cf-net

Table of Contents

cf-net can be used to send simple protocol commands to a policy server. It is a Command-Line-Interface (CLI) to the CFEngine network protocol, and a standalone tool. cf-net is not needed or used by any of the other binaries. The tool can be used to send commands like GET and OPENDIR without writing policy. It is in some ways an extremely light-weight version of cf-agent - policy evaluation is replaced with easy to use command line arguments.

Command reference

  --help        , -h       - Print the help message
  --manpage     , -M       - Print the man page
  --host        , -H value - Server hostnames or IPs, comma-separated (defaults to policy server)
  --debug       , -d       - Enable debugging output
  --verbose     , -v       - Enable verbose output
  --inform      , -I       - Enable basic information output

Bootstrapping and cf-key

cf-net needs a key-pair generated by cf-key to communicate with a server. Thus, the easiest way to use cf-net is on a successfully bootstrapped client: $ sudo /var/cfengine/bin/cf-key $ sudo /var/cfengine/bin/cf-agent --bootstrap myhostname $ sudo /var/cfengine/bin/cf-net connect Connected & authenticated successfully to 'myhostname' (myhostname can also be an IP address)

All three commands above are run with sudo, so they access the same key file.

cf-net commands

cf-net syntax follows the general structure: $ cf-net [global options] command [command-specific options/arguments]

Note: cf-net command names are case insensitive, so cf-net get and cf-net GET are equivalent. All other options, arguments and file names are case sensitive.

Help

Description: cf-net help is used to access help pages for cf-net.

Example: ``` $ cf-net help Usage: cf-net [OPTIONS] command

Options: [...] $ cf-net help connect Command: connect Usage: cf-net -H 192.168.50.50,192.168.50.51 connect Description: Checks if host(s) is available by connecting `` **Note:**cf-net --helpcannot be used with arguments likecf-net help`.

Connect

Description: cf-net connect attempts to connect and authenticate to one or more hosts running cf-serverd. If no hostname is specified policy_server.dat is used (this is true for all cf-net commands).

Example: $ sudo /var/cfengine/bin/cf-net -H 192.168.50.50,myhostname,myhostname:5308 connect Connected & authenticated successfully to '192.168.50.50' Connected & authenticated successfully to 'myhostname' Connected & authenticated successfully to 'myhostname:5308' $ sudo /var/cfengine/bin/cf-net connect Connected & authenticated successfully to 'myhostname:5308'

Stat

Description: cf-net stat is similar to UNIX stat, it gives information about a file/directory.

Example: $ cf-net stat /var/cfengine/masterfiles/update.cf myhostname:5308:'/var/cfengine/masterfiles/update.cf' is a regular file $ cf-net stat masterfiles myhostname:5308:'masterfiles' is a directory $ cf-net -I stat masterfiles info: Inform log level enabled info: Detailed stat output: mode = 40700, size = 4096, uid = 0, gid = 0, atime = 1495551229, mtime = 1495551172 myhostname:5308:'masterfiles' is a directory

Get

Description: Performs a stat and then get command, downloading the specified file to the current working directory. Use the -o option to specify output path.

Example: $ cf-net get masterfiles/update.cf $ ls cfengine update.cf $ cf-net get -o test.cf masterfiles/update.cf $ ls cfengine test.cf update.cf

Note: The -o option must come before the remote filename:

Opendir

Description: Similar to UNIX ls, prints everything inside a directory, in no particular order.

Example: $ cf-net opendir masterfiles services sketches cf_promises_validated cfe_internal .. controls templates cf_promises_release_id lib inventory update.cf promises.cf .