diff options
Diffstat (limited to 'doc')
-rw-r--r-- | doc/appendix/guides/centos.txt | 8 | ||||
-rw-r--r-- | doc/appendix/guides/fedora.txt | 2 | ||||
-rw-r--r-- | doc/appendix/guides/import-existing-ssh-keys.txt | 128 | ||||
-rw-r--r-- | doc/appendix/guides/ubuntu.txt | 4 | ||||
-rw-r--r-- | doc/appendix/guides/web-reports-install.txt | 7 | ||||
-rw-r--r-- | doc/reports/dynamic.txt | 2 | ||||
-rw-r--r-- | doc/reports/static.txt | 2 | ||||
-rw-r--r-- | doc/server/plugins/generators/nagiosgen.txt | 2 | ||||
-rw-r--r-- | doc/server/plugins/generators/tcheetah.txt | 8 | ||||
-rw-r--r-- | doc/server/plugins/generators/tgenshi/clientsxml.txt | 6 | ||||
-rw-r--r-- | doc/server/plugins/generators/tgenshi/index.txt | 2 | ||||
-rw-r--r-- | doc/server/plugins/generators/tgenshi/test.txt | 34 | ||||
-rw-r--r-- | doc/server/plugins/probes/group.txt | 8 | ||||
-rw-r--r-- | doc/server/plugins/probes/index.txt | 10 | ||||
-rw-r--r-- | doc/server/plugins/statistics/dbstats.txt | 2 |
15 files changed, 180 insertions, 45 deletions
diff --git a/doc/appendix/guides/centos.txt b/doc/appendix/guides/centos.txt index db463b210..b0321eebc 100644 --- a/doc/appendix/guides/centos.txt +++ b/doc/appendix/guides/centos.txt @@ -248,7 +248,7 @@ arch group membership. For this, we will make use of the Probes to your plugins line in ``bcfg2.conf`` and create the Probe.:: [root@centos ~]# grep plugins /etc/bcfg2.conf - plugins = Base,Bundler,Cfg,Metadata,Packages,Probes,Rules,SSHbase + plugins = Base,Bundler,Cfg,...,Probes [root@centos ~]# mkdir /var/lib/bcfg2/Probes [root@centos ~]# cat /var/lib/bcfg2/Probes/groups #!/bin/sh @@ -259,8 +259,8 @@ Now we restart the bcfg2-server:: [root@centos ~]# /etc/init.d/bcfg2-server restart -If you tail ``/var/log/syslog`` now, you will see the Packages plugin in -action, updating the cache. +If you now ``tail -f /var/log/messages``, you will see the Packages +plugin in action, updating the cache. Start managing packages ----------------------- @@ -569,4 +569,4 @@ Now we run the client and see there are no more unmanaged entries! :: Dynamic (web) reports ===================== -See installation instructions at :ref:`server-reports-install` +See installation instructions at :ref:`reports-dynamic` diff --git a/doc/appendix/guides/fedora.txt b/doc/appendix/guides/fedora.txt index 1dd4f6db0..f32eaa8c6 100644 --- a/doc/appendix/guides/fedora.txt +++ b/doc/appendix/guides/fedora.txt @@ -139,7 +139,7 @@ The ``bcfg2.conf`` file contains only standard plugins so far. [server] repository = /var/lib/bcfg2 - plugins = Base,Bundler,Cfg,Metadata,Pkgmgr,Rules,SSHbase + plugins = SSHbase,Cfg,Pkgmgr,Rules,Metadata,Base,Bundler [statistics] sendmailpath = /usr/lib/sendmail diff --git a/doc/appendix/guides/import-existing-ssh-keys.txt b/doc/appendix/guides/import-existing-ssh-keys.txt new file mode 100644 index 000000000..d0f679b59 --- /dev/null +++ b/doc/appendix/guides/import-existing-ssh-keys.txt @@ -0,0 +1,128 @@ +.. -*- mode: rst -*- + +.. _appendix-guides-import-existing-ssh-keys: + +======================== +Import existing ssh keys +======================== + +.. note:: + + In order for the instructions in this guide to work, you will need + to first setup the :ref:`reporting system <reports-dynamic>` so that + the server has the information needed to create the existing + entries. + +This guide details the process for importing existing ssh