<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">


<html xmlns="http://www.w3.org/1999/xhtml">
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
    
    <title>Rules &mdash; Bcfg2 1.3.0 documentation</title>
    
    <link rel="stylesheet" href="../../../_static/default.css" type="text/css" />
    <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
    
    <script type="text/javascript">
      var DOCUMENTATION_OPTIONS = {
        URL_ROOT:    '../../../',
        VERSION:     '1.3.0',
        COLLAPSE_INDEX: false,
        FILE_SUFFIX: '.html',
        HAS_SOURCE:  true
      };
    </script>
    <script type="text/javascript" src="../../../_static/jquery.js"></script>
    <script type="text/javascript" src="../../../_static/underscore.js"></script>
    <script type="text/javascript" src="../../../_static/doctools.js"></script>
    <script type="text/javascript" src="../../../_static/sidebar.js"></script>
    <link rel="shortcut icon" href="../../../_static/favicon.ico"/>
    <link rel="top" title="Bcfg2 1.3.0 documentation" href="../../../index.html" />
    <link rel="up" title="Plugins" href="../index.html" />
    <link rel="next" title="SEModules" href="semodules.html" />
    <link rel="prev" title="Pkgmgr" href="pkgmgr.html" />
 
<link rel="stylesheet" href="../../../_static/bcfg2.css" type=""/>

  </head>
  <body>

<div style="text-align: left; padding: 10px 10px 15px 15px">
<a href="../../../index.html"><img src="../../../_static/bcfg2_logo.png" border="0" alt="sampledoc"/></a>
</div>

    <div class="related">
      <h3>Navigation</h3>
      <ul>
        <li class="right" style="margin-right: 10px">
          <a href="../../../genindex.html" title="General Index"
             accesskey="I">index</a></li>
        <li class="right" >
          <a href="../../../py-modindex.html" title="Python Module Index"
             >modules</a> |</li>
        <li class="right" >
          <a href="semodules.html" title="SEModules"
             accesskey="N">next</a> |</li>
        <li class="right" >
          <a href="pkgmgr.html" title="Pkgmgr"
             accesskey="P">previous</a> |</li>
	<li><a href="../../../index.html">home</a> |&nbsp;</li>
	<!--<li><a href="../../../search.html">search</a> |&nbsp;</li>-->
	<li><a href="../../../help/index.html">help</a> |&nbsp;</li>
	<li><a href="../../../contents.html">documentation </a> &raquo;</li>

          <li><a href="../../../contents.html" >Bcfg2 documentation 1.3.0</a> &raquo;</li>
          <li><a href="../../index.html" >The Bcfg2 Server</a> &raquo;</li>
          <li><a href="../index.html" accesskey="U">Plugins</a> &raquo;</li> 
      </ul>
    </div>
  

    <div class="document">
      <div class="documentwrapper">
        <div class="bodywrapper">
          <div class="body">
            
  <div class="section" id="rules">
<span id="server-plugins-generators-rules"></span><h1>Rules<a class="headerlink" href="#rules" title="Permalink to this headline">¶</a></h1>
<p>The Rules plugin resolves the following Abstract Configuration Entities:</p>
<ul class="simple">
<li>Service</li>
<li>Package</li>
<li>Path</li>
<li>Action</li>
<li>All SELinux entries</li>
<li>POSIXUser</li>
<li>POSIXGroup</li>
</ul>
<p>to literal configuration entries suitable for the client drivers to
consume.</p>
<p>For an entity specification to be included in the Literal configuration
the name attribute from an Abstract Entity Tag (from Base or Bundler)
must match the name attribute of an Entity tag in Rules, along with the
appropriate group associations of course.</p>
<p>Each file in the Rules directory has a priority. This allows the same
Entities to be served by multiple files. The priorities can be used to
break ties in the case that multiple files serve data for the same Entity.</p>
<div class="section" id="usage-of-groups-in-rules">
<h2>Usage of Groups in Rules<a class="headerlink" href="#usage-of-groups-in-rules" title="Permalink to this headline">¶</a></h2>
<p>Groups are used by the Rules plugin, along with host metadata, for
selecting the Configuration Entity entries to include in the clients
literal configuration. They can be thought of as:</p>
<div class="highlight-python"><pre>if client is a member of group1 then
    assign to literal config</pre>
</div>
<p>Nested groups are conjunctive (logical and).:</p>
<div class="highlight-python"><pre>if client is a member of group1 and group2 then
    assign to literal config</pre>
</div>
<p>Group membership may be negated.</p>
</div>
<div class="section" id="tag-attributes-in-rules">
<h2>Tag Attributes in Rules<a class="headerlink" href="#tag-attributes-in-rules" title="Permalink to this headline">¶</a></h2>
<p>Running <tt class="docutils literal"><span class="pre">bcfg2-lint</span></tt> will check your configuration specification for
the presence of any mandatory attributes that are necessary for the
entry specified.</p>
<div class="section" id="rules-tag">
<h3>Rules Tag<a class="headerlink" href="#rules-tag" title="Permalink to this headline">¶</a></h3>
<dl class="element" id="element:Rules">
<dt id="element:Rules">
<!--[element:Rules]--><em>element</em> <strong>Rules</strong><a class="headerlink" href="#element:Rules" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>The top-level tag for concrete descriptions of entries in
<a class="reference internal" href="#server-plugins-generators-rules"><em>Rules</em></a>.</div></blockquote>
<dl class="last docutils" id="complexType:Rules">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:Rules:priority"></span><tt class="docutils literal"><span class="pre">priority</span></tt></td>
<td><blockquote class="first last">
<div>Sets the priority for rules in this file for
<a class="reference internal" href="#server-plugins-generators-rules"><em>Rules</em></a>.  The higher value
wins.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#integer"><tt class="docutils literal"><span class="pre">integer</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
<dt>Element groups:</dt>
<dd><li class="first last"><tt class="docutils literal"><span class="pre">rulesElements</span></tt></li>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="package-tag">
<h3>Package Tag<a class="headerlink" href="#package-tag" title="Permalink to this headline">¶</a></h3>
<dl class="complexType" id="complexType:PackageType">
<dt id="complexType:PackageType">
<!--[complexType:PackageType]--><em>complexType</em> <strong>PackageType</strong><a class="headerlink" href="#complexType:PackageType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div><p>Concrete specification of a package to be installed.  A
package can be specified in one of two ways:</p>
<ul class="simple">
<li>A single Package tag that lists all of the attributes for
the single instance of the package that should be installed.</li>
<li>A Package tag with any number of <a class="reference internal" href="#element:Instance"><tt class="xref xml xml-element docutils literal"><span class="pre">Instance</span></tt></a>
children, each of which lists the attributes of an instance
of the package that should be installed.  In this case, the
Package tag should only have
<a class="reference internal" href="#attribute:PackageType:name"><tt class="xref xml xml-attribute docutils literal"><span class="pre">name</span></tt></a> and
<a class="reference internal" href="#attribute:PackageType:type"><tt class="xref xml xml-attribute docutils literal"><span class="pre">type</span></tt></a>.</li>
</ul>
<p>Note that many of the attributes listed below are specific to
one or a few package drivers.</p>
</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:PackageType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>Package name.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PackageType:type"></span><tt class="docutils literal"><span class="pre">type</span></tt></td>
<td><blockquote class="first last">
<div>The package type, which determines which client driver will
handle installation of this package.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">apk</span></tt> | <tt class="docutils literal"><span class="pre">ips</span></tt> | <tt class="docutils literal"><span class="pre">macport</span></tt> | <tt class="docutils literal"><span class="pre">opencsw</span></tt> | <tt class="docutils literal"><span class="pre">pacman</span></tt> | <tt class="docutils literal"><span class="pre">deb</span></tt> | <tt class="docutils literal"><span class="pre">rpm</span></tt> | <tt class="docutils literal"><span class="pre">blast</span></tt> | <tt class="docutils literal"><span class="pre">encap</span></tt> | <tt class="docutils literal"><span class="pre">sysv</span></tt> | <tt class="docutils literal"><span class="pre">ebuild</span></tt> | <tt class="docutils literal"><span class="pre">yum</span></tt> | <tt class="docutils literal"><span class="pre">freebsdpkg</span></tt></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PackageType:arch"></span><tt class="docutils literal"><span class="pre">arch</span></tt></td>
<td><blockquote class="first last">
<div>The architecture of the package to be installed.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PackageType:bname"></span><tt class="docutils literal"><span class="pre">bname</span></tt></td>
<td><blockquote class="first last">
<div>The name of the package for installing (as opposed to the
name when verifying) with the Blast and OpenCSW drivers.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PackageType:file"></span><tt class="docutils literal"><span class="pre">file</span></tt></td>
<td><blockquote class="first last">
<div>Package file name.  Several other attributes (name, version)
can be automatically defined based on regular expressions
defined in the <a class="reference internal" href="pkgmgr.html#server-plugins-generators-pkgmgr"><em>Pkgmgr</em></a>
plugin, which is the only plugin with which this is useful.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PackageType:multiarch"></span><tt class="docutils literal"><span class="pre">multiarch</span></tt></td>
<td><blockquote class="first last">
<div>Comma-separated list of architectures of this package that
should be installed.  This is only used by the
<a class="reference internal" href="pkgmgr.html#server-plugins-generators-pkgmgr"><em>Pkgmgr</em></a> plugin.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PackageType:pkg_checks"></span><tt class="docutils literal"><span class="pre">pkg_checks</span></tt></td>
<td><blockquote class="first last">
<div>Whether or not to perform basic package checks (version,
release, etc.) on this package with the <a class="reference internal" href="../../../client/tools/yum.html#client-tools-yum"><em>YUM, YUM24, or
RPM</em></a> driver.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PackageType:pkg_verify"></span><tt class="docutils literal"><span class="pre">pkg_verify</span></tt></td>
<td><blockquote class="first last">
<div>Whether or not to perform full package verification (file
integrity, etc.) on this package with the <a class="reference internal" href="../../../client/tools/yum.html#client-tools-yum"><em>YUM, YUM24,
or RPM</em></a> driver.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">true</span></tt></td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PackageType:release"></span><tt class="docutils literal"><span class="pre">release</span></tt></td>
<td><blockquote class="first last">
<div>The release of the package to be installed.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PackageType:simplefile"></span><tt class="docutils literal"><span class="pre">simplefile</span></tt></td>
<td><blockquote class="first last">
<div>Package file name. No name parsing is performed, so no extra
fields get set.  This is only used for some edge cases with
<a class="reference internal" href="pkgmgr.html#server-plugins-generators-pkgmgr"><em>Pkgmgr</em></a>.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PackageType:srcs"></span><tt class="docutils literal"><span class="pre">srcs</span></tt></td>
<td><blockquote class="first last">
<div>Filename creation rules for multiarch packages. This is only
used by the <a class="reference internal" href="pkgmgr.html#server-plugins-generators-pkgmgr"><em>Pkgmgr</em></a> plugin.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PackageType:verify"></span><tt class="docutils literal"><span class="pre">verify</span></tt></td>
<td><blockquote class="first last">
<div>Whether or not to perform package verification.  This is not
supported by the <a class="reference internal" href="../../../client/tools/yum.html#client-tools-yum"><em>YUM</em></a> driver.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">false</span></tt></td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PackageType:verify_flags"></span><tt class="docutils literal"><span class="pre">verify_flags</span></tt></td>
<td><blockquote class="first last">
<div>Flags to pass to the package verification routines of the
<a class="reference internal" href="../../../client/tools/yum.html#client-tools-yum"><em>YUM, YUM24, or RPM</em></a> driver.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PackageType:version"></span><tt class="docutils literal"><span class="pre">version</span></tt></td>
<td><blockquote class="first last">
<div><p>The version of the package to be installed. This should
<em>only</em> be the version, i.e., not the release. Release should
be specified in <a class="reference internal" href="#attribute:PackageType:release"><tt class="xref xml xml-attribute docutils literal"><span class="pre">release</span></tt></a>, and it
is an error to append the release to this.</p>
<p>This can also be one of two &#8220;special&#8221; values:</p>
<ul class="simple">
<li><tt class="docutils literal"><span class="pre">auto</span></tt> will select the newest version of the package
available.</li>
<li><tt class="docutils literal"><span class="pre">any</span></tt> will select any version of the package, and can be
used to ensure that a package is installed without
requiring any particular version.</li>
</ul>
</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
<dt>Child elements:</dt>
<dd><ul class="first last">
<li><dl class="element" id="element:Instance">
<dt id="element:Instance">
<!--[element:Instance]--><em>element</em> <strong>Instance</strong><a class="headerlink" href="#element:Instance" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div><p>An Instance element describes a single instance of a
package that may have several different versions, arches,
etc., installed at once.</p>
</div></blockquote>
<dl class="last docutils" id="complexType:Instance">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head"><p class="first last">Name</p>
</th>
<th class="head"><p class="first last">Description</p>
</th>
<th class="head"><p class="first last">Values</p>
</th>
<th class="head"><p class="first last">Required</p>
</th>
<th class="head"><p class="first last">Default</p>
</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><p class="first last"><span class="target" id="attribute:Instance:arch"></span><tt class="docutils literal"><span class="pre">arch</span></tt></p>
</td>
<td><blockquote class="first last">
<div><p>The architecture of the package to be installed.</p>
</div></blockquote>
</td>
<td><p class="first last"><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></p>
</td>
<td><p class="first last">No</p>
</td>
<td><p class="first last">None</p>
</td>
</tr>
<tr class="row-odd"><td><p class="first last"><span class="target" id="attribute:Instance:epoch"></span><tt class="docutils literal"><span class="pre">epoch</span></tt></p>
</td>
<td><blockquote class="first last">
<div><p>The epoch of the package to be installed.</p>
</div></blockquote>
</td>
<td><p class="first last"><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#integer"><tt class="docutils literal"><span class="pre">integer</span></tt></a></p>
</td>
<td><p class="first last">No</p>
</td>
<td><p class="first last">None</p>
</td>
</tr>
<tr class="row-even"><td><p class="first last"><span class="target" id="attribute:Instance:installed_action"></span><tt class="docutils literal"><span class="pre">installed_action</span></tt></p>
</td>
<td><blockquote class="first last">
<div><p>If this is set to any value other than &#8220;install&#8221;,
package installation will be suppressed with the
<a class="reference internal" href="../../../client/tools/yum.html#client-tools-yum"><em>YUM24 and RPM</em></a> drivers.</p>
</div></blockquote>
</td>
<td><p class="first last"><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></p>
</td>
<td><p class="first last">No</p>
</td>
<td><tt class="first last docutils literal"><span class="pre">install</span></tt></td>
</tr>
<tr class="row-odd"><td><p class="first last"><span class="target" id="attribute:Instance:pkg_verify"></span><tt class="docutils literal"><span class="pre">pkg_verify</span></tt></p>
</td>
<td><blockquote class="first last">
<div><p>Whether or not to perform full package verification (file
integrity, etc.) on this package with the <a class="reference internal" href="../../../client/tools/yum.html#client-tools-yum"><em>YUM, YUM24,
or RPM</em></a> driver.</p>
</div></blockquote>
</td>
<td><p class="first last"><p><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></p>
</p>
</td>
<td><p class="first last">No</p>
</td>
<td><p class="first last">None</p>
</td>
</tr>
<tr class="row-even"><td><p class="first last"><span class="target" id="attribute:Instance:release"></span><tt class="docutils literal"><span class="pre">release</span></tt></p>
</td>
<td><blockquote class="first last">
<div><p>The release of the package to be installed.</p>
</div></blockquote>
</td>
<td><p class="first last"><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></p>
</td>
<td><p class="first last">No</p>
</td>
<td><p class="first last">None</p>
</td>
</tr>
<tr class="row-odd"><td><p class="first last"><span class="target" id="attribute:Instance:simplefile"></span><tt class="docutils literal"><span class="pre">simplefile</span></tt></p>
</td>
<td><blockquote class="first last">
<div><p>Package file name. No name parsing is performed, so no
extra fields get set.  This is only used for manual
maintenance of <tt class="docutils literal"><span class="pre">gpg-pubkey</span></tt> packages with the
<a class="reference internal" href="../../../client/tools/yum.html#client-tools-yum"><em>YUM, YUM24, or RPM</em></a>
driver.</p>
</div></blockquote>
</td>
<td><p class="first last"><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></p>
</td>
<td><p class="first last">No</p>
</td>
<td><p class="first last">None</p>
</td>
</tr>
<tr class="row-even"><td><p class="first last"><span class="target" id="attribute:Instance:verify_fail_action"></span><tt class="docutils literal"><span class="pre">verify_fail_action</span></tt></p>
</td>
<td><blockquote class="first last">
<div><p>If this is set to any value other than &#8220;reinstall&#8221;, a
package that fails package verification will not be
reinstalled with the <a class="reference internal" href="../../../client/tools/yum.html#client-tools-yum"><em>YUM24 and RPM</em></a> drivers.</p>
</div></blockquote>
</td>
<td><p class="first last"><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></p>
</td>
<td><p class="first last">No</p>
</td>
<td><p class="first last">None</p>
</td>
</tr>
<tr class="row-odd"><td><p class="first last"><span class="target" id="attribute:Instance:verify_flags"></span><tt class="docutils literal"><span class="pre">verify_flags</span></tt></p>
</td>
<td><blockquote class="first last">
<div><p>Comma-separated list of flags to pass to the package
verification routines of the <a class="reference internal" href="../../../client/tools/yum.html#client-tools-yum"><em>YUM, YUM24, or RPM</em></a> driver.  See <tt class="docutils literal"><span class="pre">man</span> <span class="pre">rpm</span></tt> for
details on the flags.</p>
</div></blockquote>
</td>
<td><p class="first last"><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></p>
</td>
<td><p class="first last">No</p>
</td>
<td><p class="first last">None</p>
</td>
</tr>
<tr class="row-even"><td><p class="first last"><span class="target" id="attribute:Instance:version"></span><tt class="docutils literal"><span class="pre">version</span></tt></p>
</td>
<td><blockquote class="first last">
<div><p>The version of the package to be installed. See
<a class="reference internal" href="#attribute:PackageType:version"><tt class="xref xml xml-attribute docutils literal"><span class="pre">version</span></tt></a> for details.</p>
</div></blockquote>
</td>
<td><p class="first last"><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></p>
</td>
<td><p class="first last">No</p>
</td>
<td><p class="first last">None</p>
</td>
</tr>
<tr class="row-odd"><td><p class="first last"><span class="target" id="attribute:Instance:version_fail_action"></span><tt class="docutils literal"><span class="pre">version_fail_action</span></tt></p>
</td>
<td><blockquote class="first last">
<div><p>If this is set to any value other than &#8220;upgrade&#8221;, a
package that has the incorrect version installed will
not be fixed with the <a class="reference internal" href="../../../client/tools/yum.html#client-tools-yum"><em>YUM24 and RPM</em></a> drivers.  Note that
&#8220;upgrade&#8221; is misleading; if a package is installed
that is newer than the desired version, it will not be
downgraded if this attribute is set to anything other
than &#8220;upgrade&#8221;.</p>
</div></blockquote>
</td>
<td><p class="first last"><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></p>
</td>
<td><p class="first last">No</p>
</td>
<td><tt class="first last docutils literal"><span class="pre">upgrade</span></tt></td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

