cfengine  3.15.4
About: CFEngine is a configuration management system for configuring and maintaining Unix-like computers (using an own high level policy language). Community version.
  Fossies Dox: cfengine-3.15.4.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

cf-agent.c File Reference
#include <platform.h>
#include <generic_agent.h>
#include <actuator.h>
#include <audit.h>
#include <cleanup.h>
#include <eval_context.h>
#include <verify_classes.h>
#include <verify_databases.h>
#include <verify_environments.h>
#include <verify_exec.h>
#include <verify_methods.h>
#include <verify_processes.h>
#include <verify_packages.h>
#include <verify_users.h>
#include <verify_services.h>
#include <verify_storage.h>
#include <verify_files.h>
#include <verify_files_utils.h>
#include <verify_vars.h>
#include <addr_lib.h>
#include <files_names.h>
#include <files_interfaces.h>
#include <files_repository.h>
#include <files_edit.h>
#include <files_properties.h>
#include <item_lib.h>
#include <vars.h>
#include <conversion.h>
#include <expand.h>
#include <locks.h>
#include <scope.h>
#include <matching.h>
#include <match_scope.h>
#include <instrumentation.h>
#include <promises.h>
#include <unix.h>
#include <attributes.h>
#include <communication.h>
#include <signals.h>
#include <nfs.h>
#include <processes_select.h>
#include <list.h>
#include <fncall.h>
#include <rlist.h>
#include <agent-diagnostics.h>
#include <known_dirs.h>
#include <cf-agent-enterprise-stubs.h>
#include <syslog_client.h>
#include <man.h>
#include <bootstrap.h>
#include <policy_server.h>
#include <misc_lib.h>
#include <buffer.h>
#include <loading.h>
#include <conn_cache.h>
#include <net.h>
#include <package_module.h>
#include <string_lib.h>
#include <cfnet.h>
#include <repair.h>
#include <dbm_api.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <mod_common.h>
#include <ornaments.h>
Include dependency graph for cf-agent.c:

Go to the source code of this file.

Functions

static void ThisAgentInit (void)
 
static GenericAgentConfigCheckOpts (int argc, char **argv)
 
static char ** TranslateOldBootstrapOptionsSeparate (int *argc_new, char **argv)
 
static char ** TranslateOldBootstrapOptionsConcatenated (int argc, char **argv)
 
static void FreeFixedStringArray (int size, char **array)
 
static void CheckAgentAccess (const Rlist *list, const Policy *policy)
 
static void KeepControlPromises (EvalContext *ctx, const Policy *policy, GenericAgentConfig *config)
 
static PromiseResult KeepAgentPromise (EvalContext *ctx, const Promise *pp, void *param)
 
static void NewTypeContext (TypeSequence type)
 
static void DeleteTypeContext (EvalContext *ctx, TypeSequence type)
 
static PromiseResult ParallelFindAndVerifyFilesPromises (EvalContext *ctx, const Promise *pp)
 
static bool VerifyBootstrap (void)
 
static void KeepPromiseBundles (EvalContext *ctx, const Policy *policy, GenericAgentConfig *config)
 
static void KeepPromises (EvalContext *ctx, const Policy *policy, GenericAgentConfig *config)
 
static int NoteBundleCompliance (const Bundle *bundle, int save_pr_kept, int save_pr_repaired, int save_pr_notkept, struct timespec start)
 
static void AllClassesReport (const EvalContext *ctx)
 
static bool HasAvahiSupport (void)
 
static int AutomaticBootstrap (GenericAgentConfig *config)
 
static void BannerStatus (PromiseResult status, char *type, char *name)
 
static PromiseResult DefaultVarPromise (EvalContext *ctx, const Promise *pp)
 
static void WaitForBackgroundProcesses ()
 
int main (int argc, char *argv[])
 
static void ConfigureBootstrap (GenericAgentConfig *config, const char *argument)
 
PromiseResult ScheduleAgentOperations (EvalContext *ctx, const Bundle *bp)
 
static void LogVariableValue (const EvalContext *ctx, const Promise *pp)
 

