blob: fe60a24fd14a418e44d93331e5b0269988c42d2e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
|
.. -*- mode: rst -*-
.. _server-plugins-generators-rules:
=====
Rules
=====
The Rules plugin resolves the following Abstract Configuration Entities:
* Service
* Package
* Path
* Action
to literal configuration entries suitable for the client drivers to
consume.
For an entity specification to be included in the Literal configuration
the name attribute from an Abstract Entity Tag (from Base or Bundler)
must match the name attribute of an Entity tag in Rules, along with the
appropriate group associations of course.
Each file in the Rules directory has a priority. This allows the same
Entities to be served by multiple files. The priorities can be used to
break ties in the case that multiple files serve data for the same Entity.
Usage of Groups in Rules
========================
Groups are used by the Rules plugin, along with host metadata, for
selecting the Configuration Entity entries to include in the clients
literal configuration. They can be thought of as::
if client is a member of group1 then
assign to literal config
Nested groups are conjunctive (logical and).::
if client is a member of group1 and group2 then
assign to literal config
Group membership may be negated.
Tag Attributes in Rules
=======================
Rules Tag
---------
The Rules Tag may have the following attributes:
+----------+-------------------------------------+--------+
| Name | Description | Values |
+==========+=====================================+========+
| priority | Sets the priority for Rules in this | String |
| | Rules list.The higher value wins. | |
+----------+-------------------------------------+--------+
Rules Group Tag
---------------
The Rules Group Tag may have the following attributes:
+--------+-------------------------+--------------+
| Name | Description | Values |
+========+=========================+==============+
| name | Group Name | String |
+--------+-------------------------+--------------+
| negate | Negate group membership | (True|False) |
| | (is not a member of) | |
+--------+-------------------------+--------------+
Package Tag
-----------
The Package Tag may have the following attributes:
+------------+----------------------------------------------+--------+
| Name | Description | Values |
+============+==============================================+========+
| name | Package Name | String |
+------------+----------------------------------------------+--------+
| version | Package Version or version='noverify' to | String |
| | not do version checking in the Yum driver | |
| | only (temporary work a round). | |
+------------+----------------------------------------------+--------+
| file | Package file name. Several other attributes | String |
| | (name, version) can be automatically defined | |
| | based on regular expressions defined in the | |
| | Pkgmgr plugin. | |
+------------+----------------------------------------------+--------+
| simplefile | Package file name. No name parsing is | String |
| | performed, so no extra fields get set | |
+------------+----------------------------------------------+--------+
| verify | verify='false' - do not do package | String |
| | verification | |
+------------+----------------------------------------------+--------+
| reloc | RPM relocation path. | String |
+------------+----------------------------------------------+--------+
| multiarch | Comma separated list of the architectures of | String |
| | this package that should be installed. | |
+------------+----------------------------------------------+--------+
| srcs | Filename creation rules for multiarch | String |
| | packages. | |
+------------+----------------------------------------------+--------+
| type | Package type. (rpm, yum, apt,sysv,blast) | String |
+------------+----------------------------------------------+--------+
Action Tag
----------
See :ref:`client-tools-actions`
Service Tag
-----------
+------------+--------------------------+---------------------------------------+
| Name | Description | Values |
+============+==========================+=======================================+
| mode | Per Service Mode (New in | (manual|default|supervised|custom) |
| | 1.0) | |
+------------+--------------------------+---------------------------------------+
| name | Service Name | String |
+------------+--------------------------+---------------------------------------+
| status | Should the service be | (on|off) |
| | on or off (default: | |
| | off). | |
+------------+--------------------------+---------------------------------------+
| target | Service command for | String |
| | restart, modified | |
| | targets require | |
| | mode="custom" | |
| | (default: restart) | |
+------------+--------------------------+---------------------------------------+
| type | Driver to use on the | (chkconfig|deb|rc-update|smf|upstart) |
| | client to manage this | |
| | service. | |
+------------+--------------------------+---------------------------------------+
| sequence | Order for service | integer |
| | startup (debian services | |
| | only) | |
+------------+--------------------------+---------------------------------------+
| parameters | Pass parameters to | String |
| | service (Upstart | |
| | services only) | |
+------------+--------------------------+---------------------------------------+
Service mode descriptions
^^^^^^^^^^^^^^^^^^^^^^^^^
.. versionadded:: 1.0.0
* manual
* do not start/stop/restart this service
* default
* perform appropriate service operations
* supervised
* default and ensure service is running (or stopped) when verification is performed
* deprecates supervised='true'
* custom
* set non-default service command for restart (use in conjunction with
target attribute)
Client Tag
----------
The Client Tag is used in Rules for selecting the package entries to
include in the clients literal configuration. Its function is similar
to the Group tag in this context. It can be thought of as::
if client is name then
assign to literal config
The Client Tag may have the following attributes:
+--------+-------------------------+--------------+
| Name | Description | Values |
+========+=========================+==============+
| name | Client Name | String |
+--------+-------------------------+--------------+
| negate | Negate client selection | (True|False) |
| | (if not client name) | |
+--------+-------------------------+--------------+
Path Tag
--------
The Path tag has different values depending on the *type* attribute of
the path specified in your configuration. Below is a set of tables which
describe the attributes available for various Path types.