</li>
</ul>
</dd>
<dt>Element groups:</dt>
<dd><li class="first last"><a class="reference internal" href="../../genshi-xml.html#group:py:genshiElements"><tt class="docutils literal"><span class="pre">py:genshiElements</span></tt></a></li>
</dd>
</dl>
</dd>
</dl>

<dl class="group" id="group:py:genshiElements">
<dt id="group:py:genshiElements">
<!--[group:py:genshiElements]--><em>group</em> <strong>py:genshiElements</strong><a class="headerlink" href="#group:py:genshiElements" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>Most Genshi templating directives can be used either as
standalone elements or as attributes on existing elements.
This element group defines the standalone tags.</div></blockquote>
<dt>Elements:</dt>
<dd class="last"><p class="first"><span class="target" id="element:py:with"></span><dl class="element">
<dt id="element:py:with">
<!--[element:py:with]--><em>element</em> <strong>py:with</strong><a class="headerlink" href="#element:py:with" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><p class="first"></p>
<dl class="last docutils" id="complexType:py:withType">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:py:withType:vars"></span><tt class="docutils literal"><span class="pre">py:vars</span></tt></td>
<td><blockquote class="first last">
<div>A semicolon-delimited list of variables to define and their
values.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<p><strong>Any</strong> arbitrary child elements allowed</p>
<dt>Text content:</dt>
<dd>Any</dd>
</dl>
</dd>
</dl>

</p>
<p><span class="target" id="element:py:replace"></span><dl class="element">
<dt id="element:py:replace">
<!--[element:py:replace]--><em>element</em> <strong>py:replace</strong><a class="headerlink" href="#element:py:replace" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><p class="first"></p>
<dl class="last docutils" id="complexType:py:replaceType">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:py:replaceType:value"></span><tt class="docutils literal"><span class="pre">py:value</span></tt></td>
<td><blockquote class="first last">
<div>The value to replace the contents with.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<p><strong>Any</strong> arbitrary child elements allowed</p>
<dt>Text content:</dt>
<dd>Any</dd>
</dl>
</dd>
</dl>

