|
| From: | Marco van Beek |
| Subject: | Re: convergence and undoing changes |
| Date: | Sat, 19 Nov 2005 11:00:35 +0000 |
| User-agent: | Mozilla Thunderbird 1.0.7 (Windows/20050923) |
Hi,Just to add further confusion into the equation, I am managing ShoreWall via CFEngine. If you get that wrong you can never undo the changes because the client can no longer contact the server, so you have to correct it manually.
Perhaps one solution would be to look at a panic script that would run in certain events. It would enable a user to write a cfengine script that (for example, in my case) would disable the firewall, run update.conf to download the latest cfengine files from the server, and restart the firewall again.
The other thing I have managed to do is to edit cfservd.conf in the repository, with a configuration that denied all connections, and then had to edit the live copy to get it all to work again (which was then promptly overwritten by the bad version again. duh!).
Regards, Marco.
| [Prev in Thread] | Current Thread | [Next in Thread] |