keys into your +server repository. + +Add a bundle for ssh +==================== + +After verifying that SSHbase is listed on the plugins line in +``/etc/bcfg2.conf``, you need to create a bundle containing the +appropriate entries.:: + + cat > /tmp/ssh.xml << EOF + <Bundle name='ssh'> + <Path name='/etc/ssh/ssh_host_dsa_key'/> + <Path name='/etc/ssh/ssh_host_rsa_key'/> + <Path name='/etc/ssh/ssh_host_dsa_key.pub'/> + <Path name='/etc/ssh/ssh_host_rsa_key.pub'/> + <Path name='/etc/ssh/ssh_host_key'/> + <Path name='/etc/ssh/ssh_host_key.pub'/> + <Path name='/etc/ssh/ssh_known_hosts'/> + </Bundle> + +:: + + mv /tmp/ssh.xml /var/lib/bcfg2/Bundle + +Next, you need to add the ssh bundle to the client's metadata in +groups.xml. + +Validate your repository +======================== + +Validation can be performed using the following command:: + + ``bcfg2-repo-validate -v`` + +Run the bcfg2 client +==================== + +:: + bcfg2 -vqn + +You will see the incorrect entries for the ssh files:: + + Phase: initial + Correct entries: 0 + Incorrect entries: 7 + Total managed entries: 7 + Unmanaged entries: 649 + + In dryrun mode: suppressing entry installation for: + Path:/etc/ssh/ssh_host_dsa_key Path:/etc/ssh/ssh_host_rsa_key + Path:/etc/ssh/ssh_host_dsa_key.pub Path:/etc/ssh/ssh_host_rsa_key.pub + Path:/etc/ssh/ssh_host_key Path:/etc/ssh/ssh_known_hosts + Path:/etc/ssh/ssh_host_key.pub + + Phase: final + Correct entries: 0 + Incorrect entries: 7 + Path:/etc/ssh/ssh_host_dsa_key Path:/etc/ssh/ssh_host_rsa_key + Path:/etc/ssh/ssh_host_dsa_key.pub Path:/etc/ssh/ssh_host_rsa_key.pub + Path:/etc/ssh/ssh_host_key Path:/etc/ssh/ssh_known_hosts + Path:/etc/ssh/ssh_host_key.pub + Total managed entries: 7 + Unmanaged entries: 649 + +Install the client's ssh keys into the Bcfg2 repository +======================================================= + +Now, we pull the ssh host key data for the client out of the uploaded +stats and insert it as host-specific copies of these files in +``/var/lib/bcfg2/SSHBase``.:: + + for key in ssh_host_dsa_key ssh_host_key; do + sudo bcfg2-admin pull <clientname> Path /etc/ssh/$key + sudo bcfg2-admin pull <clientname> Path /etc/ssh/${key}.pub + done + +This for loop pulls data that was collected by the bcfg2 client out of +the statistics file and installs it into the repository. This means that +the client will keep the same ssh keys and the bcfg2 server can start +generating a correct ssh_known_hosts file for the client. + +Run the bcfg2 client (again) +============================ + +:: + bcfg2 -vqn + +This time, we will only see 1 incorrect entry.:: + + Phase: initial + Correct entries: 6 + Incorrect entries: 1 + Total managed entries: 7 + Unmanaged entries: 649 + + In dryrun mode: suppressing entry installation for: + Path:/etc/ssh/ssh_known_hosts + + Phase: final + Correct entries: 6 + Incorrect entries: 1 + Path:/etc/ssh/ssh_known_hosts + Total managed entries: 7 + Unmanaged entries: 649 + +Now, the only wrong entry is the ssh_known_hosts file!, so go ahead +and install it:: + + bcfg2 -vqI + +After answering 'y' to the interactive prompt, the client will install +the known_hosts file successfully. diff --git a/doc/appendix/guides/ubuntu.txt b/doc/appendix/guides/ubuntu.txt index 595005018..54aa62cce 100644 --- a/doc/appendix/guides/ubuntu.txt +++ b/doc/appendix/guides/ubuntu.txt @@ -119,7 +119,7 @@ Replace Pkgmgr with