Cfengine 3 example unit_neighbourhood_watch.html
#  Copyright (C) Cfengine AS

#  This file is part of Cfengine 3 - written and maintained by Cfengine AS.

#  This program is free software; you can redistribute it and/or modify it
#  under the terms of the GNU General Public License as published by the
#  Free Software Foundation; version 3.

#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.

# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA

# To the extent this program is licensed as part of the Enterprise
# versions of Cfengine, the applicable Commerical Open Source License
# (COSL) may apply to this file if you as a licensee so wish it. See
# included file COSL.txt.

########################################################
#
# Change detect
#
########################################################

body common control

{
bundlesequence  => { "neighbourhood_watch"  };
}

########################################################

bundle agent neighbourhood_watch

{
vars:

  "neighbours" slist => peers("/var/cfengine/inputs/hostlist","#.*",4);

files:

  # Redundant cross monitoring .......................................

  "$(sys.workdir)/nw/$(neighbours)_checksum_digests.db"

     comment => "Watch our peers remote hash tables and keep a local copy",
    copyfrom => rcp("$(sys.workdir)/checksum_digests.db",$(neighbours)),
  depends_on => { "grant_hash_tables" };

  # Define the actual children to watch over .........................

   "/usr/bin"         

      comment     => "Watch over the system binaries - changes are mostly updates",
      changes      => lay_trip_wire,
      depth_search => recurse("inf"),
      action       => measure;

}

#########################################################

body changes lay_trip_wire
{
hash           => "best";
report_changes => "content";
update_hashes  => "yes";
}

#########################################################

body copy_from rcp(from,server)

{
servers     => { "$(server)" };
source      => "$(from)";
compare     => "digest";
encrypt     => "false";
}

##########################################################

body depth_search recurse(d)

{
depth        => "$(d)";
}
}