The configuration of a Unix/Linux computer is done through a collection of
editable (ASCII) files located mostly under the /etc directory tree.
On a local network most computers are configured in an identical or
at least a very similar way: they will have the same base of users, use the
same software, implement the same security strategy ... One of the network
administrator's duties is to maintain these configuration files and keep them
up to date. When the configuration files are identical it is useful if they
can all be maintained centrally from a master file.
The Network Information Service (NIS is also known as the yellow pages)
addresses this issue for a few files like the /etc/passwd file for
example: the data are stored centrally in a database and computers query this
database instead of reading the local file. One of the limitations of NIS is
that it can only be used for the files for which it has been designed. One
can easily create other NIS tables, but for a computer to consult the NIS
server for these new tables, one would usually have to modify some internal
libraries. Another limitation of the
NIS entry is that it only works for files that are identical for all computers,
or at best, the data stored in the NIS table can be added to the content of
the local file (like the passwd file for example).
There are many configuration files that are not implementable as NIS tables but that would benefit from being maintained centrally. Here are a few examples:
/root/.cshrc and /root/.bashrc : the files contain the
standard shell setup for root as well as the definition of useful aliases.
The files are usually identical on all computers. Sourcing a file on a
common file-system can do the trick but this will cause problems when there
are network troubles and so this should not be done for root./etc/printcap : in an environment of networked printers,
many computers will share the same printcap while some computers will
have a different one as those that have a local printer attached to them
will require an extra printcap entry. Nevertheless, many
computers are likely to have identical files. For example if there are
two classrooms of computers say RoomA and RoomB each having their
own printer, the computer in each room will share the same printcap file
each having an entry for the default printer, say lp, referring to the
printer physically
located in that room. Thus one would like to have two centrally managed files,
printcap.RoomA and printcap.RoomB, that will be installed on the
corresponding computers. /etc/X11/XF86Config : under Linux this file contains
configuration parameters for the X library related to the type of video card
and monitor. This file is usually different on every computer, but for
computers fitted with the same hardware, the same file can be used.
To manage these files centrally, we make a copy of each of them in a shared
directory (typically /usr/local/sys/config. We also add a suffix to
their name to distinguish the host they belong to. For example, the file
XF86Config.pc12, printcap.RoomA and root_cshrc.DEFAULT
will be respectively the XF86Config file for the host pc12,
the printcap file for all the computers in the classroom A and
the /root/.cshrc file shared by all computers. If one makes a
modification to the file root_cshrc.DEFAULT, all one has to do to update
/root/.cshrc on every host is to execute the command
# sysf -install root_cshrc -h ALL
Similarly, to update the printcap entry on all computers in class A, we do
# sysf -install printcap -h RoomA
except that this time, the lpd will also be restarted after the new
printcap file has been copied.
As the number of files to maintain can become quite large, the files are split
in different categories each of which correspond to a subdirectory of the
/usr/local/sys/config directory.
Sysf is a tool that helps manage configurations files centrally.
The system configuration files are copied into a common directory mounted on
all computers and which we refer to as the config directory. The system files
are copied with the same, or similar, file name and to identify the hosts or
group of hosts to which they correspond to, a suffix is added to the file
name. The suffix can be of four different types:
XF86Config.pc12 belong to the host pc12.
sysf.conf)
indicates that the file is used for any member of that group. In the
printcap example above, the
groups RoomA and RoomB would contain the names of all the computers
located in the corresponding room and the files printcap.RoomA
and printcap.RoomB will be the corresponding printcap files.
DEFAULT implies that the file must be
used for any host for which there is no specific and no host group file.
For example the file root_cshrc.DEFAULT will be the default
/root/.cshrc file. If a host, say pc12 needs a different
one, one just saves the file for that host as root_cshrc.pc12. Notice that
in this case we use the name root_cshrc instead of .cshrc to make
the file "visible".
SHARED is used for files that are stored on an NFS
mounted partition indicating that every host actually sees the same file.
To avoid having a very large number of files in the same directory, the
configuration files are split in different categories each of which has its
own directory in the config directory. For example the directory (category)
X11 contains all the files related to the X library, filesys
will correspond to the files related to the file system (fstab,
exports, auto.home ...)
The sysf command is used to manage the system configuration files and
their copy. One can copy a system configuration file into its sysf copy and
vice-versa. One can also check that a system configuration file is identical
to its copy or list the difference between the two (as the output of the
diff command). It is also possible to compare the configuration files
of two different hosts. All operations can be performed for a single file as
well as on any group of file. Sysf can also check files for a specific hosts
as well as any group of hosts. For example, the command
sysf -check ALL -host ALL
lists all the system files which differ from their copy on all the hosts.
sysf -diff printcap -host RoomA
lists the differences between the printcap system files and their copies
for all the computers belonging to the host group RoomA.
