NAME | DESCRIPTION | EXAMPLES | SEE ALSO
The bart(1MCM) command generates a manifest that describes the contents of a managed host. A manifest consists of a header and entries. Each entry represents a single file. Entries are sorted in ascending order by file name. Any nonstandard file names, such as those that contain embedded newline or tab characters, have the special characters quoted prior to being sorted. See Quoting Syntax.
Lines that begin with ! supply metadata about the manifest. The manifest version line indicates the manifest specification version. The date line shows the date on which the manifest was created, in date(1) form.
Some lines are ignored by the manifest comparison tool. Ignored lines include blank lines, lines that consist only of white space, and comments that begin with #.
In addition to metadata lines, the header contains the format comment block. This comment block lists the attributes reported for each file type.
To see the format of an manifest file, see EXAMPLES.
fname D size mode acl dirmtime uid gid [xattr xcontents]* fname P size mode acl mtime uid gid [xattr xcontents]* fname S size mode acl mtime uid gid [xattr xcontents]* fname F size mode acl mtime uid gid contents [xattr xcontents]* fname L size mode acl lnmtime uid gid dest [xattr xcontents]* fname B size mode acl mtime uid gid devnode [xattr xcontents]* fname C size mode acl mtime uid gid devnode [xattr xcontents]*
Each entry begins with fname, which is the name of the file. To prevent parsing problems that are caused by special characters embedded in file names, file names are encoded as described in Quoting Syntax.
Subsequent fields represent the following file attributes.
Type of file. Possible values are as follows:
B for a block device node
C for a character device node
D for a directory
F for a file
L for a symbolic link
P for a pipe
S for a socket
File size in bytes.
Octal number that represents the permissions of the file.
ACL attributes for the file. For a file with ACL attributes, this field contains the output from acltotext().
Numerical user ID of the owner of this entry.
Numerical group ID of the owner of this entry.
Last modification time, in seconds since 00:00:00 UTC, January 1, 1970, for directories, links, and other files, respectively.
Checksum value of the file. This attribute is only specified for regular files. If you turn off context checking or if checksums cannot be computed, the value of this field is -.
Destination of a symbolic link.
Value of the device node. This attribute is for character device files and block device files only.
Zero or more checksum values for files with extended attributes. The attributes are described in alphabetical order. If you specify the -n option or the IGNORE contents directive, the value of xcontents is -.
The rules file supports a quoting syntax for representing nonstandard file names.
When generating an manifest for file names that embed tab, space, or newline characters, the special characters are encoded in their octal forms.
Input Character | Quoted Character |
---|---|
(space) | \(space) |
(tab) | \(tab) |
(newline) | \(newline) |
? | \? |
[ | \[ |
* | \* |
The following is a sample system manifest file. The file entries are sorted by the encoded versions of the file names to correctly handle special characters.
! Version 1.0 ! Mon Feb 11 10:55:30 2002 # Format: # fname D size mode acl dirmtime uid gid [xattr xcontents]* # fname P size mode acl mtime uid gid [xattr xcontents]* # fname S size mode acl mtime uid gid [xattr xcontents]* # fname F size mode acl mtime uid gid contents [xattr xcontents]* # fname L size mode acl lnmtime uid gid dest [xattr xcontents]* # fname B size mode acl mtime uid gid devnode [xattr xcontents]* # fname C size mode acl mtime uid gid devnode [xattr xcontents]* /etc D 3584 40755 user::rwx,group::r-x,mask::r-x,other::r-x, 3c6803d7 0 3 /etc/.login F 524 100644 user::rw-,group::r--,mask::r--,other::r--, 3c165878 0 3 27b53d5c3e844af3306f1f12b330b318 /etc/.pwd.lock F 0 100600 user::rw-,group::---,mask::---,other::---, 3c166121 0 0 d41d8cd98f00b204e9800998ecf8427e /etc/.syslog_door L 20 120777 user::rw-,group::r--,mask::rwx,other::r--, 3c6803d5 0 0 /var/run/syslog_door /etc/autopush L 16 120777 user::r-x,group::r-x,mask::r-x,other::r-x, 3c165863 0 0 ../sbin/autopush /etc/cron.d/FIFO P 0 10600 user::rw-,group::---,mask::---,other::---, 3c6803d5 0 0 |
NAME | DESCRIPTION | EXAMPLES | SEE ALSO
NAME | DESCRIPTION | EXAMPLES | SEE ALSO
The rules file is a text file that is used by the bart(1MCM) command. The rules file determines which files to validate and which file attributes of those files to ignore.
Some lines are ignored by the manifest comparison tool. Ignored lines include blank lines, lines that consist only of white space, and comments that begin with #.
The rules file supports three directives: CHECK, IGNORE, and a subtree directive, which is an absolute path name and optional pattern matching modifiers. The rules file uses the directives to create logical blocks.
