Home

The sysutils/cfengine port

cfengine-3.7.2p5 – GNU system administration tool for networks (cvsweb github mirror)

Description

Cfengine3 is an autonomous agent and a middle to high level policy
language for building expert systems which administrate and configure
large computer networks.  Cfengine3 uses the idea of classes and a
primitive intelligence to define and automate the configuration and
maintenance of system state, for small to huge configurations.
WWW: https://cfengine.com/

Readme

+-----------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-----------------------------------------------------------------------

This is a brief quick-start guide. For more information, see the
documentation:

	https://cfengine.com/manuals/cf3-tutorial
	https://cfengine.com/manuals/cf3-reference
	https://cfengine.com/manuals/cf3-quickstart

Configuring a policy hub
========================
To setup a policy hub (cfengine "server"), or to setup a stand-alone
machine fetching policy from itself, perform the following steps as root.

Create a key-pair, necessary directories, and copy the sample configuration:

    # cf-key
    # cp -pR ${LOCALBASE}/share/examples/cfengine/CoreBase/* \
        /var/cfengine/masterfiles/

Edit the files you have just copied as appropriate. You will certainly
need to change the domain and probably acl here:

    # $EDITOR /var/cfengine/masterfiles/def.cf

Bootstrap the server, using its own IP address:

    # cf-agent --bootstrap --policy-server 

To start the services at boot, add "cf_serverd cfengine" to the pkg_scripts
line in /etc/rc.conf.local.

Configuring client machines
===========================
To setup a client, fetching policy from a hub configured as above,
perform the following steps as root.

Create a key-pair and necessary directories:

    # cf-key

Bootstrap the client:

    # cf-agent --bootstrap --policy-server 

For normal operation, cf-execd(8) and cf-monitord(8) should be running -
to configure this at boot, add "cfengine" to the pkg_scripts line in
/etc/rc.conf.local.

Resource limits
===============
If cf-report(8) fails with a "Too many open files" message, raise your
resource limits. This can be done temporarily in your shell (in ksh(1)
you might use "ulimit -n 256"). For a more permanent change, increase
the openfiles limits for your user's class in /etc/login.conf; this
takes effect at login.

Notable changes from cfengine community packages
================================================
The standard packages from cfengine.com have their programs
dynamically-linked to libraries in /var/cfengine/lib, but the OpenBSD
packages are dynamically-linked to libraries in ${LOCALBASE}. As a
result, some of the self-repair functionality is not available.

As per package(5) standards, the program files are installed under
${LOCALBASE}/sbin; courtesy symlinks are provided in /var/cfengine/bin
for compatibility with standard documentation.

Maintainer

The OpenBSD ports mailing-list

Broken

pkg_add fails: problem with symlinks

Categories

sysutils

Library dependencies

Build dependencies

Files

Search