[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fwd: Re: ${clientip} ?]

From: Tod Oace
Subject: Re: [Fwd: Re: ${clientip} ?]
Date: Fri, 22 Oct 2004 11:05:28 -0700

On Oct 22, 2004, at 10:30, Ed Brown wrote:

I think Mark is assuming that cfservd runs everywhere, not just on your
actual policyhost cfengine server.  So when cfagent runs on your
policyhost, it actually specifies the clients in the server=<...> field
of the copy command.  It gets confusing, sort of turns around the usual
idea of server/client, really creating more of a peer-to-peer kind of

Oh, yeah, you're probably right.

In order to do that I'd have to have the policy hosts iterate through big lists of systems. And I'd have to manage those lists. And it would take a long time to get through them. And I'd have to start cfservd on all the individual systems. I'm pretty sure I don't even want to attempt doing that. I'd much rather have the individual systems push up to the policy hosts rather than having the policy hosts pull it up.

The syslog-ng discussion is interesting. Seems like it would work very well for one liner bits of information (even with regular syslog) but I'm skeptical about passing multi-line text that way. -Tod


On Fri, 2004-10-22 at 10:00, Tod Oace wrote:
On Oct 21, 2004, at 23:44, Mark Burgess wrote:

I do not understand the logic of using scp here. copy is still
a better solution in that case. I am not sure why you need a remote
method here at all. If you are collecting a file and simply wwant
to copy it to a hostname dependenent place, but put the hostname
in the destination file?

I think we're talking about two different things here.

I want to collect /etc/syslog.conf from all my systems onto my cfengine
copy: cannot copy *to* a cfservd, right?

Another week it'll be another file. So I want some method to collect up all of some arbitrary file from all my systems in order to find out how
I want cfengine to manage all of them. Ideally I would already know
(i.e. Bootstrapping an Infrastructure), but I have a lot of history
here to deal with yet.

Anyway, that's what I'm trying to do. Copy *up* to a central cfservd.


 rhost = ( a:b:c )


 /from dest=$(rhost)-copy server=$(rhost)


On Thu, Oct 21, 2004 at 04:21:48PM -0700, Tod Oace wrote:
On Oct 21, 2004, at 16:12, Ed Brown wrote:

I assume you are talking about 'remote methods'?


There's not much info in the documentation about it yet, but it sure
sounds complex, if not to say convoluted.

Possibly. I don't have any opinion on that yet.

For one, I'm guessing it requires that cfservd be running everywhere.

I don't think so. If I understand it correctly the method call
a cfservd which then runs cfagent, runs the method and then returns
results back to the caller. I just want to collect information on my
cfengine servers which are already running cfservd. I don't think the
method call tries to contact a cfservd on the client system.

I haven't tried the remote stuff yet. I'm just doing local calls while
I develop my module. And right now I'm trying to figure out why this
isn't matching infotype = syslog (to prevent "../filename"):

        valid_infotype = ( Regcmp("^[A-Za-z0-9]*$","${infotype}") )

"^.*$" works but anything I try with "^[...]*$" doesn't. But...this is
a separate issue.

When I've considered data gathering schemes, I always end up back at
the idea of scp-ing info back to the server, or somewhere, an idea
with its own limitations and problems. I'd be interested in hearing
if you are able to use cfengine for this.

Yeah, I'll probably have to do that if I can't make remote methods
work. It still looks to me like it will, although I'm noticing
produced a bunch of nul padding. So I'll have to figure that out too.
But aside from that I was able to copy up a file. Locally anyway.


On Thu, 2004-10-21 at 16:02, Tod Oace wrote:
(Dang, I don't understand lists that don't set the reply-to field
to the list.  To me, that's the whole point of a list, the
not to get private answers to questions, unless appropriate for

Oh, and that case here's my reply to the list:

From: Ed Brown <address@hidden>
Date: October 21, 2004 14:56:55 PDT
To: Tod Oace <address@hidden>
Subject: Re: ${clientip} ?

Where I get stuck right away when considering something like this
question of how to get information from the client to the server.
backwards to the normal flow of cfengine.  Did you already have a
mechanism for this in mind?

Yeah... A Cfengine method call. There's even an example in the
reference manual passing the first part of /etc/passwd:

search for: ReadFile("/etc/passwd"

So I *think* that takes care of the communication mechanism. I'm
with it now. But I'm also thinking about the step after that. -Tod


On Thu, 2004-10-21 at 15:41, Tod Oace wrote:
I'm hoping to create a method to collect small bits of information
systems onto my cfengine servers. It seems like this will work
I'd also like to prevent systems from being able to clobber each
others' bits of information.

I think what I want is to stash information into files named
.../somedirectory/${clientip}/${infotype} where ${infotype} comes
the client and ${clientip} is defined on the server end. But I'm
to find a variable like ${clientip}. I see forcereplyto but that's
defined by the client.

I would like this in order to collect and analyze files before I
them under central cfengine control. I don't really need
sandboxes for that kind of temporary information, but there is
other system information I would like to protectection for. Stuff
defined on the systems that I want persistent across system

Help-cfengine mailing list

-- Tod Oace, Intel Corporation <address@hidden>

Help-cfengine mailing list


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~
Work: +47 22453272            Email:  address@hidden
Fax : +47 22453205            WWW  :
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~

Tod Oace, Intel Corporation <address@hidden>

reply via email to

[Prev in Thread] Current Thread [Next in Thread]