[IGNORE attribute...]* [CHECK] [attribute...]* subtree1 [pattern...]* [IGNORE attribute...]* [CHECK] [attribute...]* subtree2 [pattern...]* subtree3 [pattern...]* subtree4 [pattern...]* [IGNORE attribute...]* [CHECK] [attribute...]* ...
Rule blocks are composed of statements that are created by using directives and arguments. There are three types of blocks.
The first block in the file. The block is considered ``global'' if it specifies CHECK and IGNORE statements, but no previous subtree statement. A global block pertains to all subsequent blocks.
A block that specifies CHECK and IGNORE statements as well as a subtree directive. The rules in this block pertain to files and directories found in the specified subtree.
A block that contains a null CHECK statement, no arguments. This block inherits the global CHECK statements and IGNORE statements.
The order in which CHECK and IGNORE statements appear in blocks is important. The bart command processes CHECK and IGNORE statements in the order in which they are read, with later statements overriding earlier statements.
Subtree specifications must appear one per line. Each specification must begin with an absolute path name. Optionally, each specification can be followed by pattern-matching arguments.
When a file being tracked belongs to more than one subtree directive, bart performs the following resolution steps:
Applies the CHECK and IGNORE statements set in the global block. Note that all CHECK and IGNORE statements are processed in order.
Finds the last subtree directive that matches the file.
Processes the CHECK and IGNORE statements that belong to the last matching subtree directive. These statements are processed in the order in which they are read, overriding global settings.
For a given subtree directive, all pattern matching statements are logically ANDed with the subtree. Patterns have the following syntax:
Wildcards are permitted for both the subtree and pattern matching statements.
The exclamation point (!) character represents logical NOT.
A pattern that terminates with a slash is a subtree. The absence of a slash indicates that the pattern is not a directory. The subtree itself does not require an end slash.
For example, the following subtree example includes the contents of /home/nickiso/src except for object files, core files, and all of the SCCS subtrees. Note that directory names that terminate with .o and directories named core are not excluded because the patterns specified do not terminate with /.
/home/nickiso/src !*.o !core !SCCS/ CHECK all
/home/nickiso/src !*.o !core /home/nickiso/Mail /home/nickiso/docs *.sdw CHECK all IGNORE mtime lnmtime dirmtime
The files included in the previous example are as follows:
Everything under /home/nickiso/src except for *.o and core files
Everything under /home/nickiso/Mail
All files under /home/nickiso/docs that end in *.sdw
For these files, all attributes are checked except for modification times.
The bart command uses CHECK and IGNORE statements to define which attributes to track or ignore. Each attribute has an associated keyword.
The attribute keywords are as follows:
acl
all
contents
dest
devnode
dirmtime
gid
lnmtime
mode
mtime
size
type
uid
xattrs
The all keyword refers to all file attributes. See bart_manifest(4CM).
# Global rules, track everything except dirmtime. CHECK all IGNORE dirmtime # The files in /data* are expected to change, so don't bother # tracking the attributes expected to change. # Furthermore, by specifying ``IGNORE contents,'' you save # time and resources. /data* IGNORE contents mtime size /home/nickiso f* bar/ IGNORE acl # For /usr, apply the global rules. /usr CHECK # Note: Since /usr/tmp follows the /usr block, the /usr/tmp # subtree is subjected to the ``IGNORE all.'' /usr/tmp /home/nickiso *.o /home/nickiso core /home/nickiso/proto IGNORE all
The following files are cataloged based on the sample rules file:
All attributes, except for dirmtime, mtime, size, and contents, are tracked for files under the /data* subtrees.
Files under the /usr subtree, except for /usr/tmp, are cataloged by using the global rules.
If the /home/nickiso/foo.c file exists, its attributes, except for acl and dirmtime, are cataloged.
All .o and core files under /home/nickiso, as well as the /home/nickiso/proto and /usr/tmp subtrees, are ignored.
If the /home/nickiso/bar/foo.o file exists, it is ignored because it is subject to the last block.
NAME | DESCRIPTION | EXAMPLES | SEE ALSO
NAME | DESCRIPTION | EXAMPLES | SEE ALSO
Shared profiles describe how one or more managed hosts are configured with a software stack. Much of the information described by these profiles is the same as described in an installation profile.
A shared profile file name must use the .cmsp suffix, for example, web-server.cmsp.
The shared profile is a set of properties and associated property values, one property per line. The property format is:
property-name=property-value
Lines that contain only whitespace are ignored. Lines whose first non-whitespace character is # or ! are comments. The rest of the lines in the shared profile describe properties.
The property name consists of all the characters in the line starting with the first non-whitespace character and up to, but not including, the first equals sign (=) character.
The property value consists of the rest of the line after the equals sign.
If you want a backslash character to appear in the property value, escape the backslash with another backslash.
The following example shows that the value of the base_config_target_arch property is sun4u.
base_config_target_arch=sun4u
The following example shared profile uses the default values to create one boot environment.
