[rancid] Dedicated nixrancid using clogin...anyone interested

Lance Vermilion rancid at gheek.net
Fri Feb 26 19:32:58 UTC 2010


All,

I have been thinking. I don't want to go and add something like
cfengine or anything else to my existing set of tools. I do want to
collect some information and save it, namely files that wouldn't be
changing frequently and since I use OpenNMS which has RANCID tied to
it already this is a valuable add for me. All I need to do is add a
new platform nix that points to nixrancid that uses a slightly
modified clogin (to skip sending "term length 0") and then I can
capture all sorts of important bits of info on *nix machines. Right
now I have played with Linux and I am having quite the success.

I want to write a small addition to nixrancid that would then look at
an additional file called nixcollect.db. This would allow someone to
enable collection based on possible collection bits. So if the
platform type of nix was in router.db then nixrancid would look in
nixcollect.db  to figure out what files to screen scrape.

Please let me know if anyone else would be interested in the work I will do.

Currently I am thinking to capture a few things.

#key files in /etc/
/etc/passwd
/etc/profile
/etc/bashrc
/etc/group
/etc/sudoers
/etc/modprobe
/etc/aliases
/etc/crontab
/etc/grub.conf
/etc/shadow
/etc/hosts
/etc/hosts.allow
/etc/hosts.deny
/etc/host.conf
/etc/multipath.conf
/etc/resolv.conf
/etc/securetty
/etc/services
/etc/updatedb.conf
/etc/sysctl.conf
/etc/inittab
/etc/initlog.conf
/etc/login.defs
/etc/logrotate.conf
/etc/logrotate.d/*

#syslogd
/etc/syslog.conf

#syslog-ng
/etc/syslog-ng/*

#java
/etc/java/*

#security
/etc/security/*

#drbd
/etc/drbd.conf

#snmp
/etc/snmp/snmpd.conf
/etc/snmp/snmp.local.conf

#tomcat
/etc/tomcat5/*
/etc/sysconfig/tomcat5/

#yum/apt-get/etc
/etc/yum.conf
/etc/yum.repos.d/*.repo
/etc/yum/yum-updatesd.conf

#ssh
/etc/ssh/*

#selinux
/etc/selinux/config
<need to figure out what else really should be captured>

#filesystem
/etc/fstab

#INIT scripts
/etc/init.d/*

#PAM
/etc/pan.d/*

#databases - mysql/etc
/etc/my.cnf

#DNS - bind/named
/etc/named.conf
/etc/named.caching-nameserver.conf
/etc/rfc1912.zones
/etc/sysconfig/named

#iscsi
<need to determine what needs to be collected>

#ntp
/etc/ntp.conf
/etc/ntp/ntpservers
/etc/ntp/keys
/etc/sysconfig/ntpd

#security files - audit
/etc/audit/auditd.conf
/etc/audit/audit.rules
/etc/sysconfig/auditd

#iptables
/etc/sysconfig/iptables-config
/etc/sysconfig/ip6tables-config

#Heartbeat
/etc/ha.d/haresources
/etc/ha.d/ha.cf
/etc/ha.d/authkeys

#sysconfig stuff
/etc/sysconfig/network
/etc/sysconfig/network-scripts/ifcfg-*
/etc/sysconfig/authconfig
/etc/sysconfig/clock
/etc/sysconfig/kernel


More information about the Rancid-discuss mailing list