CFEngine can apply system-wide shell configuration changes to the global /etc/profile and similar shell configuration files. Additional shell tips are available.
Marking Production Systems
Production systems should use visually different shell prompts than non-production systems. This will reduce accidents such as “well, I thought I was on the development system”. In addition to modifying /etc/motd to denote production systems, also update the shell prompt variables somehow, for example by prepending a (P) to the prompt.
- Shell Configuration
- Update /etc/profile.d Directory
Update the global /etc/profile with a custom prompt, such as:
# change CLI display on production systems as visual warning
if [ "$PS1" ]; then
PS1="(P) [\u@\h \W]\\$ "
fi
With CFEngine, use a editfiles block to modify /etc/profile, or ideally include from a /etc/profile.d directory. Only do the customization on production systems, so otherwise identical shell prompts on a development system look different:
(P) [user@server user]$ cd /etc
(P) [user@server etc]$ hostname
server.example.org
[user@server user]$ cd /etc
[user@server etc]$ hostname
server.dev.example.org
Some systems include additional shell statements from the /etc/profile.d directory. On these systems, simply copy the additional shell configuration for production systems into this directory. Denote production systems with realm_prod, development with realm_dev, and so on for other environments.
copy:
realm_prod::
${masterfiles}/etc/profile.d/realm_prod.sh
/etc/profile.d/realm_prod.sh
server=${policyhost}
type=checksum
backup=false
mode=0444
If users frequently customize their shell environments, include documentation on modifying the prompt for the users, and make note of this in the baseline shell configuration files under the /etc/skel directory.