Variables

int PR_KEPT
 
int PR_REPAIRED
 
int PR_NOTKEPT
 
static bool ALLCLASSESREPORT = false
 
static bool ALWAYS_VALIDATE = false
 
static bool CFPARANOID = false
 
static bool PERFORM_DB_CHECK = false
 
static const RlistACCESSLIST = NULL
 
static int CFA_BACKGROUND = 0
 
static int CFA_BACKGROUND_LIMIT = 1
 
static ItemPROCESSREFRESH = NULL
 
static const char *const AGENT_TYPESEQUENCE []
 
static const char *const CF_AGENT_SHORT_DESCRIPTION
 
static const char *const CF_AGENT_MANPAGE_LONG_DESCRIPTION
 
static const struct option OPTIONS []
 
static const char *const HINTS []
 

Function Documentation

◆ AllClassesReport()

◆ AutomaticBootstrap()

static int AutomaticBootstrap ( GenericAgentConfig config)
static

Definition at line 2150 of file cf-agent.c.

References ProgrammingError.

Referenced by ConfigureBootstrap().

◆ BannerStatus()

static void BannerStatus ( PromiseResult  status,
char *  type,
char *  name 
)
static

◆ CheckAgentAccess()

◆ CheckOpts()

static GenericAgentConfig * CheckOpts ( int  argc,
char **  argv 
)
static

Definition at line 417 of file cf-agent.c.

References GenericAgentConfig::agent, GenericAgentConfig::agent_specific, AGENT_TYPE_AGENT, AgentDiagnosticsAllChecks(), AgentDiagnosticsResultNew(), AgentDiagnosticsRun(), AgentDiagnosticsRunAllChecksNova(), GenericAgentConfig::bootstrap_argument, GenericAgentConfig::bootstrap_trigger_policy, GenericAgentConfig::bootstrap_trust_server, CF_AGENT_MANPAGE_LONG_DESCRIPTION, CF_AGENT_SHORT_DESCRIPTION, ConfigureBootstrap(), DoCleanupAndExit(), DONTDO, extension_libraries_disable(), FileWriter(), FileWriterDetach(), FreeFixedStringArray(), GenericAgentConfigNewDefault(), GenericAgentConfigParseArguments(), GenericAgentConfigParseColor(), GenericAgentConfigSetBundleSequence(), GenericAgentConfigSetInputFile(), GenericAgentWriteVersion(), GetInputDir(), GetLogDir(), getopt_long(), GetStateDir(), GetTTYInteractive(), GetWorkDir(), GenericAgentConfig::heap_negated, GenericAgentConfig::heap_soft, HINTS, GenericAgentConfig::ignore_locks, Log(), LOG_LEVEL_DEBUG, LOG_LEVEL_ERR, LOG_LEVEL_INFO, LOG_LEVEL_VERBOSE, LogEnableModulesFromString(), LoggingEnableTimestamps(), LogSetGlobalLevel(), LogSetGlobalLevelArgOrExit(), ManPageWrite(), MINUSF, option::name, NULL, optarg, optind, OPTIONS, PERFORM_DB_CHECK, RlistDestroy(), RlistFromSplitString(), setenv_wrapper(), GenericAgentConfig::show_evaluated_classes, GenericAgentConfig::show_evaluated_variables, StringEqual(), StringEqual_IgnoreCase(), StringSetDestroy(), StringSetFromString(), StringSetJoin(), TIMING, TranslateOldBootstrapOptionsConcatenated(), TranslateOldBootstrapOptionsSeparate(), WriterWriteF(), WriterWriteHelp(), and xstrdup().

Referenced by main().

◆ ConfigureBootstrap()

◆ DefaultVarPromise()

◆ DeleteTypeContext()

◆ FreeFixedStringArray()

static void FreeFixedStringArray ( int  size,
char **  array 
)
static

Definition at line 788 of file cf-agent.c.

References free().

Referenced by CheckOpts().

◆ HasAvahiSupport()

static bool HasAvahiSupport ( void  )
static

Definition at line 2145 of file cf-agent.c.

Referenced by ConfigureBootstrap().

◆ KeepAgentPromise()

◆ KeepControlPromises()

static void KeepControlPromises ( EvalContext ctx,
const Policy policy,
GenericAgentConfig config 
)
static

Definition at line 848 of file cf-agent.c.

