<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Decisions — Bcfg2 1.3.0 documentation</title> <link rel="stylesheet" href="../../../_static/default.css" type="text/css" /> <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" /> <script type="text/javascript"> var DOCUMENTATION_OPTIONS = { URL_ROOT: '../../../', VERSION: '1.3.0', COLLAPSE_INDEX: false, FILE_SUFFIX: '.html', HAS_SOURCE: true }; </script> <script type="text/javascript" src="../../../_static/jquery.js"></script> <script type="text/javascript" src="../../../_static/underscore.js"></script> <script type="text/javascript" src="../../../_static/doctools.js"></script> <script type="text/javascript" src="../../../_static/sidebar.js"></script> <link rel="shortcut icon" href="../../../_static/favicon.ico"/> <link rel="top" title="Bcfg2 1.3.0 documentation" href="../../../index.html" /> <link rel="up" title="Plugins" href="../index.html" /> <link rel="next" title="Hostbase" href="hostbase.html" /> <link rel="prev" title="Basic Cheetah Templates" href="examples/cheetah/simple.html" /> <link rel="stylesheet" href="../../../_static/bcfg2.css" type=""/> </head> <body> <div style="text-align: left; padding: 10px 10px 15px 15px"> <a href="../../../index.html"><img src="../../../_static/bcfg2_logo.png" border="0" alt="sampledoc"/></a> </div> <div class="related"> <h3>Navigation</h3> <ul> <li class="right" style="margin-right: 10px"> <a href="../../../genindex.html" title="General Index" accesskey="I">index</a></li> <li class="right" > <a href="../../../py-modindex.html" title="Python Module Index" >modules</a> |</li> <li class="right" > <a href="hostbase.html" title="Hostbase" accesskey="N">next</a> |</li> <li class="right" > <a href="examples/cheetah/simple.html" title="Basic Cheetah Templates" accesskey="P">previous</a> |</li> <li><a href="../../../index.html">home</a> | </li> <!--<li><a href="../../../search.html">search</a> | </li>--> <li><a href="../../../help/index.html">help</a> | </li> <li><a href="../../../contents.html">documentation </a> »</li> <li><a href="../../../contents.html" >Bcfg2 documentation 1.3.0</a> »</li> <li><a href="../../index.html" >The Bcfg2 Server</a> »</li> <li><a href="../index.html" accesskey="U">Plugins</a> »</li> </ul> </div> <div class="document"> <div class="documentwrapper"> <div class="bodywrapper"> <div class="body"> <div class="section" id="decisions"> <span id="server-plugins-generators-decisions"></span><h1>Decisions<a class="headerlink" href="#decisions" title="Permalink to this headline">¶</a></h1> <p>This page describes the Decisions plugin. The client has support for a centralized set of per-entry installation decisions. This approach is needed when particular changes are deemed “high risk”; this gives the ability to centrally specify these changes, but only install them on clients when administrator supervision is available. Because collaborative configuration is one of the remaining hard issues in configuration management, these issues typically crop up in environments with several administrators and much configuration variety.</p> <p>In these cases, the client can be configured to run in either a whitelist or blacklist mode, wherein a list of entries is downloaded from the server. The client uses this list to determine which incorrect entries should be corrected during the current run of the installation tool. The Decisions plugin is the only stock plugin that generates entries for client’s whitelists or blacklists.</p> <div class="admonition note"> <p class="first admonition-title">Note</p> <p class="last">If the client is not explicitly configured to run in whitelist or blacklist mode, the list of entries is not downloaded and decisions is not used. See <a class="reference internal" href="#decision-mode">Decision Mode</a> below.</p> </div> <p>The Decisions plugin uses a directory in the Bcfg2 repository called Decisions. Files in the Decisions subdirectory are named similarly to files managed by Cfg and Probes, so you can use host- and group-specific files and the like after their basename. File basenames are either <tt class="docutils literal"><span class="pre">whitelist</span></tt> or <tt class="docutils literal"><span class="pre">blacklist</span></tt>. These files have a simple format; the following is an example.