Created: 2014-05-19 13:56
Updated: 2014-09-09 18:34

Cfengine module:tools

module:tools is a Cfengine 2.x module that generates a Cfengine policy file called for updating software packages compiled and installed from source. It is based on the software depot scheme described in The Practice of System and Network Administration by Thomas A. Limoncelli and Christine Hogan.

The module takes a colon-separated list of package directories as an argument (to work around argument limits in Cfengine), and generates a Cfengine rules file that can be imported into your existing policy. The rules specify how to update the package files from a master server and create the necessary symlinks. There are also rules to simply check that the listed packages are installed and generate warnings if any are not found. Define the Check and/or Update classes to decide what actions are taken.


The Cfengine rules required to incorporate this module and the resulting rule file are:

    AllowRedefinitionOf = ( tools )
    workdir = ( /var/cfengine )
    moduledirectory = ( $(workdir)/modules )
    pkginstall = ( $(workdir)/inputs/cf.pkgsinstall )
    depot = ( /tools )    # location for all s/w
    mainserver = ( fileserver )    # master software server
    PolicyServer = ( name of Cfengine master policy host )
        Check = ( any )    # check packages on all hosts daily
        Update = ( hosts to update weekly )
        pkgcfexists = ( IsPlain($\{pkginstall\}) )    # exclude policy server
    # define package lists for each group of hosts
    # (example)
        tools = ( "openssh-4.0p1:openssl-0.9.7e:grep-2.4.2" )    # common
        tools = ( "$(tools):samba-3.4" )
        tools = ( "$(tools):gcc-3.4:make-3.79" )
    # create toolsinstall rules
        actionsequence = ( "module:tools $(tools)" )

module:tools relies on Graft or a similar symbolic link managing utility.

For more information, see my blog


This is legacy code made available for reference purposes only.

Cookies help us deliver our services. By using our services, you agree to our use of cookies Learn more