Is there way to set a default changes body so I don’t have to specify it every time there is a file promise? Or is there a default?
“/some/dir/.”
handle => canonify("$(this.bundle)$(this.promiser)"),
perms => system_owned("0444"),
edit_template => “/path/to/mustache/template.mustache",
template_method => "mustache",
changes => diff;
From: help-c...@googlegroups.com [mailto:help-c...@googlegroups.com]
On Behalf Of bofh...@gmail.com
Sent: Thursday, March 30, 2017 4:00 PM
To: help-cfengine <help-c...@googlegroups.com>
Subject: [help-cfengine] Bundle aborted on defined class
Is it possible to eliminate the output of "Bundle aborted on defined class...." when a bundle is aborted using the abortbundleclasses?
I have these messages going into /var/log/messages every five minutes.
Thank you in advance,
Robin
--
You received this message because you are subscribed to the Google Groups "help-cfengine" group.
To unsubscribe from this group and stop receiving emails from it, send an email to
help-cfengin...@googlegroups.com.
To post to this group, send email to
help-c...@googlegroups.com.
Visit this group at https://groups.google.com/group/help-cfengine.
For more options, visit https://groups.google.com/d/optout.
Is there way to set a default changes body so I don’t have to specify it every time there is a file promise? Or is there a default?
“/some/dir/.”
handle => canonify("$(this.bundle)$(this.promiser)"),
perms => system_owned("0444"),
edit_template => “/path/to/mustache/template.mustache",
template_method => "mustache",
changes => diff;
From: help-c...@googlegroups.com [mailto:help-cfengine@googlegroups.com] On Behalf Of bofh...@gmail.com
Sent: Thursday, March 30, 2017 4:00 PM
To: help-cfengine <help-cfengine@googlegroups.com>
Subject: [help-cfengine] Bundle aborted on defined class
Is it possible to eliminate the output of "Bundle aborted on defined class...." when a bundle is aborted using the abortbundleclasses? I have these messages going into /var/log/messages every five minutes.
Thank you in advance,
Robin
--
You received this message because you are subscribed to the Google Groups "help-cfengine" group.
To unsubscribe from this group and stop receiving emails from it, send an email to help-cfengine+unsubscribe@googlegroups.com.
Thanks nick. We just have this same line 100+ times.
Hey Martin,
To unsubscribe from this group and stop receiving emails from it, send an email to help-cfengin...@googlegroups.com.
> Is there way to set a default changes body so I don’t have to specify
> it every time there is a file promise? Or is there a default?
If you have a really common pattern that you use across your entire
policy like this:
bundle agent main { files: "/tmp/dir1/."
handle => canonify("$(this.bundle)$(this.promiser)"), perms => system_owned("0444"), create => "true", edit_template => “/path/to/mustache/template.mustache", template_method => "mustache", changes => diff;
"/tmp/dir2/."
handle => canonify("$(this.bundle)$(this.promiser)"), perms => system_owned("0444"), create => "true", edit_template => “/path/to/mustache/template.mustache", template_method => "mustache", changes => diff; }
You may want to consider leveraging default bodies to help reduce the
amount of written policy, and improve consistency between promises.
body agent control { inform => "true"; } body file control { namespace => "bodydefault"; } body perms files_perms # @brief Set the file owner and group to the system default # @param mode the access permission in octal format # # **Example:** # # ```cf3 # files: # "/etc/passwd" perms => system_owned("0644"); # ``` { mode => "0444"; owners => { "root" }; freebsd|openbsd|netbsd|darwin:: groups => { "wheel" }; linux:: groups => { "root" }; solaris:: groups => { "sys" }; } body changes files_changes # @brief Detect file content changes using sha256 # and report the diff to CFEngine Enterprise { hash => "sha256"; report_changes => "content"; report_diffs => "true"; update_hashes => "yes"; } body file control { namespace => "default"; } bundle agent main { files: "/tmp/dir1/file"
handle => canonify("$(this.bundle)$(this.promiser)")
, create => "true", edit_template => "$(this.promise_filename)", template_method => "mustache"; "/tmp/dir2/file"
handle => canonify("$(this.bundle)$(this.promiser)")
, create => "true", edit_template => "$(this.promise_filename)", template_method => "mustache"; }
I get this output:
info: Created file '/tmp/dir1/file', mode 0444 info: Updated rendering of '/tmp/dir1/file' from mustache template '/root/./defaultbodies.cf' info: Created file '/tmp/dir2/file', mode 0444 info: Updated rendering of '/tmp/dir2/file' from mustache template '/root/./defaultbodies.cf'
Unfortunately it looks like this can't yet be combined with
body
inheritance. Because the following isn't working for me.
body file control { namespace => "bodydefault"; } body perms files_perms # @brief Set the file owner and group to the system default # @param mode the access permission in octal format # # **Example:** # # ```cf3 # files: # "/etc/passwd" perms => system_owned("0644"); # ``` { inherit_from => default:system_owned("0444"); } body changes files_changes # @brief Detect file content changes using sha256 # and report the diff to CFEngine Enterprise { inherit_from => default:changes; } body file control { namespace => "default"; } bundle agent main { files: "/tmp/dir1/file"
handle => canonify("$(this.bundle)$(this.promiser)")
, create => "true", edit_template => "$(this.promise_filename)", template_method => "mustache"; "/tmp/dir2/file"
handle => canonify("$(this.bundle)$(this.promiser)")
, create => "true", edit_template => "$(this.promise_filename)", template_method => "mustache"; }
I get:
error: ./default_bodies.cf:0:0: In attribute 'inherit_from', Unknown function. Given attribute value 'default:system_owned("0444")' error: Fatal CFEngine error: Cannot continue
And default bodies are only defaults for bodies so as you probably noticed,
edit_template
, template_method
, handle
, aren't covered.
In enterprise promise handles are automatically generated. And I think
that behavior moved out to core already. There is an open feature
request (CFE-1634) to implement a default for
template_method
. And I don't see any proposals for defaulting key
values generically or edit_template
specifically. Perhaps it would
make sense to add something in edit_defaults
for these. Since
edit_defaults
is a body it could be defaulted, but I believe the
attributes in edit_defaults
are currently specific to line based
editing, so I don't know if it would be a good match for template
related defaults or not.
–
Nick Anderson
Doer of things, CFEngine