NAME
slaughter - Perl Automation Tool
SYNOPSIS
General Options:
--delay Delay for up to N seconds prior to launching. Useful if you have a lot of clients.
--mail Email the output of any LogMessages to the given address.
--role Specify a role for this host, useful for policy writers.
--transports Dump the names of all available transports.
--include Include the specified file in our wrapper content.
File/Policy Fetching:
--prefix The prefix for the transport we're using.
--transport The transport to use for policy/file-fetching
--username The username for the policy-fetch, if appropriate (http-only).
--password The password for the policy-fetch, if appropriate (http-only).
--transport-args Any arguments to pass to the transport (used for rsync/hg/git/svn).
Developing and debugging policies. Note that none of these settings should be
used on the target hosts.
--dump Dump details of the local environment, and immediately exit.
--no-delete Don't delete the compiled perl post-execution.
--no-execute Don't actually execute the downloaded policy.
--skip-cfgfile Don't read the config file.
--allow-nonroot Allow non-root users (also sets --no-execute).
--outfile Write the generated script to this file (also sets --no-delete).
--lockfile Specify the lockfile to use (useful with --allow-nonroot).
--fqdn Spoof the fqdn.
--hostname Spoof the hostname.
Help Options:
--help Show the help information for this script.
--manual Read the manual for this script.
--verbose Show useful debugging information.
--version Show the version number of the slaughter client.
ABOUT
slaughter is a simple system administration and server automation tool, which is designed to download policy files from a central server and execute them locally.
The policy files which are downloaded are perl scripts which are executed with the help of a simple wrapper module - this module provides several new language functions (or primitives) which can be useful to manage systems.
TRANSPORTS
When this tool is invoked it will attempt to fetch a file called "policies/default.policy". This policy may include others, which are fetched in turn and inserted.
The policies, and any associated files, may be fetched via one of several mechanisms:
- git
- http
- local
- mercurial
- rsync
- subversion
The simplest mechanism is HTTP, which can be configured by specifying the prefix-URL of the server from which to download the files, and the transport of 'http'.
Given the configuration:
--transport=http --prefix=http://server.example.org/slaughter/
The client will download the file:
http://server.example.org/slaughter/policies/default.policy
The path "/policies/" is automatically appended to the first fetch, and to all subsequent policies. Similarly all files will be assumed to be beneath the common URL-prefix of:
http://server.example.org/slaughter/files/
There are examples of other transports, including server-setup, in the included file TRANSPORTS.
PRIMITIVES
There are several primitives and variables available to your code which are made available by the various Slaughter modules.
These primitives and variables are described online:
http://www.steve.org.uk/Software/slaughter/primitives/
http://www.steve.org.uk/Software/slaughter/variables/
DEBUGGING
The simplest way to debug a potential problem is to execute slaughter with both the --no-delete
and --verbose
options. This will ensure that once the policy/policies are downloaded and compiled they will be kept.
The result should be that you'll be shown the name of a file - this file may be executed interactively to see what is going on.
You may also invoke slaughter with the --dump
flag which will cause it to display the environmental details it has discovered, and which will be compiled into the policy prior to execution.
The --allow-nonroot
flag permits unprivileged users to run slaughter
and generate the update script. It doesn't allow them to run the generated script. This flag also sets the --no-execute
flag.
You can use --role
, --hostname
and --fqdn
options to spoof particular environments and check the generated update script before deploying.
You can set --outfile
to capture the generated script, instead of sending it to a randomly named tmpfile. This will also set the --no-delete
flag for you.
For example:
slaughter --verbose --skip-cfgfile --allow-nonroot --lockfile=/tmp/slaug.lck \
--transport=local --prefix=/path/to/my/slaughter-policies \
--role=mailserver --hostname=smtp --fqdn=smtp.example.com \
--outfile=GENERATED.pl
CONFIGURATION
The configuration of this tool may be carried out via the command line, however some options may be more naturally supplied in the system-wide configuration file.
For Unix platforms the global configuration file is located at /etc/slaughter/slaughter.conf
, and it may be found at C:/slaughter.conf
for Microsoft Windows systems.
A fully-featured file might look something like this:
#
# Comments start with "#"
#
#
# Be quiet
##
verbose = 0
#
# Sleep for up to 60 seconds prior to working.
#
# This is useful if you have many clients all hitting the same
# central server at the same time (due to NTP and hourly cron
# scheduling for example).
#
delay = 60
#
# Fetch the default policy from http://example.com/slaughter/policies/default.policy
#
# NOTE: "policies/default.policy" is automatically appended.
##
transport = http
prefix = http://example.com/slaughter/
AUTHOR
Steve
--
http://www.steve.org.uk/
LICENSE
Copyright (c) 2010-2015 by Steve Kemp. All rights reserved.
This module is free software; you can redistribute it and/or modify it under the same terms as Perl itself. The LICENSE file contains the full text of the license.