RE: Defining a Class based on ShellCommand Output or No Output

[Martin, Jason H]

You use netstat -an|grep LISTEN to see if port 898 is open intead of
nmap.
You can also use the ExecResult and RegCmp statements to get that data,
although a ReturnsZero is probably more direct.

-Jason Martin


-----Original Message-----
From: help-cfengine-bounces+jason.h.martin=cingular.com@gnu.org
[mailto:help-cfengine-bounces+jason.h.martin=cingular.com@gnu.org]On
Behalf Of Brian E. Seppanen
Sent: Thursday, August 04, 2005 12:39 PM
To: help-cfengine@gnu.org
Subject: Defining a Class based on ShellCommand Output or No Output


Hi folks:

I'm trying to define a test that will turn off the solaris management 
console on a large number of servers (Solaris 8 and Solaris 9).  after 
patching solaris servers smc is always re-enabled.  The question of 
whether it should be installed in the first place is beyond the scope of

the question I'm trying to resolve.  It would seem that in the
development 
of smc that it has changed quite a bit.  On smc 2.1 I can use 
(FileExists(/var/run/smc898)) to evaluate a class to shut the service
off 
and then disable /etc/rc2.d/S80wbem.  However, on a solaris 8 host I've 
tried it on it doesn't create /var/run/smc898, and runs as smcboot. 
Another solaris 8 host will run smcboot quickly and then spawn a java 
process.  On Solaris 9 it runs as a java process.  So sometimes the 
process might be visable as smcboot, or it might be a java process.
The 
difference no doubt tied to the smc version rather than the host OS 
version.   Anyways, the one method that should work in the default 
environment on any host OS is to test to see if port 898 is open, if
port 
898 is running then define class to kill the process and disable the
init 
script.   I'd prefer not to involve nmap.

Ultimately I'd rather not create another script that cfengine evaluates 
with ReturnsZero.   Is there some method already available in 
cfengine-2.1.10, cfengine-2.1.13 that will permit you to run a shell 
commands and if you have output activate the class, if you get no output

don't define the class.   What I'd like to do is do somehow take 
/usr/bin/netstat -an | /usr/bin/grep 898, and if I get output shutdown
the 
process, and disable the init script.   If I get no output then no
action 
is required.   As it stands today at a set time I execute 
/etc/init.d/init.wbem stop, but I get a lot of email output for a 
non-convergent action, and so I get that same email from every host
every 
day.

Can someone guide me in the right direction on how to accomplish this. 
I'm hoping I don't need a script.    Perhaps this is what methods or 
modules do...   I just don't know.

Thanks for your help.   My email box will thank you a hundred times
over.

Brian Seppanen
608.826.1464


_______________________________________________
Help-cfengine mailing list
Help-cfengine@gnu.org
http://lists.gnu.org/mailman/listinfo/help-cfengine