</p>
<p><span class="target" id="element:py:choose"></span><dl class="element">
<dt id="element:py:choose">
<!--[element:py:choose]--><em>element</em> <strong>py:choose</strong><a class="headerlink" href="#element:py:choose" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><p class="first"></p>
<dl class="last docutils" id="complexType:py:chooseType">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:py:chooseType:test"></span><tt class="docutils literal"><span class="pre">py:test</span></tt></td>
<td><blockquote class="first last">
<div>If <tt class="docutils literal"><span class="pre">test</span></tt> is set, the child <a class="reference internal" href="../../genshi-xml.html#element:py:when"><tt class="xref xml xml-element docutils literal"><span class="pre">py:when</span></tt></a>
directives are tested for equality to the value of the
expression.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Child elements:</dt>
<dd><ul class="first last">
<li><dl class="element" id="element:py:when">
<dt id="element:py:when">
<!--[element:py:when]--><em>element</em> <strong>py:when</strong><a class="headerlink" href="#element:py:when" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div><p>The <tt class="docutils literal"><span class="pre">when</span></tt> directive is used inside
<a class="reference internal" href="../../genshi-xml.html#complexType:py:chooseType"><tt class="xref xml xml-type docutils literal"><span class="pre">py:chooseType</span></tt></a> or
<a class="reference internal" href="../../genshi-xml.html#attribute:py:genshiAttrs:choose"><tt class="xref xml xml-attribute docutils literal"><span class="pre">choose</span></tt></a> to handle a single
specific condition.</p>
</div></blockquote>
<dl class="last docutils" id="complexType:py:ifType">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head"><p class="first last">Name</p>
</th>
<th class="head"><p class="first last">Description</p>
</th>
<th class="head"><p class="first last">Values</p>
</th>
<th class="head"><p class="first last">Required</p>
</th>
<th class="head"><p class="first last">Default</p>
</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><p class="first last"><span class="target" id="attribute:py:ifType:test"></span><tt class="docutils literal"><span class="pre">py:test</span></tt></p>
</td>
<td><blockquote class="first last">
<div><p>The statement giving the value to test</p>
</div></blockquote>
</td>
<td><p class="first last"><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></p>
</td>
<td><p class="first last">Yes</p>
</td>
<td><p class="first last">None</p>
</td>
</tr>
</tbody>
</table>
</dd>
<p><strong>Any</strong> arbitrary child elements allowed</p>
<dt>Text content:</dt>
<dd><p class="first last">Any</p>
</dd>
</dl>
</dd>
</dl>

</li>
<li><dl class="element" id="element:py:otherwise">
<dt id="element:py:otherwise">
<!--[element:py:otherwise]--><em>element</em> <strong>py:otherwise</strong><a class="headerlink" href="#element:py:otherwise" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><p class="first"></p>
<dl class="last docutils" id="complexType:py:otherwiseType">
<p><strong>Any</strong> arbitrary child elements allowed</p>
<dt>Text content:</dt>
<dd><p class="first last">Any</p>
</dd>
</dl>
</dd>
</dl>

</li>
</ul>
</dd>
<dt>Text content:</dt>
<dd>Any</dd>
</dl>
</dd>
</dl>

</p>
<p><span class="target" id="element:py:for"></span><dl class="element">
<dt id="element:py:for">
<!--[element:py:for]--><em>element</em> <strong>py:for</strong><a class="headerlink" href="#element:py:for" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><p class="first"></p>
<dl class="last docutils" id="complexType:py:forType">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:py:forType:each"></span><tt class="docutils literal"><span class="pre">py:each</span></tt></td>
<td><blockquote class="first last">
<div>The loop iterator</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<p><strong>Any</strong> arbitrary child elements allowed</p>
<dt>Text content:</dt>
<dd>Any</dd>
</dl>
</dd>
</dl>

</p>
<p><span class="target" id="element:py:if"></span><dl class="element">
<dt id="element:py:if">
<!--[element:py:if]--><em>element</em> <strong>py:if</strong><a class="headerlink" href="#element:py:if" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><p class="first"></p>
<dl class="last docutils" id="complexType:py:ifType">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:py:ifType:test"></span><tt class="docutils literal"><span class="pre">py:test</span></tt></td>
<td><blockquote class="first last">
<div>The statement giving the value to test</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<p><strong>Any</strong> arbitrary child elements allowed</p>
<dt>Text content:</dt>
<dd>Any</dd>
</dl>
</dd>
</dl>

</p>
<p><span class="target" id="element:py:match"></span><dl class="element">
<dt id="element:py:match">
<!--[element:py:match]--><em>element</em> <strong>py:match</strong><a class="headerlink" href="#element:py:match" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><p class="first"></p>
<dl class="last docutils" id="complexType:py:matchType">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:py:matchType:path"></span><tt class="docutils literal"><span class="pre">py:path</span></tt></td>
<td><blockquote class="first last">
<div>XPath expression to search for in the template.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:py:matchType:buffer"></span><tt class="docutils literal"><span class="pre">py:buffer</span></tt></td>
<td><blockquote class="first last">
<div>Whether the matched content should be buffered in
memory. Buffering can improve performance a bit at the cost
of needing more memory during rendering. Buffering is
<em>required</em> for match templates that contain more than one
invocation of the <tt class="docutils literal"><span class="pre">select()</span></tt> function. If there is only
one call, and the matched content can potentially be very
long, consider disabling buffering to avoid excessive memory
use.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">true</span></tt></td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:py:matchType:once"></span><tt class="docutils literal"><span class="pre">py:once</span></tt></td>
<td><blockquote class="first last">
<div>Whether the engine should stop looking for more matching
elements after the first match. Use this on match templates
that match elements that can only occur once in the stream,
such as the &lt;head&gt; or &lt;body&gt; elements in an HTML
template, or elements with a specific ID.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">false</span></tt></td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:py:matchType:recursive"></span><tt class="docutils literal"><span class="pre">py:recursive</span></tt></td>
<td><blockquote class="first last">
<div>Whether the match template should be applied to its own
output. Note that once implies non-recursive behavior, so
this attribute only needs to be set for match templates that
don&#8217;t also have once set.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">true</span></tt></td>
</tr>
</tbody>
</table>
</dd>
<p><strong>Any</strong> arbitrary child elements allowed</p>
<dt>Text content:</dt>
<dd>Any</dd>
</dl>
</dd>
</dl>

</p>
<p class="last"><span class="target" id="element:py:def"></span><dl class="element">
<dt id="element:py:def">
<!--[element:py:def]--><em>element</em> <strong>py:def</strong><a class="headerlink" href="#element:py:def" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><p class="first"></p>
<dl class="last docutils" id="complexType:py:defType">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:py:defType:function"></span><tt class="docutils literal"><span class="pre">py:function</span></tt></td>
<td><blockquote class="first last">
<div>The function prototype</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<p><strong>Any</strong> arbitrary child elements allowed</p>
<dt>Text content:</dt>
<dd>Any</dd>
</dl>
</dd>
</dl>

</p>
</dd>
</dd>
</dl>

</div>
<div class="section" id="action-tag">
<h3>Action Tag<a class="headerlink" href="#action-tag" title="Permalink to this headline">¶</a></h3>
<dl class="complexType" id="complexType:ActionType">
<dt id="complexType:ActionType">
<!--[complexType:ActionType]--><em>complexType</em> <strong>ActionType</strong><a class="headerlink" href="#complexType:ActionType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>Action entries are external shell commands that are executed
either before bundle installation, after bundle installation
or both.</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:ActionType:command"></span><tt class="docutils literal"><span class="pre">command</span></tt></td>
<td><blockquote class="first last">
<div>The command to run.  The command is executed within a shell,
so flow control and other shell-specific things can be used.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:ActionType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>The freeform name of the action.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:ActionType:status"></span><tt class="docutils literal"><span class="pre">status</span></tt></td>
<td><blockquote class="first last">
<div>Whether or not to check the return code of the action.  If
this is &#8220;check&#8221;, then a non-zero return code will result in
the entry being flagged as bad.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">ignore</span></tt> | <tt class="docutils literal"><span class="pre">check</span></tt></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:ActionType:timing"></span><tt class="docutils literal"><span class="pre">timing</span></tt></td>
<td><blockquote class="first last">
<div>When the action is run.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">both</span></tt> | <tt class="docutils literal"><span class="pre">pre</span></tt> | <tt class="docutils literal"><span class="pre">post</span></tt></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:ActionType:when"></span><tt class="docutils literal"><span class="pre">when</span></tt></td>
<td><blockquote class="first last">
<div>If the action is always run, or is only run when a bundle
has been modified.  Actions that run before bundle
installation (&#8220;pre&#8221; and &#8220;both&#8221;) ignore the setting of
<tt class="docutils literal"><span class="pre">when</span></tt> and are always run regardless.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">modified</span></tt> | <tt class="docutils literal"><span class="pre">always</span></tt></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:ActionType:build"></span><tt class="docutils literal"><span class="pre">build</span></tt></td>
<td><blockquote class="first last">
<div>Also execute the action in build mode.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">true</span></tt></td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

<p>See also <a class="reference internal" href="../../../client/tools/actions.html#client-tools-actions"><em>Actions</em></a>.</p>
</div>
<div class="section" id="service-tag">
<h3>Service Tag<a class="headerlink" href="#service-tag" title="Permalink to this headline">¶</a></h3>
<dl class="complexType" id="complexType:ServiceType">
<dt id="complexType:ServiceType">
<!--[complexType:ServiceType]--><em>complexType</em> <strong>ServiceType</strong><a class="headerlink" href="#complexType:ServiceType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>Concrete description of a service entry.  Note that, due to
the great proliferation of init systems, many of the
attributes listed only apply to one or a few client tools.</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:ServiceType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>The name of the service.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:ServiceType:FMRI"></span><tt class="docutils literal"><span class="pre">FMRI</span></tt></td>
<td><blockquote class="first last">
<div>The resource identifier for SMF services.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:ServiceType:install"></span><tt class="docutils literal"><span class="pre">install</span></tt></td>
<td><blockquote class="first last">
<div>Whether or not to install the service initially.  (New in
1.3; replaces &#8220;mode&#8221; attribute.)</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">true</span></tt></td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:ServiceType:parameters"></span><tt class="docutils literal"><span class="pre">parameters</span></tt></td>
<td><blockquote class="first last">
<div>Parameters to pass to the service.  Only meaningful for
Upstart services.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:ServiceType:restart"></span><tt class="docutils literal"><span class="pre">restart</span></tt></td>
<td><blockquote class="first last">
<div>Whether or not to restart the service when the bundle is
modified.  (New in 1.3; replaces &#8220;mode&#8221; attribute.)</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt> | <tt class="docutils literal"><span class="pre">interactive</span></tt></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">true</span></tt></td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:ServiceType:sequence"></span><tt class="docutils literal"><span class="pre">sequence</span></tt></td>
<td><blockquote class="first last">
<div>Order for service startup.  Only meaningful for DebInit
services.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:ServiceType:status"></span><tt class="docutils literal"><span class="pre">status</span></tt></td>
<td><blockquote class="first last">
<div>Whether the service should start at boot.  If this is set to
&#8220;ignore&#8221;, then the boot-time status of the service will not
be checked.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">on</span></tt> | <tt class="docutils literal"><span class="pre">off</span></tt> | <tt class="docutils literal"><span class="pre">ignore</span></tt></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">off</span></tt></td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:ServiceType:target"></span><tt class="docutils literal"><span class="pre">target</span></tt></td>
<td><blockquote class="first last">
<div>Command to pass to the service management system when
restarting a service.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">restart</span></tt></td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:ServiceType:type"></span><tt class="docutils literal"><span class="pre">type</span></tt></td>
<td><blockquote class="first last">
<div>Driver to use on the client to manage this service.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">chkconfig</span></tt> | <tt class="docutils literal"><span class="pre">deb</span></tt> | <tt class="docutils literal"><span class="pre">rc-update</span></tt> | <tt class="docutils literal"><span class="pre">smf</span></tt> | <tt class="docutils literal"><span class="pre">upstart</span></tt> | <tt class="docutils literal"><span class="pre">systemd</span></tt> | <tt class="docutils literal"><span class="pre">launchd</span></tt> | <tt class="docutils literal"><span class="pre">freebsd</span></tt></td>
<td>No</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

