User and system configuration using debian packages.
Hi
I have been working on a project now for a week or two to
automate system configuration using debian packages. The idéa
is to make it possible to create users, groups and overwrite
confgi (and other) data using a update script that is runned
after each upgrade. That is why I asked earlier on how to do
that. The big benefit with this concept is that it is really
easy to create a set of packages that can be installed on
several machines using apt. Just select a host or something-else
package that fits what you need.
I have now packages for specific services, hosts and customers
and it works very well.
My question is if anyone else is interested in this and if I
should try to make it available as a debian package (or several).
I also need a good name for it. I have thought of
dpkg-config or debsys-config or similar.
The structure is as follows:
----------------------------
* There is a update-foo (foo is the name of the project). This
tool runs several other tools that configure the system. First
some basic tools and then all scripts that is in /etc/foo.
* The tools use data in /usr/share/foo.
The tools:
----------
* Skel. Data from /usr/share/foo/skel is installed (rsynced into)
the root (/). Later I will implement so that if a file is removed
from /usr/share/foo/skel it will also be removed from the root
but only if it is not a part of a package. How to make that
efficient?
* Users. Users can be created.
A file in /usr/share/foo/users/$user tells what (SMB)CRYPT to use
in the passwd file. What the user should have access too (right
now only shell, sudo and samba). That information is in
/usr/share/foo/users/$package/$user.
* Groups can also be created.
Membership and existance is separated which makes it possible to
have one package that tells if the group should exist and
an other package (customer or access package) that tells who should
have access to which group.
Later I will implement the possiblity to have metagroups that
makes it easier to assign users to groups.
The files are /usr/share/foo/groups/$package/$group/(exist|members).
* Userskel. Like skel above but for (specific or in general) users.
* Patches. If several tools want to make changes to the same file
it is possible to install patches that will be applied to the
system. This is not very well tested but should work fine. The
permissions are kept (using a special wrapperscript) anyway.
* Build helpers (right now just lines in the rules file when
building the admin script) which helps create the package.
Well this is just a brief idéa on how it works. Today it exists
but I want to know if anyone have other idéas or if anyone is
interested in this.
And some questions to you have read this far. :)
* What should such a project be named?
* What is the best way to remove CVS data from the package. I have
all configuration packages in CVS but want to get rid of the CVS
dirs when installing.
Have tried.
find $dir -depth -type d -name CVS -exec rm -Rf {} \;
That works fine on most machines but not on one machine running
potato. :( A bug in find?
-find $dir -type d -name CVS -exec rm -Rf {} \;
Works but is very ugly, because it prints a lot of errors.
find $dir -type d -name CVS | {
while read LINE ; do
rm -Rf $LINE
done
}
Works on all systems I have tested but is not very beautiful code.
* Can anyone tell how the dh_installfoo scipts know what
packages it should install to. Does it parse the control file
and read the $package.extension file manually? If so that is
not a problem but it should be convenient if the information can
be obtained in a easier way. :)
Well that is about it. What do you think about it?
PS. Please cc me directly because I do not have the time to read
debian-devel right now. I'm hacking on this project too much. :)
DS.
--
--------------------- Ola Lundqvist ---------------------------
/ opal@debian.org Björnkärrsgatan 5 A.11 \
| opal@lysator.liu.se 584 36 LINKÖPING |
| +46 (0)13-17 69 83 +46 (0)70-332 1551 |
| http://www.opal.dhs.org UIN/icq: 4912500 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------
Reply to: