Plugins/Cfg

  1. The Cfg Plugin
    1. The Cfg Repository
    2. Group-Specific Files
    3. Host-Specific Files
    4. Info files
    5. info.xml files

The Cfg Plugin

The Cfg plugin provides a repository to describe configuration file contents for clients. In its simplest form, the Cfg repository is just a directory tree modeled off of the directory tree on your client machines.

The Cfg Repository

The Cfg repository is enabled by including Cfg on the generators line of the [server] section of your Bcfg2 server config file. The repository itself lives in /var/lib/bcfg2/Cfg, assuming you are using the default repository location of /var/lib/bcfg2. The contents of this directory are a series of directories corresponding to the real-life locations of the files on your clients, starting at the root level. For example: 

lueningh@tg-prez:~/bcfg2/repository> ls Cfg
bin/  boot/  etc/  opt/  root/  usr/  var/

Specific config files go in like-named directories in this heirarchy. For example the password file, /etc/passwd, goes in Cfg/etc/passwd/passwd, while the ssh pam module config file, /etc/pam.d/sshd, goes in Cfg/etc/pam.d/sshd/sshd. The reason for the like-name directory is to allow multiple versions of each file to exist, as described below. Note that these files are exact copies of what will appear on the client machine - no templates, XML wrappers, etc.

Group-Specific Files

It is often that you want one version of a config file for all of your machines except those in a particular group. For example, /etc/fstab should look alike on all of your desktop machines, but should be different on your file servers. Bcfg can handle this case through use of group-specific files.

As mentioned above, all Cfg entries live in like-named directories at the end of their directory tree. In the case of fstab, the file at Cfg/etc/fstab/fstab will be handed out by default to any client that asks for a copy of /etc/fstab. Group-specific files are located in the same directory and are named with the syntax: 

/path/to/filename/filename.GNN_groupname

in which NN is a priority number where '00' is lowest and '99' is highest, and groupname is the name of a group defined in Metadata/groups.xml. Back to our fstab example, we might have a Cfg/etc/fstab/ directory that looks like: 

fstab
fstab.G50_server
fstab.G99_fileserver

By default, clients will receive the plain fstab file when they request /etc/fstab. Any machine that is in the server group, however, will instead receive the fstab.G50_server file. Finally, any machine that is in the fileserver group will receive the fstab.G99_fileserver file, even if they are also in the server group.

Host-Specific Files

Similar to the case with group-specific files, there are cases where a specific machine should have a different version of a file than all others. This can be accomplished with host-specific files. The format of a host-specific file name is: 

/path/to/filename/filename.H_host.example.com

Host-specific files have a higher priority than group specific files. Again, the fstab example: 

fstab
fstab.G50_server
fstab.G99_fileserver
fstab.H_host.example.com

In this case, host.example.com will always get the host-specific version, even if it is part of the server or fileserver (or both) classes.

Note: If you have the ability to choose between using a group-specific file and a host-specific file, it is almost always best to use a group-specific one. That way if a hostname changes or an extra copy of a particular client is built, it will get the same changes as the original.

Info files

By default, Cfg writes files to the filesystem with owner root, group root, and mode 644 (read and write for owner, read only for group and other). These options, and a few others, can be overridden through use of :info files. Each config file directory can have a :info file if needed. The possible fields in a :info file are:

Field Possible values Description
owner: Any valid user Sets owner of the file. Default: root
group: Any valid user Sets group of the file. Default: root
perms: Numeric file mode Sets the permissions of the file. Default: 0644
encoding: ascii | base64 Encoding of the file. Use base64 for non-ASCII files. Default: ascii
paranoid: yes | no Should a backup be made of the current file before replacement? Default: no

A sample :info file for CGI script on a web server might look like: 

owner: www
group: www
perms: 0755

Back to the fstab example again, our final Cfg/etc/fstab/ directory might look like: 

:info
fstab
fstab.G50_server
fstab.G99_fileserver
fstab.H_host.example.com

info.xml files

This feature is included in version 0.9.5pre3 and newer of the bcfg2 server.

info.xml files add the ability to specify different sets of file metadata on a group by group basis. These files are XML, and work similarly to those used by Rules or Pkgmgr.

The following specifies a different global set of permissions (root/sys/0651) than on clients in group webserver (root/root/0652): 

<FileInfo>
  <Group name='webserver'>
    <Info owner='root' group='root' perms='0652'/>
  </Group>
  <Info owner='root' group='sys' perms='0651'/>
</FileInfo>