DESCRIPTION

This is the main configuration file for the director. It defines how the Director will access databases, where it finds its secondary configuration, and which runtime options it should use.

OPTIONS

Each entry in the config file is composed of a name of an option followed by a ':' followed by the value of the option, i.e.

AppDirectory: /usr/share/sfidirector

Global Options

AppDirectory: the application root directory
VarDirectory: The directory where various writable files reside
TmpStorage: where to put job related temporary files (this might get rather disk space consuming - /tmp is the default but not the right place for it
Workaround.exit: Set this to yes if you want the sfidirector command to use a workaround for the System.exit() bug. Please only use this if your sfidirector shell commands hang sporadically without any apparent reason.
MasterHost: The name of our admin server
TmpHost: The name of the server where shared temp files are stored Defaults to the same as MasterHost
Syslog.facility: Syslog facility the Director logs its messages as
LocalLocks: Where locks that are only valid for the local host will be stored.
Locks: The locks database
FlakyLDAPServer: Set this to 'yes' for OpenLDAP < 2.0
TimeZone: set the time zone ... should your installation suffer from strange times e.g. in system log, then please set the time zone, here. Sorry, this is a problem of Java/GCJ ...
EmulateRoot: If set to yes, the web frontend will allow root logins with the system root user. Note that this feature was crafted vor simplifying initial setup and should be disabled after a Director admin user has been created.
SetPWLastChanged: If set to yes (default), the "password last changed" attribute is set on every password change. If set to no, the attribute is only updated if it is already set.

Config Files and Locations

ObjectEvents: The event configuration file/database.
ObjectRegistry: The configuration that tells the Director what LDAP object types it can handle.
ConfigFiles: The configuration file of the configuration file management
KnownServices: The configuration file of the service discovery autodoc feature
DocMediaDir: The directory where documentation media files are stored
PasswordPublicKeyFile: The optional file containing an RSA public key for storing plaintext password equivalents
PasswordPrivateKeyFile: The optional file containing an (passphrase encrypted) RSA private key for retrieving plaintext password equivalents
SSLStore: certificate keystore containing certificates of agents the server is connecting to
SSLStorePassword: server certificate keystore password
SSLKeyStore: server key store containing keys the server is using for authenticating itself to its agents
SSLKeyStorePassword: server key keystore password
SSLAgentStore: agent certificate keystore containing certificates of servers the agent will accept
SSLAgentKeyStore: agent key store containing keys the agent is using for authenticating itself to its server

Database Options

JobQueue: The job queue database
CmdQueue: The command queue database
Archive: The job archive database
Top: The root node of the management database
Top
Hosts: The subnode of the management database where hosts entries will reside in.
Classes: The subnode of the management database where host and person classes entries will reside in.
People: The subnode of the management database where people and people related entries will reside in.
Auth: This database is used for authentication. The Director expects to find user objects therein. Usually, this is the same tree as People. Note that even if Auth is a sub-database of Top one should never use the "directory:Top:ou=..." syntax. When used with LDAP or other databases Auth will be an anonymous connection while Top will be an authenticated one!
Applications: The subnode of the management database where entries for the software distribution will reside in
DSRules: The subnode of the management database where domain service rules are stored.
Services: The subnode of the management database where various configuration data is stored.
Schema: The subnode of the management database where schema information is stored.
Documentation: The subnode of the management database where documentation information is stored

Queueworker Options

AgentCommand: The command used on remote machines for starting an agent - if the sfidirector command is not in the PATH on the remote machine this option might be useful
RunServer: If set to "no", the init script will not start a queueworker for this config file.
AdminServerPort: The port on which the queueworker will listen for HTTP client requests (e.g. job monitor, password change)
Scheduler: Which scheduler should be used
Scheduler.MaxParallel: An integer number that tells the scheduler how many jobs are allowed to run in parallel.
Scheduler.MaxPerHost: An integer number telling the scheduler how many jobs per target host are allowed to run in parallel.
QueueCycle: Time (in seconds) between scanning the job queue for newly appeared jobs
ArchiveCycle: Time (in seconds) between dumping out old jobs from the active job queue into the "past jobs archive"
ArchiveMoveTime: Time (in seconds) a job stays in the active job queue after termination before it is moved into the "past jobs archive" Note that jobs are directly deleted if "Archive:" is unset
ArchivePurgeCycle: Time (in seconds) between searching the archive for jobs to be removed
ArchivePurgeTime: Time (in seconds) an archived job stays in the archive

Frontend Interface

frinterface.BindAddress: frontend interfaces should limit themselves to listen to the localhost address. Replace "127.0.0.1" by "all" if you want frontend interface to listen to all network interfaces or a list of IP addresses it should listen to.
frinterface.Port: Port to listen to. Note that depending on the Director version this is not evaluated by the frinterface itself but rather by the start script.
frinterface.HTTPPort: The port the HTTP server listens to. Note that depending on the Director version this is not evaluated by the frinterface itself but rather by the start script.

Agent Options

TrustfulAgent: If set on a target machine, TrustfulAgent makes the agent believe it is running on the correct target machine without comparing job target machine names with the local host name(s). If name resolution mismatches between the server and agent arise, with TrustfulAgent off this will probably result in a target machine becoming unmanageable, with TrustfulAgent on the server's world view will win
NIS.Push: Set this to yes if you want the nistable: db driver to distribute updated tables via yppush
NIS.PushOpts: By default yppush is called as "yppush -d domain table". Set NIS.PushOpts if yppush should be called with additional arguments.
ConfigBackup.Dir: If set, the config file distribution and a few other functions like the 'backupfile' file retriever will backup files that get overwritten into this directory
ConfigBackup.Keep: Denotates the number of file versions that should be kept when backing up config files. Only effective if ConfigBackup.Dir is set. Defaults to 4.
SSLAgentPort: The port an agent is listening for incoming SSL connections

FILES

CONFDIR/sfidirector.conf