.. -*- mode: rst -*-
.. _appendix-guides-converging_rhel5:
======================================
Converging on Verification with RHEL 5
======================================
Running verification
====================
To get complete verification status, run::
bcfg2 -vqned
Unmanaged entries
=================
* Package (top-level)
#. Enable the "Packages" plugin in ``/etc/bcfg2.conf``, and configure
the Yum repositories in ``/var/lib/bcfg2/Packages/sources.xml``.
#. If a package is unwanted, remove it::
sudo yum remove PACKAGE
#. Otherwise, add ``<Package name="PACKAGE" />`` to the Base or Bundler configuration.
* Package (dependency)
#. Ensure the Yum repository sources configured in
``/var/lib/bcfg2/Packages/sources.xml`` are correct.
#. Ensure the Yum repositories themselves are up-to-date with the main
package and dependencies.
#. Rebuild the Packages plugin cache::
bcfg2-admin xcmd Packages.Refresh
* Service
#. Add ``<Service name="SERVICE" />`` to the Base or Bundler configuration.
#. Add ``<Service name="SERVICE" status="on" type="chkconfig" />`` to
``/var/lib/bcfg2/Rules/services.xml``.
Incorrect entries
=================
For a "Package"
---------------
* Failed RPM verification
#. Run ``rpm -V PACKAGE``
#. Add configuration files (the ones with "c" next to them in the
verification output) to ``/var/lib/bcfg2/Cfg/``.
* For example, ``/etc/motd`` to ``/var/lib/bcfg2/Cfg/etc/motd/motd``.
Yes, there is an extra directory level named after the file.
#. Specify configuration files as ``<Path name='PATH' />`` in the Base
or Bundler configuration.
#. Add directories to ``/var/lib/bcfg2/Rules/directories.xml``. For
example:
.. code-block:: xml
<Rules priority="0">
<Directory name="/etc/cron.hourly" group="root" owner="root" mode="0700" />
<Directory name="/etc/cron.daily" group="root" owner="root" mode="0700" />
</Rules>
* Multiple instances
* Option A: Explicitly list the instances
#. Drop the ``<Package />`` from the Base or Bundler configuration.
#. Add an explicit ``<BoundPackage>`` and ``<Instance />`` configuration
to a new Bundle, like the following:
.. code-block:: xml
<Bundle name='keys'>
<!-- GPG keys -->
<BoundPackage name="gpg-pubkey" type="rpm" version="foo">
<Instance simplefile="/etc/pki/rpm-gpg/RPM-GPG-KEY-EPEL" version="217521f6" release="45e8a532"/>
<Instance simplefile="/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-release" version="37017186" release="45761324"/>
</BoundPackage>
</Bundle>
#. Add the bundle to the applicable groups in
``/var/lib/bcfg2/Metadata/groups.xml``.
* Option B: Disable verification of the package
#. Add ``pkg_checks="false"`` to the ``<Package />`` tag.
For a "Path"
-------------------
* Unclear verification problem (no details from Bcfg2)
1. Run ``bcfg2 -vqI`` to see detailed verification issues (but deny
any suggested actions).
* Permissions mismatch
1. Create an ``info.xml`` file in the same directory as the
configuration file. Example:
.. code-block:: xml
<FileInfo>
<Group name='webserver'>
<Info owner='root' group='root' mode='0652'/>
</Group>
<Info owner='root' group='sys' mode='0651'/>
</FileInfo>
Other troubleshooting tools
===========================
* Generate the physical configuration from the server side::
bcfg2-info buildfile /test test.example.com
* Generate the physical configuration from the client side::
bcfg2 -vqn -c/root/bcfg2-physical.xml
distrib
>
Fedora
>
17
>
i386
>
media
>
updates
>
by-pkgid
>
b50d8ee6d7871fcc13c0677a9364ed59
>
files
>
76
