Permalink
Browse files

Merge branch 'master' of github.com:cfengine/design-center

  • Loading branch information...
2 parents 9a8584f + 003075f commit c6e6346557e52b77bf31a86379401b4fdc2a94b0 @zzamboni zzamboni committed Aug 28, 2012
Showing with 2,625 additions and 313 deletions.
  1. +6 −0 examples/verticalsysadmin_training_examples/.vimrc
  2. +15 −59 examples/verticalsysadmin_training_examples/0003-Exercises.txt
  3. +5 −1 examples/verticalsysadmin_training_examples/0004_the_most_basic_form_of_a_promise.txt
  4. 0 examples/verticalsysadmin_training_examples/0005_simple_example.txt
  5. 0 ...rminate_with_prejudice.cf → 0030_Basic_Examples._No_IRC_bot_process._Terminate_with_prejudice.cf}
  6. 0 ...ke.cf → 0031_Basic_Examples._No_eggdrop_process._Terminate_with_prejudice__use_the_RegEx_Luke.cf}
  7. +21 −0 examples/verticalsysadmin_training_examples/0032_do_exercise_1.txt
  8. +0 −3 ...les/verticalsysadmin_training_examples/0060_Basic_Examples._Hello_world_using_command_bin_echo.cf
  9. 0 examples/verticalsysadmin_training_examples/0149
  10. 0 ...calsysadmin_training_examples/0150_Knowledge_management_is_one_of_the_key_challenges_of_scale.txt
  11. +2 −1 ...ticalsysadmin_training_examples/0152_Basic_Examples.__Knowledge_Management__handle__depends_on.cf
  12. 0 examples/verticalsysadmin_training_examples/0156
  13. +3 −1 examples/verticalsysadmin_training_examples/0160_Basic_Examples.__Editing_Files._Edit_a_file.cf
  14. +1 −2 ...ticalsysadmin_training_examples/0165_Basic_Examples.__Editing_Files._Edit_a_file,_strict_match.cf
  15. +4 −0 examples/verticalsysadmin_training_examples/0166_exercise.txt
  16. +17 −0 ...dmin_training_examples/0167a_Basic_Examples.__Editing_Files._Edit_a_file,_expand_from_template.cf
  17. 0 ...nd_from_template.cf → 0167b_Basic_Examples.__Editing_Files._Edit_a_file,_expand_from_template.cf}
  18. +22 −0 ...dmin_training_examples/0167c_Basic_Examples.__Editing_Files._Edit_a_file,_expand_from_template.cf
  19. +10 −0 examples/verticalsysadmin_training_examples/0168a_variable_scope.txt
  20. +29 −0 examples/verticalsysadmin_training_examples/0168b_exercise.txt
  21. +1 −0 examples/verticalsysadmin_training_examples/0181
  22. +10 −0 examples/verticalsysadmin_training_examples/0201_class_expression_operators.txt
  23. +9 −9 examples/verticalsysadmin_training_examples/0210_Patterns._Classes._Report_day_of_the_week.cf
  24. +1 −1 examples/verticalsysadmin_training_examples/0220_Patterns._Classes._OS_and_time_expression.cf
  25. +4 −4 examples/verticalsysadmin_training_examples/0250_Patterns._Classes._Ensuring_CUPSd_is_running.cf
  26. +21 −0 examples/verticalsysadmin_training_examples/0252_logical_not.cf
  27. +4 −4 examples/verticalsysadmin_training_examples/0270__Demonstration_of_CFEngine_Running_Unattended.cf
  28. +29 −0 examples/verticalsysadmin_training_examples/0271-exercise_cfengine_running_unattended.txt
  29. 0 examples/verticalsysadmin_training_examples/0300
  30. +0 −23 ...ning_examples/0360_Body-Part_Examples._Example_with_Promise_Body._Check_storage_min_free_space.cf
  31. +0 −24 ...mples/0370_Body-Part_Examples._Check_storage_min_free_space^%_sensible_size_and_sensible_count.cf
  32. +14 −0 examples/verticalsysadmin_training_examples/0380a_perms.cf
  33. +28 −0 examples/verticalsysadmin_training_examples/0380b_perms.cf
  34. +2 −2 examples/verticalsysadmin_training_examples/0384_Body-Part_Examples._Replacing_Patterns.cf
  35. 0 examples/verticalsysadmin_training_examples/0390
  36. 0 ...ples/verticalsysadmin_training_examples/0410_Cfengine_Grammar._LHS_vs_RHS._Promise_attributes.txt
  37. 0 examples/verticalsysadmin_training_examples/0460
  38. 0 examples/verticalsysadmin_training_examples/0500_Data_Types._Scalars_and_lists._Scalars.txt
  39. 0 ...es/verticalsysadmin_training_examples/0520_Data_Types._Special_suffixes_for_Integer_constants.txt
  40. +1 −1 examples/verticalsysadmin_training_examples/0530_Data_Types._Integer_suffixes_demo.cf
  41. 0 examples/verticalsysadmin_training_examples/0540_Data_Types._List_variables.txt
  42. +1 −0 examples/verticalsysadmin_training_examples/0570_Data_Types._Lists_of_integers.cf
  43. +1 −0 examples/verticalsysadmin_training_examples/0580_Data_Types._Lists_of_real_numbers.cf
  44. +16 −0 examples/verticalsysadmin_training_examples/0590_exercise.txt
  45. 0 examples/verticalsysadmin_training_examples/0600
  46. +5 −0 examples/verticalsysadmin_training_examples/0610_Data_Structures._Arrays.txt
  47. +5 −2 examples/verticalsysadmin_training_examples/0615_Data_Structures._Array_of_strings.cf
  48. +14 −0 examples/verticalsysadmin_training_examples/0615b_exercise.txt
  49. 0 examples/verticalsysadmin_training_examples/0700
  50. +2 −2 examples/verticalsysadmin_training_examples/0710_Software_Components._Cf-promises_and_cf-agent.txt
  51. +2 −2 examples/verticalsysadmin_training_examples/0720_Software_Components._Cf-execd_and_cf-serverd.txt
  52. 0 ..._Software_Components._Other_components._Tools_for_Cfengine_networking._cf-key_and_cf-runagent.txt
  53. 0 ...ing_examples/0740_Software_Components._Other_components._Cf-monitord,cf-know,cf-report,cf-hub.txt
  54. 0 examples/verticalsysadmin_training_examples/0750
  55. 0 ...erticalsysadmin_training_examples/0760_Configuring_Cfengine._The_starting_set_of_config_files.txt
  56. 0 examples/verticalsysadmin_training_examples/0800
  57. +357 −0 examples/verticalsysadmin_training_examples/1
  58. +3 −0 examples/verticalsysadmin_training_examples/1000_COPBL._Introduction.txt
  59. +0 −1 ...rticalsysadmin_training_examples/1030_COPBL._Context_sensitive_file_editing._Set_robs_password.cf
  60. +1 −1 examples/verticalsysadmin_training_examples/1040_COPBL._Removing_a_file.cf
  61. +2 −5 ..._a_file._Remove_centos_httpd_welcome_page,_by_commenting_out_its_contents_and_restarting_httpd.cf
  62. +6 −10 ...es/verticalsysadmin_training_examples/{1475_Classes_have_global_scope.cf → 1050_keep_this_one.cf}
  63. 0 examples/verticalsysadmin_training_examples/1100
  64. 0 examples/verticalsysadmin_training_examples/1110_Patterns._Introduction.txt
  65. 0 examples/verticalsysadmin_training_examples/1150
  66. 0 examples/verticalsysadmin_training_examples/1180_Patterns._Regular_expressions.txt
  67. 0 examples/verticalsysadmin_training_examples/1200
  68. 0 examples/verticalsysadmin_training_examples/1210_Patterns._Body_templates.txt
  69. 0 examples/verticalsysadmin_training_examples/1220
  70. +1 −1 ...g_examples/1340_using_classes_to_link_promises._Promise_repair__also_demonstrates_action_logme.cf
  71. +7 −7 ...lsysadmin_training_examples/1370_Classes._Set_a_private_class_based_on_hard_classes_expression.cf
  72. 0 examples/verticalsysadmin_training_examples/1471_Classes._Default_classes__cf-monitord.txt
  73. +2 −5 examples/verticalsysadmin_training_examples/1474_classes_GOTCHA.cf
  74. +14 −0 examples/verticalsysadmin_training_examples/1478_exercise.txt
  75. 0 examples/verticalsysadmin_training_examples/1480
  76. +1 −0 examples/verticalsysadmin_training_examples/1480_Classes_and_Scope.txt
  77. +18 −0 examples/verticalsysadmin_training_examples/1481_Classes_have_scope.cf
  78. +18 −0 ...alsysadmin_training_examples/1482_Classes._Classes_defined_in_common_bundles_have_global_scope.cf
  79. +23 −0 examples/verticalsysadmin_training_examples/1483_if_repaired_creates_global_classes.cf
  80. 0 examples/verticalsysadmin_training_examples/1500
  81. +14 −3 examples/verticalsysadmin_training_examples/1500_Methods._A_special_promise_type.txt
  82. 0 examples/verticalsysadmin_training_examples/1520_Methods._Encapsulation.txt
  83. 0 ...sadmin_training_examples/{MISC__abstraction_using_methods.cf → 1521_abstraction_using_methods.cf}
  84. +59 −0 examples/verticalsysadmin_training_examples/1522_methods_exercise.txt
  85. 0 examples/verticalsysadmin_training_examples/1600
  86. 0 examples/verticalsysadmin_training_examples/1610_More_Examples._Embedding_RCS_Id_tag.cf,v
