info.xml

Various file properties for entries served by most generator plugins, including Cfg, SSLCA, and SSHbase, are controlled through the use of info.xml files.

By default, these plugins are set to write files to the filesystem with owner root, group root, and mode 644 (read and write for owner, read only for group and other). These options, and a few others, can be overridden through use of info.xml files. Each config file directory can have a info.xml file if needed.

schema info.xsd

info.xml schema for Bcfg2

element FileInfo

Top-level tag for info.xml.

Child elements:

• element Group

  Type: InfoGroupType

• element Client

  Type: InfoGroupType

• element Path

  Type: InfoGroupType

• element Info

  Attributes:

  Name	Description	Values	Required	Default
  encoding	Encoding of the file for tranfer to the client. Use base64 for binary files.	token	No	ascii
  group	Sets group of the file.	token	No	root
  important	Important entries are installed first during client execution.	true | false	No	false
  mode	Sets the mode of the file from the octal value given.	string	No	0644
  owner	Sets owner of the file.	token	No	root
  paranoid	If true, files that are replaced will be backed up first.	true | false	No	true
  secontext	Sets the SELinux context of the file, or sets to the default context for that path set by policy if set to the special value __default__.	token	No	__default__
  sensitive	The contents of sensitive entries aren’t included in reports.	true | false	No	false

  Child elements:

  • element ACL

    Type: ACLType

complexType InfoGroupType

An InfoGroupType is a info.xml tag used to provide logic. Child entries of such a tag only apply to machines that match the condition specified – membership in a group, a matching client name, or a matching path for the file being generated. negate can be set to negate the sense of the match.

Attributes:

Name	Description	Values	Required	Default
name	The name of the client or group, or the full path to match on. Child entries will only apply to this client or group (unless negate is set).	string	Yes	None
negate	Negate the sense of the match, so that child entries only apply to a client if it is not a member of the given group, does not have the given client name, or the path names do not match.	true | false	No	false

Child elements:

• Info
• Group
• Client
• Path

A sample info.xml file for CGI script on a web server might look like:

<FileInfo>
  <Info owner="www" group="www" mode="0755"/>
</FileInfo>

A more complex example for a template that generates both bcfg2.conf and bcfg2-web.conf might look like this:

<FileInfo>
  <Path name="/etc/bcfg2-web.conf">
    <Info owner="root" group="apache" mode="0640"/>
  </Path>
  <Path name="/etc/bcfg2-web.conf" negate="true">
    <Group name="bcfg2-server">
      <Info owner="bcfg2" group="bcfg2" mode="0600"/>
    </Group>
    <Group name="bcfg2-server" negate="true">
      <Info owner="root" group="root" mode="0600"/>
    </Group>
  </Path>
</FileInfo>

See SELinux for more information on the secontext attribute and managing SELinux in general.

:info and info files

Deprecated since version 1.3.0.

Historically, Bcfg2 also accepted the use of :info and info files, which function the same as info.xml, but are not XML. They lack the ability to specify different permissions based on client, group, or path, and cannot be used to specify ACLs, either.

An example :info or info file would look like:

owner: www
group: www
mode: 0755

All attributes allowed on the <Info> tag of an info.xml file can be used in an :info or info file.

You should not use more than one :info, info, or info.xml file for a single entry.