Quickstart Guide

This document walks through the installation and setup of a Clockwork Configuration Management Environment quickly. It is not intended to provide a comprehensive overview of how Clockwork functions, nor is it a guide to best practices.


Before you can start using Clockwork, you need to install it on at least one machine. This can be done through packages (although packaged versions of Clockwork are currently somewhat rare), or through a source installation.

System Requirements

Clockwork requires the following:

The OpenSSL Toolkit provides channel security via TLS and client / server identity verification via X.509 certificates and RSA private keys. You will need a fairly recent version of OpenSSL (i.e. 0.9.8 or later).
This excellent configuration file editing library underpins several of Clockwork's core resource types. Most Linux distributions provide a pre-compiled Augeas packages; you can also download Augeas and build it yourself.
Clockwork uses file-backed SQLite3 databases for storing information on host compliance, job runs, and other metadata. Versions of SQLite prior to the 3.x series are unsupported (and discouraged by the maintainers).
The Policy Master, policyd(3), relies on the threading model specified in POSIX1.c, Threads Extensions (IEEE Std 1003.1c-1995). On Linux, this model is implemented through the libpthreads library.

Note: If you're installing Clockwork through your distribution's package manager (like yum or apt-get), you probably don't need to worry about dependencies; the package should know what it needs.

Building from Source

To build from source, download Clockwork. Source code for Clockwork is made available as a compressed (either gzip or bzip2) tar file, which you will have to uncompress and extract:

For the gzip variety:

$ tar -xzvf clockwork-x.y.z.tar.gz

Or, if you prefer bzip2:

$ tar -xjvf clockwork-x.y.z.tar.bz2

The tarball will be uncompressed and extracted into a directory called clockwork-x.y.z (where x.y.z is the version of Clockwork you downloaded). To start the build, cd into this directory.

$ cd clockwork-x.y.z

The ./configure script will set up your build environment. From there, run make to build the components of Clockwork, and make install to install the documentation, binaries and default configuration files in /usr/local:

$ ./configure
  ... output clipped for brevity ...
$ make
  ... output clipped for brevity ...
$ sudo make install
  ... output clipped for brevity ...

Using Packages

Unfortunately, Clockwork is still a pretty new project, and we haven't made it into the main package repositories for the heavy-hitters like Debian, Ubuntu or CentOS. We will, however begin hosting our own APT and YUM repos soon. Stay tuned!


Picking a Policy Master

Writing A Policy

Setting up a Client Machine


Seeing What's Been Done

Compliance Reporting

The Clockwork website is licensed under the Creative Commons Attribution-NoDerivs 3.0 United States License