[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: dividing into imports
From: |
John Smith |
Subject: |
Re: dividing into imports |
Date: |
Sat, 21 Jan 2006 14:55:11 +0100 |
I'm 99.999% sure no other instances are started, especially through cron.
This is a testbox for cfengine, crontab is empty and I run each cfengine
with a launch.sh, (see below) which cleans out cron after cfexecd runs.
What I forgot to mention was that this is an older version: 2.1.10,
because it is the only common one we could get over all platforms.
I am building a separate test environment at the moment to track down
this specific problem. Will keep you posted on my findings.
Sincerely,
Jan.
PS. Is help-cfengine@gnu.org down, since I don't get any mails from
it at the moment, but you _do_ answer? ;-)
=======================================================================
#!/bin/sh
# COMMENTEDOUT='# '
COMMENTEDOUT=
NOWS=$(date +%S)
NOWS=${NOWS#0}
NOWM=$(date +%M)
NOWM=${NOWM#0}
NOWH=$(date +%H)
NOWH=${NOWH#0}
FROMNOW=1
if [[ $NOWS > 58 ]] ; then
FROMNOW=2
fi
MIN=$(((${NOWM}+${FROMNOW})%60))
HOUR=$(((${NOWH}+((${NOWM}+${FROMNOW})/60))%24))
time (crontab -l ; echo $COMMENTEDOUT$MIN' '$HOUR' * * * echo "[d-i]
[postinstall] -run cfexecd-" ; /usr/sbin/cfexecd -F ; (crontab -l | grep -v
/usr/sbin/cfexecd) | crontab -') | crontab -
=======================================================================
On Sat, 21 Jan 2006 08:25:35 +0100
Mark Burgess <Mark.Burgess@iu.hio.no> wrote:
>
> I think that the only way this could happen (if I understand you
> correctly) is if another instantiation of cfengine starts while you are
> still copying the files across). Could this come from cron? Maybe you
> need to make sure the copying happens quickly, or block the start of an
> update while copying is taking place. You could do this by creating a
> lock file like touch /etc/nocfengine and making actions conditional on
> this??
>
> I am not sure this is a correct diagnosis. What do you think?
>
> M
>
> On Fri, 2006-01-20 at 22:32 +0100, John Smith wrote:
> > Hi All,
> >
> > situation:
> >
> > bunch of servers and workstations, linux, bsd, solaris, hpux.
> >
> > there was a 1st attempt to use cfengine, but this was used
> > only to prevent known errors to ocure again (corrective).
> >
> > new project to roll out all servers anew, from installation
> > servers, including cfengine in the 'paranoid' setting (installation,
> > configuration, detection and correction).
> >
> > Divided my cfengine server from out of a cvs server into
> > four separte policy environments, old, old-test, new and new-test
> > (with automatic transfer mechanisms for hosts between the different
> > environments), with a common update.conf which decides which
> > cfagent.conf from which environment a client gets, based on the
> > following criteria:
> >
> > iprange
> > os
> > domain
> > policy (group membership)
> >
> > Commonly used variables are also centrally defined.
> >
> > The first criteria are defined as classes and groups and
> > stored in a 'general.classes'. The second in a 'general.main' and
> > consists of 1 large control section (without an actionsequence).
> >
> > Each policy environment consists of a cfagent.conf that
> > does as little as possible except for to import the common
> > 'general.*' files and the policies own cfagent.* files and define
> > an actionsequence. Purpose of the cfagent.* files to compartmentalize
> > and share application settings among policies.
> >
> > The cfagent.conf (and policy dependent files) distribution
> > according to policy, goes well. We even defined an 'alien' class
> > for hosts that are not part of any policy and that get reported and
> > taken care of very well.
> >
> > problem:
> >
> > It is with the action sequence that I run into trouble.
> >
> > Decesision was made for each cfexecd -F run to copy all
> > for the client relevant files from a central server, based on classes
> > etc. into a local data repository which at the end is copied in 1 go
> > into the live filesystem. It's purpose is to correct errors under a
> > DOS attack and directly after a reboot.
> >
> > First action is then 'copy', which is divided into multiple
> > server to local repository copies and 1 final repository to /. All
> > following actions are policy dependent.
> >
> > My main problem is that the actions are started before the
> > final copy (from the local repository to the live filesystem) is
> > finished. And yes, there is only one copy: statement.
> >
> > I tried several things (defines at the end of each copy
> > statements to enforce sequence -they do not-, run everything
> > from 1 cfagent.conf), I can't get it to work.
> >
> > I presume that I make a fundamental mistake somewhere, so
> > that's the main reason for this elaborate description.
> >
> > Can somebody please give a hint of what I do wrong or give
> > a general description on how to take care of this problem.
> >
> > Sincerely,
> >
> > Jan.
> >
> >
> > _______________________________________________
> > Help-cfengine mailing list
> > Help-cfengine@gnu.org
> > http://lists.gnu.org/mailman/listinfo/help-cfengine
>