  87. 0 examples/verticalsysadmin_training_examples/1700
  88. +24 −9 examples/verticalsysadmin_training_examples/1720_More_Examples._copy_from._Remote_copy.cf
  89. 0 examples/verticalsysadmin_training_examples/1731_notes_for_setting_up_client_server.txt
  90. 0 examples/verticalsysadmin_training_examples/1800
  91. 0 examples/verticalsysadmin_training_examples/1810_More_Examples._Security._Change_detection.txt
  92. 0 examples/verticalsysadmin_training_examples/1900
  93. +1 −9 ...s/verticalsysadmin_training_examples/1950_More_Examples._Setting_the_environment_for_a_command.cf
  94. 0 examples/verticalsysadmin_training_examples/2000
  95. 0 ...lsysadmin_training_examples/2010_More_Examples._EC2._System_provisioning_and_integration_demo.txt
  96. +2 −0 ...a_custom_class_based_on_hostname_pattern_and_import_policy_and_run_bundles_based_on_that_class.cf
  97. +8 −6 examples/verticalsysadmin_training_examples/2100_More_Examples._Persistent_class.cf
  98. 0 examples/verticalsysadmin_training_examples/2400
  99. 0 examples/verticalsysadmin_training_examples/2410_Special_Variables.txt
  100. 0 examples/verticalsysadmin_training_examples/2430_Special_Variables._Edit.txt
  101. 0 examples/verticalsysadmin_training_examples/2700
  102. 0 examples/verticalsysadmin_training_examples/2800
  103. 0 examples/verticalsysadmin_training_examples/2900
  104. 0 examples/verticalsysadmin_training_examples/2930_Special_Notes._Max_scalar_list_and_array_sizes.txt
  105. 0 examples/verticalsysadmin_training_examples/2940_Special_Notes._Unit_tests.txt
  106. 0 examples/verticalsysadmin_training_examples/2950_Special_Notes._Orion_Cloud_Pack.txt
  107. 0 examples/verticalsysadmin_training_examples/2960_Special_Notes._Always_specify_the_class.txt
  108. 0 examples/verticalsysadmin_training_examples/4000_PLUG
  109. +3 −8 examples/verticalsysadmin_training_examples/4020_mutually_exclusive.cf
  110. +2 −2 examples/verticalsysadmin_training_examples/9999_demo_of_dynamic_inputs_and_bundleseq/main.cf
  111. +10 −0 examples/verticalsysadmin_training_examples/9999_process_stop__multi-command.cf
  112. +12 −0 examples/verticalsysadmin_training_examples/COPBL-contain-silent.cf
  113. +95 −0 examples/verticalsysadmin_training_examples/COPBL_standard_services.cf
  114. +13 −0 examples/verticalsysadmin_training_examples/MISC_COPBL_edit_line_insert_lines.cf
  115. +9 −0 examples/verticalsysadmin_training_examples/MISC_function_countlinesmatching.cf
  116. +6 −5 examples/verticalsysadmin_training_examples/MISC_verbose_logging_of_repairs.cf
  117. 0 ...alsysadmin_training_examples/ask_cfengine_to_document_edit_field_quoted_var_body_in_the_COPBL.txt
  118. 0 examples/verticalsysadmin_training_examples/ask_why_0630_does_not_work.txt
  119. +15 −0 examples/verticalsysadmin_training_examples/backreferences_demo.pl
  120. 0 ...ples/verticalsysadmin_training_examples/bug_report__thinks_it_edited_the_file_when_it_has_not.txt
  121. BIN examples/verticalsysadmin_training_examples/cfengine_syntax_pattern__bundle__in_full.odt
  122. BIN examples/verticalsysadmin_training_examples/cfengine_syntax_pattern__bundle__in_full.pdf
  123. 0 examples/verticalsysadmin_training_examples/cfengine_syntax_pattern__simplest.odt
  124. 0 examples/verticalsysadmin_training_examples/edit_backup.txt__ask_cfengine
  125. 0 ...admin_training_examples/enhancement_request__change_category_to_promise_type_in_error_message.txt
  126. +25 −0 examples/verticalsysadmin_training_examples/example_of_return_codes.cf
  127. 0 examples/verticalsysadmin_training_examples/inputs.txt
  128. +9 −0 examples/verticalsysadmin_training_examples/last_exercises.txt
  129. 0 examples/verticalsysadmin_training_examples/log_repaired_synopsis
  130. 0 examples/verticalsysadmin_training_examples/logme.txt
  131. 0 ...y_around_with_type_check_paramater___it_needs_to_be_documented_better_in_the_refernece_manual.txt
  132. 0 ...lsysadmin_training_examples/recommend_that_the_package_populate_var_cfengine_inputs_directory.txt
  133. 0 examples/verticalsysadmin_training_examples/rewrite_2130_to_make_it_more_declarative
  134. +11 −0 examples/verticalsysadmin_training_examples/run_slides.sh
  135. 0 examples/verticalsysadmin_training_examples/set_space_separated_variable_values_in_file__BROKEN
  136. 0 examples/verticalsysadmin_training_examples/suggestion_for_mark.txt
  137. 0 examples/verticalsysadmin_training_examples/typo_in_reference_manual.txt
  138. +35 −0 examples/xenuser_org-educational_examples/xenuser_org-001-simple_editing_files.cf
  139. +26 −0 examples/xenuser_org-educational_examples/xenuser_org-002-ensure_processes_are_running.cf
  140. +19 −0 examples/xenuser_org-educational_examples/xenuser_org-003-ensure_packages_are_installed.cf
  141. +15 −0 examples/xenuser_org-educational_examples/xenuser_org-004-mounting_a_nfs_share.cf
  142. +28 −0 examples/xenuser_org-educational_examples/xenuser_org-005-managing_apt_sources_lists.cf
  143. +15 −0 examples/xenuser_org-educational_examples/xenuser_org-006-running_shell_commands.cf
  144. +40 −0 examples/xenuser_org-educational_examples/xenuser_org-007-configuring_ssh_or_any_other_service.cf
  145. +23 −0 examples/xenuser_org-educational_examples/xenuser_org-008-reporting_disk_usage.cf
  146. +19 −0 examples/xenuser_org-educational_examples/xenuser_org-009-using_environment_variables.cf
  147. +22 −0 examples/xenuser_org-educational_examples/xenuser_org-010-monitoring_cpu_load.cf
  148. +17 −0 examples/xenuser_org-educational_examples/xenuser_org-011-deleting_old_files.cf
  149. +22 −0 ..._org-educational_examples/xenuser_org-012-managing_acls_with_the_community_edition_of_cfengine.cf
  150. +44 −0 examples/xenuser_org-educational_examples/xenuser_org-013-monitoring_apache_web_server.cf
  151. +1 −0 sketches/cfsketches
  152. +37 −1 sketches/cloud/cloud_services/README.md
  153. +324 −11 sketches/cloud/cloud_services/main.cf
  154. +49 −0 sketches/cloud/cloud_services/modules/vcli_decision
  155. +38 −0 sketches/cloud/cloud_services/params/demo.json
  156. +41 −0 sketches/cloud/cloud_services/params/demo_ec2only.json
  157. +4 −2 sketches/cloud/cloud_services/sketch.json
  158. +53 −30 sketches/cloud/cloud_services/test.cf
  159. +40 −0 sketches/package_management/yumclient/README.md
  160. +4 −0 sketches/package_management/yumclient/changelog
  161. +29 −0 sketches/package_management/yumclient/example.cf
  162. +274 −0 sketches/package_management/yumclient/main.cf
  163. +27 −0 sketches/package_management/yumclient/sketch.json
  164. +36 −0 sketches/package_management/yumrepo/README.md
  165. +3 −0 sketches/package_management/yumrepo/changelog
  166. +197 −0 sketches/package_management/yumrepo/main.cf
  167. +5 −6 sketches/package_management/yumrepo/params/repos.json
  168. +7 −5 sketches/package_management/yumrepo/sketch.json
  169. +8 −7 sketches/package_management/yumrepo/test.cf
  170. +2 −0 sketches/system/set_hostname/changelog
  171. +6 −6 sketches/system/set_hostname/main.cf
  172. +2 −2 sketches/system/set_hostname/sketch.json
  173. +4 −4 sketches/unsupported/system/local_user_management/local_user_management.cf
  174. +2 −0 sketches/utilities/halt_agent_if_file_exists/changelog
  175. +15 −16 sketches/utilities/halt_agent_if_file_exists/main.cf
  176. +2 −2 sketches/utilities/halt_agent_if_file_exists/sketch.json
  177. +7 −2 sketches/utilities/vcs_mirror/main.cf
  178. +5 −5 sketches/utilities/vcs_mirror/sketch.json
  179. +2 −1 tools/cf-sketch/cf-sketch.pl
View
6 examples/verticalsysadmin_training_examples/.vimrc
@@ -0,0 +1,6 @@
+filetype plugin indent on
+
+autocmd BufRead,BufNewFile *.cf set ft=cf3
+autocmd BufRead,BufNewFile *.asciidoc set ft=asciidoc
+
+set exrc
View
74 examples/verticalsysadmin_training_examples/0003-Exercises.txt 100755 → 100644
@@ -1,9 +1,10 @@
EXERCISES
+
(If you finish early, please study the Reference
Manual, chapters 1 - 4.)