<div class="section" id="service-mode-specification">
<h4>Service mode specification<a class="headerlink" href="#service-mode-specification" title="Permalink to this headline">¶</a></h4>
<p class="versionadded">
<span class="versionmodified">New in version 1.3.0.</span></p>
<p>In the 1.3.0 release, the &#8220;mode&#8221; attribute has been replaced by a pair
of attributes, <a class="reference internal" href="#attribute:ServiceType:restart"><tt class="xref xml xml-attribute docutils literal"><span class="pre">restart</span></tt></a> and
<a class="reference internal" href="#attribute:ServiceType:install"><tt class="xref xml xml-attribute docutils literal"><span class="pre">install</span></tt></a>, which control how a service is
handled more granularly than the old &#8220;mode&#8221; attribute.  The old &#8220;mode&#8221;
attribute values are equivalent as follows:</p>
<table border="1" class="docutils">
<colgroup>
<col width="41%" />
<col width="59%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Mode attribute</th>
<th class="head">Equivalent</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><tt class="docutils literal"><span class="pre">mode=&quot;default&quot;</span></tt></td>
<td><tt class="docutils literal"><span class="pre">restart=&quot;true&quot;</span> <span class="pre">install=&quot;true&quot;</span></tt></td>
</tr>
<tr class="row-odd"><td><tt class="docutils literal"><span class="pre">mode=&quot;interactive_only&quot;</span></tt></td>
<td><tt class="docutils literal"><span class="pre">restart=&quot;interactive&quot;</span> <span class="pre">install=&quot;true&quot;</span></tt></td>
</tr>
<tr class="row-even"><td><tt class="docutils literal"><span class="pre">mode=&quot;supervised&quot;</span></tt></td>
<td><tt class="docutils literal"><span class="pre">restart=&quot;true&quot;</span> <span class="pre">install=&quot;true&quot;</span></tt></td>
</tr>
<tr class="row-odd"><td><tt class="docutils literal"><span class="pre">mode=&quot;manual&quot;</span></tt></td>
<td><tt class="docutils literal"><span class="pre">restart=&quot;false&quot;</span> <span class="pre">install=&quot;false&quot;</span></tt></td>
</tr>
</tbody>
</table>
<p>The default is <tt class="docutils literal"><span class="pre">restart=&quot;true&quot;</span> <span class="pre">install=&quot;true&quot;</span></tt></p>
<p>Previously, &#8220;supervised&#8221; could be used to start a service during the
verification phase; this is no longer supported.  Services that have
been stopped on a client will be started during the install phase.</p>
</div>
</div>
<div class="section" id="path-tag">
<h3>Path Tag<a class="headerlink" href="#path-tag" title="Permalink to this headline">¶</a></h3>
<p>The Path tag has different values depending on the <em>type</em> attribute of
the path specified in your configuration. Below is a set of tables which
describe the attributes available for various Path types.</p>
<p>Note that <tt class="docutils literal"><span class="pre">secontext</span></tt> below expects a full context, not just the
type.  For instance, &#8220;<tt class="docutils literal"><span class="pre">system_u:object_r:etc_t:s0</span></tt>&#8221;, not just
<tt class="docutils literal"><span class="pre">etc_t</span></tt>.  You can also specify &#8220;<tt class="docutils literal"><span class="pre">__default__</span></tt>&#8221;, which will restore
the context of the file to the default set by policy.  See
<a class="reference internal" href="../../selinux.html#server-selinux"><em>SELinux</em></a> for more information.</p>
<p>Attributes common to all Path tags:</p>
<dl class="complexType" id="complexType:PathType">
</dt>
<dd><dl class="first last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:PathType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>Full path.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:type"></span><tt class="docutils literal"><span class="pre">type</span></tt></td>
<td><blockquote class="first last">
<div>Type of path to manage.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">device</span></tt> | <tt class="docutils literal"><span class="pre">directory</span></tt> | <tt class="docutils literal"><span class="pre">file</span></tt> | <tt class="docutils literal"><span class="pre">hardlink</span></tt> | <tt class="docutils literal"><span class="pre">ignore</span></tt> | <tt class="docutils literal"><span class="pre">nonexistent</span></tt> | <tt class="docutils literal"><span class="pre">permissions</span></tt> | <tt class="docutils literal"><span class="pre">symlink</span></tt> | <tt class="docutils literal"><span class="pre">vcs</span></tt></td>
<td>No</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
</dl>
</dd>
</dl>

