The sysutils/cfengine port
cfengine-3.7.2p5 – GNU system administration tool for networks (cvsweb github mirror)
Description
Cfengine3 is an autonomous agent and a middle to high level policy language for building expert systems which administrate and configure large computer networks. Cfengine3 uses the idea of classes and a primitive intelligence to define and automate the configuration and maintenance of system state, for small to huge configurations.WWW: https://cfengine.com/
Readme
+-----------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-----------------------------------------------------------------------
This is a brief quick-start guide. For more information, see the
documentation:
https://cfengine.com/manuals/cf3-tutorial
https://cfengine.com/manuals/cf3-reference
https://cfengine.com/manuals/cf3-quickstart
Configuring a policy hub
========================
To setup a policy hub (cfengine "server"), or to setup a stand-alone
machine fetching policy from itself, perform the following steps as root.
Create a key-pair, necessary directories, and copy the sample configuration:
# cf-key
# cp -pR ${LOCALBASE}/share/examples/cfengine/CoreBase/* \
/var/cfengine/masterfiles/
Edit the files you have just copied as appropriate. You will certainly
need to change the domain and probably acl here:
# $EDITOR /var/cfengine/masterfiles/def.cf
Bootstrap the server, using its own IP address:
# cf-agent --bootstrap --policy-server
To start the services at boot, add "cf_serverd cfengine" to the pkg_scripts
line in /etc/rc.conf.local.
Configuring client machines
===========================
To setup a client, fetching policy from a hub configured as above,
perform the following steps as root.
Create a key-pair and necessary directories:
# cf-key
Bootstrap the client:
# cf-agent --bootstrap --policy-server
For normal operation, cf-execd(8) and cf-monitord(8) should be running -
to configure this at boot, add "cfengine" to the pkg_scripts line in
/etc/rc.conf.local.
Resource limits
===============
If cf-report(8) fails with a "Too many open files" message, raise your
resource limits. This can be done temporarily in your shell (in ksh(1)
you might use "ulimit -n 256"). For a more permanent change, increase
the openfiles limits for your user's class in /etc/login.conf; this
takes effect at login.
Notable changes from cfengine community packages
================================================
The standard packages from cfengine.com have their programs
dynamically-linked to libraries in /var/cfengine/lib, but the OpenBSD
packages are dynamically-linked to libraries in ${LOCALBASE}. As a
result, some of the self-repair functionality is not available.
As per package(5) standards, the program files are installed under
${LOCALBASE}/sbin; courtesy symlinks are provided in /var/cfengine/bin
for compatibility with standard documentation.
Maintainer
The OpenBSD ports mailing-list
Broken
pkg_add fails: problem with symlinks