-1. Write a policy to signal TERM and then KILL to anyklasdjf
+1. Write a policy to signal TERM and then KILL to any
process matching "trn".
Testing it:
@@ -18,14 +19,16 @@ into an slist variable. Write a promise to signal
'term' and then 'kill' to any process in that
list.
-==================================================
+
EXERCISE 2
Write a policy to create /tmp/myname.txt and put
your name in it.
+
+
EXERCISE 3
Manually create a template:
@@ -80,6 +83,10 @@ observe how CFEngine dynamically configures your server.
+
+
+
+
EXERCISE 5. File Editing
Write a policy to create /etc/motd as follows:
@@ -201,28 +208,6 @@ a policy that logs to /var/log/repairs.txt if a promise
is repaired by CFEngine.
===============================================================
-EXERCISE 9. Methods
-
-Practice using "methods" type promises:
-
-Write a policy that has two bundles.
-
-The first bundle does something visible (such as a
-reports type promise that says "bundle1") AND calls
-the second bundle.
-
-The second bundle reports "bundle2".
-
-
-EXERCISE 10. Methods (continued).
-
-Now parameterize the 2nd bundle -- have the
-first bundle feed it an argument, and have the
-2nd bundle display that argument.
-
-
-
-============================================================
EXERCISE 11 - Precision File Editing
@@ -237,36 +222,6 @@ if [ -x /bin/custom ]
then /bin/custom
fi
-EXERCISE 12 - Methods
-
-Let's say we want our /etc/profile file to contain a line
-ORGANIZATION=MyOrg to set the ORGANIZATION environment
-variable when users log in.
-
-Write a bundle "etc_profile_contains" that would take an argument
-and ensures /etc/profile contains text string that specified
-in the argument.
-
-Demonstrate its use by calling it from another bundle:
-
- bundle agent example {
- methods:
- "any"
- usebundle => etc_profile_contains("ORGANIZATION=MyOrg");
- }
-
-
-EXERCISE 13 - Methods (re-usable bundles)
-
-Make a bundle called file_contains that takes two arguments:
-a filename, and a text string. The bundle should ensure that
-the file specified in the first argument contains the text string
-specified in the second argument. Example:
-
- methods:
- "any" usebundle => file_contains("/etc/profile", "ORGANIZATION=MyOrg");
- "any" usebundle => file_contains("/etc/motd", "Unauth. use forbidden");
-
@@ -293,20 +248,21 @@ Given a file /tmp/file.txt:
apples
oranges
-and given that we want the file to converge to:
+Use the COPBL to comment out "oranges" and append "bananas", resulting in:
apples
# oranges
bananas
-use the COPBL to ensure the file contains the line
-bananas (bundle edit_line insert_lines) and to ensure
-the line matching "oranges" is commented out (bundle edit_line comment_lines_matching).
+Hint: use "bundle edit_line insert_lines" and "bundle edit_line comment_lines_matching".
+
EXERCISE 17 - COPBL - contain a command
+Run the command /usr/bin/id as user "nobody".
+
+Hint: use "body contain setuid".
-Run the command /usr/bin/id as user classroom.
EXERCISE 18 - COPBL - linking promises together
View
6 examples/verticalsysadmin_training_examples/0004_the_most_basic_form_of_a_promise.txt
@@ -3,7 +3,11 @@ The Most Basic Form of a Promise
promise_type:
+ class::
+
"promiser"
- promise_body;
+ attribute1 => value1,
+ attribute2 => value2;
+
View
0 examples/verticalsysadmin_training_examples/0005_simple_example.txt 100755 → 100644
File mode changed.
View
0 ...drop_process._Terminate_with_prejudice.cf → ..._bot_process._Terminate_with_prejudice.cf
File renamed without changes.
View
0 ...ate_with_prejudice__use_the_RegEx_Luke.cf → ...ate_with_prejudice__use_the_RegEx_Luke.cf
File renamed without changes.
View
21 examples/verticalsysadmin_training_examples/0032_do_exercise_1.txt
@@ -0,0 +1,21 @@
+ EXERCISE
+
+---
+A note on how to write cfengine policies:
+1. sysadmin problem
+2. envision the desired end state
+3. translate the desired end state into CFEngine Policy Language
+---
+
+1. Write a policy to signal TERM and then KILL to any
+process matching "trn".
+
+ Testing it:
+
+ cp /bin/sleep ~/trn
+ ~/trn 1000 &
+ cf-agent -f ...
+
+If you finish before everybody else, please study the
+Reference Manual, chapters 1 - 4.
+
View
3 ...icalsysadmin_training_examples/0060_Basic_Examples._Hello_world_using_command_bin_echo.cf
@@ -1,6 +1,3 @@
-# commands
-# A promise to execute a command.
-
bundle agent example
{
View
0 examples/verticalsysadmin_training_examples/0149 100755 → 100644
File mode changed.
View
0 ...min_training_examples/0150_Knowledge_management_is_one_of_the_key_challenges_of_scale.txt 100755 → 100644
File mode changed.
View
3 ...admin_training_examples/0152_Basic_Examples.__Knowledge_Management__handle__depends_on.cf
@@ -11,5 +11,6 @@ bundle agent example {
depends_on => { "another_promise" } ,
- create => "true";
+ create => "true",
+ comment => "Demonstrate CFEngine knowledge management features.";
}
View
0 examples/verticalsysadmin_training_examples/0156 100755 → 100644
File mode changed.
View
4 ...es/verticalsysadmin_training_examples/0160_Basic_Examples.__Editing_Files._Edit_a_file.cf
@@ -12,6 +12,8 @@ bundle agent example {
bundle edit_line file_contains_proper_greetings {
- insert_lines: "Good morning!";
+insert_lines:
+
+ "Good morning!";
}
View
3 ...admin_training_examples/0165_Basic_Examples.__Editing_Files._Edit_a_file,_strict_match.cf
@@ -18,8 +18,7 @@ bundle edit_line proper_greetings {
insert_lines:
- "Good morning, how are you today?";
-
+ "Good morning!";
}
View
4 examples/verticalsysadmin_training_examples/0166_exercise.txt
@@ -0,0 +1,4 @@
+EXERCISE
+
+Write a policy to create /tmp/myname.txt and put
+your name in it.
View
17 ...ining_examples/0167a_Basic_Examples.__Editing_Files._Edit_a_file,_expand_from_template.cf
@@ -0,0 +1,17 @@
+bundle agent example {
+
+files:
+
+ "/etc/motd"
+
+ edit_line => ExpandMeFrom("/tmpl/motd.tmpl");
+}
+
+bundle edit_line ExpandMeFrom(source) {
+
+insert_lines:
+
+ "$(source)"
+
+ insert_type => "file";
+}
View
0 ...les._Edit_a_file,_expand_from_template.cf → ...les._Edit_a_file,_expand_from_template.cf
File renamed without changes.
