path: root/man/bcfg2.1

.TH "BCFG2" "1" "March 18, 2013" "1.3" "Bcfg2"
.SH NAME
bcfg2 \- Bcfg2 client tool
.
.nr rst2man-indent-level 0
.
.de1 rstReportMargin
\\$1 \\n[an-margin]
level \\n[rst2man-indent-level]
level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
-
\\n[rst2man-indent0]
\\n[rst2man-indent1]
\\n[rst2man-indent2]
..
.de1 INDENT
.\" .rstReportMargin pre:
. RS \\$1
. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
. nr rst2man-indent-level +1
.\" .rstReportMargin post:
..
.de UNINDENT
. RE
.\" indent \\n[an-margin]
.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
.nr rst2man-indent-level -1
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
..
.\" Man page generated from reStructuredText.
.
.SH SYNOPSIS
.sp
\fBbcfg2\fP [\fIoptions\fP]
.SH DESCRIPTION
.sp
\fBbcfg2\fP runs the Bcfg2 configuration process on the current
host. This process consists of the following steps.
.INDENT 0.0
.IP \(bu 2
Fetch and execute probes
.IP \(bu 2
Upload probe results
.IP \(bu 2
Fetch the client configuration
.IP \(bu 2
Check the current client state
.IP \(bu 2
Attempt to install the desired configuration
.IP \(bu 2
Upload statistics about the Bcfg2 execution and client state
.UNINDENT
.SH OPTIONS
.INDENT 0.0
.TP
.B \-B
Configure everything except the given bundle(s).
.TP
.BI \-C \ configfile
Specify alternate bcfg2.conf location.
.TP
.BI \-D \ drivers
Specify a comma\-delimited set of Bcfg2 tool
drivers. \fINOTE: only drivers listed will be
loaded. (e.g., if you do not include POSIX, you will
be unable to verify/install Path entries).\fP
.TP
.BI \-E \ encoding
Specify the encoding of config files.
.TP
.B \-I
Run bcfg2 in interactive mode. The user will be
prompted before each change.
.TP
.B \-O
Omit lock check.
.TP
.B \-P
Run bcfg2 in paranoid mode. Diffs will be logged for
configuration files marked as paranoid by the Bcfg2
server.
.TP
.B \-Q
Run bcfg2 in "bundle quick" mode, where only entries
in a bundle are verified or installed. This runs
much faster than \-q, but doesn\(aqt provide statistics
to the server at all. In order for this option to
work, the \-b option must also be provided. This
option is incompatible with \-r.
.TP
.BI \-R \ retrycount
Specify the number of times that the client will
attempt to retry network communication.
.TP
.BI \-S \ server
Manually specify the server location (as opposed to
using the value in bcfg2.conf). This should be in
the format "\fI\%https://server:port\fP"
.TP
.B \-Z
Do not configure independent entries.
.TP
.BI \-b \ bundles
Run only the specified colon\-delimited set of
bundles.
.TP
.BI \-c \ cachefile
Cache a copy of the configuration in cachefile.
.TP
.BI \-\-ca\-cert\fB= cacert
Specifiy the path to the SSL CA certificate.
.TP
.B \-d
Enable debugging output.
.TP
.B \-e
When in verbose mode, display extra entry
information.
.TP
.BI \-f \ path
Configure from a file rather than querying the
server.
.TP
.B \-h
Print usage information.
.TP
.B \-k
Run in bulletproof mode. This currently only
affects behavior in the debian toolset; it calls
apt\-get update and clean and dpkg \-\-configure
\-\-pending.
.TP
.BI \-l \ decisionmode
Run the client in the specified decision list mode
("whitelist" or "blacklist"), or "none", which can
be used in order to override the decision list mode
specified in bcfg2.conf). This approach is needed
when particular changes are deemed "high risk". It
gives the ability tocentrally specify these changes,
but only install them on clients when administrator
supervision is available. Because collaborative
configuration is one of the remaining hard issues in
configuration management, these issues typically
crop up in environments with several administrators
and much configuration variety. (This setting will
be ignored if the \-f option is also specified).
.TP
.B \-n
Run bcfg2 in dry\-run mode. No changes will be made
to the system.
.TP
.BI \-o \ logfile
Writes a log to the specified path.
.TP
.BI \-p \ profile
Assert a profile for the current client.
.TP
.B \-q
Run bcfg2 in quick mode. Package checksum
verification won\(aqt be performed. This mode relaxes
the constraints of correctness, and thus should only
be used in safe conditions.
.TP
.BI \-r \ mode
Cause bcfg2 to remove extra configuration elements
it detects. Mode is one of "all", "Services",
"Packages", or "Users". "all" removes all extra entries.
"Services", "Packages", and "Users" remove only the extra
configuration elements of the respective type.
("Services" actually just disables extra services,
since they can\(aqt be removed, and "Users" removes
extra POSIXUser and POSIXUser entries.)
.TP
.BI \-s \ servicemode
Set bcfg2 interaction level for services. Default
behavior is to modify all services affected by
reconfiguration. "build" mode attempts to stop all
services started. "disabled" suppresses all attempts
to modify services.
.TP
.BI \-\-ssl\-cert\fB= cert
Specify the path to the SSL certificate.
.TP
.BI \-\-ssl\-cns\fB= CNs
Colon\-delimited list of acceptable SSL server Common
Names.
.TP
.BI \-\-ssl\-key\fB= key
Specify the path to the SSL key.
.TP
.BI \-u \ user
Attempt to authenticate as \(aquser\(aq.
.TP
.BI \-t \ timeout
Set the timeout (in seconds) for client
communication. Default is 90 seconds.
.TP
.B \-v
Run bcfg2 in verbose mode.
.TP
.BI \-x \ password
Use \(aqpassword\(aq for client communication.
.TP
.B \-z
Only configure independent entries, ignore bundles.
.UNINDENT
.SH SEE ALSO
.sp
\fIbcfg2\-server(8)\fP, \fIbcfg2\-info(8)\fP
.\" Generated by docutils manpage writer.
.