[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: cfengine, debconf and ldap
From: |
Steve Wray |
Subject: |
Re: cfengine, debconf and ldap |
Date: |
Mon, 05 Dec 2005 11:44:22 +1300 |
User-agent: |
Debian Thunderbird 1.0.2 (X11/20051002) |
Matthew Palmer wrote:
On Mon, Dec 05, 2005 at 09:07:42AM +1300, Steve Wray wrote:
Matthew Palmer wrote:
[snip]
Some degree of debconf preseeding is necessary to make the installer quiet,
but practically speaking that's no different to Kickstart config files.
and help to get the initial install of a package to be sane.
Define "sane". Unless you can get the config exactly as you need using the
Debconf questions (not a common experience) you need to copy/editfiles your
way to where you want to be anyway.
Actually I often find that packages will have debconf entries that none
of their maintainer scripts use.
Alternatively, there may be config things you want to do that arn't
covered by the maintainer script.
Or even cases where the maintainer scripts will totally ignore debconf
if there is existing configuration file content.
In these cases, its well worth producing a 'wrapper' package which
depends on the base debian package and which does its own thing with
debconf.
For example, the cfengine bootstrapping problem; I have a cfengine-local
package which contains my base cfengine starter pack.
apt-get install cfengine-local gets it ready for its first cfengine update.
Its actually relatively easy to do this sort of thing, though you
wouldn't think so from reading Debians own documentation...
[snip]
I disagree... copy is fine but editfiles, for anything non-trivial is
not so good.
So only use editfiles for the trivial things then... <grin>
The set of trivial things for editfiles to do turns out to be pretty small!
With editfiles, you are left gesticulating at the editfile stanza and
saying something like 'if the sshd_config was like it was supposed to
have been then when this editfiles ran it should have changed it in
*this* way'
[snip]
Ayup, keeping everything under revision control is great. I'm a bit up in
the air about when to editfiles and when to copy. I can espouse at length
about my varying opinions, if you need to get to sleep sometime, and I'm
sure that anyone who's maintaining a cfengine infrastructure will know all
of the ideas already.
I seem to recall some mailing list posting to the effect 'editfiles
considered harmful' oh yeah here we go:
http://cfwiki.org/cfwiki/index.php/Editfiles_Considered_Harmful
I have to say, I totally agree with the majority of this article!
Wouldn't mind hearing your espousals (off list) I am sure theres some
insight to be gained there!
There are a bunch of things that can be aggregated with copy and
editfiles. For example the /etc/apt/sources.list file can be kept in
fragments with seperate stanzas for woody and sarge boxes, some boxes
may be in classes that require some particular backport, some may want
some external apt source (eg midgard).
These things can be stored seperately on the server and then copied over
(with singlecopy) and then catted together and dropped into place.
No real need for editfiles on flat format files like that. The icky
stuff happens when you use editfiles to manipulate multi-line config
file entries... then I am taken back to the days of getting headaches
trying to use the MS-DOS 'ed' command...
--
There is nothing more important to good government than good education.
- cfengine, debconf and ldap, Steve Wray, 2005/12/01
- Re: cfengine, debconf and ldap, Brendan Strejcek, 2005/12/02
- Re: cfengine, debconf and ldap, Matthew Palmer, 2005/12/02
- Re: cfengine, debconf and ldap, Adrian Phillips, 2005/12/03
- Re: cfengine, debconf and ldap, Steve Wray, 2005/12/04
- Re: cfengine, debconf and ldap, Matthew Palmer, 2005/12/04
- Re: cfengine, debconf and ldap,
Steve Wray <=
- Re: cfengine, debconf and ldap [now editfiles], Brendan Strejcek, 2005/12/04
- Re: cfengine, debconf and ldap, Matthew Palmer, 2005/12/04
Re: cfengine, debconf and ldap, Brendan Strejcek, 2005/12/02