<div class="section" id="device">
<h4>device<a class="headerlink" href="#device" title="Permalink to this headline">¶</a></h4>
<p>Manage devices.</p>
<dl class="complexType" id="complexType:PathType">
</dt>
<dd><dl class="first last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:PathType:dev_type"></span><tt class="docutils literal"><span class="pre">dev_type</span></tt></td>
<td><blockquote class="first last">
<div>Type of device.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">block</span></tt> | <tt class="docutils literal"><span class="pre">char</span></tt> | <tt class="docutils literal"><span class="pre">fifo</span></tt></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:group"></span><tt class="docutils literal"><span class="pre">group</span></tt></td>
<td><blockquote class="first last">
<div>Group name or GID number</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PathType:mode"></span><tt class="docutils literal"><span class="pre">mode</span></tt></td>
<td><blockquote class="first last">
<div>Permissions mode in octal format.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger"><tt class="docutils literal"><span class="pre">nonNegativeInteger</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:owner"></span><tt class="docutils literal"><span class="pre">owner</span></tt></td>
<td><blockquote class="first last">
<div>Owner username or UID number</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PathType:major"></span><tt class="docutils literal"><span class="pre">major</span></tt></td>
<td><blockquote class="first last">
<div>Major device number (<tt class="docutils literal"><span class="pre">block</span></tt> and <tt class="docutils literal"><span class="pre">char</span></tt> devices only).</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger"><tt class="docutils literal"><span class="pre">nonNegativeInteger</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:minor"></span><tt class="docutils literal"><span class="pre">minor</span></tt></td>
<td><blockquote class="first last">
<div>Minor device number (<tt class="docutils literal"><span class="pre">block</span></tt> and <tt class="docutils literal"><span class="pre">char</span></tt> devices only).</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger"><tt class="docutils literal"><span class="pre">nonNegativeInteger</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PathType:secontext"></span><tt class="docutils literal"><span class="pre">secontext</span></tt></td>
<td><blockquote class="first last">
<div>SELinux context for the path.  This should be a full
context, not just the type.  E.g.,
<tt class="docutils literal"><span class="pre">system_u:object_r:etc_t:s0</span></tt>, not just <tt class="docutils literal"><span class="pre">etc_t</span></tt>.  You can
also specify <tt class="docutils literal"><span class="pre">__default__</span></tt>, which will restore the context
of the file to the default set by policy.  See
<a class="reference internal" href="../../selinux.html#server-selinux"><em>SELinux</em></a> for more information.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">__default__</span></tt></td>
</tr>
</tbody>
</table>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="directory">
<h4>directory<a class="headerlink" href="#directory" title="Permalink to this headline">¶</a></h4>
<p>Entry represents a directory.  <a class="reference internal" href="#attribute:PathType:prune"><tt class="xref xml xml-attribute docutils literal"><span class="pre">prune</span></tt></a> can be
set to remove all contents from the directory that are not explicitly
specified in Bcfg2.</p>
<dl class="complexType" id="complexType:PathType">
</dt>
<dd><dl class="first last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:PathType:group"></span><tt class="docutils literal"><span class="pre">group</span></tt></td>
<td><blockquote class="first last">
<div>Group name or GID number</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:mode"></span><tt class="docutils literal"><span class="pre">mode</span></tt></td>
<td><blockquote class="first last">
<div>Permissions mode in octal format.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger"><tt class="docutils literal"><span class="pre">nonNegativeInteger</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PathType:owner"></span><tt class="docutils literal"><span class="pre">owner</span></tt></td>
<td><blockquote class="first last">
<div>Owner username or UID number</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:prune"></span><tt class="docutils literal"><span class="pre">prune</span></tt></td>
<td><blockquote class="first last">
<div>Remove entries that are not in the Bcfg2 specification from
the directory.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PathType:secontext"></span><tt class="docutils literal"><span class="pre">secontext</span></tt></td>
<td><blockquote class="first last">
<div>SELinux context for the path.  This should be a full
context, not just the type.  E.g.,
<tt class="docutils literal"><span class="pre">system_u:object_r:etc_t:s0</span></tt>, not just <tt class="docutils literal"><span class="pre">etc_t</span></tt>.  You can
also specify <tt class="docutils literal"><span class="pre">__default__</span></tt>, which will restore the context
of the file to the default set by policy.  See
<a class="reference internal" href="../../selinux.html#server-selinux"><em>SELinux</em></a> for more information.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">__default__</span></tt></td>
</tr>
</tbody>
</table>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="file">
<h4>file<a class="headerlink" href="#file" title="Permalink to this headline">¶</a></h4>
<p>Distribute an file with content explicitly specified in-line (i.e., as
opposed to using <a class="reference internal" href="cfg.html#server-plugins-generators-cfg"><em>Cfg</em></a> for this file).
If the file has no content, <a class="reference internal" href="#attribute:PathType:empty"><tt class="xref xml xml-attribute docutils literal"><span class="pre">empty</span></tt></a> <em>must</em> be
set to <tt class="docutils literal"><span class="pre">true</span></tt>.</p>
<dl class="complexType" id="complexType:PathType">
</dt>
<dd><dl class="first last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:PathType:group"></span><tt class="docutils literal"><span class="pre">group</span></tt></td>
<td><blockquote class="first last">
<div>Group name or GID number</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:mode"></span><tt class="docutils literal"><span class="pre">mode</span></tt></td>
<td><blockquote class="first last">
<div>Permissions mode in octal format.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger"><tt class="docutils literal"><span class="pre">nonNegativeInteger</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PathType:owner"></span><tt class="docutils literal"><span class="pre">owner</span></tt></td>
<td><blockquote class="first last">
<div>Owner username or UID number</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:empty"></span><tt class="docutils literal"><span class="pre">empty</span></tt></td>
<td><blockquote class="first last">
<div>The file entry has no content.  This must be set as a
safeguard against accidentally empty content.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PathType:secontext"></span><tt class="docutils literal"><span class="pre">secontext</span></tt></td>
<td><blockquote class="first last">
<div>SELinux context for the path.  This should be a full
context, not just the type.  E.g.,
<tt class="docutils literal"><span class="pre">system_u:object_r:etc_t:s0</span></tt>, not just <tt class="docutils literal"><span class="pre">etc_t</span></tt>.  You can
also specify <tt class="docutils literal"><span class="pre">__default__</span></tt>, which will restore the context
of the file to the default set by policy.  See
<a class="reference internal" href="../../selinux.html#server-selinux"><em>SELinux</em></a> for more information.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">__default__</span></tt></td>
</tr>
</tbody>
</table>
</dd>
<dt>Text content:</dt>
<dd>Any</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="hardlink">
<h4>hardlink<a class="headerlink" href="#hardlink" title="Permalink to this headline">¶</a></h4>
<p>Manage a hard link.</p>
<dl class="complexType" id="complexType:PathType">
</dt>
<dd><dl class="first last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:PathType:group"></span><tt class="docutils literal"><span class="pre">group</span></tt></td>
<td><blockquote class="first last">
<div>Group name or GID number</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:mode"></span><tt class="docutils literal"><span class="pre">mode</span></tt></td>
<td><blockquote class="first last">
<div>Permissions mode in octal format.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger"><tt class="docutils literal"><span class="pre">nonNegativeInteger</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PathType:owner"></span><tt class="docutils literal"><span class="pre">owner</span></tt></td>
<td><blockquote class="first last">
<div>Owner username or UID number</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:to"></span><tt class="docutils literal"><span class="pre">to</span></tt></td>
<td><blockquote class="first last">
<div>File to link to</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PathType:secontext"></span><tt class="docutils literal"><span class="pre">secontext</span></tt></td>
<td><blockquote class="first last">
<div>SELinux context for the path.  This should be a full
context, not just the type.  E.g.,
<tt class="docutils literal"><span class="pre">system_u:object_r:etc_t:s0</span></tt>, not just <tt class="docutils literal"><span class="pre">etc_t</span></tt>.  You can
also specify <tt class="docutils literal"><span class="pre">__default__</span></tt>, which will restore the context
of the file to the default set by policy.  See
<a class="reference internal" href="../../selinux.html#server-selinux"><em>SELinux</em></a> for more information.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">__default__</span></tt></td>
</tr>
</tbody>
</table>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="ignore">
<span id="path-ignore"></span><h4>ignore<a class="headerlink" href="#ignore" title="Permalink to this headline">¶</a></h4>
<p><tt class="docutils literal"><span class="pre">ignore</span></tt> lets you flag files that are distributed by system software
packages, but have been modified locally, to be ignored by package
verification routines.  This is useful for, e.g., a package that
installs an initial version of a file and then modifies it
automatically.</p>
<dl class="complexType" id="complexType:PathType">
</dt>
<dd><dl class="first last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:PathType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>Full path.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="nonexistent">
<h4>nonexistent<a class="headerlink" href="#nonexistent" title="Permalink to this headline">¶</a></h4>
<p>Remove the specified file or directory.  If
<a class="reference internal" href="#attribute:PathType:recursive"><tt class="xref xml xml-attribute docutils literal"><span class="pre">recursive</span></tt></a> is set, remove the directory
recursively (i.e., <tt class="docutils literal"><span class="pre">rm</span> <span class="pre">-rf</span></tt>).</p>
<dl class="complexType" id="complexType:PathType">
</dt>
<dd><dl class="first last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:PathType:recursive"></span><tt class="docutils literal"><span class="pre">recursive</span></tt></td>
<td><blockquote class="first last">
<div>Recursively remove files or set permissions, as appropriate.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="permissions">
<h4>permissions<a class="headerlink" href="#permissions" title="Permalink to this headline">¶</a></h4>
<p>Merely set permissions on the specified path, which is presumed to
already exist.</p>
<dl class="complexType" id="complexType:PathType">
</dt>
<dd><dl class="first last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:PathType:group"></span><tt class="docutils literal"><span class="pre">group</span></tt></td>
<td><blockquote class="first last">
<div>Group name or GID number</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:mode"></span><tt class="docutils literal"><span class="pre">mode</span></tt></td>
<td><blockquote class="first last">
<div>Permissions mode in octal format.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#nonNegativeInteger"><tt class="docutils literal"><span class="pre">nonNegativeInteger</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PathType:owner"></span><tt class="docutils literal"><span class="pre">owner</span></tt></td>
<td><blockquote class="first last">
<div>Owner username or UID number</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:recursive"></span><tt class="docutils literal"><span class="pre">recursive</span></tt></td>
<td><blockquote class="first last">
<div>Recursively remove files or set permissions, as appropriate.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PathType:secontext"></span><tt class="docutils literal"><span class="pre">secontext</span></tt></td>
<td><blockquote class="first last">
<div>SELinux context for the path.  This should be a full
context, not just the type.  E.g.,
<tt class="docutils literal"><span class="pre">system_u:object_r:etc_t:s0</span></tt>, not just <tt class="docutils literal"><span class="pre">etc_t</span></tt>.  You can
also specify <tt class="docutils literal"><span class="pre">__default__</span></tt>, which will restore the context
of the file to the default set by policy.  See
<a class="reference internal" href="../../selinux.html#server-selinux"><em>SELinux</em></a> for more information.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">__default__</span></tt></td>
</tr>
</tbody>
</table>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="symlink">
<h4>symlink<a class="headerlink" href="#symlink" title="Permalink to this headline">¶</a></h4>
<p>Manage symlinks.</p>
<dl class="complexType" id="complexType:PathType">
</dt>
<dd><dl class="first last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:PathType:to"></span><tt class="docutils literal"><span class="pre">to</span></tt></td>
<td><blockquote class="first last">
<div>File to link to</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="vcs">
<h4>vcs<a class="headerlink" href="#vcs" title="Permalink to this headline">¶</a></h4>
<p>Check out the specified VCS repository to the given path.</p>
<dl class="complexType" id="complexType:PathType">
</dt>
<dd><dl class="first last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:PathType:revision"></span><tt class="docutils literal"><span class="pre">revision</span></tt></td>
<td><blockquote class="first last">
<div>The revision to checkout.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:PathType:sourceurl"></span><tt class="docutils literal"><span class="pre">sourceurl</span></tt></td>
<td><blockquote class="first last">
<div>The VCS URL to checkout.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#anyURI"><tt class="docutils literal"><span class="pre">anyURI</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:PathType:vcstype"></span><tt class="docutils literal"><span class="pre">vcstype</span></tt></td>
<td><blockquote class="first last">
<div>The VCS backend to checkout contents from.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">svn</span></tt> | <tt class="docutils literal"><span class="pre">git</span></tt></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="acls">
<span id="server-plugins-generators-rules-acls"></span><h4>ACLs<a class="headerlink" href="#acls" title="Permalink to this headline">¶</a></h4>
<p class="versionadded">
<span class="versionmodified">New in version 1.3.0.</span></p>
<p>ACLs on a Path entry are specified not by attributes on the tag but by
child <tt class="docutils literal"><span class="pre">&lt;ACL&gt;</span></tt> tags.  For instance:</p>
<div class="highlight-xml"><div class="highlight"><pre><span class="nt">&lt;Path</span> <span class="na">name=</span><span class="s">&quot;/etc/foo&quot;</span> <span class="na">type=</span><span class="s">&quot;directory&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">group=</span><span class="s">&quot;root&quot;</span>
      <span class="na">mode=</span><span class="s">&quot;0775&quot;</span><span class="nt">&gt;</span>
  <span class="nt">&lt;ACL</span> <span class="na">type=</span><span class="s">&quot;default&quot;</span> <span class="na">scope=</span><span class="s">&quot;user&quot;</span> <span class="na">user=</span><span class="s">&quot;foouser&quot;</span> <span class="na">perms=</span><span class="s">&quot;rw&quot;</span><span class="nt">/&gt;</span>
  <span class="nt">&lt;ACL</span> <span class="na">type=</span><span class="s">&quot;default&quot;</span> <span class="na">scope=</span><span class="s">&quot;group&quot;</span> <span class="na">group=</span><span class="s">&quot;users&quot;</span> <span class="na">perms=</span><span class="s">&quot;rx&quot;</span><span class="nt">/&gt;</span>
<span class="nt">&lt;/Path&gt;</span>
</pre></div>
</div>
<dl class="element" id="element:ACL">
<dt id="element:ACL">
<!--[element:ACL]--><em>element</em> <strong>ACL</strong><a class="headerlink" href="#element:ACL" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><p class="first"></p>
<dl class="last docutils" id="complexType:ACLType">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:ACLType:perms"></span><tt class="docutils literal"><span class="pre">perms</span></tt></td>
<td><blockquote class="first last">
<div><p>Permissions for the ACL.  This can either be a single octal
digit (e.g., <tt class="docutils literal"><span class="pre">6</span></tt> would indicate read and write, but not
execute), or a symbolic mode including &#8216;r&#8217;, &#8216;w&#8217;, and &#8216;x&#8217;.
You can include &#8216;-&#8216; for operations that are not permitted,
but it&#8217;s not required.  I.e., all of the following are
identical:</p>
<div class="highlight-python"><div class="highlight"><pre><span class="n">perms</span><span class="o">=</span><span class="s">&quot;5&quot;</span>
<span class="n">perms</span><span class="o">=</span><span class="s">&quot;rx&quot;</span>
<span class="n">perms</span><span class="o">=</span><span class="s">&quot;r-x&quot;</span>
</pre></div>
</div>
</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:ACLType:type"></span><tt class="docutils literal"><span class="pre">type</span></tt></td>
<td><blockquote class="first last">
<div>ACL type</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">default</span></tt> | <tt class="docutils literal"><span class="pre">access</span></tt></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:ACLType:group"></span><tt class="docutils literal"><span class="pre">group</span></tt></td>
<td><blockquote class="first last">
<div>Group the ACL applies to (with
<a class="reference internal" href="#attribute:ACLType:scope"><tt class="xref xml xml-attribute docutils literal"><span class="pre">scope</span></tt></a> = <tt class="docutils literal"><span class="pre">group</span></tt>).</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:ACLType:scope"></span><tt class="docutils literal"><span class="pre">scope</span></tt></td>
<td><blockquote class="first last">
<div>ACL scope.  This is omitted for
<a class="reference internal" href="#attribute:ACLType:type"><tt class="xref xml xml-attribute docutils literal"><span class="pre">type</span></tt></a> = <tt class="docutils literal"><span class="pre">default</span></tt>.</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">user</span></tt> | <tt class="docutils literal"><span class="pre">group</span></tt></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:ACLType:user"></span><tt class="docutils literal"><span class="pre">user</span></tt></td>
<td><blockquote class="first last">
<div>User the ACL applies to (with <a class="reference internal" href="#attribute:ACLType:scope"><tt class="xref xml xml-attribute docutils literal"><span class="pre">scope</span></tt></a>
= <tt class="docutils literal"><span class="pre">user</span></tt>).</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

