cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
openbsd-ports/sysutils/cfengine/pkg
History
naddy 2b3700e37e drop RCS Ids
2022-03-11 19:57:10 +00:00
..
cf_execd.rc
drop RCS Ids
2022-03-11 19:57:10 +00:00
cf_monitord.rc
drop RCS Ids
2022-03-11 19:57:10 +00:00
cf_serverd.rc
drop RCS Ids
2022-03-11 19:57:10 +00:00
cfengine.rc
drop RCS Ids
2022-03-11 19:57:10 +00:00
DESCR
PLIST
drop RCS Ids
2022-03-11 19:57:10 +00:00
README
drop RCS Ids
2022-03-11 19:57:10 +00:00

README 

+-----------------------------------------------------------------------
| Running ${PKGSTEM} on OpenBSD
+-----------------------------------------------------------------------

This is a brief quick-start guide. For more information, see the
documentation:

	https://cfengine.com/manuals/cf3-tutorial
	https://cfengine.com/manuals/cf3-reference
	https://cfengine.com/manuals/cf3-quickstart

Configuring a policy hub
========================
To setup a policy hub (cfengine "server"), or to setup a stand-alone
machine fetching policy from itself, perform the following steps as root.

Create a key-pair, necessary directories, and copy the sample configuration:

    # cf-key
    # cp -pR ${LOCALBASE}/share/examples/cfengine/CoreBase/* \
        /var/cfengine/masterfiles/

Edit the files you have just copied as appropriate. You will certainly
need to change the domain and probably acl here:

    # $EDITOR /var/cfengine/masterfiles/def.cf

Bootstrap the server, using its own IP address:

    # cf-agent --bootstrap --policy-server <own IP>

To start the services at boot, add "cf_serverd cfengine" to the pkg_scripts
line in /etc/rc.conf.local.

Configuring client machines
===========================
To setup a client, fetching policy from a hub configured as above,
perform the following steps as root.

Create a key-pair and necessary directories:

    # cf-key

Bootstrap the client:

    # cf-agent --bootstrap --policy-server <hub IP>

For normal operation, cf-execd(8) and cf-monitord(8) should be running -
to configure this at boot, add "cfengine" to the pkg_scripts line in
/etc/rc.conf.local.

Resource limits
===============
If cf-report(8) fails with a "Too many open files" message, raise your
resource limits. This can be done temporarily in your shell (in ksh(1)
you might use "ulimit -n 256"). For a more permanent change, increase
the openfiles limits for your user's class in /etc/login.conf; this
takes effect at login.

Notable changes from cfengine community packages
================================================
The standard packages from cfengine.com have their programs
dynamically-linked to libraries in /var/cfengine/lib, but the OpenBSD
packages are dynamically-linked to libraries in ${LOCALBASE}. As a
result, some of the self-repair functionality is not available.

As per package(5) standards, the program files are installed under
${LOCALBASE}/sbin; courtesy symlinks are provided in /var/cfengine/bin
for compatibility with standard documentation.