LISA 2000 Abstract
Use of Cfengine for Automated, Multi-Platform Software and Patch
David Ressman and John Valdés, University of Chicago
Good UNIX system administration practice includes among its many
tasks the proper configuration of system files, installation and
maintenance of third party software, and maintenance of system
security, including regular updates of operating system (OS) patches.
For a small number of systems running only one or two OSes, keeping up
with these tasks isn't too difficult. However, as the number of
systems and OSes increase (and the number of staff remains constant),
these chores can quickly become overwhelming.
This paper describes our planning, development, and deployment of
a system that provides automated software distribution, patch
installation, and OS configuration through the integration of GNU
cfengine [Bur95], MySQL [MySQL00], and a few custom written Perl
scripts. It is meant to be less of a tool description and more of a
discussion about the various aspects of designing a multi-platform
software and patch distribution system, and the benefits of
integrating those systems into a configuration management system such
as cfengine. Designing and developing our system has been a time-consuming endeavor, but it has proven to be well worth the effort.