View
22 ...ining_examples/0167c_Basic_Examples.__Editing_Files._Edit_a_file,_expand_from_template.cf
@@ -0,0 +1,22 @@
+bundle agent example {
+
+files:
+
+ "/etc/motd"
+
+ edit_line => ExpandMeFrom("/tmpl/motd.tmpl");
+}
+
+bundle edit_line ExpandMeFrom(source) {
+
+delete_lines:
+
+ ".*";
+
+insert_lines:
+
+ "$(source)"
+
+ insert_type => "file",
+ expand_scalars => "true";
+}
View
10 examples/verticalsysadmin_training_examples/0168a_variable_scope.txt
@@ -0,0 +1,10 @@
+Note: a fully qualified variable consists of the bundle
+name wherein the variable is defined plus the variable
+name. Example:
+
+ bundle agent mybundle { vars: "myvar" string => "myvalue"; }
+
+$(myvar) <--- unqualified
+
+$(mybundle.myvar) <--- fully qualified (complete with scope)
+
View
29 examples/verticalsysadmin_training_examples/0168b_exercise.txt
@@ -0,0 +1,29 @@
+ EXERCISE
+
+
+(If you finish early, please study the Reference
+Manual, chapters 1 - 4; then the special topic guide
+on the Editing File Content)
+
+
+Manually create a template. Embed a variable into the template:
+
+ echo 'Hello, $(mybundle.myname). The time is $(sys.date).' > /tmp/file.tmpl
+
+Now write a policy to populate contents of /tmp/file.txt
+using this template file, /tmp/file.tmpl.
+
+Make sure your bundle defines the variable embedded in the
+template, and that your bundle name matches the bundle name
+embedded in the template.
+
+Your policy should use an edit_lines bundle containing an
+insert_lines promise with the following attributes:
+
+ insert_type => "file",
+ expand_scalars => "true";
+
+If you finish before rest of the group, finish studying
+the CFEngine Reference Manual chapters 1 -4, and if you
+finish that, then study the Special Topic guide on Editing
+File Content.
View
1 examples/verticalsysadmin_training_examples/0181 100755 → 100644
@@ -0,0 +1 @@
+Classes
View
10 examples/verticalsysadmin_training_examples/0201_class_expression_operators.txt
@@ -0,0 +1,10 @@
+
+. and
+
+& and (synonym for .)
+
+| or
+
+
+( ) groupers
+
View
18 ...ples/verticalsysadmin_training_examples/0210_Patterns._Classes._Report_day_of_the_week.cf
@@ -1,11 +1,11 @@
bundle agent example {
- reports: Monday:: "Hello world! I love Mondays!";
- reports: Tuesday:: "Hello world! I love Tuesdays!";
- reports: Wednesday:: "Hello world! I love Wednesdays!";
- reports: Thursday:: "Hello world! I love Thursdays!";
- reports: Friday:: "Hello world! I love Fridays!";
-
- reports: Saturday:: "Hello world! I love weekends!";
- reports: Sunday:: "Hello world! I love weekends!";
- }
+ reports: Monday:: "Hello world! I love Mondays!";
+ reports: Tuesday:: "Hello world! I love Tuesdays!";
+ reports: Wednesday:: "Hello world! I love Wednesdays!";
+ reports: Thursday:: "Hello world! I love Thursdays!";
+ reports: Friday:: "Hello world! I love Fridays!";
+
+ reports: Saturday:: "Hello world! I love weekends!";
+ reports: Sunday:: "Hello world! I love weekends!";
+}
View
2 ...ples/verticalsysadmin_training_examples/0220_Patterns._Classes._OS_and_time_expression.cf
@@ -4,7 +4,7 @@ bundle agent example {
linux.Hr12:: "Linux system AND we are in the 12th hour.";
- linux.Hr15:: "Linux system AND we are in the 15th hour.";
+ linux.Hr13:: "Linux system AND we are in the 13th hour.";
linux&Hr22:: "Linux system AND we are in the 22nd hour.";
View
8 ...s/verticalsysadmin_training_examples/0250_Patterns._Classes._Ensuring_CUPSd_is_running.cf
@@ -2,15 +2,15 @@ bundle agent example {
processes:
- "^cupsd"
+ "cupsd"
- restart_class => "restart_cups",
- comment => "We DO want print services";
+ restart_class => "cups_needs_to_be_started",
+ comment => "We DO want print services";
commands:
- restart_cups::
+ cups_needs_to_be_started::
"/etc/init.d/cups"
View
21 examples/verticalsysadmin_training_examples/0252_logical_not.cf
@@ -0,0 +1,21 @@
+bundle agent example {
+
+reports:
+
+ linux::
+
+ "Yay Linux!";
+
+
+reports:
+
+ !linux::
+
+ "I miss my Linux...";
+
+reports:
+
+ !windows::
+
+ "Thank goodness it ain't Windows.";
+}
View
8 .../verticalsysadmin_training_examples/0270__Demonstration_of_CFEngine_Running_Unattended.cf
@@ -5,8 +5,8 @@
# 1. Copy this file to /var/cfengine/inputs/promises.cf, and
# 2. Copy this file to /var/cfengine/inputs/failsafe.cf.
# 3. Restart CFEngine service to reload the policy.
-# 4. Make sure you don't have a /tmp/nologin file: rm /tmp/nologin
-# 5. Watch CFEngine create /tmp/nologin within 5 minutes.
+# 4. Make sure you don't have a /etc/nologin file: rm /etc/nologin
+# 5. Watch CFEngine create /etc/nologin within 5 minutes.
body common control {
@@ -17,9 +17,9 @@ bundle agent example {
files:
- "/tmp/nologin"
+ "/etc/nologin"
- create => "true",
+ create => "true",
comment => "Mortal users can't log in while system is in maintenance mode";
}
View
29 examples/verticalsysadmin_training_examples/0271-exercise_cfengine_running_unattended.txt
@@ -0,0 +1,29 @@
+ EXERCISE
+Running CFEngine Non-Interactive (as a Service)
+using /var/cfengine/inputs/promises.cf as input.
+
+1. Specify a bundlesequence in your policy from exercise 5
+(that creates an /etc/motd file that always says Unauth.
+Use Forbidden, and "go home, it's the weekend" on the weekend.
+Add to this policy:
+
+ body common control {
+
+ bundlesequence => { "..." };
+
+ }
+
+2. Copy this modified exercise 5 to /var/cfengine/inputs/promises.cf
+3. Make your failsafe.cf identical to promises.cf:
+ cd /var/cfengine/inputs
+ ln -s promises.cf failsafe.cf
+4. Check the syntax of the default input file (promises.cf):
+ cf-promises
+5. Run CFengine from command line once to make sure it all works:
+ cf-agent
+6. Restart CFEngine service to reload the policy:
+ /etc/init.d/cfengine3 restart
+7. Make sure you don't have an /etc/motd file so CFEngine has something to fix:
+ rm /etc/motd
+8. Watch CFEngine create /etc/motd within 5 minutes:
+ watch ls -l /etc/motd 2>/dev/null
View
0 examples/verticalsysadmin_training_examples/0300 100755 → 100644
File mode changed.
