macro 
host_profile=LuukkuSMTP

This is most annoying, because I don't know how to prevent it,
and it fills my outputs-dir with noise.


3) cfcat and cflink

   I would guess that the features provided by cflink/cfcat are often needed.
   It would be very nice to have such capability in cfengine itself.
   Or, if similar functionality can be achieved in another way, please tell me!
   Mark, you may include those scripts into cfengine contrib or such
   if you think they would be useful.


Thanks for any help or advice,

-sjm




reply via email to

[Prev in Thread] Current Thread [Next in Thread]