www.delorie.com/gnu/docs/cfengine/cfengine-Reference_123.html   search  
 
Buy GNU books!


GNU cfengine

[ < ] [ > ]   [ << ] [ Up ] [ >> ]         [Top] [Contents] [Index] [ ? ]

4. Cfservd and cfrun reference

4.1 control  
4.2 admit, grant and deny  
4.3 cfrun  
4.4 Firewalls and NATs  

The server daemon is controlled by a file called `cfservd.conf'. The syntax of this configuration file is deliberately modelled on cfengine's own configuration file, but despite the similarities, they are separate.

You can use groups and import in both files to break up files into convenient modules and to import common resources, such as lists of groups. Note that the classes in the `cfservd.conf' file do not tell you the classes of host which have access to files and directories, but rather which classes of host pay attention to the access and deny commands when the file is parsed.

Authentication is not by class or group but by hostname, like the `/etc/exports' file on most Unix systems. The syntax for the file is as follows:

 
 control:

   classes::

       domain = ( DNS-domain-name )

       cfrunCommand = ( "script/filename" )  # Quoted

       MaxConnections = ( maximum number of forked daemons )

       ChecksumDatabase = ( filename )

       IfElapsed = ( time-in-minutes )

       DenyBadClocks = ( false )

       AllowConnectionsFrom = ( IP numbers )

       DenyConnectionsFrom = ( IP numbers )

       AllMultipleConnectionsFrom = ( IP numbers )

       TrustKeysFrom  = ( IP numbers )

       AllowUsers = ( mark systemuser )

       LogAllConnections = ( false/true )

       SkipVerify = ( IP numbers )

       DynamicAddresses = ( IP numbers )

 groups:

   Group definitions

 import:

   Files to import

 admit: | grant:

   classes::

      /file-or-directory

        wildcards/hostnames

 deny:

   classes::

      /file-or-directory

        wildcards/hostnames root=hostlist encrypt=true/on

The file consists of a control section and access information.


  webmaster   donations   bookstore     delorie software   privacy  
  Copyright 2003   by The Free Software Foundation     Updated Jun 2003