<p>It is not currently possible to manually set an effective rights mask;
the mask will be automatically calculated from the given ACLs when
they are applied.</p>
<p>Note that it is possible to set ACLs that demand different permissions
on a file than those specified in the <tt class="docutils literal"><span class="pre">perms</span></tt> attribute on the
<tt class="docutils literal"><span class="pre">Path</span></tt> tag.  For instance:</p>
<div class="highlight-xml"><div class="highlight"><pre><span class="nt">&lt;Path</span> <span class="na">name=</span><span class="s">&quot;/etc/foo&quot;</span> <span class="na">mode=</span><span class="s">&quot;0644&quot;</span> <span class="na">group=</span><span class="s">&quot;root&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span><span class="nt">&gt;</span>
  <span class="nt">&lt;ACL</span> <span class="na">type=</span><span class="s">&quot;access&quot;</span> <span class="na">scope=</span><span class="s">&quot;user&quot;</span> <span class="na">user=</span><span class="s">&quot;foouser&quot;</span> <span class="na">perms=</span><span class="s">&quot;rwx&quot;</span><span class="nt">/&gt;</span>
<span class="nt">&lt;/Path&gt;</span>
</pre></div>
</div>
<p>In this case, we&#8217;ve specified permissions of <tt class="docutils literal"><span class="pre">0644</span></tt>, but the
effective rights mask will be &#8220;rwx,&#8221; so setting the ACL will change
the permissions to <tt class="docutils literal"><span class="pre">0674</span></tt>.  When this happens, Bcfg2 will change the
permissions and set the ACLs on every run and the entry will be
eternally marked as bad.</p>
</div>
</div>
<div class="section" id="selinux-entries">
<h3>SELinux Entries<a class="headerlink" href="#selinux-entries" title="Permalink to this headline">¶</a></h3>
<p class="versionadded">
<span class="versionmodified">New in version 1.3.0.</span></p>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">In order to use these entries, the client also needs to be at least
version 1.3.0 since they require a client tool which is unavailable
in previous versions.</p>
</div>
<p>Below is a set of tables which describe the attributes available
for various SELinux types.  The entry types (except for <tt class="docutils literal"><span class="pre">module</span></tt>)
correspond to <tt class="docutils literal"><span class="pre">semanage</span></tt> subcommands.</p>
<p>Note that the <tt class="docutils literal"><span class="pre">selinuxtype</span></tt> attribute takes only an SELinux type,
not a full context; e.g., &#8220;<tt class="docutils literal"><span class="pre">etc_t</span></tt>&#8221;, not
&#8220;<tt class="docutils literal"><span class="pre">system_u:object_r:etc_t:s0</span></tt>&#8221;.</p>
<p>As it can be very tedious to create a baseline of all existing SELinux
entries, you can use <tt class="docutils literal"><span class="pre">selinux_baseline.py</span></tt> located in the <tt class="docutils literal"><span class="pre">tools/</span></tt>
directory to do that for you.</p>
<p>See <a class="reference internal" href="../../selinux.html#server-selinux"><em>SELinux</em></a> for more information.</p>
<div class="section" id="seboolean-tag">
<h4>SEBoolean Tag<a class="headerlink" href="#seboolean-tag" title="Permalink to this headline">¶</a></h4>
<dl class="complexType" id="complexType:SEBooleanType">
<dt id="complexType:SEBooleanType">
<!--[complexType:SEBooleanType]--><em>complexType</em> <strong>SEBooleanType</strong><a class="headerlink" href="#complexType:SEBooleanType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>Concrete SELinux boolean entry</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:SEBooleanType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>Name of the boolean</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:SEBooleanType:value"></span><tt class="docutils literal"><span class="pre">value</span></tt></td>
<td><blockquote class="first last">
<div>Value of the boolean</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">on</span></tt> | <tt class="docutils literal"><span class="pre">off</span></tt></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="seport-tag">
<h4>SEPort Tag<a class="headerlink" href="#seport-tag" title="Permalink to this headline">¶</a></h4>
<dl class="complexType" id="complexType:SEPortType">
<dt id="complexType:SEPortType">
<!--[complexType:SEPortType]--><em>complexType</em> <strong>SEPortType</strong><a class="headerlink" href="#complexType:SEPortType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>Concrete SELinux port entry</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:SEPortType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>Port number or range and protocol</div></blockquote>
</td>
<td><blockquote>
<div><tt class="docutils literal"><span class="pre">&lt;port&gt;/&lt;proto&gt;</span></tt> or
<tt class="docutils literal"><span class="pre">&lt;start&gt;-&lt;end&gt;/&lt;proto&gt;</span></tt></div></blockquote>
</td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:SEPortType:selinuxtype"></span><tt class="docutils literal"><span class="pre">selinuxtype</span></tt></td>
<td><blockquote class="first last">
<div>SELinux type to apply to this port</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="sefcontext-tag">
<h4>SEFcontext Tag<a class="headerlink" href="#sefcontext-tag" title="Permalink to this headline">¶</a></h4>
<dl class="complexType" id="complexType:SEFcontextType">
<dt id="complexType:SEFcontextType">
<!--[complexType:SEFcontextType]--><em>complexType</em> <strong>SEFcontextType</strong><a class="headerlink" href="#complexType:SEFcontextType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>Concrete SELinux file context (&#8220;fcontext&#8221;) entry</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:SEFcontextType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>Regular expression file specification</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:SEFcontextType:selinuxtype"></span><tt class="docutils literal"><span class="pre">selinuxtype</span></tt></td>
<td><blockquote class="first last">
<div>SELinux type to apply to files matching this specification</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:SEFcontextType:filetype"></span><tt class="docutils literal"><span class="pre">filetype</span></tt></td>
<td><blockquote class="first last">
<div>File type to match</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">all</span></tt> | <tt class="docutils literal"><span class="pre">regular</span></tt> | <tt class="docutils literal"><span class="pre">directory</span></tt> | <tt class="docutils literal"><span class="pre">symlink</span></tt> | <tt class="docutils literal"><span class="pre">pipe</span></tt> | <tt class="docutils literal"><span class="pre">socket</span></tt> | <tt class="docutils literal"><span class="pre">block</span></tt> | <tt class="docutils literal"><span class="pre">char</span></tt></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">all</span></tt></td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="senode-tag">
<h4>SENode Tag<a class="headerlink" href="#senode-tag" title="Permalink to this headline">¶</a></h4>
<dl class="complexType" id="complexType:SENodeType">
<dt id="complexType:SENodeType">
<!--[complexType:SENodeType]--><em>complexType</em> <strong>SENodeType</strong><a class="headerlink" href="#complexType:SENodeType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>Concrete SELinux node entry</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:SENodeType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>IP address and netmask of node</div></blockquote>
</td>
<td><blockquote>
<div><tt class="docutils literal"><span class="pre">&lt;addr&gt;/&lt;netmask&gt;</span></tt>. Netmask can be numeric
(<tt class="docutils literal"><span class="pre">/16</span></tt>) or dotted-quad (<tt class="docutils literal"><span class="pre">/255.255.0.0</span></tt>).</div></blockquote>
</td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:SENodeType:selinuxtype"></span><tt class="docutils literal"><span class="pre">selinuxtype</span></tt></td>
<td><blockquote class="first last">
<div>SELinux type to apply to this node</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:SENodeType:proto"></span><tt class="docutils literal"><span class="pre">proto</span></tt></td>
<td><blockquote class="first last">
<div>Protocol</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">ipv4</span></tt> | <tt class="docutils literal"><span class="pre">ipv6</span></tt></td>
<td>No</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="selogin-tag">
<h4>SELogin Tag<a class="headerlink" href="#selogin-tag" title="Permalink to this headline">¶</a></h4>
<dl class="complexType" id="complexType:SELoginType">
<dt id="complexType:SELoginType">
<!--[complexType:SELoginType]--><em>complexType</em> <strong>SELoginType</strong><a class="headerlink" href="#complexType:SELoginType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>Concrete SELinux login entry</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:SELoginType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>Unix username</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:SELoginType:selinuxuser"></span><tt class="docutils literal"><span class="pre">selinuxuser</span></tt></td>
<td><blockquote class="first last">
<div>SELinux username</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="seuser-tag">
<h4>SEUser Tag<a class="headerlink" href="#seuser-tag" title="Permalink to this headline">¶</a></h4>
<dl class="complexType" id="complexType:SEUserType">
<dt id="complexType:SEUserType">
<!--[complexType:SEUserType]--><em>complexType</em> <strong>SEUserType</strong><a class="headerlink" href="#complexType:SEUserType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>Concrete SELinux user entry</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:SEUserType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>SELinux username</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:SEUserType:prefix"></span><tt class="docutils literal"><span class="pre">prefix</span></tt></td>
<td><blockquote class="first last">
<div>Home directory context prefix</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:SEUserType:roles"></span><tt class="docutils literal"><span class="pre">roles</span></tt></td>
<td><blockquote class="first last">
<div>Space-separated list of rules</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="seinterface-tag">
<h4>SEInterface Tag<a class="headerlink" href="#seinterface-tag" title="Permalink to this headline">¶</a></h4>
<dl class="complexType" id="complexType:SEInterfaceType">
<dt id="complexType:SEInterfaceType">
<!--[complexType:SEInterfaceType]--><em>complexType</em> <strong>SEInterfaceType</strong><a class="headerlink" href="#complexType:SEInterfaceType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>Concrete SELinux interface entry</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:SEInterfaceType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>Interface name</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:SEInterfaceType:selinuxtype"></span><tt class="docutils literal"><span class="pre">selinuxtype</span></tt></td>
<td><blockquote class="first last">
<div>SELinux type to apply to this interface</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="sepermissive-tag">
<h4>SEPermissive Tag<a class="headerlink" href="#sepermissive-tag" title="Permalink to this headline">¶</a></h4>
<dl class="complexType" id="complexType:SEPermissiveType">
<dt id="complexType:SEPermissiveType">
<!--[complexType:SEPermissiveType]--><em>complexType</em> <strong>SEPermissiveType</strong><a class="headerlink" href="#complexType:SEPermissiveType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>Concrete SELinux permissive domain entry</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:SEPermissiveType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>SELinux type to make permissive</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

</div>
<div class="section" id="semodule-tag">
<h4>SEModule Tag<a class="headerlink" href="#semodule-tag" title="Permalink to this headline">¶</a></h4>
<dl class="complexType" id="complexType:SEModuleType">
<dt id="complexType:SEModuleType">
<!--[complexType:SEModuleType]--><em>complexType</em> <strong>SEModuleType</strong><a class="headerlink" href="#complexType:SEModuleType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>Concrete SELinux module entry</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:SEModuleType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>SELinux module name or filename</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:SEModuleType:disabled"></span><tt class="docutils literal"><span class="pre">disabled</span></tt></td>
<td><blockquote class="first last">
<div>Disable this module</div></blockquote>
</td>
<td><tt class="docutils literal"><span class="pre">true</span></tt> | <tt class="docutils literal"><span class="pre">false</span></tt></td>
<td>No</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
<dt>Text content:</dt>
<dd>Any</dd>
</dl>
</dd>
</dl>