View
23 ...mples/0360_Body-Part_Examples._Example_with_Promise_Body._Check_storage_min_free_space.cf
@@ -1,23 +0,0 @@
-bundle agent example {
-
- storage:
-
- "/"
- volume => check_min_free_space("80%");
-
- "/empty"
- volume => check_min_free_space("80%");
-
- "/boot"
- volume => check_min_free_space("100M");
-
-
- }
-
-
-body volume check_min_free_space(free) {
-
- freespace => "$(free)";
- sensible_size => "10G";
-
- }
View
24 ...70_Body-Part_Examples._Check_storage_min_free_space^%_sensible_size_and_sensible_count.cf
@@ -1,24 +0,0 @@
-bundle agent example {
-
- storage:
-
- "/dev/shm"
-
- volume => check_sanity_and_min_free_space("99%");
-
-
- "/"
- volume => check_sanity_and_min_free_space("30%");
-
- }
-
-body volume check_sanity_and_min_free_space(free) {
-
- freespace => "$(free)";
-
- check_foreign => "on"; # do sanity check foreign (remote) volumes
-
- sensible_size => "100K"; # Min size used (in bytes)
-
- sensible_count => "10"; # Min files/dirs at top level
- }
View
14 examples/verticalsysadmin_training_examples/0380a_perms.cf
@@ -0,0 +1,14 @@
+bundle agent example {
+
+files:
+
+ "/tmp/testfile"
+
+ perms => acceptable_groups;
+}
+
+body perms acceptable_groups {
+
+groups => {"root", "games", "mail" };
+
+}
View
28 examples/verticalsysadmin_training_examples/0380b_perms.cf
@@ -0,0 +1,28 @@
+bundle agent example {
+
+files:
+
+ "/tmp/bobsfile"
+
+ create => "true",
+ comment => "/tmp/testfile must not be world-wirtable",
+ perms => no_world_writable_files_allowed("bob");
+
+ "/tmp/susansfile"
+
+ create => "true",
+ comment => "/tmp/testfile must not be world-wirtable",
+ perms => no_world_writable_files_allowed("susan");
+
+
+}
+
+
+#######################################################
+
+body perms no_world_writable_files_allowed(owner)
+{
+mode => "u+rwx,g+rx,o+r,o-w";
+owners => {"$(owner)"};
+groups => {"cfengine"};
+}
View
4 examples/verticalsysadmin_training_examples/0384_Body-Part_Examples._Replacing_Patterns.cf
@@ -12,8 +12,8 @@ bundle edit_line transform_dogs_to_cats {
replace_patterns:
"[Dd]og"
-
- replace_with => value("cat");
+
+ replace_with => value("cat");
}
View
0 examples/verticalsysadmin_training_examples/0390 100755 → 100644
File mode changed.
View
0 ...ticalsysadmin_training_examples/0410_Cfengine_Grammar._LHS_vs_RHS._Promise_attributes.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/0460 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/0500_Data_Types._Scalars_and_lists._Scalars.txt 100755 → 100644
File mode changed.
View
0 ...calsysadmin_training_examples/0520_Data_Types._Special_suffixes_for_Integer_constants.txt 100755 → 100644
File mode changed.
View
2 examples/verticalsysadmin_training_examples/0530_Data_Types._Integer_suffixes_demo.cf
@@ -2,7 +2,7 @@ bundle agent example {
vars:
- "fourty_two_kilobytes" int => "42k"; # 42 x 1000
+ "fourty_two_kilobytes" int => "42k"; # 42 x 1000
"fourty_two_kibibytes" int => "42K"; # 42 x 1024
View
0 examples/verticalsysadmin_training_examples/0540_Data_Types._List_variables.txt 100755 → 100644
File mode changed.
View
1 examples/verticalsysadmin_training_examples/0570_Data_Types._Lists_of_integers.cf
@@ -9,6 +9,7 @@ bundle agent example {
reports:
+
linux::
"Iterating over the values in @(my_list): $(my_list)";
View
1 examples/verticalsysadmin_training_examples/0580_Data_Types._Lists_of_real_numbers.cf
@@ -8,6 +8,7 @@ bundle agent example {
reports:
+
linux::
"Iterating over the values in @(my_list): $(my_list)";
View
16 examples/verticalsysadmin_training_examples/0590_exercise.txt
@@ -0,0 +1,16 @@
+EXERCISE - using lists
+
+Create a list containing names of files to create.
+
+Then use a single "files" promise to create all
+these files.
+
+--------------------------------------------------
+
+EXERCISE - using lists
+
+1. Create a list containing names of processes that
+ should not be running: for example "trn" and "eggdrop"
+
+2. Using "processes" promise, ensure these processes
+ are not running.
View
0 examples/verticalsysadmin_training_examples/0600 100755 → 100644
File mode changed.
View
5 examples/verticalsysadmin_training_examples/0610_Data_Structures._Arrays.txt 100755 → 100644
@@ -4,3 +4,8 @@ or lists as their elements.
Array variables are written with '[' and ']' brackets:
$(array_name[key_name])
+
+or
+
+$(bundle_name.array_name[key_name])
+
View
7 examples/verticalsysadmin_training_examples/0615_Data_Structures._Array_of_strings.cf
@@ -7,12 +7,15 @@ bundle agent example {
"cfengine_components[cf-execd]" string => "The executor";
+ "cfengine_components[a_number]" int => "5";
+
"component_names"
- slist => getvalues("cfengine_components");
+ slist => getindices("cfengine_components");
reports:
+
linux::
- "$(cfengine_components[cf-execd])";
+ "$(component_names) $(cfengine_components[$(component_names)])";
}
View
14 examples/verticalsysadmin_training_examples/0615b_exercise.txt
@@ -0,0 +1,14 @@
+EXERCISE
+
+Make an array, student_grades.
+
+ Keys Values
+
+ Joe A
+ Mary A
+ Bob B
+ Linda B
+
+Report the contents
+of the array.
+
View
0 examples/verticalsysadmin_training_examples/0700 100755 → 100644
File mode changed.
View
4 ...verticalsysadmin_training_examples/0710_Software_Components._Cf-promises_and_cf-agent.txt 100755 → 100644
@@ -9,7 +9,7 @@ The most important to learn first are:
You can use it to syntax check your policies:
- cf-promises -f your_policy.cf
+ cf-promises -f ./your_policy.cf
* cf-agent
@@ -20,4 +20,4 @@ system. It's the part of cfengine that actually
makes changes to the system.
- cf-agent -f your_policy.cf
+ cf-agent -f ./your_policy.cf
View
4 .../verticalsysadmin_training_examples/0720_Software_Components._Cf-execd_and_cf-serverd.txt 100755 → 100644
@@ -1,14 +1,14 @@
Next important components are:
-cf-serverd
+* cf-serverd
Used to distribute files to clients requesting them and
to listen to network requests for re-running the local
cf-agent.
-cf-execd
+* cf-execd
Used to run cf-agent on a regular (and user-configurable)
basis.
View
0 ...e_Components._Other_components._Tools_for_Cfengine_networking._cf-key_and_cf-runagent.txt 100755 → 100644
File mode changed.
View
0 ...ples/0740_Software_Components._Other_components._Cf-monitord,cf-know,cf-report,cf-hub.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/0750 100755 → 100644
File mode changed.
View
0 ...ysadmin_training_examples/0760_Configuring_Cfengine._The_starting_set_of_config_files.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/0800 100755 → 100644
File mode changed.
View
357 examples/verticalsysadmin_training_examples/1
@@ -0,0 +1,357 @@
+ EXERCISES
+
+
+(If you finish early, please study the Reference
+Manual, chapters 1 - 4.)
+
+1. Write a policy to signal TERM and then KILL to any
+process matching "trn".
+
+ Testing it:
+
+ cp /bin/sleep ~/trn
+ ~/trn 1000 &
+ cf-agent -f ...
+
+1b. Make a list of processes you don't want to run
+(let's say "trn" and "eggdrop") and put this list
+into an slist variable. Write a promise to signal
+'term' and then 'kill' to any process in that
+list.
+
+
+
+EXERCISE 2
+
+Write a policy to create /tmp/myname.txt and put
+your name in it.
+
+
+
+
+EXERCISE 3
+
+Manually create a template:
+echo 'Hello, $(mybundle.myname). The time is $(sys.date).' > /tmp/file.tmpl
+
+
+Note: a fully qualified variable consists of the bundle
+name wherein the variable is defined plus the variable
+name. Example:
+
+ bundle agent mybundle { vars: "myvar" string => "myvalue"; }
+
+The fully qualified variable name is $(mybundle.myvar).
+
+
+Now write a policy to populate contents of /tmp/file.txt
+using this template file, /tmp/file.tmpl.
+
+Make sure your bundle defines the variable embedded in the
+template, and that your bundle name matches the bundle name
+embedded in the template.
+
+Your policy should use an edit_lines bundle containing an
+insert_lines promise with the following attributes:
+
+ insert_type => "file",
+ expand_scalars => "true";
+
+If you finish before rest of the group, finish studying
+the CFEngine Reference Manual chapters 1 -4, and if you
+finish that, then study the Special Topic guide on Editing
+File Content.
+
+
+EXERCISE 4. Classes.
+
+Set a custom class based on the existance of a file.
+For example:
+
+ classes:
+
+ "file_exists"
+
+ expression => fileexists("/etc/site_id") ;
+
+Then write another promise that is conditional on the
+above class.
+
+Run it when the file exists, and when it does not, and
+observe how CFEngine dynamically configures your server.
+
+
+
+
+
+
+
+
+EXERCISE 5. File Editing
+
+Write a policy to create /etc/motd as follows:
+It should *always* say "Unauthorized use forbidden."
