April 26, 2019

Automate Linux Configuration with cfengine - page 2

Configuration For Everybody

  • September 7, 2005
  • By Carla Schroder

Any host running cfengine can be a cfengine server, which offers all kinds of flexibility, and all kinds of confusion. It is best to stick with a single central master cfengine server until your cfengine skillz are well-honed.


The three most important executables are:


  • cfservd, the cfengine daemon. Must be running on all hosts, uses port 5308
  • cfagent, performs the actual changes on hosts
  • cfexecd, the cfengine scheduler

Also important are

  • cfrun, pushes updates to clients
  • cfkey, the encryption key generator

Understanding the cfengine file structure is a common point of confusion. There were changes between cfengine upgrades, which messes up older howtos. And various Linux distributions have their own ideas about where to put them. Red Hat EL4 uses /var/cfengine. Debian uses /var/lib/cfengine2. I'm sure there are good reasons for the differences. (Yeah. Sure.) And they may be symlinked to /etc/cfengine or other interesting locations, so be prepared for anything. This is the cfengine directory structure as described in the cfengine documentation:

  /bin, contains executables
  /inputs, configuration files live here
    cfagent.conf, performs the actual changes on each host
    cfservd.conf, controls the cfservd daemon
    cfrun.hosts, list of participating hosts
    update.conf, used by cfagent on the master server to copy configuration files and
binaries into the correct locations on servers and clients
  /outputs, home of logfiles
  /ppkeys, encryption keys

Most Popular LinuxPlanet Stories