device
^^^^^^
+----------+---------------------+-------------------+
| Name | Description | Values |
+==========+=====================+===================+
| name | Name of the device | String |
+----------+---------------------+-------------------+
| dev_type | Type of device | (block|char|fifo) |
+----------+---------------------+-------------------+
| owner | Device owner | String |
+----------+---------------------+-------------------+
| group | Device group | String |
+----------+---------------------+-------------------+
| major | Major number (block | integer |
| | or char devices) | |
+----------+---------------------+-------------------+
| minor | Minor number (block | integer |
| | or char devices) | |
+----------+---------------------+-------------------+
directory
^^^^^^^^^
+-------+------------------------------+------------+
| Name | Description | Values |
+=======+==============================+============+
| name | Directory Name | String |
+-------+------------------------------+------------+
| perms | Permissions of the directory | String |
+-------+------------------------------+------------+
| owner | Owner of the directory | String |
+-------+------------------------------+------------+
| group | Group Owner of the directory | String |
+-------+------------------------------+------------+
| prune | prune unspecified entries | true|false |
| | from the Directory | |
+-------+------------------------------+------------+
hardlink
^^^^^^^^
+------+----------------------+--------+
| Name | Description | Values |
+======+======================+========+
| name | Name of the hardlink | String |
+------+----------------------+--------+
| to | File to link to | String |
+------+----------------------+--------+
nonexistent
^^^^^^^^^^^
+------+--------------------+-------------+
| Name | Description | Values |
+======+====================+=============+
| name | Name of the | String |
| | (nonexistent) file | |
+------+--------------------+-------------+
| type | Type of file | nonexistent |
+------+--------------------+-------------+
permissions
^^^^^^^^^^^
+-------+--------------------------+--------+
| Name | Description | Values |
+=======+==========================+========+
| name | Name of the file. | String |
+-------+--------------------------+--------+
| perms | Permissions of the file. | String |
+-------+--------------------------+--------+
| owner | Owner of the file. | String |
+-------+--------------------------+--------+
| group | Group of the file. | String |
+-------+--------------------------+--------+
symlink
^^^^^^^
+------+----------------------+--------+
| Name | Description | Values |
+======+======================+========+
| name | Name of the symlink. | String |
+------+----------------------+--------+
| to | File to link to | String |
+------+----------------------+--------+
Rules Directory
===============
The Rules/ directory keeps the XML files that define what rules are
available for a host. All the files in the directory are processed.
The names of the XML files have no special meaning to Bcfg2; they
are simply named so it's easy for the administrator to know what the
contents hold. All Rules could be kept in a single file if so desired.
Bcfg2 simply uses the Groups in the files and priorities to determine
how to assign Rules to a host's literal configuration.
.. code-block:: xml
<Rules priority="0">
<Path type='directory' group="root" name="/autonfs" owner="root" perms="0755"/>
<Path type='directory' group="utmp" name="/var/run/screen" owner="root" perms="0775"/>
<Path type='directory' group="root" name="/autonfs/stage" owner="root" perms="0755"/>
<Path type='directory' group="root" name="/exports" owner="root" perms="0755"/>
<Path type='directory' name="/etc/condor" owner="root" group="root" perms="0755"/>
<Path type='directory' name="/logs" group="wwwtrans" owner="root" perms="0775"/>
<Path type='directory' name="/mnt" group="root" owner="root" perms="0755"/>
<Path type='directory' name="/my" owner="root" group="root" perms="0755"/>
<Path type='directory' name="/my/bin" owner="root" group="root" perms="0755"/>
<Path type='directory' name="/nfs" owner="root" group="root" perms="0755"/>
<Path type='directory' name="/sandbox" perms="0777" owner="root" group="root"/>
<Path type='directory' name="/software" group="root" owner="root" perms="0755"/>
<Path type='permissions' perms="0555" group="audio" owner="root" name="/dev/dsp"/>
<Path type='permissions' perms="0555" group="audio" owner="root" name="/dev/mixer"/>
<Path type='symlink' name="/bin/whatami" to="/mcs/adm/bin/whatami"/>
<Path type='symlink' name="/chibahomes" to="/nfs/chiba-homefarm"/>
<Path type='symlink' name="/home" to="/nfs/mcs-homefarm"/>
<Path type='symlink' name="/homes" to="/home"/>
<Path type='symlink' name="/mcs" to="/nfs/mcs"/>
<Path type='symlink' name="/my/bin/bash" to="/bin/bash"/>
<Path type='symlink' name="/my/bin/tcsh" to="/bin/tcsh"/>
<Path type='symlink' name="/my/bin/zsh" to="/bin/zsh"/>
<Path type='symlink' name="/software/common" to="/nfs/software-common"/>
<Path type='symlink' name="/software/linux" to="/nfs/software-linux"/>
<Path type='symlink' name="/software/linux-debian_sarge" to="/nfs/linux-debian_sarge"/>
<Path type='symlink' name="/usr/bin/passwd" to="/usr/bin/yppasswd"/>
<Path type='symlink' name="/usr/bin/yppasswd" to="/mcs/bin/passwd"/>
<Path type='symlink' name="/usr/lib/libgd.so.1.8" to="/usr/lib/libgd.so.1.8.4"/>
<Path type='symlink' name="/usr/lib/libtermcap.so.2" to="/usr/lib/libtermcap.so"/>
<Path type='symlink' name="/usr/local/bin/perl" to="/usr/bin/perl"/>
<Path type='symlink' name="/usr/local/bin/perl5" to="/usr/bin/perl"/>
<Path type='symlink' name="/usr/local/bin/tcsh" to="/bin/tcsh"/>
<Service name='ntpd' status='on' type='chkconfig'/>
<Service name='haldaemon' status='on' type='chkconfig'/>
<Service name='messagebus' status='on' type='chkconfig'/>
<Service name='netfs' status='on' type='chkconfig'/>
<Service name='network' status='on' type='chkconfig'/>
<Service name='rawdevices' status='on' type='chkconfig'/>
<Service name='sshd' status='on' type='chkconfig'/>
<Service name='syslog' status='on' type='chkconfig'/>
<Service name='vmware-tools' status='on' type='chkconfig'/>
</Rules>
|
