[osiris] Re: Changing host config file

[Hari Sekhon]

Of course the second route is the desired one but when push-config 
doesn't work due to some bug not allowing you to change the config which 
is used for a host, then scan and immediate re-init with the new config 
is the only solution I can see to get the host using another config.

Unless anyone has a better idea?

-h

dave at terriblelies.net wrote:
> Hari Sekhon wrote:
>   
>>> If you scan, and then re-init the host, the host will have the baseline
>>> database from the re-init and no changes will be shown to you between the
>>> first scan and the re-init.
>>>
>>>       
>> yes but the window of opportunity is very small and basically the
>> re-initialized baseline should be the same as the last known scan state
>> if run __immediately__ in sequence. You will still get any changes
>> thereafter and the baseline should have the same content as the last
>> scan so the integrity of the host should be pretty much consistent,
>> should it not?
>>     
>
> That assumes the config files are scanning the same areas of the system. 
> An init <host> will tell osirismd to drop the old baseline database and
> take a new snapshot of the system with whatever config you issued it in
> the init.
>
> In this manner, if you tell it to use a new config you will not see
> changes between the old config and the new config when the system is
> initialized (or thereafter).
>
> I suppose the implementation of this depends on what a user's requirements
> are for the usage of push-config.  Should a push-config reset the baseline
> database and not warn of changes between the two configs?  Or should a
> push-config simply tell the host to start using a new config and warn of
> any changes between the new config and the last scan using the old config?
>
> I personally feel the second route is in the original spirit of
> push-config.  If you want to accomplish the first scenario, an init <host>
> is all you have to do.
>
> -dave
>
>