CFEngine Help: /etc/resolv.conf: if updating, backup first

Tue, 15 Nov 2011 10:15:46 -0800 

Forum: CFEngine Help
Subject: /etc/resolv.conf: if updating, backup first
Author: matt_garman
Link to topic: https://cfengine.com/forum/read.php?3,23954,23954#msg-23954

I'm looking to create a promise that sets up name resolution on my systems; in 
particular, managing the /etc/resolv.conf file.

My first pass uses the cfengine_stdlib.cf and looks like this:

bundle agent resolv  
{
    vars:
        "search"       string => "mydomain.com";
        "nameservers"  slist  => { "192.168.184.7", "192.168.187.103" };

    files:
        "${sys.resolv}"  -> "Some Stakeholder"
             comment     => "Make sure file ${sys.resolv} is correct",
             edit_line   => resolvconf( "${search}", "${nameservers}" );
}


The problem is, this always edits the file.  CFEngine nicely creates the 
"cf-before-edit" backup file... but since it always edits the file, it always 
overwrites the backup.

Consider the scenario where someone didn't know CFE was managing this file, and 
created a local edit.  Then CFE runs twice, now that local edit is gone forever.

So then I thought, I'll just make a backup of the file before I edit it, so I 
did this:

# ... bundlesequence => { "resolv_backup", "resolv" }; ...
bundle agent resolv_backup
{
    vars:
        "backup_file"  string => "${sys.resolv}.backup.${sys.cdate}";

    files:
        "${backup_file}" -> "Some Stakeholder"
             copy_from   => perms_cp("${sys.resolv}");
}


That solves my "local edit lost forever" problem, but results in creating way 
more backups than I need.

What I decided would be best for my situation is as follows:
    - keep a static copy of the target file somewhere within CFE's directory
    - compare the current /etc/resolv.conf to this static copy
    - if the files are the same, do nothing
    - if the files are different, create a backup of /etc/resolv.conf, then 
overwrite with the static file

Expressed as a shell script:

DIFF_RESULT=$(diff -q /etc/resolv.conf.cf-before-edit /etc/resolv.conf)
if [ "x${DIFF_RESULT}" != "x" ]; then 
    cp /etc/resolv.conf /etc/resolv.conf.backup.$(date +%Y%m%d.%k%M%S)
    cp -f /var/cfengine/masterfiles/resolv.conf /etc/resolv.conf
fi


...Which I could just have CFE run for me.  But I'm assuming there's a more 
elegant "CFE-native" way to do such a thing.  What's the right approach here?

Thanks!
Matt

_______________________________________________
Help-cfengine mailing list
[email protected]
https://cfengine.org/mailman/listinfo/help-cfengine

Reply via email to