.\" $HeadURL$ $LastChangedRevision$ .\" vim: filetype=nroff .\" .TH ROCON\-CHECK 1 "ADE_APP_TOKEN_RELEASE_DATE_MAN" .SH NAME rocon\-check \- cross-check hosts in rocon database with hosts in domain of responsibility .br .ne 5 .SH SYNOPSIS .B rocon\-check \*[ade_standard_synopsis_component] [ .B \-f .I file | .B \-\-config\-file=\fIfile ] [ .B \-\-mailto=\fIaddress ] [ .B \-\-report\-mode=\fIreport\-mode\fR ] .br .ne 5 .SH DESCRIPTION .B Rocon\-check is intended to answer two questions for a system administrator: .TP \(bu do I have root access to all systems within the domain of my responsibility? .TP \(bu are there any systems which are within the domain of my responsibility but which I am unaware of? .PP These questions are answered by running .B rocon\-check in server mode and client mode, respectively. .PP In server mode, .B rocon\-check tries to .B ssh\fR(1) to all hosts in a configurable list and reports access problems; if it gains access then the file .B /tmp/rocon-check.touch has its timestamp updated. .B Rocon\-check is expected to be called in server mode once daily by .B cron\fR(8) on one system only. .PP In client mode, .B rocon\-check checks the timestamp of .B /tmp/rocon-check.touch and reports if it is too old. .B Rocon\-check is expected to be called in client mode once daily by .B cron\fR(8) on all systems. .br .ne 5 .SH CONFIGURATION .B Rocon\-check\fR's configuration file specifies whether the program is to operate in server mode, client mode or both. The host running .B rocon\-check in server mode is referred to as the server. A host running .B rocon\-check in client mode is referred to as a client. .TP .B ROCON_CHECK_SERVER=\fR{\fBtrue\fR|\fBfalse\fR} This determines if .B rocon\-check will operation in server mode. The default is .B false\fR. .TP .B ROCON_CHECK_SERVER_CLIENT_SELECTOR_EXPRESSION=\fIhost\-selector\-expression\fR This specifies the host selector expression (see .B rocon\fR(1)) that will be used to tell the server the names of all the clients. There is no default and it is an error for .B ROCON_CHECK_SERVER to be set to .B true and for .B ROCON_CHECK_SERVER_CLIENT_SELECTOR_EXPRESSION not to be specified. .TP .B ROCON_CHECK_CLIENT=\fR{\fBtrue\fR|\fBfalse\fR} This determines if .B rocon\-check will operation in client mode. The default is .B true\fR. .br .ne 5 .SH OPTIONS \*[ade_standard_options_component] .TP .B \-f \fIfile\fR,\fB \-\-config\-file=\fIfile Specify an alternate configuration file; the default is .B \*[rocon_etc_prefix]/rocon\-check.conf\fR. .TP .B \-\-mailto=\fIaddress Specify the addresses to which access issues are reported via email when the report mode is set to .B mail\fR. .TP .B \-\-report\-mode=\fR{\fBmail\fR|\fBstdout\fR} Specify whether to report access issues via mail or to standard output. .br .ne 5 .SH EXIT STATUS On success .B rocon\-check returns zero. On failure it returns non-zero and displays a diagnostic message. .br .ne 5 .SH FILES .TP .B \*[rocon_etc_prefix]/rocon\-check.conf Default configuration file; see also .B OPTIONS above. .br .ne 5 .SH ENVIRONMENT VARIABLES None. .br .ne 5 .SH EXAMPLES Example configuration files should have been included with the distribution of this software. .br .ne 5 .SH CAVEATS .B Rocon\-check relies on a working email configuration. .br .ne 5 .SH STANDARDS This manual page documents version ADE_APP_TOKEN_RELEASE_ID of .B rocon\-check\fR. .br .ne 5 .SH SEE ALSO rocon(1), rocon-config(1), ssh(1) .br .ne 5 .SH AUTHOR ADE_APP_TOKEN_AUTHOR_NAME .br .ne 5 .SH COPYRIGHT & DISTRIBUTION POLICY Copyright (C) 2010-ADE_APP_TOKEN_RELEASE_YEAR ADE_APP_TOKEN_AUTHOR_NAME \*[ade_standard_copyright_component]