<p>See also <a class="reference internal" href="semodules.html#server-plugins-generators-semodules"><em>SEModules</em></a>.</p>
</div>
</div>
<div class="section" id="posixuser-tag">
<h3>POSIXUser Tag<a class="headerlink" href="#posixuser-tag" title="Permalink to this headline">¶</a></h3>
<p class="versionadded">
<span class="versionmodified">New in version 1.3.0.</span></p>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">In order to use this, the client also needs to be at least version
1.3.0 since they require a client tool which is unavailable in
previous versions.</p>
</div>
<dl class="complexType" id="complexType:POSIXUserType">
<dt id="complexType:POSIXUserType">
<!--[complexType:POSIXUserType]--><em>complexType</em> <strong>POSIXUserType</strong><a class="headerlink" href="#complexType:POSIXUserType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>The POSIXUser tag allows you to create users on client machines.</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:POSIXUserType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>Username</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:POSIXUserType:gecos"></span><tt class="docutils literal"><span class="pre">gecos</span></tt></td>
<td><blockquote class="first last">
<div>Human-readable user name or comment.  If this is not set,
the GECOS will be the same as the username.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:POSIXUserType:group"></span><tt class="docutils literal"><span class="pre">group</span></tt></td>
<td><blockquote class="first last">
<div>Name of the user&#8217;s primary group.  If this is not set, the
user&#8217;s primary group will be the same as the username.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:POSIXUserType:home"></span><tt class="docutils literal"><span class="pre">home</span></tt></td>
<td><blockquote class="first last">
<div>User&#8217;s home directory.  Default is <tt class="docutils literal"><span class="pre">/root</span></tt> for the root
user, <tt class="docutils literal"><span class="pre">/home/&lt;username&gt;</span></tt> otherwise.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
<tr class="row-even"><td><span class="target" id="attribute:POSIXUserType:shell"></span><tt class="docutils literal"><span class="pre">shell</span></tt></td>
<td><blockquote class="first last">
<div>User&#8217;s shell</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#string"><tt class="docutils literal"><span class="pre">string</span></tt></a></td>
<td>No</td>
<td><tt class="first last docutils literal"><span class="pre">/bin/bash</span></tt></td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:POSIXUserType:uid"></span><tt class="docutils literal"><span class="pre">uid</span></tt></td>
<td><blockquote class="first last">
<div>User ID number.  If this is not specified, each client is
allowed to set the UID.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#integer"><tt class="docutils literal"><span class="pre">integer</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
<dt>Child elements:</dt>
<dd><ul class="first last">
<li><dl class="element" id="element:MemberOf">
<dt id="element:MemberOf">
<!--[element:MemberOf]--><em>element</em> <strong>MemberOf</strong><a class="headerlink" href="#element:MemberOf" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div><p>Specify additional supplementary groups for the POSIXUser</p>
</div></blockquote>
<p class="last"><strong>MemberOf</strong> takes only text content, which may be the following values: <a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></p>
</dd>
</dl>

</li>
</ul>
</dd>
</dl>
</dd>
</dl>

<p>For example:</p>
<div class="highlight-xml"><div class="highlight"><pre><span class="nt">&lt;POSIXUser</span> <span class="na">name=</span><span class="s">&quot;daemon&quot;</span> <span class="na">home=</span><span class="s">&quot;/sbin&quot;</span> <span class="na">shell=</span><span class="s">&quot;/sbin/nologin&quot;</span>
           <span class="na">gecos=</span><span class="s">&quot;daemon&quot;</span> <span class="na">uid=</span><span class="s">&quot;2&quot;</span> <span class="na">group=</span><span class="s">&quot;daemon&quot;</span><span class="nt">&gt;</span>
  <span class="nt">&lt;MemberOf&gt;</span>lp<span class="nt">&lt;/MemberOf&gt;</span>
  <span class="nt">&lt;MemberOf&gt;</span>adm<span class="nt">&lt;/MemberOf&gt;</span>
  <span class="nt">&lt;MemberOf&gt;</span>bin<span class="nt">&lt;/MemberOf&gt;</span>
<span class="nt">&lt;/POSIXUser&gt;</span>
</pre></div>
</div>
<p>The group specified will automatically be created if it does not
exist, even if there is no <a class="reference internal" href="#complexType:POSIXGroupType"><tt class="xref xml xml-type docutils literal"><span class="pre">POSIXGroup</span> <span class="pre">tag</span></tt></a>
for it.  If you need to specify a particular GID for the group, you
must specify that in a <tt class="docutils literal"><span class="pre">POSIXGroup</span></tt> tag.</p>
<p>If you with to change the default shell, you can do so with <a class="reference internal" href="../structures/defaults.html#server-plugins-structures-defaults"><em>the
Defaults plugin</em></a>.</p>
<p>See <a class="reference internal" href="../../../client/tools/posixusers.html#client-tools-posixusers"><em>POSIXUsers</em></a> for more information on managing
users and groups.</p>
</div>
<div class="section" id="posixgroup-tag">
<h3>POSIXGroup Tag<a class="headerlink" href="#posixgroup-tag" title="Permalink to this headline">¶</a></h3>
<p class="versionadded">
<span class="versionmodified">New in version 1.3.0.</span></p>
<div class="admonition note">
<p class="first admonition-title">Note</p>
<p class="last">In order to use this, the client also needs to be at least version
1.3.0 since they require a client tool which is unavailable in
previous versions.</p>
</div>
<dl class="complexType" id="complexType:POSIXGroupType">
<dt id="complexType:POSIXGroupType">
<!--[complexType:POSIXGroupType]--><em>complexType</em> <strong>POSIXGroupType</strong><a class="headerlink" href="#complexType:POSIXGroupType" title="Permalink to this definition">¶</a></dt>
</dt>
<dd><blockquote class="first">
<div>The POSIXGroup tag allows you to create groups on client
machines.</div></blockquote>
<dl class="last docutils">
<dt>Attributes:</dt>
<dd><table border="1" class="first last docutils">
<colgroup>
<col width="10%" />
<col width="50%" />
<col width="20%" />
<col width="10%" />
<col width="10%" />
</colgroup>
<thead valign="bottom">
<tr class="row-odd"><th class="head">Name</th>
<th class="head">Description</th>
<th class="head">Values</th>
<th class="head">Required</th>
<th class="head">Default</th>
</tr>
</thead>
<tbody valign="top">
<tr class="row-even"><td><span class="target" id="attribute:POSIXGroupType:name"></span><tt class="docutils literal"><span class="pre">name</span></tt></td>
<td><blockquote class="first last">
<div>Username</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#token"><tt class="docutils literal"><span class="pre">token</span></tt></a></td>
<td>Yes</td>
<td>None</td>
</tr>
<tr class="row-odd"><td><span class="target" id="attribute:POSIXGroupType:gid"></span><tt class="docutils literal"><span class="pre">gid</span></tt></td>
<td><blockquote class="first last">
<div>Group ID number.  If this is not specified, each client is
allowed to set the GID.</div></blockquote>
</td>
<td><a class="reference external" href="http://www.w3.org/TR/xmlschema-2/#integer"><tt class="docutils literal"><span class="pre">integer</span></tt></a></td>
<td>No</td>
<td>None</td>
</tr>
</tbody>
</table>
</dd>
<dt>Attribute groups:</dt>
<dd><ul class="first last simple">
<li><a class="reference internal" href="../../genshi-xml.html#attributeGroup:py:genshiAttrs"><tt class="docutils literal"><span class="pre">py:genshiAttrs</span></tt></a></li>
</ul>
</dd>
</dl>
</dd>
</dl>

