Project

General

Profile

Actions

User story #2428

closed

Create a Technique that allows for arbitrary command execution, and optionnaly execute a command based on the output

Added by Nicolas CHARLES over 12 years ago. Updated about 8 years ago.

Status:
Rejected
Priority:
3
Assignee:
Jonathan CLARKE
Category:
Techniques
Target version:
UX impact:
Suggestion strength:
User visibility:
Effort required:
Name check:
Fix check:
Regression:

Description

It wuold be useful to have a Policy Template that would allow for command execution, with all the warning about the fact that executing commands are risky

And if we could use the output of the command to execute other commands, it would be even better

The use case : check if a database exists, and if not create it (with CFEngine 3.3 it will be easier)
  1. execute a command that check the existance of the database
    su - postgres -c "psql -t -c \"select count(1) from pg_catalog.pg_database where datname = 'foo'\"" 
    

If the output is 0, then it has to be created :

su - postgres -c "psql -t -c \"CREATE TABLE foo ....\"" 

(with the mandatory caution about the " and '

Actions #1

Updated by Jonathan CLARKE over 12 years ago

  • Target version changed from 2.3.7 to 2.3.8
Actions #2

Updated by Jonathan CLARKE over 12 years ago

  • Project changed from Rudder to 24
  • Category deleted (Techniques)
Actions #3

Updated by Nicolas PERRON over 12 years ago

  • Category set to Policy Templates

It concerns Policy Templates

Actions #4

Updated by Jonathan CLARKE over 12 years ago

  • Target version changed from 2.3.8 to 2.3.9
Actions #5

Updated by Jonathan CLARKE over 12 years ago

  • Assignee deleted (Matthieu CERDA)
Actions #6

Updated by Nicolas PERRON about 12 years ago

  • Target version changed from 2.3.9 to 2.3.10
Actions #7

Updated by Matthieu CERDA almost 12 years ago

  • Target version changed from 2.3.10 to 2.3.11
Actions #8

Updated by Matthieu CERDA over 11 years ago

  • Target version changed from 2.3.11 to 2.3.12
Actions #9

Updated by Dennis Cabooter over 11 years ago

I need this as well. To use winbind I need to join the domain once. Can anybody tell me what is the status of this proposal? Thanks in advance!

Actions #10

Updated by Jonathan CLARKE over 11 years ago

Dennis Cabooter wrote:

I need this as well. To use winbind I need to join the domain once. Can anybody tell me what is the status of this proposal? Thanks in advance!

This has not been done yet, however we have been working on #3215, which has some similar functionality, and will be re-usable for this.

Let's see if we can get these both moving.

Actions #11

Updated by Matthieu CERDA over 11 years ago

  • Target version changed from 2.3.12 to 2.3.13
Actions #12

Updated by Nicolas CHARLES over 11 years ago

Explained use case for this ticket

11:03:21 < dnns> for example, if i install winbind
11:04:01 < dnns> i need to join the domain *after* configuring winbind
11:05:31 < dnns> so for example i would like to execute "getent passwd AD_USER" and if that returns zero
11:05:41 < dnns> i don't need to do anything
11:05:54 < dnns> if it returns > 0 then I need to join the domain

