Operations | Monitoring | ITSM | DevOps | Cloud

Drive failures are a matter of when, not if. The good news is that most modern drives warn you before they fail, using S.M.A.R.T. (Self-Monitoring, Analysis and Reporting Technology). The challenge is collecting that data across a fleet and making it actionable. The new inventory-smartctl module makes this straightforward with a single cfbs add. Once installed, the module auto-detects all storage devices, caches their SMART data, and exposes it as inventory attributes in Mission Portal.

Three notable dnf related improvements making it easier to manage packages on modern Enterprise Linux based systems (Red Hat, Rocky Linux, Alama Linux, etc …) have been merged recently.

CFEngine 3.24.4+, 3.27.1+, and 3.28.0+ include a change to how findfiles() handles trailing slashes on directory paths. This change restores trailing slashes to directory results, but with improved consistency compared to earlier versions. The new behavior ensures that directory paths always include a trailing slash, making them reliably distinguishable from file paths regardless of the glob pattern used.

Today, we are pleased to announce the release of CFEngine 3.27.0! The code word for this release is exploration. This release also marks an important event, the beginning of the 3.27 LTS series, which will be supported for 3 years. Several new features have been added since the release of CFEngine 3.24 LTS, in the form of non-LTS releases.

Here comes a profoundly belated blog post on a behavior change. Better late than never. Due to various bugs with the glob engine on Windows, we decided to rewrite it in CFEngine 3.24.0. Not only does the new glob engine resolve these bugs on Windows, but it also adds support for brace expansion on all platforms. E.g. findfiles.cf command output.

Today, we are pleased to announce the release of CFEngine 3.26.0! Being a non-LTS (not supported) release, this release allows users to test the new functionality we’ve been working on before it arrives in an LTS release later this year. The codename for this release is a bit different, as it is named after a new feature introduced, and what it eliminates - the admin user.

Disclaimer: This post focuses on Debian-based and Fedora\/RHEL-based distributions and packaging. Everybody using a GNU/Linux distribution most likely knows that packages used by the given distribution are somehow signed and such signatures are somehow verified. Usually, this knowledge comes with the first requirement to import some key when an extra package repository is being added to the system (the standard repositories of a distribution use keys that are present and trusted by default).

The latest release of cfbs (4.4.0 released April 4th, 2025) introduces the analyze command. Last time I used this (Show notes: The agent is in - Episode 47 - Preview of cfbs analyze) I had installed it from a git clone, now I want to go back to regular install command output Now, cfbs help should have our new cfbs analyze option: command output Let’s grab oldest version of the Masterfiles Policy Framework that cf-remote knows about and test it out.

The MPF or Masterfiles Policy Framework is intended to provide a stable base policy for installations and upgrades, and is used by both CFEngine Enterprise and CFEngine community. When you create a new cfbs project with cfbs init one of the questions is related to the MPF: Of particular interest to policy writers is the lib sub-directory: Let’s look through some of the helpful bits you can re-use in your policy!

When writing CFEngine policy we create files ending in the.cf extension but this alone won’t cause the policy to be parsed and evaluated. By default cf-agent runs ${sys.inputdir}/promises.cf. For a non-privileged user running cf-agent this will be in their $HOME directory.