References ACCESSLIST, AddFilenameToListOfSuspicious(), GenericAgentConfig::agent, AGENT_CONTROL_ABORTBUNDLECLASSES, AGENT_CONTROL_ABORTCLASSES, AGENT_CONTROL_ADDCLASSES, AGENT_CONTROL_AGENTACCESS, AGENT_CONTROL_AGENTFACILITY, AGENT_CONTROL_ALLCLASSESREPORT, AGENT_CONTROL_ALWAYSVALIDATE, AGENT_CONTROL_BINDTOINTERFACE, AGENT_CONTROL_CHECKSUM_ALERT_TIME, AGENT_CONTROL_CHILDLIBPATH, AGENT_CONTROL_DEFAULTCOPYTYPE, AGENT_CONTROL_DRYRUN, AGENT_CONTROL_EDITFILESIZE, AGENT_CONTROL_ENVIRONMENT, AGENT_CONTROL_EXPIREAFTER, AGENT_CONTROL_FAUTODEFINE, AGENT_CONTROL_FSINGLECOPY, AGENT_CONTROL_HASHUPDATES, AGENT_CONTROL_IFELAPSED, AGENT_CONTROL_INFORM, AGENT_CONTROL_MAX_CHILDREN, AGENT_CONTROL_MAXCONNECTIONS, AGENT_CONTROL_MOUNTFILESYSTEMS, AGENT_CONTROL_REFRESH_PROCESSES, AGENT_CONTROL_REPCHAR, AGENT_CONTROL_REPORTCLASSLOG, AGENT_CONTROL_REPOSITORY, AGENT_CONTROL_SECUREINPUT, AGENT_CONTROL_SELECT_END_MATCH_EOF, AGENT_CONTROL_SKIPIDENTIFY, AGENT_CONTROL_SUSPICIOUSNAMES, AGENT_CONTROL_TIMEOUT, AGENT_CONTROL_VERBOSE, GenericAgentConfig::agent_specific, AGENT_TYPE_AGENT, ALLCLASSESREPORT, ALWAYS_VALIDATE, BooleanFromString(), bwlimit_kbytes, CF_DATA_TYPE_NONE, CF_DATA_TYPE_STRING_LIST, CF_MAXVARSIZE, CF_MOUNTALL, CF_PERSISTENCE, CFA_BACKGROUND_LIMIT, CFA_CONTROLBODY, CFA_MAXTHREADS, CFPARANOID, CheckAgentAccess(), Constraint_::classes, COMMON_CONTROL_BWLIMIT, COMMON_CONTROL_FIPS_MODE, COMMON_CONTROL_LASTSEEN_EXPIRE_AFTER, COMMON_CONTROL_MAX, COMMON_CONTROL_SYSLOG_HOST, COMMON_CONTROL_SYSLOG_PORT, CommonControlFromString(), CONNTIMEOUT, CONTEXT_SCOPE_NAMESPACE, ControlBodyConstraints(), DEFAULT_COPYTYPE, DONTDO, DoubleFromString(), EDITFILESIZE, EvalContextAllClassesLoggingEnable(), EvalContextClassPutSoft(), EvalContextHeapAddAbort(), EvalContextHeapAddAbortCurrentBundle(), EvalContextSetSelectEndMatchEof(), EvalContextVariableControlCommonGet(), EvalContextVariableGet(), FIPS_MODE, free(), GetErrorStr(), IntFromString(), IsDefinedClass(), LASTSEENEXPIREAFTER, Log(), LOG_LEVEL_ERR, LOG_LEVEL_INFO, LOG_LEVEL_NOTICE, LOG_LEVEL_VERBOSE, LogGetGlobalLevel(), LogLevelToString(), LogSetGlobalLevel(), ConstraintSyntax_::lval, Constraint_::lval, MAX, Nova_Initialize(), NULL, PrependItem(), PROCESSREFRESH, putenv_wrapper(), GenericAgentConfig::report_class_log, RlistScalarValue(), RlistToString(), SeqAt(), SeqLength(), SetBindInterface(), SetChecksumUpdatesDefault(), setenv_wrapper(), SetFacility(), SetFileAutoDefineList(), SetRepositoryChar(), SetRepositoryLocation(), SetSkipIdentify(), SetSyslogHost(), SetSyslogPort(), SINGLE_COPY_CACHE, SINGLE_COPY_LIST, StringEqual(), StringSetNew(), strlcpy(), VarRefDestroy(), VarRefParseFromScope(), VEXPIREAFTER, VIFELAPSED, and WouldLog().

Referenced by KeepPromises().

◆ KeepPromiseBundles()

◆ KeepPromises()

static void KeepPromises ( EvalContext ctx,
const Policy policy,
GenericAgentConfig config 
)
static

Definition at line 833 of file cf-agent.c.