Actions #13

Updated by Nicolas PERRON over 11 years ago

  • Target version changed from 2.3.13 to 84
Actions #14

Updated by Nicolas PERRON over 11 years ago

  • Target version changed from 84 to 2.4.7
Actions #15

Updated by Nicolas PERRON over 11 years ago

  • Target version changed from 2.4.7 to 2.4.8
Actions #16

Updated by Nicolas PERRON over 11 years ago

  • Target version changed from 2.4.8 to 2.4.9
Actions #17

Updated by Nicolas PERRON about 11 years ago

  • Target version changed from 2.4.9 to 2.4.10
Actions #18

Updated by Nicolas PERRON about 11 years ago

  • Target version changed from 2.4.10 to 2.4.11
Actions #19

Updated by Nicolas PERRON about 11 years ago

  • Target version changed from 2.4.11 to 2.4.12
Actions #20

Updated by Nicolas PERRON about 11 years ago

  • Target version changed from 2.4.12 to 2.4.13
Actions #21

Updated by Vincent MEMBRÉ almost 11 years ago

  • Target version changed from 2.4.13 to 2.6.11

Since version 2.4 is not maintained anymore, retageting this issue to 2.6

Actions #22

Updated by Vincent MEMBRÉ almost 11 years ago

  • Target version changed from 2.6.11 to 2.6.12
Actions #23

Updated by Vincent MEMBRÉ almost 11 years ago

  • Target version changed from 2.6.12 to 2.6.13
Actions #24

Updated by Vincent MEMBRÉ over 10 years ago

  • Target version changed from 2.6.13 to 2.6.14
Actions #25

Updated by Jonathan CLARKE over 10 years ago

  • Target version changed from 2.6.14 to 2.6.16
Actions #26

Updated by Jonathan CLARKE over 10 years ago

  • Target version changed from 2.6.16 to 2.6.17
Actions #27

Updated by Nicolas PERRON over 10 years ago

  • Target version changed from 2.6.17 to 2.6.18
Actions #28

Updated by Matthieu CERDA about 10 years ago

  • Target version changed from 2.6.18 to 2.6.19
Actions #29

Updated by Vincent MEMBRÉ about 10 years ago

  • Target version changed from 2.6.19 to 2.6.20
Actions #30

Updated by François ARMAND almost 10 years ago

  • Project changed from 24 to Rudder
  • Subject changed from Create a Policy Template that allows for arbitrary command execution, and optionnaly execute a command based on the output to Create a Technique that allows for arbitrary command execution, and optionnaly execute a command based on the output
  • Category changed from Policy Templates to Techniques
  • Assignee set to Jonathan CLARKE
  • Priority changed from 2 to 3
  • Target version changed from 2.6.20 to 3.1.0~beta1

Seems quite easy, but I wonder if we still need it since we have "command execution" in ncf/ncf-builder since 2.11. I will say "yes", because it's a really basic thing, and it is strange that it's not present.

Jon, what do you thing about that ? Still needed in our std technique, or dispensable ?

All in all, it won't be done before 3.1.

Actions #31

Updated by Benoît PECCATTE over 9 years ago

  • Status changed from New to Discussion
Actions #32

Updated by Vincent MEMBRÉ over 9 years ago

  • Target version changed from 3.1.0~beta1 to 3.1.0~rc1
Actions #33

Updated by Vincent MEMBRÉ over 9 years ago

  • Target version changed from 3.1.0~rc1 to 3.1.0
Actions #34

Updated by Vincent MEMBRÉ over 9 years ago

  • Target version changed from 3.1.0 to 3.1.1
Actions #35

Updated by Vincent MEMBRÉ over 9 years ago

  • Target version changed from 3.1.1 to 3.1.2
Actions #36

Updated by Vincent MEMBRÉ about 9 years ago

  • Target version changed from 3.1.2 to 3.1.3
Actions #37

Updated by Vincent MEMBRÉ about 9 years ago

  • Target version changed from 3.1.3 to 3.1.4
Actions #38

Updated by Vincent MEMBRÉ about 9 years ago

  • Target version changed from 3.1.4 to 3.1.5
Actions #39

Updated by Vincent MEMBRÉ about 9 years ago

  • Target version changed from 3.1.5 to 3.1.6
Actions #40

Updated by Vincent MEMBRÉ almost 9 years ago

  • Target version changed from 3.1.6 to 3.1.7
Actions #41

Updated by Vincent MEMBRÉ almost 9 years ago

  • Target version changed from 3.1.7 to 3.1.8
Actions #42

Updated by Vincent MEMBRÉ almost 9 years ago

  • Target version changed from 3.1.8 to 3.1.9
Actions #43

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 3.1.9 to 3.1.10
Actions #44

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 3.1.10 to 3.1.11
Actions #45

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 3.1.11 to 3.1.12
Actions #46

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 3.1.12 to 3.1.13
Actions #47

Updated by Vincent MEMBRÉ over 8 years ago

  • Target version changed from 3.1.13 to 3.1.14
Actions #48

Updated by Vincent MEMBRÉ about 8 years ago

  • Target version changed from 3.1.14 to 3.1.15
Actions #49

Updated by Vincent MEMBRÉ about 8 years ago

  • Target version changed from 3.1.15 to 3.1.16
Actions #50

Updated by Vincent MEMBRÉ about 8 years ago

  • Target version changed from 3.1.16 to 3.1.17
Actions #51

Updated by François ARMAND about 8 years ago

  • Status changed from Discussion to Rejected

This is now possible thanks to the technique editor and ncf generic methods.

Actions

Also available in: Atom PDF