# # Example shared profile for a system with one boot environment. # # This example shared profile assumes a disk that is no smaller than # 7 Gbytes in size. # # You must also specify the following properties with appropriate # values: # # o base_config_flar_archive # Name of the Solaris Flash archive associated with this # shared profile # o base_config_boot_image # Location of the Solaris boot image associated with the # specified Solaris Flash archive # o base_config_sysidcfg_rootpw # Encrypted root password entry, which can be taken from the # password entry in the /etc/shadow file # o base_config_sysidcfg_timezone # Appropriate time zone value from /usr/share/lib/zoneinfo # base_config_target_arch=sun4u base_config_sysidcfg_nameservice=none base_config_sysidcfg_networkinterface=primary base_config_sysidcfg_netmask=255.255.255.0 base_config_sysidcfg_ipv6=no base_config_sysidcfg_defaultroute=none base_config_sysidcfg_systemlocale=C base_config_sysidcfg_terminal=vt100 base_config_sysidcfg_timeserver=localhost base_config_sysidcfg_security_policy=none base_config_be_0_root_device=rootdisk.s0 base_config_be_0_root_size=free base_config_be_0_var_device=rootdisk.s3 base_config_be_0_var_size=1024 base_config_local_swap1_device=rootdisk.s1 base_config_local_swap1_size=2048
The following example shared profile uses the default values to create two boot environments.
# # Example shared profile for a system with two boot environments. # # This example shared profile assumes a disk that is no smaller than # 12 Gbytes in size. # # You must also specify the following properties with appropriate # values: # # o base_config_flar_archive # Name of the Solaris Flash archive associated with this # shared profile # o base_config_boot_image # Location of the Solaris boot image associated with the # specified Solaris Flash archive # o base_config_sysidcfg_rootpw # Encrypted root password entry, which can be taken from the # password entry in the /etc/shadow file # o base_config_sysidcfg_timezone # Appropriate time zone value from /usr/share/lib/zoneinfo # base_config_target_arch=sun4u base_config_sysidcfg_nameservice=none base_config_sysidcfg_networkinterface=primary base_config_sysidcfg_netmask=255.255.255.0 base_config_sysidcfg_ipv6=no base_config_sysidcfg_defaultroute=none base_config_sysidcfg_systemlocale=C base_config_sysidcfg_terminal=vt100 base_config_sysidcfg_timeserver=localhost base_config_sysidcfg_security_policy=none base_config_be_0_root_device=rootdisk.s0 base_config_be_0_root_size=free base_config_be_0_var_device=rootdisk.s3 base_config_be_0_var_size=1024 base_config_be_1_root_device=rootdisk.s4 base_config_be_1_root_size=4096 base_config_be_1_var_device=rootdisk.s5 base_config_be_1_var_size=1024 base_config_local_swap1_device=rootdisk.s1 base_config_local_swap1_size=2048
NAME | DESCRIPTION | EXAMPLES | SEE ALSO
NAME | DESCRIPTION | SEE ALSO
You can change the behavior of the Change Manager application by modifying certain runtime parameters. These parameters are stored in the application configuration file, ichange.cfg. The configuration file is located in the /var/opt/SUNWsymon/cfg directory.
When you make changes to the ichange.cfg file, you must restart the Sun Management Center services before the changes can take effect.
Restart the Sun Management Center services by running the following command as superuser:
# /opt/SUNWsymon/sbin/es-restart -S |
The cmdataroot parameter specifies the location of the Change Manager file hierarchy. cmdataroot points to the root of the Change Manager file hierarchy.
You might want to change the value of this parameter if you are moving the Change Manager repository to a different location.
The default value is the /var/opt/ichange directory.
Following is the Sun Management Center agent parameter:
Sun Management Center agent port to be used. Any update or reinstallation operations in which host parameters do not explicitly specify a value for the agent port will use this one.
The default value is 161.
The following parameters describe job execution characteristics:
Interval to wait for a reboot, update, or reinstallation to complete. This is equivalent to the time it takes for the following events to occur:
Complete the entire software installation, including any finish scripts
The subsequent reboot to return
Any boot-time startup procedures to run
The Sun Management Center agent to reestablish communications with the management server
If the host does not reboot and reestablish agent communications with the Sun Management Center server within the specified time period, the associated management operation will fail with a timeout error.
You might need to change this value if any of the following are true:
A managed host takes an unusually long time to boot.
Your Sun Management Center topology requires a long time to establish server context for a newly configured agent.
A particular software stack takes a long time to install.
Finish and startup scripts take a long time to complete.
The default value is 1800000 milliseconds (30 minutes).
Amount of time to wait for a managed host to shut down after a management operation has requested a reboot. This is effectively the time it takes for a system to complete an init 6 sequence.
If the host does not shut itself down within the specified time, the associated management operation will fail with a timeout error. Thus, you might need to adjust this value if a host or software stack takes an unusually long time to complete its shutdown sequence.
The default value is 300000 milliseconds (5 minutes).
NAME | DESCRIPTION | SEE ALSO