[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fwd: Re: ${clientip} ?]

From: Chip Seraphine
Subject: Re: [Fwd: Re: ${clientip} ?]
Date: Mon, 25 Oct 2004 12:10:46 -0500
User-agent: Mozilla Thunderbird 0.8 (X11/20040916)

FWIW, that's basically what I'm doing. I keep a list of all my clients on the server (the list is nfs-exported, and they AppendIfNoSuchLine their name to it) and have a script that runs (on the server) down that list and appends a copy stanza to a cf.clients file. That copy stanza then fetches (via cfengine copy) the /var/cfengine/hostlib directory from each client and sticks it in a .../cfengine/lib/perhost/$CLIENTNAME/ directory.

It's fairly trivial, but if you are interested let me know and I'll send you the script that generates the cf.clients file.

Yes, that means that cfservd has to run everywhere, but I'd do that anyway as a recovery tool. (If sshd fails on a machine that does not have an accessible console, I can use cfrun to kick off cfagent, which restarts sshd.)

Ed Brown wrote:

You're right, cfengine copy is a simpler solution for collecting files
to a central location than scp, but it does require that cfservd be
running on all the clients, something we don't do now.  And it requires
that the datafile to be collected be generated by a process not coupled
with the collection process.  I'm not very clear about remote methods,
but my thought was that they might be a way to connect to a remote
server, run commands there, and return data, all within cfengine, not
even necessarily involving file transfers.
I don't know about Tod's purposes, but I think Tim's comment about
updating a central database is really the right direction for what I had
in mind, which is to have a single location for a variety of info(system
stats, hardware info, installed packages/versions...).  Cfengine could
distribute and run the script to do this, or a module could provide even
tighter coupling, to take advantage of defined classes, or to define
other classes...

On Fri, 2004-10-22 at 00:44, Mark Burgess wrote:
I do not understand the logic of using scp here. copy is still
a better solution in that case. I am not sure why you need a remote
method here at all. If you are collecting a file and simply wwant
to copy it to a hostname dependenent place, but put the hostname
in the destination file?


rhost = ( a:b:c )


/from dest=$(rhost)-copy server=$(rhost)


On Thu, Oct 21, 2004 at 04:21:48PM -0700, Tod Oace wrote:
On Oct 21, 2004, at 16:12, Ed Brown wrote:

I assume you are talking about 'remote methods'?

There's not much info in the documentation about it yet, but it sure sounds complex, if not to say convoluted.
Possibly. I don't have any opinion on that yet.

For one, I'm guessing it requires that cfservd be running everywhere.
I don't think so. If I understand it correctly the method call contacts a cfservd which then runs cfagent, runs the method and then returns results back to the caller. I just want to collect information on my cfengine servers which are already running cfservd. I don't think the method call tries to contact a cfservd on the client system.

I haven't tried the remote stuff yet. I'm just doing local calls while I develop my module. And right now I'm trying to figure out why this isn't matching infotype = syslog (to prevent "../filename"):

       valid_infotype = ( Regcmp("^[A-Za-z0-9]*$","${infotype}") )

"^.*$" works but anything I try with "^[...]*$" doesn't. But...this is a separate issue.

When I've considered data gathering schemes, I always end up back at the idea of scp-ing info back to the server, or somewhere, an idea with its own limitations and problems. I'd be interested in hearing if you are able to use cfengine for this.
Yeah, I'll probably have to do that if I can't make remote methods work. It still looks to me like it will, although I'm noticing ReadFile produced a bunch of nul padding. So I'll have to figure that out too. But aside from that I was able to copy up a file. Locally anyway. -Tod


On Thu, 2004-10-21 at 16:02, Tod Oace wrote:
(Dang, I don't understand lists that don't set the reply-to field to go to the list. To me, that's the whole point of a list, the discussion,
not to get private answers to questions, unless appropriate for some
Oh, and that case here's my reply to the list:

From: Ed Brown <address@hidden>
Date: October 21, 2004 14:56:55 PDT
To: Tod Oace <address@hidden>
Subject: Re: ${clientip} ?

Where I get stuck right away when considering something like this is
question of how to get information from the client to the server. It's
backwards to the normal flow of cfengine.  Did you already have a
mechanism for this in mind?
Yeah... A Cfengine method call. There's even an example in the
reference manual passing the first part of /etc/passwd:

search for: ReadFile("/etc/passwd"

So I *think* that takes care of the communication mechanism. I'm toying
with it now. But I'm also thinking about the step after that.  -Tod


On Thu, 2004-10-21 at 15:41, Tod Oace wrote:
I'm hoping to create a method to collect small bits of information
systems onto my cfengine servers. It seems like this will work fine
I'd also like to prevent systems from being able to clobber each
others' bits of information.

I think what I want is to stash information into files named
.../somedirectory/${clientip}/${infotype} where ${infotype} comes from
the client and ${clientip} is defined on the server end. But I'm
to find a variable like ${clientip}. I see forcereplyto but that's
defined by the client.

I would like this in order to collect and analyze files before I put
them under central cfengine control. I don't really need information
sandboxes for that kind of temporary information, but there is some
other system information I would like to protectection for. Stuff
defined on the systems that I want persistent across system builds.

Help-cfengine mailing list

Tod Oace, Intel Corporation <address@hidden>

Help-cfengine mailing list

Help-cfengine mailing list


Chip Seraphine
Unix Administrator
TradeLink, LLC

reply via email to

[Prev in Thread] Current Thread [Next in Thread]