Re: cfengine and revision control

[Russell Adams]

I do the same with the overlay directory. Good idea! ;]

Russell

On Mon, May 09, 2005 at 11:20:47PM +0300, "Sami J. M?kinen" wrote:
> 
> Josh Lothian wrote:
> >Has anyone come up with a more elegant solution to this problem?  I'd like
> >to implement something similar at my present employer.  I really
> >like the recursive copying approach rather than the one listed
> >on http://cfwiki.org/cfwiki/index.php/Singlecopy_Nirvana because it
> >doesn't require any changes to the cfengine configs to add new files to
> >be distributed.
> 
> Just click on the "discussion" link on that page. :)
> 
> 
> Briefly, my setup is (err, was) something like this:
> 
> 1) Everything is stored in CVS, cfengine inputs as well
>    as the "overlay" directory tree that is copied to each host.
> 
> 2) On the master server, a shell script is responsible of
>    cvs update, cvs tagging and rsync-copy excluding the
>    CVS metadata directories from the master directory that
>    is finally copied to the clients.
> 
> 3) The master overlay directory is copied (cfengine internal
>    or external - rsync) to each client into /etc/NWS/,
>    for example.
> 
> 4) On each client, a special shell script is run.
>    It will generate or symlink the files according to the
>    hints found in the overlay directory hierarchy.
> 
> Recent development has moved the whole customization
> process into the master server. The overlay directory
> is generated for each individual host separately.
> 
> This way, you cannot see other host's configurations
> (/etc/sudoers, passwd etc) on every host even if you
> can get a root shell. Less information leakage.
> 
> Please contact me if you want me to contribute. :)
> 
> -sjm
> 
> 
> _______________________________________________
> Help-cfengine mailing list
> Help-cfengine@gnu.org
> http://lists.gnu.org/mailman/listinfo/help-cfengine
> 
-----------------------------
Russell Adams
RLAdams@AdamsInfoServ.com
http://www.adamsinfoserv.com/