Packages in the plugins line of ``bcfg2.conf``:: root@lucid:~# cat /etc/bcfg2.conf [server] repository = /var/lib/bcfg2 - plugins = Base,Bundler,Cfg,Metadata,Packages,Rules,SSHbase + plugins = SSHbase,Cfg,Packages,Rules,Metadata,Base,Bundler [statistics] sendmailpath = /usr/lib/sendmail @@ -207,7 +207,7 @@ Probes to your plugins line in ``bcfg2.conf`` and create the Probe. .. code-block:: sh root@lucid:~# grep plugins /etc/bcfg2.conf - plugins = Base,Bundler,Cfg,Metadata,Packages,Probes,Rules,SSHbase + plugins = Base,Bundler,Cfg,...,Probes root@lucid:~# mkdir /var/lib/bcfg2/Probes root@lucid:~# cat /var/lib/bcfg2/Probes/groups #!/bin/sh diff --git a/doc/appendix/guides/web-reports-install.txt b/doc/appendix/guides/web-reports-install.txt index af2e240fa..7ec7efb4e 100644 --- a/doc/appendix/guides/web-reports-install.txt +++ b/doc/appendix/guides/web-reports-install.txt @@ -136,7 +136,7 @@ Add DBStats to the plugins line of ``bcfg2.conf``. The resulting [server] repository = /var/lib/bcfg2 - plugins = Base,Bundler,Cfg,DBStats,Metadata,Packages,Probes,Rules,SSHbase + plugins = Base,Bundler,Cfg,...,DBStats Start/restart the Bcfg2 server:: @@ -148,8 +148,9 @@ statistics to the database). Download the static reports content:: + [root@system01 ~]# git clone git://git.mcs.anl.gov/bcfg2 [root@system01 ~]# cd /var/www/ - [root@system01 ~]# svn co https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2/reports + [root@system01 ~]# mv /path/to/bcfg2/checkout/reports ./ Configure Apache using :ref:`dynamic-http-install` as a guide @@ -159,7 +160,7 @@ then have something like this:: [server] repository = /var/lib/bcfg2 - plugins = Base,Bundler,Cfg,DBStats,Metadata,Packages,Probes,Rules,SSHbase + plugins = Base,Bundler,Cfg,...,DBStats [statistics] sendmailpath = /usr/lib/sendmail diff --git a/doc/reports/dynamic.txt b/doc/reports/dynamic.txt index f798529eb..0c65bc7d2 100644 --- a/doc/reports/dynamic.txt +++ b/doc/reports/dynamic.txt @@ -1,6 +1,6 @@ .. -*- mode: rst -*- -.. _server-reports-dynamic: +.. _reports-dynamic: ============================== Bcfg2 Dynamic Reporting System diff --git a/doc/reports/static.txt b/doc/reports/static.txt index 67ba38a14..00c1867f8 100644 --- a/doc/reports/static.txt +++ b/doc/reports/static.txt @@ -1,6 +1,6 @@ .. -*- mode: rst -*- -.. _server-reports-static: +.. _reports-static: ============================= Bcfg2 Static Reporting System diff --git a/doc/server/plugins/generators/nagiosgen.txt b/doc/server/plugins/generators/nagiosgen.txt index 0ab2868e8..8cd18ca4f 100644 --- a/doc/server/plugins/generators/nagiosgen.txt +++ b/doc/server/plugins/generators/nagiosgen.txt @@ -12,7 +12,7 @@ This page describes the installation and use of the `NagiosGen`_ plugin. Update ``/etc/bcfg2.conf``, adding NagiosGen to plugins:: - plugins = SSHbase,Cfg,Pkgmgr,Rules,TCheetah,TWbase,NagiosGen + plugins = Base,Bundler,Cfg,...,NagiosGen Create the NagiosGen directory:: diff --git a/doc/server/plugins/generators/tcheetah.txt b/doc/server/plugins/generators/tcheetah.txt index 5819bba96..8077d313e 100644 --- a/doc/server/plugins/generators/tcheetah.txt +++ b/doc/server/plugins/generators/tcheetah.txt @@ -19,7 +19,7 @@ engine from http://www.cheetahtemplate.org/. Once it is installed, you can enable it by adding ``TCheetah`` to the ``plugins`` line in ``/etc/bcfg2.conf`` on your Bcfg server. For example:: - plugins = Cfg,Metadata,Pkgmgr,Rules,SSHbase,TCheetah + plugins = Base,Bundler,Cfg,...,TCheetah The ``TCheetah`` plugin makes use of a ``Cfg``-like directory structure located in in a ``TCheetah`` subdirectory of your repository, usually @@ -28,7 +28,7 @@ files, ``template`` and ``info``. The template is a standard Cheetah template with two additions: * `self.metadata` is the client's :ref:`metadata <server-plugins-grouping-metadata-clientmetadata>` -* `self.metadata.Properties` is an xml document of unstructured data +* `self.metadata.Properties.data` is an xml document of unstructured data The ``info`` file is formatted like ``:info`` files from Cfg. @@ -47,10 +47,10 @@ self.metadata variables self.metadata is an instance of the class ClientMetadata and documented :ref:`here <server-plugins-grouping-metadata-clientmetadata>`. -self.metadata.Properties +self.metadata.Properties.data ======================== -Properties is a python `ElementTree <http://codespeak.net/lxml/>`_ +Properties.data is a python `ElementTree <http://codespeak.net/lxml/>`_ object, loaded from the data in ``/var/lib/bcfg2/Properties/<properties file>.xml``. That file should have a ``Properties`` node at its root. diff --git a/doc/server/plugins/generators/tgenshi/clientsxml.txt b/doc/server/plugins/generators/tgenshi/clientsxml.txt index 10be3232c..7305ba70d 100644 --- a/doc/server/plugins/generators/tgenshi/clientsxml.txt +++ b/doc/server/plugins/generators/tgenshi/clientsxml.txt @@ -22,7 +22,7 @@ There are two main advantages: thing to note is how the `name` variable is handled - when just referring to it the standard `${name}` syntax is used, but when it is used as a variable in the expression to get the password, - `password="${metadata.Properties['passwords.xml'].find('password').find('bcfg2-client').find(name).text}"`, + `password="${metadata.Properties['passwords.xml'].data.find('password').find('bcfg2-client').find(name).text}"`, it is just referred to as `name`. There is the disadvantage that sometimes 2 passes will be needed to get @@ -53,7 +53,7 @@ Possible improvements: profile="${profile}" name="${name}" uuid="${name}" - password="${metadata.Properties['passwords.xml'].find('password').find('bcfg2-client').find(name).text}" + password="${metadata.Properties['passwords.xml'].data.find('password').find('bcfg2-client').find(name).text}" address="${address}" location="fixed" secure="true" @@ -64,7 +64,7 @@ Possible improvements: profile="${profile}" name="${name}" uuid="${name}" - password="${metadata.Properties['passwords.xml'].find('password').find('bcfg2-client').find(name).text}" + password="${metadata.Properties['passwords.xml'].data.find('password').find('bcfg2-client').find(name).text}" location="floating" secure="true" />\ diff --git a/doc/server/plugins/generators/tgenshi/index.txt b/doc/server/plugins/generators/tgenshi/index.txt index 425b3a289..c1970ee0d 100644 --- a/doc/server/plugins/generators/tgenshi/index.txt +++ b/doc/server/plugins/generators/tgenshi/index.txt @@ -24,7 +24,7 @@ To install on CentOS or RHEL 5, run:: Once it is installed, you can enable it by adding ``TGenshi`` to the generators line in ``/etc/bcfg2.conf`` on your Bcfg server. For example:: - generators = SSHbase,Cfg,Pkgmgr,Svcmgr,Rules,TGenshi + plugins = Base,Bundler,Cfg,...,TGenshi The TGenshi plugin makes use of a Cfg-like directory structure located in in a TGenshi subdirectory of your repository, usually diff --git a/doc/server/plugins/generators/tgenshi/test.txt b/doc/server/plugins/generators/tgenshi/test.txt index 1348a0603..dca578434 100644 --- a/doc/server/plugins/generators/tgenshi/test.txt +++ b/doc/server/plugins/generators/tgenshi/test.txt @@ -45,8 +45,8 @@ This file just shows you what's available. It assumes a {% end %}\ Two main ways to get the same property value: - ${metadata.Properties['test.xml'].find('password').find('bcfg2').text} - ${metadata.Properties['test.xml'].xpath('password/bcfg2')[0].text} + ${metadata.Properties['test.xml'].data.find('password').find('bcfg2').text} + ${metadata.Properties['test.xml'].data.xpath('password/bcfg2')[0].text} One way to get information about metadata and properties: @@ -55,28 +55,28 @@ This file just shows you what's available. It assumes a ${var} \ {% end %} - dir(properties): - {% for var in dir(properties) %}\ + dir(metadata.Properties.data): + {% for var in dir(metadata.Properties.data) %}\ ${var} \ {% end %} - dir(properties.entries): - {% for var in dir(properties.entries) %}\ + dir(metadata.Properties.data.entries): + {% for var in dir(metadata.Properties.data.entries) %}\ ${var} \ {% end %} - dir(properties.label): - {% for var in dir(properties.label) %}\ + dir(metadata.Properties.data.label): + {% for var in dir(metadata.Properties.data.label) %}\ ${var} \ {% end %} - dir(properties.name): - {% for var in dir(properties.name) %}\ + dir(metadata.Properties.data.name): + {% for var in dir(metadata.Properties.data.name) %}\ ${var} \ {% end %} - dir(properties.properties): - {% for var in dir(properties.properties) %}\ + dir(metadata.Properties.data.properties): + {% for var in dir(metadata.Properties.data.properties) %}\ ${var} \ {% end %} @@ -113,13 +113,13 @@ this (below reformatted a little bit to fit in 80 columns):: __weakref__ all bundles categories get_clients_by_group get_clients_by_profile groups hostname inGrouppassword probes uuid - dir(properties): + dir(metadata.Properties.data): HandleEvent Index __class__ __delattr__ __dict__ __doc__ __getattribute__ __hash__ __identifier__ __init__ __iter__ __module__ __new__ __reduce__ __reduce_ex__ __repr__ __setattr__ __str__ __weakref__ entries label name properties - dir(properties.entries): + dir(metadata.Properties.data.entries): __add__ __class__ __contains__ __delattr__ __delitem__ __delslice__ __doc__ __eq__ __ge__ __getattribute__ __getitem__ __getslice__ __gt__ __hash__ __iadd__ __imul__ __init__ __iter__ __le__ __len__ __lt__ __mul__ __ne__ @@ -127,7 +127,7 @@ this (below reformatted a little bit to fit in 80 columns):: __setitem__ __setslice__ __str__ append count extend index insert pop remove reverse sort - dir(properties.label): + dir(metadata.Properties.data.label): __add__ __class__ __contains__ __delattr__ __doc__ __eq__ __ge__ __getattribute__ __getitem__ __getnewargs__ __getslice__ __gt__ __hash__ __init__ __le__ __len__ __lt__ __mod__ __mul__ __ne__ __new__ __reduce__ @@ -137,7 +137,7 @@ this (below reformatted a little bit to fit in 80 columns):: rfind rindex rjust rpartition rsplit rstrip split splitlinesstartswith strip swapcase title translate upper zfill - dir(properties.name): + dir(metadata.Properties.data.name): __add__ __class__ __contains__ __delattr__ __doc__ __eq__ __ge__ __getattribute__ __getitem__ __getnewargs__ __getslice__ __gt__ __hash__ __init__ __le__ __len__ __lt__ __mod__ __mul__ __ne__ __new__ __reduce__ @@ -147,7 +147,7 @@ this (below reformatted a little bit to fit in 80 columns):: rfind rindex rjust rpartition rsplit rstrip split splitlinesstartswith strip swapcase title translate upper zfill - dir(properties.properties): + dir(metadata.Properties.data.properties): __class__ __contains__ __copy__ __deepcopy__ __delattr__ __delitem__ __delslice__ __doc__ __getattribute__ __getitem__ __getslice__ __hash__ __init__ __iter__ __len__ __new__ __nonzero__ __reduce__ __reduce_ex__ diff --git a/doc/server/plugins/probes/group.txt b/doc/server/plugins/probes/group.txt index f529b8b3e..dfe64cc60 100644 --- a/doc/server/plugins/probes/group.txt +++ b/doc/server/plugins/probes/group.txt @@ -52,15 +52,15 @@ Probe used to dynamically set client groups based on OS/distro. # redhat based if [ -x /bin/rpm ]; then OUTPUT="${OUTPUT}\ngroup:rpm" - OS_GROUP=`bin/rpm -q --qf "%{NAME}" --whatprovides redhat-release | sed 's/-release.*//' | tr '[A-Z]' '[a-z]'` - REDHAT_VERSION=`bin/rpm -q --qf "%{VERSION}" --whatprovides redhat-release` + OS_GROUP=`/bin/rpm -q --qf "%{NAME}" --whatprovides redhat-release | sed 's/-release.*//' | tr '[A-Z]' '[a-z]'` + REDHAT_VERSION=`/bin/rpm -q --qf "%{VERSION}" --whatprovides redhat-release` case "$OS_GROUP" in "centos" | "fedora") OUTPUT="${OUTPUT}\ngroup:${OS_GROUP}" OUTPUT="${OUTPUT}\ngroup:${OS_GROUP}-${REDHAT_VERSION}" ;; "redhat") - REDHAT_RELEASE=`bin/rpm -q --qf "%{RELEASE}" --whatprovides redhat-release| cut -d. -f1` + REDHAT_RELEASE=`/bin/rpm -q --qf "%{RELEASE}" --whatprovides redhat-release| cut -d. -f1` OUTPUT="${OUTPUT}\ngroup:${OS_GROUP}" OUTPUT="${OUTPUT}\ngroup:${OS_GROUP}-${REDHAT_VERSION}" OUTPUT="${OUTPUT}\ngroup:${OS_GROUP}-${REDHAT_RELEASE}" @@ -88,7 +88,7 @@ Probe used to dynamically set client groups based on OS/distro. ARCH=`uname -m` case "$ARCH" in "x86_64") - if [ "$OS_GROUP" == 'centos' ]; then + if [ "$OS_GROUP" == 'centos' -o "$OS_GROUP" == 'redhat' ]; then OUTPUT="$OUTPUT\ngroup:${ARCH}" else OUTPUT="$OUTPUT\ngroup:amd64" diff --git a/doc/server/plugins/probes/index.txt b/doc/server/plugins/probes/index.txt index 9b6f37b26..87fd2ba2c 100644 --- a/doc/server/plugins/probes/index.txt +++ b/doc/server/plugins/probes/index.txt @@ -13,8 +13,14 @@ the system disk, you would want to know this information to correctly generate an `/etc/auto.master` autofs config file for each type. Here we will look at how to do this. -First you will need to set up the TCheetah plugin, as described on the -:ref:`server-plugins-generators-tcheetah` page. +For the purposes of this example, you will need to set up the TCheetah +plugin, as described on the :ref:`server-plugins-generators-tcheetah` +page. + +.. note:: + + This does **not** mean that TCheetah is required in order for Probes + to operate properly. Next, we need to create a ``Probes`` directory in our toplevel repository location:: diff --git a/doc/server/plugins/statistics/dbstats.txt b/doc/server/plugins/statistics/dbstats.txt index 8e50df822..dd25fe9ab 100644 --- a/doc/server/plugins/statistics/dbstats.txt +++ b/doc/server/plugins/statistics/dbstats.txt @@ -9,7 +9,7 @@ DBStats DBStats can be enabled by adding DBStats to the plugins line in ``/etc/bcfg2.conf``: - plugins = DBStats + plugins = Base,Bundler,Cfg,...,DBStats For more information on how to use DBStats to setup reporting, see :ref:`server-reports-dynamic`. |