<p>See <a class="reference internal" href="../../../client/tools/posixusers.html#client-tools-posixusers"><em>POSIXUsers</em></a> for more information on managing
users and groups.</p>
</div>
</div>
<div class="section" id="rules-directory">
<h2>Rules Directory<a class="headerlink" href="#rules-directory" title="Permalink to this headline">¶</a></h2>
<p>The Rules/ directory keeps the XML files that define what rules are
available for a host.  All the files in the directory are processed.</p>
<p>The names of the XML files have no special meaning to Bcfg2; they
are simply named so it&#8217;s easy for the administrator to know what the
contents hold.  All Rules could be kept in a single file if so desired.
Bcfg2 simply uses the Groups in the files and priorities to determine
how to assign Rules to a host&#8217;s literal configuration.</p>
<div class="highlight-xml"><div class="highlight"><pre><span class="nt">&lt;Rules</span> <span class="na">priority=</span><span class="s">&quot;0&quot;</span><span class="nt">&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;directory&#39;</span> <span class="na">group=</span><span class="s">&quot;root&quot;</span> <span class="na">name=</span><span class="s">&quot;/autonfs&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">mode=</span><span class="s">&quot;0755&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;directory&#39;</span> <span class="na">group=</span><span class="s">&quot;utmp&quot;</span> <span class="na">name=</span><span class="s">&quot;/var/run/screen&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">mode=</span><span class="s">&quot;0775&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;directory&#39;</span> <span class="na">group=</span><span class="s">&quot;root&quot;</span> <span class="na">name=</span><span class="s">&quot;/autonfs/stage&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">mode=</span><span class="s">&quot;0755&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;directory&#39;</span> <span class="na">group=</span><span class="s">&quot;root&quot;</span> <span class="na">name=</span><span class="s">&quot;/exports&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">mode=</span><span class="s">&quot;0755&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;directory&#39;</span> <span class="na">name=</span><span class="s">&quot;/etc/condor&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">group=</span><span class="s">&quot;root&quot;</span> <span class="na">mode=</span><span class="s">&quot;0755&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;directory&#39;</span> <span class="na">name=</span><span class="s">&quot;/logs&quot;</span> <span class="na">group=</span><span class="s">&quot;wwwtrans&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">mode=</span><span class="s">&quot;0775&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;directory&#39;</span> <span class="na">name=</span><span class="s">&quot;/mnt&quot;</span> <span class="na">group=</span><span class="s">&quot;root&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">mode=</span><span class="s">&quot;0755&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;directory&#39;</span> <span class="na">name=</span><span class="s">&quot;/my&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">group=</span><span class="s">&quot;root&quot;</span> <span class="na">mode=</span><span class="s">&quot;0755&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;directory&#39;</span> <span class="na">name=</span><span class="s">&quot;/my/bin&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">group=</span><span class="s">&quot;root&quot;</span> <span class="na">mode=</span><span class="s">&quot;0755&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;directory&#39;</span> <span class="na">name=</span><span class="s">&quot;/nfs&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">group=</span><span class="s">&quot;root&quot;</span> <span class="na">mode=</span><span class="s">&quot;0755&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;directory&#39;</span> <span class="na">name=</span><span class="s">&quot;/sandbox&quot;</span> <span class="na">mode=</span><span class="s">&quot;0777&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">group=</span><span class="s">&quot;root&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;directory&#39;</span> <span class="na">name=</span><span class="s">&quot;/software&quot;</span> <span class="na">group=</span><span class="s">&quot;root&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">mode=</span><span class="s">&quot;0755&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;permissions&#39;</span> <span class="na">mode=</span><span class="s">&quot;0555&quot;</span> <span class="na">group=</span><span class="s">&quot;audio&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">name=</span><span class="s">&quot;/dev/dsp&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;permissions&#39;</span> <span class="na">mode=</span><span class="s">&quot;0555&quot;</span> <span class="na">group=</span><span class="s">&quot;audio&quot;</span> <span class="na">owner=</span><span class="s">&quot;root&quot;</span> <span class="na">name=</span><span class="s">&quot;/dev/mixer&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/bin/whatami&quot;</span> <span class="na">to=</span><span class="s">&quot;/mcs/adm/bin/whatami&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/chibahomes&quot;</span> <span class="na">to=</span><span class="s">&quot;/nfs/chiba-homefarm&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/home&quot;</span> <span class="na">to=</span><span class="s">&quot;/nfs/mcs-homefarm&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/homes&quot;</span> <span class="na">to=</span><span class="s">&quot;/home&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/mcs&quot;</span> <span class="na">to=</span><span class="s">&quot;/nfs/mcs&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/my/bin/bash&quot;</span> <span class="na">to=</span><span class="s">&quot;/bin/bash&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/my/bin/tcsh&quot;</span> <span class="na">to=</span><span class="s">&quot;/bin/tcsh&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/my/bin/zsh&quot;</span> <span class="na">to=</span><span class="s">&quot;/bin/zsh&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/software/common&quot;</span> <span class="na">to=</span><span class="s">&quot;/nfs/software-common&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/software/linux&quot;</span> <span class="na">to=</span><span class="s">&quot;/nfs/software-linux&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/software/linux-debian_sarge&quot;</span> <span class="na">to=</span><span class="s">&quot;/nfs/linux-debian_sarge&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/usr/bin/passwd&quot;</span> <span class="na">to=</span><span class="s">&quot;/usr/bin/yppasswd&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/usr/bin/yppasswd&quot;</span> <span class="na">to=</span><span class="s">&quot;/mcs/bin/passwd&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/usr/lib/libgd.so.1.8&quot;</span> <span class="na">to=</span><span class="s">&quot;/usr/lib/libgd.so.1.8.4&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/usr/lib/libtermcap.so.2&quot;</span> <span class="na">to=</span><span class="s">&quot;/usr/lib/libtermcap.so&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/usr/local/bin/perl&quot;</span> <span class="na">to=</span><span class="s">&quot;/usr/bin/perl&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/usr/local/bin/perl5&quot;</span> <span class="na">to=</span><span class="s">&quot;/usr/bin/perl&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Path</span> <span class="na">type=</span><span class="s">&#39;symlink&#39;</span> <span class="na">name=</span><span class="s">&quot;/usr/local/bin/tcsh&quot;</span> <span class="na">to=</span><span class="s">&quot;/bin/tcsh&quot;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Service</span> <span class="na">name=</span><span class="s">&#39;ntpd&#39;</span> <span class="na">status=</span><span class="s">&#39;on&#39;</span> <span class="na">type=</span><span class="s">&#39;chkconfig&#39;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Service</span> <span class="na">name=</span><span class="s">&#39;haldaemon&#39;</span> <span class="na">status=</span><span class="s">&#39;on&#39;</span> <span class="na">type=</span><span class="s">&#39;chkconfig&#39;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Service</span> <span class="na">name=</span><span class="s">&#39;messagebus&#39;</span> <span class="na">status=</span><span class="s">&#39;on&#39;</span> <span class="na">type=</span><span class="s">&#39;chkconfig&#39;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Service</span> <span class="na">name=</span><span class="s">&#39;netfs&#39;</span> <span class="na">status=</span><span class="s">&#39;on&#39;</span> <span class="na">type=</span><span class="s">&#39;chkconfig&#39;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Service</span> <span class="na">name=</span><span class="s">&#39;network&#39;</span> <span class="na">status=</span><span class="s">&#39;on&#39;</span> <span class="na">type=</span><span class="s">&#39;chkconfig&#39;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Service</span> <span class="na">name=</span><span class="s">&#39;rawdevices&#39;</span> <span class="na">status=</span><span class="s">&#39;on&#39;</span> <span class="na">type=</span><span class="s">&#39;chkconfig&#39;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Service</span> <span class="na">name=</span><span class="s">&#39;sshd&#39;</span> <span class="na">status=</span><span class="s">&#39;on&#39;</span> <span class="na">type=</span><span class="s">&#39;chkconfig&#39;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Service</span> <span class="na">name=</span><span class="s">&#39;syslog&#39;</span> <span class="na">status=</span><span class="s">&#39;on&#39;</span> <span class="na">type=</span><span class="s">&#39;chkconfig&#39;</span><span class="nt">/&gt;</span>
    <span class="nt">&lt;Service</span> <span class="na">name=</span><span class="s">&#39;vmware-tools&#39;</span> <span class="na">status=</span><span class="s">&#39;on&#39;</span> <span class="na">type=</span><span class="s">&#39;chkconfig&#39;</span><span class="nt">/&gt;</span>
<span class="nt">&lt;/Rules&gt;</span>
</pre></div>
</div>
</div>
<div class="section" id="using-regular-expressions-in-rules">
<h2>Using Regular Expressions in Rules<a class="headerlink" href="#using-regular-expressions-in-rules" title="Permalink to this headline">¶</a></h2>
<p>If you wish, you can configure the Rules plugin to support regular
expressions.  This entails a small performance and memory usage
penalty.  To do so, add the following setting to <tt class="docutils literal"><span class="pre">bcfg2.conf</span></tt>:</p>
<div class="highlight-python"><div class="highlight"><pre><span class="p">[</span><span class="n">rules</span><span class="p">]</span>
<span class="n">regex</span> <span class="o">=</span> <span class="n">yes</span>
</pre></div>
</div>
<p>With regular expressions enabled, you can use a regex in the <tt class="docutils literal"><span class="pre">name</span></tt>
attribute to match multiple abstract configuration entries.</p>
<p>Regular expressions are anchored at both ends, so <tt class="docutils literal"><span class="pre">&lt;Service</span>
<span class="pre">name=&quot;bcfg2&quot;.../&gt;</span></tt> will <em>not</em> match a Service named <tt class="docutils literal"><span class="pre">bcfg2-server</span></tt>;
you&#8217;d have to explicitly specify <tt class="docutils literal"><span class="pre">&lt;Service</span> <span class="pre">name=&quot;bcfg2.*&quot;.../&gt;</span></tt>.</p>
<p>Note that only one Rule can apply to any abstract entry, so you cannot
specify multiple regexes to match the same rule.</p>
</div>
</div>


          </div>
        </div>
      </div>
      <div class="sphinxsidebar">
        <div class="sphinxsidebarwrapper">
  <h3><a href="../../../index.html">Table Of Contents</a></h3>
  <ul>
<li><a class="reference internal" href="#">Rules</a><ul>
<li><a class="reference internal" href="#usage-of-groups-in-rules">Usage of Groups in Rules</a></li>
<li><a class="reference internal" href="#tag-attributes-in-rules">Tag Attributes in Rules</a><ul>
<li><a class="reference internal" href="#rules-tag">Rules Tag</a></li>
<li><a class="reference internal" href="#package-tag">Package Tag</a></li>
<li><a class="reference internal" href="#action-tag">Action Tag</a></li>
<li><a class="reference internal" href="#service-tag">Service Tag</a><ul>
<li><a class="reference internal" href="#service-mode-specification">Service mode specification</a></li>
</ul>
</li>
<li><a class="reference internal" href="#path-tag">Path Tag</a><ul>
<li><a class="reference internal" href="#device">device</a></li>
<li><a class="reference internal" href="#directory">directory</a></li>
<li><a class="reference internal" href="#file">file</a></li>
<li><a class="reference internal" href="#hardlink">hardlink</a></li>
<li><a class="reference internal" href="#ignore">ignore</a></li>
<li><a class="reference internal" href="#nonexistent">nonexistent</a></li>
<li><a class="reference internal" href="#permissions">permissions</a></li>
<li><a class="reference internal" href="#symlink">symlink</a></li>
<li><a class="reference internal" href="#vcs">vcs</a></li>
<li><a class="reference internal" href="#acls">ACLs</a></li>
</ul>
</li>
<li><a class="reference internal" href="#selinux-entries">SELinux Entries</a><ul>
<li><a class="reference internal" href="#seboolean-tag">SEBoolean Tag</a></li>
<li><a class="reference internal" href="#seport-tag">SEPort Tag</a></li>
<li><a class="reference internal" href="#sefcontext-tag">SEFcontext Tag</a></li>
<li><a class="reference internal" href="#senode-tag">SENode Tag</a></li>
<li><a class="reference internal" href="#selogin-tag">SELogin Tag</a></li>
<li><a class="reference internal" href="#seuser-tag">SEUser Tag</a></li>
<li><a class="reference internal" href="#seinterface-tag">SEInterface Tag</a></li>
<li><a class="reference internal" href="#sepermissive-tag">SEPermissive Tag</a></li>
<li><a class="reference internal" href="#semodule-tag">SEModule Tag</a></li>
</ul>
</li>
<li><a class="reference internal" href="#posixuser-tag">POSIXUser Tag</a></li>
<li><a class="reference internal" href="#posixgroup-tag">POSIXGroup Tag</a></li>
</ul>
</li>
<li><a class="reference internal" href="#rules-directory">Rules Directory</a></li>
<li><a class="reference internal" href="#using-regular-expressions-in-rules">Using Regular Expressions in Rules</a></li>
</ul>
</li>
</ul>

  <h4>Previous topic</h4>
  <p class="topless"><a href="pkgmgr.html"
                        title="previous chapter">Pkgmgr</a></p>
  <h4>Next topic</h4>
  <p class="topless"><a href="semodules.html"
                        title="next chapter">SEModules</a></p>
  <h3>This Page</h3>
  <ul class="this-page-menu">
    <li><a href="../../../_sources/server/plugins/generators/rules.txt"
           rel="nofollow">Show Source</a></li>
  </ul>
<div id="searchbox" style="display: none">
  <h3>Quick search</h3>
    <form class="search" action="../../../search.html" method="get">
      <input type="text" name="q" />
      <input type="submit" value="Go" />
      <input type="hidden" name="check_keywords" value="yes" />
      <input type="hidden" name="area" value="default" />
    </form>
    <p class="searchtip" style="font-size: 90%">
    Enter search terms or a module, class or function name.
    </p>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
        </div>
      </div>
      <div class="clearer"></div>
    </div>
    <div class="related">
      <h3>Navigation</h3>
      <ul>
        <li class="right" style="margin-right: 10px">
          <a href="../../../genindex.html" title="General Index"
             >index</a></li>
        <li class="right" >
          <a href="../../../py-modindex.html" title="Python Module Index"
             >modules</a> |</li>
        <li class="right" >
          <a href="semodules.html" title="SEModules"
             >next</a> |</li>
        <li class="right" >
          <a href="pkgmgr.html" title="Pkgmgr"
             >previous</a> |</li>
	<li><a href="../../../index.html">home</a> |&nbsp;</li>
	<!--<li><a href="../../../search.html">search</a> |&nbsp;</li>-->
	<li><a href="../../../help/index.html">help</a> |&nbsp;</li>
	<li><a href="../../../contents.html">documentation </a> &raquo;</li>

          <li><a href="../../../contents.html" >Bcfg2 documentation 1.3.0</a> &raquo;</li>
          <li><a href="../../index.html" >The Bcfg2 Server</a> &raquo;</li>
          <li><a href="../index.html" >Plugins</a> &raquo;</li> 
      </ul>
    </div>
    <div class="footer">
        &copy; Copyright 2009-2013, Narayan Desai.
      Last updated on Mar 20, 2013.
      Created using <a href="http://sphinx.pocoo.org/">Sphinx</a> 1.1.3.
    </div>
  </body>
</html>