[rancid] Re: Dedicated nixrancid using clogin...anyone interested
Lance Vermilion
rancid at gheek.net
Mon Mar 1 18:10:21 UTC 2010
Charles,
I hope to actually put some structured code together in the next 5-8
days (before I leave on my honeymoon). I first have to take care of
some higher priority issues here. I will share what I come up with.
Stay tuned.
-lance
On Fri, Feb 26, 2010 at 5:57 PM, Charles Tompkins
<thecomputerking at gmail.com> wrote:
> I am interested and condisidering a rancid deployment for change management
> on server files ATM; I am interested in seeing your work.
>
> I can see nixcollect.db using some additional variability or versions to
> accomodate other system flavors for all the different paths to etc, not to
> mention multiple paths to applications like src-installed (/usr/local/etc)
> vs. maintained packages (/etc) or even /opt.
>
> nixcollect_redhat.db
> nixcollect_debuntu.db
> nixcollect_solaris.db
> . . .
>
> Maybe set your path to etc/ as a variable for the firsthalf of the object
> and rely on your object definition to supply the secondhalf to get to the
> file.
>
> Regards,
> -Charles
>
>
>
> On Feb 26, 2010, at 2:32 PM, Lance Vermilion <rancid at gheek.net> wrote:
>
>> All,
>>
>> I have been thinking. I don't want to go and add something like
>> cfengine or anything else to my existing set of tools. I do want to
>> collect some information and save it, namely files that wouldn't be
>> changing frequently and since I use OpenNMS which has RANCID tied to
>> it already this is a valuable add for me. All I need to do is add a
>> new platform nix that points to nixrancid that uses a slightly
>> modified clogin (to skip sending "term length 0") and then I can
>> capture all sorts of important bits of info on *nix machines. Right
>> now I have played with Linux and I am having quite the success.
>>
>> I want to write a small addition to nixrancid that would then look at
>> an additional file called nixcollect.db. This would allow someone to
>> enable collection based on possible collection bits. So if the
>> platform type of nix was in router.db then nixrancid would look in
>> nixcollect.db to figure out what files to screen scrape.
>>
>> Please let me know if anyone else would be interested in the work I will
>> do.
>>
>> Currently I am thinking to capture a few things.
>>
>> #key files in /etc/
>> /etc/passwd
>> /etc/profile
>> /etc/bashrc
>> /etc/group
>> /etc/sudoers
>> /etc/modprobe
>> /etc/aliases
>> /etc/crontab
>> /etc/grub.conf
>> /etc/shadow
>> /etc/hosts
>> /etc/hosts.allow
>> /etc/hosts.deny
>> /etc/host.conf
>> /etc/multipath.conf
>> /etc/resolv.conf
>> /etc/securetty
>> /etc/services
>> /etc/updatedb.conf
>> /etc/sysctl.conf
>> /etc/inittab
>> /etc/initlog.conf
>> /etc/login.defs
>> /etc/logrotate.conf
>> /etc/logrotate.d/*
>>
>> #syslogd
>> /etc/syslog.conf
>>
>> #syslog-ng
>> /etc/syslog-ng/*
>>
>> #java
>> /etc/java/*
>>
>> #security
>> /etc/security/*
>>
>> #drbd
>> /etc/drbd.conf
>>
>> #snmp
>> /etc/snmp/snmpd.conf
>> /etc/snmp/snmp.local.conf
>>
>> #tomcat
>> /etc/tomcat5/*
>> /etc/sysconfig/tomcat5/
>>
>> #yum/apt-get/etc
>> /etc/yum.conf
>> /etc/yum.repos.d/*.repo
>> /etc/yum/yum-updatesd.conf
>>
>> #ssh
>> /etc/ssh/*
>>
>> #selinux
>> /etc/selinux/config
>> <need to figure out what else really should be captured>
>>
>> #filesystem
>> /etc/fstab
>>
>> #INIT scripts
>> /etc/init.d/*
>>
>> #PAM
>> /etc/pan.d/*
>>
>> #databases - mysql/etc
>> /etc/my.cnf
>>
>> #DNS - bind/named
>> /etc/named.conf
>> /etc/named.caching-nameserver.conf
>> /etc/rfc1912.zones
>> /etc/sysconfig/named
>>
>> #iscsi
>> <need to determine what needs to be collected>
>>
>> #ntp
>> /etc/ntp.conf
>> /etc/ntp/ntpservers
>> /etc/ntp/keys
>> /etc/sysconfig/ntpd
>>
>> #security files - audit
>> /etc/audit/auditd.conf
>> /etc/audit/audit.rules
>> /etc/sysconfig/auditd
>>
>> #iptables
>> /etc/sysconfig/iptables-config
>> /etc/sysconfig/ip6tables-config
>>
>> #Heartbeat
>> /etc/ha.d/haresources
>> /etc/ha.d/ha.cf
>> /etc/ha.d/authkeys
>>
>> #sysconfig stuff
>> /etc/sysconfig/network
>> /etc/sysconfig/network-scripts/ifcfg-*
>> /etc/sysconfig/authconfig
>> /etc/sysconfig/clock
>> /etc/sysconfig/kernel
>> _______________________________________________
>> Rancid-discuss mailing list
>> Rancid-discuss at shrubbery.net
>> http://www.shrubbery.net/mailman/listinfo.cgi/rancid-discuss
>
More information about the Rancid-discuss
mailing list