References EvalAborted(), KeepControlPromises(), and KeepPromiseBundles().

Referenced by CheckFileChanges(), and main().

◆ LogVariableValue()

◆ main()

◆ NewTypeContext()

◆ NoteBundleCompliance()

static int NoteBundleCompliance ( const Bundle bundle,
int  save_pr_kept,
int  save_pr_repaired,
int  save_pr_notkept,
struct timespec  start 
)
static

◆ ParallelFindAndVerifyFilesPromises()

◆ ScheduleAgentOperations()

◆ ThisAgentInit()

static void ThisAgentInit ( void  )
static

◆ TranslateOldBootstrapOptionsConcatenated()

static char ** TranslateOldBootstrapOptionsConcatenated ( int  argc,
char **  argv 
)
static

Definition at line 766 of file cf-agent.c.

References Log(), LOG_LEVEL_WARNING, xcalloc(), and xstrdup().

Referenced by CheckOpts().

◆ TranslateOldBootstrapOptionsSeparate()

static char ** TranslateOldBootstrapOptionsSeparate ( int *  argc_new,
char **  argv 
)
static

Definition at line 690 of file cf-agent.c.

References Log(), LOG_LEVEL_WARNING, xcalloc(), and xstrdup().

Referenced by CheckOpts().

◆ VerifyBootstrap()

static bool VerifyBootstrap ( void  )
static

◆ WaitForBackgroundProcesses()

static void WaitForBackgroundProcesses ( )
static

Definition at line 2157 of file cf-agent.c.

References errno, Log(), LOG_LEVEL_VERBOSE, and NULL.

Referenced by main().

Variable Documentation

◆ ACCESSLIST

const Rlist* ACCESSLIST = NULL
static

Definition at line 111 of file cf-agent.c.

Referenced by CheckAgentAccess(), and KeepControlPromises().

◆ AGENT_TYPESEQUENCE

const char* const AGENT_TYPESEQUENCE[]
static
Initial value:
=
{
"meta",
"vars",
"defaults",
"classes",
"users",
"files",
"packages",
"guest_environments",
"methods",
"processes",
"services",
"commands",
"storage",
"databases",
"reports",
}
#define NULL
Definition: getopt1.c:56

Definition at line 118 of file cf-agent.c.

Referenced by ScheduleAgentOperations().

◆ ALLCLASSESREPORT

bool ALLCLASSESREPORT = false
static

Definition at line 106 of file cf-agent.c.

Referenced by KeepControlPromises(), and main().

◆ ALWAYS_VALIDATE

bool ALWAYS_VALIDATE = false
static

Definition at line 107 of file cf-agent.c.

Referenced by KeepControlPromises(), and main().

◆ CF_AGENT_MANPAGE_LONG_DESCRIPTION

const char* const CF_AGENT_MANPAGE_LONG_DESCRIPTION
static
Initial value:
=
"cf-agent evaluates policy code and makes changes to the system. Policy bundles are evaluated in the order of the "
"provided bundlesequence (this is normally specified in the common control body). "
"For each bundle, cf-agent groups promise statements according to their type. Promise types are then evaluated in a preset "
"order to ensure fast system convergence to policy.\n"

Definition at line 171 of file cf-agent.c.

Referenced by CheckOpts().

◆ CF_AGENT_SHORT_DESCRIPTION

const char* const CF_AGENT_SHORT_DESCRIPTION
static
Initial value:
=
"evaluate CFEngine policy code and actuate change to the system."

Definition at line 168 of file cf-agent.c.

Referenced by CheckOpts().

◆ CFA_BACKGROUND

int CFA_BACKGROUND = 0
static

Definition at line 113 of file cf-agent.c.

Referenced by main(), and ParallelFindAndVerifyFilesPromises().

◆ CFA_BACKGROUND_LIMIT

int CFA_BACKGROUND_LIMIT = 1
static

Definition at line 114 of file cf-agent.c.

Referenced by KeepControlPromises(), and ParallelFindAndVerifyFilesPromises().

◆ CFPARANOID

bool CFPARANOID = false
static

Definition at line 108 of file cf-agent.c.

Referenced by CheckAgentAccess(), and KeepControlPromises().

