[NTLUG:Discuss] sed question
MadHat
madhat at unspecific.com
Thu Apr 8 13:02:58 CDT 2004
On Apr 8, 2004, at 12:26 AM, Ralph Green, Jr wrote:
> Val,
> I thought about a solution like this, but I don't think it will be
> robust enough. I need to be able to handle any file ntpd can. If
> there
> are a few thousand of these systems deployed, we are bound to have some
> users monkeying with the files. Low maintenance and reliability are
> diving factors. Those are even above functionality, as long as we are
> minimally functional.
And what most large companies say is..... screw the user that doesn't
follow directions. What we did for other files (we have a firewall and
NTP is not allowed to arbitrary points) is that we have a
/etc/file.conf and an /etc/file.conf.local, any changes they make must
be added to the local conf file as well as the "real" conf file. Each
machine has a classification, and depending on the location and
classification we push out new configs. The new configs are the
standards for that classification in that location, with the contents
of the local conf file tagged onto the end.
A good example is /etc/hosts.allow In it we actually have a section
that reads
# BEGINNING OF CUSTOMIZATION SECTION
# DO NOT DELETE OR MODIFY THE NEXT LINE
# hosts.allow.local will be inserted after this line
...
# END OF CUSTOMIZATION SECTION
If they don't do it right, it gets overwritten when the next update is
pushed.
Basically, with the amount of ways a user can change the file, there is
little you can do to be able to be able to update it and leave random
changes while being robust and actually working. This is just the
pessimism of my experience. YMMV.
> Thanks,
> Ralph
>
> On Wed, 2004-04-07 at 16:07, Val Harris wrote:
>> How about bracketing your Server Lines with unique text? For example:
>>
>> # - - - Sync_Server_Start - - - - - - -
>> server ntppub.tamu.edu
>> server tick.usno.navy.mil
>> # - - - Sync_Server_End - - - - - - - -
More information about the Discuss
mailing list