Re: dividing into imports

[John Smith]

I'm 99.999% sure no other instances are started, especially through cron.
This is a testbox for cfengine, crontab is empty and I run each cfengine
with a launch.sh, (see below) which cleans out cron after cfexecd runs.
What I forgot to mention was that this is an older version: 2.1.10, 
because it is the only common one we could get over all platforms.

I am building a separate test environment at the moment to track down
this specific problem. Will keep you posted on my findings.

Sincerely,

Jan.

PS. Is help-cfengine@gnu.org down, since I don't get any mails from
it at the moment, but you _do_ answer? ;-)
=======================================================================

#!/bin/sh
# COMMENTEDOUT='# '
COMMENTEDOUT=
NOWS=$(date +%S)
NOWS=${NOWS#0}
NOWM=$(date +%M)
NOWM=${NOWM#0}
NOWH=$(date +%H)
NOWH=${NOWH#0}
FROMNOW=1
if [[ $NOWS > 58 ]] ; then
  FROMNOW=2
fi
MIN=$(((${NOWM}+${FROMNOW})%60))
HOUR=$(((${NOWH}+((${NOWM}+${FROMNOW})/60))%24))
time (crontab -l ; echo $COMMENTEDOUT$MIN' '$HOUR' * * * echo "[d-i] 
[postinstall] -run cfexecd-" ; /usr/sbin/cfexecd -F ; (crontab -l | grep -v 
/usr/sbin/cfexecd) | crontab -') | crontab -

=======================================================================

On Sat, 21 Jan 2006 08:25:35 +0100
Mark Burgess <Mark.Burgess@iu.hio.no> wrote:

> 
> I think that the only way this could happen (if I understand you
> correctly) is if another instantiation of cfengine starts while you are
> still copying the files across). Could this come from cron? Maybe you
> need to make sure the copying happens quickly, or block the start of an
> update while copying is taking place. You could do this by creating a
> lock file like touch /etc/nocfengine and making actions conditional on
> this??
> 
> I am not sure this is a correct diagnosis. What do you think? 
> 
> M
> 
> On Fri, 2006-01-20 at 22:32 +0100, John Smith wrote:
> > Hi All,
> > 
> >     situation:
> > 
> >     bunch of servers and workstations, linux, bsd, solaris, hpux.
> > 
> >     there was a 1st attempt to use cfengine, but this was used 
> > only to prevent known errors to ocure again (corrective).
> > 
> >     new project to roll out all servers anew, from installation
> > servers, including cfengine in the 'paranoid' setting (installation,
> > configuration, detection and correction).
> > 
> >     Divided my cfengine server from out of a cvs server into
> > four separte policy environments, old, old-test, new and new-test 
> > (with automatic transfer mechanisms for hosts between the different 
> > environments), with a common update.conf which decides which 
> > cfagent.conf from which environment a client gets, based on the 
> > following criteria:
> > 
> >     iprange
> >     os
> >     domain 
> >     policy (group membership)
> > 
> >     Commonly used variables are also centrally defined.
> > 
> >     The first criteria are defined as classes and groups and
> > stored in a 'general.classes'. The second in a 'general.main' and
> > consists of 1 large control section (without an actionsequence).
> > 
> >     Each policy environment consists of a cfagent.conf that
> > does as little as possible except for to import the common 
> > 'general.*' files and the policies own cfagent.* files and define
> > an actionsequence. Purpose of the cfagent.* files to compartmentalize
> > and share application settings among policies.
> > 
> >     The cfagent.conf (and policy dependent files) distribution
> > according to policy, goes well. We even defined an 'alien' class
> > for hosts that are not part of any policy and that get reported and
> > taken care of very well.
> > 
> >     problem:
> > 
> >     It is with the action sequence that I run into trouble.
> > 
> >     Decesision was made for each cfexecd -F run to copy all 
> > for the client relevant files from a central server, based on classes 
> > etc. into a local data repository which at the end is copied in 1 go 
> > into the live filesystem. It's purpose is to correct errors under a 
> > DOS attack and directly after a reboot.
> > 
> >     First action is then 'copy', which is divided into multiple
> > server to local repository copies and 1 final repository to /. All 
> > following actions are policy dependent.
> > 
> >     My main problem is that the actions are started before the
> > final copy (from the local repository to the live filesystem) is 
> > finished. And yes, there is only one copy: statement.
> > 
> >     I tried several things (defines at the end of each copy
> > statements to enforce sequence -they do not-, run everything 
> > from 1 cfagent.conf), I can't get it to work.
> > 
> >     I presume that I make a fundamental mistake somewhere, so
> > that's the main reason for this elaborate description.
> > 
> >     Can somebody please give a hint of what I do wrong or give
> > a general description on how to take care of this problem.
> > 
> > Sincerely,
> > 
> > Jan.
> > 
> > 
> > _______________________________________________
> > Help-cfengine mailing list
> > Help-cfengine@gnu.org
> > http://lists.gnu.org/mailman/listinfo/help-cfengine
>