◆ HINTS

const char* const HINTS[]
static
Initial value:
=
{
"Bootstrap CFEngine to the given policy server IP, hostname or :avahi (automatic detection)",
"Set or override bundlesequence from command line",
"Override the default /var/cfengine work directory for testing (same as setting CFENGINE_TEST_OVERRIDE_WORKDIR)",
"Enable debugging output",
"Define a list of comma separated classes to be defined at the start of execution",
"Run checks to diagnose a CFEngine agent installation",
"All talk and no action mode - make no changes, only inform of promises not kept",
"Specify an alternative input file than the default. This option is overridden by FILE if supplied as argument.",
"Print the help message",
"Print basic information about changes made to the system, i.e. promises repaired",
"Specify how detailed logs should be. Possible values: 'error', 'warning', 'notice', 'info', 'verbose', 'debug'",
"Define a list of comma separated classes to be undefined at the start of execution",
"Ignore locking constraints during execution (ifelapsed/expireafter) if \"too soon\" to run",
"Output verbose information about the behaviour of the agent",
"Output the version of the software",
"Output timing information on console when in verbose mode",
"Possible values: 'yes' (default, trust the server when bootstrapping), 'no' (server key must already be trusted)",
"Enable colorized output. Possible values: 'always', 'auto', 'never'. If option is used, the default value is 'auto'",
"Disable extension loading (used while upgrading)",
"Log timestamps on each line of log output",
"Enable even more detailed debug logging for specific areas of the implementation. Use together with '-d'. Use --log-modules=help for a list of available modules",
"Show *final* evaluated classes, including those defined in common bundles in policy. Optionally can take a regular expression.",
"Show *final* evaluated variables, including those defined without dependency to user-defined classes in policy. Optionally can take a regular expression.",
"Do not run policy as the last step of the bootstrap process",
"Do not run database integrity checks and repairs at startup",
}

Definition at line 208 of file cf-agent.c.

Referenced by CheckOpts().

◆ OPTIONS

const struct option OPTIONS[]
static
Initial value:
=
{
{"bootstrap", required_argument, 0, 'B'},
{"bundlesequence", required_argument, 0, 'b'},
{"workdir", required_argument, 0, 'w'},
{"debug", no_argument, 0, 'd'},
{"define", required_argument, 0, 'D'},
{"self-diagnostics", optional_argument, 0, 'x'},
{"dry-run", no_argument, 0, 'n'},
{"file", required_argument, 0, 'f'},
{"help", no_argument, 0, 'h'},
{"inform", no_argument, 0, 'I'},
{"log-level", required_argument, 0, 'g'},
{"negate", required_argument, 0, 'N'},
{"no-lock", no_argument, 0, 'K'},
{"verbose", no_argument, 0, 'v'},
{"version", no_argument, 0, 'V'},
{"timing-output", no_argument, 0, 't'},
{"trust-server", optional_argument, 0, 'T'},
{"color", optional_argument, 0, 'C'},
{"no-extensions", no_argument, 0, 'E'},
{"timestamp", no_argument, 0, 'l'},
{"log-modules", required_argument, 0, 0},
{"show-evaluated-classes", optional_argument, 0, 0 },
{"show-evaluated-vars", optional_argument, 0, 0 },
{"skip-bootstrap-policy-run", no_argument, 0, 0 },
{"skip-db-check", optional_argument, 0, 0 },
{NULL, 0, 0, '\0'}
}
#define no_argument
Definition: getopt.h:98
#define required_argument
Definition: getopt.h:99
#define optional_argument
Definition: getopt.h:100

Definition at line 171 of file cf-agent.c.

Referenced by CheckOpts().

◆ PERFORM_DB_CHECK

bool PERFORM_DB_CHECK = false
static

Definition at line 109 of file cf-agent.c.

Referenced by CheckOpts(), and main().

◆ PR_KEPT

int PR_KEPT
extern

Definition at line 32 of file audit.c.

Referenced by NoteBundleCompliance(), and ScheduleAgentOperations().

◆ PR_NOTKEPT

int PR_NOTKEPT
extern

Definition at line 34 of file audit.c.

Referenced by NoteBundleCompliance(), and ScheduleAgentOperations().

◆ PR_REPAIRED

int PR_REPAIRED
extern

Definition at line 33 of file audit.c.

Referenced by NoteBundleCompliance(), and ScheduleAgentOperations().

◆ PROCESSREFRESH

Item* PROCESSREFRESH = NULL
static

Definition at line 116 of file cf-agent.c.

Referenced by KeepControlPromises(), and ScheduleAgentOperations().