+
+EXERCISE 5b. File Editing and Classes
+On weekends only it should have an extra line that says
+"go home, it's the weekend".
+
+===========================================================
+
+EXERCISE 6. Running CFEngine Non-Interactively (as a Service)
+
+Demonstrating of CFEngine running in non-interactive
+mode, using /var/cfengine/inputs/promises.cf as its
+input:
+
+
+1. Specify a bundlesequence in your policy from exercise 5.
+
+Add to your policy:
+
+ body common control {
+
+ bundlesequence => { "..." };
+
+ }
+
+
+2. Copy exercise 5 to /var/cfengine/inputs/promises.cf, and
+
+3. Make your failsafe.cf identical to promises.cf:
+
+ cd /var/cfengine/inputs
+ ln -s promises.cf failsafe.cf
+
+4. Check the syntax of the default input file (promises.cf):
+
+ cf-promises
+
+5. Run CFengine from command line once to make sure
+ it all works:
+
+ cf-agent
+
+6. Restart CFEngine service to reload the policy.
+
+ /etc/init.d/cfengine3 restart
+
+
+7. Make sure you don't have an /etc/motd file:
+
+ rm /etc/motd
+
+8. Watch CFEngine create /etc/motd within 5 minutes.
+
+ watch ls -l /etc/motd 2>/dev/null
+
+
+
+
+
+
+
+
+EXERCISE 6. File Editing - replace_patterns - uses COPBL
+
+Create (manually) a data file:
+
+ /tmp/data.txt
+
+ line 1
+ line 2
+ line 3
+
+Use cf-agent to replace "line 2" with "line two".
+
+
+EXERCISE 6b. File Editing - replace_patterns - uses COPBL
+
+Write a policy where the template contains a placeholder tag
+of the form __TAGNAME__
+
+The template, /tmpl/motd.tmpl should contain:
+
+ This system is property of __ORGANIZATION__.
+ Unauthorized use forbidden.
+ CFEngine maintains this system and last ran on $(sys.date).
+
+Write a CFEngine policy to generate /etc/motd from this
+template.
+
+Your policy should replace __ORGANIZATION__ with the
+name of your organization.
+
+Your policy should expand the special variable $(sys.date).
+
+Use all of the following promise types:
+
+delete_lines
+insert_lines
+replace_patterns
+
+If you finish before rest of the group, finish studying
+the CFEngine Reference Manual chapters 1 -4, and if you
+finish that, then study the Special Topic guide on Editing
+File Content.
+
+
+EXERCISE 7. Integrate your motd policy into the default cfengine policy
+
+===============================================================
+[For faster students]
+
+EXERCISE 8. Reporting when CFEngine makes a change to your system
+
+Read the Special Topics guide on Reporting. Now write
+a policy that logs to /var/log/repairs.txt if a promise
+is repaired by CFEngine.
+
+===============================================================
+EXERCISE 9. Methods
+
+Practice using "methods" type promises:
+
+Write a policy that has two bundles.
+
+The first bundle does something visible (such as a
+reports type promise that says "bundle1") AND calls
+the second bundle.
+
+The second bundle reports "bundle2".
+
+
+EXERCISE 10. Methods (continued).
+
+Now parameterize the 2nd bundle -- have the
+first bundle feed it an argument, and have the
+2nd bundle display that argument.
+
+
+
+============================================================
+
+EXERCISE 11 - Precision File Editing
+
+
+Insert the following three lines (and you can keep them
+in order, as a single block, using
+ insert_type => "preserve_block";
+) into /etc/profile BEFORE the HOSTNAME=... line.
+
+
+if [ -x /bin/custom ]
+ then /bin/custom
+fi
+
+EXERCISE 12 - Methods
+
+Let's say we want our /etc/profile file to contain a line
+ORGANIZATION=MyOrg to set the ORGANIZATION environment
+variable when users log in.
+
+Write a bundle "etc_profile_contains" that would take an argument
+and ensures /etc/profile contains text string that specified
+in the argument.
+
+Demonstrate its use by calling it from another bundle:
+
+ bundle agent example {
+ methods:
+ "any"
+ usebundle => etc_profile_contains("ORGANIZATION=MyOrg");
+ }
+
+
+EXERCISE 13 - Methods (re-usable bundles)
+
+Make a bundle called file_contains that takes two arguments:
+a filename, and a text string. The bundle should ensure that
+the file specified in the first argument contains the text string
+specified in the second argument. Example:
+
+ methods:
+ "any" usebundle => file_contains("/etc/profile", "ORGANIZATION=MyOrg");
+ "any" usebundle => file_contains("/etc/motd", "Unauth. use forbidden");
+
+
+
+
+EXERCISE 15 - Classes
+
+Reminder: make any changes to promises.cf in /var/cfengine/masterfiles.
+If you make them in /var/cfengine/inputs, they may get overwritten if/when
+failsafe.cf kicks in.
+
+Problem: All workstations should be shutdown at end of class at 15:40.
+
+Desired state: The command "shutdown -h now" is run during the 15:40 - 15:45
+window.
+
+Add to "bundle agent main" in promises.cf a promise to shutdown the
+workstation at 15:40. Copy promises.cf from masterfiles to inputs.
+Make sure cf-execd is running.
+
+
+EXERCISE 16 - COPBL
+
+Given a file /tmp/file.txt:
+
+apples
+oranges
+
+and given that we want the file to converge to:
+
+apples
+# oranges
+bananas
+
+use the COPBL to ensure the file contains the line
+bananas (bundle edit_line insert_lines) and to ensure
+the line matching "oranges" is commented out (bundle edit_line comment_lines_matching).
+
+EXERCISE 17 - COPBL - contain a command
+
+
+Run the command /usr/bin/id as user classroom.
+
+
+EXERCISE 18 - COPBL - linking promises together
+
+Problem: Increase security by ensuring sshd is running with
+"PermitRootLogin no".
+
+How does the system look like in the correct configuration:
+1. Make sure /etc/ssh/sshd_config contains the line "PermitRootLogin no"
+2. Make sure sshd is running using this configuration
+
+How to code it in CFEngine:
+1. a files promise to edit sshd_config
+2. a commands promise to restart sshd to reload the new config
+
+Exercise: use the "body classes if_repaired" to link 1 and 2
+to make sure 2 happens.
+
+
+EXERCISE 19 - Bonus Points - Restart sshd if the process start
+time of sshd predates the modification timestamp of /etc/ssh/sshd_config
+(Process selection is demonstrated in *Process_Selection* in
+verticalsysadmin_training_examples)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
View
3 examples/verticalsysadmin_training_examples/1000_COPBL._Introduction.txt 100755 → 100644
@@ -7,3 +7,6 @@ in cfengine_stdlib.cf.
As of CFEngine 3.2.1, there are 99 promise bodies
in cfengine_stdlib.cf (and 19 bundles)
+
+As of CFEngine 3.3.5, there are 114 promise bodies
+in cfengine_stdlib.cf (and 29 bundles)
View
1 ...sadmin_training_examples/1030_COPBL._Context_sensitive_file_editing._Set_robs_password.cf
@@ -12,7 +12,6 @@ bundle agent example {
"/etc/shadow"
- #edit_line => set_user_field("rob",2,"!!");
edit_line => set_user_field("rob",2,"$1$stIAaUZw$ptP75nVkz/EapeuvdWLNC0");
}
View
2 examples/verticalsysadmin_training_examples/1040_COPBL._Removing_a_file.cf
@@ -11,6 +11,6 @@ bundle agent example {
delete => tidy;
- # shell equivalent: rm -r /tmp/testfile
+ # shell equivalent: rm -r /tmp/testfile*
}
View
7 ..._Remove_centos_httpd_welcome_page,_by_commenting_out_its_contents_and_restarting_httpd.cf
@@ -11,15 +11,12 @@ body common control {
bundle agent example {
- vars:
- "mycomment" string => "Let's keep a low profile and not advertise what software we are running";
-
files:
"/etc/httpd/conf.d/welcome.conf"
- comment => "$(mycomment)",
+ comment => "Let's keep a low profile and not advertise what software we are running",
edit_line => comment_out_everything,
classes => if_repaired("reload_httpd");
@@ -36,7 +33,7 @@ bundle edit_line comment_out_everything {
"^([^#].*)"
- replace_with => comment("#$(example.mycomment)# ");
+ replace_with => comment("#");
}
View
16 ...xamples/1475_Classes_have_global_scope.cf → ...n_training_examples/1050_keep_this_one.cf
@@ -11,33 +11,29 @@ body common control {
bundle agent example {
- vars:
- "mycomment" string => "Let's keep a low profile and not advertise what software we are running";
-
files:
"/etc/httpd/conf.d/welcome.conf"
- comment => "$(mycomment)",
+ comment => "Let's keep a low profile and not advertise what software we are running",
edit_line => comment_out_everything,
classes => if_repaired("reload_httpd");
-
- }
-
-bundle agent example2 {
commands:
reload_httpd::
"/etc/init.d/httpd reload";
- }
+
+ }
+
bundle edit_line comment_out_everything {
replace_patterns:
"^([^#].*)"
- replace_with => comment("#$(example.mycomment)# ");
+ replace_with => comment("# Commented out by CFEngine #");
}
+
View
0 examples/verticalsysadmin_training_examples/1100 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/1110_Patterns._Introduction.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/1150 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/1180_Patterns._Regular_expressions.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/1200 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/1210_Patterns._Body_templates.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/1220 100755 → 100644
File mode changed.