</p> <div class="highlight-xml"><div class="highlight"><pre>$ cat Decisions/whitelist <span class="nt"><Decisions></span> <span class="nt"><Decision</span> <span class="na">type=</span><span class="s">'Service'</span> <span class="na">name=</span><span class="s">'*'</span><span class="nt">/></span> <span class="nt"><Decision</span> <span class="na">type=</span><span class="s">'Path'</span> <span class="na">name=</span><span class="s">'/etc/apt/apt.conf'</span><span class="nt">/></span> <span class="nt"></Decisions></span> </pre></div> </div> <p>This example, included as a whitelist due to its name, enables all services, and the path entry named <tt class="docutils literal"><span class="pre">/etc/apt/apt.conf</span></tt>. All these entries must already be present in your repository, the Decisions plugin just references them. In whitelist mode, only the given items are applied to the client; all other entry installation will be surpressed.</p> <p>In blacklist mode, every entry that is not blacklisted will be installed.</p> <p>When a client asks for its whitelist or blacklist, all of the files pertaining to that client of the correct type are aggregated into a single list. This list is sent to the client.</p> <div class="admonition note"> <p class="first admonition-title">Note</p> <p class="last">Using this plugin does not present additional prompts or safety nets to the administrator running the client, you have to control these via their respective options (<tt class="docutils literal"><span class="pre">-I</span></tt> or <tt class="docutils literal"><span class="pre">-n</span></tt>, for example).</p> </div> <p>To add syntax highlighting to Decisions files in vim and emacs, you can add comments such as this:</p> <div class="highlight-python"><pre><Decisions><!--*- mode: xml; -*--> <!-- vim: set ft=xml : --></pre> </div> <div class="section" id="decision-mode"> <h2>Decision Mode<a class="headerlink" href="#decision-mode" title="Permalink to this headline">¶</a></h2> <p>The whitelist or blacklist is only generated when a client is run in whitelist or blacklist mode. This can either be set at the command line with the appropriate option (<tt class="docutils literal"><span class="pre">-l</span> <span class="pre">(whitelist|blacklist)</span></tt>), or in <tt class="docutils literal"><span class="pre">bcfg2.conf</span></tt> by setting <tt class="docutils literal"><span class="pre">decision</span></tt> in the <tt class="docutils literal"><span class="pre">client</span></tt> section to <tt class="docutils literal"><span class="pre">whitelist</span></tt> or <tt class="docutils literal"><span class="pre">blacklist</span></tt>).</p> <p>Client behavior is not controlled unless the decision mode is set. If you do not use Decisions, all your entries will be installed normally.</p> </div> </div> </div> </div> </div> <div class="sphinxsidebar"> <div class="sphinxsidebarwrapper"> <h3><a href="../../../index.html">Table Of Contents</a></h3> <ul> <li><a class="reference internal" href="#">Decisions</a><ul> <li><a class="reference internal" href="#decision-mode">Decision Mode</a></li> </ul> </li> </ul> <h4>Previous topic</h4> <p class="topless"><a href="examples/cheetah/simple.html" title="previous chapter">Basic Cheetah Templates</a></p> <h4>Next topic</h4> <p class="topless"><a href="hostbase.html" title="next chapter">Hostbase</a></p> <h3>This Page</h3> <ul class="this-page-menu"> <li><a href="../../../_sources/server/plugins/generators/decisions.txt" rel="nofollow">Show Source</a></li> </ul> <div id="searchbox" style="display: none"> <h3>Quick search</h3> <form class="search" action="../../../search.html" method="get"> <input type="text" name="q" /> <input type="submit" value="Go" /> <input type="hidden" name="check_keywords" value="yes" /> <input type="hidden" name="area" value="default" /> </form> <p class="searchtip" style="font-size: 90%"> Enter search terms or a module, class or function name. </p> </div> <script type="text/javascript">$('#searchbox').show(0);</script> </div> </div> <div class="clearer"></div> </div> <div class="related"> <h3>Navigation</h3> <ul> <li class="right" style="margin-right: 10px"> <a href="../../../genindex.html" title="General Index" >index</a></li> <li class="right" > <a href="../../../py-modindex.html" title="Python Module Index" >modules</a> |</li> <li class="right" > <a href="hostbase.html" title="Hostbase" >next</a> |</li> <li class="right" > <a href="examples/cheetah/simple.html" title="Basic Cheetah Templates" >previous</a> |</li> <li><a href="../../../index.html">home</a> | </li> <!--<li><a href="../../../search.html">search</a> | </li>--> <li><a href="../../../help/index.html">help</a> | </li> <li><a href="../../../contents.html">documentation </a> »</li> <li><a href="../../../contents.html" >Bcfg2 documentation 1.3.0</a> »</li> <li><a href="../../index.html" >The Bcfg2 Server</a> »</li> <li><a href="../index.html" >Plugins</a> »</li> </ul> </div> <div class="footer"> © Copyright 2009-2013, Narayan Desai. Last updated on Mar 20, 2013. Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3. </div> </body> </html>