1. Cfengine 2 Basics Understanding the components of a cfengine implementation.
2. What isn’t cfengine? An OS deployment system (Jumpstart, Kickstart, ignite, NIM) A software repository (yum,apt,depot,yast) A one-shot script executor (although it can be used as such)
3. What is cfengine….exactly? Cfengine can be a component of a “virtual immune system” but it most often referred to as configuration management. Cfengine’s methodology could best be described as “make it so and keep it so”. Cfengine can act as a universal tripwire. Cfengine is a framework that operates based on what is defined as a healthy state.
4. Where can one use Cfengine? Any Linux AIX HPUX Solaris Cygwin Just about anything unix-like with a compiler and berkeleyDBand openssl.
5. 3 major components of a cfengine implementation Version Control Internals Commands
10. Cfengine Internals cfexecd Can be daemon for controlling cfengine execution. Most often used as a cron wrapper with the –F option. */5 * * * * /var/cfengine/sbin/cfexecd –F
11. Cfengine Internals cfenvd client-side environment daemon gathers information about the host and adds the host to certain classes e.g. linux or compiled_on_cygwin these classes determine which sets of work get executed on the host.
29. Cfengine Commands/Syntaxes This matches all production hosts that are linux and solaris but not hpux. This extends the cfagent.conf to other files. control: actionsequence = (files ) domain = ( example.net ) timezone = ( PST ) files: prod!hpux:: /etc/passwd mode=644 owner=root action=fixall /etc/shadow mode=600 owner=root action=fixall import: any:: groups.cf copy.cf