View
2 ...es/1340_using_classes_to_link_promises._Promise_repair__also_demonstrates_action_logme.cf
@@ -24,8 +24,8 @@ bundle agent example {
body action logme(x)
{
log_kept => "/tmp/private_keptlog.log";
- log_failed => "/tmp/private_faillog.log";
log_repaired => "/tmp/private_replog.log";
+ log_failed => "/tmp/private_faillog.log";
log_string => "$(sys.date) $(x)";
}
View
14 ...n_training_examples/1370_Classes._Set_a_private_class_based_on_hard_classes_expression.cf
@@ -1,10 +1,10 @@
bundle agent example
{
- classes:
- "solinux"
- comment => "Set a custom class based on built-in classes",
- expression => "linux|solaris";
+classes:
+ "solaris_or_linux"
+ comment => "Set a custom class based on built-in classes",
+ expression => "linux|solaris";
# "cf-agent --verbose" shows:
@@ -13,7 +13,7 @@ bundle agent example
# cf3> + solinux
- reports:
- solinux::
- "Yay!! I am on Solaris or Linux.";
+reports:
+ solaris_or_linux::
+ "Yay!! I am on Solaris or Linux.";
}
View
0 examples/verticalsysadmin_training_examples/1471_Classes._Default_classes__cf-monitord.txt 100755 → 100644
File mode changed.
View
7 examples/verticalsysadmin_training_examples/1474_classes_GOTCHA.cf
@@ -2,13 +2,10 @@ bundle agent example {
commands:
- any::
-
- "/bin/echo hello world";
-
linux&Hr08::
"/bin/echo Linux system AND we are in the 8th hour.";
-
+
+ "/bin/echo hello world"; # this promise is NOT in the class "any" !!!
}
View
14 examples/verticalsysadmin_training_examples/1478_exercise.txt
@@ -0,0 +1,14 @@
+Set a custom class based on the existance of a file.
+For example:
+
+ classes:
+
+ "file_exists"
+
+ expression => fileexists("/etc/site_id") ;
+
+Then write another promise that is conditional on the
+above class.
+
+Run it when the file exists, and when it does not, and
+observe how CFEngine dynamically configures your server.
View
0 examples/verticalsysadmin_training_examples/1480
No changes.
View
1 examples/verticalsysadmin_training_examples/1480_Classes_and_Scope.txt
@@ -0,0 +1 @@
+Classes and Scope
View
18 examples/verticalsysadmin_training_examples/1481_Classes_have_scope.cf
@@ -0,0 +1,18 @@
+
+bundle agent example {
+
+ classes:
+ "its_wed"
+ expression => "Wednesday";
+
+ }
+
+
+bundle agent example2 {
+
+ reports:
+ its_wed::
+ "Yay! I love Wednesdays!";
+
+}
+
View
18 ...in_training_examples/1482_Classes._Classes_defined_in_common_bundles_have_global_scope.cf
@@ -0,0 +1,18 @@
+
+bundle agent example {
+
+ classes:
+ "its_wed"
+ expression => "Wednesday";
+
+ }
+
+
+bundle agent example2 {
+
+ reports:
+ its_wed::
+ "Yay! I love Wednesdays!";
+
+}
+
View
23 examples/verticalsysadmin_training_examples/1483_if_repaired_creates_global_classes.cf
@@ -0,0 +1,23 @@
+body common control {
+ inputs => { "/var/cfengine/inputs/cfengine_stdlib.cf" };
+}
+
+
+bundle agent example {
+
+ files:
+ "/etc/motd"
+ create => "true",
+ classes => if_repaired("its_wed");
+
+ }
+
+
+bundle agent example2 {
+
+ reports:
+ its_wed::
+ "Yay! I love Wednesdays!";
+
+}
+
View
0 examples/verticalsysadmin_training_examples/1500 100755 → 100644
File mode changed.
View
17 examples/verticalsysadmin_training_examples/1500_Methods._A_special_promise_type.txt 100755 → 100644
@@ -6,9 +6,20 @@ that promises to call another promise bundle.
"any"
- usebundle => bundle_name("parameter", ...);
+ usebundle => bundle_name;
The promiser can be any word, right now it does not matter;
-the promiser is reserved for future development. Parameters
-are optional.
+the promiser is reserved for future development.
+
+-- next slide --
+
+Parameters are optional:
+
+ methods:
+
+ "any"
+
+ usebundle => bundle_name("arg1", "arg2");
+
+
View
0 examples/verticalsysadmin_training_examples/1520_Methods._Encapsulation.txt 100755 → 100644
File mode changed.
View
0 ...amples/MISC__abstraction_using_methods.cf → ...xamples/1521_abstraction_using_methods.cf
File renamed without changes.
View
59 examples/verticalsysadmin_training_examples/1522_methods_exercise.txt
@@ -0,0 +1,59 @@
+EXERCISE
+
+Practice using "methods" type promises
+
+Write a policy that has two bundles.
+
+The first bundle does something visible (such as a
+reports type promise that says "bundle1") AND calls
+the second bundle.
+
+The second bundle reports "bundle2".
+
+Run your policy? What output do you see and in what
+order? Why?
+
+
+EXERCISE
+
+Now parameterize the 2nd bundle -- have the
+first bundle feed it an argument, and have the
+2nd bundle display that argument.
+
+
+EXERCISE
+
+Sysadmin Problem:
+
+/etc/profile should set the ORGANIZATION environment variable when users log in.
+
+export ORGANIZATION=MyOrg
+
+Exercise:
+
+Write a bundle "etc_profile_contains" that would take an argument
+and ensures /etc/profile contains text string that specified
+in the argument.
+
+Demonstrate its use by calling it from another bundle:
+
+ bundle agent example {
+ methods:
+ "any"
+ usebundle => etc_profile_contains("export ORGANIZATION=MyOrg");
+ }
+
+
+EXERCISE Methods (re-usable bundles)
+
+Make a bundle called file_contains that takes two arguments:
+a filename, and a text string. The bundle should ensure that
+the file specified in the first argument contains the text string
+specified in the second argument. Example:
+
+ methods:
+ "any" usebundle => file_contains("/etc/profile", "export ORGANIZATION=MyOrg");
+ "any" usebundle => file_contains("/etc/motd", "Unauth. use forbidden");
+
+
+
View
0 examples/verticalsysadmin_training_examples/1600 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/1610_More_Examples._Embedding_RCS_Id_tag.cf,v 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/1700 100755 → 100644
File mode changed.
View
33 examples/verticalsysadmin_training_examples/1720_More_Examples._copy_from._Remote_copy.cf
@@ -3,7 +3,6 @@ body common control
{
bundlesequence => { "update" };
- inputs => { "/var/cfengine/inputs/cfengine_stdlib.cf" };
}
@@ -20,9 +19,9 @@ bundle agent update
"/var/cfengine/inputs"
perms => u_p("600"),
- copy_from => mycopy("$(master_location)","205.186.156.208"),
- depth_search => recurse("inf"),
- action => immediate;
+ copy_from => u_remote_cp("$(master_location)","205.186.156.208"),
+ depth_search => u_recurse("inf"),
+ action => u_immediate;
}
@@ -37,15 +36,31 @@ body perms u_p(p)
#########################################################
-body copy_from mycopy(from,server)
+body copy_from u_remote_cp(from,server)
+{
+servers => { "$(server)" };
+source => "$(from)";
+compare => "mtime";
+trustkey => "true"; # trust the server's public key
+}
+
+#########################################################
+
+body depth_search u_recurse(d)
{
- source => "$(from)";
- servers => { "$(server)" };
- compare => "digest";
- trustkey => "true"; # trust the server's public key
+depth => "$(d)";
+xdev => "true";
}
+#########################################################
+
+body action u_immediate
+{
+ifelapsed => "0";
+}
+
+
# I had to add the client's IP address to the server's promises.cf:
#
# diff -r1.1 /var/cfengine/inputs/promises.cf
View
0 examples/verticalsysadmin_training_examples/1731_notes_for_setting_up_client_server.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/1800 100755 → 100644
File mode changed.
