Cfengine keeps two kinds of log-file privately and it allows you to log
its activity to syslog. Syslog logging may be switched on with the
Syslog
variable, See section Syslog.
The first log cfengine keeps is for every user
(every subdirectory of a home directory filesystem). A file
~/.cfengine.rm
keeps a list of all the files which were deleted
during the last pass of the tidy
function. This is useful for
users who want to know files have been removed without their blessing.
This helps to identify what is happening on the system in case of
accidents.
Another file is built when cfengine searches through file trees in the
files
action. This is a list of all programs which are setuid
root, or setgid root. Since such files are a potential security risk,
cfengine always prints a warning when it encounters a new one (one which
is not already in its list). This allows the system administrator to
keep a watchful eye over new programs which appear and give users root
access. The cfengine log is called /etc/cfengine/cfengine.log
. The file
is not readable for general users.
Go to the first, previous, next, last section, table of contents.