"/cferoot"
perms => mog("755","root","system"),
depth_search => recurse_ignore("inf", "@(exclude_dirs)" ),
file_select => dir,
classes => if_repaired("DIRECTORY_PERMS_REPAIRED");
file_select => exclude("secret_file");
file_select => ("dir", "@(exclude_dir)");
Xander,
recurse_ignore can be use to exclude directories, with `file_select`
you can do much more:
*
https://docs.cfengine.com/docs/3.15/reference-promise-types-files.html#file_select
recurse_ignore| for excluding dirs and for example file_select to exclude files.
--
You received this message because you are subscribed to the Google Groups "help-cfengine" group.
To unsubscribe from this group and stop receiving emails from it, send an email to help-cfengin...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/help-cfengine/a5f1ebb0-a042-47ff-8c84-ff292fc2256co%40googlegroups.com.
Hi Chris,Notice one of the file types menu items is "dir".Example, for filtering out directories:body file_select filter { file_types => { "dir" }; file_result => "!file_types"; }Best,Aleksey--FounderVertical Sysadmin, Inc.Achieve real learning.
To unsubscribe from this group and stop receiving emails from it, send an email to help-c...@googlegroups.com.
To unsubscribe from this group and stop receiving emails from it, send an email to help-cfengin...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/help-cfengine/c2ea2904-d10e-4d0f-986c-389d6bf58c8bo%40googlegroups.com.
i'm sorry but i still dont get it feeling dumb all the examples just show one parameter…either type or name…but i want them together in one file_select expression.
Hi Xander
Indeed, the example in the docs doesn't show how much flexibility you have. The stdlib has several file_select bodies, but they also don't have very complex expressions.
Note that it's file_result in the file_select
body that takes an expression.
https://docs.cfengine.com/docs/master/reference-promise-types-files.html#file_result
From the stdlib: https://docs.cfengine.com/docs/master/reference-masterfiles-policy-framework-lib-files.html#file_select-bodies
body file_select name_age(name,days) # @brief Select files that have a matching `name` and have not been modified for at least `days` # @param name A regex that matches the file name # @param days Number of days { leaf_name => { "$(name)" }; mtime => irange(0,ago(0,0,"$(days)",0,0,0)); file_result => "mtime.leaf_name"; } body file_select filetype_older_than(filetype, days) # @brief Select files of specified type older than specified number of days # # @param filetype File type to select # @param days Number of days # # This body only takes a single filetype, see `filetypes_older_than()` # if you want to select more than one type of file. { file_types => { "$(filetype)" }; mtime => irange(0,ago(0,0,"$(days)",0,0,0)); file_result => "file_types.mtime"; } body file_select filetypes_older_than(filetypes, days) # @brief Select files of specified types older than specified number of days # # This body only takes a list of filetypes # # @param filetypes A list of file types # @param days Number of days # # **See also:** `filetype_older_than()` { file_types => { @(filetypes) }; mtime => irange(0,ago(0,0,"$(days)",0,0,0)); file_result => "file_types.mtime"; }
So, file_result
takes an expression comprised of the other file_select body attributes to determine which files should be selected.
e.g. search_size.file_types.!(mtime|leaf_name)
would find files where file size was in the range specified for search_size
, the file type matched that specified in file_types
, ctime
, and leaf_name
all did not match.
Does that helps to clarify?
If you can think of a good example where you need to operate on files using some kind of complex expression we can look to add an example in core and then leverage that in the documentation.
– Nick Anderson| Doer of Things | (+1) 785-550-1767 | https://northern.tech
--
You received this message because you are subscribed to the Google Groups "help-cfengine" group.
To unsubscribe from this group and stop receiving emails from it, send an email to help-cfengin...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/help-cfengine/87ime7elsa.fsf%40northern.tech.
#
# setting various permissions in a big file hierachy/pool
#
#
bundle agent b0027_cferoot_perm_watcher
{
# this triggers the autorun shit
meta:
"tags" slist => { "itsv" };
vars:
"exclude_dirs" slist => { "/usr/local/nagios", "/usr/local/bin" };
files:
policy_server::
# first set permissions on nagios base dir
# and check files/scripts
"/cferoot/usr/local/nagios"
perms => mog("755","nagios","system"),
classes => if_repaired("NAGIOS_BASEPERMS_REPAIRED");
"/cferoot/usr/local/nagios"
perms => mog("755","nagios","system"),
depth_search => recurse("inf"),
classes => if_repaired("NAGIOS_FILEPERMS_REPAIRED");
# after nagios, set the rest of the whole file pool
# directories but exclude the nagios files
# the recurse_ignore part should be redone to use file_select,
# but this is to complicated for my poor little brain.
"/cferoot"
perms => mog("755","root","system"),
depth_search => recurse_ignore("inf", "@(exclude_dirs)" ),
file_select => dir,
classes => if_repaired("DIRECTORY_PERMS_REPAIRED");
reports:
policy_server.(NAGIOS_BASEPERMS_REPAIRED|NAGIOS_FILEPERMS_REPAIRED)::
"nagios file permissions in cferoot fixed...";
policy_server.DIRECTORY_PERMS_REPAIRED::
"directory permissions in cferoot fixed...";
}
To unsubscribe from this group and stop receiving emails from it, send an email to help-c...@googlegroups.com.