View
0 ...les/verticalsysadmin_training_examples/1810_More_Examples._Security._Change_detection.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/1900 100755 → 100644
File mode changed.
View
10 ...alsysadmin_training_examples/1950_More_Examples._Setting_the_environment_for_a_command.cf
@@ -1,19 +1,11 @@
-body common control
-{
- bundlesequence => { "one" };
-}
-
-############################################
-
-
body agent control
{
environment => { "A=123", "B=456", "PGK_PATH=/tmp"};
}
############################################
-bundle agent one
+bundle agent example
{
commands:
View
0 examples/verticalsysadmin_training_examples/2000 100755 → 100644
File mode changed.
View
0 ...n_training_examples/2010_More_Examples._EC2._System_provisioning_and_integration_demo.txt 100755 → 100644
File mode changed.
View
2 ..._class_based_on_hostname_pattern_and_import_policy_and_run_bundles_based_on_that_class.cf
@@ -1,3 +1,5 @@
+# change hostname to "mil-mail01" before running this example
+
body common control
{
View
14 examples/verticalsysadmin_training_examples/2100_More_Examples._Persistent_class.cf
@@ -1,3 +1,5 @@
+# FIXME - this example needs work
+
bundle agent example
{
@@ -16,12 +18,12 @@ bundle agent example
"/bin/echo SHIELDS UP, RED ALERT (condition \"cannot_repair_promise_DANGER_DANGER\"";
- # commands:
- #
- # "/bin/true" # or try /bin/false for alternate outcome
- #
- # classes => set_persistent_class_based_on_promise_repair_outcome("ok_but_check_later","cannot_repair_promise_DANGER_DANGER");
- #
+commands:
+
+ "/bin/true"
+
+ classes => set_persistent_class_based_on_promise_repair_outcome("ok_but_check_later","cannot_repair_promise_DANGER_DANGER");
+
}
View
0 examples/verticalsysadmin_training_examples/2400 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/2410_Special_Variables.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/2430_Special_Variables._Edit.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/2700 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/2800 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/2900 100755 → 100644
File mode changed.
View
0 ...erticalsysadmin_training_examples/2930_Special_Notes._Max_scalar_list_and_array_sizes.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/2940_Special_Notes._Unit_tests.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/2950_Special_Notes._Orion_Cloud_Pack.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/2960_Special_Notes._Always_specify_the_class.txt 100755 → 100644
File mode changed.
View
0 examples/verticalsysadmin_training_examples/4000_PLUG 100755 → 100644
File mode changed.
View
11 examples/verticalsysadmin_training_examples/4020_mutually_exclusive.cf
@@ -4,9 +4,6 @@ body common control {
inputs => { "/var/cfengine/inputs/cfengine_stdlib.cf",
};
- bundlesequence => {
- "example"
- };
}
############################################################
@@ -15,14 +12,12 @@ body common control {
bundle agent example {
files:
- localhost::
+
"/tmp/plug"
delete => tidy;
files:
- localdomain::
- "/tmp/plug"
- create => "true",
- mode => "0700";
+ "/tmp/plug"
+ create => "true";
}
View
4 ...ples/verticalsysadmin_training_examples/9999_demo_of_dynamic_inputs_and_bundleseq/main.cf
@@ -39,7 +39,7 @@ bundle common global_vars {
body common control {
- inputs => { "@{global_vars.bseq}" };
- bundlesequence => { "@{global_vars.bseq}" };
+ inputs => { @{global_vars.bseq} };
+ bundlesequence => { @{global_vars.bseq} };
}
View
10 examples/verticalsysadmin_training_examples/9999_process_stop__multi-command.cf
@@ -0,0 +1,10 @@
+bundle agent example {
+
+ processes:
+
+ "cupsd"
+
+ process_stop => "/bin/sh -c '/etc/init.d/cups stop; /sbin/chkconfig cups off'",
+ comment => "We don't want print services on our Web servers.";
+
+}
View
12 examples/verticalsysadmin_training_examples/COPBL-contain-silent.cf
@@ -0,0 +1,12 @@
+body common control {
+ inputs => { "/var/cfengine/inputs/cfengine_stdlib.cf"};
+}
+
+bundle agent example {
+
+commands:
+
+ "/bin/date";
+# contain => silent;
+
+}
View
95 examples/verticalsysadmin_training_examples/COPBL_standard_services.cf
@@ -0,0 +1,95 @@
+bundle agent example {
+
+ methods:
+
+ "any"
+
+ usebundle => standard_services ("www", "stop");
+
+}
+
+
+bundle agent standard_services(service,state)
+{
+ # DATA,
+
+vars:
+
+ linux::
+
+ "startcommand[varnish]" string => "/etc/init.d/varnish start";
+ "stopcommand[varnish]" string => "/etc/init.d/varnish stop";
+ "pattern[varnish]" string => ".*varnish.*";
+
+ suse::
+
+ "startcommand[www]" string => "/etc/init.d/apache2 start";
+ "stopcommand[www]" string => "/etc/init.d/apache2 stop";
+ "pattern[www]" string => ".*httpd.*";
+
+ "startcommand[mysql]" string => "/etc/init.d/mysqld start";
+ "stopcommand[mysql]" string => "/etc/init.d/mysqld stop";
+ "pattern[mysql]" string => ".*mysqld.*";
+
+ "startcommand[tomcat]" string => "/etc/init.d/tomcat5 start";
+ "stopcommand[tomcat]" string => "/etc/init.d/tomcat5 stop";
+ "pattern[tomcat]" string => ".*tomcat5.*";
+
+ redhat::
+
+ "startcommand[www]" string => "/etc/init.d/httpd start";
+ "stopcommand[www]" string => "/etc/init.d/httpd stop";
+ "pattern[www]" string => ".*httpd.*";
+
+ debian|ubuntu::
+
+ "startcommand[www]" string => "/etc/init.d/httpd start";
+ "stopcommand[www]" string => "/etc/init.d/httpd stop";
+ "pattern[www]" string => ".*apache2.*";
+
+ "startcommand[mysql]" string => "/etc/init.d/mysql start";
+ "stopcommand[mysql]" string => "/etc/init.d/mysql stop";
+ "pattern[mysql]" string => ".*mysqld.*";
+
+ "startcommand[tomcat]" string => "/etc/init.d/tomcat6 start";
+ "stopcommand[tomcat]" string => "/etc/init.d/tomcat6 stop";
+ "pattern[tomcat]" string => ".*tomcat6.*";
+
+
+
+ # METHODS that implement these ............................................
+
+classes:
+
+ "start" expression => strcmp("start","$(state)"),
+ comment => "Check if to start a service";
+ "stop" expression => strcmp("stop","$(state)"),
+ comment => "Check if to stop a service";
+
+# Do we want to include the packages here too?
+
+processes:
+
+ start::
+
+ "$(pattern[$(service)])"
+
+ comment => "Verify that the service appears in the process table",
+ restart_class => "restart_$(service)";
+
+ stop::
+
+ "$(pattern[$(service)])"
+
+ comment => "Verify that the service does not appear in the process",
+ process_stop => "$(stopcommand[$(service)])",
+ signals => { "term", "kill"};
+
+ commands:
+
+ "$(startcommand[$(service)])"
+
+ comment => "Execute command to restart the $(service) service",
+ ifvarclass => "restart_$(service)";
+
+}
View
13 examples/verticalsysadmin_training_examples/MISC_COPBL_edit_line_insert_lines.cf
@@ -0,0 +1,13 @@
+body common control {
+ inputs => { "/var/cfengine/inputs/cfengine_stdlib.cf" };
+}
+
+
+bundle agent example {
+
+ files:
+ "/etc/motd"
+ create => "true",
+ edit_line => insert_lines("export ORGANIZATION=ACME");
+
+ }
View
9 examples/verticalsysadmin_training_examples/MISC_function_countlinesmatching.cf
@@ -0,0 +1,9 @@
+bundle agent example {
+
+vars:
+ "no" int => countlinesmatching("^cfengine:.*","/etc/group");