landscape client #0

Supports: trusty xenial bionic

Add to new model


Landscape is a web-based tool for managing Ubuntu systems. This package
is necessary if you want your machine to be managed in a Landscape
account. This package provides the Landscape client and requires a
Landscape account.


Landscape client is the agent for the Landscape administration system.


This subordinate charm is intended to be used to register a machine against a
running Landscape server. Configuration needs to be supplied or it won't do
anything. Here is a simple config.yaml to register against the hosted version of

    account-name: <account_name_here>
    registration-key: <registration_key_here>
    tags: <csv_tag_list>

The following is a version if you need to customize the communication URL in
case you are running against a dedicated version of Landscape (LDS). This
version also sets Script exection, and allows landscape to become any user
(even root), to execute scripts:

    account-name: standalone
    registration-key: 128-qosk-7382
    tags: laptop,xenial,developer
    script-users: ALL
    include-manager-plugins: ScriptExecution


Landscape client has a number of configuration options available allowing
customizability into a variety of environments where resources may be scarce
or security may be a concern. The most useful and common options are documented

To get more detail on options, these correlate directly to configuration
settings on landscape-client itself. (landscape-client(1),
landscape-client --help)

account-name: Name of the account to register against in the hosted version of Landscape. In the dedicated version of Landscape (LDS), this will always be

registration-key: The account registration key, found in the Landscape account GUI.

tags:Comma separated list of tags to apply to the computer once it is registered.

url: The server url to connect to, will usually be https and end with /message-system

ping-url: If the server url is specified, ping-url should also be specified. Will usually be http and end with /ping

include-manager-plugins: This option is primarily used to enable the ScriptExecution plugin, which allows arbitrary scripts to be executed on the
registered computer.

script-users: Comma-separated list of users that the landscape client can become to execute scripts. Keyword "ALL" can be used to include all users on the

ssl-public-key: If needed, use this to give the client the CA certificate it should use to verify the server certificate it is connecting to.

When registering the client against a server with a custom or not well known
CA, you will need to use the ssl-public-key option. To insert the certificate
contents into the charm config directly, just encode it in base64.

For example, let's assume ca.pem is a file with the CA certificate the client
needs to use to verify the server:

cat ca.pem | openssl base64 -e > ca.encoded

Now insert the ca.encoded contents into the charm config, like this:

    url: ....
    ping-url: ....
    ssl-public-key: |

Contact Information

Author: Landscape Team
Report bugs at:


(string) The account this computer belongs to.
(string) The directory to store data files in (default: '/var/lib/landscape/client/').
(boolean) If true, an override will be set in apt to disable unattended-upgrades regardless of the setting created by the unattended-upgrades package.
(int) The number of seconds between server exchanges.
(string) The URL of the HTTP proxy, if one is needed.
(string) The URL of the HTTPS proxy, if one is needed.
(string) A comma-separated list of manager plugins to load, in addition to the default ones.
(string) List of signing keys for install_sources package sources, per charmhelpers standard format (a yaml list of strings encoded as a string). The keys should be the full ASCII armoured GPG public keys. While GPG key ids are also supported and looked up on a keyserver, operators should be aware that this mechanism is insecure. null can be used if a standard package signing key is used that will already be installed on the machine, and for PPA sources where the package signing key is securely retrieved from Launchpad.
(string) List of extra apt sources, per charm-helpers standard format (a yaml list of strings encoded as a string). Each source may be either a line that can be added directly to sources.list(5), or in the form ppa:<user>/<ppa-name> for adding Personal Package Archives, or a distribution component to enable.
(string) The directory to write log files to (default: '/var/log/landscape').
(string) One of debug, info, warning, error or critical.
(string) A comma-separated list of monitor plugins to use. ALL means use all plugins.
(string) *DEPRECATED*. See install_sources and install_keys Origin of ppa or private deb repository from which to install landscape-client. May be one of the following: distro (default), ppa:somecustom/ppa or a full APT url source entry with optional key. For example: "deb xenial main|YOURAPTKEY" Also supported is a public branch like lp:~landscape/landscape-client/trunk
(int) The number of seconds between pings.
(string) The ping server URL to perform lightweight exchange initiation with. Normally http://fqdn/ping.
(string) The account-wide key used for registering clients.
(string) A comma-separated list of users to allow scripts to run. To allow scripts to be run by any user, enter: ALL
(string) The CA certificate to verify the server certificate with. This can be a path to a file, or a base64 encoded entry of the certificate itself, prefixed with "base64:". This config is only used if the message server URL given above starts with https.
(string) Comma separated list of tag names to be sent to the server.
(int) The number of seconds between urgent server exchanges.
(string) The message server URL to connect to. Normally https://fqdn/message-system.