#######
#
# BEGIN update.conf
#
# This script distributes the configuration, a simple file so that,
# if there are syntax errors in the main config, we can still
# distribute a correct configuration to the machines afterwards, even
# though the main config won't parse. It is read and run just before the
# main configuration is parsed.
#
#######
     
control:
     
	Syslog = ( on )  # enable syslog logging

	actionsequence  = ( copy processes tidy )  # Keep this simple and constant
     
	domain          = ( __DOMAIN )  # Needed for remote copy
     
	#
	# Which host/dir is the master for configuration roll-outs?
	#
     
	policyhost      = ( __HOST.__DOMAIN )
	master_cfinput  = ( __CFWORKDIR/masterfiles/inputs )

	AddInstallable  = ( new_cfenvd new_cfservd new_cfexecd )

	#
	# Some convenient variables
	#
     
	workdir         = ( __CFWORKDIR )
	cf_install_dir  = ( __PREFIX/sbin )
     
	# Avoid server contention
     
	SplayTime = ( 5 )
     
############################################################################
     
#
# Make sure there is a local copy of the configuration and
# the most important binaries in case we have no connectivity
# e.g. for mobile stations or during DOS attacks
#
     
copy:
     
	$(master_cfinput)            dest=$(workdir)/inputs
                                 r=inf
                                 mode=700
                                 type=binary
                                 exclude=*-dist
                                 exclude=*.lst
                                 exclude=*~
                                 exclude=#*
                                 server=$(policyhost)
                                 trustkey=true
     
	$(cf_install_dir)/cfagent    dest=$(workdir)/bin/cfagent
                                 mode=755
                                 backup=false
                                 type=checksum
     
	$(cf_install_dir)/cfservd    dest=$(workdir)/bin/cfservd
                                 mode=755
                                 backup=false
                                 type=checksum
                                 define=new_cfservd
     
	$(cf_install_dir)/cfexecd    dest=$(workdir)/bin/cfexecd
                                 mode=755
                                 backup=false
                                 type=checksum
                                 define=new_cfexecd
     
	$(cf_install_dir)/cfenvd     dest=$(workdir)/bin/cfenvd 
                                 mode=755
                                 backup=false
                                 type=checksum
                                 define=new_cfenvd
     
#####################################################################
     
tidy:
     
	#
	# Cfexecd stores output in this directory.
	# Make sure we don't build up files and choke on our own words!
	#
     
	$(workdir)/outputs pattern=* age=7

#####################################################################

processes:

	#
	# Make sure to restart cfenvd or cfservd when the binaries
	# are updated.
	#

	new_cfservd::
		"cfservd"  signal=term restart __CFWORKDIR/bin/cfservd

	new_cfenvd::
		"cfenvd"   signal=kill restart "__CFWORKDIR/bin/cfenvd -H"

	new_cfexecd::
		"cfexecd$" signal=term restart __CFWORKDIR/bin/cfexecd

 
#######
#
# END update.conf
#
#######