The sysf command can also execute some auxiliary commands to perform
further configuration tasks. For example, after the printcap file has
been modified one should restart the lpd daemon. This can be done by
configuring sysf to execute a specific command, usually a script file,
to perform that operation each time the printcap file is updated.
Sysf is configured by two files, both in the config directory. The
file sysf.conf lists all the configuration files together with the group
they belong to as well as some flags used to control the execution of
auxiliary commands. The file hosts.conf lists all the host groups.
The strength of sysf is to simplify the maintenance of the system files
across a network and in particular:
inetd.conf or hosts.allow that implement some security policy.
Aside from helping the management of a large number of configuration files,
the config directory can be used as a backup copy of all configuration
files of all computers on the network. Should a computer need to be
reinstalled from
scratch all the information is contained in the config directory. The only
two missing parts are the user data files, which should be stored carefully and
be thoroughly backed up, and the software installed on the computer (which
one can reinstall from CD or other media). If one used rpm, the
sysf rpm.list entry described below will provide the list of rpms that
were installed.
Before we continue, we must define some terminology used in this manual:
sysf.conf and hosts.conf files
used to configure sysf and the BIN directory containing the
auxiliary commands. The other directories correspond to the different
groups of files and contain the config files.sysf and grouped together in separate directories. The name of the
config file are of the form CONFIG_NAME.SUFFIX where the prefix is the
config name and where the suffix can be a host name, a host group name,
DEFAULT or SHARED.root_cshrc instead
of .cshrc. The prefix of the config file is usually identical to the
the config name but it doesn't have to be. sysf can execute some auxiliary commands,
written by the administrator, to perform further configuration operations.
The executable, usually script files, are in the BIN directory and are
named after the config name.
The config directory, typically /usr/local/sys/config is where
all the configuration files are saved. This directory must be accessible
from every host. It is thus normally somewhere on an NFS mounted directory.
The directory must contain the
files sysf.conf, which lists all the configuration files (cfr. below),
and hosts.conf which lists all the hosts and host groups. The BIN
directory contains the auxiliary commands, typically shell script, that one
can write to perform further operations.
We illustrate below the structure of config directory by listing a few of the
files it might contain. In the example, pc1 and pc2 would be the
name of two hosts, lprsever would be the print server while
MATROX and ELSA will be host groups corresponding to the computers
fitted with Matrox and Elsa graphic cards respectively.
../config/
|
+ sysf.conf
|
+ hosts.conf
|
+ BIN/
| |
| + crontab
| |
| + printcap
|
+ etc/
| |
| + fstab.pc1
| |
| + fstab.pc2
| |
| + printcap.DEFAULT
| |
| + printcap.lprsever
|
+ local/
| |
| + motd.SHARED
|
+ X11/
|
+ XF86Config.MATROX
|
+ XF86Config.ELSA
|
+ Xsession.DEFAULT
The config directory also contains one directory for each group of files. The config files belonging to a given group are saved in the corresponding directory.
The config files are stored in a sub-directory of the config directory
(or group), as listed in the 2nd column of the sysf.conf file.
The name of the config file is given by the 4th column in the
sysf.conf file followed by a suffix which can be a host name (in lower
case) a host group name (usually in upper case). DEFAULT or SHARED.
To determine the config file of a given host, sysf searches first for the
file with the hostname extension. If there isn't one, sysf scans all the host
groups the host belongs to (in the same order as they appear in the
hosts.conf file) and takes the first file found with the matching
suffix. If this fails, the DEFAULT file is used, and if there isn't any,
the system file is considered as not being defined for that host.
The suffix SHARED is used for the sysf entries which have the
s flag set (cfr below).
The system files are most of the time the files used directly by the operating
system. The filenames and the locations of these files are fixed by
the operating system vendors. Rather than maintaining all the system files
with sysf one should maintain only the ones that have been modified after
the installation of the operating system.
Some of the system files are special in that they are not editable files. An
example is the standard Unix crontab file; the crontab entries are stored in a
binary file but can be listed by executing the command crontab -l.
The list of installed Red Hat packages (rpms) is another example of a system
files stored in a binary format. The list of packages can be obtained with the
command rpm -qa. To work properly, sysf must first create a
temporary file containing the relevant information which can then be compared
to the corresponding config file. Both the crontab and the rpm.list
entries have the C flag set in the sysf.conf telling sysf
to execute the corresponding auxiliary command to create the system file each
time a sysf command is executed.