Slaughter Examples

This page contains some simple examples that show you how to get started writing your own policies, and demonstates how files are laid out.

There are further examples listed in the The Definitive Slaughter Guide.

Simple Example

The most basic policy would involve no dynamic fetches, and no file-serving.

Assuming you have central server running a webserver, with a DocumentRoot set to /var/www/ then create the following directory tree:


Save the default.policy file as:


Now, on a system with client installed execute:

slaughter --prefix=http://your.server/ --transport=http

You should see output like this:

I am running via Slaughter.

As the examples are hosted on this server you can test by running:

root@precious:~# slaughter  --transport=http \
I am running via Slaughter.

Here you see that "/policies/default.policy" has been automatically appended to the value you specified in the --prefix argument - which in the second example has lead to the fetching of the file

File Expansion

The next most interesting example follows a similar pattern:

  • The value /policies/default.policy is appended to the initial prefix for finding the policy to execute.
  • Similarly the value /files/ is appended for any file fetches.

The next example will have a DocumentRoot looking like this:


As with the last example this one is also hosted here, so you may browse the tree and look at the policy file which will be retrieved and executed.

If you wish to run this code against your own system please note it will replace your /etc/motd file - as it uses the FetchFile primitive.

Running code code hosted here would be achieved via this command line:

root@precious:~# slaughter  --transport=http \
The local file /etc/motd was updated

(Running it a second time will result in no output - as the file won't have changed.)

If this code were hosted upon your server you'd instead use your own server-name and prefix location, as per the previous example.

Different Transports

Both the previous examples have used --transport=http, this is because this server happens to run a webserver, and people are familiar with them.

Slaughter is supplied with the facility to fetch policies via several different mechanisms, including remote GIT repositories, remote HTTP servers, and using the rsync protocol.

In each case the standard prefixes of /policies/ and /files must be present at the top-level of the prefix specified - this is documented in the TRANSPORTS file included within the distribution.

One of the simplest ways to test an alternative transport is to run slaughter using the examples supplied in the downloadable distribution.

Assuming you've fetched the latest archive, and unpackaged it, you should find the two examples we've previously referenced available:


These could be directly executed using the "local" transport:

skx@precious:~$ sudo rm /etc/motd
skx@precious:~$ sudo slaughter --transport=local \
  The local file /etc/motd was updated